make http usage for registry explicit

Docker-DCO-1.1-Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com> (github: unclejack)

Conflicts:
	daemon/config.go
	daemon/daemon.go
	graph/pull.go
	graph/push.go
	graph/tags.go
	registry/registry.go
	registry/service.go
This commit is contained in:
unclejack 2014-08-16 13:27:04 +03:00 committed by Tibor Vass
parent f71654074b
commit 8b1c40732a
2 changed files with 50 additions and 1 deletions

View file

@ -202,6 +202,55 @@ func ResolveRepositoryName(reposName string) (string, string, error) {
return hostname, reposName, nil return hostname, reposName, nil
} }
// this method expands the registry name as used in the prefix of a repo
// to a full url. if it already is a url, there will be no change.
func ExpandAndVerifyRegistryUrl(hostname string, secure bool) (endpoint string, err error) {
if strings.HasPrefix(hostname, "http:") || strings.HasPrefix(hostname, "https:") {
// if there is no slash after https:// (8 characters) then we have no path in the url
if strings.LastIndex(hostname, "/") < 9 {
// there is no path given. Expand with default path
hostname = hostname + "/v1/"
}
if _, err := pingRegistryEndpoint(hostname); err != nil {
return "", errors.New("Invalid Registry endpoint: " + err.Error())
}
return hostname, nil
}
// use HTTPS if secure, otherwise use HTTP
if secure {
endpoint = fmt.Sprintf("https://%s/v1/", hostname)
} else {
endpoint = fmt.Sprintf("http://%s/v1/", hostname)
}
_, err = pingRegistryEndpoint(endpoint)
if err != nil {
//TODO: triggering highland build can be done there without "failing"
err = fmt.Errorf("Invalid registry endpoint '%s': %s ", endpoint, err)
if secure {
err = fmt.Errorf("%s. If this private registry supports only HTTP, please add `--insecure-registry %s` to the daemon's arguments.", err, hostname)
}
return "", err
}
return endpoint, nil
}
// this method verifies if the provided hostname is part of the list of
// insecure registries and returns false if HTTP should be used
func IsSecure(hostname string, insecureRegistries []string) (secure bool) {
secure = true
for _, h := range insecureRegistries {
if hostname == h {
secure = false
break
}
}
if hostname == IndexServerAddress() {
secure = true
}
return
}
func trustedLocation(req *http.Request) bool { func trustedLocation(req *http.Request) bool {
var ( var (
trusteds = []string{"docker.com", "docker.io"} trusteds = []string{"docker.com", "docker.io"}

View file

@ -40,7 +40,7 @@ func (s *Service) Auth(job *engine.Job) engine.Status {
job.GetenvJson("authConfig", authConfig) job.GetenvJson("authConfig", authConfig)
// TODO: this is only done here because auth and registry need to be merged into one pkg // TODO: this is only done here because auth and registry need to be merged into one pkg
if addr := authConfig.ServerAddress; addr != "" && addr != IndexServerAddress() { if addr := authConfig.ServerAddress; addr != "" && addr != IndexServerAddress() {
endpoint, err := NewEndpoint(addr) endpoint, err := NewEndpoint(addr, true)
if err != nil { if err != nil {
return job.Error(err) return job.Error(err)
} }