Commit graph

27 commits

Author SHA1 Message Date
Stephen Day
5052dc692f Merge pull request #283 from sthulb/client-certs
registry, configuration, doc: client certificates for authentication purposes.
2015-03-31 16:45:03 -07:00
Simon Thulbourn
c8f3800f1c Add client certificate CA option to authenticate with client certs
Add the ability to authenticate against multiple client CA certificates.

Signed-off-by: Simon Thulbourn <simon+github@thulbourn.com>
2015-03-25 10:53:03 +00:00
Stephen J Day
ac73963d7e Add support for configuration static logging fields
To allow flexibility in log message context information, this changeset
provides the ability to configure static fields that are included in the
context. Such fields can be set via configuration or environment variables.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-24 18:47:22 -07:00
Stephen J Day
a75f0f26f7 Allow logging formatter to be configured
This changeset simply adds hooks into the configuration system to support
multiple different kinds of output formats. These formatters are provided by
logrus and include options such as "text" and "json". The configuraiton
documentation has been updated accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-24 16:56:43 -07:00
Stephen Day
9b73abdcfe Merge pull request #284 from ahmetalpbalkan/azure-register
cmd/registry: Import Azure driver for factory registration
2015-03-23 14:43:05 -07:00
Ahmet Alp Balkan
878a39fef2 Import Azure driver for factory registration
Importing Azure storage driver to make it register itself as
a storage driver.

Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-03-20 17:44:25 -07:00
Stephen Day
15a7926288 Merge pull request #230 from diogomonica/adding-healthcheck
registry/health: adding healthcheck package
2015-03-20 17:15:37 -07:00
Diogo Mónica
5370f2c0be Adding first version of HealthCheck
Added a expvar style handler for the debug http server to allow health checks (/debug/health).

Signed-off-by: Diogo Monica <diogo@docker.com>
2015-03-20 14:38:40 -07:00
David Lawrence
4acda57e05 Refactoring cloudfactory layer handler into a more generic storage
middleware concept.

This also breaks the dependency the storage package had on goamz
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-11 08:56:28 -07:00
Stephen J Day
65b0d73cb7 Move storagedriver package to registry/storage/driver
This change is slightly more complex than previous package maves in that the
package name changed. To address this, we simply always reference the package
driver as storagedriver to avoid compatbility issues with existing code. While
unfortunate, this can be cleaned up over time.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 12:43:04 -08:00
Stephen J Day
0371f648bf Move auth package under registry package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-10 17:34:04 -08:00
Stephen J Day
0f08b6961a Move registry package into handler package
The goal is to free up the distribution/registry package to include common
registry types. This moves the webapp definitions out of the way to allow for
this change in the future.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-10 17:25:40 -08:00
Stephen J Day
d2bfb5825c Integrate contextual logging with regsitry app
This changeset integrates contextual logging into the registry web application.
Idiomatic context use is attempted within the current webapp layout. The
functionality is centered around making lifecycle objects (application and
request context) into contexts themselves. Relevant data has been moved into
the context where appropriate.  We still have some work to do to factor out the
registry.Context object and the dispatching functionality to remove some
awkward portions.

The api tests were slightly refactored to use a test environment to eliminate
common code.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-06 16:51:53 -08:00
Stephen J Day
0a29b59e14 Webhook notification support in registry webapp
Endpoints are now created at applications startup time, using notification
configuration. The instances are then added to a Broadcaster instance, which
becomes the main event sink for the application. At request time, an event
bridge is configured to listen to repository method calls. The actor and source
of the eventBridge are created from the requeest context and application,
respectively. The result is notifications are dispatched with calls to the
context's Repository instance and are queued to each endpoint via the
broadcaster.

This commit also adds the concept of a RequestID and App.InstanceID. The
request id uniquely identifies each request and the InstanceID uniquely
identifies a run of the registry. These identifiers can be used in the future
to correlate log messages with generated events to support rich debugging.

The fields of the app were slightly reorganized for clarity and a few horrid
util functions have been removed.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-03 13:32:37 -08:00
Stephen J Day
499382dd0b Add debug server to support pprof and expvar
If configured, a debug http server will be started to serve default registered
endpoints, such as pprof and expvar. The endpoint should be secured carefully
and not available to external traffic. It is disabled by default but the
development config has been modified to make it available on localhost.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-03 13:32:37 -08:00
Stephen J Day
9f5916b2c4 Add native TLS support to registry
This changeset provides simple tls support for a registry instance. Simply
providing a cert and key file are enough to get a tls registry running. If the
certs are trusted by the client, tls can be used throughout the push and pull
process.

If more complex TLS options are required, it is recommend that a proxy be used.
Contributions will be accepted to add more features, if necessary.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-02 14:38:47 -08:00
Stephen J Day
b75455d2bd Move version printing to version package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-29 18:32:16 -08:00
Stephen J Day
d0abfe0b92 Report version in registry binary
We've added support to the registry command to report the current version of
the distribution package. The version package is generated with a shell script
that gets the latest tag and add "+unknown". This allows builds from "go get"
and "go install" to have a rough version number. Generated periodically, it
will provide a decent indication of what code built the binary. For more
accurate versioning, one can build with the "binaries" make target. Linker
flags are used to replace the version string with the actual current tag at
build time.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-29 18:32:01 -08:00
Brian Bland
16a258ce69 Enables s3 driver, limits permission check to scope of rootdirectory
Signed-off-by: Brian Bland <brian.bland@docker.com>
2015-01-12 13:34:49 -08:00
Stephen J Day
ab4a9f0480 Move registry package out of repo root
Since the repo is no longer just the registry, we are moving the registry web
application package out of the repo root into a sub-package. We may break down
the registry package further to separate webapp components and bring the client
package under it. This change accomplishes the task of freeing up the repo root
for a distribution-oriented package. A stub doc.go file is left in place to
declare intent.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-06 10:40:22 -08:00
Olivier Gambier
67ca9d10cf Move from docker-registry to distribution 2014-12-23 17:13:02 -08:00
Stephen J Day
d0a9e9b475 Integrate auth.AccessController into registry app
This changeset integrates the AccessController into the main registry app. This
includes support for configuration and a test implementation, called "silly"
auth. Auth is only enabled if the configuration is present but takes measure to
ensure that configuration errors don't allow the appserver to start with open
access.
2014-12-18 12:34:56 -08:00
Stephen J Day
6e846d6b29 Use filesystem driver in default configuration 2014-12-15 11:53:52 -08:00
Brian Bland
43a50b5e82 Adds bugsnag and newrelic metrics and error reporting
Configuration variables are added under the REGISTRY_REPORTING
namespace, for example REGISTRY_REPORTING_BUGSNAG_APIKEY
2014-12-12 17:49:06 -08:00
Olivier Gambier
3bbc8ce3c2 Fix address 2014-12-10 17:59:13 -08:00
Stephen J Day
2f78886aac Disable s3 and ipc executable entry points 2014-12-05 14:34:22 -08:00
Stephen J Day
3301626830 Add registry main cmd 2014-12-01 17:36:20 -08:00