registry: refactor registry.IsSecure calls into registry.NewEndpoint by tiborvass · Pull Request #9104 · moby/moby

tiborvass · 2014-11-11T22:43:01Z

Signed-off-by: Tibor Vass teabee89@gmail.com

Ping @dmcgowan @proppy @vbatts

proppy · 2014-11-11T22:46:56Z

registry/endpoint.go

can't see be an argument of newEndpoint?

it would mean passing that insecureRegistries down once more. Plus I made secure = true by default.

dmcgowan · 2014-11-11T22:56:30Z

registry_test.go still needs updates to the new NewEndpoint interface

./registry_test.go:24: cannot use false (type bool) as type []string in argument to NewEndpoint
./registry_test.go:36: cannot use false (type bool) as type []string in argument to NewEndpoint

vbatts · 2014-11-12T00:03:30Z

Didn't I open a PR for tests on endpoint? Or do you mean additional tests?
On Nov 11, 2014 5:56 PM, "Derek McGowan" notifications@github.com wrote:

registry_test.go still needs updates to the new NewEndpoint interface

—
Reply to this email directly or view it on GitHub
#9104 (comment).

tiborvass · 2014-11-12T01:11:29Z

@dmcgowan @vbatts @proppy Fixed it. PTAL

dmcgowan · 2014-11-12T01:50:58Z

LGTM

crosbymichael · 2014-11-12T03:02:44Z

@tiborvass this is a pure refactor right? no functional changes?

tiborvass · 2014-11-12T03:34:23Z

Mainly potential bugfix: https://github.com/docker/docker/blob/master/registry/service.go#L43
If addr has a form like the one that IndexServerAddress() returns (i.e. https://index.docker.io/v1/), then it is different from the domain:port form that IsSecure expects.

Additionally, I realized that the only places where we use IsSecure is before a call to NewEndpoint. Since we could make use of the URL parsing in newEndpoint, I thought it could be good to refactor it.

vbatts · 2014-11-12T16:07:44Z

Something I feel is missing, is a test reflecting the potential issue this fixes.

vbatts · 2014-11-12T16:27:12Z

functionality and stylistically LGTM and I expect tests to be forthcoming in another PR?

tiborvass · 2014-11-13T02:32:26Z

Rebased

Signed-off-by: Tibor Vass <teabee89@gmail.com>

tiborvass · 2014-11-13T14:03:26Z

registry/endpoint.go

actually, this won't be good. hostname now is URL.Host, not the https://index.docker.io/v1/ returned by IndexServerAddress()

tiborvass · 2014-11-13T14:14:41Z

Added a commit that fixes a bug with isSecure and IndexServerAddress().

@vbatts @dmcgowan let me know if this new commit is fine for you, or if you prefer that I parse IndexServerAddress() and make the check against someParseFunction(IndexServerAddress()).URL.Host

…ecure Signed-off-by: Tibor Vass <teabee89@gmail.com>

tiborvass · 2014-11-13T15:03:28Z

@vbatts @dmcgowan I actually did the latter, making sure that it is isSecure's responsibility to always return true for the index.

I ended up doing what @proppy initially suggested (seems like a recurring theme now :P). I'm passing insecureRegistries to newEndpoint as well.

tiborvass · 2014-11-13T17:27:37Z

Not sure if the drone error is related...

dmcgowan · 2014-11-13T19:34:39Z

LGTM

vbatts · 2014-11-13T19:59:20Z

LGTM

registry: refactor registry.IsSecure calls into registry.NewEndpoint

proppy reviewed Nov 11, 2014
View reviewed changes

tiborvass force-pushed the issecure-check-in-new-endpoint branch from 6b2e0e5 to bad12ef Compare November 11, 2014 22:49

tiborvass added this to the 1.3.2 milestone Nov 12, 2014

vbatts closed this Nov 12, 2014

vbatts reopened this Nov 12, 2014

tiborvass force-pushed the issecure-check-in-new-endpoint branch from 0d3d95f to 78e859f Compare November 13, 2014 02:32

tiborvass added 2 commits November 12, 2014 20:34

registry: refactor registry.IsSecure calls into registry.NewEndpoint

4455f51

Signed-off-by: Tibor Vass <teabee89@gmail.com>

Put mock registry address in insecureRegistries for unit tests

78e859f

Signed-off-by: Tibor Vass <teabee89@gmail.com>

tiborvass reviewed Nov 13, 2014
View reviewed changes

tiborvass force-pushed the issecure-check-in-new-endpoint branch from def5b85 to 511d981 Compare November 13, 2014 14:10

tiborvass force-pushed the issecure-check-in-new-endpoint branch 2 times, most recently from cee72d2 to fbe10c8 Compare November 13, 2014 15:00

registry: parse INDEXSERVERADDRESS into a URL for easier check in isS…

fbe10c8

…ecure Signed-off-by: Tibor Vass <teabee89@gmail.com>

tiborvass mentioned this pull request Nov 13, 2014

Add the possibility of specifying a subnet for --insecure-registry #9100

Merged

vbatts added a commit that referenced this pull request Nov 13, 2014

Merge pull request #9104 from tiborvass/issecure-check-in-new-endpoint

447a1a9

registry: refactor registry.IsSecure calls into registry.NewEndpoint

vbatts merged commit 447a1a9 into moby:master Nov 13, 2014

tiborvass deleted the issecure-check-in-new-endpoint branch July 17, 2019 00:34

Conversation

tiborvass commented Nov 11, 2014

Uh oh!

proppy Nov 11, 2014

Choose a reason for hiding this comment

Uh oh!

tiborvass Nov 11, 2014

Choose a reason for hiding this comment

Uh oh!

dmcgowan commented Nov 11, 2014

Uh oh!

vbatts commented Nov 12, 2014

Uh oh!

tiborvass commented Nov 12, 2014

Uh oh!

dmcgowan commented Nov 12, 2014

Uh oh!

crosbymichael commented Nov 12, 2014

Uh oh!

tiborvass commented Nov 12, 2014

Uh oh!

vbatts commented Nov 12, 2014

Uh oh!

vbatts commented Nov 12, 2014

Uh oh!

tiborvass commented Nov 13, 2014

Uh oh!

tiborvass Nov 13, 2014

Choose a reason for hiding this comment

Uh oh!

tiborvass commented Nov 13, 2014

Uh oh!

tiborvass commented Nov 13, 2014

Uh oh!

tiborvass commented Nov 13, 2014

Uh oh!

dmcgowan commented Nov 13, 2014

Uh oh!

vbatts commented Nov 13, 2014

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

5 participants