From 0c23a0e87390b132576c16b1e766e94d525baae2 Mon Sep 17 00:00:00 2001 From: David Scott Date: Fri, 1 Jul 2022 14:14:07 +0100 Subject: [PATCH] Improve error message if the user is not logged in Previously the error message prompted the user to `docker login`, but this will not work if - 2FA is required - SSO is enabled with enfocement on Docker Hub, see https://docs.docker.com/single-sign-on/#enforce-sso-in-docker-hub The most reliable way to login is through the Docker Desktop UI, since the SSO/2FA flows are all handled automatically (via the web browser) Try to improve the error message by explaining the options. Signed-off-by: David Scott --- internal/provider/provider.go | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 1dc8448e..f0520289 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -186,8 +186,15 @@ func WithExperimental() Ops { func getToken(opts Options) (string, error) { if opts.auth.Username == "" { - return "", fmt.Errorf(`You need to be logged in to Docker Hub to use scan feature. -please login to Docker Hub using the Docker Login command`) + return "", fmt.Errorf(`You need to be logged in to Docker Hub to use the scan feature. + +If you are not using Docker Desktop, either +- use the "docker login" CLI command with a username and password. Note this will not work if + 2FA is required or if SSO enforcement is enabled on Docker Hub; or +- use the "docker login" CLI command with a username and Personal Access Token. This requires + a token to be generated in advance. + +If you are using Docker Desktop: login via the UI or whale menu`) } h := hub.GetInstance() jwks, err := h.FetchJwks()