beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

registry: use types/registry.AuthConfig

Browse source 
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2022-03-03 10:32:29 +01:00
parent 55d1a56826
commit d817f4dcee
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
5 changed files with 21 additions and 26 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
registry/auth.go
View file

@ -9,7 +9,6 @@ import (
"github.com/docker/distribution/registry/client/auth" "github.com/docker/distribution/registry/client/auth"
"github.com/docker/distribution/registry/client/auth/challenge" "github.com/docker/distribution/registry/client/auth/challenge"
"github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/client/transport"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/registry" "github.com/docker/docker/api/types/registry"
"github.com/pkg/errors" "github.com/pkg/errors"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -19,7 +18,7 @@ import (
const AuthClientID = "docker" const AuthClientID = "docker"
type loginCredentialStore struct { type loginCredentialStore struct {
authConfig *types.AuthConfig authConfig *registry.AuthConfig
} }
func (lcs loginCredentialStore) Basic(*url.URL) (string, string) { func (lcs loginCredentialStore) Basic(*url.URL) (string, string) {
@ -35,12 +34,12 @@ func (lcs loginCredentialStore) SetRefreshToken(u *url.URL, service, token strin
} }
type staticCredentialStore struct { type staticCredentialStore struct {
auth *types.AuthConfig auth *registry.AuthConfig
} }
// NewStaticCredentialStore returns a credential store // NewStaticCredentialStore returns a credential store
// which always returns the same credential values. // which always returns the same credential values.
func NewStaticCredentialStore(auth *types.AuthConfig) auth.CredentialStore { func NewStaticCredentialStore(auth *registry.AuthConfig) auth.CredentialStore {
return staticCredentialStore{ return staticCredentialStore{
auth: auth, auth: auth,
} }
@ -66,7 +65,7 @@ func (scs staticCredentialStore) SetRefreshToken(*url.URL, string, string) {
// loginV2 tries to login to the v2 registry server. The given registry // loginV2 tries to login to the v2 registry server. The given registry
// endpoint will be pinged to get authorization challenges. These challenges // endpoint will be pinged to get authorization challenges. These challenges
// will be used to authenticate against the registry to validate credentials. // will be used to authenticate against the registry to validate credentials.
func loginV2(authConfig *types.AuthConfig, endpoint APIEndpoint, userAgent string) (string, string, error) { func loginV2(authConfig *registry.AuthConfig, endpoint APIEndpoint, userAgent string) (string, string, error) {
var ( var (
endpointStr = strings.TrimRight(endpoint.URL.String(), "/") + "/v2/" endpointStr = strings.TrimRight(endpoint.URL.String(), "/") + "/v2/"
modifiers = Headers(userAgent, nil) modifiers = Headers(userAgent, nil)
@ -138,7 +137,7 @@ func ConvertToHostname(url string) string {
} }
// ResolveAuthConfig matches an auth configuration to a server address or a URL // ResolveAuthConfig matches an auth configuration to a server address or a URL
func ResolveAuthConfig(authConfigs map[string]types.AuthConfig, index *registry.IndexInfo) types.AuthConfig { func ResolveAuthConfig(authConfigs map[string]registry.AuthConfig, index *registry.IndexInfo) registry.AuthConfig {
configKey := GetAuthConfigKey(index) configKey := GetAuthConfigKey(index)
// First try the happy case // First try the happy case
if c, found := authConfigs[configKey]; found || index.Official { if c, found := authConfigs[configKey]; found || index.Official {
@ -154,7 +153,7 @@ func ResolveAuthConfig(authConfigs map[string]types.AuthConfig, index *registry.
} }
// When all else fails, return an empty auth config // When all else fails, return an empty auth config
return types.AuthConfig{} return registry.AuthConfig{}
} }
// PingResponseError is used when the response from a ping // PingResponseError is used when the response from a ping

15
registry/auth_test.go
View file

@ -3,16 +3,15 @@ package registry // import "github.com/docker/docker/registry"
import ( import (
"testing" "testing"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/registry" "github.com/docker/docker/api/types/registry"
"gotest.tools/v3/assert" "gotest.tools/v3/assert"
) )
func buildAuthConfigs() map[string]types.AuthConfig { func buildAuthConfigs() map[string]registry.AuthConfig {
authConfigs := map[string]types.AuthConfig{} authConfigs := map[string]registry.AuthConfig{}
for _, reg := range []string{"testIndex", IndexServer} { for _, reg := range []string{"testIndex", IndexServer} {
authConfigs[reg] = types.AuthConfig{ authConfigs[reg] = registry.AuthConfig{
Username: "docker-user", Username: "docker-user",
Password: "docker-pass", Password: "docker-pass",
} }
@ -42,21 +41,21 @@ func TestResolveAuthConfigIndexServer(t *testing.T) {
func TestResolveAuthConfigFullURL(t *testing.T) { func TestResolveAuthConfigFullURL(t *testing.T) {
authConfigs := buildAuthConfigs() authConfigs := buildAuthConfigs()
registryAuth := types.AuthConfig{ registryAuth := registry.AuthConfig{
Username: "foo-user", Username: "foo-user",
Password: "foo-pass", Password: "foo-pass",
} }
localAuth := types.AuthConfig{ localAuth := registry.AuthConfig{
Username: "bar-user", Username: "bar-user",
Password: "bar-pass", Password: "bar-pass",
} }
officialAuth := types.AuthConfig{ officialAuth := registry.AuthConfig{
Username: "baz-user", Username: "baz-user",
Password: "baz-pass", Password: "baz-pass",
} }
authConfigs[IndexServer] = officialAuth authConfigs[IndexServer] = officialAuth
expectedAuths := map[string]types.AuthConfig{ expectedAuths := map[string]registry.AuthConfig{
"registry.example.com": registryAuth, "registry.example.com": registryAuth,
"localhost:8000": localAuth, "localhost:8000": localAuth,
"example.com": localAuth, "example.com": localAuth,

3
registry/registry_test.go
View file

@ -9,7 +9,6 @@ import (
"github.com/docker/distribution/reference" "github.com/docker/distribution/reference"
"github.com/docker/distribution/registry/client/transport" "github.com/docker/distribution/registry/client/transport"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/registry" "github.com/docker/docker/api/types/registry"
"gotest.tools/v3/assert" "gotest.tools/v3/assert"
is "gotest.tools/v3/assert/cmp" is "gotest.tools/v3/assert/cmp"
@ -17,7 +16,7 @@ import (
) )
func spawnTestRegistrySession(t *testing.T) *session { func spawnTestRegistrySession(t *testing.T) *session {
authConfig := &types.AuthConfig{} authConfig := &registry.AuthConfig{}
endpoint, err := newV1Endpoint(makeIndex("/v1/"), "", nil) endpoint, err := newV1Endpoint(makeIndex("/v1/"), "", nil)
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)

9
registry/service.go
View file

@ -10,7 +10,6 @@ import (
"github.com/docker/distribution/reference" "github.com/docker/distribution/reference"
"github.com/docker/distribution/registry/client/auth" "github.com/docker/distribution/registry/client/auth"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/registry" "github.com/docker/docker/api/types/registry"
"github.com/docker/docker/errdefs" "github.com/docker/docker/errdefs"
"github.com/sirupsen/logrus" "github.com/sirupsen/logrus"
@ -18,11 +17,11 @@ import (
// Service is the interface defining what a registry service should implement. // Service is the interface defining what a registry service should implement.
type Service interface { type Service interface {
Auth(ctx context.Context, authConfig *types.AuthConfig, userAgent string) (status, token string, err error) Auth(ctx context.Context, authConfig *registry.AuthConfig, userAgent string) (status, token string, err error)
LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error) LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error)
LookupPushEndpoints(hostname string) (endpoints []APIEndpoint, err error) LookupPushEndpoints(hostname string) (endpoints []APIEndpoint, err error)
ResolveRepository(name reference.Named) (*RepositoryInfo, error) ResolveRepository(name reference.Named) (*RepositoryInfo, error)
Search(ctx context.Context, term string, limit int, authConfig *types.AuthConfig, userAgent string, headers map[string][]string) (*registry.SearchResults, error) Search(ctx context.Context, term string, limit int, authConfig *registry.AuthConfig, userAgent string, headers map[string][]string) (*registry.SearchResults, error)
ServiceConfig() *registry.ServiceConfig ServiceConfig() *registry.ServiceConfig
LoadAllowNondistributableArtifacts([]string) error LoadAllowNondistributableArtifacts([]string) error
LoadMirrors([]string) error LoadMirrors([]string) error
@ -78,7 +77,7 @@ func (s *defaultService) LoadInsecureRegistries(registries []string) error {
// Auth contacts the public registry with the provided credentials, // Auth contacts the public registry with the provided credentials,
// and returns OK if authentication was successful. // and returns OK if authentication was successful.
// It can be used to verify the validity of a client's credentials. // It can be used to verify the validity of a client's credentials.
func (s *defaultService) Auth(ctx context.Context, authConfig *types.AuthConfig, userAgent string) (status, token string, err error) { func (s *defaultService) Auth(ctx context.Context, authConfig *registry.AuthConfig, userAgent string) (status, token string, err error) {
// TODO Use ctx when searching for repositories // TODO Use ctx when searching for repositories
var registryHostName = IndexHostname var registryHostName = IndexHostname
@ -131,7 +130,7 @@ func splitReposSearchTerm(reposName string) (string, string) {
// Search queries the public registry for images matching the specified // Search queries the public registry for images matching the specified
// search terms, and returns the results. // search terms, and returns the results.
func (s *defaultService) Search(ctx context.Context, term string, limit int, authConfig *types.AuthConfig, userAgent string, headers map[string][]string) (*registry.SearchResults, error) { func (s *defaultService) Search(ctx context.Context, term string, limit int, authConfig *registry.AuthConfig, userAgent string, headers map[string][]string) (*registry.SearchResults, error) {
// TODO Use ctx when searching for repositories // TODO Use ctx when searching for repositories
if hasScheme(term) { if hasScheme(term) {
return nil, invalidParamf("invalid repository name: repository name (%s) should not have a scheme", term) return nil, invalidParamf("invalid repository name: repository name (%s) should not have a scheme", term)

7
registry/session.go
View file

@ -11,7 +11,6 @@ import (
"strings" "strings"
"sync" "sync"
"github.com/docker/docker/api/types"
"github.com/docker/docker/api/types/registry" "github.com/docker/docker/api/types/registry"
"github.com/docker/docker/errdefs" "github.com/docker/docker/errdefs"
"github.com/docker/docker/pkg/ioutils" "github.com/docker/docker/pkg/ioutils"
@ -30,7 +29,7 @@ type session struct {
type authTransport struct { type authTransport struct {
http.RoundTripper http.RoundTripper
*types.AuthConfig *registry.AuthConfig
alwaysSetBasicAuth bool alwaysSetBasicAuth bool
token []string token []string
@ -52,7 +51,7 @@ type authTransport struct {
// If the server sends a token without the client having requested it, it is ignored. // If the server sends a token without the client having requested it, it is ignored.
// //
// This RoundTripper also has a CancelRequest method important for correct timeout handling. // This RoundTripper also has a CancelRequest method important for correct timeout handling.
func newAuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) *authTransport { func newAuthTransport(base http.RoundTripper, authConfig *registry.AuthConfig, alwaysSetBasicAuth bool) *authTransport {
if base == nil { if base == nil {
base = http.DefaultTransport base = http.DefaultTransport
} }
@ -147,7 +146,7 @@ func (tr *authTransport) CancelRequest(req *http.Request) {
} }
} }
func authorizeClient(client *http.Client, authConfig *types.AuthConfig, endpoint *v1Endpoint) error { func authorizeClient(client *http.Client, authConfig *registry.AuthConfig, endpoint *v1Endpoint) error {
var alwaysSetBasicAuth bool var alwaysSetBasicAuth bool
// If we're working with a standalone private registry over HTTPS, send Basic Auth headers // If we're working with a standalone private registry over HTTPS, send Basic Auth headers