Merge pull request #14829 from RichardScothern/registry-tls
Configure TLS for private v2 registry mirrors.
This commit is contained in:
commit
549e64205f
@ -6,6 +6,7 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/http"
|
"net/http"
|
||||||
|
"net/url"
|
||||||
"os"
|
"os"
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
"strings"
|
"strings"
|
||||||
@ -161,19 +162,31 @@ func (s *Service) TlsConfig(hostname string) (*tls.Config, error) {
|
|||||||
return &tlsConfig, nil
|
return &tlsConfig, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (s *Service) tlsConfigForMirror(mirror string) (*tls.Config, error) {
|
||||||
|
mirrorUrl, err := url.Parse(mirror)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
return s.TlsConfig(mirrorUrl.Host)
|
||||||
|
}
|
||||||
|
|
||||||
func (s *Service) LookupEndpoints(repoName string) (endpoints []APIEndpoint, err error) {
|
func (s *Service) LookupEndpoints(repoName string) (endpoints []APIEndpoint, err error) {
|
||||||
var cfg = tlsconfig.ServerDefault
|
var cfg = tlsconfig.ServerDefault
|
||||||
tlsConfig := &cfg
|
tlsConfig := &cfg
|
||||||
if strings.HasPrefix(repoName, DEFAULT_NAMESPACE+"/") {
|
if strings.HasPrefix(repoName, DEFAULT_NAMESPACE+"/") {
|
||||||
// v2 mirrors
|
// v2 mirrors
|
||||||
for _, mirror := range s.Config.Mirrors {
|
for _, mirror := range s.Config.Mirrors {
|
||||||
|
mirrorTlsConfig, err := s.tlsConfigForMirror(mirror)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
endpoints = append(endpoints, APIEndpoint{
|
endpoints = append(endpoints, APIEndpoint{
|
||||||
URL: mirror,
|
URL: mirror,
|
||||||
// guess mirrors are v2
|
// guess mirrors are v2
|
||||||
Version: APIVersion2,
|
Version: APIVersion2,
|
||||||
Mirror: true,
|
Mirror: true,
|
||||||
TrimHostname: true,
|
TrimHostname: true,
|
||||||
TLSConfig: tlsConfig,
|
TLSConfig: mirrorTlsConfig,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
// v2 registry
|
// v2 registry
|
||||||
@ -184,18 +197,6 @@ func (s *Service) LookupEndpoints(repoName string) (endpoints []APIEndpoint, err
|
|||||||
TrimHostname: true,
|
TrimHostname: true,
|
||||||
TLSConfig: tlsConfig,
|
TLSConfig: tlsConfig,
|
||||||
})
|
})
|
||||||
// v1 mirrors
|
|
||||||
// TODO(tiborvass): shouldn't we remove v1 mirrors from here, since v1 mirrors are kinda special?
|
|
||||||
for _, mirror := range s.Config.Mirrors {
|
|
||||||
endpoints = append(endpoints, APIEndpoint{
|
|
||||||
URL: mirror,
|
|
||||||
// guess mirrors are v1
|
|
||||||
Version: APIVersion1,
|
|
||||||
Mirror: true,
|
|
||||||
TrimHostname: true,
|
|
||||||
TLSConfig: tlsConfig,
|
|
||||||
})
|
|
||||||
}
|
|
||||||
// v1 registry
|
// v1 registry
|
||||||
endpoints = append(endpoints, APIEndpoint{
|
endpoints = append(endpoints, APIEndpoint{
|
||||||
URL: DEFAULT_V1_REGISTRY,
|
URL: DEFAULT_V1_REGISTRY,
|
||||||
|
Loading…
Reference in New Issue
Block a user