Guest24897
/
DockerCLI
mirror of https://github.com/docker/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4114 from thaJeztah/remove_registry_service_step2 

cli/trust: remove special handling for "plugin" Class
This commit is contained in:
Sebastiaan van Stijn 2023-03-23 19:34:49 +01:00 committed by GitHub
parent 14482589df 0ba820ed0b
commit f5d698a331
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 15 additions and 47 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cli/command/container/create.go
View File

@ -227,7 +227,7 @@ func createContainer(ctx context.Context, dockerCli command.Cli, containerConfig
if taggedRef, ok := namedRef.(reference.NamedTagged); ok && !opts.untrusted { if taggedRef, ok := namedRef.(reference.NamedTagged); ok && !opts.untrusted {
var err error var err error
trustedRef, err = image.TrustedReference(ctx, dockerCli, taggedRef, nil) trustedRef, err = image.TrustedReference(ctx, dockerCli, taggedRef)
if err != nil { if err != nil {
return nil, err return nil, err
} }

2
cli/command/image/build.go
View File

@ -279,7 +279,7 @@ func runBuild(dockerCli command.Cli, options buildOptions) error {
var resolvedTags []*resolvedTag var resolvedTags []*resolvedTag
if !options.untrusted { if !options.untrusted {
translator := func(ctx context.Context, ref reference.NamedTagged) (reference.Canonical, error) { translator := func(ctx context.Context, ref reference.NamedTagged) (reference.Canonical, error) {
return TrustedReference(ctx, dockerCli, ref, nil) return TrustedReference(ctx, dockerCli, ref)
} }
// if there is a tar wrapper, the dockerfile needs to be replaced inside it // if there is a tar wrapper, the dockerfile needs to be replaced inside it
if buildCtx != nil { if buildCtx != nil {

2
cli/command/image/pull.go
View File

@ -69,7 +69,7 @@ func RunPull(cli command.Cli, opts PullOptions) error {
} }
ctx := context.Background() ctx := context.Background()
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, AuthResolver(cli), distributionRef.String()) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, AuthResolver(cli), distributionRef.String())
if err != nil { if err != nil {
return err return err
} }

6
cli/command/image/trust.go
View File

@ -186,7 +186,7 @@ func trustedPull(ctx context.Context, cli command.Cli, imgRefAndAuth trust.Image
if err != nil { if err != nil {
return err return err
} }
updatedImgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, AuthResolver(cli), trustedRef.String()) updatedImgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, AuthResolver(cli), trustedRef.String())
if err != nil { if err != nil {
return err return err
} }
@ -289,8 +289,8 @@ func imagePullPrivileged(ctx context.Context, cli command.Cli, imgRefAndAuth tru
} }
// TrustedReference returns the canonical trusted reference for an image reference // TrustedReference returns the canonical trusted reference for an image reference
func TrustedReference(ctx context.Context, cli command.Cli, ref reference.NamedTagged, rs registry.Service) (reference.Canonical, error) { func TrustedReference(ctx context.Context, cli command.Cli, ref reference.NamedTagged) (reference.Canonical, error) {
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, rs, AuthResolver(cli), ref.String()) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, AuthResolver(cli), ref.String())
if err != nil { if err != nil {
return nil, err return nil, err
} }

27
cli/command/plugin/install.go
View File

@ -54,26 +54,6 @@ func newInstallCommand(dockerCli command.Cli) *cobra.Command {
return cmd return cmd
} }
type pluginRegistryService struct {
registry.Service
}
func (s pluginRegistryService) ResolveRepository(name reference.Named) (*registry.RepositoryInfo, error) {
repoInfo, err := s.Service.ResolveRepository(name)
if repoInfo != nil {
repoInfo.Class = "plugin"
}
return repoInfo, err
}
func newRegistryService() (registry.Service, error) {
svc, err := registry.NewService(registry.ServiceOptions{})
if err != nil {
return nil, err
}
return pluginRegistryService{Service: svc}, nil
}
func buildPullConfig(ctx context.Context, dockerCli command.Cli, opts pluginOptions, cmdName string) (types.PluginInstallOptions, error) { func buildPullConfig(ctx context.Context, dockerCli command.Cli, opts pluginOptions, cmdName string) (types.PluginInstallOptions, error) {
// Names with both tag and digest will be treated by the daemon // Names with both tag and digest will be treated by the daemon
// as a pull by digest with a local name for the tag // as a pull by digest with a local name for the tag
@ -98,12 +78,7 @@ func buildPullConfig(ctx context.Context, dockerCli command.Cli, opts pluginOpti
return types.PluginInstallOptions{}, errors.Errorf("invalid name: %s", ref.String()) return types.PluginInstallOptions{}, errors.Errorf("invalid name: %s", ref.String())
} }
ctx := context.Background() trusted, err := image.TrustedReference(context.Background(), dockerCli, nt)
svc, err := newRegistryService()
if err != nil {
return types.PluginInstallOptions{}, err
}
trusted, err := image.TrustedReference(ctx, dockerCli, nt, svc)
if err != nil { if err != nil {
return types.PluginInstallOptions{}, err return types.PluginInstallOptions{}, err
} }

1
cli/command/plugin/push.go
View File

@ -68,7 +68,6 @@ func runPush(dockerCli command.Cli, opts pushOptions) error {
defer responseBody.Close() defer responseBody.Close()
if !opts.untrusted { if !opts.untrusted {
repoInfo.Class = "plugin"
return image.PushTrustedReference(dockerCli, repoInfo, named, authConfig, responseBody) return image.PushTrustedReference(dockerCli, repoInfo, named, authConfig, responseBody)
} }

2
cli/command/trust/common.go
View File

@ -53,7 +53,7 @@ type trustKey struct {
// This information is to be pretty printed or serialized into a machine-readable format. // This information is to be pretty printed or serialized into a machine-readable format.
func lookupTrustInfo(cli command.Cli, remote string) ([]trustTagRow, []client.RoleWithSignatures, []data.Role, error) { func lookupTrustInfo(cli command.Cli, remote string) ([]trustTagRow, []client.RoleWithSignatures, []data.Role, error) {
ctx := context.Background() ctx := context.Background()
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, image.AuthResolver(cli), remote) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(cli), remote)
if err != nil { if err != nil {
return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, err return []trustTagRow{}, []client.RoleWithSignatures{}, []data.Role{}, err
} }

2
cli/command/trust/revoke.go
View File

@ -36,7 +36,7 @@ func newRevokeCommand(dockerCli command.Cli) *cobra.Command {
func revokeTrust(cli command.Cli, remote string, options revokeOptions) error { func revokeTrust(cli command.Cli, remote string, options revokeOptions) error {
ctx := context.Background() ctx := context.Background()
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, image.AuthResolver(cli), remote) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(cli), remote)
if err != nil { if err != nil {
return err return err
} }

2
cli/command/trust/sign.go
View File

@ -43,7 +43,7 @@ func newSignCommand(dockerCli command.Cli) *cobra.Command {
func runSignImage(cli command.Cli, options signOptions) error { func runSignImage(cli command.Cli, options signOptions) error {
imageName := options.imageName imageName := options.imageName
ctx := context.Background() ctx := context.Background()
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, image.AuthResolver(cli), imageName) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(cli), imageName)
if err != nil { if err != nil {
return err return err
} }

2
cli/command/trust/signer_add.go
View File

@ -81,7 +81,7 @@ func addSigner(cli command.Cli, options signerAddOptions) error {
func addSignerToRepo(cli command.Cli, signerName string, repoName string, signerPubKeys []data.PublicKey) error { func addSignerToRepo(cli command.Cli, signerName string, repoName string, signerPubKeys []data.PublicKey) error {
ctx := context.Background() ctx := context.Background()
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, image.AuthResolver(cli), repoName) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(cli), repoName)
if err != nil { if err != nil {
return err return err
} }

2
cli/command/trust/signer_remove.go
View File

@ -80,7 +80,7 @@ func isLastSignerForReleases(roleWithSig data.Role, allRoles []client.RoleWithSi
// The signer not being removed doesn't necessarily raise an error e.g. user choosing "No" when prompted for confirmation. // The signer not being removed doesn't necessarily raise an error e.g. user choosing "No" when prompted for confirmation.
func removeSingleSigner(cli command.Cli, repoName, signerName string, forceYes bool) (bool, error) { func removeSingleSigner(cli command.Cli, repoName, signerName string, forceYes bool) (bool, error) {
ctx := context.Background() ctx := context.Background()
imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, nil, image.AuthResolver(cli), repoName) imgRefAndAuth, err := trust.GetImageReferencesAndAuth(ctx, image.AuthResolver(cli), repoName)
if err != nil { if err != nil {
return false, err return false, err
} }

12
cli/trust/trust.go
View File

@ -160,7 +160,7 @@ func GetNotaryRepository(in io.Reader, out io.Writer, userAgent string, repoInfo
scope := auth.RepositoryScope{ scope := auth.RepositoryScope{
Repository: repoInfo.Name.Name(), Repository: repoInfo.Name.Name(),
Actions: actions, Actions: actions,
Class: repoInfo.Class, Class: repoInfo.Class, // TODO(thaJeztah): Class is no longer needed for plugins and can likely be removed; see https://github.com/docker/cli/pull/4114#discussion_r1145430825
} }
creds := simpleCredentialStore{auth: *authConfig} creds := simpleCredentialStore{auth: *authConfig}
tokenHandlerOptions := auth.TokenHandlerOptions{ tokenHandlerOptions := auth.TokenHandlerOptions{
@ -301,7 +301,7 @@ type ImageRefAndAuth struct {
// GetImageReferencesAndAuth retrieves the necessary reference and auth information for an image name // GetImageReferencesAndAuth retrieves the necessary reference and auth information for an image name
// as an ImageRefAndAuth struct // as an ImageRefAndAuth struct
func GetImageReferencesAndAuth(ctx context.Context, rs registry.Service, func GetImageReferencesAndAuth(ctx context.Context,
authResolver func(ctx context.Context, index *registrytypes.IndexInfo) types.AuthConfig, authResolver func(ctx context.Context, index *registrytypes.IndexInfo) types.AuthConfig,
imgName string, imgName string,
) (ImageRefAndAuth, error) { ) (ImageRefAndAuth, error) {
@ -311,13 +311,7 @@ func GetImageReferencesAndAuth(ctx context.Context, rs registry.Service,
} }
// Resolve the Repository name from fqn to RepositoryInfo // Resolve the Repository name from fqn to RepositoryInfo
var repoInfo *registry.RepositoryInfo repoInfo, err := registry.ParseRepositoryInfo(ref)
if rs != nil {
repoInfo, err = rs.ResolveRepository(ref)
} else {
repoInfo, err = registry.ParseRepositoryInfo(ref)
}
if err != nil { if err != nil {
return ImageRefAndAuth{}, err return ImageRefAndAuth{}, err
} }