From 0736901a32390f0f53777ca5ff3616dea9529b08 Mon Sep 17 00:00:00 2001
From: "Ivan.Makeev" <ivan.makeev@flant.com>
Date: Thu, 25 Sep 2025 10:04:32 +0400
Subject: [PATCH] [CVE_Scan] generate docker config.json without `docker login`
 command

Signed-off-by: Ivan.Makeev <ivan.makeev@flant.com>
---
 templates/CVE_Scan.gitlab-ci.yml | 18 ++++++++++++++++--
 1 file changed, 16 insertions(+), 2 deletions(-)

diff --git a/templates/CVE_Scan.gitlab-ci.yml b/templates/CVE_Scan.gitlab-ci.yml
index 1d89231..e3bded3 100644
--- a/templates/CVE_Scan.gitlab-ci.yml
+++ b/templates/CVE_Scan.gitlab-ci.yml
@@ -40,8 +40,22 @@
       echo "Preparing DOCKER_CONFIG and login to registries"
       mkdir -p "${workdir}/docker"
       export DOCKER_CONFIG="${workdir}/docker"
-      echo ${PROD_REGISTRY_PASSWORD} | docker login --username="${PROD_REGISTRY_USER}" --password-stdin ${PROD_REGISTRY}
-      echo ${DEV_REGISTRY_PASSWORD} | docker login --username="${DEV_REGISTRY_USER}" --password-stdin ${DEV_REGISTRY}
+      PROD_AUTH_STRING=$(echo -n "$PROD_REGISTRY_USER:$PROD_REGISTRY_PASSWORD" | base64 -w 0)
+      DEV_AUTH_STRING=$(echo -n "$DEV_REGISTRY_USER:$DEV_REGISTRY_PASSWORD" | base64 -w 0)
+
+      # Create config.json file
+      cat > ${DOCKER_CONFIG}/config.json << EOF
+      {
+        "auths": {
+          "$PROD_REGISTRY": {
+            "auth": "$PROD_AUTH_STRING"
+          },
+          "${DEV_REGISTRY}": {
+            "auth": "$DEV_AUTH_STRING"
+          }
+        }
+      }
+      EOF
       echo
       echo "======================================================="
       echo