Adding registry endpoint authorization

author: Andre Guedes <andrebsguedes@gmail.com> 2016-12-13 23:42:43 -0200
committer: Andre Guedes <andrebsguedes@gmail.com> 2017-02-22 11:29:07 -0300
commit: 246df2bd1151d39a04ef553064144eb75ee3e980 (patch)
tree: 203bf32cea4f57b5eeb720c3c1aceba9e71965e8 /doc
parent: eed0b85ad084ad4d13cc26907102063d9372fe75 (diff)
download: gitlab-ce-246df2bd1151d39a04ef553064144eb75ee3e980.tar.gz
3 files changed, 33 insertions, 16 deletions
diff --git a/doc/administration/container_registry.md b/doc/administration/container_registry.md
index a6300e18dc0..14795601246 100644
--- a/doc/administration/container_registry.md
+++ b/doc/administration/container_registry.md
@@ -76,7 +76,7 @@ you modify its settings. Read the upstream documentation on how to achieve that.
 
 At the absolute minimum, make sure your [Registry configuration][registry-auth]
 has `container_registry` as the service and `https://gitlab.example.com/jwt/auth`
-as the realm:
+as the realm.
 
 ```
 auth:
@@ -87,6 +87,23 @@ auth:
     rootcertbundle: /root/certs/certbundle
 ```
 
+Also a notification endpoint must be configured with the token from
+Admin Area -> Overview -> Registry (`/admin/container_registry`) like in the following sample:
+
+```
+notifications:
+  endpoints:
+    - name: listener
+      url: https://gitlab.example.com/api/v3/registry_events
+      headers:
+        X-Registry-Token: [57Cx95fc2zHFh93VTiGD]
+      timeout: 500ms
+      threshold: 5
+      backoff: 1s
+```
+
+Check the [Registry endpoint configuration][registry-endpoint] for details.
+
 ## Container Registry domain configuration
 
 There are two ways you can configure the Registry's external domain.
@@ -477,7 +494,7 @@ configurable in future releases.
 **GitLab 8.8 ([source docs][8-8-docs])**
 
 - GitLab Container Registry feature was introduced.
-
+i
 [reconfigure gitlab]: restart_gitlab.md#omnibus-gitlab-reconfigure
 [restart gitlab]: restart_gitlab.md#installations-from-source
 [wildcard certificate]: https://en.wikipedia.org/wiki/Wildcard_certificate
@@ -487,6 +504,7 @@ configurable in future releases.
 [storage-config]: https://docs.docker.com/registry/configuration/#storage
 [registry-http-config]: https://docs.docker.com/registry/configuration/#http
 [registry-auth]: https://docs.docker.com/registry/configuration/#auth
+[registry-endpoint]: https://docs.docker.com/registry/notifications/#/configuration
 [token-config]: https://docs.docker.com/registry/configuration/#token
 [8-8-docs]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-8-stable/doc/administration/container_registry.md
 [registry-ssl]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/support/nginx/registry-ssl
diff --git a/doc/ci/docker/using_docker_build.md b/doc/ci/docker/using_docker_build.md
index 8620984d40d..6ae6269b28a 100644
--- a/doc/ci/docker/using_docker_build.md
+++ b/doc/ci/docker/using_docker_build.md
@@ -299,8 +299,8 @@ could look like:
    stage: build
    script:
      - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.example.com
-     - docker build -t registry.example.com/group/project:latest .
-     - docker push registry.example.com/group/project:latest
+     - docker build -t registry.example.com/group/project/image:latest .
+     - docker push registry.example.com/group/project/image:latest
 ```
 
 You have to use the special `gitlab-ci-token` user created for you in order to
@@ -350,8 +350,8 @@ stages:
 - deploy
 
 variables:
-  CONTAINER_TEST_IMAGE: registry.example.com/my-group/my-project:$CI_BUILD_REF_NAME
-  CONTAINER_RELEASE_IMAGE: registry.example.com/my-group/my-project:latest
+  CONTAINER_TEST_IMAGE: registry.example.com/my-group/my-project/my-image:$CI_BUILD_REF_NAME
+  CONTAINER_RELEASE_IMAGE: registry.example.com/my-group/my-project/my-image:latest
 
 before_script:
   - docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.example.com
diff --git a/doc/user/project/container_registry.md b/doc/user/project/container_registry.md
index 91b35c73b34..eada8e04227 100644
--- a/doc/user/project/container_registry.md
+++ b/doc/user/project/container_registry.md
@@ -10,6 +10,7 @@
 - Starting from GitLab 8.12, if you have 2FA enabled in your account, you need
   to pass a personal access token instead of your password in order to login to
   GitLab's Container Registry.
+- Multiple level image names support was added in GitLab ?8.15?
 
 With the Docker Container Registry integrated into GitLab, every project can
 have its own space to store its Docker images.
@@ -54,26 +55,23 @@ sure that you are using the Registry URL with the namespace and project name
 that is hosted on GitLab:
 
 ```
-docker build -t registry.example.com/group/project .
-docker push registry.example.com/group/project
+docker build -t registry.example.com/group/project/image .
+docker push registry.example.com/group/project/image
 ```
 
 Your image will be named after the following scheme:
 
 ```
-<registry URL>/<namespace>/<project>
+<registry URL>/<namespace>/<project>/<image>
 ```
 
-As such, the name of the image is unique, but you can differentiate the images
-using tags.
-
 ## Use images from GitLab Container Registry
 
 To download and run a container from images hosted in GitLab Container Registry,
 use `docker run`:
 
 ```
-docker run [options] registry.example.com/group/project [arguments]
+docker run [options] registry.example.com/group/project/image [arguments]
 ```
 
 For more information on running Docker containers, visit the
@@ -87,7 +85,8 @@ and click **Registry** in the project menu.
 This view will show you all tags in your project and will easily allow you to
 delete them.
 
-![Container Registry panel](img/container_registry_panel.png)
+![Container Registry panel](image-needs-update)
+[//]: # (img/container_registry_panel.png)
 
 ## Build and push images using GitLab CI
 
@@ -136,7 +135,7 @@ A user attempted to enable an S3-backed Registry. The `docker login` step went
 fine. However, when pushing an image, the output showed:
 
 ```
-The push refers to a repository [s3-testing.myregistry.com:4567/root/docker-test]
+The push refers to a repository [s3-testing.myregistry.com:4567/root/docker-test/docker-image]
 dc5e59c14160: Pushing [==================================================>] 14.85 kB
 03c20c1a019a: Pushing [==================================================>] 2.048 kB
 a08f14ef632e: Pushing [==================================================>] 2.048 kB
@@ -229,7 +228,7 @@ a container image. You may need to run as root to do this. For example:
 
 ```sh
 docker login s3-testing.myregistry.com:4567
-docker push s3-testing.myregistry.com:4567/root/docker-test
+docker push s3-testing.myregistry.com:4567/root/docker-test/docker-image
 ```
 
 In the example above, we see the following trace on the mitmproxy window:
author	Andre Guedes <andrebsguedes@gmail.com>	2016-12-13 23:42:43 -0200
committer	Andre Guedes <andrebsguedes@gmail.com>	2017-02-22 11:29:07 -0300
commit	246df2bd1151d39a04ef553064144eb75ee3e980 (patch)
tree	203bf32cea4f57b5eeb720c3c1aceba9e71965e8 /doc
parent	eed0b85ad084ad4d13cc26907102063d9372fe75 (diff)
download	gitlab-ce-246df2bd1151d39a04ef553064144eb75ee3e980.tar.gz