fix logging issue for registries that require a authentication even f…

…or public images

also passed down the logging level to the containerd lib so that debugging is easier

ociclient/client.go

@@ -16,10 +16,12 @@ import (
 
 	"github.com/containerd/containerd/content"
 	"github.com/containerd/containerd/errdefs"
+	containerdlog "github.com/containerd/containerd/log"
 	"github.com/containerd/containerd/remotes"
 	"github.com/go-logr/logr"
 	"github.com/opencontainers/go-digest"
 	ocispecv1 "github.com/opencontainers/image-spec/specs-go/v1"
+	"github.com/sirupsen/logrus"
 	"k8s.io/apimachinery/pkg/util/sets"
 
 	"github.com/gardener/component-cli/ociclient/cache"
@@ -77,6 +79,15 @@ func NewClient(log logr.Logger, opts ...Option) (Client, error) {
 		options.HTTPClient = http.DefaultClient
 	}
 
+	cLogger := logrus.New()
+	if log.V(5).Enabled() {
+		cLogger.SetLevel(logrus.DebugLevel)
+	}
+	if log.V(7).Enabled() {
+		cLogger.SetLevel(logrus.TraceLevel)
+	}
+	containerdlog.L = logrus.NewEntry(cLogger)
+
 	return &client{
 		log:             log,
 		allowPlainHttp:  options.AllowPlainHttp,

ociclient/credentials/keyring.go

@@ -6,7 +6,6 @@ package credentials
 
 import (
 	"context"
-	"fmt"
 	"net/http"
 	"net/url"
 	"path"
@@ -166,7 +165,12 @@ func (o *GeneralOciKeyring) GetCredentials(hostname string) (username, password
 		if hostname == dockerHubDomain {
 			return o.GetCredentials(dockerHubLegacyDomain)
 		}
-		return "", "", fmt.Errorf("authentication for %s cannot be found", hostname)
+		// try authentication with no username and password.
+		// this is needed by some registries like ghcr that require a auth token flow even for public images.
+		return "", "", nil
+
+		// todo: add log for the error if now authentication can be found
+		//return "", "", fmt.Errorf("authentication for %s cannot be found", hostname)
 	}
 
 	return auth.Username, auth.Password, nil