Граф коммитов

75 Коммитов

Автор SHA1 Сообщение Дата
Derek McGowan 3f5392fdda
Update token server error test to not fail on retries
Instead of having the misconfigured token server test
fail after maxing out retries, only retry a few times
then return an error which will not retry.

Referenced by #19425

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-09-01 15:18:15 -07:00
allencloud 0ead624473 add defer file.Close to avoid potential fd leak
Signed-off-by: allencloud <allen.sun@daocloud.io>
2016-08-10 08:36:09 +08:00
Antonio Murdaca a0c8970df1 integration-cli: ensure digest is the same after cross-repo push
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-07-06 13:12:42 +02:00
Derek McGowan 33984f256b Always store the image digest when pulling and pushing an image.
Always attempt to add digest even when tag already exists.
Ensure digest does not currently exist.
When image id is mismatched, output an error log.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-06-27 10:09:57 -07:00
Antonio Murdaca 0bc88d5b0a integration-cli: use distribution/reference.DigestRegexp
from a docker push output digest.DigestRegexp.FindString(output) does
not retrive the sha256: prefixed digest but just a string - in many
cases it's the registry host. The checks in the code are completely
wrong then. Fix this by using the DigestRegexp from the
distribution/reference package which correctly retrieves the digest
from the output.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-06-09 11:11:08 +02:00
Christy Perez 431e7b6573 trusted push test: Use a nonexistant hostname
Before, the TCP handshake had to time out (approx 30s) before
this test completed. If you use a hostname that doesn't resolve,
then it fails faster.

Signed-off-by: Christy Perez <christy@linux.vnet.ibm.com>
2016-06-03 08:41:58 -05:00
Yong Tang 1f0d5aba50 Remove deprecated Docker Content Trust ENV passphrase variables
Since 1.9, Docker Content Trust Offline key has been renamed to
Root key and the Tagging key has been renamed to Repository key.
The corresponding environment variables
`DOCKER_CONTENT_TRUST_OFFLINE_PASSPHRASE`
`DOCKER_CONTENT_TRUST_TAGGING_PASSPHRASE`
have also been deprecated and renamed to
`DOCKER_CONTENT_TRUST_ROOT_PASSPHRASE`
`DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE`

This fix removed the deprecated ENV passphrase variables for
1.12 and updated the docs.

Signed-off-by: Yong Tang <yong.tang.github@outlook.com>
2016-05-07 14:25:28 -07:00
Dave MacDonald e57900a269
Improved message when pushing a non-existant image
The prior error message caused confusion.  If a user attempts to push an
image up to a registry, but they misspelled (or forgot to properly tag
their image) they would see the message 'Repository does not exist', which
is not very clear and causes some to think that there might be a problem
with the registry or connectivity to it, when the problem was simply just
that an image with that tag specified does not exist locally.

Signed-off-by: Dave MacDonald <mindlapse@gmail.com>
2016-04-03 16:25:07 -04:00
Tibor Vass bbdd34c370 test: Do not check error message from hub, it is not needed
Signed-off-by: Tibor Vass <tibor@docker.com>
2016-03-23 14:11:44 -04:00
Kenfe-Mickael Laventure 37e2103e64 Update TestPushToCentralRegistryUnauthorized to match updated hub
The error message was changed from "unauthorized: access to the
requested resource is not authorized" to "unauthorized: authentication
required".

Signed-off-by: Kenfe-Mickael Laventure <mickael.laventure@gmail.com>
2016-03-22 16:15:29 -07:00
cyli 623ccc2f31 Pull, Pull-A, and Build will only pull tags from the targets role or the targets/releases role.
It will ignore tags in all other delegation roles.

Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-03-21 10:56:49 -07:00
Riyaz Faizullabhoy ca57f4e6a8 Add test for targets/releases preference when pulling
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-21 10:56:42 -07:00
cyli 497a58e6e4 Trusted push now adds the tag to every first level delegation role for which we have keys
and for which the tag conforms to path restrictions.

Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-03-21 10:56:09 -07:00
Antonio Murdaca 264b5b6083 distribution: errors: do not retry if no token in response
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-19 12:20:14 +01:00
Antonio Murdaca c48439af7f vendor docker/distribution d06d6d3b093302c02a93153ac7b06ebc0ffd1793
- fix and add integration tests

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-19 12:19:48 +01:00
Antonio Murdaca 1b5c2e1d72 distribution: errors: do not access the errors slice if it's empty
- cherry-pick from 1.10.3 branch: 0186f4d4223a094a050d06f456355da3ae431468
- add token service test suite
- add integration test (missing in 1.10.3 branch)

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-16 09:00:39 +01:00
Aaron Lehmann 0b962f72a9 Merge pull request #21159 from runcom/fix-retry-push-bug
distribution: errors: do not retry if no credentials provided
2016-03-14 09:47:13 -07:00
Antonio Murdaca 6d23c3c57a integration-cli: add tests for case a) and d) in #21054
- add test for pull from private registry with no credentials
- add test for push to docker hub with no credentials

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Signed-off-by: Antonio Murdaca <amurdaca@localhost.localdomain>
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-14 12:43:10 +01:00
Antonio Murdaca 497d545093 distribution: errors: do not retry if no credentials provided
Fix and add test for case c) in #21054

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2016-03-12 20:41:47 +01:00
Christopher Jones db700a678d Add notary binary requirement for tests
This PR adds the "notary" binary requirement for tests.

Previously, NotaryHosting was checking for the "notary-server"
binary under the name notaryBinary. This renames that reference to
notaryServerBinary, so that notaryBinary can rightly refer
to the actual "notary" binary.

Currently only one test actually uses the notary binary, so it's been
updated accordingly.

Signed-off-by: Christopher Jones <tophj@linux.vnet.ibm.com>
2016-03-11 17:36:12 -05:00
Riyaz Faizullabhoy f75622e52a Rotate snapshot key to server when initializing new notary repos
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-03-02 16:51:32 -08:00
Aaron Lehmann 5c99eebe81 Fix concurrent uploads that share layers
Concurrent uploads which share layers worked correctly as of #18353,
but unfortunately #18785 caused a regression. This PR removed the logic
that shares digests between different push sessions. This overlooked the
case where one session was waiting for another session to upload a
layer.

This commit adds back the ability to propagate this digest information,
using the distribution.Descriptor type because this is what is received
from stats and uploads, and also what is ultimately needed for building
the manifest.

Surprisingly, there was no test covering this case. This commit adds
one. It fails without the fix.

See recent comments on #9132.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-03-01 11:14:44 -08:00
Brian Bland 1d3480f9ba Improve fallback behavior for cross-repository push
Attempt layer mounts from up to 3 source repositories, possibly
falling back to a standard blob upload for cross repository pushes.
Addresses compatiblity issues with token servers which do not grant
multiple repository scopes, resulting in an authentication failure for
layer mounts, which would otherwise cause the push to terminate with an
error.

Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-02-24 19:13:35 -08:00
cyli 0617521ba2 Update integration tests with new error messages, and to use different repos per test.
This way we won't encounter any problems with one test using cached data from a different
test.

Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-01-26 18:02:00 -08:00
Stefan Scherer 11a51649cf Update registry version in Dockerfile.armhf
Signed-off-by: Stefan Scherer <scherer_stefan@icloud.com>
2016-01-23 18:46:46 +01:00
Brian Bland 06e9a056ca Fixes layer MediaTypes in manifests created from a cross-repository push
Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-20 12:23:16 -08:00
Stefan Scherer 4f339570cb Skip failing tests on ARM to get red/green feedback from Jenkins
Signed-off-by: Stefan Scherer <scherer_stefan@icloud.com>
2016-01-18 17:00:15 +01:00
Brian Bland 6309947718 Changes cross-repository blob mounting to a blob Create option
Also renames BlobSumService to V2MetadataService, BlobSum to
V2Metadata

Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-14 14:26:03 -08:00
Brian Bland 7289c7218e Adds cross-repository blob pushing behavior
Tracks source repository information for each blob in the blobsum
service, which is then used to attempt to mount blobs from another
repository when pushing instead of having to re-push blobs to the same
registry.

Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-13 14:26:30 -08:00
Aaron Lehmann 1fa2e31151 Build a pre-schema2 registry to test schema1 push/pull
Add DockerSchema1RegistrySuite which uses this registry, and make
applicable integration tests run as part of this suite.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-01-08 17:27:31 -08:00
cyli 1db0c7bb01 Add an integration test for docker being able to push to a repo with delegations.
Signed-off-by: cyli <cyli@twistedmatrix.com>
2016-01-07 19:35:45 -08:00
Riyaz Faizullabhoy 1c125f50cf Notary delegation integration into docker
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2016-01-07 19:35:45 -08:00
Antonio Murdaca 09c4643ce1 integration-cli: fix test name typo
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
2015-12-05 11:42:46 +01:00
Tonis Tiigi 4352da7803 Update daemon and docker core to use new content addressable storage
Add distribution package for managing pulls and pushes. This is based on
the old code in the graph package, with major changes to work with the
new image/layer model.

Add v1 migration code.

Update registry, api/*, and daemon packages to use the reference
package's types where applicable.

Update daemon package to use image/layer/tag stores instead of the graph
package

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2015-11-24 09:40:25 -08:00
Aaron Lehmann 0ab6b1d922 Correct parent chain in v2 push when v1Compatibility files on the disk are inconsistent
This fixes an issue where two images with the same filesystem contents
and configuration but different remote IDs could share a v1Compatibility
file, resulting in corrupted manifests.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-11-17 16:05:09 -08:00
David Lawrence 52021ac2a4
fixing tests for updated CLI output
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-11-13 13:20:55 -08:00
Hu Keping 710817a71b Use checker on integration test when possible
Signed-off-by: Hu Keping <hukeping@huawei.com>
2015-10-22 15:53:17 +08:00
Diogo Monica 63f8db83aa Adding tests for backwards compatibility
Signed-off-by: Diogo Monica <diogo@docker.com>
2015-10-09 12:20:19 -07:00
Diogo Monica a2f9fb7777 Changing trustServer allowed URL behavior
Signed-off-by: Diogo Monica <diogo@docker.com>
2015-10-08 17:47:25 -07:00
Derek McGowan 5e11cd43aa Ignore ping errors in notary repository setup
Notary is capable of acting in offline mode, making use of cache TUF data.
When ping is not successful, notary should still be attempted without error.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-09-14 11:08:25 -07:00
Aaron Lehmann 6cc38775bb Remove TestPushInterrupt
This test relies on a race condition, and has been failing often in CI.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-02 15:30:55 -07:00
Stephen J Day 349aef06d5 Avoid buffering to tempfile when pushing with V2
The practice of buffering to a tempfile during a pushing contributes massively
to slow V2 push performance perception. The protocol was actually designed to
avoid precalculation, supporting cut-through data push. This means we can
assemble the layer, calculate its digest and push to the remote endpoint, all
at the same time.

This should increase performance massively on systems with slow disks or IO
bottlenecks.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-24 18:08:05 -07:00
Arnaud Porterie 697cdb8e2f Update regression test
Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-08-12 18:46:55 -07:00
Arnaud Porterie 4f3b0d0f4a Revert #14884
This reverts commit 810d3b2642.

Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-08-12 18:46:48 -07:00
Derek McGowan 6ce76cd9ed Updated to use latest version of notary
Update UX to use aliases for root, snapshot, and target key

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-31 17:32:35 -07:00
Derek McGowan bf3c1e6a3a Skip notary tests which update system clock
Currently some notary tests change the system clock to check for expiration.
Skip these tests until the code can be refactored to not rely on updating the system clock.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-29 12:09:40 -07:00
Brian Goff 693ba98cb9 Don't pass check.C to dockerCmdWithError
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2015-07-27 14:33:32 -04:00
Derek McGowan 259cadb0b1 Rename to flags and environment variables to content trust
Update help line to allow 90 characters instead of 80

The trust flag pushes out the help description column wider, requiring more room to display help messages.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-24 16:31:18 -07:00
Diogo Monica 3e90b12d42 Added tests for expired snapshots and timestamps
Signed-off-by: Diogo Monica <diogo@docker.com>
2015-07-24 16:31:18 -07:00
Derek McGowan 871d2b96ed Add build integration cli tests
Clean up tests to remove duplicate code

Add tests which run pull and create in an isolated configuration directory.
Add build test for untrusted tag

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-24 16:31:12 -07:00