registry: default --insecure-registry to localhost and 127.0.0.1
Signed-off-by: Johan Euphrosine <proppy@google.com>
This commit is contained in:
parent
6ad1cd5d0f
commit
28ee373e19
2 changed files with 32 additions and 1 deletions
|
@ -4,6 +4,7 @@ import (
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"net/url"
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
@ -154,7 +155,16 @@ func IsSecure(hostname string, insecureRegistries []string) bool {
|
||||||
if hostname == IndexServerAddress() {
|
if hostname == IndexServerAddress() {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
if len(insecureRegistries) == 0 {
|
||||||
|
host, _, err := net.SplitHostPort(hostname)
|
||||||
|
if err != nil {
|
||||||
|
host = hostname
|
||||||
|
}
|
||||||
|
if host == "127.0.0.1" || host == "localhost" {
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
return true
|
||||||
|
}
|
||||||
for _, h := range insecureRegistries {
|
for _, h := range insecureRegistries {
|
||||||
if hostname == h {
|
if hostname == h {
|
||||||
return false
|
return false
|
||||||
|
|
|
@ -339,3 +339,24 @@ func TestIsSecure(t *testing.T) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestIsSecure(t *testing.T) {
|
||||||
|
tests := []struct {
|
||||||
|
addr string
|
||||||
|
insecureRegistries []string
|
||||||
|
expected bool
|
||||||
|
}{
|
||||||
|
{"localhost", []string{}, false},
|
||||||
|
{"localhost:5000", []string{}, false},
|
||||||
|
{"127.0.0.1", []string{}, false},
|
||||||
|
{"localhost", []string{"example.com"}, true},
|
||||||
|
{"127.0.0.1", []string{"example.com"}, true},
|
||||||
|
{"example.com", []string{}, true},
|
||||||
|
{"example.com", []string{"example.com"}, false},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
if sec := IsSecure(tt.addr, tt.insecureRegistries); sec != tt.expected {
|
||||||
|
t.Errorf("IsSecure failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue