distribution: un-export ImageTypes, make ImagePullConfig.Schema2Types optional

Use the default list of accepted mediaTypes if none were passed.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

5 files changed, 50 insertions, 39 deletions

diff --git a/distribution/config.go b/distribution/config.go
index af6a497b98..52ed9ddbfc 100644
--- a/distribution/config.go
+++ b/distribution/config.go
@@ -57,8 +57,9 @@ type ImagePullConfig struct {
 
 	// DownloadManager manages concurrent pulls.
 	DownloadManager *xfer.LayerDownloadManager
-	// Schema2Types is the valid schema2 configuration types allowed
-	// by the pull operation.
+	// Schema2Types is an optional list of valid schema2 configuration types
+	// allowed by the pull operation. If omitted, the default list of accepted
+	// types is used.
 	Schema2Types []string
 	// Platform is the requested platform of the image being pulled
 	Platform *specs.Platform
diff --git a/distribution/pull_v2.go b/distribution/pull_v2.go
index 864baeda44..8479a961e4 100644
--- a/distribution/pull_v2.go
+++ b/distribution/pull_v2.go
@@ -397,19 +397,8 @@ func (p *v2Puller) pullV2Tag(ctx context.Context, ref reference.Named, platform
 	}
 
 	if m, ok := manifest.(*schema2.DeserializedManifest); ok {
-		var allowedMediatype bool
-		for _, t := range p.config.Schema2Types {
-			if m.Manifest.Config.MediaType == t {
-				allowedMediatype = true
-				break
-			}
-		}
-		if !allowedMediatype {
-			configClass := mediaTypeClasses[m.Manifest.Config.MediaType]
-			if configClass == "" {
-				configClass = "unknown"
-			}
-			return false, invalidManifestClassError{m.Manifest.Config.MediaType, configClass}
+		if err := p.validateMediaType(m.Manifest.Config.MediaType); err != nil {
+			return false, err
 		}
 	}
 
@@ -486,6 +475,28 @@ func (p *v2Puller) pullV2Tag(ctx context.Context, ref reference.Named, platform
 	return true, nil
 }
 
+// validateMediaType validates if the given mediaType is accepted by the puller's
+// configuration.
+func (p *v2Puller) validateMediaType(mediaType string) error {
+	var allowedMediaTypes []string
+	if len(p.config.Schema2Types) > 0 {
+		allowedMediaTypes = p.config.Schema2Types
+	} else {
+		allowedMediaTypes = defaultImageTypes
+	}
+	for _, t := range allowedMediaTypes {
+		if mediaType == t {
+			return nil
+		}
+	}
+
+	configClass := mediaTypeClasses[mediaType]
+	if configClass == "" {
+		configClass = "unknown"
+	}
+	return invalidManifestClassError{mediaType, configClass}
+}
+
 func (p *v2Puller) pullSchema1(ctx context.Context, ref reference.Reference, unverifiedManifest *schema1.SignedManifest, platform *specs.Platform) (id digest.Digest, manifestDigest digest.Digest, err error) {
 	if platform != nil {
 		// Early bath if the requested OS doesn't match that of the configuration.
diff --git a/distribution/pull_v2_test.go b/distribution/pull_v2_test.go
index ce1384276d..4918802b26 100644
--- a/distribution/pull_v2_test.go
+++ b/distribution/pull_v2_test.go
@@ -356,7 +356,6 @@ func testNewPuller(t *testing.T, rawurl string) *v2Puller {
 				RegistryToken: secretRegistryToken,
 			},
 		},
-		Schema2Types: ImageTypes,
 	}
 
 	puller, err := newPuller(endpoint, repoInfo, imagePullConfig, nil)
diff --git a/distribution/registry.go b/distribution/registry.go
index 11083cdd46..904ffff2be 100644
--- a/distribution/registry.go
+++ b/distribution/registry.go
@@ -19,35 +19,36 @@ import (
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 )
 
-// ImageTypes represents the schema2 config types for images
-var ImageTypes = []string{
-	schema2.MediaTypeImageConfig,
-	ocispec.MediaTypeImageConfig,
-	// Handle unexpected values from https://github.com/docker/distribution/issues/1621
-	// (see also https://github.com/docker/docker/issues/22378,
-	// https://github.com/docker/docker/issues/30083)
-	"application/octet-stream",
-	"application/json",
-	"text/html",
-	// Treat defaulted values as images, newer types cannot be implied
-	"",
-}
+var (
+	// defaultImageTypes represents the schema2 config types for images
+	defaultImageTypes = []string{
+		schema2.MediaTypeImageConfig,
+		ocispec.MediaTypeImageConfig,
+		// Handle unexpected values from https://github.com/docker/distribution/issues/1621
+		// (see also https://github.com/docker/docker/issues/22378,
+		// https://github.com/docker/docker/issues/30083)
+		"application/octet-stream",
+		"application/json",
+		"text/html",
+		// Treat defaulted values as images, newer types cannot be implied
+		"",
+	}
 
-// PluginTypes represents the schema2 config types for plugins
-var PluginTypes = []string{
-	schema2.MediaTypePluginConfig,
-}
+	// pluginTypes represents the schema2 config types for plugins
+	pluginTypes = []string{
+		schema2.MediaTypePluginConfig,
+	}
 
-var mediaTypeClasses map[string]string
+	mediaTypeClasses map[string]string
+)
 
 func init() {
-	// initialize media type classes with all know types for
-	// plugin
+	// initialize media type classes with all know types for images and plugins.
 	mediaTypeClasses = map[string]string{}
-	for _, t := range ImageTypes {
+	for _, t := range defaultImageTypes {
 		mediaTypeClasses[t] = "image"
 	}
-	for _, t := range PluginTypes {
+	for _, t := range pluginTypes {
 		mediaTypeClasses[t] = "plugin"
 	}
 }
diff --git a/distribution/registry_unit_test.go b/distribution/registry_unit_test.go
index 3cbd09f562..136fd516cf 100644
--- a/distribution/registry_unit_test.go
+++ b/distribution/registry_unit_test.go
@@ -67,7 +67,6 @@ func testTokenPassThru(t *testing.T, ts *httptest.Server) {
 				RegistryToken: secretRegistryToken,
 			},
 		},
-		Schema2Types: ImageTypes,
 	}
 	puller, err := newPuller(endpoint, repoInfo, imagePullConfig, nil)
 	if err != nil {