diff options
author | Joffrey F <joffrey@docker.com> | 2014-08-22 17:28:59 +0200 |
---|---|---|
committer | Joffrey F <joffrey@docker.com> | 2014-08-22 17:28:59 +0200 |
commit | be831c1130cbd7ded46c2245f81bee92fdc5a167 (patch) | |
tree | 827b32086d434891729870c9795aa403bd36e0f3 | |
parent | c76fd8d91481d33cee6fcfaa61025c12caa95b98 (diff) | |
download | docker-py-insecure_registry.tar.gz |
Don't fallback to HTTP unless insecure_registry is specified when pushing/pullinginsecure_registry
-rw-r--r-- | docker/auth/auth.py | 18 | ||||
-rw-r--r-- | docker/client.py | 14 |
2 files changed, 22 insertions, 10 deletions
diff --git a/docker/auth/auth.py b/docker/auth/auth.py index 0bd386d..c13eed4 100644 --- a/docker/auth/auth.py +++ b/docker/auth/auth.py @@ -34,17 +34,22 @@ def swap_protocol(url): return url -def expand_registry_url(hostname): +def expand_registry_url(hostname, insecure=False): if hostname.startswith('http:') or hostname.startswith('https:'): if '/' not in hostname[9:]: hostname = hostname + '/v1/' return hostname if utils.ping('https://' + hostname + '/v1/_ping'): return 'https://' + hostname + '/v1/' - return 'http://' + hostname + '/v1/' + elif insecure: + return 'http://' + hostname + '/v1/' + else: + raise errors.DockerException( + "HTTPS endpoint unresponsive and insecure mode isn't enabled." + ) -def resolve_repository_name(repo_name): +def resolve_repository_name(repo_name, insecure=False): if '://' in repo_name: raise errors.InvalidRepository( 'Repository name cannot contain a scheme ({0})'.format(repo_name)) @@ -56,11 +61,12 @@ def resolve_repository_name(repo_name): raise errors.InvalidRepository( 'Invalid repository name ({0})'.format(repo_name)) - if 'index.docker.io' in parts[0]: + if 'index.docker.io' in parts[0] or 'registry.hub.docker.com' in parts[0]: raise errors.InvalidRepository( - 'Invalid repository name, try "{0}" instead'.format(parts[1])) + 'Invalid repository name, try "{0}" instead'.format(parts[1]) + ) - return expand_registry_url(parts[0]), parts[1] + return expand_registry_url(parts[0], insecure), parts[1] def resolve_authconfig(authconfig, registry=None): diff --git a/docker/client.py b/docker/client.py index c4871a6..714447b 100644 --- a/docker/client.py +++ b/docker/client.py @@ -713,10 +713,13 @@ class Client(requests.Session): return h_ports - def pull(self, repository, tag=None, stream=False): + def pull(self, repository, tag=None, stream=False, + insecure_registry=False): if not tag: repository, tag = utils.parse_repository_tag(repository) - registry, repo_name = auth.resolve_repository_name(repository) + registry, repo_name = auth.resolve_repository_name( + repository, insecure=insecure_registry + ) if repo_name.count(":") == 1: repository, tag = repository.rsplit(":", 1) @@ -747,10 +750,13 @@ class Client(requests.Session): else: return self._result(response) - def push(self, repository, tag=None, stream=False): + def push(self, repository, tag=None, stream=False, + insecure_registry=False): if not tag: repository, tag = utils.parse_repository_tag(repository) - registry, repo_name = auth.resolve_repository_name(repository) + registry, repo_name = auth.resolve_repository_name( + repository, insecure=insecure_registry + ) u = self._url("/images/{0}/push".format(repository)) params = { 'tag': tag |