----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/54537/#review159483 -----------------------------------------------------------
src/uri/fetchers/docker.cpp (lines 781 - 801) <https://reviews.apache.org/r/54537/#comment230486> Let's add a Header abstraction in process::http and move the parsing logic there: ``` namespace http { namespace header { // https://tools.ietf.org/html/rfc2617. class WWWAuthenticate { public: constexpr char NAME[] = "WWW-Authenticate"; static Try<WWWAuthenticate> create(const string& value); string scheme(); vector<string> challenges(); }; } class Headers { typedef hashmap< string, string, CaseInsensitiveHash, CaseInsensitiveEqual> Type; template <typename T> Result<T> get() { Option<string> value = get(T::NAME); if (value.isNone()) { return None(); } Try<T> header = T::create(value.get()); if (header.isError()) { return Error(header.error()); } return header.get(); } Try<header::WWWAuthenticate> header = header::WWWAuthenticate::create(value.get()); ... } Option<string> get(const string& key); string& operator[] (const string& key); typename Type::iterator begin(); typename Type::iterator end(); typename Type::const_iterator begin() const; typename Type::const_iterator end() const; Type values; }; } ``` - Jie Yu On Dec. 15, 2016, 5:55 p.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/54537/ > ----------------------------------------------------------- > > (Updated Dec. 15, 2016, 5:55 p.m.) > > > Review request for mesos, Artem Harutyunyan, Jie Yu, Shuai Lin, and Timothy > Chen. > > > Bugs: MESOS-6758 > https://issues.apache.org/jira/browse/MESOS-6758 > > > Repository: mesos > > > Description > ------- > > This patch implements the support for 'Basic' docker registry > authorization. It is tested by a local authenticated private > registry using 'localhost:443/alpine' docker image. > Please note that the AWS ECS uses Basic authorization but it > does not work yet due to the redirect issue MESOS-5172. > > > Diffs > ----- > > src/uri/fetchers/docker.cpp 3f38dddfb4c089322fe4e13b1ef2070b4835885c > > Diff: https://reviews.apache.org/r/54537/diff/ > > > Testing > ------- > > make check > > Tested with local authenticated registry. Please follow the steps below: > > 1. Start a local private registry and push an image to it. > ``` > docker run -d -p 443:5000 --restart=always --name registry \ > -v `pwd`/auth:/auth \ > -e "REGISTRY_AUTH=htpasswd" \ > -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ > -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ > -v `pwd`/certs:/certs \ > -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localhost.crt \ > -e REGISTRY_HTTP_TLS_KEY=/certs/localhost.key \ > registry:2 > ``` > (*Note: need to generate TLS certificate file and key first) > > Then, push an image to the registry. > ``` > docker push localhost:443/alpine > ``` > > 2. Use `mesos-execute` to test the `localhost:443/alpine` image. > (*Note: need to configure the curl using the curl's default RC file), e.g., > in `~/.curlrc` file: > cacert = "/path/to/cacert.pem" > > > Thanks, > > Gilbert Song > >
