mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
ed13c3abfb
Add a trusted flag to force the cli to resolve a tag into a digest via the notary trust library and pull by digest. On push the flag the trust flag will indicate the digest and size of a manifest should be signed and push to a notary server. If a tag is given, the cli will resolve the tag into a digest and pull by digest. After pulling, if a tag is given the cli makes a request to tag the image. Use certificate directory for notary requests Read certificates using same logic used by daemon for registry requests. Catch JSON syntax errors from Notary client When an uncaught error occurs in Notary it may show up in Docker as a JSON syntax error, causing a confusing error message to the user. Provide a generic error when a JSON syntax error occurs. Catch expiration errors and wrap in additional context. Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
53 lines
1.6 KiB
Go
53 lines
1.6 KiB
Go
package client
|
|
|
|
import (
|
|
"fmt"
|
|
"net/url"
|
|
|
|
Cli "github.com/docker/docker/cli"
|
|
flag "github.com/docker/docker/pkg/mflag"
|
|
"github.com/docker/docker/pkg/parsers"
|
|
"github.com/docker/docker/registry"
|
|
)
|
|
|
|
// CmdPush pushes an image or repository to the registry.
|
|
//
|
|
// Usage: docker push NAME[:TAG]
|
|
func (cli *DockerCli) CmdPush(args ...string) error {
|
|
cmd := Cli.Subcmd("push", []string{"NAME[:TAG]"}, "Push an image or a repository to a registry", true)
|
|
addTrustedFlags(cmd, false)
|
|
cmd.Require(flag.Exact, 1)
|
|
|
|
cmd.ParseFlags(args, true)
|
|
|
|
remote, tag := parsers.ParseRepositoryTag(cmd.Arg(0))
|
|
|
|
// Resolve the Repository name from fqn to RepositoryInfo
|
|
repoInfo, err := registry.ParseRepositoryInfo(remote)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
// Resolve the Auth config relevant for this server
|
|
authConfig := registry.ResolveAuthConfig(cli.configFile, repoInfo.Index)
|
|
// If we're not using a custom registry, we know the restrictions
|
|
// applied to repository names and can warn the user in advance.
|
|
// Custom repositories can have different rules, and we must also
|
|
// allow pushing by image ID.
|
|
if repoInfo.Official {
|
|
username := authConfig.Username
|
|
if username == "" {
|
|
username = "<user>"
|
|
}
|
|
return fmt.Errorf("You cannot push a \"root\" repository. Please rename your repository to <user>/<repo> (ex: %s/%s)", username, repoInfo.LocalName)
|
|
}
|
|
|
|
if isTrusted() {
|
|
return cli.trustedPush(repoInfo, tag, authConfig)
|
|
}
|
|
|
|
v := url.Values{}
|
|
v.Set("tag", tag)
|
|
|
|
_, _, err = cli.clientRequestAttemptLogin("POST", "/images/"+remote+"/push?"+v.Encode(), nil, cli.out, repoInfo.Index, "push")
|
|
return err
|
|
}
|