Follow

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Follow
Facebook Twitter Instagram Youtube
Contact

Running a docker login with python subprocess securely

byMR
September 15, 2023

I want to run a docker login from python3 without asking for user input.
I have three global variables REGISTRY_URL, USERNAME, PASSWORD.

I want to run:

os.system(f"echo '{PASSWORD}' | docker login {REGISTRY_URL} -u {USERNAME} --password-stdin")

The problem is that my three global variables are user controllable which can lead to Remote Code Execution.

MEDevel.com: Open-source for Healthcare and Education

Collecting and validating open-source software for healthcare, education, enterprise, development, medical imaging, medical records, and digital pathology.

Visit Medevel

How can I run this command securely with subprocess.run ?

(NB: I do not want to use -p option of docker because it is not secure as per docker recommandation)

>Solution :

You can supply the password using the input argument to subprocess.run:

import subprocess

def docker_login(registry_url, username, password):
    command = ["docker", "login", registry_url, "-u", username, "--password-stdin"]
    completed_process = subprocess.run(command, input=password.encode() + b'\n', capture_output=True)
    
    if completed_process.returncode == 0:
        print("Docker login successful!")
    else:
        print("Docker login failed. Error message:")
        print(completed_process.stderr.decode())

docker_login(REGISTRY_URL, USERNAME, PASSWORD)
byMR
Published
Add a comment

Leave a Reply

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use

Read more

Discover more from Dev solutions

Subscribe now to keep reading and get access to the full archive.

Continue reading