Browse code
Allow mirroring only for the official index
Strip authconfig from session to keep credentials from being sent to the mirror.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Derek McGowan authored on 2015/05/23 10:20:54Showing 1 changed files
| ... | ... |
@@ -60,15 +60,18 @@ func (s *TagStore) Pull(image string, tag string, imagePullConfig *ImagePullConf |
| 60 | 60 |
logName = utils.ImageReference(logName, tag) |
| 61 | 61 |
} |
| 62 | 62 |
|
| 63 |
- v2mirrorEndpoint, v2mirrorRepoInfo, err := configureV2Mirror(repoInfo.Index.Mirrors, repoInfo, s.registryService) |
|
| 64 |
- if err != nil {
|
|
| 65 |
- logrus.Errorf("Error configuring mirrors: %s", err)
|
|
| 66 |
- return err |
|
| 67 |
- } |
|
| 63 |
+ // Attempt pulling official content from a provided v2 mirror |
|
| 64 |
+ if repoInfo.Index.Official {
|
|
| 65 |
+ v2mirrorEndpoint, v2mirrorRepoInfo, err := configureV2Mirror(repoInfo, s.registryService) |
|
| 66 |
+ if err != nil {
|
|
| 67 |
+ logrus.Errorf("Error configuring mirrors: %s", err)
|
|
| 68 |
+ return err |
|
| 69 |
+ } |
|
| 68 | 70 |
|
| 69 |
- if v2mirrorEndpoint != nil {
|
|
| 70 |
- logrus.Debugf("Attempting pull from v2 mirror: %s", v2mirrorEndpoint.URL)
|
|
| 71 |
- return s.pullFromV2Mirror(v2mirrorEndpoint, v2mirrorRepoInfo, imagePullConfig, tag, sf, logName) |
|
| 71 |
+ if v2mirrorEndpoint != nil {
|
|
| 72 |
+ logrus.Debugf("Attempting pull from v2 mirror: %s", v2mirrorEndpoint.URL)
|
|
| 73 |
+ return s.pullFromV2Mirror(v2mirrorEndpoint, v2mirrorRepoInfo, imagePullConfig, tag, sf, logName) |
|
| 74 |
+ } |
|
| 72 | 75 |
} |
| 73 | 76 |
|
| 74 | 77 |
logrus.Debugf("pulling image from host %q with remote name %q", repoInfo.Index.Name, repoInfo.RemoteName)
|
| ... | ... |
@@ -133,10 +136,9 @@ func makeMirrorRepoInfo(repoInfo *registry.RepositoryInfo, mirror string) *regis |
| 133 | 133 |
return mirrorRepo |
| 134 | 134 |
} |
| 135 | 135 |
|
| 136 |
-func configureV2Mirror(mirrors []string, repoInfo *registry.RepositoryInfo, s *registry.Service) (*registry.Endpoint, *registry.RepositoryInfo, error) {
|
|
| 137 |
- if len(mirrors) > 0 {
|
|
| 138 |
- // repoInfo |
|
| 139 |
- } else {
|
|
| 136 |
+func configureV2Mirror(repoInfo *registry.RepositoryInfo, s *registry.Service) (*registry.Endpoint, *registry.RepositoryInfo, error) {
|
|
| 137 |
+ mirrors := repoInfo.Index.Mirrors |
|
| 138 |
+ if len(mirrors) == 0 && !repoInfo.Index.Official {
|
|
| 140 | 139 |
officialIndex, err := s.ResolveIndex(registry.IndexServerName()) |
| 141 | 140 |
if err != nil {
|
| 142 | 141 |
return nil, nil, err |
| ... | ... |
@@ -191,7 +193,7 @@ func (s *TagStore) pullFromV2Mirror(mirrorEndpoint *registry.Endpoint, repoInfo |
| 191 | 191 |
registry.DockerHeaders(imagePullConfig.MetaHeaders)..., |
| 192 | 192 |
) |
| 193 | 193 |
client := registry.HTTPClient(tr) |
| 194 |
- mirrorSession, err := registry.NewSession(client, imagePullConfig.AuthConfig, mirrorEndpoint) |
|
| 194 |
+ mirrorSession, err := registry.NewSession(client, &cliconfig.AuthConfig{}, mirrorEndpoint)
|
|
| 195 | 195 |
if err != nil {
|
| 196 | 196 |
return err |
| 197 | 197 |
} |