Merge pull request #43394 from thaJeztah/cleanup_registry_step2

registry: remove more dead code
2022-11-09 12:21:53 -05:00 · 2022-03-18 19:35:02 +01:00 · 2022-03-18 19:35:02 +01:00 · d5d5f258df
commit d5d5f258df
parent b7a72435a6 5e9829b75d
4 changed files with 12 additions and 37 deletions
--- a/registry/auth.go
+++ b/registry/auth.go
@ -63,14 +63,6 @@ func (scs staticCredentialStore) RefreshToken(*url.URL, string) string {
 func (scs staticCredentialStore) SetRefreshToken(*url.URL, string, string) {
 }

-type fallbackError struct {
-	err error
-}
-
-func (err fallbackError) Error() string {
-	return err.err.Error()
-}
-
 // loginV2 tries to login to the v2 registry server. The given registry
 // endpoint will be pinged to get authorization challenges. These challenges
 // will be used to authenticate against the registry to validate credentials.
--- a/registry/registry_test.go
+++ b/registry/registry_test.go
@ -24,7 +24,7 @@ func spawnTestRegistrySession(t *testing.T) *session {
 	}
 	userAgent := "docker test client"
 	var tr http.RoundTripper = debugTransport{newTransport(nil), t.Log}
-	tr = transport.NewTransport(AuthTransport(tr, authConfig, false), Headers(userAgent, nil)...)
+	tr = transport.NewTransport(newAuthTransport(tr, authConfig, false), Headers(userAgent, nil)...)
 	client := httpClient(tr)

 	if err := authorizeClient(client, authConfig, endpoint); err != nil {
--- a/registry/service.go
+++ b/registry/service.go
@ -24,7 +24,6 @@ type Service interface {
 	ResolveRepository(name reference.Named) (*RepositoryInfo, error)
 	Search(ctx context.Context, term string, limit int, authConfig *types.AuthConfig, userAgent string, headers map[string][]string) (*registry.SearchResults, error)
 	ServiceConfig() *registry.ServiceConfig
-	TLSConfig(hostname string) (*tls.Config, error)
 	LoadAllowNondistributableArtifacts([]string) error
 	LoadMirrors([]string) error
 	LoadInsecureRegistries([]string) error
@ -171,23 +170,16 @@ func (s *defaultService) Search(ctx context.Context, term string, limit int, aut
 		modifiers := Headers(userAgent, nil)
 		v2Client, err := v2AuthHTTPClient(endpoint.URL, endpoint.client.Transport, modifiers, creds, scopes)
 		if err != nil {
-			if fErr, ok := err.(fallbackError); ok {
-				logrus.WithError(fErr.err).Error("cannot use identity token for search, v2 auth not supported")
-			} else {
-				return nil, err
-			}
-		} else {
-			// Copy non transport http client features
-			v2Client.Timeout = endpoint.client.Timeout
-			v2Client.CheckRedirect = endpoint.client.CheckRedirect
-			v2Client.Jar = endpoint.client.Jar
-
-			logrus.Debugf("using v2 client for search to %s", endpoint.URL)
-			client = v2Client
+			return nil, err
 		}
-	}
+		// Copy non transport http client features
+		v2Client.Timeout = endpoint.client.Timeout
+		v2Client.CheckRedirect = endpoint.client.CheckRedirect
+		v2Client.Jar = endpoint.client.Jar

-	if client == nil {
+		logrus.Debugf("using v2 client for search to %s", endpoint.URL)
+		client = v2Client
+	} else {
 		client = endpoint.client
 		if err := authorizeClient(client, authConfig, endpoint); err != nil {
 			return nil, err
@ -216,15 +208,6 @@ type APIEndpoint struct {
 	TLSConfig                      *tls.Config
 }

-// TLSConfig constructs a client TLS configuration based on server defaults
-func (s *defaultService) TLSConfig(hostname string) (*tls.Config, error) {
-	s.mu.RLock()
-	secure := s.config.isSecureIndex(hostname)
-	s.mu.RUnlock()
-
-	return newTLSConfig(hostname, secure)
-}
-
 // LookupPullEndpoints creates a list of v2 endpoints to try to pull from, in order of preference.
 // It gives preference to mirrors over the actual registry, and HTTPS over plain HTTP.
 func (s *defaultService) LookupPullEndpoints(hostname string) (endpoints []APIEndpoint, err error) {
--- a/registry/session.go
+++ b/registry/session.go
@ -39,7 +39,7 @@ type authTransport struct {
 	modReq map[*http.Request]*http.Request // original -> modified
 }

-// AuthTransport handles the auth layer when communicating with a v1 registry (private or official)
+// newAuthTransport handles the auth layer when communicating with a v1 registry (private or official)
 //
 // For private v1 registries, set alwaysSetBasicAuth to true.
 //
@ -52,7 +52,7 @@ type authTransport struct {
 // If the server sends a token without the client having requested it, it is ignored.
 //
 // This RoundTripper also has a CancelRequest method important for correct timeout handling.
-func AuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) http.RoundTripper {
+func newAuthTransport(base http.RoundTripper, authConfig *types.AuthConfig, alwaysSetBasicAuth bool) *authTransport {
 	if base == nil {
 		base = http.DefaultTransport
 	}
@ -165,7 +165,7 @@ func authorizeClient(client *http.Client, authConfig *types.AuthConfig, endpoint

 	// Annotate the transport unconditionally so that v2 can
 	// properly fallback on v1 when an image is not found.
-	client.Transport = AuthTransport(client.Transport, authConfig, alwaysSetBasicAuth)
+	client.Transport = newAuthTransport(client.Transport, authConfig, alwaysSetBasicAuth)

 	jar, err := cookiejar.New(nil)
 	if err != nil {