r.loginov/distribution
1
0
Fork 0
forked from TrueCloudLab/distribution
Code Pull requests Activity
5171 commits 3 branches 60 tags 128 MiB
Commit graph

1853 commits

Author SHA1 Message Date
Adrian Mouat
a0baf93725 Fix service command 
Pretty sure that service and docker were the wrong way around

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
 2015-06-11 22:36:31 +01:00
Adrian Mouat
f670f00058 Fix typo 
I think negociate is very occasionally used, but it certainly looks wrong to me.

Signed-off-by: Adrian Mouat <adrian.mouat@gmail.com>
 2015-06-11 21:45:26 +01:00
Olivier Gambier
ad23a43bc4 Enhance building doc to reflect the new data default location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-11 11:08:16 -07:00
Olivier Gambier
8ed0c66745 Enhancing doc to persist data 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-11 01:41:15 -07:00
Olivier Gambier
280b9c50ac Saner default data location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-10 20:54:24 -07:00
Olivier Gambier
6e0cfc17dc Saner default data location 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-10 20:54:24 -07:00
Stephen J Day
e667be389a Rename the basic access controller to htpasswd 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:41:35 -07:00
Stephen J Day
14f3b07db0 Harden basic auth implementation 
After consideration, the basic authentication implementation has been
simplified to only support bcrypt entries in an htpasswd file. This greatly
increases the security of the implementation by reducing the possibility of
timing attacks and other problems trying to detect the password hash type.

Also, the htpasswd file is only parsed at startup, ensuring that the file can
be edited and not effect ongoing requests. Newly added passwords take effect on
restart. Subsequently, password hash entries are now stored in a map.

Test cases have been modified accordingly.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:38:56 -07:00
Stephen J Day
427c457801 Refactor Basic Authentication package 
This change refactors the basic authentication implementation to better follow
Go coding standards. Many types are no longer exported. The parser is now a
separate function from the authentication code. The standard functions
(*http.Request).BasicAuth/SetBasicAuth are now used where appropriate.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
3504445680 Unexported function to comply with golint 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
fe9ca88946 Removed dashes from comments, unexported htpasswd struct 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
15bbde99c1 Fixed golint, gofmt warning advice. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
ff67393b2b Added support for bcrypt, plaintext; extension points for other htpasswd hash methods. 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
d2b7988b7f Aligned formatting with gofmt 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
Dave Trombley
7733b6c892 Fixed WWW-Authenticate: header, added example config and import into main, fixed golint warnings 
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:38 -07:00
BadZen
60262521bd Implementation of a basic authentication scheme using standard .htpasswd files 
Signed-off-by: BadZen <dave.trombley@gmail.com>
Signed-off-by: Dave Trombley <dave.trombley@gmail.com>
 2015-06-10 19:06:37 -07:00
Arnaud Porterie
aa8d3d2ca3 Merge pull request #13815 from tiborvass/do-not-send-basic-auth-on-302 
Do not set auth headers for registry v1 if 302
 2015-06-09 15:34:53 -07:00
Olivier Gambier
b230183b0f Merge pull request #553 from dmp42/docs-rework 
Docs rework
 2015-06-09 14:48:39 -07:00
xiekeyang
5b3e2c7dda Registry: remove unwanted return variable name 
Signed-off-by: xiekeyang <xiekeyang@huawei.com>
 2015-06-09 10:58:33 +08:00
Stephen Day
f654e9a96e Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint 
Clarify digest in API specification
 2015-06-08 19:04:53 -07:00
Stephen Day
f63313de1f Merge pull request #599 from stevvooe/clarify-deletion-by-digest-constraint 
Clarify digest in API specification
 2015-06-08 19:04:53 -07:00
Stephen J Day
7e6b4e8c52 Add description of digests to API specification 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-08 19:04:13 -07:00
Tibor Vass
5a8f690426 Do not set auth headers if 302 
This patch ensures no auth headers are set for v1 registries if there
was a 302 redirect.

This also ensures v2 does not use authTransport.

Signed-off-by: Tibor Vass <tibor@docker.com>
 2015-06-08 19:59:39 -04:00
Olivier Gambier
25bd3fc777 Link to compose 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:06 -07:00
Olivier Gambier
b8d785c79e Use bcrypt 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:06 -07:00
Olivier Gambier
81e8657d7b Fix here doc conf generation 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:05 -07:00
Olivier Gambier
8c1784c838 Keeping in synch 
- commenting out both the "JSON" and "token" specs, unless someone thinks they should be here
- added help, glossary, introduction and authentication documents

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:05 -07:00
Olivier Gambier
96d79eb30e Adding authentication 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:57:05 -07:00
Olivier Gambier
c1c638d01f Minor keyword add 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:52 -07:00
Olivier Gambier
c405f3717a Minor fixes 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:52 -07:00
Olivier Gambier
56ff32c683 Revising glossary 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:52 -07:00
Olivier Gambier
10ba376a99 Minor cleanup in the index 
- adding glossary
- removing empty "advanced"
- commenting out building and architecture for now
- minor text enhancements

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
c3b3802503 Small fixes 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
b7b8e64f1d Moved instructions up 
Make it more obvious that environment variables is the way to go.

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
26d87ed1a5 No reason to detail here 
Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
431e829fa5 Simplified index 
Simplified index again, to make access to information more obvious and more direct.
Added a TLDR for people in a hurry.

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
d9dfe54308 Separated "help" 
Help page is separate now.
Removed the bulk of it from various pages.

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
4eb8d907b9 Separate introduction 
Use cases, generalities, image naming overview.
Removed most of it from index, and some of it from other random pages.

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Olivier Gambier
2fb5c97a97 Deployment rewrote 
Strong focus on simplification.
Entirely removed custom build instructions.
Providing sane, one-liner defaults.
Verified, easy-to-use TLS instructions.
Removed hybrid instructions.
Removed authentication with nginx instructions (either wait for native support, or move it to advanced topics).

Signed-off-by: Olivier Gambier <olivier@docker.com>
 2015-06-08 15:55:51 -07:00
Vincent Batts
0165b85861 spec/manifest: clarify the v2-s1 is provisional 
Signed-off-by: Vincent Batts <vbatts@redhat.com>
 2015-06-08 16:48:48 -04:00
Ahmet Alp Balkan
89f183639a docs: Update azure docs in configuration.md 
Signed-off-by: Ahmet Alp Balkan <ahmetalpbalkan@gmail.com>
 2015-06-05 17:25:17 -07:00
Stephen J Day
60967cbd6b Clarify that manifests can only be deleted by digest 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-04 18:59:08 -07:00
Stephen J Day
c54adb667f Clarify that manifests can only be deleted by digest 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-04 18:59:08 -07:00
Stephen J Day
630334b304 Add more repository name validation test cases 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-04 16:12:35 -07:00
Antonio Murdaca
e527060df2 Merge pull request #13648 from tiborvass/print-debugtransport-to-test-output 
registry: debugTransport should print with testing.T.Log
 2015-06-05 00:42:22 +02:00
Stephen J Day
93aff60741 Disable building of azure storage driver by default 
Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-03 18:14:53 -07:00
Olivier Gambier
00388a14aa Merge pull request #591 from stevvooe/building-environment 
Build environment requires proper checkout of project
 2015-06-03 12:24:44 -07:00
Stephen J Day
4700c27eb5 Build environment requires proper checkout of project 
This clarifies the importance of properly setting a Go build environment when
building targets. Typically, users seem to editorialize the checkout location,
either ignoring the first section or have limited experience with the Go
development environment. We clarify the checkout requirements and point to the
documentation on how to setup Go.

Signed-off-by: Stephen J Day <stephen.day@docker.com>
 2015-06-03 11:59:56 -07:00
Matt Moore
c01c508ea1 Make the v2 logic fallback on v1 when v2 requests cannot be authorized. 
Signed-off-by: Matt Moore <mattmoor@google.com>
 2015-06-02 21:22:59 -07:00
Phil Estes
e2e22cb830 Merge pull request #13650 from jvgogh/master 
Upon HTTP 302 redirect do not include "Authorization" header on 'untr…
 2015-06-02 14:23:20 -04:00