Commit graph

1275 commits

Author SHA1 Message Date
Stephen J Day
1944be9db3 Stronger validation for uuid field in urls
This change adds strong validation for the uuid variable for v2 routes. This is
a minor specification change but is okay since the uuid field is controlled by
the server. The character set is restricted to avoid path traversal, allowing
for alphanumeric values and urlsafe base64 encoding.

This change has no effect on client implementations.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-04-01 18:57:59 -07:00
Stephen J Day
3cad3c7b6a Add redis pool to registry webapp
Redis has been integrated with the web application for use with various
services. The configuraiton exposes connection details, timeouts and pool
parameters. Documentation has been updated accordingly.

A few convenience methods have been added to the context package to get loggers
with certain fields, exposing some missing functionality from logrus.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-04-01 16:27:24 -07:00
Stephen Day
02b8c7b8cf Merge pull request #294 from fkautz/pr_out_updating_msopentech_azure_sdk_for_go_to_latest_master
Updating MSOpenTech/azure-sdk-for-go to latest master
2015-03-24 13:27:19 -07:00
Frederick F. Kautz IV
11db8185bc Updating MSOpenTech/azure-sdk-for-go to latest master
Signed-off-by: Frederick F. Kautz IV <fkautz@alumni.cmu.edu>
2015-03-23 21:59:21 -07:00
Ahmet Alp Balkan
ce9f500a31 storage/driver/azure: Allow non-default realms
This enables Azure storage driver to be used with non-default
cloud endpoints like Azure China or Azure Government that does
not use `.blob.core.windows.net` FQDN suffix.

Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-03-23 20:41:16 -07:00
Josh Hawn
db5689aa86 Refactor Layer interface to return a Handler
... Rather than ServeHTTP directly.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-03-12 21:59:07 -07:00
Josh Hawn
e062e66ee1 Insert request method option storage driver URLFor
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-03-12 17:06:40 -07:00
Stephen Day
70560cceaf Merge pull request #256 from ncdc/master
Send WWW-Authenticate header for silly auth
2015-03-11 19:01:23 -07:00
Andy Goldstein
4491e755b8 Send WWW-Authenticate header for silly auth
Signed-off-by: Andy Goldstein <agoldste@redhat.com>
2015-03-11 15:20:15 -04:00
David Lawrence
3853e66f4b don't panic during a request when configuring repository middleware. Return a 500 with an appropriate error
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-11 08:59:02 -07:00
Andy Goldstein
b5a63d75ea Fix Godoc typos
Signed-off-by: Andy Goldstein <agoldste@redhat.com>
2015-03-11 08:56:29 -07:00
David Lawrence
c858a4ba89 Final polish to cloudfront and larger middleware refactor
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-11 08:56:29 -07:00
Andy Goldstein
a20abfbf3c Middleware!
Convert middleware in the config to be a map of type->[]Middleware

Add support for registry & repository middleware.

Some naming updates as well.

Signed-off-by: Andy Goldstein <agoldste@redhat.com>
2015-03-11 08:56:28 -07:00
David Lawrence
4acda57e05 Refactoring cloudfactory layer handler into a more generic storage
middleware concept.

This also breaks the dependency the storage package had on goamz
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-11 08:56:28 -07:00
Josh Hawn
87959abe8f digest: Minor refactoring
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-03-10 16:44:19 -07:00
David Lawrence
6dcec265a0 minor refactor + tests for app.go just to improve test coverage.
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-09 16:31:30 -07:00
Andy Goldstein
e1e724860f Remove max repository component length restriction
Fixes #241

Signed-off-by: Andy Goldstein <agoldste@redhat.com>
2015-03-06 19:55:33 -05:00
Stephen Day
f0ccdd448f Merge pull request #239 from jlhawn/event_target_update
notifications: update notification event Target fields
2015-03-06 16:45:06 -08:00
Stephen Day
e3dd701004 Merge pull request #238 from endophage/canonical_sha256
digest, registry/storage, registry/handlers: switch to SHA256 as canonical digest
2015-03-06 15:27:14 -08:00
David Lawrence
b777e389b9 fixing up tests to work with for non-tarsum future
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-06 14:54:23 -08:00
Stephen Day
81a03041d4 Merge pull request #243 from stevvooe/storagedriver-docs
doc: move storage driver readmes into docs
2015-03-06 11:25:42 -08:00
Josh Hawn
d3bc4c4b38 Switch to SHA256 as canonical digest
Also support client digests linking to canonical digest.
2015-03-06 09:49:05 -08:00
Josh Hawn
a877811c0b Update notification event Target fields
Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-03-05 18:01:50 -08:00
Stephen J Day
41b1e22f97 doc: move storage driver readmes into docs
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-05 17:23:33 -08:00
Stephen J Day
40273b1d36 Implement immutable manifest reference support
This changeset implements immutable manifest references via the HTTP API. Most
of the changes follow from modifications to ManifestService. Once updates were
made across the repo to implement these changes, the http handlers were change
accordingly. The new methods on ManifestService will be broken out into a
tagging service in a later PR.

Unfortunately, due to complexities around managing the manifest tag index in an
eventually consistent manner, direct deletes of manifests have been disabled.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-04 21:40:55 -08:00
Stephen J Day
f536633ca8 spec: fetch manifests by tag or digest
Manifests are now fetched by a field called "reference", which may be a tag or
a digest. When using digests to reference a manifest, the data is immutable.
The routes and specification have been updated to allow this.

There are a few caveats to this approach:

1. It may be problematic to rely on data format to differentiate between a tag
   and a digest. Currently, they are disjoint but there may modifications on
   either side that break this guarantee.
2. The caching characteristics of returned content are very different for
   digest versus tag-based references. Digest urls can be cached forever while tag
   urls cannot.

Both of these are minimal caveats that we can live with in the future.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-04 21:39:36 -08:00
Stephen Day
91403c1b52 Merge pull request #234 from ncdc/signature-service
Expose Signatures() on Repository
2015-03-04 18:24:36 -08:00
Josh Hawn
e249b478d9 Merge pull request #231 from stevvooe/remove-unnecessary-close
Remove unnecessary close in client
2015-03-04 18:19:35 -08:00
Andy Goldstein
6b12e34a4b Expose Signatures() on Repository
Add a SignatureService and expose it via Signatures() on Repository so
external integrations wrapping the registry can access signatures.

Move signature related code from revisionstore.go to signaturestore.go.

Signed-off-by: Andy Goldstein <agoldste@redhat.com>
2015-03-04 20:56:11 -05:00
Stephen J Day
dc0408767a Remove unnecessary close in client
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-03 19:29:12 -08:00
Stephen Day
bfef2046e8 Merge pull request #218 from endophage/DIST-148
registry/storage: buffered wrapper for fileWriter
2015-03-03 18:08:28 -08:00
Stephen Day
72b48812b4 Merge pull request #212 from stevvooe/add-documentation-name-validator
documentation for name validation grammar
2015-03-03 17:32:54 -08:00
David Lawrence
5161d69ebf wrap buffered writer around filewriter
benchmarks added to filewriter_test, demonstrate buffered
version is ~5x faster on my hardware.
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-03 16:23:21 -08:00
Stephen J Day
6add5f30d2 documentation for name validation grammar
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-03-02 10:55:31 -08:00
Stephen Day
16d8b2c34d Merge pull request #213 from stevvooe/docker-upload-uuid
doc/spec, registry/handlers: specify and implement Docker-Upload-UUID
2015-03-02 10:51:15 -08:00
David Lawrence
6f1b92621c Adding test cases to confirm path traversal attempts are mitigated and
bad characters in URI return 404
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-03-02 09:15:49 -08:00
Stephen J Day
996235dc59 Specify and implement Docker-Upload-UUID
This changeset adds support for a header to identify docker upload uuids. This
id can be used as a key to manage local state for resumable uploads. The goal
is remove the necessity for a client to parse the url to get an upload uuid.
The restrictions for clients to use the location header are still strongly in
place.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 16:43:47 -08:00
David Lawrence
1700f518cb Path prefix support for running registry somewhere other than root of server
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
2015-02-26 16:04:43 -08:00
Stephen Day
5c4f03d38e Merge pull request #189 from donhcd/rootcertbundle
Rename auth.token.{rootCertBundle -> rootcertbundle}
2015-02-19 19:31:55 -08:00
Stephen Day
c3536ea1c5 Merge pull request #191 from stevvooe/missing-digest-bad-request
A digest missing parameter should result in a bad request
2015-02-19 18:30:58 -08:00
Stephen J Day
c2b20907d9 A digest missing parameter should result in a bad request
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-19 17:14:25 -08:00
Donald Huang
77de18f751 Rename auth.token.rootCertBundle yml field
Renames auth.token.rootCertBundle field in registry config to rootcertbundle so
that the REGISTRY_AUTH_TOKEN_ROOTCERTBUNDLE environment variable will override it.

See
()[https://github.com/docker/distribution/blob/master/configuration/parser.go#L155]

Signed-off-by: Donald Huang <don.hcd@gmail.com>
2015-02-20 00:46:24 +00:00
Andrey Kostov
df71f3451a Fix S3 driver's list when the root directory is either "" or "/" 2015-02-19 16:31:34 -08:00
Andrey Kostov
da5510b55e Add an empty root directory s3 driver specific test 2015-02-19 16:28:32 -08:00
Stephen J Day
5d029fb807 Add error return to Repository method on Registry
The method (Registry).Repository may now return an error. This is too allow
certain implementationt to validate the name or opt to not return a repository
under certain conditions.

In conjunction with this change, error declarations have been moved into a
single file in the distribution package. Several error declarations that had
remained in the storage package have been moved into distribution, as well. The
declarations for Layer and LayerUpload have also been moved into the main
registry file, as a result.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-13 16:27:33 -08:00
Stephen J Day
d2d46fca41 Move notifications package to distribution
Since the notifications package is now decoupled from storage, we are moving it
to the root package.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-12 14:40:35 -08:00
Stephen J Day
286a644948 Remove Name from Layer and LayerUpload interface
A Layer or LayerUpload should not be coupled with the containing repository.
Remove the Name method and correctly reference from the repository where
appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-12 14:27:05 -08:00
Stephen J Day
27b03f2136 Move layer interface definitions to distribution package
After consideration, it has been decided that the interfaces defined in the
storage package provide a good base for interacting with various registry
instances. Whether interacting with a remote API or a local, on-disk registry,
these types have proved flexible. By moving them here, they can become the
central components of interacting with distribution components.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-12 14:26:46 -08:00
Ahmet Alp Balkan
76f1abfa07 storagedriver/azure: Add README
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
2015-02-11 14:40:51 -08:00
Stephen J Day
f74b9852fe Run goimports/gofmt on previous changes
After all of the perl refactoring, some import orderings were left asunder.
This commit corrects that.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 12:43:04 -08:00
Stephen J Day
65b0d73cb7 Move storagedriver package to registry/storage/driver
This change is slightly more complex than previous package maves in that the
package name changed. To address this, we simply always reference the package
driver as storagedriver to avoid compatbility issues with existing code. While
unfortunate, this can be cleaned up over time.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 12:43:04 -08:00
Stephen J Day
3468fbd4a8 Move storage package under registry package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 12:43:04 -08:00
Stephen J Day
2832ec7f5c Move client package under registry package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 12:42:56 -08:00
Stephen J Day
0371f648bf Move auth package under registry package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-10 17:34:04 -08:00
Stephen J Day
e4b811f489 Move registry api definitions under registry package
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-10 17:32:22 -08:00
Stephen J Day
0f08b6961a Move registry package into handler package
The goal is to free up the distribution/registry package to include common
registry types. This moves the webapp definitions out of the way to allow for
this change in the future.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-10 17:25:40 -08:00
Stephen J Day
287de9f60a Correctly return when repo name is not available
The branch that executes after a failed request authorization due to a missing
repo name now correctly returns an error. This is somewhat superficial since
the response would have already been executed. Although, unintended repository
operations may have occurred.

Documentations and comments have also been updated to be in line with
surrounding changes.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-10 15:19:02 -08:00
Stephen J Day
d9d84ae269 Integrate context with storage package
This changeset integrates context with the storage package. Debug messages have
been added to exported methods. Existing log messages will now include
contextual details through logger fields to aid in debugging. This integration
focuses on logging and may be followed up with a metric-oriented change in the
future.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-09 14:44:58 -08:00
Stephen J Day
d2bfb5825c Integrate contextual logging with regsitry app
This changeset integrates contextual logging into the registry web application.
Idiomatic context use is attempted within the current webapp layout. The
functionality is centered around making lifecycle objects (application and
request context) into contexts themselves. Relevant data has been moved into
the context where appropriate.  We still have some work to do to factor out the
registry.Context object and the dispatching functionality to remove some
awkward portions.

The api tests were slightly refactored to use a test environment to eliminate
common code.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-06 16:51:53 -08:00
Stephen Day
9b9ea55797 Merge pull request #140 from jlhawn/137_auth_context
Use context for auth access controllers
2015-02-04 19:25:10 -08:00
Josh Hawn
2c3d738a05 Use context for auth access controllers
The auth package has been updated to use "golang.org/x/net/context" for
passing information between the application and the auth backend.

AccessControllers should now set a "auth.user" context value to a AuthUser
struct containing a single "Name" field for now with possible, optional, values
in the future.

The "silly" auth backend always sets the name to "silly", while the "token" auth
backend will set the name to match the "subject" claim of the JWT.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-02-04 19:17:33 -08:00
Stephen J Day
f5c01af13f Manifest PUT should return 202 Accepted status
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-03 18:27:40 -08:00
Stephen J Day
080e329cb1 Separate request data from actor in Event
To clarify the role of actor, the request data that initiates an event has been
separated. The ActorRecord is pared down to just the username. This eliminates
confusion about where event related data should be added.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-03 13:32:37 -08:00
Stephen J Day
0a29b59e14 Webhook notification support in registry webapp
Endpoints are now created at applications startup time, using notification
configuration. The instances are then added to a Broadcaster instance, which
becomes the main event sink for the application. At request time, an event
bridge is configured to listen to repository method calls. The actor and source
of the eventBridge are created from the requeest context and application,
respectively. The result is notifications are dispatched with calls to the
context's Repository instance and are queued to each endpoint via the
broadcaster.

This commit also adds the concept of a RequestID and App.InstanceID. The
request id uniquely identifies each request and the InstanceID uniquely
identifies a run of the registry. These identifiers can be used in the future
to correlate log messages with generated events to support rich debugging.

The fields of the app were slightly reorganized for clarity and a few horrid
util functions have been removed.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-03 13:32:37 -08:00
Stephen J Day
0270bec916 Handle empty blob files more appropriately
Several API tests were added to ensure correct acceptance of zero-size and
empty tar files. This led to several changes in the storage backend around the
guarantees of remote file reading, which backs the layer and layer upload type.

In support of these changes, zero-length and empty checks have been added to
the digest package. These provide a sanity check against upstream tarsum
changes. The fileReader has been modified to be more robust when reading and
seeking on zero-length or non-existent files. The file no longer needs to exist
for the reader to be created. Seeks can now move beyond the end of the file,
causing reads to issue an io.EOF. This eliminates errors during certain race
conditions for reading files which should be detected by stat calls. As a part
of this, a few error types were factored out and the read buffer size was
increased to something more reasonable.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-02 13:01:49 -08:00
Stephen J Day
097fce3bb2 Address server errors received during layer upload
This changeset addresses intermittent internal server errors encountered during
pushes.  The root cause has been isolated to layers that result in identical,
empty filesystems but may have some path declarations (imaginge "./"),
resulting in different tarsums. The main error message reported during these
upload problems was a 500 error, which was not correct.  Further investigation
showed the errors to be rooted in digest verification when finishing uploads.

Inspection of the surrounding code also identified a few issues. PutLayerChunk
was slightly refactered into PutLayerUploadComplete. Helper methods were
avoided to make handler less confusing. This simplification leveraged an
earlier change in the spec that moved non-complete chunk uploads to the PATCH
method. Simple logging was also added in the unknown error case that should
help to avoid mysterious 500 errors in the future.

At the same time, the glaring omission of a proper layer upload cancel method
was rectified. This has been added in this change so it is not missed in the
future.

In the future, we may want to refactor the handler code to be more
straightforward, hopefully letting us avoid these problems in the future.

Added test cases that reproduce these errors and drove these changes include
the following:

1. Push a layer with an empty body results in invalid blob upload.
2. Push a layer with a different tarsum (in this case, empty tar)
3. Deleting a layer upload works.
4. Getting status on a deleted layer upload returns 404.

Common functionality was grouped into shared functions to remove repitition.
The API tests will still require future love.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-29 21:26:35 -08:00
Stephen Day
c448e04169 Merge pull request #89 from jlhawn/version_header
Add Docker Distribution API Version header
2015-01-20 13:42:12 -08:00
Josh Hawn
c4b2249cb2 Add Docker Distribution API Version header
Setting a header for all responses can help clients better determine
if the server speaks the legacy v1 API or the v2 API. It is important
that the header be set *BEFORE* routing the request.

Docker-DCO-1.1-Signed-off-by: Josh Hawn <josh.hawn@docker.com> (github: jlhawn)
2015-01-20 13:26:05 -08:00
Stephen J Day
ff4a1700cc Update the registry app to use the new storage interfaces
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-16 18:33:28 -08:00
Stephen J Day
c78335a023 Correctly handle missing layer upload
Because we guarded the error check, nil Upload on the handler was getting
through to unexpected branches. This directly handles the missing upload
ensuring its set as expected.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 16:09:45 -08:00
Stephen J Day
4aa7837f83 Directly manage layerUploadState in webapp
Most of this change follows from the modifications to the storage api. The
driving factor is the separation of layerUploadState from the storage backend,
leaving it to the web application to store and update it. As part of the
updates to meet changes in the storage api, support for the size parameter has
been completely removed.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 14:51:13 -08:00
Stephen J Day
2f2445a335 Refactor handling of hmac state packing
This refactors the hmac state token to take control of the layerUploadState
json message, which has been removed from the storage backend. It also moves
away from the concept of a LayerUploadStateStore callback object, which was
short-lived. This allows for upload offset to be managed by the web application
logic in the face of an inconsistent backend. By controlling the upload offset
externally, we reduce the possibility of misreporting upload state to a client.

We may still want to modify the way this works after getting production
experience.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-09 14:50:39 -08:00
Brian Bland
cc3c648f44 Fixes tests, moves layerhandler in config file 2015-01-08 17:29:22 -08:00
Brian Bland
17915e1b01 Adds support for content redirects for layer downloads
Includes a delegate implementation which redirects to the URL generated
by the storagedriver, and a cloudfront implementation.
Satisfies proposal #49
2015-01-08 17:01:28 -08:00
Stephen J Day
ab4a9f0480 Move registry package out of repo root
Since the repo is no longer just the registry, we are moving the registry web
application package out of the repo root into a sub-package. We may break down
the registry package further to separate webapp components and bring the client
package under it. This change accomplishes the task of freeing up the repo root
for a distribution-oriented package. A stub doc.go file is left in place to
declare intent.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-01-06 10:40:22 -08:00