mirror of
https://github.com/genuinetools/reg.git
synced 2024-05-20 12:08:33 -04:00
Allow for non-SSL access (#15)
* Allow for non-SSL access * Reuqire --insecure option to use http protocol * Fixed lint error * Added --force-non-ssl option. Also moved check to allow handling of docker config
This commit is contained in:
parent
827d869f0c
commit
a02ddc8cd4
|
@ -40,6 +40,7 @@ COMMANDS:
|
|||
GLOBAL OPTIONS:
|
||||
--debug, -d run in debug mode
|
||||
--insecure, -k do not verify tls certificates
|
||||
--force-non-ssl, -F force allow use of non-ssl
|
||||
--username value, -u value username for the registry
|
||||
--password value, -p value password for the registry
|
||||
--registry value, -r value URL to the private registry (ex. r.j3ss.co)
|
||||
|
|
9
main.go
9
main.go
|
@ -45,6 +45,11 @@ func preload(c *cli.Context) (err error) {
|
|||
return err
|
||||
}
|
||||
|
||||
// Prevent non-ssl unless explicitly forced
|
||||
if !c.GlobalBool("force-non-ssl") && strings.HasPrefix(auth.ServerAddress, "http:") {
|
||||
return fmt.Errorf("Attempt to use insecure protocol! Use non-ssl option to force")
|
||||
}
|
||||
|
||||
// create the registry client
|
||||
if c.GlobalBool("insecure") {
|
||||
r, err = registry.NewInsecure(auth, c.GlobalBool("debug"))
|
||||
|
@ -80,6 +85,10 @@ func main() {
|
|||
Name: "insecure, k",
|
||||
Usage: "do not verify tls certificates",
|
||||
},
|
||||
cli.BoolFlag{
|
||||
Name: "force-non-ssl, f",
|
||||
Usage: "force allow use of non-ssl",
|
||||
},
|
||||
cli.StringFlag{
|
||||
Name: "username, u",
|
||||
Usage: "username for the registry",
|
||||
|
|
|
@ -6,6 +6,7 @@ import (
|
|||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/docker/docker/api/types"
|
||||
|
@ -21,6 +22,8 @@ type Registry struct {
|
|||
Logf LogfCallback
|
||||
}
|
||||
|
||||
var reProtocol = regexp.MustCompile("^https?://")
|
||||
|
||||
// LogfCallback is the callback for formatting logs.
|
||||
type LogfCallback func(format string, args ...interface{})
|
||||
|
||||
|
@ -52,7 +55,12 @@ func NewInsecure(auth types.AuthConfig, debug bool) (*Registry, error) {
|
|||
}
|
||||
|
||||
func newFromTransport(auth types.AuthConfig, transport http.RoundTripper, debug bool) (*Registry, error) {
|
||||
url := "https://" + strings.TrimPrefix(strings.TrimSuffix(auth.ServerAddress, "/"), "https://")
|
||||
url := strings.TrimSuffix(auth.ServerAddress, "/")
|
||||
|
||||
if !reProtocol.MatchString(url) {
|
||||
url = "https://" + url
|
||||
}
|
||||
|
||||
tokenTransport := &TokenTransport{
|
||||
Transport: transport,
|
||||
Username: auth.Username,
|
||||
|
@ -76,7 +84,7 @@ func newFromTransport(auth types.AuthConfig, transport http.RoundTripper, debug
|
|||
|
||||
registry := &Registry{
|
||||
URL: url,
|
||||
Domain: strings.TrimPrefix(url, "https://"),
|
||||
Domain: reProtocol.ReplaceAllString(url, ""),
|
||||
Client: &http.Client{
|
||||
Transport: errorTransport,
|
||||
},
|
||||
|
|
Loading…
Reference in a new issue