Documentation ¶
Overview ¶
Package registry contains client primitives to interact with a remote Docker registry.
Index ¶
- Constants
- Variables
- func AuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) http.RoundTripper
- func DockerHeaders(userAgent string, metaHeaders http.Header) []transport.RequestModifier
- func GetAuthConfigKey(index *registrytypes.IndexInfo) string
- func HTTPClient(transport http.RoundTripper) *http.Client
- func NewTransport(tlsConfig *tls.Config) *http.Transport
- func ParseSearchIndexInfo(reposName string) (*registrytypes.IndexInfo, error)
- func PingV2Registry(endpoint APIEndpoint, transport http.RoundTripper) (auth.ChallengeManager, bool, error)
- func ReadCertsDirectory(tlsConfig *tls.Config, directory string) error
- func ResolveAuthConfig(authConfigs map[string]types.AuthConfig, index *registrytypes.IndexInfo) types.AuthConfig
- func ValidateIndexName(val string) (string, error)
- func ValidateMirror(val string) (string, error)
- type APIEndpoint
- type APIVersion
- type DefaultService
- func (s *DefaultService) Auth(ctx context.Context, authConfig *types.AuthConfig, userAgent string) (status, token string, err error)
- func (s *DefaultService) LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error)
- func (s *DefaultService) LookupPushEndpoints(hostname string) (endpoints []APIEndpoint, err error)
- func (s *DefaultService) ResolveIndex(name string) (*registrytypes.IndexInfo, error)
- func (s *DefaultService) ResolveRepository(name reference.Named) (*RepositoryInfo, error)
- func (s *DefaultService) Search(ctx context.Context, term string, authConfig *types.AuthConfig, ...) (*registrytypes.SearchResults, error)
- func (s *DefaultService) ServiceConfig() *registrytypes.ServiceConfig
- func (s *DefaultService) TLSConfig(hostname string) (*tls.Config, error)
- type ImgData
- type PingResponseError
- type PingResult
- type Reference
- type RepositoryData
- type RepositoryInfo
- type Service
- type ServiceOptions
- type Session
- func (r *Session) GetAuthConfig(withPasswd bool) *types.AuthConfig
- func (r *Session) GetRemoteHistory(imgID, registry string) ([]string, error)
- func (r *Session) GetRemoteImageJSON(imgID, registry string) ([]byte, int64, error)
- func (r *Session) GetRemoteImageLayer(imgID, registry string, imgSize int64) (io.ReadCloser, error)
- func (r *Session) GetRemoteTag(registries []string, repositoryRef reference.Named, askedTag string) (string, error)
- func (r *Session) GetRemoteTags(registries []string, repositoryRef reference.Named) (map[string]string, error)
- func (r *Session) GetRepositoryData(name reference.Named) (*RepositoryData, error)
- func (r *Session) ID() string
- func (r *Session) LookupRemoteImage(imgID, registry string) error
- func (r *Session) PushImageChecksumRegistry(imgData *ImgData, registry string) error
- func (r *Session) PushImageJSONIndex(remote reference.Named, imgList []*ImgData, validate bool, regs []string) (*RepositoryData, error)
- func (r *Session) PushImageJSONRegistry(imgData *ImgData, jsonRaw []byte, registry string) error
- func (r *Session) PushImageLayerRegistry(imgID string, layer io.Reader, registry string, jsonRaw []byte) (checksum string, checksumPayload string, err error)
- func (r *Session) PushRegistryTag(remote reference.Named, revision, tag, registry string) error
- func (r *Session) SearchRepositories(term string) (*registrytypes.SearchResults, error)
- type V1Endpoint
Constants ¶
const (
// AuthClientID is used the ClientID used for the token server
AuthClientID = "docker"
)
Variables ¶
var ( // DefaultNamespace is the default namespace DefaultNamespace = "docker.io" // DefaultRegistryVersionHeader is the name of the default HTTP header // that carries Registry version info DefaultRegistryVersionHeader = "Docker-Distribution-Api-Version" // IndexServer is the v1 registry server used for user auth + account creation IndexServer = DefaultV1Registry.String() + "/v1/" // IndexName is the name of the index IndexName = "docker.io" // NotaryServer is the endpoint serving the Notary trust server NotaryServer = "https://notary.docker.io" // DefaultV1Registry is the URI of the default v1 registry DefaultV1Registry = &url.URL{ Scheme: "https", Host: "index.docker.io", } // DefaultV2Registry is the URI of the default v2 registry DefaultV2Registry = &url.URL{ Scheme: "https", Host: "registry-1.docker.io", } )
var (
// CertsDir is the directory where certificates are stored
CertsDir = "/etc/docker/certs.d"
)
var ( // ErrAlreadyExists is an error returned if an image being pushed // already exists on the remote side ErrAlreadyExists = errors.New("Image already exists") )
var ( // ErrInvalidRepositoryName is an error returned if the repository name did // not have the correct form ErrInvalidRepositoryName = errors.New("Invalid repository name (ex: \"registry.domain.tld/myrepos\")") )
var ( // ErrRepoNotFound is returned if the repository didn't exist on the // remote side ErrRepoNotFound = errors.New("Repository not found") )
Functions ¶
func AuthTransport ¶
func AuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) http.RoundTripper
AuthTransport handles the auth layer when communicating with a v1 registry (private or official)
For private v1 registries, set alwaysSetBasicAuth to true.
For the official v1 registry, if there isn't already an Authorization header in the request, but there is an X-Docker-Token header set to true, then Basic Auth will be used to set the Authorization header. After sending the request with the provided base http.RoundTripper, if an X-Docker-Token header, representing a token, is present in the response, then it gets cached and sent in the Authorization header of all subsequent requests.
If the server sends a token without the client having requested it, it is ignored.
This RoundTripper also has a CancelRequest method important for correct timeout handling.
func DockerHeaders ¶
func DockerHeaders(userAgent string, metaHeaders http.Header) []transport.RequestModifier
DockerHeaders returns request modifiers with a User-Agent and metaHeaders
func GetAuthConfigKey ¶
func GetAuthConfigKey(index *registrytypes.IndexInfo) string
GetAuthConfigKey special-cases using the full index address of the official index as the AuthConfig key, and uses the (host)name[:port] for private indexes.
func HTTPClient ¶
func HTTPClient(transport http.RoundTripper) *http.Client
HTTPClient returns a HTTP client structure which uses the given transport and contains the necessary headers for redirected requests
func NewTransport ¶
NewTransport returns a new HTTP transport. If tlsConfig is nil, it uses the default TLS configuration.
func ParseSearchIndexInfo ¶
func ParseSearchIndexInfo(reposName string) (*registrytypes.IndexInfo, error)
ParseSearchIndexInfo will use repository name to get back an indexInfo.
func PingV2Registry ¶
func PingV2Registry(endpoint APIEndpoint, transport http.RoundTripper) (auth.ChallengeManager, bool, error)
PingV2Registry attempts to ping a v2 registry and on success return a challenge manager for the supported authentication types and whether v2 was confirmed by the response. If a response is received but cannot be interpreted a PingResponseError will be returned.
func ReadCertsDirectory ¶
ReadCertsDirectory reads the directory for TLS certificates including roots and certificate pairs and updates the provided TLS configuration.
func ResolveAuthConfig ¶
func ResolveAuthConfig(authConfigs map[string]types.AuthConfig, index *registrytypes.IndexInfo) types.AuthConfig
ResolveAuthConfig matches an auth configuration to a server address or a URL
func ValidateIndexName ¶
ValidateIndexName validates an index name.
func ValidateMirror ¶
ValidateMirror validates an HTTP(S) registry mirror
Types ¶
type APIEndpoint ¶
type APIEndpoint struct { Mirror bool URL *url.URL Version APIVersion Official bool TrimHostname bool TLSConfig *tls.Config }
APIEndpoint represents a remote API endpoint
func (APIEndpoint) ToV1Endpoint ¶
func (e APIEndpoint) ToV1Endpoint(userAgent string, metaHeaders http.Header) (*V1Endpoint, error)
ToV1Endpoint returns a V1 API endpoint based on the APIEndpoint
type APIVersion ¶
type APIVersion int
APIVersion is an integral representation of an API version (presently either 1 or 2)
const ( APIVersion1 APIVersion = iota APIVersion2 )
API Version identifiers.
func (APIVersion) String ¶
func (av APIVersion) String() string
type DefaultService ¶
type DefaultService struct {
// contains filtered or unexported fields
}
DefaultService is a registry service. It tracks configuration data such as a list of mirrors.
func NewService ¶
func NewService(options ServiceOptions) *DefaultService
NewService returns a new instance of DefaultService ready to be installed into an engine.
func (*DefaultService) Auth ¶
func (s *DefaultService) Auth(ctx context.Context, authConfig *types.AuthConfig, userAgent string) (status, token string, err error)
Auth contacts the public registry with the provided credentials, and returns OK if authentication was successful. It can be used to verify the validity of a client's credentials.
func (*DefaultService) LookupPullEndpoints ¶
func (s *DefaultService) LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error)
LookupPullEndpoints creates a list of endpoints to try to pull from, in order of preference. It gives preference to v2 endpoints over v1, mirrors over the actual registry, and HTTPS over plain HTTP.
func (*DefaultService) LookupPushEndpoints ¶
func (s *DefaultService) LookupPushEndpoints(hostname string) (endpoints []APIEndpoint, err error)
LookupPushEndpoints creates a list of endpoints to try to push to, in order of preference. It gives preference to v2 endpoints over v1, and HTTPS over plain HTTP. Mirrors are not included.
func (*DefaultService) ResolveIndex ¶
func (s *DefaultService) ResolveIndex(name string) (*registrytypes.IndexInfo, error)
ResolveIndex takes indexName and returns index info
func (*DefaultService) ResolveRepository ¶
func (s *DefaultService) ResolveRepository(name reference.Named) (*RepositoryInfo, error)
ResolveRepository splits a repository name into its components and configuration of the associated registry.
func (*DefaultService) Search ¶
func (s *DefaultService) Search(ctx context.Context, term string, authConfig *types.AuthConfig, userAgent string, headers map[string][]string) (*registrytypes.SearchResults, error)
Search queries the public registry for images matching the specified search terms, and returns the results.
func (*DefaultService) ServiceConfig ¶
func (s *DefaultService) ServiceConfig() *registrytypes.ServiceConfig
ServiceConfig returns the public registry service configuration.
type ImgData ¶
type ImgData struct { // ID is an opaque string that identifies the image ID string `json:"id"` Checksum string `json:"checksum,omitempty"` ChecksumPayload string `json:"-"` Tag string `json:",omitempty"` }
ImgData is used to transfer image checksums to and from the registry
type PingResponseError ¶
type PingResponseError struct {
Err error
}
PingResponseError is used when the response from a ping was received but invalid.
func (PingResponseError) Error ¶
func (err PingResponseError) Error() string
type PingResult ¶
type PingResult struct { // Version is the registry version supplied by the registry in a HTTP // header Version string `json:"version"` // Standalone is set to true if the registry indicates it is a // standalone registry in the X-Docker-Registry-Standalone // header Standalone bool `json:"standalone"` }
PingResult contains the information returned when pinging a registry. It indicates the registry's version and whether the registry claims to be a standalone registry.
type Reference ¶
type Reference interface { // HasDigest returns whether the reference has a verifiable // content addressable reference which may be considered secure. HasDigest() bool // ImageName returns an image name for the given repository ImageName(string) string // Returns a string representation of the reference String() string }
Reference represents a tag or digest within a repository
func DigestReference ¶
DigestReference creates a digest reference using a digest
func ParseReference ¶
ParseReference parses a reference into either a digest or tag reference
type RepositoryData ¶
type RepositoryData struct { // ImgList is a list of images in the repository ImgList map[string]*ImgData // Endpoints is a list of endpoints returned in X-Docker-Endpoints Endpoints []string // Tokens is currently unused (remove it?) Tokens []string }
RepositoryData tracks the image list, list of endpoints, and list of tokens for a repository
type RepositoryInfo ¶
type RepositoryInfo struct { reference.Named // Index points to registry information Index *registrytypes.IndexInfo // Official indicates whether the repository is considered official. // If the registry is official, and the normalized name does not // contain a '/' (e.g. "foo"), then it is considered an official repo. Official bool }
RepositoryInfo describes a repository
func ParseRepositoryInfo ¶
func ParseRepositoryInfo(reposName reference.Named) (*RepositoryInfo, error)
ParseRepositoryInfo performs the breakdown of a repository name into a RepositoryInfo, but lacks registry configuration.
type Service ¶
type Service interface { Auth(ctx context.Context, authConfig *types.AuthConfig, userAgent string) (status, token string, err error) LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error) LookupPushEndpoints(hostname string) (endpoints []APIEndpoint, err error) ResolveRepository(name reference.Named) (*RepositoryInfo, error) ResolveIndex(name string) (*registrytypes.IndexInfo, error) Search(ctx context.Context, term string, authConfig *types.AuthConfig, userAgent string, headers map[string][]string) (*registrytypes.SearchResults, error) ServiceConfig() *registrytypes.ServiceConfig TLSConfig(hostname string) (*tls.Config, error) }
Service is the interface defining what a registry service should implement.
type ServiceOptions ¶
type ServiceOptions struct { Mirrors []string `json:"registry-mirrors,omitempty"` InsecureRegistries []string `json:"insecure-registries,omitempty"` // V2Only controls access to legacy registries. If it is set to true via the // command line flag the daemon will not attempt to contact v1 legacy registries V2Only bool `json:"disable-legacy-registry,omitempty"` }
ServiceOptions holds command line options.
func (*ServiceOptions) InstallCliFlags ¶
func (options *ServiceOptions) InstallCliFlags(cmd *flag.FlagSet, usageFn func(string) string)
InstallCliFlags adds command-line options to the top-level flag parser for the current process.
type Session ¶
type Session struct {
// contains filtered or unexported fields
}
A Session is used to communicate with a V1 registry
func NewSession ¶
func NewSession(client *http.Client, authConfig *types.AuthConfig, endpoint *V1Endpoint) (r *Session, err error)
NewSession creates a new session TODO(tiborvass): remove authConfig param once registry client v2 is vendored
func (*Session) GetAuthConfig ¶
func (r *Session) GetAuthConfig(withPasswd bool) *types.AuthConfig
GetAuthConfig returns the authentication settings for a session TODO(tiborvass): remove this once registry client v2 is vendored
func (*Session) GetRemoteHistory ¶
GetRemoteHistory retrieves the history of a given image from the registry. It returns a list of the parent's JSON files (including the requested image).
func (*Session) GetRemoteImageJSON ¶
GetRemoteImageJSON retrieves an image's JSON metadata from the registry.
func (*Session) GetRemoteImageLayer ¶
GetRemoteImageLayer retrieves an image layer from the registry
func (*Session) GetRemoteTag ¶
func (r *Session) GetRemoteTag(registries []string, repositoryRef reference.Named, askedTag string) (string, error)
GetRemoteTag retrieves the tag named in the askedTag argument from the given repository. It queries each of the registries supplied in the registries argument, and returns data from the first one that answers the query successfully.
func (*Session) GetRemoteTags ¶
func (r *Session) GetRemoteTags(registries []string, repositoryRef reference.Named) (map[string]string, error)
GetRemoteTags retrieves all tags from the given repository. It queries each of the registries supplied in the registries argument, and returns data from the first one that answers the query successfully. It returns a map with tag names as the keys and image IDs as the values.
func (*Session) GetRepositoryData ¶
func (r *Session) GetRepositoryData(name reference.Named) (*RepositoryData, error)
GetRepositoryData returns lists of images and endpoints for the repository
func (*Session) LookupRemoteImage ¶
LookupRemoteImage checks if an image exists in the registry
func (*Session) PushImageChecksumRegistry ¶
PushImageChecksumRegistry uploads checksums for an image
func (*Session) PushImageJSONIndex ¶
func (r *Session) PushImageJSONIndex(remote reference.Named, imgList []*ImgData, validate bool, regs []string) (*RepositoryData, error)
PushImageJSONIndex uploads an image list to the repository
func (*Session) PushImageJSONRegistry ¶
PushImageJSONRegistry pushes JSON metadata for a local image to the registry
func (*Session) PushImageLayerRegistry ¶
func (r *Session) PushImageLayerRegistry(imgID string, layer io.Reader, registry string, jsonRaw []byte) (checksum string, checksumPayload string, err error)
PushImageLayerRegistry sends the checksum of an image layer to the registry
func (*Session) PushRegistryTag ¶
PushRegistryTag pushes a tag on the registry. Remote has the format '<user>/<repo>
func (*Session) SearchRepositories ¶
func (r *Session) SearchRepositories(term string) (*registrytypes.SearchResults, error)
SearchRepositories performs a search against the remote repository
type V1Endpoint ¶
V1Endpoint stores basic information about a V1 registry endpoint.
func NewV1Endpoint ¶
func NewV1Endpoint(index *registrytypes.IndexInfo, userAgent string, metaHeaders http.Header) (*V1Endpoint, error)
NewV1Endpoint parses the given address to return a registry endpoint.
func (*V1Endpoint) Path ¶
func (e *V1Endpoint) Path(path string) string
Path returns a formatted string for the URL of this endpoint with the given path appended.
func (*V1Endpoint) Ping ¶
func (e *V1Endpoint) Ping() (PingResult, error)
Ping returns a PingResult which indicates whether the registry is standalone or not.
func (*V1Endpoint) String ¶
func (e *V1Endpoint) String() string
Get the formatted URL for the root of this registry Endpoint