You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@mesos.apache.org by gi...@apache.org on 2017/05/24 17:05:47 UTC

[09/10] mesos git commit: Supported Image::Secret in docker URI fetcher plugin.

Supported Image::Secret in docker URI fetcher plugin.

Review: https://reviews.apache.org/r/59018


Project: http://git-wip-us.apache.org/repos/asf/mesos/repo
Commit: http://git-wip-us.apache.org/repos/asf/mesos/commit/4faca73e
Tree: http://git-wip-us.apache.org/repos/asf/mesos/tree/4faca73e
Diff: http://git-wip-us.apache.org/repos/asf/mesos/diff/4faca73e

Branch: refs/heads/master
Commit: 4faca73e9608664a5fcf46cc95951c318a64861f
Parents: 4932045
Author: Gilbert Song <so...@gmail.com>
Authored: Mon May 22 20:48:26 2017 +0800
Committer: Gilbert Song <so...@gmail.com>
Committed: Thu May 25 01:04:30 2017 +0800

----------------------------------------------------------------------
 src/uri/fetchers/docker.cpp | 25 ++++++++++++++++++++++---
 1 file changed, 22 insertions(+), 3 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/mesos/blob/4faca73e/src/uri/fetchers/docker.cpp
----------------------------------------------------------------------
diff --git a/src/uri/fetchers/docker.cpp b/src/uri/fetchers/docker.cpp
index 6436f74..7f3e4e7 100644
--- a/src/uri/fetchers/docker.cpp
+++ b/src/uri/fetchers/docker.cpp
@@ -499,13 +499,15 @@ Future<Nothing> DockerFetcherPlugin::fetch(
       process.get(),
       &DockerFetcherPluginProcess::fetch,
       uri,
-      directory);
+      directory,
+      data);
 }
 
 
 Future<Nothing> DockerFetcherPluginProcess::fetch(
     const URI& uri,
-    const string& directory)
+    const string& directory,
+    const Option<string>& data)
 {
   // TODO(gilbert): Convert the `uri` to ::docker::spec::ImageReference
   // and pass it all the way down to avoid the complicated URI conversion
@@ -531,8 +533,25 @@ Future<Nothing> DockerFetcherPluginProcess::fetch(
         directory + "': " + mkdir.error());
   }
 
+  hashmap<string, spec::Config::Auth> _auths;
+
+  // 'data' is expected as a docker config in JSON format.
+  if (data.isSome()) {
+    Try<hashmap<string, spec::Config::Auth>> secretAuths =
+      spec::parseAuthConfig(data.get());
+
+    if (secretAuths.isError()) {
+      return Failure("Failed to parse docker config: " + secretAuths.error());
+    }
+
+    _auths = secretAuths.get();
+  }
+
+  // The 'secretAuths' takes the precedence over the default auths.
+  _auths.insert(auths.begin(), auths.end());
+
   // Use the 'Basic' credential to pull the manifest/blob by default.
-  http::Headers basicAuthHeaders = getAuthHeaderBasic(uri, auths);
+  http::Headers basicAuthHeaders = getAuthHeaderBasic(uri, _auths);
 
   if (uri.scheme() == "docker-blob") {
     return fetchBlob(uri, directory, basicAuthHeaders);