We use cookies to ensure you get the best experience on our website
Página Principal Explorar Ajuda
Registe-se Iniciar Sessão
0ct0pu5
/
moby
1
0
Fork 0
Ficheiros Problemas 0 Pull Requests 0 Wiki
Ver Fonte

Default the auth config domain to the target image domain

When server address is not provided with the auth configuration,
use the domain from the image provided with the auth.

Signed-off-by: Derek McGowan <derek@mcg.dev>
Derek McGowan há 1 ano atrás
pai
796da163f9
commit
755f008c1e
3 ficheiros alterados com 12 adições e 8 exclusões
Visão Dividida Mostrar Estatísticas Diff
  1. 1 1
      daemon/containerd/image_pull.go
  2. 1 1
      daemon/containerd/image_push.go
  3. 10 6
      daemon/containerd/resolver.go

+ 1 - 1
daemon/containerd/image_pull.go
Ver Ficheiro 

@@ -67,7 +67,7 @@ func (i *ImageService) pullTag(ctx context.Context, ref reference.NamedTagged, p
 
 		opts = append(opts, containerd.WithPlatform(platforms.Format(*platform)))
 
 	}
 
 
-	resolver, _ := i.newResolverFromAuthConfig(ctx, authConfig)
 
+	resolver, _ := i.newResolverFromAuthConfig(ctx, authConfig, ref)
 
 	opts = append(opts, containerd.WithResolver(resolver))
 
 
 	old, err := i.resolveDescriptor(ctx, ref.String())

+ 1 - 1
daemon/containerd/image_push.go
Ver Ficheiro 

@@ -102,7 +102,7 @@ func (i *ImageService) pushRef(ctx context.Context, targetRef reference.Named, m
 
 	target := img.Target
 
 	store := i.client.ContentStore()
 
 
-	resolver, tracker := i.newResolverFromAuthConfig(ctx, authConfig)
 
+	resolver, tracker := i.newResolverFromAuthConfig(ctx, authConfig, targetRef)
 
 	pp := pushProgress{Tracker: tracker}
 
 	jobsQueue := newJobs()
 
 	finishProgress := jobsQueue.showProgress(ctx, out, combinedProgress([]progressUpdater{

+ 10 - 6
daemon/containerd/resolver.go
Ver Ficheiro 

@@ -11,16 +11,17 @@ import (
 
 	"github.com/containerd/containerd/remotes/docker"
 
 	"github.com/containerd/containerd/version"
 
 	"github.com/containerd/log"
 
+	"github.com/distribution/reference"
 
 	registrytypes "github.com/docker/docker/api/types/registry"
 
 	"github.com/docker/docker/dockerversion"
 
 	"github.com/docker/docker/pkg/useragent"
 
 	"github.com/docker/docker/registry"
 
 )
 
 
-func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig *registrytypes.AuthConfig) (remotes.Resolver, docker.StatusTracker) {
 
+func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig *registrytypes.AuthConfig, ref reference.Named) (remotes.Resolver, docker.StatusTracker) {
 
 	tracker := docker.NewInMemoryTracker()
 
 
-	hosts := hostsWrapper(i.registryHosts, authConfig, i.registryService)
 
+	hosts := hostsWrapper(i.registryHosts, authConfig, ref, i.registryService)
 
 	headers := http.Header{}
 
 	headers.Set("User-Agent", dockerversion.DockerUserAgent(ctx, useragent.VersionInfo{Name: "containerd-client", Version: version.Version}, useragent.VersionInfo{Name: "storage-driver", Version: i.snapshotter}))
 
 
@@ -31,10 +32,10 @@ func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig
 
 	}), tracker
 
 }
 
 
-func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.AuthConfig, regService registryResolver) docker.RegistryHosts {
 
+func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.AuthConfig, ref reference.Named, regService registryResolver) docker.RegistryHosts {
 
 	var authorizer docker.Authorizer
 
 	if optAuthConfig != nil {
 
-		authorizer = authorizerFromAuthConfig(*optAuthConfig)
 
+		authorizer = authorizerFromAuthConfig(*optAuthConfig, ref)
 
 	}
 
 
 	return func(n string) ([]docker.RegistryHost, error) {
 
@@ -56,9 +57,12 @@ func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.Aut
 
 	}
 
 }
 
 
-func authorizerFromAuthConfig(authConfig registrytypes.AuthConfig) docker.Authorizer {
 
+func authorizerFromAuthConfig(authConfig registrytypes.AuthConfig, ref reference.Named) docker.Authorizer {
 
 	cfgHost := registry.ConvertToHostname(authConfig.ServerAddress)
 
-	if cfgHost == "" || cfgHost == registry.IndexHostname {
 
+	if cfgHost == "" {
 
+		cfgHost = reference.Domain(ref)
 
+	}
 
+	if cfgHost == registry.IndexHostname || cfgHost == registry.IndexName {
 
 		cfgHost = registry.DefaultRegistryHost
 
 	}

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5