tyler.durden/compose
1
0
Fork 0
mirror of https://github.com/docker/compose.git synced 2025-07-26 15:14:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

Don't use "info.IndexServerAddress" for authentication

Browse Source 
The IndexServerAddress field was  as part of the initial Windows implementation
of the engine. For legal reasons, Microsoft Windows (and thus Docker images
based on Windows) were not allowed to be distributed through non-Microsoft
infrastructure. As a temporary solution, a dedicated "registry-win-tp3.docker.io"
registry was created to serve Windows images.

Using separate registries was not an ideal solution, and a more permanent
solution was created by introducing "foreign image layers" in the distribution
spec, after which the "registry-win-tp3.docker.io" ceased to exist, and
removed from the engine.

This replaces the code that calls out to the "/info" endpoint to use the
GetAuthConfigKey() function instead.

Related PR in docker/cli:
b4ca1c7368

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2023-04-11 23:08:33 +02:00
parent a4af5e229d
commit 1892be8c70
No known key found for this signature in database
GPG Key ID: 76698F39D527CE8C
2 changed files with 8 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
pkg/compose/compose.go
View File

@ -123,12 +123,8 @@ func getContainerNameWithoutProject(c moby.Container) string {
func (s *composeService) Config(ctx context.Context, project *types.Project, options api.ConfigOptions) ([]byte, error) { func (s *composeService) Config(ctx context.Context, project *types.Project, options api.ConfigOptions) ([]byte, error) {
if options.ResolveImageDigests { if options.ResolveImageDigests {
info, err := s.apiClient().Info(ctx) err := project.ResolveImages(func(named reference.Named) (digest.Digest, error) {
if err != nil { auth, err := encodedAuth(named, s.configFile())
return nil, err
}
err = project.ResolveImages(func(named reference.Named) (digest.Digest, error) {
auth, err := encodedAuth(named, info, s.configFile())
if err != nil { if err != nil {
return "", err return "", err
} }

34
pkg/compose/pull.go
View File

@ -48,15 +48,6 @@ func (s *composeService) Pull(ctx context.Context, project *types.Project, optio
} }
func (s *composeService) pull(ctx context.Context, project *types.Project, opts api.PullOptions) error { //nolint:gocyclo func (s *composeService) pull(ctx context.Context, project *types.Project, opts api.PullOptions) error { //nolint:gocyclo
info, err := s.apiClient().Info(ctx)
if err != nil {
return err
}
if info.IndexServerAddress == "" {
info.IndexServerAddress = registry.IndexServer
}
images, err := s.getLocalImagesDigests(ctx, project) images, err := s.getLocalImagesDigests(ctx, project)
if err != nil { if err != nil {
return err return err
@ -123,7 +114,7 @@ func (s *composeService) pull(ctx context.Context, project *types.Project, opts
imagesBeingPulled[service.Image] = service.Name imagesBeingPulled[service.Image] = service.Name
eg.Go(func() error { eg.Go(func() error {
_, err := s.pullServiceImage(ctx, service, info, s.configFile(), w, false, project.Environment["DOCKER_DEFAULT_PLATFORM"]) _, err := s.pullServiceImage(ctx, service, s.configFile(), w, false, project.Environment["DOCKER_DEFAULT_PLATFORM"])
if err != nil { if err != nil {
pullErrors[i] = err pullErrors[i] = err
if service.Build != nil { if service.Build != nil {
@ -173,7 +164,7 @@ func imageAlreadyPresent(serviceImage string, localImages map[string]string) boo
return ok && tagged.Tag() != "latest" return ok && tagged.Tag() != "latest"
} }
func (s *composeService) pullServiceImage(ctx context.Context, service types.ServiceConfig, info moby.Info, func (s *composeService) pullServiceImage(ctx context.Context, service types.ServiceConfig,
configFile driver.Auth, w progress.Writer, quietPull bool, defaultPlatform string) (string, error) { configFile driver.Auth, w progress.Writer, quietPull bool, defaultPlatform string) (string, error) {
w.Event(progress.Event{ w.Event(progress.Event{
ID: service.Name, ID: service.Name,
@ -185,7 +176,7 @@ func (s *composeService) pullServiceImage(ctx context.Context, service types.Ser
return "", err return "", err
} }
encodedAuth, err := encodedAuth(ref, info, configFile) encodedAuth, err := encodedAuth(ref, configFile)
if err != nil { if err != nil {
return "", err return "", err
} }
@ -249,17 +240,13 @@ func (s *composeService) pullServiceImage(ctx context.Context, service types.Ser
return inspected.ID, nil return inspected.ID, nil
} }
func encodedAuth(ref reference.Named, info moby.Info, configFile driver.Auth) (string, error) { func encodedAuth(ref reference.Named, configFile driver.Auth) (string, error) {
repoInfo, err := registry.ParseRepositoryInfo(ref) repoInfo, err := registry.ParseRepositoryInfo(ref)
if err != nil { if err != nil {
return "", err return "", err
} }
key := repoInfo.Index.Name key := registry.GetAuthConfigKey(repoInfo.Index)
if repoInfo.Index.Official {
key = info.IndexServerAddress
}
authConfig, err := configFile.GetAuthConfig(key) authConfig, err := configFile.GetAuthConfig(key)
if err != nil { if err != nil {
return "", err return "", err
@ -273,15 +260,6 @@ func encodedAuth(ref reference.Named, info moby.Info, configFile driver.Auth) (s
} }
func (s *composeService) pullRequiredImages(ctx context.Context, project *types.Project, images map[string]string, quietPull bool) error { func (s *composeService) pullRequiredImages(ctx context.Context, project *types.Project, images map[string]string, quietPull bool) error {
info, err := s.apiClient().Info(ctx)
if err != nil {
return err
}
if info.IndexServerAddress == "" {
info.IndexServerAddress = registry.IndexServer
}
var needPull []types.ServiceConfig var needPull []types.ServiceConfig
for _, service := range project.Services { for _, service := range project.Services {
if service.Image == "" { if service.Image == "" {
@ -311,7 +289,7 @@ func (s *composeService) pullRequiredImages(ctx context.Context, project *types.
for i, service := range needPull { for i, service := range needPull {
i, service := i, service i, service := i, service
eg.Go(func() error { eg.Go(func() error {
id, err := s.pullServiceImage(ctx, service, info, s.configFile(), w, quietPull, project.Environment["DOCKER_DEFAULT_PLATFORM"]) id, err := s.pullServiceImage(ctx, service, s.configFile(), w, quietPull, project.Environment["DOCKER_DEFAULT_PLATFORM"])
pulledImages[i] = id pulledImages[i] = id
if err != nil && isServiceImageToBuild(service, project.Services) { if err != nil && isServiceImageToBuild(service, project.Services) {
// image can be built, so we can ignore pull failure // image can be built, so we can ignore pull failure