The kid value can have an arbitrary format according JOSE specification, but Docker distribution expects a specific format (libtrust fingerprint) to work. This is not written in the documentation so far and is only mentioned in the libtrust source code itself.
Signed-off-by: Fabio Huser <fabio@fh1.ch>
The schema2 manifest builder fills in this part of the manifest based on
the descriptor it gets back from BlobIngester's Put method. It passes
the correct media type to Put, but Put ends up replacing this value with
application/octet-stream in its return value.
This commit works around the issue in the manifest builder. Arguably Put
should not be changing the media type in its return value, but this
commit is a targeted fix to keep it very low-risk for possible inclusion
in Docker 1.11.
Fixes#1621 (but maybe we should open a separate issue for the media
type behavior in the distribution client, and the unnecessary stat).
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
Use registry example from golem repository.
Use the golem test runner for the docker integration environment
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Add link to the official list of $GOOS and $GOARCH values and correct
values that were incorrectly listed in the spec examples.
Docker-DCO-1.1-Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>
Using $GOPATH/bin/godep or $GOPATH/bin/golint is problematic because
$GOPATH can contain multiple colon-separated paths.
We should just run these like normal binaries. The user should make sure
their $PATH contains $GOPATH/bin, if necessary. This is part of normal
Go setup.
Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
If a schema 1 manifest is uploaded with the `disablesignaturestore` option set
to true, then no signatures will exist. Handle this case.
If a schema 1 manifest is pushed, deleted, garbage collected and pushed again, the
repository will contain signature links from the first version, but the blobs will
not exist. Disable the signature store in the garbage-collect command so
signatures are not fetched.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>
In 326c3a9c49, which was only intended to
be a refactoring commit, the behavior of this block subtly changed so
that unknown types of errors would be swallowed instead of propagated.
I noticed this while investigating an error similar to #1539 aka
docker/docker#21290. It appears that during GetContent() for a
hashstate, the Swift proxy produces an error. Since this error was
silently swallowed, an empty []byte is used to restart the hash, then
producing the digest of the empty string instead of the layer's digest.
This PR will not fix the issue, but it should make the actual error more
visible by propagating it into `blobWriter#resumeDigest' and
'blobWriter#validateBlob', respectively.
Signed-off-by: Stefan Majewsky <stefan.majewsky@sap.com>
This commit adds context-specific documentation on StorageDriver,
StorageDriverFactory, and the factory’s Register func, explaining how
the internal registration mechanism should be used.
This documentation follows from the thread starting at
https://github.com/deis/builder/pull/262/files#r56720200.
cc/ @stevvooe
Signed-off-by: Aaron Schlesinger <aschlesinger@deis.com>
Seconds to minutes as per code
Correction per Derek
Clarifying failure case
Signed-off-by: Mary Anthony <mary@docker.com>
Clarifying failure case
Signed-off-by: Mary Anthony <mary@docker.com>
Now that we've tagged a release candidate, we can now say all builds are
"2.4.0+unknown" if the makefile is not used.
Signed-off-by: Richard Scothern <richard.scothern@docker.com>