beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #46779 from dmcgowan/c8d-default-auth-domain

Browse source 
Default the auth config domain to the target image domain
This commit is contained in:
Sebastiaan van Stijn 2023-11-07 16:44:31 +01:00 committed by GitHub
commit c14694a424
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 12 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
daemon/containerd/image_pull.go
View file

@ -67,7 +67,7 @@ func (i *ImageService) pullTag(ctx context.Context, ref reference.NamedTagged, p
opts = append(opts, containerd.WithPlatform(platforms.Format(*platform))) opts = append(opts, containerd.WithPlatform(platforms.Format(*platform)))
} }
resolver, _ := i.newResolverFromAuthConfig(ctx, authConfig) resolver, _ := i.newResolverFromAuthConfig(ctx, authConfig, ref)
opts = append(opts, containerd.WithResolver(resolver)) opts = append(opts, containerd.WithResolver(resolver))
old, err := i.resolveDescriptor(ctx, ref.String()) old, err := i.resolveDescriptor(ctx, ref.String())

2
daemon/containerd/image_push.go
View file

@ -102,7 +102,7 @@ func (i *ImageService) pushRef(ctx context.Context, targetRef reference.Named, m
target := img.Target target := img.Target
store := i.client.ContentStore() store := i.client.ContentStore()
resolver, tracker := i.newResolverFromAuthConfig(ctx, authConfig) resolver, tracker := i.newResolverFromAuthConfig(ctx, authConfig, targetRef)
pp := pushProgress{Tracker: tracker} pp := pushProgress{Tracker: tracker}
jobsQueue := newJobs() jobsQueue := newJobs()
finishProgress := jobsQueue.showProgress(ctx, out, combinedProgress([]progressUpdater{ finishProgress := jobsQueue.showProgress(ctx, out, combinedProgress([]progressUpdater{

16
daemon/containerd/resolver.go
View file

@ -11,16 +11,17 @@ import (
"github.com/containerd/containerd/remotes/docker" "github.com/containerd/containerd/remotes/docker"
"github.com/containerd/containerd/version" "github.com/containerd/containerd/version"
"github.com/containerd/log" "github.com/containerd/log"
"github.com/distribution/reference"
registrytypes "github.com/docker/docker/api/types/registry" registrytypes "github.com/docker/docker/api/types/registry"
"github.com/docker/docker/dockerversion" "github.com/docker/docker/dockerversion"
"github.com/docker/docker/pkg/useragent" "github.com/docker/docker/pkg/useragent"
"github.com/docker/docker/registry" "github.com/docker/docker/registry"
) )
func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig *registrytypes.AuthConfig) (remotes.Resolver, docker.StatusTracker) { func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig *registrytypes.AuthConfig, ref reference.Named) (remotes.Resolver, docker.StatusTracker) {
tracker := docker.NewInMemoryTracker() tracker := docker.NewInMemoryTracker()
hosts := hostsWrapper(i.registryHosts, authConfig, i.registryService) hosts := hostsWrapper(i.registryHosts, authConfig, ref, i.registryService)
headers := http.Header{} headers := http.Header{}
headers.Set("User-Agent", dockerversion.DockerUserAgent(ctx, useragent.VersionInfo{Name: "containerd-client", Version: version.Version}, useragent.VersionInfo{Name: "storage-driver", Version: i.snapshotter})) headers.Set("User-Agent", dockerversion.DockerUserAgent(ctx, useragent.VersionInfo{Name: "containerd-client", Version: version.Version}, useragent.VersionInfo{Name: "storage-driver", Version: i.snapshotter}))
@ -31,10 +32,10 @@ func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig
}), tracker }), tracker
} }
func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.AuthConfig, regService registryResolver) docker.RegistryHosts { func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.AuthConfig, ref reference.Named, regService registryResolver) docker.RegistryHosts {
var authorizer docker.Authorizer var authorizer docker.Authorizer
if optAuthConfig != nil { if optAuthConfig != nil {
authorizer = authorizerFromAuthConfig(*optAuthConfig) authorizer = authorizerFromAuthConfig(*optAuthConfig, ref)
} }
return func(n string) ([]docker.RegistryHost, error) { return func(n string) ([]docker.RegistryHost, error) {
@ -56,9 +57,12 @@ func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.Aut
} }
} }
func authorizerFromAuthConfig(authConfig registrytypes.AuthConfig) docker.Authorizer { func authorizerFromAuthConfig(authConfig registrytypes.AuthConfig, ref reference.Named) docker.Authorizer {
cfgHost := registry.ConvertToHostname(authConfig.ServerAddress) cfgHost := registry.ConvertToHostname(authConfig.ServerAddress)
if cfgHost == "" || cfgHost == registry.IndexHostname { if cfgHost == "" {
cfgHost = reference.Domain(ref)
}
if cfgHost == registry.IndexHostname || cfgHost == registry.IndexName {
cfgHost = registry.DefaultRegistryHost cfgHost = registry.DefaultRegistryHost
} }