- fix naming and formatting
- provide more context when erroring auth
- do not capitalize errors
- fix wrong documentation
- remove ugly remoteError{}
Signed-off-by: Antonio Murdaca <runcom@redhat.com>
Each plug-in operates as a separate service, and registers with Docker
through general (plug-ins API)
[https://blog.docker.com/2015/06/extending-docker-with-plugins/]. No
Docker daemon recompilation is required in order to add / remove an
authentication plug-in. Each plug-in is notified twice for each
operation: 1) before the operation is performed and, 2) before the
response is returned to the client. The plug-ins can modify the response
that is returned to the client.
The authorization depends on the authorization effort that takes place
in parallel [https://github.com/docker/docker/issues/13697].
This is the official issue of the authorization effort:
https://github.com/docker/docker/issues/14674
(Here)[https://github.com/rhatdan/docker-rbac] you can find an open
document that discusses a default RBAC plug-in for Docker.
Signed-off-by: Liron Levin <liron@twistlock.com>
Added container create flow test and extended the verification for ps
We can remove one function from the stack by injecting the middleware
only when logging in enabled and the level is debug.
Signed-off-by: David Calavera <david.calavera@gmail.com>
When tools like kubernetes and cockpit are talking to the docker daemon
actively, we are seeing large number of log messages that look like debug
information.
For example
docker info adds the following line to journald.
Nov 26 07:09:23 dhcp-10-19-62-196.boston.devel.redhat.com docker[32686]: time="2015-11-26T07:09:23.124503455-05:00" level=info msg="GET /v1.22/info"
We think this should be Debug level not Info level.
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
This reverts commit d5cd032a86.
Commit caused issues on systems with case-insensitive filesystems.
Revert for now
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
- Move autogen/dockerversion to version
- Update autogen and "builds" to use this package and a build flag
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Uses a new middleware which calls httputils.DumpRequest which is output
to `logrus.Debug`.
This is implemented in a separate middleare so that we only have to
check the logging level when the router is instantiated rather than at
every request.
If this was just `logrus.Debug(httputil.DumpRequest(...))`, the
DumpRequest would be called on each request requardless of logging
level set on the daemon.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Implement basic interfaces to write custom routers that can be plugged
to the server. Remove server coupling with the daemon.
Signed-off-by: David Calavera <david.calavera@gmail.com>
It defines global middlewares for every request.
This makes the server slightly more composable.
Signed-off-by: David Calavera <david.calavera@gmail.com>
