Merge pull request #1722 from SvenDowideit/cherry-pick-fixes

Cherry pick fixes
2016-05-18 09:35:53 +10:00 · 2016-05-18 09:35:53 +10:00 · 4f20717da9
commit 4f20717da9
parent e90ff92895 be3289bfe1
7 changed files with 36 additions and 68 deletions
--- a/docs/Dockerfile
+++ b/docs/Dockerfile
@ -1,18 +1,9 @@
-FROM docs/base:latest
+FROM docs/base:oss
 MAINTAINER Mary Anthony <mary@docker.com> (@moxiegirl)
 RUN svn checkout https://github.com/docker/docker/trunk/docs /docs/content/engine
 RUN svn checkout https://github.com/docker/compose/trunk/docs /docs/content/compose
 RUN svn checkout https://github.com/docker/swarm/trunk/docs /docs/content/swarm
 RUN svn checkout https://github.com/docker/machine/trunk/docs /docs/content/machine
 RUN svn checkout https://github.com/docker/notary/trunk/docs /docs/content/notary
 RUN svn checkout https://github.com/docker/kitematic/trunk/docs /docs/content/kitematic
 RUN svn checkout https://github.com/docker/toolbox/trunk/docs /docs/content/toolbox
 RUN svn checkout https://github.com/docker/opensource/trunk/docs /docs/content/opensource
 ENV PROJECT=registry
 # To get the git info for this repo
 COPY . /src
-
+RUN rm -r /docs/content/$PROJECT/
 COPY . /docs/content/$PROJECT/
--- a/docs/nginx.md
+++ b/docs/nginx.md
@ -182,7 +182,7 @@ Now, start your stack:
 Login with a "push" authorized user (using `testuser` and `testpassword`), then tag and push your first image:
-    docker login -p=testuser -u=testpassword -e=root@example.ch myregistrydomain.com:5043
+    docker login -u=testuser -p=testpassword -e=root@example.ch myregistrydomain.com:5043
    docker tag ubuntu myregistrydomain.com:5043/test
    docker push myregistrydomain.com:5043/test
    docker pull myregistrydomain.com:5043/test
--- a/docs/spec/api.md
+++ b/docs/spec/api.md
@ -618,26 +618,6 @@ The "digest" parameter must be included with the PUT request. Please see the
 [_Completed Upload_](#completed-upload) section for details on the parameters
 and expected responses.
 Additionally, the upload can be completed with a single `POST` request to
 the uploads endpoint, including the "size" and "digest" parameters:
 ```
 POST /v2/<name>/blobs/uploads/?digest=<digest>
 Content-Length: <size of layer>
 Content-Type: application/octet-stream
 <Layer Binary Data>
 ```
 On the registry service, this should allocate a download, accept and verify
 the data and return the same  response as the final chunk of an upload. If the
 POST request fails collecting the data in any way, the registry should attempt
 to return an error response to the client with the `Location` header providing
 a place to continue the download.
 The single `POST` method is provided for convenience and most clients should
 implement `POST` + `PUT` to support reliable resume of uploads.
 ##### Chunked Upload
 To carry out an upload of a chunk, the client can specify a range header and
--- a/docs/spec/api.md.tmpl
+++ b/docs/spec/api.md.tmpl
@ -618,26 +618,6 @@ The "digest" parameter must be included with the PUT request. Please see the
 [_Completed Upload_](#completed-upload) section for details on the parameters
 and expected responses.
 Additionally, the upload can be completed with a single `POST` request to
 the uploads endpoint, including the "size" and "digest" parameters:
 ```
 POST /v2/<name>/blobs/uploads/?digest=<digest>
 Content-Length: <size of layer>
 Content-Type: application/octet-stream
 <Layer Binary Data>
 ```
 On the registry service, this should allocate a download, accept and verify
 the data and return the same  response as the final chunk of an upload. If the
 POST request fails collecting the data in any way, the registry should attempt
 to return an error response to the client with the `Location` header providing
 a place to continue the download.
 The single `POST` method is provided for convenience and most clients should
 implement `POST` + `PUT` to support reliable resume of uploads.
 ##### Chunked Upload
 To carry out an upload of a chunk, the client can specify a range header and
--- a/docs/spec/auth/jwt.md
+++ b/docs/spec/auth/jwt.md
@ -69,8 +69,17 @@ Token has 3 main parts:
    The header of a JSON Web Token is a standard JOSE header. The "typ" field
    will be "JWT" and it will also contain the "alg" which identifies the
-    signing algorithm used to produce the signature. It will also usually have
+    signing algorithm used to produce the signature. It also must have a "kid"
-    a "kid" field, the ID of the key which was used to sign the token.
+    field, representing the ID of the key which was used to sign the token.
    The "kid" field has to be in a libtrust fingerprint compatible format.
    Such a format can be generated by following steps:
    1.  Take the DER encoded public key which the JWT token was signed against.
    2.  Create a SHA256 hash out of it and truncate to 240bits.
    3.  Split the result into 12 base32 encoded groups with `:` as delimiter.
    Here is an example JOSE Header for a JSON Web Token (formatted with
    whitespace for readability):
--- a/docs/spec/auth/scope.md
+++ b/docs/spec/auth/scope.md
@ -56,7 +56,7 @@ it.
 The resource name represent the name which identifies a resource for a resource
 provider. A resource is identified by this name and the provided resource type.
 An example of a resource name would be the name component of an image tag, such
-as "samalba/myapp".
+as "samalba/myapp" or "hostname/samalba/myapp".
 ### Resource Actions
@ -83,16 +83,24 @@ scopes.
 scope                   := resourcescope [ ' ' resourcescope ]*
 resourcescope           := resourcetype  ":" resourcename  ":" action [ ',' action ]*
 resourcetype            := /[a-z]*/
-resourcename            := component [ '/' component ]*
+resourcename            := [ hostname '/' ] component [ '/' component ]*
 hostname                := hostcomponent ['.' hostcomponent]* [':' port-number]
 hostcomponent           := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/
 port-number             := /[0-9]+/
 action                  := /[a-z]*/
 component               := alpha-numeric [ separator alpha-numeric ]*
 alpha-numeric           := /[a-z0-9]+/
 separator               := /[_.]|__|[-]*/
 ```
 Full reference grammar is defined
-(here)[https://godoc.org/github.com/docker/distribution/reference]. Currently
+[here](https://godoc.org/github.com/docker/distribution/reference). Currently
-the scope name grammar is a subset of the reference grammar without support
+the scope name grammar is a subset of the reference grammar.
-for hostnames.
+
 > **NOTE:** that the `resourcename` may contain one `:` due to a possible port
 > number in the hostname component of the `resourcename`, so a naive
 > implementation that interprets the first three `:`-delimited tokens of a
 > `scope` to be the `resourcetype`, `resourcename`, and a list of `action`
 > would be insufficient.
 ## Resource Provider Use
--- a/docs/storage-drivers/s3.md
+++ b/docs/storage-drivers/s3.md
@ -198,7 +198,7 @@ The following IAM permissions are required by the registry for push and pull.  S
        "Action": [
          "s3:ListBucket",
          "s3:GetBucketLocation",
-          "s3:ListBucketMultipartUploads",
+          "s3:ListBucketMultipartUploads"
        ],
        "Resource": "arn:aws:s3:::mybucket"
      },