зеркало из https://github.com/microsoft/docker.git
Allow private V2 registry endpoints
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
This commit is contained in:
Родитель
0336b0cdaa
Коммит
7d61255f57
|
@ -127,7 +127,7 @@ func (s *TagStore) CmdPull(job *engine.Job) engine.Status {
|
||||||
logName += ":" + tag
|
logName += ":" + tag
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(repoInfo.Index.Mirrors) == 0 && (repoInfo.Official || endpoint.Version == registry.APIVersion2) {
|
if len(repoInfo.Index.Mirrors) == 0 && (repoInfo.Index.Official || endpoint.Version == registry.APIVersion2) {
|
||||||
j := job.Eng.Job("trust_update_base")
|
j := job.Eng.Job("trust_update_base")
|
||||||
if err = j.Run(); err != nil {
|
if err = j.Run(); err != nil {
|
||||||
return job.Errorf("error updating trust base graph: %s", err)
|
return job.Errorf("error updating trust base graph: %s", err)
|
||||||
|
|
|
@ -294,13 +294,14 @@ func (s *TagStore) CmdPush(job *engine.Job) engine.Status {
|
||||||
tag = DEFAULTTAG
|
tag = DEFAULTTAG
|
||||||
}
|
}
|
||||||
|
|
||||||
if repoInfo.Official || endpoint.Version == registry.APIVersion2 {
|
if repoInfo.Index.Official || endpoint.Version == registry.APIVersion2 {
|
||||||
|
if repoInfo.Official {
|
||||||
j := job.Eng.Job("trust_update_base")
|
j := job.Eng.Job("trust_update_base")
|
||||||
if err = j.Run(); err != nil {
|
if err = j.Run(); err != nil {
|
||||||
return job.Errorf("error updating trust base graph: %s", err)
|
return job.Errorf("error updating trust base graph: %s", err)
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// Get authentication type
|
|
||||||
auth, err := r.GetV2Authorization(repoInfo.RemoteName, false)
|
auth, err := r.GetV2Authorization(repoInfo.RemoteName, false)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return job.Errorf("error getting authorization: %s", err)
|
return job.Errorf("error getting authorization: %s", err)
|
||||||
|
@ -383,7 +384,6 @@ func (s *TagStore) CmdPush(job *engine.Job) engine.Status {
|
||||||
// done, no fallback to V1
|
// done, no fallback to V1
|
||||||
return engine.StatusOK
|
return engine.StatusOK
|
||||||
} else {
|
} else {
|
||||||
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
reposLen := 1
|
reposLen := 1
|
||||||
if tag == "" {
|
if tag == "" {
|
||||||
|
|
|
@ -23,7 +23,7 @@ type Options struct {
|
||||||
const (
|
const (
|
||||||
// Only used for user auth + account creation
|
// Only used for user auth + account creation
|
||||||
INDEXSERVER = "https://index.docker.io/v1/"
|
INDEXSERVER = "https://index.docker.io/v1/"
|
||||||
REGISTRYSERVER = "https://registry-1.docker.io/v1/"
|
REGISTRYSERVER = "https://registry-1.docker.io/v2/"
|
||||||
INDEXNAME = "docker.io"
|
INDEXNAME = "docker.io"
|
||||||
|
|
||||||
// INDEXSERVER = "https://registry-stage.hub.docker.com/v1/"
|
// INDEXSERVER = "https://registry-stage.hub.docker.com/v1/"
|
||||||
|
|
|
@ -10,6 +10,7 @@ import (
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
log "github.com/Sirupsen/logrus"
|
log "github.com/Sirupsen/logrus"
|
||||||
|
"github.com/docker/docker/registry/v2"
|
||||||
)
|
)
|
||||||
|
|
||||||
// for mocking in unit tests
|
// for mocking in unit tests
|
||||||
|
@ -103,6 +104,7 @@ type Endpoint struct {
|
||||||
Version APIVersion
|
Version APIVersion
|
||||||
IsSecure bool
|
IsSecure bool
|
||||||
AuthChallenges []*AuthorizationChallenge
|
AuthChallenges []*AuthorizationChallenge
|
||||||
|
URLBuilder *v2.URLBuilder
|
||||||
}
|
}
|
||||||
|
|
||||||
// Get the formated URL for the root of this registry Endpoint
|
// Get the formated URL for the root of this registry Endpoint
|
||||||
|
|
|
@ -13,30 +13,36 @@ import (
|
||||||
"github.com/docker/docker/utils"
|
"github.com/docker/docker/utils"
|
||||||
)
|
)
|
||||||
|
|
||||||
var registryURLBuilder *v2.URLBuilder
|
|
||||||
|
|
||||||
func init() {
|
|
||||||
u, err := url.Parse(REGISTRYSERVER)
|
|
||||||
if err != nil {
|
|
||||||
panic(fmt.Errorf("invalid registry url: %s", err))
|
|
||||||
}
|
|
||||||
registryURLBuilder = v2.NewURLBuilder(u)
|
|
||||||
}
|
|
||||||
|
|
||||||
func getV2Builder(e *Endpoint) *v2.URLBuilder {
|
func getV2Builder(e *Endpoint) *v2.URLBuilder {
|
||||||
return registryURLBuilder
|
if e.URLBuilder == nil {
|
||||||
|
e.URLBuilder = v2.NewURLBuilder(e.URL)
|
||||||
|
}
|
||||||
|
return e.URLBuilder
|
||||||
}
|
}
|
||||||
|
|
||||||
// GetV2Authorization gets the authorization needed to the given image
|
// GetV2Authorization gets the authorization needed to the given image
|
||||||
// If readonly access is requested, then only the authorization may
|
// If readonly access is requested, then only the authorization may
|
||||||
// only be used for Get operations.
|
// only be used for Get operations.
|
||||||
func (r *Session) GetV2Authorization(imageName string, readOnly bool) (*RequestAuthorization, error) {
|
func (r *Session) GetV2Authorization(imageName string, readOnly bool) (auth *RequestAuthorization, err error) {
|
||||||
scopes := []string{"pull"}
|
scopes := []string{"pull"}
|
||||||
if !readOnly {
|
if !readOnly {
|
||||||
scopes = append(scopes, "push")
|
scopes = append(scopes, "push")
|
||||||
}
|
}
|
||||||
|
|
||||||
return NewRequestAuthorization(r.GetAuthConfig(true), r.indexEndpoint, "repository", imageName, scopes)
|
var registry *Endpoint
|
||||||
|
if r.indexEndpoint.URL.Host == IndexServerURL.Host {
|
||||||
|
registry, err = NewEndpoint(REGISTRYSERVER, nil)
|
||||||
|
if err != nil {
|
||||||
|
return
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
registry = r.indexEndpoint
|
||||||
|
}
|
||||||
|
registry.URLBuilder = v2.NewURLBuilder(registry.URL)
|
||||||
|
r.indexEndpoint = registry
|
||||||
|
|
||||||
|
log.Debugf("Getting authorization for %s %s", imageName, scopes)
|
||||||
|
return NewRequestAuthorization(r.GetAuthConfig(true), registry, "repository", imageName, scopes)
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
//
|
||||||
|
|
Загрузка…
Ссылка в новой задаче