-
Notifications
You must be signed in to change notification settings - Fork 18.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add insecure registries to docker info #20410
Add insecure registries to docker info #20410
Conversation
if info.RegistryConfig != nil && (len(info.RegistryConfig.InsecureRegistryCIDRs) > 0 || len(info.RegistryConfig.IndexConfigs) > 0) { | ||
fmt.Fprintln(cli.out, "Insecure registries:") | ||
for _, registry := range info.RegistryConfig.IndexConfigs { | ||
fmt.Fprintf(cli.out, " %s\n", registry.Name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think this needs to check for Secure == false
.
I think it would make more sense to have a "Registries" section in general with information of all registries, not only insecure ones. Please, add tests to https://github.com/docker/docker/blob/master/integration-cli/docker_cli_info_test.go |
5d7c5aa
to
ce73ea3
Compare
@aaronlehmann Added additional Secure == false condition checking @calavera What exactly do you mean by all registries? Those defined in config.json as well? |
ce73ea3
to
dc7e18c
Compare
I've added a test for that. This way the base issue for this PR is covered. But what about this proposition of extending docker info to all registries? Personally, I think it would be useful and I will be happy to extend this PR with it but could you first guide me a little bit with this idea? Are we talking about those registries defined in config.json? ping @calavera @thaJeztah |
dc7e18c
to
fb01a29
Compare
Yes, I'm talking about showing all registries configured, doing something like this (or similar): + fmt.Fprintln(cli.out, "Registries:")
+ for _, registry := range info.RegistryConfig.IndexConfigs {
+ label := "secure registry"
+ if !registry.Secure {
+ label = "insecure registry"
+ }
+ fmt.Fprintf(cli.out, " %s: %s\n", registry.Name, label)
+ } |
Thanks @calavera , now I get it. |
fb01a29
to
86b5cff
Compare
@calavera @thaJeztah |
Design LGTM. Can you also update the documentation, and update the example output in https://github.com/docker/docker/blob/master/docs/reference/commandline/info.md and https://github.com/docker/docker/blob/master/man/docker-info.1.md ? Moving this to code review |
ping @calavera @aaronlehmann for review |
86b5cff
to
6d572ec
Compare
@thaJeztah I've added example output to those files you mentioned - hope that's all the related docs ;) |
I'm not sure I like the concept of exposing this as a list of configured registries instead of a list of insecure registries. I prefer the original approach. The problem is that the only way to add something to the list is to use
|
hm good point 😢 @calavera ^^ |
Hey @calavera @thaJeztah |
Based on @aaronlehmann's comment I think we need to change back to the original version; showing an incomplete list of "secure" registries isn't useful, so if we cannot show all registries, then I think only showing the insecure ones is probably best. At that point, I'm wondering if we should have a feature that just shows the active configuration, e.g. @calavera wdyt? |
ping @calavera |
Hey @calavera @thaJeztah @aaronlehmann |
sounds good to me
We can make it part of the Info output, we already mix client info with server info. |
6d572ec
to
73f0a12
Compare
OK, so I've updated this PR to the version that seems to be acceptable (only insecure registries). As of listing the active configuration of the daemon (and #21559): I can do it as well but we would need to talk about what exactly needs to be printed and under which command. |
fmt.Fprintln(cli.out, "Insecure registries:") | ||
for _, registry := range info.RegistryConfig.IndexConfigs { | ||
if registry.Secure == false { | ||
fmt.Fprintf(cli.out, " %s\n", registry.Name) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Minor cosmetic nit: I think this would be simpler as fmt.Fprintln(cli.out, " "+registry.Name)
. This is mostly personal preference - feel free to ignore.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If it's not a must, I'd prefer my version.
Thanks for your patience. The latest version of the PR looks correct to me. I noted a few minor cosmetic issues about the use of printf formatting. |
Signed-off-by: Tomasz Kopczynski <tomek@kopczynski.net.pl>
73f0a12
to
44a50ab
Compare
@aaronlehmann PR was updated, ptal |
Hey @aaronlehmann
No problem, I'm glad it's going to be merged eventually.
I've corrected those with the exception of the first one which (as I understand) is not a blocker. |
LGTM |
@thaJeztah that was really fast :) |
LGTM |
LGTM |
merging. thanks so much @tkopczynski, also for being patient during the bike-shedding 👍 |
@thaJeztah It's fine, great that it's in master finally 😄 |
@tkopczynski Thank you for the PR. (I was the original requester) |
Adding additional section to docker info: Insecure registries.
I think we don't need to make any additional changes in engine-api but let me know if I missed something.
Also, I haven't written any test because I haven't found any for docker info command. If you think it should be covered somehow, I will add it to this PR.
Fixes #20236
Signed-off-by: Tomasz Kopczynski tomek@kopczynski.net.pl