From fba3c573f1eb41cf9a88425142a87242562628ad Mon Sep 17 00:00:00 2001 From: Carlos Diaz-Padron Date: Tue, 17 Nov 2015 23:32:57 -0800 Subject: [PATCH 1/2] De-nest docker registry auth and reformat related doc --- client/driver/docker.go | 36 ++++++++++------------ website/source/docs/drivers/docker.html.md | 10 +++--- 2 files changed, 22 insertions(+), 24 deletions(-) diff --git a/client/driver/docker.go b/client/driver/docker.go index d1e007e25668..d209accf853d 100644 --- a/client/driver/docker.go +++ b/client/driver/docker.go @@ -25,26 +25,21 @@ type DockerDriver struct { fingerprint.StaticFingerprinter } -type DockerAuthConfig struct { - UserName string `mapstructure:"auth.username"` // user name of the registry - Password string `mapstructure:"auth.password"` // password to access the registry - Email string `mapstructure:"auth.email"` // email address of the user who is allowed to access the registry - ServerAddress string `mapstructure:"auth.server_address"` // server address of the registry - -} - type DockerDriverConfig struct { - DockerAuthConfig - ImageName string `mapstructure:"image"` // Container's Image Name - Command string `mapstructure:"command"` // The Command/Entrypoint to run when the container starts up - Args string `mapstructure:"args"` // The arguments to the Command/Entrypoint - NetworkMode string `mapstructure:"network_mode"` // The network mode of the container - host, net and none - PortMap []map[string]int `mapstructure:"port_map"` // A map of host port labels and the ports exposed on the container - Privileged bool `mapstructure:"privileged"` // Flag to run the container in priviledged mode - DNS string `mapstructure:"dns_server"` // DNS Server for containers - SearchDomains string `mapstructure:"search_domains"` // DNS Search domains for containers - Hostname string `mapstructure:"hostname"` // Hostname for containers - Labels []map[string]string `mapstructure:"labels"` // Labels to set when the container starts up + ImageName string `mapstructure:"image"` // Container's Image Name + Command string `mapstructure:"command"` // The Command/Entrypoint to run when the container starts up + Args string `mapstructure:"args"` // The arguments to the Command/Entrypoint + NetworkMode string `mapstructure:"network_mode"` // The network mode of the container - host, net and none + PortMap []map[string]int `mapstructure:"port_map"` // A map of host port labels and the ports exposed on the container + Privileged bool `mapstructure:"privileged"` // Flag to run the container in priviledged mode + DNS string `mapstructure:"dns_server"` // DNS Server for containers + SearchDomains string `mapstructure:"search_domains"` // DNS Search domains for containers + Hostname string `mapstructure:"hostname"` // Hostname for containers + Labels []map[string]string `mapstructure:"labels"` // Labels to set when the container starts up + UserName string `mapstructure:"auth_username"` // user name of the registry + Password string `mapstructure:"auth_password"` // password to access the registry + Email string `mapstructure:"auth_email"` // email address of the user who is allowed to access the registry + ServerAddress string `mapstructure:"auth_server_address"` // server address of the registry } func (c *DockerDriverConfig) Validate() error { @@ -392,6 +387,9 @@ func (d *DockerDriver) Start(ctx *ExecContext, task *structs.Task) (DriverHandle ServerAddress: driverConfig.ServerAddress, } + d.logger.Printf("[DEBUG] TASKCONFIG: %v", task.Config) + d.logger.Printf("[DEBUG] DRIVERCONFIG: %v", driverConfig) + d.logger.Printf("[DEBUG] AUTH: %v", authOptions) err = client.PullImage(pullOptions, authOptions) if err != nil { d.logger.Printf("[ERR] driver.docker: failed pulling container %s:%s: %s", repo, tag, err) diff --git a/website/source/docs/drivers/docker.html.md b/website/source/docs/drivers/docker.html.md index 313b59c1f13d..255437c5d47f 100644 --- a/website/source/docs/drivers/docker.html.md +++ b/website/source/docs/drivers/docker.html.md @@ -56,11 +56,11 @@ specification: following authentication parameters. These options can provide access to private repositories that utilize the docker remote api (e.g. dockerhub, quay.io) - - `auth.username` - (Optional) The account username - - `auth.password` - (Optional) The account password - - `auth.email` - (Optional) The account email - - `auth.server-address` - (Optional) The server domain/ip without the - protocol + +* `auth_username` - (Optional) The account username. +* `auth_password` - (Optional) The account password. +* `auth_email` - (Optional) The account email. +* `auth_server-address` - (Optional) The server domain/ip without the protocol. ### Port Mapping From 270631a006b80a03967d2e640af1abfe0fa0cf65 Mon Sep 17 00:00:00 2001 From: Carlos Diaz-Padron Date: Wed, 18 Nov 2015 01:37:42 -0800 Subject: [PATCH 2/2] Nest Docker driver auth under object --- client/driver/docker.go | 48 ++++++++++++---------- website/source/docs/drivers/docker.html.md | 10 +++-- 2 files changed, 32 insertions(+), 26 deletions(-) diff --git a/client/driver/docker.go b/client/driver/docker.go index d209accf853d..0cafaa672c7d 100644 --- a/client/driver/docker.go +++ b/client/driver/docker.go @@ -25,21 +25,25 @@ type DockerDriver struct { fingerprint.StaticFingerprinter } +type DockerDriverAuth struct { + Username string `mapstructure:"username"` // username for the registry + Password string `mapstructure:"password"` // password to access the registry + Email string `mapstructure:"email"` // email address of the user who is allowed to access the registry + ServerAddress string `mapstructure:"server_address"` // server address of the registry +} + type DockerDriverConfig struct { - ImageName string `mapstructure:"image"` // Container's Image Name - Command string `mapstructure:"command"` // The Command/Entrypoint to run when the container starts up - Args string `mapstructure:"args"` // The arguments to the Command/Entrypoint - NetworkMode string `mapstructure:"network_mode"` // The network mode of the container - host, net and none - PortMap []map[string]int `mapstructure:"port_map"` // A map of host port labels and the ports exposed on the container - Privileged bool `mapstructure:"privileged"` // Flag to run the container in priviledged mode - DNS string `mapstructure:"dns_server"` // DNS Server for containers - SearchDomains string `mapstructure:"search_domains"` // DNS Search domains for containers - Hostname string `mapstructure:"hostname"` // Hostname for containers - Labels []map[string]string `mapstructure:"labels"` // Labels to set when the container starts up - UserName string `mapstructure:"auth_username"` // user name of the registry - Password string `mapstructure:"auth_password"` // password to access the registry - Email string `mapstructure:"auth_email"` // email address of the user who is allowed to access the registry - ServerAddress string `mapstructure:"auth_server_address"` // server address of the registry + ImageName string `mapstructure:"image"` // Container's Image Name + Command string `mapstructure:"command"` // The Command/Entrypoint to run when the container starts up + Args string `mapstructure:"args"` // The arguments to the Command/Entrypoint + NetworkMode string `mapstructure:"network_mode"` // The network mode of the container - host, net and none + PortMap []map[string]int `mapstructure:"port_map"` // A map of host port labels and the ports exposed on the container + Privileged bool `mapstructure:"privileged"` // Flag to run the container in priviledged mode + DNS string `mapstructure:"dns_server"` // DNS Server for containers + SearchDomains string `mapstructure:"search_domains"` // DNS Search domains for containers + Hostname string `mapstructure:"hostname"` // Hostname for containers + Labels []map[string]string `mapstructure:"labels"` // Labels to set when the container starts up + Auth []DockerDriverAuth `mapstructure:"auth"` // Authentication credentials for a private Docker registry } func (c *DockerDriverConfig) Validate() error { @@ -380,16 +384,16 @@ func (d *DockerDriver) Start(ctx *ExecContext, task *structs.Task) (DriverHandle Tag: tag, } - authOptions := docker.AuthConfiguration{ - Username: driverConfig.UserName, - Password: driverConfig.Password, - Email: driverConfig.Email, - ServerAddress: driverConfig.ServerAddress, + authOptions := docker.AuthConfiguration{} + if len(driverConfig.Auth) != 0 { + authOptions = docker.AuthConfiguration{ + Username: driverConfig.Auth[0].Username, + Password: driverConfig.Auth[0].Password, + Email: driverConfig.Auth[0].Email, + ServerAddress: driverConfig.Auth[0].ServerAddress, + } } - d.logger.Printf("[DEBUG] TASKCONFIG: %v", task.Config) - d.logger.Printf("[DEBUG] DRIVERCONFIG: %v", driverConfig) - d.logger.Printf("[DEBUG] AUTH: %v", authOptions) err = client.PullImage(pullOptions, authOptions) if err != nil { d.logger.Printf("[ERR] driver.docker: failed pulling container %s:%s: %s", repo, tag, err) diff --git a/website/source/docs/drivers/docker.html.md b/website/source/docs/drivers/docker.html.md index 255437c5d47f..a2c2d58a27c2 100644 --- a/website/source/docs/drivers/docker.html.md +++ b/website/source/docs/drivers/docker.html.md @@ -57,10 +57,12 @@ following authentication parameters. These options can provide access to private repositories that utilize the docker remote api (e.g. dockerhub, quay.io) -* `auth_username` - (Optional) The account username. -* `auth_password` - (Optional) The account password. -* `auth_email` - (Optional) The account email. -* `auth_server-address` - (Optional) The server domain/ip without the protocol. +The `auth` object supports the following keys: + +* `username` - (Optional) The account username. +* `password` - (Optional) The account password. +* `email` - (Optional) The account email. +* `server_address` - (Optional) The server domain/ip without the protocol. ### Port Mapping