If Context.Name is not set, the acceess controller may allow an unintended
request through. By only allowing a request to proceed without a name on the
base route, we provide some protection if future bugs forget to set the context
properly.
As a baseline for the new registry API specification, we are checking in the
proposal as currently covered in docker/docker#9015. This will allow us to
trace the process of transforming the proposal into a specification. The goal
is to use api descriptors to generate templated documentation into SPEC.md. The
resulting product will be submitted into docker core as part of the client PR.
This changeset integrates the AccessController into the main registry app. This
includes support for configuration and a test implementation, called "silly"
auth. Auth is only enabled if the configuration is present but takes measure to
ensure that configuration errors don't allow the appserver to start with open
access.
This commit is patch for following comment
// TODO: This method should return the errors instead of masking them and returning false
Signed-off-by: Daehyeok Mun <daehyeok@gmail.com>
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
The pre-commit hook will automatically gofmt code in place, warning you
about any changes. It will also fail to commit if either golint or go
vet fails.
This change ports the client use the URLBuilder to create urls. Without this,
it produces broken urls for certain use cases. The client has also been updated
to no longer use the size argument to complete blob uploads. Much of this work
has been done after testing with the staging registry instance.
During client implementation, it was found that requiring the size argument
made client implementation more complex. The original benefit of the size
argument was to provide an additional check alongside of tarsum to validate
incoming data. For the purposes of the registry, it has been determined that
tarsum should be enough to validate incoming content.
At this time, the size check is optional but we may consider removing it
completely.
URL values may be required to complete an upload in a single POST request,
which may include digest and size. This is not implemented in the server side,
yet, but is part of the HTTP API specification.
Routes and errors are now all referenced from a single v2 package. This
packages exports are acceptable for use in the server side as well as
integration into docker core.
To provide a single package with v2 API definitions, the locked down portions
of the API have been merged into a single package. References to exported items
will appear as v2.XXX, indicating their origin. The definitions in this package
will soon be locked down for change, acceppting only additions that will not
change protocol behavior.