registry: merge validateEndpoint into newV1Endpoint

validateEndpoint was doing more than just validating; it was also implicitly mutating the endpoint that was passed to it (by reference). Given that validation only happend when constructing a new v1Endpoint, let's merge these functions. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-08 15:38:20 +02:00 · 2023-09-08 15:38:20 +02:00 · de27973538
commit de27973538
parent 43740ab642
2 changed files with 7 additions and 30 deletions
--- a/registry/search_endpoint_v1.go
+++ b/registry/search_endpoint_v1.go
@ -48,37 +48,24 @@ func newV1Endpoint(index *registry.IndexInfo, headers http.Header) (*v1Endpoint,
 		return endpoint, nil
 	}

-	err = validateEndpoint(endpoint)
-	if err != nil {
-		return nil, err
-	}
-
-	return endpoint, nil
-}
-
-func validateEndpoint(endpoint *v1Endpoint) error {
 	// Try HTTPS ping to registry
 	endpoint.URL.Scheme = "https"
 	if _, err := endpoint.ping(); err != nil {
 		if endpoint.IsSecure {
 			// If registry is secure and HTTPS failed, show user the error and tell them about `--insecure-registry`
-			// in case that's what they need. DO NOT accept unknown CA certificates, and DO NOT fallback to HTTP.
-			return invalidParamf("invalid registry endpoint %s: %v. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry %s` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/%s/ca.crt", endpoint, err, endpoint.URL.Host, endpoint.URL.Host)
+			// in case that's what they need. DO NOT accept unknown CA certificates, and DO NOT fall back to HTTP.
+			return nil, invalidParamf("invalid registry endpoint %s: %v. If this private registry supports only HTTP or HTTPS with an unknown CA certificate, please add `--insecure-registry %s` to the daemon's arguments. In the case of HTTPS, if you have access to the registry's CA certificate, no need for the flag; simply place the CA certificate at /etc/docker/certs.d/%s/ca.crt", endpoint, err, endpoint.URL.Host, endpoint.URL.Host)
 		}

-		// If registry is insecure and HTTPS failed, fallback to HTTP.
+		// registry is insecure and HTTPS failed, fallback to HTTP.
 		log.G(context.TODO()).WithError(err).Debugf("error from registry %q marked as insecure - insecurely falling back to HTTP", endpoint)
 		endpoint.URL.Scheme = "http"
-
-		var err2 error
-		if _, err2 = endpoint.ping(); err2 == nil {
-			return nil
+		if _, err2 := endpoint.ping(); err2 != nil {
+			return nil, invalidParamf("invalid registry endpoint %q. HTTPS attempt: %v. HTTP attempt: %v", endpoint, err, err2)
 		}
-
-		return invalidParamf("invalid registry endpoint %q. HTTPS attempt: %v. HTTP attempt: %v", endpoint, err, err2)
 	}

-	return nil
+	return endpoint, nil
 }

 // trimV1Address trims the "v1" version suffix off the address and returns
--- a/registry/search_endpoint_v1_test.go
+++ b/registry/search_endpoint_v1_test.go
@ -3,7 +3,6 @@ package registry // import "github.com/docker/docker/registry"
 import (
 	"net/http"
 	"net/http/httptest"
-	"net/url"
 	"os"
 	"strings"
 	"testing"
@ -168,20 +167,11 @@ func TestV1EndpointValidate(t *testing.T) {
 	testServer := httptest.NewServer(requireBasicAuthHandler)
 	defer testServer.Close()

-	testServerURL, err := url.Parse(testServer.URL)
+	testEndpoint, err := newV1Endpoint(&registry.IndexInfo{Name: testServer.URL}, nil)
 	if err != nil {
 		t.Fatal(err)
 	}

-	testEndpoint := v1Endpoint{
-		URL:    testServerURL,
-		client: httpClient(newTransport(nil)),
-	}
-
-	if err = validateEndpoint(&testEndpoint); err != nil {
-		t.Fatal(err)
-	}
-
 	if testEndpoint.URL.Scheme != "http" {
 		t.Fatalf("expecting to validate endpoint as http, got url %s", testEndpoint.String())
 	}