The previous fix only validated registry names in the auths section of the docker config.
This also validates names listed in the credential helper or returned from the credential store.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
- Use "any" instead of an empty interface.
- Use range over an integer for for loops.
- Remove shadow variables in loops now that Go no longer reuses the variable.
- Use "slices.Contains", "slices.Delete", "slices.Equal", "slices.Index", "slices.SortFunc".
- Use "cmp.Or", "min", and "max".
- Use "fmt.Appendf" instead of "Sprintf" for generating a byte slice.
- Use "errors.Join" or "fmt.Errorf" with multiple "%w" for multiple errors.
Additionally, use modern regclient features:
- Use "ref.SetTag", "ref.SetDigest", and "ref.AddDigest".
- Call "regclient.ManifestGet" using "WithManifestDesc" instead of setting the digest on the reference.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
This updates the regclient Go library.
Existing users of logrus will continue to work using a logrus handler to slog.
Updates to the various commands will be made in a future commit.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
Breaking: config.Host.Throttle() has been removed. Use scheme.Throttler instead.
Ideally the config should only have static config values.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
- Logging in transport allows better debugging of each request, including redirects
- Backoff redesign better handles failed requests and slows down all requests
- Default rate limit is now removed
Signed-off-by: Brandon Mitchell <git@bmitch.net>
- Priority queue algorithm prefers a small entry (non-blob API), and 50/50 split of largest and oldest queued entries.
- Image reorder starts the blob copies sooner to avoid blocking on the tag listing for referrers or digest tags.
- pqueue.AcquireMulti releases queues in reverse order to minimize risk of an acquire blocked by a soon to release queue.
- Include type and size in the request for priority queue.
- Use expected request size to validate response.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
Breaking: This removes an undocumented API for deleting images from Hub.
Users that depend on that functionality should consider a Docker Hub alternative like hub-tool.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
Breaking: Update scheme to use pqueue instead of throttle.
This is the first step to redesign the network requests for more efficiency.
Library users are unlikely to encounter issues with the scheme change since
both throttle and pqueue are internal packages, so it shouldn't be possible
to call their methods directly or specify their types in variables.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
Make it easier to pull creds from a docker config.json outside of the
standard location, without needing environmental variables. For example,
a mounted K8s Secret of type `kubernetes.io/dockerconfigjson`.
Signed-off-by: Matthew Monaco <matt@monaco.cx>
Most of this is error handling. Many of the file IO warnings are
intentionally ignored since these tools are designed to run locally.
Signed-off-by: Brandon Mitchell <git@bmitch.net>
