Commit Graph

273 Commits

Author SHA1 Message Date
Michael Crosby 6df3fa6b80 Merge pull request #11528 from jlhawn/separate_init_blob_upload
Separate init blob upload
Upstream-commit: ca3a912287b6befb5016d358a6b763b0aa72b701
Component: engine
2015-03-20 16:39:31 -07:00
Josh Hawn e131073558 Separate init blob upload
Pushing a v2 image layer has two steps:

- POST to get a new upload URL
- PUT to that upload URL

We were previously not checking the response code of
the POST request and the PUT would fail in weird ways.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 73b33db04b29a516bf8c50fbe646f563298fcfd9
Component: engine
2015-03-20 13:11:05 -07:00
Josh Hawn 54c09d3930 Add verification of image manifest digests
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 9ececa14ba860c9934d3cd8d3e704e53e828e22b
Component: engine
2015-03-20 09:34:39 -07:00
Arnaud Porterie 022bfbf5f3 Merge pull request #11477 from dmcgowan/fix-auth-http-client
Update auth client configuration to use proper tls config
Upstream-commit: 661c31737dde7770d6f9bd5125ce85751887c3b7
Component: engine
2015-03-19 14:17:47 -07:00
Derek McGowan 5c07713134 Update auth client configuration to use proper tls config
Currently the http clients used by auth use the default tls config.  The config needs to be updated to only support TLS1.0 and newer as well as respect registry insecure configuration.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 959b35d9741e0478209445fa5960d50346cd4ca6
Component: engine
2015-03-18 14:52:49 -07:00
Zhang Wei 9817390387 print detailed error info for docker pull
When docker push get response with unknown HTTP status, docker daemon
print:
"Error: Status XXX trying to push repository XXX: XXX"
But when docker pull meets response with unknown status code, it gives:
"HTTP code: XXX"

This commit helps docker pull print more detailed error info like push
does, so push and pull can behave consistently when error happens.

Signed-off-by: Zhang Wei <zhangwei555@huawei.com>
Upstream-commit: efa65d16b6e0b835c1786a47140c974e5c0f71cb
Component: engine
2015-03-18 11:35:44 +08:00
Arnaud Porterie 79bbb9fdbf Merge pull request #11118 from shishir-a412ed/restriction_username_length
Docker Tag command: Relax the restriction on namespace (username) length from 30 to 255 characters.
Upstream-commit: a751cc53a751435df516d07a5e85e5f591e63345
Component: engine
2015-03-17 09:41:12 -07:00
Andy Goldstein d6d379e87a Add ability to refer to image by name + digest
Add ability to refer to an image by repository name and digest using the
format repository@digest. Works for pull, push, run, build, and rmi.

Signed-off-by: Andy Goldstein <agoldste@redhat.com>
Upstream-commit: a2b0c9778feac970524b98ef7a91b5528fdeb9d5
Component: engine
2015-03-17 10:10:42 +00:00
Derek McGowan 272713f665 Quote registry error strings
Currently when registry error strings contain new line characters only the last line is displayed to the client. Quote the string to ensure the client can see the entire body value.

fixes #11346

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 33c94eb23857f23fb91899b77ba8615c4e6bdadf
Component: engine
2015-03-16 15:32:47 -07:00
Derek McGowan 1fae595274 Use request factory for registry ping
Currently when the registry ping is sent, it creates the request directly from http.NewRequest instead of from the http request factory. The request factory adds useful header information such as user agent which is needed by the registry.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 55f0ca94e57fc8ec26a79061d04ddd3aeaecb94b
Component: engine
2015-03-16 14:21:00 -07:00
Shishir Mahajan 4ea089a09a Docker Tag command: Relax the restriction on namespace (username) length from 30 to 255 characters.
Signed-off-by: Shishir Mahajan <shishir.mahajan@redhat.com>
Upstream-commit: 9839e9784d12a00666ceddbc4f2b1b730da420bc
Component: engine
2015-03-14 16:45:44 -04:00
Tibor Vass 7a9b88348f Merge pull request #10423 from dmcgowan/v2-registry-fix-single-names
Allow single name component repository names
Upstream-commit: 02e0a23d80a4c19c2d475c3f205eba79a45f8a59
Component: engine
2015-03-09 15:40:22 -04:00
Arnaud Porterie 5506a9a27c Remove subdirectories MAINTAINERS files
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
Upstream-commit: 89bdaa35e04b74b7c6528783e0f7b8154b2a3d31
Component: engine
2015-03-06 18:21:51 -08:00
Derek McGowan 89701d66ba Allow single name component repository names
Private registries should support having images pushed with only a single name component (e.g. localhost:5000/myapp).
The public registry currently requires two name components, but this is already enforced in the registry code.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: a0ca9190cc29215ce9ae69a6187d85bf689c8aa7
Component: engine
2015-03-06 18:18:53 -08:00
Arnaud Porterie 968e4c89bb Merge pull request #10425 from dmcgowan/registry-maintainers
Add distribution maintainers to maintainers files
Upstream-commit: a59b6f4ce616aeae7d711461a58566f3d4919480
Component: engine
2015-03-06 17:37:12 -08:00
Rik Nijessen 967da32c28 Rename package timeout to timeoutconn.
Signed-off-by: Rik Nijessen <riknijessen@gmail.com>
Upstream-commit: 7e7646c28a599731e62afec4c0c4dc0942309b7f
Component: engine
2015-02-25 20:52:37 +01:00
Rik Nijessen 88b1d37e3b Move TimeoutConn to seperate pkg dir.
Fixes #10965
Signed-off-by: Rik Nijessen <riknijessen@gmail.com>
Upstream-commit: 690a85797e70c3816a1dec768bff0c454e1e23a9
Component: engine
2015-02-25 17:09:47 +01:00
Srini Brahmaroutu f634216d52 Removing -X flag option and autogenerated code to create Dockerversion.go functionality
Addresses #9207

Signed-off-by: Srini Brahmaroutu <srbrahma@us.ibm.com>
Upstream-commit: 6871b9b16afe46e7566ac2937246b4a64be97269
Component: engine
2015-02-20 05:40:12 +00:00
Doug Davis 013dbb146f Pretty the help text
This modifies the "docker help" text so that it is no wider than 80 chars
and each description fits on one line. This will also try to use ~ when
possible

Added a test to make sure we don't go over 80 chars again.
Added a test to make sure we use ~

Applied rules/tests to all docker commands - not just main help text

Closes #10214

Signed-off-by: Doug Davis <dug@us.ibm.com>
Upstream-commit: 2203b37733e76d653cfe3b0ec5870786076adce7
Component: engine
2015-02-04 07:59:16 -08:00
Arnaud Porterie 167e1b82bf Merge pull request #10477 from liusdu/liusdu_typo
delete duplicated word in registry/session.go
Upstream-commit: c98007f9d2292b4075e23ceea056209705596ab6
Component: engine
2015-02-03 14:38:47 -08:00
Alexander Morozov 3ae87a3a28 Fix some go vet errors
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: 4ee05a4d3e6f9ad955d96075a1e63d59ed73ac78
Component: engine
2015-02-02 14:53:20 -08:00
Arnaud Porterie 997f07bcec Merge pull request #10472 from jlhawn/handle_mux_route_url_bug
Handle gorilla/mux route url bug
Upstream-commit: f8331f700babd58d9759f9d0d7d1cb2de0d14346
Component: engine
2015-01-31 19:52:51 -08:00
Josh Hawn 458fcd5a6c Fix token basic auth header issue
When requesting a token, the basic auth header is always being set even
if there is no username value. This patch corrects this and does not set
the basic auth header if the username is empty.

Also fixes an issue where pulling all tags from a v2 registry succeeds
when the image does not actually exist on the registry.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 8bfdad9a0dee26b45b15f985977769ef37888f8a
Component: engine
2015-01-31 15:12:34 -08:00
Josh Hawn 1885f8c5c0 Handle gorilla/mux route url bug
When getting the URL from a v2 registry url builder, it does not
honor the scheme from the endpoint object and will cause an https
endpoint to return urls starting with http.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 843f3045bd84987dc9410425b1c116dd957b38c5
Component: engine
2015-01-31 12:54:57 -08:00
Liu Hua a0cace4bff delete duplicated word in registry/session.go
Signed-off-by: Liu Hua <sdu.liu@huawei.com>
Upstream-commit: a131eb55d4f42f3f1e21ac3293f52d3989849568
Component: engine
2015-01-31 20:15:59 +08:00
Derek McGowan 1c517ad367 Add distribution maintainers to maintainers files
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: c1e3f6196124f8c757a7017ae2bba7f8c05fde20
Component: engine
2015-01-28 16:30:00 -08:00
Stephen J Day 22f9d9e216 Open up v2 http status code checks for put and head checks
Under certain cases, such as when putting a manifest or check for the existence
of a layer, the status code checks in session_v2.go were too narrow for their
purpose. In the case of putting a manifest, the handler only cares that an
error is not returned. Whether it is a 304 or 202 does not matter, as long as
the server reports success. Having the client only accept specific http codes
inhibits future protocol evolution.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: 86aea582b66929c68de3346a26a26633b62a5784
Component: engine
2015-01-27 18:09:53 -08:00
Jessie Frazelle 29be632832 Merge pull request #10249 from jlhawn/distribution_version_header_10247
Split API Version header when checking for v2
Upstream-commit: b9650ad40bd4db3b570f30b158eb9494bb06da8c
Component: engine
2015-01-27 11:48:42 -08:00
Derek McGowan e63f5dfefb Better error messaging and logging for v2 registry requests
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: d277714614f62dba276227f70cc2a47eac6e02e7
Component: engine
2015-01-26 14:00:51 -08:00
Derek McGowan c43f530252 Fix write after close on http response
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 12d83e727dd3522006b53afbcfac3cdce178117a
Component: engine
2015-01-21 15:14:01 -08:00
Josh Hawn f38ca916fb Split API Version header when checking for v2
Since the Docker-Distribution-API-Version header value may contain multiple
space delimited versions as well as many instances of the header key, the
header value is now split on whitespace characters to iterate over all versions
that may be listed in one instance of the header.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 58c142bcfa2b9edce7efe72d393e9f90b9df9927
Component: engine
2015-01-21 15:08:32 -08:00
Josh Hawn a90195f1c8 Resolve ambiguity on registry v2 ping
v2 ping now checks for a Docker-Distribution-API-Version
header that identifies the endpoint as "registry/2.0"

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: f46923be8eba81dd9e261554128b26a1c83ce398
Component: engine
2015-01-20 19:52:08 -08:00
Jessie Frazelle b098aaedce Merge pull request #9784 from dmcgowan/v2-registry
Client Support for Docker Registry HTTP API V2
Upstream-commit: 8b95ad230e2ee76450ceb9a80aa8e942a56bb397
Component: engine
2015-01-19 10:46:38 -08:00
Brian Goff 40a61d0eec Make .dockercfg with json.MarshallIndent
Fixes #10129
Makes the .dockercfg more human parsable.

Also cleaned up the (technically) racey login test.

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Upstream-commit: b8f7526fc6333e5b67282e5b73eee497dd13ec34
Component: engine
2015-01-17 07:05:56 -05:00
Derek McGowan fb2575c794 Add token cache
Token cache prevents the need to get a new token for every registry interaction.
Since the tokens are short lived, the cache expires after only a minute.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: dd914f91d779f64e20ce86767ab4f84f40b9ef6a
Component: engine
2015-01-15 14:05:06 -08:00
Derek McGowan 5598d30646 Cleanup v2 session to require endpoint
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 9c6f8e14398e794cbe20504556c22a1c83260bd8
Component: engine
2015-01-15 14:05:06 -08:00
Derek McGowan e05bd85386 Fix list tags
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 1a9cdb13943c6af397472e235708cb10824681cd
Component: engine
2015-01-15 14:05:06 -08:00
Derek McGowan 07ca876ccc Refactor from feedback
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 25945a40c4f352a754cbd8dba9c846c7539fe463
Component: engine
2015-01-15 14:05:06 -08:00
Josh Hawn c13d2851b8 Add Tarsum Calculation during v2 Pull operation
While the v2 pull operation is writing the body of the layer blob to disk
it now computes the tarsum checksum of the archive before extracting it to
the backend storage driver. If the checksum does not match that from the
image manifest an error is raised.

Also adds more debug logging to the pull operation and fixes existing test
cases which were failing. Adds a reverse lookup constructor to the tarsum
package so that you can get a tarsum object using a checksum label.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 213e3d116642431adbe634d39740eddc5a81e063
Component: engine
2015-01-15 14:05:05 -08:00
Stephen J Day 56c1f6c9e6 Correctly check and propagate errors in v2 session
Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: 1b43144ad8597d0d0ca089042c1162ba668259ab
Component: engine
2015-01-15 14:05:05 -08:00
Derek McGowan 445a293eb7 Get token on each request
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Upstream-commit: d094eb6f7ffe6b608ecde54297e107e5caa0954d
Component: engine
2015-01-15 14:05:05 -08:00
Derek McGowan 21c36fbac8 Allow private V2 registry endpoints
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Upstream-commit: 7d61255f578bae7dc5c2a5d44c50bf32bbc9f568
Component: engine
2015-01-15 14:05:05 -08:00
Derek McGowan bd2dadaee1 Update push and pull to registry 2.1 specification
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Upstream-commit: 0336b0cdaa74ac03003c4a933eb866fb0cec8125
Component: engine
2015-01-15 14:05:05 -08:00
Stephen J Day 93ab6ab93d Remove dependencies on registry packages
Because docker core cannot vendor non-master Go dependencies, we need to remove
dependencies on registry package. The definition of digest.Digest has been
changed to a string and the regular expressions have been ported from
docker-registry/common library.

We'll likely change this be dependent on the registry in the future when the
API stabilizies and use of the master branch becomes the norm.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: dbb4b03bfc82eadefaf68c1a81d215949980550e
Component: engine
2015-01-15 14:05:05 -08:00
Stephen J Day d8303cd325 Registry V2 HTTP route and error code definitions
This package, ported from next-generation docker regsitry, includes route and
error definitions. These facilitate compliant V2 client implementation. The
portions of the HTTP API that are included in this package are considered to be
locked down and should only be changed through a careful change proposal.
Descriptor definitions package layout may change without affecting API behavior
until the exported Go API is ready to be locked down.

When the new registry stabilizes and becomes the master branch, this package
can be vendored from the registry.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
Upstream-commit: a0f92a26d90e870dfddae9694a5de97e36d3f586
Component: engine
2015-01-15 14:05:05 -08:00
Josh Hawn 0d8e8d5acb Update token response handling
Registry authorization token is now taken from the response body rather than
the repsonse header.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: e23362597dcaa8839271210d24bda2ba55f1e12f
Component: engine
2015-01-15 14:05:05 -08:00
Derek McGowan 6614616033 Update push to use mount blob endpoint
Using mount blob prevents repushing images which have already been uploaded

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: e9b590d85e9c622316b8be71004737f63e6b9503
Component: engine
2015-01-15 14:05:05 -08:00
Derek McGowan 6a46693a7d Push flow
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Upstream-commit: 188b56c836e49e3c888e1e27e4e26b5cc0f1caaa
Component: engine
2015-01-15 14:05:05 -08:00
Josh Hawn e89bb2e57b Adds support for v2 registry login
summary of changes:

registry/auth.go
  - More logging around the login functions
  - split Login() out to handle different code paths for v1 (unchanged logic)
    and v2 (does not currently do account creation)
  - handling for either basic or token based login attempts
registry/authchallenge.go
  - New File
  - credit to Brian Bland <brian.bland@docker.com> (github: BrianBland)
  - handles parsing of WWW-Authenticate response headers
registry/endpoint.go
  - EVEN MOAR LOGGING
  - Many edits throught to make the coad less dense. Sparse code is more
    readable code.
  - slit Ping() out to handle different code paths for v1 (unchanged logic)
    and v2.
  - Updated Endpoint struct type to include an entry for authorization
    challenges discovered during ping of a v2 registry.
  - If registry endpoint version is unknown, v2 code path is first attempted,
    then fallback to v1 upon failure.
registry/service.go
  - STILL MOAR LOGGING
  - simplified the logic around starting the 'auth' job.
registry/session.go
  - updated use of a registry.Endpoint struct field.
registry/token.go
  - New File
  - Handles getting token from the parameters of a token auth challenge.
  - Modified from function written by Brian Bland (see above credit).
registry/types.go
  - Removed 'DefaultAPIVersion' in lieu of 'APIVersionUnknown = 0'`

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
Upstream-commit: 41e20cecb9944137de82ff5fa0898f953aa2bf87
Component: engine
2015-01-15 14:04:14 -08:00
Alexander Morozov 8b29f19b21 Fix format calls as suggested by vet
Signed-off-by: Alexander Morozov <lk4d4@docker.com>
Upstream-commit: a75b02fe72f3da73f9788919ff2c22f183978db7
Component: engine
2015-01-14 14:12:03 -08:00