Browse Source

Merge "Image uploader: use HTTPS for "no verify" registries" into stable/train

changes/05/703805/1
Zuul Gerrit Code Review 1 month ago
parent
commit
bf969fe66a
2 changed files with 12 additions and 3 deletions
  1. +4
    -3
      tripleo_common/image/image_uploader.py
  2. +8
    -0
      tripleo_common/tests/image/test_image_uploader.py

+ 4
- 3
tripleo_common/image/image_uploader.py View File

@@ -568,10 +568,11 @@ class BaseImageUploader(object):
mirror = cls.mirrors[netloc]
return '%sv2%s' % (mirror, path)
else:
if not cls.is_insecure_registry(registry_host=netloc):
scheme = 'https'
else:
if (cls.is_insecure_registry(registry_host=netloc) and
netloc not in cls.no_verify_registries):
scheme = 'http'
else:
scheme = 'https'
if netloc == 'docker.io':
netloc = 'registry-1.docker.io'
return '%s://%s/v2%s' % (scheme, netloc, path)


+ 8
- 0
tripleo_common/tests/image/test_image_uploader.py View File

@@ -625,6 +625,7 @@ class TestBaseImageUploader(base.TestCase):
build = image_uploader.BaseImageUploader._build_url
insecure_reg = image_uploader.BaseImageUploader.insecure_registries
secure_reg = image_uploader.BaseImageUploader.secure_registries
no_verify_reg = image_uploader.BaseImageUploader.no_verify_registries
mirrors = image_uploader.BaseImageUploader.mirrors
# fix urls
self.assertEqual(
@@ -643,6 +644,13 @@ class TestBaseImageUploader(base.TestCase):
'https://192.0.2.1:8787/v2/t/nova-api/tags/list',
build(url3, '/t/nova-api/tags/list')
)
# "no verify" registries are insecure but still use https
secure_reg.remove('192.0.2.1:8787')
no_verify_reg.add('192.0.2.1:8787')
self.assertEqual(
'https://192.0.2.1:8787/v2/t/nova-api/tags/list',
build(url3, '/t/nova-api/tags/list')
)

# test mirrors
mirrors['docker.io'] = 'http://192.0.2.2:8081/registry-1.docker/'


Loading…
Cancel
Save