Merge pull request #10235 from jfrazelle/tech-preview-warning
Warn about tech preview of image verification.
This commit is contained in:
Arnaud Porterie
commit
e13559a6d6
2 changed files with 42 additions and 1 deletions
|
|
@ -428,10 +428,11 @@ func (s *TagStore) pullV2Tag(eng *engine.Engine, r *registry.Session, out io.Wri
|
|||
}
|
||||
|
||||
if verified {
|
||||
out.Write(sf.FormatStatus(repoInfo.CanonicalName+":"+tag, "The image you are pulling has been verified"))
|
||||
log.Printf("Image manifest for %s:%s has been verified", repoInfo.CanonicalName, tag)
|
||||
} else {
|
||||
out.Write(sf.FormatStatus(tag, "Pulling from %s", repoInfo.CanonicalName))
|
||||
}
|
||||
|
||||
downloads := make([]downloadInfo, len(manifest.FSLayers))
|
||||
|
||||
for i := len(manifest.FSLayers) - 1; i >= 0; i-- {
|
||||
|
|
@ -553,6 +554,8 @@ func (s *TagStore) pullV2Tag(eng *engine.Engine, r *registry.Session, out io.Wri
|
|||
|
||||
}
|
||||
|
||||
out.Write(sf.FormatStatus(repoInfo.CanonicalName+":"+tag, "The image you are pulling has been verified - This is a tech preview, don't rely on it for security yet."))
|
||||
|
||||
if err = s.Set(repoInfo.LocalName, tag, downloads[0].img.ID, true); err != nil {
|
||||
return false, err
|
||||
}
|
||||
|
|
|
|||
|
|
@ -53,6 +53,44 @@ func TestPullImageWithAliases(t *testing.T) {
|
|||
logDone("pull - image with aliases")
|
||||
}
|
||||
|
||||
// pulling busybox should show verified message
|
||||
func TestPullVerified(t *testing.T) {
|
||||
defer setupRegistry(t)()
|
||||
|
||||
repo := fmt.Sprintf("%v/dockercli/busybox:verified", privateRegistryURL)
|
||||
defer deleteImages(repo)
|
||||
|
||||
// tag the image
|
||||
if out, _, err := runCommandWithOutput(exec.Command(dockerBinary, "tag", "busybox", repo)); err != nil {
|
||||
t.Fatalf("Failed to tag image verifiedTest: error %v, output %q", err, out)
|
||||
}
|
||||
|
||||
// push it
|
||||
if out, err := exec.Command(dockerBinary, "push", repo).CombinedOutput(); err != nil {
|
||||
t.Fatalf("Failed to push image %v: error %v, output %q", err, string(out))
|
||||
}
|
||||
|
||||
// remove it locally
|
||||
if out, err := exec.Command(dockerBinary, "rmi", repo).CombinedOutput(); err != nil {
|
||||
t.Fatalf("Failed to clean images: error %v, output %q", err, string(out))
|
||||
}
|
||||
|
||||
// pull it
|
||||
expected := "The image you are pulling has been verified"
|
||||
pullCmd := exec.Command(dockerBinary, "pull", repo)
|
||||
if out, _, err := runCommandWithOutput(pullCmd); err != nil || !strings.Contains(out, expected) {
|
||||
t.Fatalf("pulling a verified image failed. expected: %s\ngot: %s, %v", expected, out, err)
|
||||
}
|
||||
|
||||
// pull it again
|
||||
pullCmd = exec.Command(dockerBinary, "pull", repo)
|
||||
if out, _, err := runCommandWithOutput(pullCmd); err != nil || !strings.Contains(out, expected) {
|
||||
t.Fatalf("pulling a verified image failed. expected: %s\ngot: %s, %v", expected, out, err)
|
||||
}
|
||||
|
||||
logDone("pull - pull verified")
|
||||
}
|
||||
|
||||
// pulling an image from the central registry should work
|
||||
func TestPullImageFromCentralRegistry(t *testing.T) {
|
||||
pullCmd := exec.Command(dockerBinary, "pull", "hello-world")
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue