Merge branch master into bump_v1.4.0

Docker-DCO-1.1-Signed-off-by: Jessica Frazelle <jess@docker.com> (github: jfrazelle)
This commit is contained in:
Jessica Frazelle 2014-12-11 15:00:03 -08:00
commit bcf8beacd4
7 changed files with 98 additions and 104 deletions

View file

@ -126,8 +126,8 @@ func LoadConfig(rootPath string) (*ConfigFile, error) {
return &configFile, err
}
authConfig.Auth = ""
configFile.Configs[k] = authConfig
authConfig.ServerAddress = k
configFile.Configs[k] = authConfig
}
}
return &configFile, nil
@ -229,7 +229,7 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
return "", err
}
if resp.StatusCode == 200 {
status = "Login Succeeded"
return "Login Succeeded", nil
} else if resp.StatusCode == 401 {
return "", fmt.Errorf("Wrong login/password, please try again")
} else if resp.StatusCode == 403 {
@ -237,12 +237,11 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
return "", fmt.Errorf("Login: Account is not Active. Please check your e-mail for a confirmation link.")
}
return "", fmt.Errorf("Login: Account is not Active. Please see the documentation of the registry %s for instructions how to activate it.", serverAddress)
} else {
}
return "", fmt.Errorf("Login: %s (Code: %d; Headers: %s)", body, resp.StatusCode, resp.Header)
}
} else {
return "", fmt.Errorf("Registration: %s", reqBody)
}
} else if reqStatusCode == 401 {
// This case would happen with private registries where /v1/users is
// protected, so people can use `docker login` as an auth check.
@ -258,7 +257,7 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
return "", err
}
if resp.StatusCode == 200 {
status = "Login Succeeded"
return "Login Succeeded", nil
} else if resp.StatusCode == 401 {
return "", fmt.Errorf("Wrong login/password, please try again")
} else {

View file

@ -9,14 +9,14 @@ import (
"net/url"
"strings"
"github.com/docker/docker/pkg/log"
log "github.com/Sirupsen/logrus"
)
// for mocking in unit tests
var lookupIP = net.LookupIP
// scans string for api version in the URL path. returns the trimmed hostname, if version found, string and API version.
func scanForApiVersion(hostname string) (string, APIVersion) {
func scanForAPIVersion(hostname string) (string, APIVersion) {
var (
chunks []string
apiVersionStr string
@ -77,7 +77,7 @@ func newEndpoint(hostname string, insecureRegistries []string) (*Endpoint, error
if !strings.HasPrefix(hostname, "http") {
hostname = "https://" + hostname
}
trimmedHostname, endpoint.Version = scanForApiVersion(hostname)
trimmedHostname, endpoint.Version = scanForAPIVersion(hostname)
endpoint.URL, err = url.Parse(trimmedHostname)
if err != nil {
return nil, err

View file

@ -14,7 +14,7 @@ import (
"strings"
"time"
"github.com/docker/docker/pkg/log"
log "github.com/Sirupsen/logrus"
"github.com/docker/docker/utils"
)
@ -35,15 +35,16 @@ const (
ConnectTimeout
)
func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate, timeout TimeoutType, secure bool) *http.Client {
func newClient(jar http.CookieJar, roots *x509.CertPool, certs []tls.Certificate, timeout TimeoutType, secure bool) *http.Client {
tlsConfig := tls.Config{
RootCAs: roots,
// Avoid fallback to SSL protocols < TLS1.0
MinVersion: tls.VersionTLS10,
Certificates: certs,
}
if cert != nil {
tlsConfig.Certificates = append(tlsConfig.Certificates, *cert)
if !secure {
tlsConfig.InsecureSkipVerify = true
}
if !secure {
@ -60,7 +61,9 @@ func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate,
case ConnectTimeout:
httpTransport.Dial = func(proto string, addr string) (net.Conn, error) {
// Set the connect timeout to 5 seconds
conn, err := net.DialTimeout(proto, addr, 5*time.Second)
d := net.Dialer{Timeout: 5 * time.Second, DualStack: true}
conn, err := d.Dial(proto, addr)
if err != nil {
return nil, err
}
@ -70,7 +73,9 @@ func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate,
}
case ReceiveTimeout:
httpTransport.Dial = func(proto string, addr string) (net.Conn, error) {
conn, err := net.Dial(proto, addr)
d := net.Dialer{DualStack: true}
conn, err := d.Dial(proto, addr)
if err != nil {
return nil, err
}
@ -89,7 +94,7 @@ func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate,
func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType, secure bool) (*http.Response, *http.Client, error) {
var (
pool *x509.CertPool
certs []*tls.Certificate
certs []tls.Certificate
)
if secure && req.URL.Scheme == "https" {
@ -132,7 +137,7 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType, secur
if err != nil {
return nil, nil, err
}
certs = append(certs, &cert)
certs = append(certs, cert)
}
if strings.HasSuffix(f.Name(), ".key") {
keyName := f.Name()
@ -154,17 +159,10 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType, secur
return res, client, nil
}
for i, cert := range certs {
client := newClient(jar, pool, cert, timeout, secure)
client := newClient(jar, pool, certs, timeout, secure)
res, err := client.Do(req)
// If this is the last cert, otherwise, continue to next cert if 403 or 5xx
if i == len(certs)-1 || err == nil && res.StatusCode != 403 && res.StatusCode < 500 {
return res, client, err
}
}
return nil, nil, nil
}
func validateRepositoryName(repositoryName string) error {
var (

View file

@ -17,7 +17,7 @@ import (
"github.com/gorilla/mux"
"github.com/docker/docker/pkg/log"
log "github.com/Sirupsen/logrus"
)
var (
@ -230,8 +230,8 @@ func handlerGetImage(w http.ResponseWriter, r *http.Request) {
return
}
writeHeaders(w)
layer_size := len(layer["layer"])
w.Header().Add("X-Docker-Size", strconv.Itoa(layer_size))
layerSize := len(layer["layer"])
w.Header().Add("X-Docker-Size", strconv.Itoa(layerSize))
io.WriteString(w, layer[vars["action"]])
}
@ -240,16 +240,16 @@ func handlerPutImage(w http.ResponseWriter, r *http.Request) {
return
}
vars := mux.Vars(r)
image_id := vars["image_id"]
imageID := vars["image_id"]
action := vars["action"]
layer, exists := testLayers[image_id]
layer, exists := testLayers[imageID]
if !exists {
if action != "json" {
http.NotFound(w, r)
return
}
layer = make(map[string]string)
testLayers[image_id] = layer
testLayers[imageID] = layer
}
if checksum := r.Header.Get("X-Docker-Checksum"); checksum != "" {
if checksum != layer["checksum_simple"] && checksum != layer["checksum_tarsum"] {
@ -349,9 +349,9 @@ func handlerImages(w http.ResponseWriter, r *http.Request) {
return
}
images := []map[string]string{}
for image_id, layer := range testLayers {
for imageID, layer := range testLayers {
image := make(map[string]string)
image["id"] = image_id
image["id"] = imageID
image["checksum"] = layer["checksum_tarsum"]
image["Tag"] = "latest"
images = append(images, image)

View file

@ -11,8 +11,11 @@ import (
)
var (
IMAGE_ID = "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d"
TOKEN = []string{"fake-token"}
token = []string{"fake-token"}
)
const (
imageID = "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d"
REPO = "foo42/bar"
)
@ -43,27 +46,27 @@ func TestPingRegistryEndpoint(t *testing.T) {
func TestGetRemoteHistory(t *testing.T) {
r := spawnTestRegistrySession(t)
hist, err := r.GetRemoteHistory(IMAGE_ID, makeURL("/v1/"), TOKEN)
hist, err := r.GetRemoteHistory(imageID, makeURL("/v1/"), token)
if err != nil {
t.Fatal(err)
}
assertEqual(t, len(hist), 2, "Expected 2 images in history")
assertEqual(t, hist[0], IMAGE_ID, "Expected "+IMAGE_ID+"as first ancestry")
assertEqual(t, hist[0], imageID, "Expected "+imageID+"as first ancestry")
assertEqual(t, hist[1], "77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
"Unexpected second ancestry")
}
func TestLookupRemoteImage(t *testing.T) {
r := spawnTestRegistrySession(t)
found := r.LookupRemoteImage(IMAGE_ID, makeURL("/v1/"), TOKEN)
found := r.LookupRemoteImage(imageID, makeURL("/v1/"), token)
assertEqual(t, found, true, "Expected remote lookup to succeed")
found = r.LookupRemoteImage("abcdef", makeURL("/v1/"), TOKEN)
found = r.LookupRemoteImage("abcdef", makeURL("/v1/"), token)
assertEqual(t, found, false, "Expected remote lookup to fail")
}
func TestGetRemoteImageJSON(t *testing.T) {
r := spawnTestRegistrySession(t)
json, size, err := r.GetRemoteImageJSON(IMAGE_ID, makeURL("/v1/"), TOKEN)
json, size, err := r.GetRemoteImageJSON(imageID, makeURL("/v1/"), token)
if err != nil {
t.Fatal(err)
}
@ -72,7 +75,7 @@ func TestGetRemoteImageJSON(t *testing.T) {
t.Fatal("Expected non-empty json")
}
_, _, err = r.GetRemoteImageJSON("abcdef", makeURL("/v1/"), TOKEN)
_, _, err = r.GetRemoteImageJSON("abcdef", makeURL("/v1/"), token)
if err == nil {
t.Fatal("Expected image not found error")
}
@ -80,7 +83,7 @@ func TestGetRemoteImageJSON(t *testing.T) {
func TestGetRemoteImageLayer(t *testing.T) {
r := spawnTestRegistrySession(t)
data, err := r.GetRemoteImageLayer(IMAGE_ID, makeURL("/v1/"), TOKEN, 0)
data, err := r.GetRemoteImageLayer(imageID, makeURL("/v1/"), token, 0)
if err != nil {
t.Fatal(err)
}
@ -88,7 +91,7 @@ func TestGetRemoteImageLayer(t *testing.T) {
t.Fatal("Expected non-nil data result")
}
_, err = r.GetRemoteImageLayer("abcdef", makeURL("/v1/"), TOKEN, 0)
_, err = r.GetRemoteImageLayer("abcdef", makeURL("/v1/"), token, 0)
if err == nil {
t.Fatal("Expected image not found error")
}
@ -96,14 +99,14 @@ func TestGetRemoteImageLayer(t *testing.T) {
func TestGetRemoteTags(t *testing.T) {
r := spawnTestRegistrySession(t)
tags, err := r.GetRemoteTags([]string{makeURL("/v1/")}, REPO, TOKEN)
tags, err := r.GetRemoteTags([]string{makeURL("/v1/")}, REPO, token)
if err != nil {
t.Fatal(err)
}
assertEqual(t, len(tags), 1, "Expected one tag")
assertEqual(t, tags["latest"], IMAGE_ID, "Expected tag latest to map to "+IMAGE_ID)
assertEqual(t, tags["latest"], imageID, "Expected tag latest to map to "+imageID)
_, err = r.GetRemoteTags([]string{makeURL("/v1/")}, "foo42/baz", TOKEN)
_, err = r.GetRemoteTags([]string{makeURL("/v1/")}, "foo42/baz", token)
if err == nil {
t.Fatal("Expected error when fetching tags for bogus repo")
}
@ -111,11 +114,11 @@ func TestGetRemoteTags(t *testing.T) {
func TestGetRepositoryData(t *testing.T) {
r := spawnTestRegistrySession(t)
parsedUrl, err := url.Parse(makeURL("/v1/"))
parsedURL, err := url.Parse(makeURL("/v1/"))
if err != nil {
t.Fatal(err)
}
host := "http://" + parsedUrl.Host + "/v1/"
host := "http://" + parsedURL.Host + "/v1/"
data, err := r.GetRepositoryData("foo42/bar")
if err != nil {
t.Fatal(err)
@ -137,7 +140,7 @@ func TestPushImageJSONRegistry(t *testing.T) {
Checksum: "sha256:1ac330d56e05eef6d438586545ceff7550d3bdcb6b19961f12c5ba714ee1bb37",
}
err := r.PushImageJSONRegistry(imgData, []byte{0x42, 0xdf, 0x0}, makeURL("/v1/"), TOKEN)
err := r.PushImageJSONRegistry(imgData, []byte{0x42, 0xdf, 0x0}, makeURL("/v1/"), token)
if err != nil {
t.Fatal(err)
}
@ -146,7 +149,7 @@ func TestPushImageJSONRegistry(t *testing.T) {
func TestPushImageLayerRegistry(t *testing.T) {
r := spawnTestRegistrySession(t)
layer := strings.NewReader("")
_, _, err := r.PushImageLayerRegistry(IMAGE_ID, layer, makeURL("/v1/"), TOKEN, []byte{})
_, _, err := r.PushImageLayerRegistry(imageID, layer, makeURL("/v1/"), token, []byte{})
if err != nil {
t.Fatal(err)
}
@ -180,7 +183,7 @@ func TestResolveRepositoryName(t *testing.T) {
func TestPushRegistryTag(t *testing.T) {
r := spawnTestRegistrySession(t)
err := r.PushRegistryTag("foo42/bar", IMAGE_ID, "stable", makeURL("/v1/"), TOKEN)
err := r.PushRegistryTag("foo42/bar", imageID, "stable", makeURL("/v1/"), token)
if err != nil {
t.Fatal(err)
}

View file

@ -3,6 +3,7 @@ package registry
import (
"bytes"
"crypto/sha256"
// this is required for some certificates
_ "crypto/sha512"
"encoding/hex"
"encoding/json"
@ -16,8 +17,8 @@ import (
"strings"
"time"
log "github.com/Sirupsen/logrus"
"github.com/docker/docker/pkg/httputils"
"github.com/docker/docker/pkg/log"
"github.com/docker/docker/pkg/tarsum"
"github.com/docker/docker/utils"
)
@ -229,11 +230,7 @@ func (r *Session) GetRemoteTags(registries []string, repository string, token []
}
result := make(map[string]string)
rawJSON, err := ioutil.ReadAll(res.Body)
if err != nil {
return nil, err
}
if err := json.Unmarshal(rawJSON, &result); err != nil {
if err := json.NewDecoder(res.Body).Decode(&result); err != nil {
return nil, err
}
return result, nil
@ -243,11 +240,11 @@ func (r *Session) GetRemoteTags(registries []string, repository string, token []
func buildEndpointsList(headers []string, indexEp string) ([]string, error) {
var endpoints []string
parsedUrl, err := url.Parse(indexEp)
parsedURL, err := url.Parse(indexEp)
if err != nil {
return nil, err
}
var urlScheme = parsedUrl.Scheme
var urlScheme = parsedURL.Scheme
// The Registry's URL scheme has to match the Index'
for _, ep := range headers {
epList := strings.Split(ep, ",")
@ -304,12 +301,8 @@ func (r *Session) GetRepositoryData(remote string) (*RepositoryData, error) {
endpoints = append(endpoints, fmt.Sprintf("%s://%s/v1/", r.indexEndpoint.URL.Scheme, req.URL.Host))
}
checksumsJSON, err := ioutil.ReadAll(res.Body)
if err != nil {
return nil, err
}
remoteChecksums := []*ImgData{}
if err := json.Unmarshal(checksumsJSON, &remoteChecksums); err != nil {
if err := json.NewDecoder(res.Body).Decode(&remoteChecksums); err != nil {
return nil, err
}
@ -469,7 +462,6 @@ func (r *Session) PushRegistryTag(remote, revision, tag, registry string, token
func (r *Session) PushImageJSONIndex(remote string, imgList []*ImgData, validate bool, regs []string) (*RepositoryData, error) {
cleanImgList := []*ImgData{}
if validate {
for _, elem := range imgList {
if elem.Checksum != "" {
@ -491,43 +483,28 @@ func (r *Session) PushImageJSONIndex(remote string, imgList []*ImgData, validate
u := fmt.Sprintf("%srepositories/%s/%s", r.indexEndpoint.VersionString(1), remote, suffix)
log.Debugf("[registry] PUT %s", u)
log.Debugf("Image list pushed to index:\n%s", imgListJSON)
req, err := r.reqFactory.NewRequest("PUT", u, bytes.NewReader(imgListJSON))
if err != nil {
return nil, err
headers := map[string][]string{
"Content-type": {"application/json"},
"X-Docker-Token": {"true"},
}
req.Header.Add("Content-type", "application/json")
req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
req.ContentLength = int64(len(imgListJSON))
req.Header.Set("X-Docker-Token", "true")
if validate {
req.Header["X-Docker-Endpoints"] = regs
headers["X-Docker-Endpoints"] = regs
}
res, _, err := r.doRequest(req)
if err != nil {
return nil, err
}
defer res.Body.Close()
// Redirect if necessary
for res.StatusCode >= 300 && res.StatusCode < 400 {
log.Debugf("Redirected to %s", res.Header.Get("Location"))
req, err = r.reqFactory.NewRequest("PUT", res.Header.Get("Location"), bytes.NewReader(imgListJSON))
if err != nil {
var res *http.Response
for {
if res, err = r.putImageRequest(u, headers, imgListJSON); err != nil {
return nil, err
}
req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
req.ContentLength = int64(len(imgListJSON))
req.Header.Set("X-Docker-Token", "true")
if validate {
req.Header["X-Docker-Endpoints"] = regs
if !shouldRedirect(res) {
break
}
res, _, err := r.doRequest(req)
if err != nil {
return nil, err
res.Body.Close()
u = res.Header.Get("Location")
log.Debugf("Redirected to %s", u)
}
defer res.Body.Close()
}
var tokens, endpoints []string
if !validate {
@ -570,6 +547,27 @@ func (r *Session) PushImageJSONIndex(remote string, imgList []*ImgData, validate
}, nil
}
func (r *Session) putImageRequest(u string, headers map[string][]string, body []byte) (*http.Response, error) {
req, err := r.reqFactory.NewRequest("PUT", u, bytes.NewReader(body))
if err != nil {
return nil, err
}
req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
req.ContentLength = int64(len(body))
for k, v := range headers {
req.Header[k] = v
}
response, _, err := r.doRequest(req)
if err != nil {
return nil, err
}
return response, nil
}
func shouldRedirect(response *http.Response) bool {
return response.StatusCode >= 300 && response.StatusCode < 400
}
func (r *Session) SearchRepositories(term string) (*SearchResults, error) {
log.Debugf("Index server: %s", r.indexEndpoint)
u := r.indexEndpoint.VersionString(1) + "search?q=" + url.QueryEscape(term)
@ -589,12 +587,8 @@ func (r *Session) SearchRepositories(term string) (*SearchResults, error) {
if res.StatusCode != 200 {
return nil, utils.NewHTTPRequestError(fmt.Sprintf("Unexepected status code %d", res.StatusCode), res)
}
rawData, err := ioutil.ReadAll(res.Body)
if err != nil {
return nil, err
}
result := new(SearchResults)
err = json.Unmarshal(rawData, result)
err = json.NewDecoder(res.Body).Decode(result)
return result, err
}

View file

@ -8,7 +8,7 @@ import (
"net/url"
"strconv"
"github.com/docker/docker/pkg/log"
log "github.com/Sirupsen/logrus"
"github.com/docker/docker/utils"
"github.com/gorilla/mux"
)