Commit Graph

21 Commits

Author SHA1 Message Date
Josh Hawn f38ca916fb Split API Version header when checking for v2
Since the Docker-Distribution-API-Version header value may contain multiple
space delimited versions as well as many instances of the header key, the
header value is now split on whitespace characters to iterate over all versions
that may be listed in one instance of the header.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 58c142bcfa2b9edce7efe72d393e9f90b9df9927
Component: engine
2015-01-21 15:08:32 -08:00
Josh Hawn a90195f1c8 Resolve ambiguity on registry v2 ping
v2 ping now checks for a Docker-Distribution-API-Version
header that identifies the endpoint as "registry/2.0"

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: f46923be8eba81dd9e261554128b26a1c83ce398
Component: engine
2015-01-20 19:52:08 -08:00
Josh Hawn c13d2851b8 Add Tarsum Calculation during v2 Pull operation
While the v2 pull operation is writing the body of the layer blob to disk
it now computes the tarsum checksum of the archive before extracting it to
the backend storage driver. If the checksum does not match that from the
image manifest an error is raised.

Also adds more debug logging to the pull operation and fixes existing test
cases which were failing. Adds a reverse lookup constructor to the tarsum
package so that you can get a tarsum object using a checksum label.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 213e3d116642431adbe634d39740eddc5a81e063
Component: engine
2015-01-15 14:05:05 -08:00
Derek McGowan 21c36fbac8 Allow private V2 registry endpoints
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Upstream-commit: 7d61255f578bae7dc5c2a5d44c50bf32bbc9f568
Component: engine
2015-01-15 14:05:05 -08:00
Josh Hawn e89bb2e57b Adds support for v2 registry login
summary of changes:

registry/auth.go
  - More logging around the login functions
  - split Login() out to handle different code paths for v1 (unchanged logic)
    and v2 (does not currently do account creation)
  - handling for either basic or token based login attempts
registry/authchallenge.go
  - New File
  - credit to Brian Bland <brian.bland@docker.com> (github: BrianBland)
  - handles parsing of WWW-Authenticate response headers
registry/endpoint.go
  - EVEN MOAR LOGGING
  - Many edits throught to make the coad less dense. Sparse code is more
    readable code.
  - slit Ping() out to handle different code paths for v1 (unchanged logic)
    and v2.
  - Updated Endpoint struct type to include an entry for authorization
    challenges discovered during ping of a v2 registry.
  - If registry endpoint version is unknown, v2 code path is first attempted,
    then fallback to v1 upon failure.
registry/service.go
  - STILL MOAR LOGGING
  - simplified the logic around starting the 'auth' job.
registry/session.go
  - updated use of a registry.Endpoint struct field.
registry/token.go
  - New File
  - Handles getting token from the parameters of a token auth challenge.
  - Modified from function written by Brian Bland (see above credit).
registry/types.go
  - Removed 'DefaultAPIVersion' in lieu of 'APIVersionUnknown = 0'`

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 41e20cecb9944137de82ff5fa0898f953aa2bf87
Component: engine
2015-01-15 14:04:14 -08:00
Don Kjer 196597b4ad Moving NewIndexInfo, NewRepositoryInfo and associated helpers into config.go
Signed-off-by: Don Kjer <don.kjer@gmail.com>
Upstream-commit: 6f0068f2733232b8357c2308517f6ddddb63aace
Component: engine
2015-01-08 20:15:00 +00:00
Don Kjer 5aa04a56fb Deprecating ResolveRepositoryName
Passing RepositoryInfo to ResolveAuthConfig, pullRepository, and pushRepository

Moving --registry-mirror configuration to registry config

Created resolve_repository job

Repo names with 'index.docker.io' or 'docker.io' are now synonymous with omitting an index name.

Adding test for RepositoryInfo

Adding tests for opts.StringSetOpts and registry.ValidateMirror

Fixing search term use of repoInfo

Adding integration tests for registry mirror configuration

Normalizing LookupImage image name to match LocalName parsing rules

Normalizing repository LocalName to avoid multiple references to an official image

Removing errorOut use in tests

Removing TODO comment

gofmt changes

golint comments cleanup.  renaming RegistryOptions => registry.Options, and RegistryServiceConfig => registry.ServiceConfig

Splitting out builtins.Registry and registry.NewService calls

Stray whitespace cleanup

Moving integration tests for Mirrors and InsecureRegistries into TestNewIndexInfo unit test

Factoring out ValidateRepositoryName from NewRepositoryInfo

Removing unused IndexServerURL

Allowing json marshaling of ServiceConfig.  Exposing ServiceConfig in /info

Switching to CamelCase for json marshaling

PR cleanup; removing 'Is' prefix from boolean members.  Removing unneeded json tags.

Removing non-cleanup related fix for 'localhost:[port]' in splitReposName

Merge fixes for gh9735

Fixing integration test

Reapplying #9754

Adding comment on config.IndexConfigs use from isSecureIndex

Remove unused error return value from isSecureIndex

Signed-off-by: Don Kjer <don.kjer@gmail.com>

Adding back comment in isSecureIndex

Signed-off-by: Don Kjer <don.kjer@gmail.com>
Upstream-commit: 568f86eb186731b907b659e4ec64bda21c2fe31d
Component: engine
2015-01-08 20:14:58 +00:00
Tibor Vass 3ee3e640f2 registry: remove accidentally added --insecure-registry feature
If `--insecure-registry mydomain.com` was specified, it would match a registry at mydomain.com on any port.
This was accidentally added in #9735 and is now being reverted.

Signed-off-by: Tibor Vass <teabee89@gmail.com>
Upstream-commit: 9a50dd5f37d001d7c453ea8749454b4c8bf728f1
Component: engine
2014-12-19 16:46:29 -05:00
Tibor Vass 11159bae89 registry: handle unresolvable domain names in isSecure
to allow HTTP proxies to work as expected.

Fixes #9708

Signed-off-by: Tibor Vass <teabee89@gmail.com>
Upstream-commit: ff4bfcc0e9f171a95dac5cc2650faacf73943057
Component: engine
2014-12-18 19:16:55 -05:00
Tibor Vass ea3d6b1b0d Add the possibility of specifying a subnet for --insecure-registry
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Upstream-commit: 6aba75db4e7b0151aeb48f450bb43e659ce0ec82
Component: engine
2014-11-14 12:31:11 -08:00
Tibor Vass 2e493e1f52 registry: parse INDEXSERVERADDRESS into a URL for easier check in isSecure
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Upstream-commit: fbe10c83d81843412fd3485a8d6bb75849de97d4
Component: engine
2014-11-13 07:02:24 -08:00
Tibor Vass 166cb2e350 registry: refactor registry.IsSecure calls into registry.NewEndpoint
Signed-off-by: Tibor Vass <teabee89@gmail.com>
Upstream-commit: 4455f517605f1fd7279bbe9547915f15c037997d
Component: engine
2014-11-12 20:34:03 -06:00
Erik Hollensbe f8e94225af registry: always treat 127.0.0.1 as insecure for all cases anytime anywhere
Docker-DCO-1.1-Signed-off-by: Erik Hollensbe <github@hollensbe.org> (github: erikh)
Upstream-commit: 11380a109e53bc5f388b6212c12794609c0241eb
Component: engine
2014-11-12 12:14:43 -08:00
Johan Euphrosine dc8c6e365a registry: default --insecure-registry to localhost and 127.0.0.1
Signed-off-by: Johan Euphrosine <proppy@google.com>
Upstream-commit: 28ee373e19bbfdf47c747f6fd9385a8a75f0a483
Component: engine
2014-11-12 09:12:42 -08:00
Tibor Vass 6d16ddef35 Do not verify certificate when using --insecure-registry on an HTTPS registry
Signed-off-by: Tibor Vass <teabee89@gmail.com>

Conflicts:
	registry/registry.go
	registry/registry_test.go
	registry/service.go
	registry/session.go

Conflicts:
	registry/endpoint.go
	registry/registry.go
Upstream-commit: 6a1ff022b0744213ed588d9c16dbb13ce055eda6
Component: engine
2014-10-30 19:44:09 -04:00
Victor Vieux 6c8d4b4efb Merge pull request #8387 from vbatts/vbatts-registry_test_enpoint
registry/endpoint: make it testable
Upstream-commit: 265a89a605ad6cdbd6abb85804644f4fd3f30050
Component: engine
2014-10-29 13:36:17 -07:00
Alexandr Morozov 2d56e3cbc6 Use logrus everywhere for logging
Fixed #8761

Signed-off-by: Alexandr Morozov <lk4d4@docker.com>
Upstream-commit: 7c62cee51edc91634046b4faa6c6f1841cd53ec1
Component: engine
2014-10-24 15:03:06 -07:00
Vincent Batts 5224a151c8 registry/endpoint: make it testable
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: 3eba719400d5016aa0cbecbed1e222f810237b5b
Component: engine
2014-10-24 16:27:17 -04:00
unclejack 3baf5d2249 registry: lint
Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)
Upstream-commit: ae3b59c1715840ba322fbe19002994e717b10b48
Component: engine
2014-10-06 22:34:39 +03:00
Derek McGowan 1510f709b8 Add comment for permission and fix wrong format variable
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 22e59009e491dc8b32b512e0d2297662d278af45
Component: engine
2014-10-02 17:41:57 -07:00
Vincent Batts 082c35423e registry: getting Endpoint ironned out
Signed-off-by: Vincent Batts <vbatts@redhat.com>
Upstream-commit: 61c6f206b073159c5463a083e0d04e5934351dfe
Component: engine
2014-10-01 13:19:40 -07:00