Skip to content

Commit 8b4cb6f

Browse files
dmcgowandmcgowan
committed
Update host resolver to use containerd host config
Signed-off-by: Derek McGowan <[email protected]>
1 parent 7c087c3 commit 8b4cb6f

7 files changed

Lines changed: 840 additions & 253 deletions

File tree

daemon/containerd/resolver.go

Lines changed: 5 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -2,8 +2,6 @@ package containerd
22

33
import (
44
"context"
5-
"crypto/tls"
6-
"errors"
75
"net/http"
86

97
"github.com/containerd/containerd/remotes"
@@ -33,25 +31,20 @@ func (i *ImageService) newResolverFromAuthConfig(ctx context.Context, authConfig
3331
}
3432

3533
func hostsWrapper(hostsFn docker.RegistryHosts, optAuthConfig *registrytypes.AuthConfig, ref reference.Named, regService registryResolver) docker.RegistryHosts {
36-
var authorizer docker.Authorizer
37-
if optAuthConfig != nil {
38-
authorizer = authorizerFromAuthConfig(*optAuthConfig, ref)
34+
if optAuthConfig == nil {
35+
return hostsFn
3936
}
4037

38+
authorizer := authorizerFromAuthConfig(*optAuthConfig, ref)
39+
4140
return func(n string) ([]docker.RegistryHost, error) {
4241
hosts, err := hostsFn(n)
4342
if err != nil {
4443
return nil, err
4544
}
4645

4746
for i := range hosts {
48-
if hosts[i].Authorizer == nil {
49-
hosts[i].Authorizer = authorizer
50-
isInsecure := regService.IsInsecureRegistry(hosts[i].Host)
51-
if hosts[i].Client.Transport != nil && isInsecure {
52-
hosts[i].Client.Transport = httpFallback{super: hosts[i].Client.Transport}
53-
}
54-
}
47+
hosts[i].Authorizer = authorizer
5548
}
5649
return hosts, nil
5750
}
@@ -111,24 +104,3 @@ func (a *bearerAuthorizer) AddResponses(context.Context, []*http.Response) error
111104
// Return not implemented to prevent retry of the request when bearer did not succeed
112105
return cerrdefs.ErrNotImplemented
113106
}
114-
115-
type httpFallback struct {
116-
super http.RoundTripper
117-
}
118-
119-
func (f httpFallback) RoundTrip(r *http.Request) (*http.Response, error) {
120-
resp, err := f.super.RoundTrip(r)
121-
var tlsErr tls.RecordHeaderError
122-
if errors.As(err, &tlsErr) && string(tlsErr.RecordHeader[:]) == "HTTP/" {
123-
// server gave HTTP response to HTTPS client
124-
plainHttpUrl := *r.URL
125-
plainHttpUrl.Scheme = "http"
126-
127-
plainHttpRequest := *r
128-
plainHttpRequest.URL = &plainHttpUrl
129-
130-
return http.DefaultTransport.RoundTrip(&plainHttpRequest)
131-
}
132-
133-
return resp, err
134-
}

0 commit comments

Comments
 (0)