forked from TrueCloudLab/distribution
registry: refactor registry.IsSecure calls into registry.NewEndpoint
Signed-off-by: Tibor Vass <teabee89@gmail.com>
This commit is contained in:
parent
524aa8b1a6
commit
80255ff224
4 changed files with 14 additions and 14 deletions
|
@ -34,12 +34,15 @@ func scanForAPIVersion(hostname string) (string, APIVersion) {
|
||||||
return hostname, DefaultAPIVersion
|
return hostname, DefaultAPIVersion
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewEndpoint(hostname string, secure bool) (*Endpoint, error) {
|
func NewEndpoint(hostname string, insecureRegistries []string) (*Endpoint, error) {
|
||||||
endpoint, err := newEndpoint(hostname, secure)
|
endpoint, err := newEndpoint(hostname)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
secure := isSecure(endpoint.URL.Host, insecureRegistries)
|
||||||
|
endpoint.secure = secure
|
||||||
|
|
||||||
// Try HTTPS ping to registry
|
// Try HTTPS ping to registry
|
||||||
endpoint.URL.Scheme = "https"
|
endpoint.URL.Scheme = "https"
|
||||||
if _, err := endpoint.Ping(); err != nil {
|
if _, err := endpoint.Ping(); err != nil {
|
||||||
|
@ -65,9 +68,9 @@ func NewEndpoint(hostname string, secure bool) (*Endpoint, error) {
|
||||||
|
|
||||||
return endpoint, nil
|
return endpoint, nil
|
||||||
}
|
}
|
||||||
func newEndpoint(hostname string, secure bool) (*Endpoint, error) {
|
func newEndpoint(hostname string) (*Endpoint, error) {
|
||||||
var (
|
var (
|
||||||
endpoint = Endpoint{secure: secure}
|
endpoint = Endpoint{secure: true}
|
||||||
trimmedHostname string
|
trimmedHostname string
|
||||||
err error
|
err error
|
||||||
)
|
)
|
||||||
|
@ -149,10 +152,9 @@ func (e Endpoint) Ping() (RegistryInfo, error) {
|
||||||
return info, nil
|
return info, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// IsSecure returns false if the provided hostname is part of the list of insecure registries.
|
// isSecure returns false if the provided hostname is part of the list of insecure registries.
|
||||||
// Insecure registries accept HTTP and/or accept HTTPS with certificates from unknown CAs.
|
// Insecure registries accept HTTP and/or accept HTTPS with certificates from unknown CAs.
|
||||||
func IsSecure(hostname string, insecureRegistries []string) bool {
|
func isSecure(hostname string, insecureRegistries []string) bool {
|
||||||
|
|
||||||
if hostname == IndexServerAddress() {
|
if hostname == IndexServerAddress() {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
|
@ -12,7 +12,7 @@ func TestEndpointParse(t *testing.T) {
|
||||||
{"0.0.0.0:5000", "https://0.0.0.0:5000/v1/"},
|
{"0.0.0.0:5000", "https://0.0.0.0:5000/v1/"},
|
||||||
}
|
}
|
||||||
for _, td := range testData {
|
for _, td := range testData {
|
||||||
e, err := newEndpoint(td.str, true)
|
e, err := newEndpoint(td.str)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("%q: %s", td.str, err)
|
t.Errorf("%q: %s", td.str, err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -343,8 +343,8 @@ func TestIsSecure(t *testing.T) {
|
||||||
{"127.0.0.1:5000", []string{"example.com"}, false},
|
{"127.0.0.1:5000", []string{"example.com"}, false},
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
if sec := IsSecure(tt.addr, tt.insecureRegistries); sec != tt.expected {
|
if sec := isSecure(tt.addr, tt.insecureRegistries); sec != tt.expected {
|
||||||
t.Errorf("IsSecure failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec)
|
t.Errorf("isSecure failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -40,7 +40,7 @@ func (s *Service) Auth(job *engine.Job) engine.Status {
|
||||||
job.GetenvJson("authConfig", authConfig)
|
job.GetenvJson("authConfig", authConfig)
|
||||||
|
|
||||||
if addr := authConfig.ServerAddress; addr != "" && addr != IndexServerAddress() {
|
if addr := authConfig.ServerAddress; addr != "" && addr != IndexServerAddress() {
|
||||||
endpoint, err := NewEndpoint(addr, IsSecure(addr, s.insecureRegistries))
|
endpoint, err := NewEndpoint(addr, s.insecureRegistries)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return job.Error(err)
|
return job.Error(err)
|
||||||
}
|
}
|
||||||
|
@ -92,9 +92,7 @@ func (s *Service) Search(job *engine.Job) engine.Status {
|
||||||
return job.Error(err)
|
return job.Error(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
secure := IsSecure(hostname, s.insecureRegistries)
|
endpoint, err := NewEndpoint(hostname, s.insecureRegistries)
|
||||||
|
|
||||||
endpoint, err := NewEndpoint(hostname, secure)
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return job.Error(err)
|
return job.Error(err)
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue