From cc82ccb05993362d871ae3290482f19c9796c667 Mon Sep 17 00:00:00 2001 From: wndhydrnt Date: Sun, 16 Jun 2019 14:33:06 +0200 Subject: [PATCH 1/2] Allow pushing a manifest to a registry with self-signed TLS Signed-off-by: wndhydrnt --- cli/registry/client/client.go | 43 ++++++++++++++++++++++++---------- cli/registry/client/fetcher.go | 39 +++++++++++++----------------- 2 files changed, 47 insertions(+), 35 deletions(-) diff --git a/cli/registry/client/client.go b/cli/registry/client/client.go index 6fd18a897a1f..634b95f019c1 100644 --- a/cli/registry/client/client.go +++ b/cli/registry/client/client.go @@ -100,27 +100,36 @@ func (c *client) MountBlob(ctx context.Context, sourceRef reference.Canonical, t // PutManifest sends the manifest to a registry and returns the new digest func (c *client) PutManifest(ctx context.Context, ref reference.Named, manifest distribution.Manifest) (digest.Digest, error) { - repoEndpoint, err := newDefaultRepositoryEndpoint(ref, c.insecureRegistry) - if err != nil { - return digest.Digest(""), err - } + var dgst digest.Digest + put := func(ctx context.Context, repo distribution.Repository, ref reference.Named) (bool, error) { + manifestService, err := repo.Manifests(ctx) + if err != nil { + return false, err + } - repo, err := c.getRepositoryForReference(ctx, ref, repoEndpoint) - if err != nil { - return digest.Digest(""), err + _, opts, err := getManifestOptionsFromReference(ref) + if err != nil { + return false, err + } + + dgst, err = manifestService.Put(ctx, manifest, opts...) + if err != nil { + return false, err + } + + return true, nil } - manifestService, err := repo.Manifests(ctx) + registryService, err := registryService(ref, c.insecureRegistry) if err != nil { return digest.Digest(""), err } - _, opts, err := getManifestOptionsFromReference(ref) + err = c.iterateEndpoints(ctx, ref, registryService.LookupPushEndpoints, put) if err != nil { return digest.Digest(""), err } - dgst, err := manifestService.Put(ctx, manifest, opts...) return dgst, errors.Wrapf(err, "failed to put manifest %s", ref) } @@ -169,7 +178,12 @@ func (c *client) GetManifest(ctx context.Context, ref reference.Named) (manifest return result.Ref != nil, err } - err := c.iterateEndpoints(ctx, ref, fetch) + registryService, err := registryService(ref, c.insecureRegistry) + if err != nil { + return result, err + } + + err = c.iterateEndpoints(ctx, ref, registryService.LookupPullEndpoints, fetch) return result, err } @@ -182,7 +196,12 @@ func (c *client) GetManifestList(ctx context.Context, ref reference.Named) ([]ma return len(result) > 0, err } - err := c.iterateEndpoints(ctx, ref, fetch) + registryService, err := registryService(ref, c.insecureRegistry) + if err != nil { + return result, err + } + + err = c.iterateEndpoints(ctx, ref, registryService.LookupPullEndpoints, fetch) return result, err } diff --git a/cli/registry/client/fetcher.go b/cli/registry/client/fetcher.go index e3d6cd60699d..5bef93eed9d5 100644 --- a/cli/registry/client/fetcher.go +++ b/cli/registry/client/fetcher.go @@ -199,8 +199,8 @@ func continueOnError(err error) bool { return false } -func (c *client) iterateEndpoints(ctx context.Context, namedRef reference.Named, each func(context.Context, distribution.Repository, reference.Named) (bool, error)) error { - endpoints, err := allEndpoints(namedRef, c.insecureRegistry) +func (c *client) iterateEndpoints(ctx context.Context, namedRef reference.Named, lookup func(hostname string) (endpoints []registry.APIEndpoint, err error), each func(context.Context, distribution.Repository, reference.Named) (bool, error)) error { + endpoints, err := lookup(reference.Domain(namedRef)) if err != nil { return err } @@ -261,27 +261,6 @@ func (c *client) iterateEndpoints(ctx context.Context, namedRef reference.Named, return newNotFoundError(namedRef.String()) } -// allEndpoints returns a list of endpoints ordered by priority (v2, https, v1). -func allEndpoints(namedRef reference.Named, insecure bool) ([]registry.APIEndpoint, error) { - repoInfo, err := registry.ParseRepositoryInfo(namedRef) - if err != nil { - return nil, err - } - - var serviceOpts registry.ServiceOptions - if insecure { - logrus.Debugf("allowing insecure registry for: %s", reference.Domain(namedRef)) - serviceOpts.InsecureRegistries = []string{reference.Domain(namedRef)} - } - registryService, err := registry.NewService(serviceOpts) - if err != nil { - return []registry.APIEndpoint{}, err - } - endpoints, err := registryService.LookupPullEndpoints(reference.Domain(repoInfo.Name)) - logrus.Debugf("endpoints for %s: %v", namedRef, endpoints) - return endpoints, err -} - type notFoundError struct { object string } @@ -306,3 +285,17 @@ func IsNotFound(err error) bool { type notFound interface { NotFound() } + +func registryService(namedRef reference.Named, insecure bool) (registry.Service, error) { + var serviceOpts registry.ServiceOptions + if insecure { + logrus.Debugf("allowing insecure registry for: %s", reference.Domain(namedRef)) + serviceOpts.InsecureRegistries = []string{reference.Domain(namedRef)} + } + registryService, err := registry.NewService(serviceOpts) + if err != nil { + return nil, err + } + + return registryService, nil +} From c02ae8f03fda049f6cfe1bc3c03b1d9ecb419a7a Mon Sep 17 00:00:00 2001 From: wndhydrnt Date: Sun, 16 Jun 2019 18:20:30 +0200 Subject: [PATCH 2/2] Attempt to fix a lint error Signed-off-by: wndhydrnt --- cli/registry/client/fetcher.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cli/registry/client/fetcher.go b/cli/registry/client/fetcher.go index 5bef93eed9d5..24cb77af2272 100644 --- a/cli/registry/client/fetcher.go +++ b/cli/registry/client/fetcher.go @@ -199,7 +199,11 @@ func continueOnError(err error) bool { return false } -func (c *client) iterateEndpoints(ctx context.Context, namedRef reference.Named, lookup func(hostname string) (endpoints []registry.APIEndpoint, err error), each func(context.Context, distribution.Repository, reference.Named) (bool, error)) error { +func (c *client) iterateEndpoints( + ctx context.Context, + namedRef reference.Named, + lookup func(hostname string) (endpoints []registry.APIEndpoint, err error), + each func(context.Context, distribution.Repository, reference.Named) (bool, error)) error { endpoints, err := lookup(reference.Domain(namedRef)) if err != nil { return err