rancher/os
1
0
Fork 1
mirror of https://github.com/rancher/os.git synced 2025-07-06 19:38:37 +00:00
Code Issues Releases Wiki Activity

Merge pull request #953 from joshwget/registry-credentials

Browse Source 
Support registry credentials in cloud config
This commit is contained in:
Darren Shepherd 2016-06-02 20:45:53 -06:00
commit 8bb4517b9c
4 changed files with 100 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
compose/project.go
View File

@ -36,7 +36,7 @@ func CreateService(cfg *config.CloudConfig, name string, serviceConfig *composeC
} }
func CreateServiceSet(name string, cfg *config.CloudConfig, configs map[string]*composeConfig.ServiceConfigV1) (*project.Project, error) { func CreateServiceSet(name string, cfg *config.CloudConfig, configs map[string]*composeConfig.ServiceConfigV1) (*project.Project, error) {
p, err := newProject(name, cfg, nil) p, err := newProject(name, cfg, nil, nil)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -58,7 +58,7 @@ func GetProject(cfg *config.CloudConfig, networkingAvailable bool) (*project.Pro
return newCoreServiceProject(cfg, networkingAvailable) return newCoreServiceProject(cfg, networkingAvailable)
} }
func newProject(name string, cfg *config.CloudConfig, environmentLookup composeConfig.EnvironmentLookup) (*project.Project, error) { func newProject(name string, cfg *config.CloudConfig, environmentLookup composeConfig.EnvironmentLookup, authLookup *rosDocker.ConfigAuthLookup) (*project.Project, error) {
clientFactory, err := rosDocker.NewClientFactory(composeClient.Options{}) clientFactory, err := rosDocker.NewClientFactory(composeClient.Options{})
if err != nil { if err != nil {
return nil, err return nil, err
@ -67,12 +67,16 @@ func newProject(name string, cfg *config.CloudConfig, environmentLookup composeC
if environmentLookup == nil { if environmentLookup == nil {
environmentLookup = rosDocker.NewConfigEnvironment(cfg) environmentLookup = rosDocker.NewConfigEnvironment(cfg)
} }
if authLookup == nil {
authLookup = rosDocker.NewConfigAuthLookup(cfg)
}
serviceFactory := &rosDocker.ServiceFactory{ serviceFactory := &rosDocker.ServiceFactory{
Deps: map[string][]string{}, Deps: map[string][]string{},
} }
context := &docker.Context{ context := &docker.Context{
ClientFactory: clientFactory, ClientFactory: clientFactory,
AuthLookup: authLookup,
Context: project.Context{ Context: project.Context{
ProjectName: name, ProjectName: name,
EnvironmentLookup: environmentLookup, EnvironmentLookup: environmentLookup,
@ -82,6 +86,8 @@ func newProject(name string, cfg *config.CloudConfig, environmentLookup composeC
} }
serviceFactory.Context = context serviceFactory.Context = context
authLookup.SetContext(context)
return docker.NewProject(context, &composeConfig.ParseOptions{ return docker.NewProject(context, &composeConfig.ParseOptions{
Interpolate: true, Interpolate: true,
Validate: false, Validate: false,
@ -181,8 +187,9 @@ func newCoreServiceProject(cfg *config.CloudConfig, useNetwork bool) (*project.P
enabled := map[interface{}]interface{}{} enabled := map[interface{}]interface{}{}
environmentLookup := rosDocker.NewConfigEnvironment(cfg) environmentLookup := rosDocker.NewConfigEnvironment(cfg)
authLookup := rosDocker.NewConfigAuthLookup(cfg)
p, err := newProject("os", cfg, environmentLookup) p, err := newProject("os", cfg, environmentLookup, authLookup)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -194,6 +201,7 @@ func newCoreServiceProject(cfg *config.CloudConfig, useNetwork bool) (*project.P
cfg = config.LoadConfig() cfg = config.LoadConfig()
environmentLookup.SetConfig(cfg) environmentLookup.SetConfig(cfg)
authLookup.SetConfig(cfg)
enabled = addServices(p, enabled, cfg.Rancher.Services) enabled = addServices(p, enabled, cfg.Rancher.Services)
@ -252,7 +260,7 @@ func newCoreServiceProject(cfg *config.CloudConfig, useNetwork bool) (*project.P
} }
func StageServices(cfg *config.CloudConfig, services ...string) error { func StageServices(cfg *config.CloudConfig, services ...string) error {
p, err := newProject("stage-services", cfg, nil) p, err := newProject("stage-services", cfg, nil, nil)
if err != nil { if err != nil {
return err return err
} }

4
config/disk.go
View File

@ -11,6 +11,7 @@ import (
yaml "github.com/cloudfoundry-incubator/candiedyaml" yaml "github.com/cloudfoundry-incubator/candiedyaml"
"github.com/coreos/coreos-cloudinit/datasource" "github.com/coreos/coreos-cloudinit/datasource"
"github.com/coreos/coreos-cloudinit/initialize" "github.com/coreos/coreos-cloudinit/initialize"
"github.com/docker/engine-api/types"
composeConfig "github.com/docker/libcompose/config" composeConfig "github.com/docker/libcompose/config"
"github.com/rancher/os/util" "github.com/rancher/os/util"
) )
@ -194,6 +195,9 @@ func amendNils(c *CloudConfig) *CloudConfig {
if t.Rancher.ServicesInclude == nil { if t.Rancher.ServicesInclude == nil {
t.Rancher.ServicesInclude = map[string]bool{} t.Rancher.ServicesInclude = map[string]bool{}
} }
if t.Rancher.RegistryAuths == nil {
t.Rancher.RegistryAuths = map[string]types.AuthConfig{}
}
return &t return &t
} }

2
config/types.go
View File

@ -4,6 +4,7 @@ import (
"runtime" "runtime"
"github.com/coreos/coreos-cloudinit/config" "github.com/coreos/coreos-cloudinit/config"
"github.com/docker/engine-api/types"
composeConfig "github.com/docker/libcompose/config" composeConfig "github.com/docker/libcompose/config"
"github.com/rancher/netconf" "github.com/rancher/netconf"
) )
@ -104,6 +105,7 @@ type RancherConfig struct {
SystemDocker DockerConfig `yaml:"system_docker,omitempty"` SystemDocker DockerConfig `yaml:"system_docker,omitempty"`
Upgrade UpgradeConfig `yaml:"upgrade,omitempty"` Upgrade UpgradeConfig `yaml:"upgrade,omitempty"`
Docker DockerConfig `yaml:"docker,omitempty"` Docker DockerConfig `yaml:"docker,omitempty"`
RegistryAuths map[string]types.AuthConfig `yaml:"registry_auths,omitempty"`
Defaults Defaults `yaml:"defaults,omitempty"` Defaults Defaults `yaml:"defaults,omitempty"`
} }

82
docker/auth.go Normal file
View File

@ -0,0 +1,82 @@
package docker
import (
"encoding/base64"
"fmt"
"strings"
log "github.com/Sirupsen/logrus"
"github.com/docker/docker/registry"
"github.com/docker/engine-api/types"
"github.com/docker/libcompose/docker"
"github.com/rancher/os/config"
)
// ConfigAuthLookup will lookup registry auth info from cloud config
// if a context is set, it will also lookup auth info from the Docker config file
type ConfigAuthLookup struct {
cfg *config.CloudConfig
context *docker.Context
dockerConfigAuthLookup *docker.ConfigAuthLookup
}
func NewConfigAuthLookup(cfg *config.CloudConfig) *ConfigAuthLookup {
return &ConfigAuthLookup{
cfg: cfg,
}
}
func populateRemaining(authConfig *types.AuthConfig) error {
if authConfig.Auth == "" {
return nil
}
decoded, err := base64.URLEncoding.DecodeString(authConfig.Auth)
if err != nil {
return err
}
decodedSplit := strings.Split(string(decoded), ":")
if len(decodedSplit) != 2 {
return fmt.Errorf("Invalid auth: %s", authConfig.Auth)
}
authConfig.Username = decodedSplit[0]
authConfig.Password = decodedSplit[1]
return nil
}
func (c *ConfigAuthLookup) SetConfig(cfg *config.CloudConfig) {
c.cfg = cfg
}
func (c *ConfigAuthLookup) SetContext(context *docker.Context) {
c.context = context
c.dockerConfigAuthLookup = docker.NewConfigAuthLookup(context)
}
func (c *ConfigAuthLookup) Lookup(repoInfo *registry.RepositoryInfo) types.AuthConfig {
if repoInfo == nil || repoInfo.Index == nil {
return types.AuthConfig{}
}
authConfig := registry.ResolveAuthConfig(c.All(), repoInfo.Index)
err := populateRemaining(&authConfig)
if err != nil {
log.Error(err)
return types.AuthConfig{}
}
return authConfig
}
func (c *ConfigAuthLookup) All() map[string]types.AuthConfig {
registryAuths := c.cfg.Rancher.RegistryAuths
if c.dockerConfigAuthLookup != nil {
for registry, authConfig := range c.dockerConfigAuthLookup.All() {
registryAuths[registry] = authConfig
}
}
return registryAuths
}