Commit graph

134 commits

Author SHA1 Message Date
Fabio Huser
17756eb43e Clarify kid format for JWT token auth in docs
The kid value can have an arbitrary format according JOSE specification, but Docker distribution expects a specific format (libtrust fingerprint) to work. This is not written in the documentation so far and is only mentioned in the libtrust source code itself.

Signed-off-by: Fabio Huser <fabio@fh1.ch>
2016-04-17 12:04:15 +02:00
Mary Anthony
6bce49d51d Updated per conversation with Richard
Removing draft
Richard's comments and some fixes

Signed-off-by: Mary Anthony <mary@docker.com>
2016-04-13 06:43:11 -07:00
Phil Estes
bf9f80eaff Correct examples and architecture references in v2.2 spec
Add link to the official list of $GOOS and $GOARCH values and correct
values that were incorrectly listed in the spec examples.

Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
2016-04-03 17:50:22 -04:00
Aaron Lehmann
a11f6b6cfd Merge pull request #1418 from dmcgowan/oauth-spec
Add specification for using OAuth with the token server
2016-03-31 10:42:12 -07:00
Richard Scothern
9b5caf64cf Add a note to the delete manifest section to aid getting the correct
digest to delete manifests.

Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2016-03-30 10:59:26 -07:00
Richard Scothern
b787035d8b Merge pull request #1545 from jonjohnsonjr/typos
Fix typos in docs/spec/api.md
2016-03-23 16:41:44 -07:00
Jon Johnson
f64981b472 Fix typos in docs/spec/api.md
Fix grammatical and formatting issues.
Add links to sections or other documents where appropriate.

Signed-off-by: Jon Johnson <jonjohnson@google.com>
2016-03-18 15:01:20 -07:00
John Starks
5b0a484739 Add os.version and os.features to platform spec
These changes are needed to differentiate Windows images.

Signed-off-by: John Starks <jostarks@microsoft.com>
2016-03-17 16:54:21 -07:00
Derek McGowan
093fbdbfc4 Add client_id to get token endpoint
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-09 12:35:20 -08:00
Derek McGowan
66d6eaa83f Update scope list to use space separator
The oauth spec defines using a space to separate parts of a scope.
To better comply with future implementations built on oauth use a space to separate the resource scopes.

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-03 17:44:09 -08:00
Derek McGowan
d51f76f903 Update oauth documentation to include returned scope
Add post response values
Update password grant type to match oauth spec

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-03-03 17:44:09 -08:00
Richard Scothern
c8dff1bb57 Merge pull request #1364 from aaronlehmann/content-type-in-api-docs
Add information about manifest content types to API spec
2016-03-01 13:53:49 -08:00
Stefan Weil
615c6dfced Fix some typos in comments and strings
All of them were found and fixed by codespell.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
2016-02-23 22:33:38 +01:00
Derek McGowan
3fc4e4cdc8 Add resource scope list definition
Allow providing multiple scopes in a single scope string

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-12 16:07:21 -08:00
Derek McGowan
6d6c37c06a Update client section
Use client_id as defined in oauth rfc instead of custom client field

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-11 13:57:23 -08:00
Derek McGowan
32931689d5 Add scope documentation
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-11 13:57:23 -08:00
Derek McGowan
d8b59ab637 Add specification for using oauth with the token server
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2016-02-11 13:57:23 -08:00
Aaron Lehmann
7761a70389 Add information about manifest content types to API spec
Bring the spec up to date for schema2 changes.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-02-05 11:27:20 -08:00
Mary Anthony
01bb31fc42 New navigation for 1.10
Capturing Olivier's comments

Signed-off-by: Mary Anthony <mary@docker.com>
2016-01-28 17:35:54 -08:00
Stephen J Day
eb87f00afd spec/api: add missing entries to changelog
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2016-01-20 12:19:25 -08:00
Brian Bland
ce88d8a6f4 Adds functional options arguments to the Blobs Create method
Removes the Mount operation and instead implements this behavior as part
of Create a From option is provided, which in turn returns a rich
ErrBlobMounted indicating that a blob upload session was not initiated,
but instead the blob was mounted from another repository

Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-13 16:42:59 -08:00
Brian Bland
ac03070245 Fixes error codes in the API spec template
Uses UPPER_UNDERSCORE_CASE instead of the nice error message format
added in #911

Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-13 11:53:40 -08:00
Brian Bland
5df21570a7 Adds cross-repository blob mounting behavior
Extends blob upload POST endpoint to support mount and from query
parameters as described in #634

Signed-off-by: Brian Bland <brian.bland@docker.com>
2016-01-08 13:53:18 -08:00
Aaron Lehmann
9c416f0e94 Add support for manifest list ("fat manifest")
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2016-01-07 15:26:27 -08:00
Sebastiaan van Stijn
ef006ca1a1 docs: mark manifest as "draft"
Markdown linter produced an error on this page;

    running markdownlint
    ERROR (registry/spec/manifest-v2-2.md) frontmatter: Unexpected non-whitespace char: # Image Manifest Version 2, Schema 2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2015-12-30 20:56:02 +01:00
Aaron Lehmann
2e3f4934a7 docs/spec: Proposal for new manifest format
This is a follow-on to PR #62, and it borrows much of the format
from #993, but uses specific formats for the image manifest and manifest
list (fat manifest) instead of a combined generic format.

The intent of this proposed manifest format is to allow multi-arch, and
allow for full content-addressability of images in the Docker engine.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-12-18 12:26:02 -08:00
Richard Scothern
cb6f002350 Implementation of the Manifest Service API refactor.
Add a generic Manifest interface to represent manifests in the registry and
remove references to schema specific manifests.

Add a ManifestBuilder to construct Manifest objects. Concrete manifest builders
will exist for each manifest type and implementations will contain manifest
specific data used to build a manifest.

Remove Signatures() from Repository interface.

Signatures are relevant only to schema1 manifests.  Move access to the signature
store inside the schema1 manifestStore.  Add some API tests to verify
signature roundtripping.

schema1
-------

Change the way data is stored in schema1.Manifest to enable Payload() to be used
to return complete Manifest JSON from the HTTP handler without knowledge of the
schema1 protocol.

tags
----

Move tag functionality to a seperate TagService and update ManifestService
to use the new interfaces.  Implement a driver based tagService to be backward
compatible with the current tag service.

Add a proxyTagService to enable the registry to get a digest for remote manifests
from a tag.

manifest store
--------------

Remove revision store and move all signing functionality into the signed manifeststore.

manifest registration
---------------------

Add a mechanism to register manifest media types and to allow different manifest
types to be Unmarshalled correctly.

client
------

Add ManifestServiceOptions to client functions to allow tags to be passed into Put and
Get for building correct registry URLs.  Change functional arguments to be an interface type
to allow passing data without mutating shared state.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>

Signed-off-by: Richard Scothern <richard.scothern@docker.com>
2015-12-17 17:09:14 -08:00
Aaron Lehmann
4c850e7165 Remove tarsum support for digest package
tarsum is not actually used by the registry. Remove support for it.

Convert numerous uses in unit tests to SHA256.

Update docs to remove mentions of tarsums (which were often inaccurate).

Remove tarsum dependency.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-12-15 17:22:18 -08:00
Sven Dowideit
226d8c4f07 Merge pull request #1234 from SvenDowideit/linkchecker-fixes
Small doc fixes found by the linkchecker
2015-12-05 09:30:58 +10:00
Sven Dowideit
7d0d94814b Small doc fixes found by the linkchecker
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2015-12-03 21:26:41 +10:00
Patrick Devine
b084c77c70 Clarify pagination for catalog API endpoint
This change clarifies the way the catalog endpoint returns results
when pagination was not explicitly requested.

Signed-off-by: Patrick Devine <patrick.devine@docker.com>
2015-12-02 18:02:51 -08:00
Morgan Bauer
17d4e82944
Formatting content digest calculation to avoid copyright symbols
- resolves #1197

Signed-off-by: Morgan Bauer <mbauer@us.ibm.com>
2015-11-24 10:13:34 -08:00
Sven Dowideit
64bc8af1b9 Doc fixes found by validation job
Signed-off-by: Sven Dowideit <SvenDowideit@home.org.au>
2015-11-20 12:21:03 +10:00
Matt Moore
0c7cd3fcf8 Add expires_in and issued_at to the auth spec.
This extends the specification for the Bearer token response to include
information pertaining to when an issued Bearer token will expire.

This also allows the client to accept `access_token` as an alias for `token`.

Signed-off-by: Matt Moore <mattmoor@google.com>
2015-10-27 11:05:33 -07:00
Stephen Day
bfd1f423c5 Merge pull request #1033 from jlhawn/api_spec_update_auth_errors
[api spec] Update authN and authZ errors
2015-10-13 13:52:18 -07:00
Derek McGowan
618ffe118b Merge pull request #1005 from xiekeyang/spec
add description to manifest spec
2015-09-30 11:47:16 -07:00
Josh Hawn
0f670bdc91 [api spec] Update authN and authZ errors
Associate HTTP 401s with Authentication errors rather than Authorization
errors. Changes the meaning of the UNAUTHORIZED error to be authentication
specific.

Defines DENIED error code to be associated with authorization
errors which result in HTTP 403 responses.

Add 'No Such Repository' errors to more endpoints.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-09-30 09:12:31 -07:00
xiekeyang
da8ef7585d add description to manifest spec
This PR add some description to manifest spec.
It clarifies the relationship between `fsLayers` and `history` fields.

Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2015-09-30 10:16:46 +08:00
Richard Scothern
d03c56129c Merge pull request #991 from mattmoor/expires_in_proposal
Fixes #684
2015-09-25 15:23:28 -07:00
Sungho Moon
7bf66b6855 Minor grammar fix : duplicated coordinators.
Signed-off-by: Sungho Moon <sungho.moon@navercorp.com>
2015-09-23 11:40:13 +09:00
Matt Moore
ca7c845dc0 Fixes #684
Split the discussion of v2 authentication into two parts:
1) A specification of the handshake between the client, registry and
authentication service.
2) A description of how `docker/distribution` implements this using JWT.

This should make it clearer that `#2` is an implementation detail, and
that clients should regard tokens as opaque entities that only the
registry and authentication service should understand.

Signed-off-by: Matt Moore <mattmoor@google.com>
2015-09-18 15:26:32 -07:00
xiekeyang
78c760f898 typo
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
2015-09-18 17:27:01 +08:00
Josh Hawn
fb481ef843 [docs/spec/auth] Clarify the Token auth workflow
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-09-14 15:57:16 -07:00
Olivier Gambier
5df53c0681 Documentation enhancements
Making metadata:
- more consistent
- more specific (fixed copy pasting)
- refine coverage

Insecure information cleanup

Removing no longer used files:
- mkdocs is gone
- the registry diagram is not used, and is a bit silly :)

Minor fixes

Fixing links

Recipes:
- harmonized code sections style to the rest of the docs
- harmonized recipe "style"
- listing new recipes

Enhance deploying

Signed-off-by: Olivier Gambier <olivier@docker.com>
2015-08-28 12:46:53 -07:00
Aaron Lehmann
4cb5626d9e Update JSON spec to point out escaping of <, >, &
...and add blurb about not relying on canonicalization to ensure
identical output.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-24 16:28:42 -07:00
Richard Scothern
776a4ffbe8 Change some incorrect error types in proxy stores from API errors to
distribution errors.  Fill in missing checks for mutations on a registry pull-through
cache.  Add unit tests and update documentation.

Also, give v2.ErrorCodeUnsupported an HTTP status code, previously it was
defaulting to 500, now its 405 Method Not Allowed.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-11 14:16:24 -07:00
Stephen J Day
f141480d98 Move common error codes to errcode package
Several error codes are generally useful but tied to the v2 specification
definitions. This change moves these error code definitions into the common
package for use by the health package, which is not tied to the v2 API.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-11 11:50:58 -07:00
Richard Scothern
fb9662ad5a Add blob delete entry to api description and regenerate api.md
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-03 11:59:19 -07:00
Richard Scothern
bffa20d6bb Spelling corrections
Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-07-31 16:43:11 -07:00
Alex Chan
51bd34eaed Fix a few typos in the docs
Signed-off-by: Alex Chan <alex.chan@metaswitch.com>
2015-07-31 13:36:43 +01:00
Derek McGowan
0355c3026c Merge pull request #744 from aaronlehmann/manifest-put-response-code
Manifest PUT should return 201 Created
2015-07-28 10:42:54 -07:00
Olivier Gambier
549a3921a4 Merge pull request #752 from stevvooe/add-missing-ampersands
Correctly generate URL examples specifications
2015-07-24 22:05:22 -07:00
Stephen J Day
dcbf2967fd Correctly generate URL examples specifications
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-24 19:00:25 -07:00
Stephen Day
d1dfac4b98 Revert "Fix typo" 2015-07-24 13:28:10 -07:00
Stephen Day
9e9e9a2859 Merge pull request #677 from RichardScothern/soft-delete-remove-links
Manifest and layer soft deletion
2015-07-24 13:02:36 -07:00
Aaron Lehmann
cf32056218 Manifest PUT should return 201 Created
Change handler, update descriptors table, regenerate API spec, and
update test.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-24 12:58:16 -07:00
Richard
9c1dd69439 Manifest and layer soft deletion.
Implement the delete API by implementing soft delete for layers
and blobs by removing link files and updating the blob descriptor
cache.  Deletion is configurable - if it is disabled API calls
will return an unsupported error.

We invalidate the blob descriptor cache by changing the linkedBlobStore's
blobStatter to a blobDescriptorService and naming it blobAccessController.

Delete() is added throughout the relevant API to support this functionality.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-07-24 09:57:20 -07:00
Jianqing Wang
8c98f97a0d Fix typo
Signed-off-by: tsing <tsing@nicescale.com>
2015-07-24 11:43:28 +08:00
Stephen Day
984037f7fc Merge pull request #729 from stevvooe/pagination-spec-cleanup
Clean up pagination specification
2015-07-23 15:46:32 -07:00
Stephen J Day
c5792bf87e Identify V2 API changes by letter
To avoid confusion with the registry version number or other project versions,
the specification updates are now lettered.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-22 20:49:27 -07:00
Stephen J Day
88831b0523 Clean up pagination specification
Some missing descriptions and error code for tags pagination was cleaned up to
ensure clarity. Specifically, we ensure the request variations are named and
the proper error codes are included.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-22 20:00:28 -07:00
Stephen J Day
006214d902 Paginate catalog and tag results with Link header
Move the specification to use a Link header, rather than a "next" entry in the
json results. This prevents requiring clients from parsing the request body to
issue the next request. It also ensures that the returned response body does
not change in between requests.

The ordering of the specification has been slightly tweaked, as well. Listing
image tags has been moved after the catalog specification. Tag pagination now
heavily references catalog pagination.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-21 21:45:14 -07:00
Stephen J Day
aebe850f73 Catalog V2 API specification proposal
This contains a proposal for a catalog API, provided access to the internal
contents of a registry instance. The API endpoint is prefixed with an
underscore, which is illegal in images names, to prevent collisions with
repositories names. To avoid issues with large result sets, a paginated version
of the API is proposed. We make an addition to the tags API to support
pagination to ensure the specification is conistent.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-21 21:45:14 -07:00
Stephen J Day
b54cc5ed47 Allow single character repository names
The main goal of this changeset is to allow repository name components to
consist of a single character. The number of components allowed and the slash
separation requirements have also been clarified.

To go along with this simplification, errant constants and unneeded error types
have been removed.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-10 12:10:42 -06:00
Vincent Demeester
536e2fccf9 Fix table render in specs/api.md
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2015-06-26 10:34:48 +02:00
Mary Anthony
1aa8b00bdf Adding in the better sed
Renaming to index.md;rereading of Hugo showed me my mistake; removing commented out/Markdown has no comment feature
Updating with Olivier. Yay! It looks great

Signed-off-by: Mary Anthony <mary@docker.com>
2015-06-17 17:31:13 -07:00
Mary Anthony
832cb9d52c Updating for Hugo
Updating for tooling tests
Updating with the new sed scripts to protect links
updating with new image
Updating with comments

Signed-off-by: Mary Anthony <mary@docker.com>
2015-06-15 14:39:33 -07:00
Stephen Day
e57e731821 Merge pull request #548 from duglin/MoveErrors
Move ErrorCode logic to new errcode package
2015-06-15 14:33:28 -07:00
Doug Davis
441f7cac87 Round 4
Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-11 21:33:35 -07:00
Stephen Day
f63313de1f Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint
Clarify digest in API specification
2015-06-08 19:04:53 -07:00
Stephen J Day
7e6b4e8c52 Add description of digests to API specification
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-08 19:04:13 -07:00
Vincent Batts
0165b85861 spec/manifest: clarify the v2-s1 is provisional
Signed-off-by: Vincent Batts <vbatts@redhat.com>
2015-06-08 16:48:48 -04:00
Stephen J Day
c54adb667f Clarify that manifests can only be deleted by digest
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-06-04 18:59:08 -07:00
Vincent Giersch
7b3f571555 doc: coherence between requests and parameters + typo
In the request parameters lists `tag` was used instead of
`reference` present in the HTTP requests paths

Signed-off-by: Vincent Giersch <vincent.giersch@ovh.net>
2015-06-02 14:36:55 +00:00
Derek McGowan
d9003dfc25 Add documentation for client version header
Add documentation for Docker-Distribution-API-Version header required by clients

closes #99

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-05-06 15:58:48 -07:00
Derek McGowan
e842662ede Move pre-release 2.0 changes into the 2.0 API specification
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-05-06 15:58:48 -07:00
Derek McGowan
2cf40ab790 Modify blob upload API
- Ensures new uploads and resumed upload statuses always return an offset of 0. This allows future clients which support resumable upload to not attempt resumable upload on this version which does not support it.
- Add PATCH support for streaming data on upload.
- Add messaging to specification that PATCH with content range is currently not supported.
- Update PUT blob to only support full data or no data, no more last chunk messaging as it was not supported.

closes #470

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-05-06 15:43:23 -07:00
Derek McGowan
7d6e6aa980 Update API spec to reference digest instead of tarsum
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-05-01 17:14:38 -07:00
Mary Anthony
68c0682e00 Fixes Issue #471 with Publish
- Add sed to Dockerfile; this sed exists on publish script; breaks headings/nav in files without metadata
- Ensure sed runs over storage-driver/ subdir
- Add metadata to all the files (including specs) that don't have it; this ensures they display correctly on publish
- Implement the fix for the showing up in Github
- Update template with GITHUB IGNORES

Signed-off-by: Mary Anthony <mary@docker.com>
2015-04-30 15:39:40 -07:00
Derek McGowan
21504560e1 Update final upload chunk api doc
Updates description about content length and location

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-04-15 17:55:15 -07:00
Stephen Day
ad76574d74 Merge pull request #336 from RichardScothern/docs
doc/spec: documentation for the Image Manifest V2 format
2015-04-10 16:26:27 -07:00
Richard
e564ac59c3 Documentation for the Image Manifest V2 specification 2015-04-10 16:13:32 -07:00
Mary Anthony
cf9b4ab5e9 Breaking out README
Adding new material
Adding in template chomped in error
Cover install/deploy in README
Adding in Stephen's comments
Fixing you tabs!
Updating with commentary from pr
Updating with last minute comments

Signed-off-by: Mary Anthony <mary@docker.com>
2015-04-09 17:50:46 -07:00
Mary Anthony
636a19b212 Retooling to allow for docs build
Adding docs build to the Makefile
Adding in Sven's changes to the Makefile
Removing DS_store file
Updating per Stephen's comments
Update with Stephen's final comment

Signed-off-by: Mary Anthony <mary@docker.com>
2015-04-03 14:55:24 -07:00