Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow oci_push to use plain HTTP for a specific host. #57

Closed
wants to merge 1 commit into from
Closed
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions go/cmd/ocitool/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,9 @@ var app = &cli.App{
&cli.StringFlag{
Name: "parent-tag",
},
&cli.StringFlag{
Name: "plain-http-host",
},
&cli.GenericFlag{
Name: "headers",
Value: &flagutil.KeyValueFlag{},
Expand Down
4 changes: 3 additions & 1 deletion go/cmd/ocitool/push_cmd.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,9 @@ func PushCmd(c *cli.Context) error {
headers["X-Meta-"+k] = v
}

resolver := ociutil.ResolverWithHeaders(headers)
plainHTTPHost := c.String("plain-http-host")

resolver := ociutil.ResolverWithHeaders(headers, plainHTTPHost)

ref := c.String("target-ref")

Expand Down
6 changes: 5 additions & 1 deletion go/pkg/credhelper/docker.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ func seedAuthHeaders(host docker.RegistryHost) error {
return nil
}

func RegistryHostsFromDockerConfig() docker.RegistryHosts {
func RegistryHostsFromDockerConfig(plainHTTPHost string) docker.RegistryHosts {
return func(host string) ([]docker.RegistryHost, error) {
// FIXME This should be cached somewhere
cfg, err := ReadHostDockerConfig()
Expand All @@ -119,6 +119,10 @@ func RegistryHostsFromDockerConfig() docker.RegistryHosts {
Capabilities: docker.HostCapabilityPull | docker.HostCapabilityResolve | docker.HostCapabilityPush,
}

if plainHTTPHost != "" && host == plainHTTPHost {
registryHost.Scheme = "http"
}

helperName, ok := cfg.CredentialHelpers[host]
if !ok {
// If no credential helper is specified, fall back on the default behavior.
Expand Down
10 changes: 5 additions & 5 deletions go/pkg/ociutil/push.go
Original file line number Diff line number Diff line change
Expand Up @@ -24,23 +24,23 @@ import (
// DefaultResolver returns a resolver with credential helper auth and ocitool
// extensions.
func DefaultResolver() Resolver {
return newResolver(nil)
return newResolver(nil, "")
}

// ResolverWithHeaders returns a resolver with credential helper auth and ocitool
// extensions.
func ResolverWithHeaders(headers map[string]string) Resolver {
return newResolver(headers)
func ResolverWithHeaders(headers map[string]string, plainHTTPHost string) Resolver {
return newResolver(headers, plainHTTPHost)
}

func newResolver(headers map[string]string) Resolver {
func newResolver(headers map[string]string, plainHTTPHost string) Resolver {
hdrs := http.Header{}
for k, v := range headers {
hdrs.Add(k, v)
}

hosts := docker.Registries(
credhelper.RegistryHostsFromDockerConfig(),
credhelper.RegistryHostsFromDockerConfig(plainHTTPHost),
// Support for Docker Hub
docker.ConfigureDefaultRegistries(),
)
Expand Down
7 changes: 7 additions & 0 deletions oci/push.bzl
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ def _oci_push_impl(ctx):
--desc {desc} \\
--target-ref {ref} \\
--parent-tag \"{tag}\" \\
--plain-http-host \"{plain_http_host}\" \\
{headers} \\
{xheaders} \\

Expand All @@ -60,6 +61,7 @@ def _oci_push_impl(ctx):
desc = ctx.attr.manifest[OCIDescriptor].descriptor_file.short_path,
ref = ref,
tag = tag,
plain_http_host = ctx.attr.plain_http_host,
debug = str(ctx.attr._debug[DebugInfo].debug),
headers = headers,
xheaders = xheaders,
Expand Down Expand Up @@ -114,6 +116,11 @@ oci_push = rule(
(optional) A tag to include in the target reference. This will not be included on child images."
""",
),
"plain_http_host": attr.string(
doc = """
(optional) A hostname which should be pushed to using http, rather than https."
""",
),
"headers": attr.string_dict(
doc = """
(optional) A list of key/values to to be sent to the registry as headers.
Expand Down
Loading