dilim/buildkit
1
0
Fork 0
mirror of https://github.com/moby/buildkit.git synced 2026-06-30 19:57:39 +00:00
Code Issues Packages Projects Releases Wiki Activity

cache: add registry.insecure option to registry exporter

Browse Source 
Signed-off-by: Justin Chadwell <me@jedevc.com>
This commit is contained in:
Justin Chadwell
2023-01-12 11:42:01 +00:00
parent 5ab03b48ac
commit d301d3709d
1 changed files with 51 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
cache/remotecache/registry/registry.go vendored
View File

@@ -15,21 +15,23 @@ import (
"github.com/moby/buildkit/util/estargz"
"github.com/moby/buildkit/util/push"
"github.com/moby/buildkit/util/resolver"
resolverconfig "github.com/moby/buildkit/util/resolver/config"
"github.com/moby/buildkit/util/resolver/limited"
digest "github.com/opencontainers/go-digest"
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
)
func canonicalizeRef(rawRef string) (string, error) {
func canonicalizeRef(rawRef string) (reference.Named, error) {
if rawRef == "" {
return "", errors.New("missing ref")
return nil, errors.New("missing ref")
}
parsed, err := reference.ParseNormalizedNamed(rawRef)
if err != nil {
return "", err
return nil, err
}
return reference.TagNameOnly(parsed).String(), nil
parsed = reference.TagNameOnly(parsed)
return parsed, nil
}
const (
@@ -38,6 +40,7 @@ const (
attrLayerCompression = "compression"
attrForceCompression = "force-compression"
attrCompressionLevel = "compression-level"
attrInsecure = "registry.insecure"
)
func ResolveCacheExporterFunc(sm *session.Manager, hosts docker.RegistryHosts) remotecache.ResolveCacheExporterFunc {
@@ -50,6 +53,7 @@ func ResolveCacheExporterFunc(sm *session.Manager, hosts docker.RegistryHosts) r
if err != nil {
return nil, err
}
refString := ref.String()
ociMediatypes := true
if v, ok := attrs[attrOCIMediatypes]; ok {
b, err := strconv.ParseBool(v)
@@ -58,12 +62,22 @@ func ResolveCacheExporterFunc(sm *session.Manager, hosts docker.RegistryHosts) r
}
ociMediatypes = b
}
remote := resolver.DefaultPool.GetResolver(hosts, ref, "push", sm, g)
pusher, err := push.Pusher(ctx, remote, ref)
insecure := false
if v, ok := attrs[attrInsecure]; ok {
b, err := strconv.ParseBool(v)
if err != nil {
return nil, errors.Wrapf(err, "failed to parse %s", attrInsecure)
}
insecure = b
}
scope, hosts := registryConfig(hosts, ref, "push", insecure)
remote := resolver.DefaultPool.GetResolver(hosts, refString, scope, sm, g)
pusher, err := push.Pusher(ctx, remote, refString)
if err != nil {
return nil, err
}
return remotecache.NewExporter(contentutil.FromPusher(pusher), ref, ociMediatypes, *compressionConfig), nil
return remotecache.NewExporter(contentutil.FromPusher(pusher), refString, ociMediatypes, *compressionConfig), nil
}
}
@@ -73,8 +87,19 @@ func ResolveCacheImporterFunc(sm *session.Manager, cs content.Store, hosts docke
if err != nil {
return nil, ocispecs.Descriptor{}, err
}
remote := resolver.DefaultPool.GetResolver(hosts, ref, "pull", sm, g)
xref, desc, err := remote.Resolve(ctx, ref)
refString := ref.String()
insecure := false
if v, ok := attrs[attrInsecure]; ok {
b, err := strconv.ParseBool(v)
if err != nil {
return nil, ocispecs.Descriptor{}, errors.Wrapf(err, "failed to parse %s", attrInsecure)
}
insecure = b
}
scope, hosts := registryConfig(hosts, ref, "pull", insecure)
remote := resolver.DefaultPool.GetResolver(hosts, refString, scope, sm, g)
xref, desc, err := remote.Resolve(ctx, refString)
if err != nil {
return nil, ocispecs.Descriptor{}, err
}
@@ -83,8 +108,8 @@ func ResolveCacheImporterFunc(sm *session.Manager, cs content.Store, hosts docke
return nil, ocispecs.Descriptor{}, err
}
src := &withDistributionSourceLabel{
Provider: contentutil.FromFetcher(limited.Default.WrapFetcher(fetcher, ref)),
ref: ref,
Provider: contentutil.FromFetcher(limited.Default.WrapFetcher(fetcher, refString)),
ref: refString,
source: cs,
}
return remotecache.NewImporter(src), desc, nil
@@ -164,3 +189,18 @@ func attrsToCompression(attrs map[string]string) (*compression.Config, error) {
}
return &compressionConfig, nil
}
func registryConfig(hosts docker.RegistryHosts, ref reference.Named, scope string, insecure bool) (string, docker.RegistryHosts) {
if insecure {
insecureTrue := true
httpTrue := true
hosts = resolver.NewRegistryConfig(map[string]resolverconfig.RegistryConfig{
reference.Domain(ref): {
Insecure: &insecureTrue,
PlainHTTP: &httpTrue,
},
})
scope += ":insecure"
}
return scope, hosts
}