Change APIEndpoint to contain the URL in a parsed format
This allows easier URL handling in code that uses APIEndpoint. If we continued to store the URL unparsed, it would require redundant parsing whenver we want to extract information from it. Also, parsing the URL earlier should give improve validation. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
This commit is contained in:
parent
4bb475cd3c
commit
9a2cef38e3
9 changed files with 87 additions and 40 deletions
|
@ -19,7 +19,7 @@ type Options struct {
|
||||||
InsecureRegistries opts.ListOpts
|
InsecureRegistries opts.ListOpts
|
||||||
}
|
}
|
||||||
|
|
||||||
const (
|
var (
|
||||||
// DefaultNamespace is the default namespace
|
// DefaultNamespace is the default namespace
|
||||||
DefaultNamespace = "docker.io"
|
DefaultNamespace = "docker.io"
|
||||||
// DefaultRegistryVersionHeader is the name of the default HTTP header
|
// DefaultRegistryVersionHeader is the name of the default HTTP header
|
||||||
|
@ -27,7 +27,7 @@ const (
|
||||||
DefaultRegistryVersionHeader = "Docker-Distribution-Api-Version"
|
DefaultRegistryVersionHeader = "Docker-Distribution-Api-Version"
|
||||||
|
|
||||||
// IndexServer is the v1 registry server used for user auth + account creation
|
// IndexServer is the v1 registry server used for user auth + account creation
|
||||||
IndexServer = DefaultV1Registry + "/v1/"
|
IndexServer = DefaultV1Registry.String() + "/v1/"
|
||||||
// IndexName is the name of the index
|
// IndexName is the name of the index
|
||||||
IndexName = "docker.io"
|
IndexName = "docker.io"
|
||||||
|
|
||||||
|
|
|
@ -2,12 +2,22 @@
|
||||||
|
|
||||||
package registry
|
package registry
|
||||||
|
|
||||||
const (
|
import (
|
||||||
|
"net/url"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
// DefaultV1Registry is the URI of the default v1 registry
|
// DefaultV1Registry is the URI of the default v1 registry
|
||||||
DefaultV1Registry = "https://index.docker.io"
|
DefaultV1Registry = &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: "index.docker.io",
|
||||||
|
}
|
||||||
|
|
||||||
// DefaultV2Registry is the URI of the default v2 registry
|
// DefaultV2Registry is the URI of the default v2 registry
|
||||||
DefaultV2Registry = "https://registry-1.docker.io"
|
DefaultV2Registry = &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: "registry-1.docker.io",
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
var (
|
var (
|
||||||
|
|
|
@ -1,21 +1,28 @@
|
||||||
package registry
|
package registry
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
)
|
)
|
||||||
|
|
||||||
const (
|
var (
|
||||||
// DefaultV1Registry is the URI of the default v1 registry
|
// DefaultV1Registry is the URI of the default v1 registry
|
||||||
DefaultV1Registry = "https://registry-win-tp3.docker.io"
|
DefaultV1Registry = &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: "registry-win-tp3.docker.io",
|
||||||
|
}
|
||||||
|
|
||||||
// DefaultV2Registry is the URI of the default (official) v2 registry.
|
// DefaultV2Registry is the URI of the default (official) v2 registry.
|
||||||
// This is the windows-specific endpoint.
|
// This is the windows-specific endpoint.
|
||||||
//
|
//
|
||||||
// Currently it is a TEMPORARY link that allows Microsoft to continue
|
// Currently it is a TEMPORARY link that allows Microsoft to continue
|
||||||
// development of Docker Engine for Windows.
|
// development of Docker Engine for Windows.
|
||||||
DefaultV2Registry = "https://registry-win-tp3.docker.io"
|
DefaultV2Registry = &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: "registry-win-tp3.docker.io",
|
||||||
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
// CertsDir is the directory where certificates are stored
|
// CertsDir is the directory where certificates are stored
|
||||||
|
|
|
@ -50,10 +50,12 @@ func NewEndpoint(index *registrytypes.IndexInfo, userAgent string, metaHeaders h
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
endpoint, err := newEndpoint(GetAuthConfigKey(index), tlsConfig, userAgent, metaHeaders)
|
|
||||||
|
endpoint, err := newEndpointFromStr(GetAuthConfigKey(index), tlsConfig, userAgent, metaHeaders)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
if v != APIVersionUnknown {
|
if v != APIVersionUnknown {
|
||||||
endpoint.Version = v
|
endpoint.Version = v
|
||||||
}
|
}
|
||||||
|
@ -91,24 +93,14 @@ func validateEndpoint(endpoint *Endpoint) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func newEndpoint(address string, tlsConfig *tls.Config, userAgent string, metaHeaders http.Header) (*Endpoint, error) {
|
func newEndpoint(address url.URL, tlsConfig *tls.Config, userAgent string, metaHeaders http.Header) (*Endpoint, error) {
|
||||||
var (
|
endpoint := &Endpoint{
|
||||||
endpoint = new(Endpoint)
|
IsSecure: (tlsConfig == nil || !tlsConfig.InsecureSkipVerify),
|
||||||
trimmedAddress string
|
URL: new(url.URL),
|
||||||
err error
|
Version: APIVersionUnknown,
|
||||||
)
|
|
||||||
|
|
||||||
if !strings.HasPrefix(address, "http") {
|
|
||||||
address = "https://" + address
|
|
||||||
}
|
}
|
||||||
|
|
||||||
endpoint.IsSecure = (tlsConfig == nil || !tlsConfig.InsecureSkipVerify)
|
*endpoint.URL = address
|
||||||
|
|
||||||
trimmedAddress, endpoint.Version = scanForAPIVersion(address)
|
|
||||||
|
|
||||||
if endpoint.URL, err = url.Parse(trimmedAddress); err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
|
|
||||||
// TODO(tiborvass): make sure a ConnectTimeout transport is used
|
// TODO(tiborvass): make sure a ConnectTimeout transport is used
|
||||||
tr := NewTransport(tlsConfig)
|
tr := NewTransport(tlsConfig)
|
||||||
|
@ -116,6 +108,27 @@ func newEndpoint(address string, tlsConfig *tls.Config, userAgent string, metaHe
|
||||||
return endpoint, nil
|
return endpoint, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func newEndpointFromStr(address string, tlsConfig *tls.Config, userAgent string, metaHeaders http.Header) (*Endpoint, error) {
|
||||||
|
if !strings.HasPrefix(address, "http://") && !strings.HasPrefix(address, "https://") {
|
||||||
|
address = "https://" + address
|
||||||
|
}
|
||||||
|
|
||||||
|
trimmedAddress, detectedVersion := scanForAPIVersion(address)
|
||||||
|
|
||||||
|
uri, err := url.Parse(trimmedAddress)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
endpoint, err := newEndpoint(*uri, tlsConfig, userAgent, metaHeaders)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
|
||||||
|
endpoint.Version = detectedVersion
|
||||||
|
return endpoint, nil
|
||||||
|
}
|
||||||
|
|
||||||
// Endpoint stores basic information about a registry endpoint.
|
// Endpoint stores basic information about a registry endpoint.
|
||||||
type Endpoint struct {
|
type Endpoint struct {
|
||||||
client *http.Client
|
client *http.Client
|
||||||
|
|
|
@ -19,7 +19,7 @@ func TestEndpointParse(t *testing.T) {
|
||||||
{"0.0.0.0:5000", "https://0.0.0.0:5000/v0/"},
|
{"0.0.0.0:5000", "https://0.0.0.0:5000/v0/"},
|
||||||
}
|
}
|
||||||
for _, td := range testData {
|
for _, td := range testData {
|
||||||
e, err := newEndpoint(td.str, nil, "", nil)
|
e, err := newEndpointFromStr(td.str, nil, "", nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
t.Errorf("%q: %s", td.str, err)
|
t.Errorf("%q: %s", td.str, err)
|
||||||
}
|
}
|
||||||
|
|
|
@ -673,7 +673,7 @@ func TestNewIndexInfo(t *testing.T) {
|
||||||
func TestMirrorEndpointLookup(t *testing.T) {
|
func TestMirrorEndpointLookup(t *testing.T) {
|
||||||
containsMirror := func(endpoints []APIEndpoint) bool {
|
containsMirror := func(endpoints []APIEndpoint) bool {
|
||||||
for _, pe := range endpoints {
|
for _, pe := range endpoints {
|
||||||
if pe.URL == "my.mirror" {
|
if pe.URL.Host == "my.mirror" {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -121,7 +121,7 @@ func (s *Service) ResolveIndex(name string) (*registrytypes.IndexInfo, error) {
|
||||||
// APIEndpoint represents a remote API endpoint
|
// APIEndpoint represents a remote API endpoint
|
||||||
type APIEndpoint struct {
|
type APIEndpoint struct {
|
||||||
Mirror bool
|
Mirror bool
|
||||||
URL string
|
URL *url.URL
|
||||||
Version APIVersion
|
Version APIVersion
|
||||||
Official bool
|
Official bool
|
||||||
TrimHostname bool
|
TrimHostname bool
|
||||||
|
@ -130,7 +130,7 @@ type APIEndpoint struct {
|
||||||
|
|
||||||
// ToV1Endpoint returns a V1 API endpoint based on the APIEndpoint
|
// ToV1Endpoint returns a V1 API endpoint based on the APIEndpoint
|
||||||
func (e APIEndpoint) ToV1Endpoint(userAgent string, metaHeaders http.Header) (*Endpoint, error) {
|
func (e APIEndpoint) ToV1Endpoint(userAgent string, metaHeaders http.Header) (*Endpoint, error) {
|
||||||
return newEndpoint(e.URL, e.TLSConfig, userAgent, metaHeaders)
|
return newEndpoint(*e.URL, e.TLSConfig, userAgent, metaHeaders)
|
||||||
}
|
}
|
||||||
|
|
||||||
// TLSConfig constructs a client TLS configuration based on server defaults
|
// TLSConfig constructs a client TLS configuration based on server defaults
|
||||||
|
@ -138,11 +138,7 @@ func (s *Service) TLSConfig(hostname string) (*tls.Config, error) {
|
||||||
return newTLSConfig(hostname, isSecureIndex(s.Config, hostname))
|
return newTLSConfig(hostname, isSecureIndex(s.Config, hostname))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s *Service) tlsConfigForMirror(mirror string) (*tls.Config, error) {
|
func (s *Service) tlsConfigForMirror(mirrorURL *url.URL) (*tls.Config, error) {
|
||||||
mirrorURL, err := url.Parse(mirror)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
return s.TLSConfig(mirrorURL.Host)
|
return s.TLSConfig(mirrorURL.Host)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -2,6 +2,7 @@ package registry
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/docker/docker/reference"
|
"github.com/docker/docker/reference"
|
||||||
|
@ -36,7 +37,10 @@ func (s *Service) lookupV1Endpoints(repoName reference.Named) (endpoints []APIEn
|
||||||
|
|
||||||
endpoints = []APIEndpoint{
|
endpoints = []APIEndpoint{
|
||||||
{
|
{
|
||||||
URL: "https://" + hostname,
|
URL: &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: hostname,
|
||||||
|
},
|
||||||
Version: APIVersion1,
|
Version: APIVersion1,
|
||||||
TrimHostname: true,
|
TrimHostname: true,
|
||||||
TLSConfig: tlsConfig,
|
TLSConfig: tlsConfig,
|
||||||
|
@ -45,7 +49,10 @@ func (s *Service) lookupV1Endpoints(repoName reference.Named) (endpoints []APIEn
|
||||||
|
|
||||||
if tlsConfig.InsecureSkipVerify {
|
if tlsConfig.InsecureSkipVerify {
|
||||||
endpoints = append(endpoints, APIEndpoint{ // or this
|
endpoints = append(endpoints, APIEndpoint{ // or this
|
||||||
URL: "http://" + hostname,
|
URL: &url.URL{
|
||||||
|
Scheme: "http",
|
||||||
|
Host: hostname,
|
||||||
|
},
|
||||||
Version: APIVersion1,
|
Version: APIVersion1,
|
||||||
TrimHostname: true,
|
TrimHostname: true,
|
||||||
// used to check if supposed to be secure via InsecureSkipVerify
|
// used to check if supposed to be secure via InsecureSkipVerify
|
||||||
|
|
|
@ -2,6 +2,7 @@ package registry
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"fmt"
|
"fmt"
|
||||||
|
"net/url"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
"github.com/docker/docker/reference"
|
"github.com/docker/docker/reference"
|
||||||
|
@ -15,12 +16,19 @@ func (s *Service) lookupV2Endpoints(repoName reference.Named) (endpoints []APIEn
|
||||||
if strings.HasPrefix(nameString, DefaultNamespace+"/") {
|
if strings.HasPrefix(nameString, DefaultNamespace+"/") {
|
||||||
// v2 mirrors
|
// v2 mirrors
|
||||||
for _, mirror := range s.Config.Mirrors {
|
for _, mirror := range s.Config.Mirrors {
|
||||||
mirrorTLSConfig, err := s.tlsConfigForMirror(mirror)
|
if !strings.HasPrefix(mirror, "http://") && !strings.HasPrefix(mirror, "https://") {
|
||||||
|
mirror = "https://" + mirror
|
||||||
|
}
|
||||||
|
mirrorURL, err := url.Parse(mirror)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
mirrorTLSConfig, err := s.tlsConfigForMirror(mirrorURL)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
endpoints = append(endpoints, APIEndpoint{
|
endpoints = append(endpoints, APIEndpoint{
|
||||||
URL: mirror,
|
URL: mirrorURL,
|
||||||
// guess mirrors are v2
|
// guess mirrors are v2
|
||||||
Version: APIVersion2,
|
Version: APIVersion2,
|
||||||
Mirror: true,
|
Mirror: true,
|
||||||
|
@ -53,7 +61,10 @@ func (s *Service) lookupV2Endpoints(repoName reference.Named) (endpoints []APIEn
|
||||||
|
|
||||||
endpoints = []APIEndpoint{
|
endpoints = []APIEndpoint{
|
||||||
{
|
{
|
||||||
URL: "https://" + hostname,
|
URL: &url.URL{
|
||||||
|
Scheme: "https",
|
||||||
|
Host: hostname,
|
||||||
|
},
|
||||||
Version: APIVersion2,
|
Version: APIVersion2,
|
||||||
TrimHostname: true,
|
TrimHostname: true,
|
||||||
TLSConfig: tlsConfig,
|
TLSConfig: tlsConfig,
|
||||||
|
@ -62,7 +73,10 @@ func (s *Service) lookupV2Endpoints(repoName reference.Named) (endpoints []APIEn
|
||||||
|
|
||||||
if tlsConfig.InsecureSkipVerify {
|
if tlsConfig.InsecureSkipVerify {
|
||||||
endpoints = append(endpoints, APIEndpoint{
|
endpoints = append(endpoints, APIEndpoint{
|
||||||
URL: "http://" + hostname,
|
URL: &url.URL{
|
||||||
|
Scheme: "http",
|
||||||
|
Host: hostname,
|
||||||
|
},
|
||||||
Version: APIVersion2,
|
Version: APIVersion2,
|
||||||
TrimHostname: true,
|
TrimHostname: true,
|
||||||
// used to check if supposed to be secure via InsecureSkipVerify
|
// used to check if supposed to be secure via InsecureSkipVerify
|
||||||
|
|
Loading…
Reference in a new issue