Improve reference validation#18586
Conversation
There was a problem hiding this comment.
I like how Association is in the same package as the other reference types now.
f730401 to
1ec7ea2
Compare
There was a problem hiding this comment.
Should the comment call it a reference store?
1ec7ea2 to
7563385
Compare
There was a problem hiding this comment.
This comment doesn't seem to be true. If there's no hostname, it returns the default index name.
This seems to be the main difference from distreference.SplitHostname, besides the extra validation, and it looks like the reason ParseNamed uses distreference.SplitHostname instead of this version.
I feel this function should be renamed to something else so it doesn't get confused with the other version, and to make it clearer it's doing more than just splitting on a hostname boundary.
Perhaps IndexAndRemoteName?
|
Thanks for doing all this cleanup. It's a big improvement. |
|
I'll attempt a version with a custom definition for |
7563385 to
500e9a7
Compare
|
Updated with a new interface for PTAL |
There was a problem hiding this comment.
Use reference.WithDefaultTag instead, and remove the switch?
|
I like these changes. Noted a few small things, but I think this is getting very close. One thing I was wondering about is whether it makes sense to store the string that was originally parsed, and provide a method to access this. This might be useful for error messages where we want to echo back the exact reference the user supplied, not a normalized form. But if it's okay for error messages to use the normalized version, I guess there's no reason to do this. |
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Fixes moby#18093 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
0ecd28a to
eeb2d4c
Compare
|
LGTM |
1 similar comment
|
LGTM |
Improve reference validation
|
Thank you @tonistiigi @aaronlehmann @dmcgowan ! |
|
The whole point of the |
There was a problem hiding this comment.
This explanation seems incorrect and diverges from reference package.
There was a problem hiding this comment.
Why would this be anything but the actual name? I don't understand why we would have FullName and this. The existence of the two doesn't make sense.
There was a problem hiding this comment.
There used to be a ParseRepositoryInfo function that would generate the different forms of the name that were needed for different purposes (i.e. ubuntu, library/ubuntu, index.docker.io/library/ubuntu). This PR makes it so that a reference can expose any of these forms using methods. The old code made it very easy to accidentally pass the wrong kind of reference to a function expecting a certain form - for example passing ubuntu to something that wants library/ubuntu. IMHO this change makes things a lot cleaner by preventing that kind of mistake.
There was a problem hiding this comment.
So, we can normalize the reference then return this with a RemoteName package function. Anywhere where it might expect library/ubuntu, just call RemoteName to do get the expected prefix. (arguably, RemoteName should be Basename).
|
It seems like we needed to have a |
|
@stevvooe: With a few exceptions that could move upstream, the code here is specific to the daemon. For example, IMHO we want to avoid pushing special cases for I don't see this as a fork of |
|
@aaronlehmann This is a fork. We are no longer using the same types, parsing functions and combinators. We are no longer using the |
There was a problem hiding this comment.
Okay, so we spent all that time creating a grammar for image names. This needs to be flowed upstream. The distribution/reference package is supposed to be a one stop shop for correct image naming.
Rather than fork, we have no upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. We also restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type. This makes it easier to assert that a reference is not something. We'll still need to remove the forking from the PR above to get this fully there. There may also be some missing additions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have no upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. We also restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type. This makes it easier to assert that a reference is not something. We'll still need to remove the forking from the PR above to get this fully there. There may also be some missing additions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have no upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. We also restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type. This makes it easier to assert that a reference is not something. We'll still need to remove the forking from the PR above to get this fully there. There may also be some missing additions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have now upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. While did attempt to restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type, we ran into issues with the usage in the main docker project. We will re-examine this approach in the future. This change will be followed up with some other additions from the daemon. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have now upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. While did attempt to restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type, we ran into issues with the usage in the main docker project. We will re-examine this approach in the future. This change will be followed up with some other additions from the daemon. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have now upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. While did attempt to restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type, we ran into issues with the usage in the main docker project. We will re-examine this approach in the future. This change will be followed up with some other additions from the daemon. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have now upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. While did attempt to restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type, we ran into issues with the usage in the main docker project. We will re-examine this approach in the future. This change will be followed up with some other additions from the daemon. Signed-off-by: Stephen J Day <stephen.day@docker.com>
Rather than fork, we have now upstreamed some of the additions required in moby/moby#18586. Of upmost importance is the addition of a useful WithName function. While did attempt to restrict Reference implementations to being from the reference package, making Reference a proper algebraic data type, we ran into issues with the usage in the main docker project. We will re-examine this approach in the future. This change will be followed up with some other additions from the daemon. Signed-off-by: Stephen J Day <stephen.day@docker.com>
#17924 added a reference package from
docker/distributionthat improved validation of tags and repository names a lot. There were still some cases left that needed docker specific handling for the references.This PR adds a wrapper around
distribution/referencethat adds the docker specific functionality. This includes forbidding 64-byte hex as repo name, specific rules for detecting hostname, detection of optional default hostnames, handling references with both tag and digest and support for conversion between normalized and canonical reference forms. There is no need to remember(and forget in many places) calling validation methods for these anymore, as they all built in to parse function.I've also cleaned up the type switches for different reference types that become easier now and made error messages more verbose(fixes #18093). After this, the need to use
RepositoryInfostruct should be much lower as you can always turn any reference to any other form.I recommend reviewing by commit. Most changes are in the first commit, but they are all simple replacements from moving package and easy to follow.
@aaronlehmann