Load Auth info from environment variables (#54)

Split from #52 

- This PR introduces three environment variables
`OMMX_BASIC_AUTH_DOMAIN`, `OMMX_BASIC_AUTH_USERNAME`, and
`OMMX_BASIC_AUTH_PASSWORD`. These are used for Basic authorization to
container registry. To push ghcr.io, you can use following instead of
`ommx login`:

```yaml
        env:
          OMMX_BASIC_AUTH_DOMAIN: ghcr.io
          OMMX_BASIC_AUTH_USERNAME: ${{ github.actor }}
          OMMX_BASIC_AUTH_PASSWORD: ${{ github.token }}
```

.github/workflows/cli.yml

@@ -92,11 +92,13 @@ jobs:
       - name: Build image
         run: cargo run --release --example create_artifact
 
-      # Login to GitHub Container Registry and push the image
-      - name: Login to GitHub Container Registry
-        run: ./ommx login -u ${{ github.repository_owner }} -p ${{ github.token }} https://ghcr.io
+      # Push image to GitHub Container Registry
       - name: Push image to ghcr.io
         run: ./ommx push ./data/random_lp_instance.ommx
+        env:
+          OMMX_BASIC_AUTH_DOMAIN: ghcr.io
+          OMMX_BASIC_AUTH_USERNAME: ${{ github.actor }}
+          OMMX_BASIC_AUTH_PASSWORD: ${{ github.token }}
 
   pull:
     runs-on: ubuntu-22.04

Cargo.toml

@@ -25,7 +25,7 @@ glob = "0.3.1"
 itertools = "0.13.0"
 log = "0.4.21"
 maplit = "1.0.2"
-ocipkg = "0.3.5"
+ocipkg = "0.3.8"
 proptest = "1.4.0"
 prost = "0.12.6"
 prost-build = "0.12.6"

rust/ommx/src/artifact.rs

@@ -21,7 +21,7 @@ use ocipkg::{
     Digest, ImageName,
 };
 use prost::Message;
-use std::path::PathBuf;
+use std::{env, path::PathBuf};
 use std::{
     ops::{Deref, DerefMut},
     path::Path,
@@ -56,6 +56,20 @@ fn gather_oci_dirs(dir: &Path) -> Result<Vec<PathBuf>> {
     Ok(images)
 }
 
+fn auth_from_env() -> Result<(String, String, String)> {
+    if let (Ok(domain), Ok(username), Ok(password)) = (
+        env::var("OMMX_BASIC_AUTH_DOMAIN"),
+        env::var("OMMX_BASIC_AUTH_USERNAME"),
+        env::var("OMMX_BASIC_AUTH_PASSWORD"),
+    ) {
+        log::info!(
+            "Detect OMMX_BASIC_AUTH_DOMAIN, OMMX_BASIC_AUTH_USERNAME, OMMX_BASIC_AUTH_PASSWORD for authentication."
+        );
+        return Ok((domain, username, password));
+    }
+    bail!("No authentication information found in environment variables");
+}
+
 pub fn get_images() -> Result<Vec<ImageName>> {
     let root = data_dir()?;
     let dirs = gather_oci_dirs(&root)?;
@@ -94,7 +108,11 @@ impl Artifact<OciArchive> {
     pub fn push(&mut self) -> Result<Artifact<Remote>> {
         let name = self.get_name()?;
         log::info!("Pushing: {}", name);
-        let out = ocipkg::image::copy(self.0.deref_mut(), RemoteBuilder::new(name)?)?;
+        let mut remote = RemoteBuilder::new(name)?;
+        if let Ok((domain, username, password)) = auth_from_env() {
+            remote.add_basic_auth(&domain, &username, &password);
+        }
+        let out = ocipkg::image::copy(self.0.deref_mut(), remote)?;
         Ok(Artifact(OciArtifact::new(out)))
     }
 
@@ -120,7 +138,11 @@ impl Artifact<OciDir> {
     pub fn push(&mut self) -> Result<Artifact<Remote>> {
         let name = self.get_name()?;
         log::info!("Pushing: {}", name);
-        let out = ocipkg::image::copy(self.0.deref_mut(), RemoteBuilder::new(name)?)?;
+        let mut remote = RemoteBuilder::new(name)?;
+        if let Ok((domain, username, password)) = auth_from_env() {
+            remote.add_basic_auth(&domain, &username, &password);
+        }
+        let out = ocipkg::image::copy(self.0.deref_mut(), remote)?;
         Ok(Artifact(OciArtifact::new(out)))
     }
 
@@ -152,6 +174,9 @@ impl Artifact<Remote> {
             return Ok(Artifact(OciArtifact::from_oci_dir(&path)?));
         }
         log::info!("Pulling: {}", image_name);
+        if let Ok((domain, username, password)) = auth_from_env() {
+            self.0.add_basic_auth(&domain, &username, &password);
+        }
         let out = ocipkg::image::copy(self.0.deref_mut(), OciDirBuilder::new(path, image_name)?)?;
         Ok(Artifact(OciArtifact::new(out)))
     }