Documentation ¶
Index ¶
- Constants
- func AddShortNameAlias(ctx *types.SystemContext, name string, value string) error
- func AdditionalLayerStoreAuthHelper(sys *types.SystemContext) (string, error)
- func ConfigDirPath(ctx *types.SystemContext) string
- func ConfigPath(ctx *types.SystemContext) string
- func ConfigurationSourceDescription(ctx *types.SystemContext) string
- func CredentialHelpers(sys *types.SystemContext) ([]string, error)
- func GetShortNameMode(ctx *types.SystemContext) (types.ShortNameMode, error)
- func InvalidateCache()
- func RemoveShortNameAlias(ctx *types.SystemContext, name string) error
- func ResolveShortNameAlias(ctx *types.SystemContext, name string) (reference.Named, string, error)
- func UnqualifiedSearchRegistries(ctx *types.SystemContext) ([]string, error)
- func UnqualifiedSearchRegistriesWithOrigin(ctx *types.SystemContext) ([]string, string, error)
- type Endpoint
- type InvalidRegistries
- type PullSource
- type Registry
- type V1RegistriesConf
- type V1TOMLConfig
- type V1TOMLregistries
- type V2RegistriesConf
Constants ¶
const ( // configuration values for "pull-from-mirror" // mirrors will be used for both digest pulls and tag pulls MirrorAll = "all" // mirrors will only be used for digest pulls MirrorByDigestOnly = "digest-only" // mirrors will only be used for tag pulls MirrorByTagOnly = "tag-only" )
const AuthenticationFileHelper = "containers-auth.json"
AuthenticationFileHelper is a special key for credential helpers indicating the usage of consulting containers-auth.json files instead of a credential helper.
Variables ¶
This section is empty.
Functions ¶
func AddShortNameAlias ¶ added in v5.8.0
func AddShortNameAlias(ctx *types.SystemContext, name string, value string) error
AddShortNameAlias adds the specified name-value pair as a new alias to the user-specific aliases.conf. It may override an existing alias for `name`.
Note that it’s the caller’s responsibility to pass only a repository (reference.IsNameOnly) as the short name.
func AdditionalLayerStoreAuthHelper ¶ added in v5.32.0
func AdditionalLayerStoreAuthHelper(sys *types.SystemContext) (string, error)
AdditionalLayerStoreAuthHelper returns the helper for passing registry credentials to Additional Layer Store.
func ConfigDirPath ¶ added in v5.3.0
func ConfigDirPath(ctx *types.SystemContext) string
ConfigDirPath returns the path to the directory for drop-in registry configuration files. Deprecated: This API implies configuration is read from directories, and that there is only one. Please use ConfigurationSourceDescription to obtain a string usable for error messages.
func ConfigPath ¶
func ConfigPath(ctx *types.SystemContext) string
ConfigPath returns the path to the system-wide registry configuration file. Deprecated: This API implies configuration is read from files, and that there is only one. Please use ConfigurationSourceDescription to obtain a string usable for error messages.
func ConfigurationSourceDescription ¶ added in v5.6.0
func ConfigurationSourceDescription(ctx *types.SystemContext) string
ConfigurationSourceDescription returns a string containers paths of registries.conf and registries.conf.d
func CredentialHelpers ¶ added in v5.11.0
func CredentialHelpers(sys *types.SystemContext) ([]string, error)
CredentialHelpers returns the global top-level credential helpers.
func GetShortNameMode ¶ added in v5.8.0
func GetShortNameMode(ctx *types.SystemContext) (types.ShortNameMode, error)
GetShortNameMode returns the configured types.ShortNameMode.
func InvalidateCache ¶
func InvalidateCache()
InvalidateCache invalidates the registry cache. This function is meant to be used for long-running processes that need to reload potential changes made to the cached registry config files.
func RemoveShortNameAlias ¶ added in v5.8.0
func RemoveShortNameAlias(ctx *types.SystemContext, name string) error
RemoveShortNameAlias clears the alias for the specified name. It throws an error in case name does not exist in the machine-generated short-name-alias.conf. In such case, the alias must be specified in one of the registries.conf files, which is the users' responsibility.
Note that it’s the caller’s responsibility to pass only a repository (reference.IsNameOnly) as the short name.
func ResolveShortNameAlias ¶ added in v5.8.0
ResolveShortNameAlias performs an alias resolution of the specified name. The user-specific short-name-aliases.conf has precedence over aliases in the assembled registries.conf. It returns the possibly resolved alias or nil, a human-readable description of the config where the alias is specified, and an error. The origin of the config file is crucial for an improved user experience such that users are able to resolve potential pull errors. Almost all callers should use pkg/shortnames instead.
Note that it’s the caller’s responsibility to pass only a repository (reference.IsNameOnly) as the short name.
func UnqualifiedSearchRegistries ¶
func UnqualifiedSearchRegistries(ctx *types.SystemContext) ([]string, error)
UnqualifiedSearchRegistries returns a list of host[:port] entries to try for unqualified image search, in the returned order)
func UnqualifiedSearchRegistriesWithOrigin ¶ added in v5.8.0
func UnqualifiedSearchRegistriesWithOrigin(ctx *types.SystemContext) ([]string, string, error)
UnqualifiedSearchRegistriesWithOrigin returns a list of host[:port] entries to try for unqualified image search, in the returned order. It also returns a human-readable description of where these entries are specified (e.g., a registries.conf file).
Types ¶
type Endpoint ¶
type Endpoint struct { // The endpoint's remote location. Can be empty iff Prefix contains // wildcard in the format: "*.example.com" for subdomain matching. // Please refer to FindRegistry / PullSourcesFromReference instead // of accessing/interpreting `Location` directly. Location string `toml:"location,omitempty"` // If true, certs verification will be skipped and HTTP (non-TLS) // connections will be allowed. Insecure bool `toml:"insecure,omitempty"` // PullFromMirror is used for adding restrictions to image pull through the mirror. // Set to "all", "digest-only", or "tag-only". // If "digest-only", mirrors will only be used for digest pulls. Pulling images by // tag can potentially yield different images, depending on which endpoint // we pull from. Restricting mirrors to pulls by digest avoids that issue. // If "tag-only", mirrors will only be used for tag pulls. For a more up-to-date and expensive mirror // that it is less likely to be out of sync if tags move, it should not be unnecessarily // used for digest references. // Default is "all" (or left empty), mirrors will be used for both digest pulls and tag pulls unless the mirror-by-digest-only is set for the primary registry. // This can only be set in a registry's Mirror field, not in the registry's primary Endpoint. // This per-mirror setting is allowed only when mirror-by-digest-only is not configured for the primary registry. PullFromMirror string `toml:"pull-from-mirror,omitempty"` }
Endpoint describes a remote location of a registry.
type InvalidRegistries ¶
type InvalidRegistries struct {
// contains filtered or unexported fields
}
InvalidRegistries represents an invalid registry configurations. An example is when "registry.com" is defined multiple times in the configuration but with conflicting security settings.
func (*InvalidRegistries) Error ¶
func (e *InvalidRegistries) Error() string
Error returns the error string.
type PullSource ¶
PullSource consists of an Endpoint and a Reference. Note that the reference is rewritten according to the registries prefix and the Endpoint's location.
type Registry ¶
type Registry struct { // Prefix is used for matching images, and to translate one namespace to // another. If `Prefix="example.com/bar"`, `location="example.com/foo/bar"` // and we pull from "example.com/bar/myimage:latest", the image will // effectively be pulled from "example.com/foo/bar/myimage:latest". // If no Prefix is specified, it defaults to the specified location. // Prefix can also be in the format: "*.example.com" for matching // subdomains. The wildcard should only be in the beginning and should also // not contain any namespaces or special characters: "/", "@" or ":". // Please refer to FindRegistry / PullSourcesFromReference instead // of accessing/interpreting `Prefix` directly. Prefix string `toml:"prefix"` // A registry is an Endpoint too Endpoint // The registry's mirrors. Mirrors []Endpoint `toml:"mirror,omitempty"` // If true, pulling from the registry will be blocked. Blocked bool `toml:"blocked,omitempty"` // If true, mirrors will only be used for digest pulls. Pulling images by // tag can potentially yield different images, depending on which endpoint // we pull from. Restricting mirrors to pulls by digest avoids that issue. MirrorByDigestOnly bool `toml:"mirror-by-digest-only,omitempty"` }
Registry represents a registry.
func FindRegistry ¶
func FindRegistry(ctx *types.SystemContext, ref string) (*Registry, error)
FindRegistry returns the Registry with the longest prefix for ref, which is a registry, repository namespace repository or image reference (as formatted by reference.Domain(), reference.Named.Name() or reference.Reference.String() — note that this requires the name to start with an explicit hostname!). If no Registry prefixes the image, nil is returned.
func GetRegistries ¶
func GetRegistries(ctx *types.SystemContext) ([]Registry, error)
GetRegistries has been deprecated. Use FindRegistry instead.
GetRegistries loads and returns the registries specified in the config. Note the parsed content of registry config files is cached. For reloading, use `InvalidateCache` and re-call `GetRegistries`.
func (*Registry) PullSourcesFromReference ¶
func (r *Registry) PullSourcesFromReference(ref reference.Named) ([]PullSource, error)
PullSourcesFromReference returns a slice of PullSource's based on the passed reference.
type V1RegistriesConf ¶
type V1RegistriesConf struct {
V1TOMLConfig `toml:"registries"`
}
V1RegistriesConf is the sysregistries v1 configuration format.
func (*V1RegistriesConf) ConvertToV2 ¶
func (config *V1RegistriesConf) ConvertToV2() (*V2RegistriesConf, error)
ConvertToV2 returns a v2 config corresponding to a v1 one.
func (*V1RegistriesConf) Nonempty ¶
func (config *V1RegistriesConf) Nonempty() bool
Nonempty returns true if config contains at least one configuration entry. Empty arrays are treated as missing entries.
type V1TOMLConfig ¶
type V1TOMLConfig struct { Search V1TOMLregistries `toml:"search"` Insecure V1TOMLregistries `toml:"insecure"` Block V1TOMLregistries `toml:"block"` }
V1TOMLConfig is for backwards compatibility to sysregistries v1
type V1TOMLregistries ¶
type V1TOMLregistries struct {
Registries []string `toml:"registries"`
}
V1TOMLregistries is for backwards compatibility to sysregistries v1
type V2RegistriesConf ¶
type V2RegistriesConf struct { Registries []Registry `toml:"registry"` // An array of host[:port] (not prefix!) entries to use for resolving unqualified image references UnqualifiedSearchRegistries []string `toml:"unqualified-search-registries"` // An array of global credential helpers to use for authentication // (e.g., ["pass", "secretservice"]). The helpers are consulted in the // specified order. Note that "containers-auth.json" is a reserved // value for consulting auth files as specified in // containers-auth.json(5). // // If empty, CredentialHelpers defaults to ["containers-auth.json"]. CredentialHelpers []string `toml:"credential-helpers"` // ShortNameMode defines how short-name resolution should be handled by // _consumers_ of this package. Depending on the mode, the user should // be prompted with a choice of using one of the unqualified-search // registries when referring to a short name. // // Valid modes are: * "prompt": prompt if stdout is a TTY, otherwise // use all unqualified-search registries * "enforcing": always prompt // and error if stdout is not a TTY * "disabled": do not prompt and // potentially use all unqualified-search registries ShortNameMode string `toml:"short-name-mode"` // AdditionalLayerStoreAuthHelper is a helper binary that receives // registry credentials pass them to Additional Layer Store for // registry authentication. These credentials are only collected when pulling (not pushing). AdditionalLayerStoreAuthHelper string `toml:"additional-layer-store-auth-helper"` // contains filtered or unexported fields }
V2RegistriesConf is the sysregistries v2 configuration format.
func TryUpdatingCache ¶
func TryUpdatingCache(ctx *types.SystemContext) (*V2RegistriesConf, error)
TryUpdatingCache loads the configuration from the provided `SystemContext` without using the internal cache. On success, the loaded configuration will be added into the internal registry cache. It returns the resulting configuration; this is DEPRECATED and may not correctly reflect any future data handled by this package.
func (*V2RegistriesConf) Nonempty ¶
func (config *V2RegistriesConf) Nonempty() bool
Nonempty returns true if config contains at least one configuration entry.