Documentation
¶
Overview ¶
Package registries contains shared infrastructure to build/update /etc/containers/registries.conf based on cluster-wide configuration.
NOTE: This has users outside of the machine-config-operator repository!
Index ¶
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EditRegistriesConfig ¶
func EditRegistriesConfig(config *sysregistriesv2.V2RegistriesConf, insecureScopes, blockedScopes []string, icspRules []*apioperatorsv1alpha1.ImageContentSourcePolicy, idmsRules []*apicfgv1.ImageDigestMirrorSet, itmsRules []*apicfgv1.ImageTagMirrorSet, ) error
EditRegistriesConfig edits, IN PLACE, the /etc/containers/registries.conf configuration provided in config, to: - Mark scope entries in insecureScopes as insecure (TLS is not required, and TLS certificate verification is not required when TLS is used) - Mark scope entries in blockedScopes as blocked (any attempts to access them fail) - Implement ImageContentSourcePolicy rules in icspRules. - Implement ImageDigestMirrorSet rules in idmsRules. - Implement ImageTagMirrorSet rules in itmsRules. "scopes" can be any of whole registries, which means that the configuration applies to everything on that registry, including any possible separately-configured namespaces/repositories within that registry. or can be wildcard entries, which means that we accept wildcards in the form of *.example.registry.com for insecure and blocked registries only. We do not accept them for mirror configuration. A valid scope is in the form of registry/namespace...[/repo] (can also refer to sysregistriesv2.Registry.Prefix) NOTE: Validation of wildcard entries is done before EditRegistriesConfig is called in the MCO code.
func IsValidRegistriesConfScope ¶
IsValidRegistriesConfScope returns true if scope is a valid scope for the Prefix key in registries.conf This function can be used to validate the registries entries prior to calling EditRegistriesConfig in the MCO or builds code
func ScopeIsNestedInsideScope ¶
ScopeIsNestedInsideScope returns true if a subScope value (as in sysregistriesv2.Registry.Prefix / sysregistriesv2.Endpoint.Location) is a sub-scope of superScope.
Types ¶
This section is empty.
Source Files