From 3c0cf29b815537df15a94b5eaf08ecf7a5b5f0fe Mon Sep 17 00:00:00 2001 From: David Scott Date: Fri, 1 Jul 2022 14:14:07 +0100 Subject: [PATCH] Improve error message if the user is not logged in Previously the error message prompted the user to `docker login`, but this will not work if - 2FA is required - SSO is enabled with enfocement on Docker Hub, see https://docs.docker.com/single-sign-on/#enforce-sso-in-docker-hub The most reliable way to login is through the Docker Desktop UI, since the SSO/2FA flows are all handled automatically (via the web browser) Try to improve the error message by explaining the options. Signed-off-by: David Scott --- internal/provider/provider.go | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/internal/provider/provider.go b/internal/provider/provider.go index 193f3f0..f052028 100644 --- a/internal/provider/provider.go +++ b/internal/provider/provider.go @@ -187,7 +187,14 @@ func WithExperimental() Ops { func getToken(opts Options) (string, error) { if opts.auth.Username == "" { return "", fmt.Errorf(`You need to be logged in to Docker Hub to use the scan feature. -please login to Docker Hub using the Docker Login command`) + +If you are not using Docker Desktop, either +- use the "docker login" CLI command with a username and password. Note this will not work if + 2FA is required or if SSO enforcement is enabled on Docker Hub; or +- use the "docker login" CLI command with a username and Personal Access Token. This requires + a token to be generated in advance. + +If you are using Docker Desktop: login via the UI or whale menu`) } h := hub.GetInstance() jwks, err := h.FetchJwks()