diff --git a/registry/config.go b/registry/config.go index 315807f903..1f1be93f5a 100644 --- a/registry/config.go +++ b/registry/config.go @@ -242,7 +242,7 @@ skip: // hostname should be a URL.Host (`host:port` or `host`) where the `host` part can be either a domain name // or an IP address. If it is a domain name, then it will be resolved to IP addresses for matching. If // resolution fails, CIDR matching is not performed. -func allowNondistributableArtifacts(config *serviceConfig, hostname string) bool { +func (config *serviceConfig) allowNondistributableArtifacts(hostname string) bool { for _, h := range config.AllowNondistributableArtifactsHostnames { if h == hostname { return true @@ -263,7 +263,7 @@ func allowNondistributableArtifacts(config *serviceConfig, hostname string) bool // or an IP address. If it is a domain name, then it will be resolved in order to check if the IP is contained // in a subnet. If the resolving is not successful, isSecureIndex will only try to match hostname to any element // of insecureRegistries. -func isSecureIndex(config *serviceConfig, indexName string) bool { +func (config *serviceConfig) isSecureIndex(indexName string) bool { // Check for configured index, first. This is needed in case isSecureIndex // is called from anything besides newIndexInfo, in order to honor per-index configurations. if index, ok := config.IndexConfigs[indexName]; ok { @@ -385,7 +385,7 @@ func newIndexInfo(config *serviceConfig, indexName string) (*registry.IndexInfo, return ®istry.IndexInfo{ Name: indexName, Mirrors: make([]string, 0), - Secure: isSecureIndex(config, indexName), + Secure: config.isSecureIndex(indexName), Official: false, }, nil } diff --git a/registry/registry_test.go b/registry/registry_test.go index c4c5c46b21..e0f29404e6 100644 --- a/registry/registry_test.go +++ b/registry/registry_test.go @@ -660,7 +660,7 @@ func TestAllowNondistributableArtifacts(t *testing.T) { if err != nil { t.Error(err) } - if v := allowNondistributableArtifacts(config, tt.addr); v != tt.expected { + if v := config.allowNondistributableArtifacts(tt.addr); v != tt.expected { t.Errorf("allowNondistributableArtifacts failed for %q %v, expected %v got %v", tt.addr, tt.registries, tt.expected, v) } } @@ -703,7 +703,7 @@ func TestIsSecureIndex(t *testing.T) { if err != nil { t.Error(err) } - if sec := isSecureIndex(config, tt.addr); sec != tt.expected { + if sec := config.isSecureIndex(tt.addr); sec != tt.expected { t.Errorf("isSecureIndex failed for %q %v, expected %v got %v", tt.addr, tt.insecureRegistries, tt.expected, sec) } } diff --git a/registry/service.go b/registry/service.go index f441d15ee4..0cda3a8806 100644 --- a/registry/service.go +++ b/registry/service.go @@ -224,7 +224,7 @@ type APIEndpoint struct { // TLSConfig constructs a client TLS configuration based on server defaults func (s *defaultService) TLSConfig(hostname string) (*tls.Config, error) { s.mu.RLock() - secure := isSecureIndex(s.config, hostname) + secure := s.config.isSecureIndex(hostname) s.mu.RUnlock() return newTLSConfig(hostname, secure) diff --git a/registry/service_v2.go b/registry/service_v2.go index db164bbe90..f147af0faa 100644 --- a/registry/service_v2.go +++ b/registry/service_v2.go @@ -17,7 +17,7 @@ func (s *defaultService) lookupV2Endpoints(hostname string) (endpoints []APIEndp if err != nil { return nil, invalidParam(err) } - mirrorTLSConfig, err := newTLSConfig(mirrorURL.Host, isSecureIndex(s.config, mirrorURL.Host)) + mirrorTLSConfig, err := newTLSConfig(mirrorURL.Host, s.config.isSecureIndex(mirrorURL.Host)) if err != nil { return nil, err } @@ -40,12 +40,12 @@ func (s *defaultService) lookupV2Endpoints(hostname string) (endpoints []APIEndp return endpoints, nil } - tlsConfig, err := newTLSConfig(hostname, isSecureIndex(s.config, hostname)) + tlsConfig, err := newTLSConfig(hostname, s.config.isSecureIndex(hostname)) if err != nil { return nil, err } - ana := allowNondistributableArtifacts(s.config, hostname) + ana := s.config.allowNondistributableArtifacts(hostname) endpoints = []APIEndpoint{ { URL: &url.URL{