Allow private V2 registry endpoints

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
This commit is contained in:
Derek McGowan 2014-12-19 14:44:18 -08:00
Родитель 0336b0cdaa
Коммит 7d61255f57
5 изменённых файлов: 29 добавлений и 21 удалений

Просмотреть файл

@ -127,7 +127,7 @@ func (s *TagStore) CmdPull(job *engine.Job) engine.Status {
logName += ":" + tag logName += ":" + tag
} }
if len(repoInfo.Index.Mirrors) == 0 && (repoInfo.Official || endpoint.Version == registry.APIVersion2) { if len(repoInfo.Index.Mirrors) == 0 && (repoInfo.Index.Official || endpoint.Version == registry.APIVersion2) {
j := job.Eng.Job("trust_update_base") j := job.Eng.Job("trust_update_base")
if err = j.Run(); err != nil { if err = j.Run(); err != nil {
return job.Errorf("error updating trust base graph: %s", err) return job.Errorf("error updating trust base graph: %s", err)

Просмотреть файл

@ -294,13 +294,14 @@ func (s *TagStore) CmdPush(job *engine.Job) engine.Status {
tag = DEFAULTTAG tag = DEFAULTTAG
} }
if repoInfo.Official || endpoint.Version == registry.APIVersion2 { if repoInfo.Index.Official || endpoint.Version == registry.APIVersion2 {
if repoInfo.Official {
j := job.Eng.Job("trust_update_base") j := job.Eng.Job("trust_update_base")
if err = j.Run(); err != nil { if err = j.Run(); err != nil {
return job.Errorf("error updating trust base graph: %s", err) return job.Errorf("error updating trust base graph: %s", err)
} }
}
// Get authentication type
auth, err := r.GetV2Authorization(repoInfo.RemoteName, false) auth, err := r.GetV2Authorization(repoInfo.RemoteName, false)
if err != nil { if err != nil {
return job.Errorf("error getting authorization: %s", err) return job.Errorf("error getting authorization: %s", err)
@ -383,7 +384,6 @@ func (s *TagStore) CmdPush(job *engine.Job) engine.Status {
// done, no fallback to V1 // done, no fallback to V1
return engine.StatusOK return engine.StatusOK
} else { } else {
if err != nil { if err != nil {
reposLen := 1 reposLen := 1
if tag == "" { if tag == "" {

Просмотреть файл

@ -23,7 +23,7 @@ type Options struct {
const ( const (
// Only used for user auth + account creation // Only used for user auth + account creation
INDEXSERVER = "https://index.docker.io/v1/" INDEXSERVER = "https://index.docker.io/v1/"
REGISTRYSERVER = "https://registry-1.docker.io/v1/" REGISTRYSERVER = "https://registry-1.docker.io/v2/"
INDEXNAME = "docker.io" INDEXNAME = "docker.io"
// INDEXSERVER = "https://registry-stage.hub.docker.com/v1/" // INDEXSERVER = "https://registry-stage.hub.docker.com/v1/"

Просмотреть файл

@ -10,6 +10,7 @@ import (
"strings" "strings"
log "github.com/Sirupsen/logrus" log "github.com/Sirupsen/logrus"
"github.com/docker/docker/registry/v2"
) )
// for mocking in unit tests // for mocking in unit tests
@ -103,6 +104,7 @@ type Endpoint struct {
Version APIVersion Version APIVersion
IsSecure bool IsSecure bool
AuthChallenges []*AuthorizationChallenge AuthChallenges []*AuthorizationChallenge
URLBuilder *v2.URLBuilder
} }
// Get the formated URL for the root of this registry Endpoint // Get the formated URL for the root of this registry Endpoint

Просмотреть файл

@ -13,30 +13,36 @@ import (
"github.com/docker/docker/utils" "github.com/docker/docker/utils"
) )
var registryURLBuilder *v2.URLBuilder
func init() {
u, err := url.Parse(REGISTRYSERVER)
if err != nil {
panic(fmt.Errorf("invalid registry url: %s", err))
}
registryURLBuilder = v2.NewURLBuilder(u)
}
func getV2Builder(e *Endpoint) *v2.URLBuilder { func getV2Builder(e *Endpoint) *v2.URLBuilder {
return registryURLBuilder if e.URLBuilder == nil {
e.URLBuilder = v2.NewURLBuilder(e.URL)
}
return e.URLBuilder
} }
// GetV2Authorization gets the authorization needed to the given image // GetV2Authorization gets the authorization needed to the given image
// If readonly access is requested, then only the authorization may // If readonly access is requested, then only the authorization may
// only be used for Get operations. // only be used for Get operations.
func (r *Session) GetV2Authorization(imageName string, readOnly bool) (*RequestAuthorization, error) { func (r *Session) GetV2Authorization(imageName string, readOnly bool) (auth *RequestAuthorization, err error) {
scopes := []string{"pull"} scopes := []string{"pull"}
if !readOnly { if !readOnly {
scopes = append(scopes, "push") scopes = append(scopes, "push")
} }
return NewRequestAuthorization(r.GetAuthConfig(true), r.indexEndpoint, "repository", imageName, scopes) var registry *Endpoint
if r.indexEndpoint.URL.Host == IndexServerURL.Host {
registry, err = NewEndpoint(REGISTRYSERVER, nil)
if err != nil {
return
}
} else {
registry = r.indexEndpoint
}
registry.URLBuilder = v2.NewURLBuilder(registry.URL)
r.indexEndpoint = registry
log.Debugf("Getting authorization for %s %s", imageName, scopes)
return NewRequestAuthorization(r.GetAuthConfig(true), registry, "repository", imageName, scopes)
} }
// //