----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/54537/#review163759 -----------------------------------------------------------
src/uri/fetchers/docker.cpp (line 468) <https://reviews.apache.org/r/54537/#comment235251> s/challenge/header/ src/uri/fetchers/docker.cpp (lines 468 - 512) <https://reviews.apache.org/r/54537/#comment235330> In fact, a second thought on this. Should we rename `getAuthToken` to `getAuthHeader` and put all the logic of generating the auth header in that function? In that way, you don't need to implement the same logic multiple times. src/uri/fetchers/docker.cpp (line 473) <https://reviews.apache.org/r/54537/#comment235252> s/challenge/header src/uri/fetchers/docker.cpp (line 475) <https://reviews.apache.org/r/54537/#comment235253> s/challenge/header/ src/uri/fetchers/docker.cpp (lines 481 - 491) <https://reviews.apache.org/r/54537/#comment235329> I saw this several places. Is there a way to factor out this into a helper: ``` Option<string> getAuthFromConfig(const URI& uri); ``` - Jie Yu On Jan. 31, 2017, 9:10 a.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/54537/ > ----------------------------------------------------------- > > (Updated Jan. 31, 2017, 9:10 a.m.) > > > Review request for mesos, Avinash sridharan, Artem Harutyunyan, Jie Yu, Shuai > Lin, and Timothy Chen. > > > Bugs: MESOS-6758 > https://issues.apache.org/jira/browse/MESOS-6758 > > > Repository: mesos > > > Description > ------- > > This patch implements the support for 'Basic' docker registry > authorization. It is tested by a local authenticated private > registry using 'localhost:443/alpine' docker image. > Please note that the AWS ECS uses Basic authorization but it > does not work yet due to the redirect issue MESOS-5172. > > > Diffs > ----- > > src/uri/fetchers/docker.cpp 5dd7b91a5302067ce150bd632a05eccaf424a8a8 > > Diff: https://reviews.apache.org/r/54537/diff/ > > > Testing > ------- > > make check > > Tested with local authenticated registry. Please follow the steps below: > > 1. Start a local private registry and push an image to it. > ``` > docker run -d -p 443:5000 --restart=always --name registry \ > -v `pwd`/auth:/auth \ > -e "REGISTRY_AUTH=htpasswd" \ > -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ > -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ > -v `pwd`/certs:/certs \ > -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localhost.crt \ > -e REGISTRY_HTTP_TLS_KEY=/certs/localhost.key \ > registry:2 > ``` > (*Note: need to generate TLS certificate file and key first) > > Then, push an image to the registry. > ``` > docker push localhost:443/alpine > ``` > > 2. Use `mesos-execute` to test the `localhost:443/alpine` image. > (*Note: need to configure the curl using the curl's default RC file), e.g., > in `~/.curlrc` file: > cacert = "/path/to/cacert.pem" > > > Thanks, > > Gilbert Song > >