Since the CloudFront middleware does not work without an S3 backend, it
became obvious that this documentation should exist within the S3
storage-driver documentation.
Signed-off-by: DJ Enriquez <dj.enriquez@infospace.com>
Adding a more detailed document regarding how to use CloudFront as
middleware for an s3 backed registry.
Signed-off-by: DJ Enriquez <dj.enriquez@infospace.com>
tarsum is not actually used by the registry. Remove support for it.
Convert numerous uses in unit tests to SHA256.
Update docs to remove mentions of tarsums (which were often inaccurate).
Remove tarsum dependency.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Fixes a huge problem where a nginx variable was not escaped and nginx was adding the literal string "always" to all requests.
The most obvious result was that basic auth was entirely broken.
Signed-off-by: Carson Anderson <ca@carson-anderson.com>
If this example was copied and pasted, the shell would try to interpolate `$upstream_http_docker_distribution_api_version` and `$docker_distribution_api_version`.
Signed-off-by: Andrew Meredith <andymeredith@gmail.com>
This change clarifies the way the catalog endpoint returns results
when pagination was not explicitly requested.
Signed-off-by: Patrick Devine <patrick.devine@docker.com>
This extends the specification for the Bearer token response to include
information pertaining to when an issued Bearer token will expire.
This also allows the client to accept `access_token` as an alias for `token`.
Signed-off-by: Matt Moore <mattmoor@google.com>
The docs don't render emoji, so replaced the `⚠️` with
a `**Warning**:` to keep the formatting consisten with
`**Note**:` used in other parts of the docs.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This adds a variable to help nginx add the
Docker-Distribution-Api-Version when using basic auth, and not add the
header when it sees it from the upstream.
Also fix some minor spelling/grammar issues.
Signed-off-by: Sharif Nassar <sharif@mrwacky.com>
It seems that enabling proxy stops my instance from accepting local pushes, but I can't find mention of that in the docs.
Signed-off-by: Jason Freidman <jason@periscope.io>
This allows the administrator to specify an externally-reachable URL for
the registry. It takes precedence over the X-Forwarded-Proto and
X-Forwarded-Host headers, and the hostname in the request.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Associate HTTP 401s with Authentication errors rather than Authorization
errors. Changes the meaning of the UNAUTHORIZED error to be authentication
specific.
Defines DENIED error code to be associated with authorization
errors which result in HTTP 403 responses.
Add 'No Such Repository' errors to more endpoints.
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
This PR add some description to manifest spec.
It clarifies the relationship between `fsLayers` and `history` fields.
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
