Commit graph

2338 commits

Author SHA1 Message Date
Stephen Day
7dc8d4a26b Merge pull request #789 from aaronlehmann/tls-settings
Change server TLS config to tighten security
2015-07-30 18:11:53 -07:00
Stephen Day
ba5ab723ad Merge pull request #792 from stevvooe/uuid-package-improvements
UUID package improvements
2015-07-30 18:10:25 -07:00
Stephen Day
4cc4d440f6 Merge pull request #798 from aaronlehmann/example-config-uploadpurging-2
Fix earlier commit to enable upload purging in example config file
2015-07-30 17:42:48 -07:00
Aaron Lehmann
a3acd3a0ba Fix earlier commit to enable upload purging in example config file
Rather than setting this to "true", the whole section should be removed.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 17:32:35 -07:00
Olivier Gambier
8199962098 Merge pull request #796 from aaronlehmann/example-config-uploadpurging
Enable upload purging in example configuration file
2015-07-30 17:20:14 -07:00
Aaron Lehmann
4f69ca2c07 Enable upload purging in example configuration file
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 17:08:01 -07:00
Stephen Day
7e4b740763 Merge pull request #795 from aaronlehmann/config-file-names
Rename dev-config.yml and example-config.yml to config-dev.yml and config-example.yml
2015-07-30 16:41:14 -07:00
Aaron Lehmann
6c2ef78aa7 Rename dev-config.yml and example-config.yml to config-dev.yml and config-example.yml
Better for sort order.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 15:51:50 -07:00
Aaron Lehmann
1368e2ac53 Change run_multiversion.sh to get Docker engine versions from dind container
This is much better than downloading the builds with curl, because
Docker is intelligent about only pulling what it needs.

We use tagged versions of dind for the released version, and dind-master
for a master build.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 15:39:19 -07:00
Aaron Lehmann
e564231f58 Run integration tests with multiple Docker engine versions
Add a run_multiversion.sh script that downloads a variety of Docker
engines and runs the integration tests against each of them.

Skip some of the tests when running with Docker 1.6.0. It has a bug that
prevents these tests from completing successfully.

Fixes #751

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 15:39:19 -07:00
Stephen Day
0304ab09cf Merge pull request #793 from aaronlehmann/preserve-config-mountpoint
Copy dev-config.yml to config.yml at image build time
2015-07-30 14:54:08 -07:00
Aaron Lehmann
2619eee69b Copy dev-config.yml to config.yml at image build time
This preserves the previously documented mountpoint for the
configuration file.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 14:41:17 -07:00
Stephen Day
2b74c46795 Merge pull request #791 from stevvooe/add-double-domain-image-name
Add image name tests around hostnames
2015-07-30 14:35:27 -07:00
Stephen Day
ad1b7d8f35 Merge pull request #740 from stevvooe/disable-storage-redirects
Allow disabling of storage driver redirects
2015-07-30 14:28:31 -07:00
Stephen J Day
2c9ab4f441 Only enable uuid generation warning when using registry handlers
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-30 14:27:07 -07:00
Stephen J Day
bb5466245c Add image name tests around hostnames
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-30 14:26:21 -07:00
Stephen J Day
c737d19235 Move context once to instanceContext from global scope
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-30 13:59:44 -07:00
Richard Scothern
7eabb7800e Merge pull request #790 from aaronlehmann/config-files
Sample config file changes
2015-07-30 13:20:43 -07:00
Aaron Lehmann
f0c5284d2d Sample config file changes
Rename config.yml to dev-config.yml

Add example-config.yml, a simple configuration file for the official
This was originally made for the the distribution-library-image repo,
but is being moved here to make sure it stays in sync.

Update Dockerfile and docs for the rename.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 12:14:39 -07:00
Aaron Lehmann
dc5869de0b Change server TLS config to tighen security
Change the minimum TLS version to TLS 1.0, and add a custom list of
ciphersuites which are thought to be the most secure options.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 11:37:39 -07:00
Richard Scothern
cc7439bc38 Merge pull request #787 from dave-tucker/bug/672
Fix dead links in configuration.md
2015-07-30 10:07:27 -07:00
Dave Tucker
9348141616 Fix dead links in configuration.md
Fixes #672

Signed-off-by: Dave Tucker <dt@docker.com>
2015-07-30 17:56:04 +01:00
Darren Shepherd
6086124485 Lazy initialize UUID for Background context
Fixes #782

Signed-off-by: Darren Shepherd <darren@rancher.com>
2015-07-30 09:47:12 -07:00
Stephen Day
9038e48c3b Merge pull request #609 from RichardScothern/single-log-line
Log a single line when a response completes.
2015-07-29 17:52:13 -07:00
Richard Scothern
54f7e5d54b When a request completes ensure only one log line is printed which
includes the http response.

When debugging non-successful registry requests this will place
the error details and http status fields in the same log line
giving easier visibility to what error occured in the request.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-07-29 16:52:47 -07:00
Stephen Day
b6ec2f2b10 Merge pull request #780 from aaronlehmann/automatic-secret
Automatically generate a HTTP secret if none is provided
2015-07-29 14:41:28 -07:00
Aaron Lehmann
70d9a9d543 Automatically generate a HTTP secret if none is provided
Log a warning if the registry generates its own secret.

Update configuration doc, and remove the default secret from the
development config file.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-29 14:28:56 -07:00
Richard Scothern
01e6dde2fd Merge pull request #774 from aaronlehmann/api-test-fix
Fix for api_test.go
2015-07-28 11:28:35 -07:00
Stephen Day
a0f7b3ae3c Merge pull request #771 from icecrime/uuid_preserve_random_bytes
Reduce consumption of entropy source
2015-07-28 11:09:50 -07:00
Aaron Lehmann
73702a8707 Fix for api_test.go
This passed in the #744 before merge, but apparently the test changed
since the PR was created in ways that led to a new failures.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-28 10:59:11 -07:00
Arnaud Porterie
c4d69174ee Reduce consumption of entropy source
The UUID generation retries multiple times to read a full UUID, but
preserves any bytes of entropy he successfully managed to read between
retries.

Signed-off-by: Arnaud Porterie <arnaud.porterie@docker.com>
2015-07-28 10:56:20 -07:00
Derek McGowan
0355c3026c Merge pull request #744 from aaronlehmann/manifest-put-response-code
Manifest PUT should return 201 Created
2015-07-28 10:42:54 -07:00
Aaron Lehmann
cd87b3d70f Merge pull request #766 from dmcgowan/fix-integration-tests
[contrib/docker-integration] Update has digest test in scripts
2015-07-27 18:38:09 -07:00
Derek McGowan
9efc11ac9d Update has digest test in scripts
Make has_digest function more robust for testing 1.8 and newer

Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
2015-07-27 18:32:02 -07:00
Olivier Gambier
e833456266 Merge pull request #750 from aaronlehmann/response-code-tolerance
Make the registry client more tolerant about HTTP status codes
2015-07-26 00:59:29 -07:00
Olivier Gambier
549a3921a4 Merge pull request #752 from stevvooe/add-missing-ampersands
Correctly generate URL examples specifications
2015-07-24 22:05:22 -07:00
Stephen J Day
dcbf2967fd Correctly generate URL examples specifications
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-24 19:00:25 -07:00
Stephen J Day
9f9a7f230b Allow disabling of starage driver redirects
Storage drivers can implement a method called URLFor which can return a direct
url for a given path. The functionality allows the registry to direct clients
to download content directly from the backend storage. This is commonly used
with s3 and cloudfront. Under certain conditions, such as when the registry is
not local to the backend, these redirects can hurt performance and waste
incoming bandwidth on pulls. This feature addition allows one to disable this
feature, if required.

Signed-off-by: Stephen J Day <stephen.day@docker.com>

Conflicts:
	configuration/configuration.go
	registry/handlers/app.go
	registry/storage/catalog_test.go
	registry/storage/manifeststore_test.go
	registry/storage/registry.go
2015-07-24 16:59:35 -07:00
Aaron Lehmann
be404d7557 Make the registry client more tolerant about HTTP status codes
Generally, all 2xx and 3xx codes should be treated as success.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-24 16:14:04 -07:00
Stephen Day
060465882b Merge pull request #736 from stevvooe/authorization-interface-cleanup
Authorization interface cleanup
2015-07-24 15:39:49 -07:00
Stephen Day
b49d77a42f Merge pull request #739 from stevvooe/etags-must-be-quoted
Etags must be quoted according to http spec
2015-07-24 15:08:27 -07:00
Richard Scothern
94548b858f Merge pull request #746 from squarism/master
fix json parse error on Godeps
2015-07-24 14:57:39 -07:00
Chris Dillon
63dcebab71 fix json parse error on Godeps
Signed-off-by: Chris Dillon <squarism@gmail.com>
2015-07-24 14:14:16 -07:00
Stephen Day
6572667c25 Merge pull request #745 from docker/revert-737-patch-1
Revert "Fix typo"
2015-07-24 13:28:43 -07:00
Stephen Day
d1dfac4b98 Revert "Fix typo" 2015-07-24 13:28:10 -07:00
Stephen J Day
338e645f20 Etags must be quoted according to http spec
Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-24 13:07:38 -07:00
Stephen Day
9e9e9a2859 Merge pull request #677 from RichardScothern/soft-delete-remove-links
Manifest and layer soft deletion
2015-07-24 13:02:36 -07:00
Aaron Lehmann
cf32056218 Manifest PUT should return 201 Created
Change handler, update descriptors table, regenerate API spec, and
update test.

Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-24 12:58:16 -07:00
Olivier Gambier
d7fb111442 Merge pull request #733 from dv/patch-1
Update authentication.md
2015-07-24 10:59:02 -07:00
Richard
9c1dd69439 Manifest and layer soft deletion.
Implement the delete API by implementing soft delete for layers
and blobs by removing link files and updating the blob descriptor
cache.  Deletion is configurable - if it is disabled API calls
will return an unsupported error.

We invalidate the blob descriptor cache by changing the linkedBlobStore's
blobStatter to a blobDescriptorService and naming it blobAccessController.

Delete() is added throughout the relevant API to support this functionality.

Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-07-24 09:57:20 -07:00