Merge branch master into bump_v1.4.0

Docker-DCO-1.1-Signed-off-by: Jessica Frazelle <jess@docker.com> (github: jfrazelle)
2014-12-11 15:00:03 -08:00 · 2014-12-11 15:00:03 -08:00 · bcf8beacd4
parent 6932ad3a77 4fb344f6a0
commit bcf8beacd4
7 changed files with 98 additions and 104 deletions
--- a/docs/auth.go
+++ b/docs/auth.go
@ -126,8 +126,8 @@ func LoadConfig(rootPath string) (*ConfigFile, error) {
 				return &configFile, err
 			}
 			authConfig.Auth = ""
-			configFile.Configs[k] = authConfig
 			authConfig.ServerAddress = k
+			configFile.Configs[k] = authConfig
 		}
 	}
 	return &configFile, nil
@ -229,7 +229,7 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
 				return "", err
 			}
 			if resp.StatusCode == 200 {
-				status = "Login Succeeded"
+				return "Login Succeeded", nil
 			} else if resp.StatusCode == 401 {
 				return "", fmt.Errorf("Wrong login/password, please try again")
 			} else if resp.StatusCode == 403 {
@ -237,12 +237,11 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
 					return "", fmt.Errorf("Login: Account is not Active. Please check your e-mail for a confirmation link.")
 				}
 				return "", fmt.Errorf("Login: Account is not Active. Please see the documentation of the registry %s for instructions how to activate it.", serverAddress)
-			} else {
-				return "", fmt.Errorf("Login: %s (Code: %d; Headers: %s)", body, resp.StatusCode, resp.Header)
 			}
-		} else {
-			return "", fmt.Errorf("Registration: %s", reqBody)
+			return "", fmt.Errorf("Login: %s (Code: %d; Headers: %s)", body, resp.StatusCode, resp.Header)
 		}
+		return "", fmt.Errorf("Registration: %s", reqBody)
+
 	} else if reqStatusCode == 401 {
 		// This case would happen with private registries where /v1/users is
 		// protected, so people can use `docker login` as an auth check.
@ -258,7 +257,7 @@ func Login(authConfig *AuthConfig, factory *utils.HTTPRequestFactory) (string, e
 			return "", err
 		}
 		if resp.StatusCode == 200 {
-			status = "Login Succeeded"
+			return "Login Succeeded", nil
 		} else if resp.StatusCode == 401 {
 			return "", fmt.Errorf("Wrong login/password, please try again")
 		} else {
--- a/docs/endpoint.go
+++ b/docs/endpoint.go
@ -9,14 +9,14 @@ import (
 	"net/url"
 	"strings"

-	"github.com/docker/docker/pkg/log"
+	log "github.com/Sirupsen/logrus"
 )

 // for mocking in unit tests
 var lookupIP = net.LookupIP

 // scans string for api version in the URL path. returns the trimmed hostname, if version found, string and API version.
-func scanForApiVersion(hostname string) (string, APIVersion) {
+func scanForAPIVersion(hostname string) (string, APIVersion) {
 	var (
 		chunks        []string
 		apiVersionStr string
@ -77,7 +77,7 @@ func newEndpoint(hostname string, insecureRegistries []string) (*Endpoint, error
 	if !strings.HasPrefix(hostname, "http") {
 		hostname = "https://" + hostname
 	}
-	trimmedHostname, endpoint.Version = scanForApiVersion(hostname)
+	trimmedHostname, endpoint.Version = scanForAPIVersion(hostname)
 	endpoint.URL, err = url.Parse(trimmedHostname)
 	if err != nil {
 		return nil, err
--- a/docs/registry.go
+++ b/docs/registry.go
@ -14,7 +14,7 @@ import (
 	"strings"
 	"time"

-	"github.com/docker/docker/pkg/log"
+	log "github.com/Sirupsen/logrus"
 	"github.com/docker/docker/utils"
 )

@ -35,15 +35,16 @@ const (
 	ConnectTimeout
 )

-func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate, timeout TimeoutType, secure bool) *http.Client {
+func newClient(jar http.CookieJar, roots *x509.CertPool, certs []tls.Certificate, timeout TimeoutType, secure bool) *http.Client {
 	tlsConfig := tls.Config{
 		RootCAs: roots,
 		// Avoid fallback to SSL protocols < TLS1.0
-		MinVersion: tls.VersionTLS10,
+		MinVersion:   tls.VersionTLS10,
+		Certificates: certs,
 	}

-	if cert != nil {
-		tlsConfig.Certificates = append(tlsConfig.Certificates, *cert)
+	if !secure {
+		tlsConfig.InsecureSkipVerify = true
 	}

 	if !secure {
@ -60,7 +61,9 @@ func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate,
 	case ConnectTimeout:
 		httpTransport.Dial = func(proto string, addr string) (net.Conn, error) {
 			// Set the connect timeout to 5 seconds
-			conn, err := net.DialTimeout(proto, addr, 5*time.Second)
+			d := net.Dialer{Timeout: 5 * time.Second, DualStack: true}
+
+			conn, err := d.Dial(proto, addr)
 			if err != nil {
 				return nil, err
 			}
@ -70,7 +73,9 @@ func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate,
 		}
 	case ReceiveTimeout:
 		httpTransport.Dial = func(proto string, addr string) (net.Conn, error) {
-			conn, err := net.Dial(proto, addr)
+			d := net.Dialer{DualStack: true}
+
+			conn, err := d.Dial(proto, addr)
 			if err != nil {
 				return nil, err
 			}
@ -89,7 +94,7 @@ func newClient(jar http.CookieJar, roots *x509.CertPool, cert *tls.Certificate,
 func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType, secure bool) (*http.Response, *http.Client, error) {
 	var (
 		pool  *x509.CertPool
-		certs []*tls.Certificate
+		certs []tls.Certificate
 	)

 	if secure && req.URL.Scheme == "https" {
@ -132,7 +137,7 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType, secur
 				if err != nil {
 					return nil, nil, err
 				}
-				certs = append(certs, &cert)
+				certs = append(certs, cert)
 			}
 			if strings.HasSuffix(f.Name(), ".key") {
 				keyName := f.Name()
@ -154,16 +159,9 @@ func doRequest(req *http.Request, jar http.CookieJar, timeout TimeoutType, secur
 		return res, client, nil
 	}

-	for i, cert := range certs {
-		client := newClient(jar, pool, cert, timeout, secure)
-		res, err := client.Do(req)
-		// If this is the last cert, otherwise, continue to next cert if 403 or 5xx
-		if i == len(certs)-1 || err == nil && res.StatusCode != 403 && res.StatusCode < 500 {
-			return res, client, err
-		}
-	}
-
-	return nil, nil, nil
+	client := newClient(jar, pool, certs, timeout, secure)
+	res, err := client.Do(req)
+	return res, client, err
 }

 func validateRepositoryName(repositoryName string) error {
--- a/docs/registry_mock_test.go
+++ b/docs/registry_mock_test.go
@ -17,7 +17,7 @@ import (

 	"github.com/gorilla/mux"

-	"github.com/docker/docker/pkg/log"
+	log "github.com/Sirupsen/logrus"
 )

 var (
@ -230,8 +230,8 @@ func handlerGetImage(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	writeHeaders(w)
-	layer_size := len(layer["layer"])
-	w.Header().Add("X-Docker-Size", strconv.Itoa(layer_size))
+	layerSize := len(layer["layer"])
+	w.Header().Add("X-Docker-Size", strconv.Itoa(layerSize))
 	io.WriteString(w, layer[vars["action"]])
 }

@ -240,16 +240,16 @@ func handlerPutImage(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	vars := mux.Vars(r)
-	image_id := vars["image_id"]
+	imageID := vars["image_id"]
 	action := vars["action"]
-	layer, exists := testLayers[image_id]
+	layer, exists := testLayers[imageID]
 	if !exists {
 		if action != "json" {
 			http.NotFound(w, r)
 			return
 		}
 		layer = make(map[string]string)
-		testLayers[image_id] = layer
+		testLayers[imageID] = layer
 	}
 	if checksum := r.Header.Get("X-Docker-Checksum"); checksum != "" {
 		if checksum != layer["checksum_simple"] && checksum != layer["checksum_tarsum"] {
@ -349,9 +349,9 @@ func handlerImages(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	images := []map[string]string{}
-	for image_id, layer := range testLayers {
+	for imageID, layer := range testLayers {
 		image := make(map[string]string)
-		image["id"] = image_id
+		image["id"] = imageID
 		image["checksum"] = layer["checksum_tarsum"]
 		image["Tag"] = "latest"
 		images = append(images, image)
--- a/docs/registry_test.go
+++ b/docs/registry_test.go
@ -11,9 +11,12 @@ import (
 )

 var (
-	IMAGE_ID = "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d"
-	TOKEN    = []string{"fake-token"}
-	REPO     = "foo42/bar"
+	token = []string{"fake-token"}
+)
+
+const (
+	imageID = "42d718c941f5c532ac049bf0b0ab53f0062f09a03afd4aa4a02c098e46032b9d"
+	REPO    = "foo42/bar"
 )

 func spawnTestRegistrySession(t *testing.T) *Session {
@ -43,27 +46,27 @@ func TestPingRegistryEndpoint(t *testing.T) {

 func TestGetRemoteHistory(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	hist, err := r.GetRemoteHistory(IMAGE_ID, makeURL("/v1/"), TOKEN)
+	hist, err := r.GetRemoteHistory(imageID, makeURL("/v1/"), token)
 	if err != nil {
 		t.Fatal(err)
 	}
 	assertEqual(t, len(hist), 2, "Expected 2 images in history")
-	assertEqual(t, hist[0], IMAGE_ID, "Expected "+IMAGE_ID+"as first ancestry")
+	assertEqual(t, hist[0], imageID, "Expected "+imageID+"as first ancestry")
 	assertEqual(t, hist[1], "77dbf71da1d00e3fbddc480176eac8994025630c6590d11cfc8fe1209c2a1d20",
 		"Unexpected second ancestry")
 }

 func TestLookupRemoteImage(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	found := r.LookupRemoteImage(IMAGE_ID, makeURL("/v1/"), TOKEN)
+	found := r.LookupRemoteImage(imageID, makeURL("/v1/"), token)
 	assertEqual(t, found, true, "Expected remote lookup to succeed")
-	found = r.LookupRemoteImage("abcdef", makeURL("/v1/"), TOKEN)
+	found = r.LookupRemoteImage("abcdef", makeURL("/v1/"), token)
 	assertEqual(t, found, false, "Expected remote lookup to fail")
 }

 func TestGetRemoteImageJSON(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	json, size, err := r.GetRemoteImageJSON(IMAGE_ID, makeURL("/v1/"), TOKEN)
+	json, size, err := r.GetRemoteImageJSON(imageID, makeURL("/v1/"), token)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -72,7 +75,7 @@ func TestGetRemoteImageJSON(t *testing.T) {
 		t.Fatal("Expected non-empty json")
 	}

-	_, _, err = r.GetRemoteImageJSON("abcdef", makeURL("/v1/"), TOKEN)
+	_, _, err = r.GetRemoteImageJSON("abcdef", makeURL("/v1/"), token)
 	if err == nil {
 		t.Fatal("Expected image not found error")
 	}
@ -80,7 +83,7 @@ func TestGetRemoteImageJSON(t *testing.T) {

 func TestGetRemoteImageLayer(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	data, err := r.GetRemoteImageLayer(IMAGE_ID, makeURL("/v1/"), TOKEN, 0)
+	data, err := r.GetRemoteImageLayer(imageID, makeURL("/v1/"), token, 0)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -88,7 +91,7 @@ func TestGetRemoteImageLayer(t *testing.T) {
 		t.Fatal("Expected non-nil data result")
 	}

-	_, err = r.GetRemoteImageLayer("abcdef", makeURL("/v1/"), TOKEN, 0)
+	_, err = r.GetRemoteImageLayer("abcdef", makeURL("/v1/"), token, 0)
 	if err == nil {
 		t.Fatal("Expected image not found error")
 	}
@ -96,14 +99,14 @@ func TestGetRemoteImageLayer(t *testing.T) {

 func TestGetRemoteTags(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	tags, err := r.GetRemoteTags([]string{makeURL("/v1/")}, REPO, TOKEN)
+	tags, err := r.GetRemoteTags([]string{makeURL("/v1/")}, REPO, token)
 	if err != nil {
 		t.Fatal(err)
 	}
 	assertEqual(t, len(tags), 1, "Expected one tag")
-	assertEqual(t, tags["latest"], IMAGE_ID, "Expected tag latest to map to "+IMAGE_ID)
+	assertEqual(t, tags["latest"], imageID, "Expected tag latest to map to "+imageID)

-	_, err = r.GetRemoteTags([]string{makeURL("/v1/")}, "foo42/baz", TOKEN)
+	_, err = r.GetRemoteTags([]string{makeURL("/v1/")}, "foo42/baz", token)
 	if err == nil {
 		t.Fatal("Expected error when fetching tags for bogus repo")
 	}
@ -111,11 +114,11 @@ func TestGetRemoteTags(t *testing.T) {

 func TestGetRepositoryData(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	parsedUrl, err := url.Parse(makeURL("/v1/"))
+	parsedURL, err := url.Parse(makeURL("/v1/"))
 	if err != nil {
 		t.Fatal(err)
 	}
-	host := "http://" + parsedUrl.Host + "/v1/"
+	host := "http://" + parsedURL.Host + "/v1/"
 	data, err := r.GetRepositoryData("foo42/bar")
 	if err != nil {
 		t.Fatal(err)
@ -137,7 +140,7 @@ func TestPushImageJSONRegistry(t *testing.T) {
 		Checksum: "sha256:1ac330d56e05eef6d438586545ceff7550d3bdcb6b19961f12c5ba714ee1bb37",
 	}

-	err := r.PushImageJSONRegistry(imgData, []byte{0x42, 0xdf, 0x0}, makeURL("/v1/"), TOKEN)
+	err := r.PushImageJSONRegistry(imgData, []byte{0x42, 0xdf, 0x0}, makeURL("/v1/"), token)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -146,7 +149,7 @@ func TestPushImageJSONRegistry(t *testing.T) {
 func TestPushImageLayerRegistry(t *testing.T) {
 	r := spawnTestRegistrySession(t)
 	layer := strings.NewReader("")
-	_, _, err := r.PushImageLayerRegistry(IMAGE_ID, layer, makeURL("/v1/"), TOKEN, []byte{})
+	_, _, err := r.PushImageLayerRegistry(imageID, layer, makeURL("/v1/"), token, []byte{})
 	if err != nil {
 		t.Fatal(err)
 	}
@ -180,7 +183,7 @@ func TestResolveRepositoryName(t *testing.T) {

 func TestPushRegistryTag(t *testing.T) {
 	r := spawnTestRegistrySession(t)
-	err := r.PushRegistryTag("foo42/bar", IMAGE_ID, "stable", makeURL("/v1/"), TOKEN)
+	err := r.PushRegistryTag("foo42/bar", imageID, "stable", makeURL("/v1/"), token)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/docs/session.go
+++ b/docs/session.go
@ -3,6 +3,7 @@ package registry
 import (
 	"bytes"
 	"crypto/sha256"
+	// this is required for some certificates
 	_ "crypto/sha512"
 	"encoding/hex"
 	"encoding/json"
@ -16,8 +17,8 @@ import (
 	"strings"
 	"time"

+	log "github.com/Sirupsen/logrus"
 	"github.com/docker/docker/pkg/httputils"
-	"github.com/docker/docker/pkg/log"
 	"github.com/docker/docker/pkg/tarsum"
 	"github.com/docker/docker/utils"
 )
@ -229,11 +230,7 @@ func (r *Session) GetRemoteTags(registries []string, repository string, token []
 		}

 		result := make(map[string]string)
-		rawJSON, err := ioutil.ReadAll(res.Body)
-		if err != nil {
-			return nil, err
-		}
-		if err := json.Unmarshal(rawJSON, &result); err != nil {
+		if err := json.NewDecoder(res.Body).Decode(&result); err != nil {
 			return nil, err
 		}
 		return result, nil
@ -243,11 +240,11 @@ func (r *Session) GetRemoteTags(registries []string, repository string, token []

 func buildEndpointsList(headers []string, indexEp string) ([]string, error) {
 	var endpoints []string
-	parsedUrl, err := url.Parse(indexEp)
+	parsedURL, err := url.Parse(indexEp)
 	if err != nil {
 		return nil, err
 	}
-	var urlScheme = parsedUrl.Scheme
+	var urlScheme = parsedURL.Scheme
 	// The Registry's URL scheme has to match the Index'
 	for _, ep := range headers {
 		epList := strings.Split(ep, ",")
@ -304,12 +301,8 @@ func (r *Session) GetRepositoryData(remote string) (*RepositoryData, error) {
 		endpoints = append(endpoints, fmt.Sprintf("%s://%s/v1/", r.indexEndpoint.URL.Scheme, req.URL.Host))
 	}

-	checksumsJSON, err := ioutil.ReadAll(res.Body)
-	if err != nil {
-		return nil, err
-	}
 	remoteChecksums := []*ImgData{}
-	if err := json.Unmarshal(checksumsJSON, &remoteChecksums); err != nil {
+	if err := json.NewDecoder(res.Body).Decode(&remoteChecksums); err != nil {
 		return nil, err
 	}

@ -469,7 +462,6 @@ func (r *Session) PushRegistryTag(remote, revision, tag, registry string, token

 func (r *Session) PushImageJSONIndex(remote string, imgList []*ImgData, validate bool, regs []string) (*RepositoryData, error) {
 	cleanImgList := []*ImgData{}
-
 	if validate {
 		for _, elem := range imgList {
 			if elem.Checksum != "" {
@ -491,43 +483,28 @@ func (r *Session) PushImageJSONIndex(remote string, imgList []*ImgData, validate
 	u := fmt.Sprintf("%srepositories/%s/%s", r.indexEndpoint.VersionString(1), remote, suffix)
 	log.Debugf("[registry] PUT %s", u)
 	log.Debugf("Image list pushed to index:\n%s", imgListJSON)
-	req, err := r.reqFactory.NewRequest("PUT", u, bytes.NewReader(imgListJSON))
-	if err != nil {
-		return nil, err
+	headers := map[string][]string{
+		"Content-type":   {"application/json"},
+		"X-Docker-Token": {"true"},
 	}
-	req.Header.Add("Content-type", "application/json")
-	req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
-	req.ContentLength = int64(len(imgListJSON))
-	req.Header.Set("X-Docker-Token", "true")
 	if validate {
-		req.Header["X-Docker-Endpoints"] = regs
+		headers["X-Docker-Endpoints"] = regs
 	}

-	res, _, err := r.doRequest(req)
-	if err != nil {
-		return nil, err
-	}
-	defer res.Body.Close()
-
 	// Redirect if necessary
-	for res.StatusCode >= 300 && res.StatusCode < 400 {
-		log.Debugf("Redirected to %s", res.Header.Get("Location"))
-		req, err = r.reqFactory.NewRequest("PUT", res.Header.Get("Location"), bytes.NewReader(imgListJSON))
-		if err != nil {
+	var res *http.Response
+	for {
+		if res, err = r.putImageRequest(u, headers, imgListJSON); err != nil {
 			return nil, err
 		}
-		req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
-		req.ContentLength = int64(len(imgListJSON))
-		req.Header.Set("X-Docker-Token", "true")
-		if validate {
-			req.Header["X-Docker-Endpoints"] = regs
+		if !shouldRedirect(res) {
+			break
 		}
-		res, _, err := r.doRequest(req)
-		if err != nil {
-			return nil, err
-		}
-		defer res.Body.Close()
+		res.Body.Close()
+		u = res.Header.Get("Location")
+		log.Debugf("Redirected to %s", u)
 	}
+	defer res.Body.Close()

 	var tokens, endpoints []string
 	if !validate {
@ -570,6 +547,27 @@ func (r *Session) PushImageJSONIndex(remote string, imgList []*ImgData, validate
 	}, nil
 }

+func (r *Session) putImageRequest(u string, headers map[string][]string, body []byte) (*http.Response, error) {
+	req, err := r.reqFactory.NewRequest("PUT", u, bytes.NewReader(body))
+	if err != nil {
+		return nil, err
+	}
+	req.SetBasicAuth(r.authConfig.Username, r.authConfig.Password)
+	req.ContentLength = int64(len(body))
+	for k, v := range headers {
+		req.Header[k] = v
+	}
+	response, _, err := r.doRequest(req)
+	if err != nil {
+		return nil, err
+	}
+	return response, nil
+}
+
+func shouldRedirect(response *http.Response) bool {
+	return response.StatusCode >= 300 && response.StatusCode < 400
+}
+
 func (r *Session) SearchRepositories(term string) (*SearchResults, error) {
 	log.Debugf("Index server: %s", r.indexEndpoint)
 	u := r.indexEndpoint.VersionString(1) + "search?q=" + url.QueryEscape(term)
@ -589,12 +587,8 @@ func (r *Session) SearchRepositories(term string) (*SearchResults, error) {
 	if res.StatusCode != 200 {
 		return nil, utils.NewHTTPRequestError(fmt.Sprintf("Unexepected status code %d", res.StatusCode), res)
 	}
-	rawData, err := ioutil.ReadAll(res.Body)
-	if err != nil {
-		return nil, err
-	}
 	result := new(SearchResults)
-	err = json.Unmarshal(rawData, result)
+	err = json.NewDecoder(res.Body).Decode(result)
 	return result, err
 }

--- a/docs/session_v2.go
+++ b/docs/session_v2.go
@ -8,7 +8,7 @@ import (
 	"net/url"
 	"strconv"

-	"github.com/docker/docker/pkg/log"
+	log "github.com/Sirupsen/logrus"
 	"github.com/docker/docker/utils"
 	"github.com/gorilla/mux"
 )