Skip to content

Commit 7bd7285

Browse files
authored
Merge pull request moby#3501 from jedevc/cache-registry-insecure-attr
Add registry.insecure option to registry exporter
2 parents fa1e802 + d301d37 commit 7bd7285

File tree

1 file changed

+51
-11
lines changed

1 file changed

+51
-11
lines changed

cache/remotecache/registry/registry.go

Lines changed: 51 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -15,21 +15,23 @@ import (
1515
"github.com/moby/buildkit/util/estargz"
1616
"github.com/moby/buildkit/util/push"
1717
"github.com/moby/buildkit/util/resolver"
18+
resolverconfig "github.com/moby/buildkit/util/resolver/config"
1819
"github.com/moby/buildkit/util/resolver/limited"
1920
digest "github.com/opencontainers/go-digest"
2021
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
2122
"github.com/pkg/errors"
2223
)
2324

24-
func canonicalizeRef(rawRef string) (string, error) {
25+
func canonicalizeRef(rawRef string) (reference.Named, error) {
2526
if rawRef == "" {
26-
return "", errors.New("missing ref")
27+
return nil, errors.New("missing ref")
2728
}
2829
parsed, err := reference.ParseNormalizedNamed(rawRef)
2930
if err != nil {
30-
return "", err
31+
return nil, err
3132
}
32-
return reference.TagNameOnly(parsed).String(), nil
33+
parsed = reference.TagNameOnly(parsed)
34+
return parsed, nil
3335
}
3436

3537
const (
@@ -38,6 +40,7 @@ const (
3840
attrLayerCompression = "compression"
3941
attrForceCompression = "force-compression"
4042
attrCompressionLevel = "compression-level"
43+
attrInsecure = "registry.insecure"
4144
)
4245

4346
func ResolveCacheExporterFunc(sm *session.Manager, hosts docker.RegistryHosts) remotecache.ResolveCacheExporterFunc {
@@ -50,6 +53,7 @@ func ResolveCacheExporterFunc(sm *session.Manager, hosts docker.RegistryHosts) r
5053
if err != nil {
5154
return nil, err
5255
}
56+
refString := ref.String()
5357
ociMediatypes := true
5458
if v, ok := attrs[attrOCIMediatypes]; ok {
5559
b, err := strconv.ParseBool(v)
@@ -58,12 +62,22 @@ func ResolveCacheExporterFunc(sm *session.Manager, hosts docker.RegistryHosts) r
5862
}
5963
ociMediatypes = b
6064
}
61-
remote := resolver.DefaultPool.GetResolver(hosts, ref, "push", sm, g)
62-
pusher, err := push.Pusher(ctx, remote, ref)
65+
insecure := false
66+
if v, ok := attrs[attrInsecure]; ok {
67+
b, err := strconv.ParseBool(v)
68+
if err != nil {
69+
return nil, errors.Wrapf(err, "failed to parse %s", attrInsecure)
70+
}
71+
insecure = b
72+
}
73+
74+
scope, hosts := registryConfig(hosts, ref, "push", insecure)
75+
remote := resolver.DefaultPool.GetResolver(hosts, refString, scope, sm, g)
76+
pusher, err := push.Pusher(ctx, remote, refString)
6377
if err != nil {
6478
return nil, err
6579
}
66-
return remotecache.NewExporter(contentutil.FromPusher(pusher), ref, ociMediatypes, *compressionConfig), nil
80+
return remotecache.NewExporter(contentutil.FromPusher(pusher), refString, ociMediatypes, *compressionConfig), nil
6781
}
6882
}
6983

@@ -73,8 +87,19 @@ func ResolveCacheImporterFunc(sm *session.Manager, cs content.Store, hosts docke
7387
if err != nil {
7488
return nil, ocispecs.Descriptor{}, err
7589
}
76-
remote := resolver.DefaultPool.GetResolver(hosts, ref, "pull", sm, g)
77-
xref, desc, err := remote.Resolve(ctx, ref)
90+
refString := ref.String()
91+
insecure := false
92+
if v, ok := attrs[attrInsecure]; ok {
93+
b, err := strconv.ParseBool(v)
94+
if err != nil {
95+
return nil, ocispecs.Descriptor{}, errors.Wrapf(err, "failed to parse %s", attrInsecure)
96+
}
97+
insecure = b
98+
}
99+
100+
scope, hosts := registryConfig(hosts, ref, "pull", insecure)
101+
remote := resolver.DefaultPool.GetResolver(hosts, refString, scope, sm, g)
102+
xref, desc, err := remote.Resolve(ctx, refString)
78103
if err != nil {
79104
return nil, ocispecs.Descriptor{}, err
80105
}
@@ -83,8 +108,8 @@ func ResolveCacheImporterFunc(sm *session.Manager, cs content.Store, hosts docke
83108
return nil, ocispecs.Descriptor{}, err
84109
}
85110
src := &withDistributionSourceLabel{
86-
Provider: contentutil.FromFetcher(limited.Default.WrapFetcher(fetcher, ref)),
87-
ref: ref,
111+
Provider: contentutil.FromFetcher(limited.Default.WrapFetcher(fetcher, refString)),
112+
ref: refString,
88113
source: cs,
89114
}
90115
return remotecache.NewImporter(src), desc, nil
@@ -164,3 +189,18 @@ func attrsToCompression(attrs map[string]string) (*compression.Config, error) {
164189
}
165190
return &compressionConfig, nil
166191
}
192+
193+
func registryConfig(hosts docker.RegistryHosts, ref reference.Named, scope string, insecure bool) (string, docker.RegistryHosts) {
194+
if insecure {
195+
insecureTrue := true
196+
httpTrue := true
197+
hosts = resolver.NewRegistryConfig(map[string]resolverconfig.RegistryConfig{
198+
reference.Domain(ref): {
199+
Insecure: &insecureTrue,
200+
PlainHTTP: &httpTrue,
201+
},
202+
})
203+
scope += ":insecure"
204+
}
205+
return scope, hosts
206+
}

0 commit comments

Comments
 (0)