From c0598aced053f7a7e06aebd57329348dbc7dfc10 Mon Sep 17 00:00:00 2001 From: Michael Crosby Date: Tue, 19 Aug 2014 11:54:42 -0700 Subject: [PATCH] Refactor IsSecure change Fix issue with restoring the tag store and setting static configuration from the daemon. i.e. the field on the TagStore struct must be made internal or the json.Unmarshal in restore will overwrite the insecure registries to be an empty struct. Signed-off-by: Michael Crosby Conflicts: graph/pull.go graph/push.go graph/tags.go --- graph/pull.go | 2 +- graph/push.go | 2 +- graph/tags.go | 5 +++-- registry/registry.go | 44 +++++++++++++++++++------------------------- 4 files changed, 24 insertions(+), 29 deletions(-) diff --git a/graph/pull.go b/graph/pull.go index fe1237de48ebb9185c1d7154dd640da6e7fbe5b0..897e0813a12d811730bf334191bc911d46030bc0 100644 --- a/graph/pull.go +++ b/graph/pull.go @@ -113,7 +113,7 @@ func (s *TagStore) CmdPull(job *engine.Job) engine.Status { return job.Error(err) } - secure := registry.IsSecure(hostname, s.InsecureRegistries) + secure := registry.IsSecure(hostname, s.insecureRegistries) endpoint, err := registry.NewEndpoint(hostname, secure) if err != nil { diff --git a/graph/push.go b/graph/push.go index 6b5b3394aea083d1c26148883530e27f16d05137..1d2bf72422da79544f509eb090717208a2dd046e 100644 --- a/graph/push.go +++ b/graph/push.go @@ -214,7 +214,7 @@ func (s *TagStore) CmdPush(job *engine.Job) engine.Status { return job.Error(err) } - secure := registry.IsSecure(hostname, s.InsecureRegistries) + secure := registry.IsSecure(hostname, s.insecureRegistries) endpoint, err := registry.NewEndpoint(hostname, secure) if err != nil { diff --git a/graph/tags.go b/graph/tags.go index c62aa86451e1d36e11556e459e427179cd65da8f..622d620941ae7fadf6e4847522a01fe7330fc323 100644 --- a/graph/tags.go +++ b/graph/tags.go @@ -26,7 +26,7 @@ type TagStore struct { path string graph *Graph mirrors []string - InsecureRegistries []string + insecureRegistries []string Repositories map[string]Repository sync.Mutex // FIXME: move push/pull-related fields @@ -60,11 +60,12 @@ func NewTagStore(path string, graph *Graph, mirrors []string, insecureRegistries if err != nil { return nil, err } + store := &TagStore{ path: abspath, graph: graph, mirrors: mirrors, - InsecureRegistries: insecureRegistries, + insecureRegistries: insecureRegistries, Repositories: make(map[string]Repository), pullingPool: make(map[string]chan struct{}), pushingPool: make(map[string]chan struct{}), diff --git a/registry/registry.go b/registry/registry.go index 8f4ae6fa01bb6c2a885cc752aa515bf7b9303e8c..bcbce40198ccc3d65c3cd786be4a26eac4b924c6 100644 --- a/registry/registry.go +++ b/registry/registry.go @@ -204,51 +204,45 @@ func ResolveRepositoryName(reposName string) (string, string, error) { // this method expands the registry name as used in the prefix of a repo // to a full url. if it already is a url, there will be no change. -func ExpandAndVerifyRegistryUrl(hostname string, secure bool) (endpoint string, err error) { - if strings.HasPrefix(hostname, "http:") || strings.HasPrefix(hostname, "https:") { - // if there is no slash after https:// (8 characters) then we have no path in the url - if strings.LastIndex(hostname, "/") < 9 { - // there is no path given. Expand with default path - hostname = hostname + "/v1/" - } - if _, err := pingRegistryEndpoint(hostname); err != nil { - return "", errors.New("Invalid Registry endpoint: " + err.Error()) - } +func ExpandAndVerifyRegistryUrl(hostname string, secure bool) (string, error) { + if hostname == IndexServerAddress() { return hostname, nil } - // use HTTPS if secure, otherwise use HTTP + endpoint := fmt.Sprintf("http://%s/v1/", hostname) + if secure { endpoint = fmt.Sprintf("https://%s/v1/", hostname) - } else { - endpoint = fmt.Sprintf("http://%s/v1/", hostname) } - _, err = pingRegistryEndpoint(endpoint) - if err != nil { + + if _, oerr := pingRegistryEndpoint(endpoint); oerr != nil { //TODO: triggering highland build can be done there without "failing" - err = fmt.Errorf("Invalid registry endpoint '%s': %s ", endpoint, err) + err := fmt.Errorf("Invalid registry endpoint '%s': %s ", endpoint, oerr) + if secure { - err = fmt.Errorf("%s. If this private registry supports only HTTP, please add `--insecure-registry %s` to the daemon's arguments.", err, hostname) + err = fmt.Errorf("%s. If this private registry supports only HTTP, please add `--insecure-registry %s` to the daemon's arguments.", oerr, hostname) } + return "", err } + return endpoint, nil } // this method verifies if the provided hostname is part of the list of // insecure registries and returns false if HTTP should be used -func IsSecure(hostname string, insecureRegistries []string) (secure bool) { - secure = true +func IsSecure(hostname string, insecureRegistries []string) bool { + if hostname == IndexServerAddress() { + return true + } + for _, h := range insecureRegistries { if hostname == h { - secure = false - break + return false } } - if hostname == IndexServerAddress() { - secure = true - } - return + + return true } func trustedLocation(req *http.Request) bool {