diff --git a/registry/config.go b/registry/config.go index 5d27f5ba04..315807f903 100644 --- a/registry/config.go +++ b/registry/config.go @@ -86,6 +86,21 @@ func newServiceConfig(options ServiceOptions) (*serviceConfig, error) { return config, nil } +// copy constructs a new ServiceConfig with a copy of the configuration in config. +func (config *serviceConfig) copy() *registrytypes.ServiceConfig { + ic := make(map[string]*registrytypes.IndexInfo) + for key, value := range config.IndexConfigs { + ic[key] = value + } + return ®istrytypes.ServiceConfig{ + AllowNondistributableArtifactsCIDRs: append([]*registrytypes.NetIPNet(nil), config.AllowNondistributableArtifactsCIDRs...), + AllowNondistributableArtifactsHostnames: append([]string(nil), config.AllowNondistributableArtifactsHostnames...), + InsecureRegistryCIDRs: append([]*registrytypes.NetIPNet(nil), config.InsecureRegistryCIDRs...), + IndexConfigs: ic, + Mirrors: append([]string(nil), config.Mirrors...), + } +} + // loadAllowNondistributableArtifacts loads allow-nondistributable-artifacts registries into config. func (config *serviceConfig) loadAllowNondistributableArtifacts(registries []string) error { cidrs := map[string]*registry.NetIPNet{} diff --git a/registry/service.go b/registry/service.go index cf53472c52..f441d15ee4 100644 --- a/registry/service.go +++ b/registry/service.go @@ -50,32 +50,11 @@ func NewService(options ServiceOptions) (Service, error) { return &defaultService{config: config}, err } -// ServiceConfig returns the public registry service configuration. +// ServiceConfig returns a copy of the public registry service's configuration. func (s *defaultService) ServiceConfig() *registry.ServiceConfig { s.mu.RLock() defer s.mu.RUnlock() - - servConfig := registry.ServiceConfig{ - AllowNondistributableArtifactsCIDRs: make([]*(registry.NetIPNet), 0), - AllowNondistributableArtifactsHostnames: make([]string, 0), - InsecureRegistryCIDRs: make([]*(registry.NetIPNet), 0), - IndexConfigs: make(map[string]*(registry.IndexInfo)), - Mirrors: make([]string, 0), - } - - // construct a new ServiceConfig which will not retrieve s.Config directly, - // and look up items in s.config with mu locked - servConfig.AllowNondistributableArtifactsCIDRs = append(servConfig.AllowNondistributableArtifactsCIDRs, s.config.ServiceConfig.AllowNondistributableArtifactsCIDRs...) - servConfig.AllowNondistributableArtifactsHostnames = append(servConfig.AllowNondistributableArtifactsHostnames, s.config.ServiceConfig.AllowNondistributableArtifactsHostnames...) - servConfig.InsecureRegistryCIDRs = append(servConfig.InsecureRegistryCIDRs, s.config.ServiceConfig.InsecureRegistryCIDRs...) - - for key, value := range s.config.ServiceConfig.IndexConfigs { - servConfig.IndexConfigs[key] = value - } - - servConfig.Mirrors = append(servConfig.Mirrors, s.config.ServiceConfig.Mirrors...) - - return &servConfig + return s.config.copy() } // LoadAllowNondistributableArtifacts loads allow-nondistributable-artifacts registries for Service.