fix: limit docker library rewrite to Docker Hub
Some checks failed
docker-release / build-and-push (push) Failing after 12m34s
Some checks failed
docker-release / build-and-push (push) Failing after 12m34s
This commit is contained in:
@@ -1,6 +1,7 @@
|
||||
package docker
|
||||
|
||||
import (
|
||||
"net"
|
||||
"strings"
|
||||
|
||||
"github.com/any-hub/any-hub/internal/proxy/hooks"
|
||||
@@ -15,6 +16,9 @@ func init() {
|
||||
}
|
||||
|
||||
func normalizePath(ctx *hooks.RequestContext, clean string, rawQuery []byte) (string, []byte) {
|
||||
if ctx == nil || !isDockerHubHost(ctx.UpstreamHost) {
|
||||
return clean, rawQuery
|
||||
}
|
||||
repo, rest, ok := splitDockerRepoPath(clean)
|
||||
if !ok || repo == "" || strings.Contains(repo, "/") || repo == "library" {
|
||||
return clean, rawQuery
|
||||
@@ -54,6 +58,9 @@ func contentType(_ *hooks.RequestContext, locatorPath string) string {
|
||||
}
|
||||
|
||||
func isDockerHubHost(host string) bool {
|
||||
if parsedHost, _, err := net.SplitHostPort(host); err == nil {
|
||||
host = parsedHost
|
||||
}
|
||||
switch strings.ToLower(host) {
|
||||
case "registry-1.docker.io", "docker.io", "index.docker.io":
|
||||
return true
|
||||
|
||||
@@ -19,6 +19,14 @@ func TestNormalizePathAddsLibraryForDockerHub(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestNormalizePathSkipsLibraryForNonDockerHub(t *testing.T) {
|
||||
ctx := &hooks.RequestContext{UpstreamHost: "registry.k8s.io"}
|
||||
path, _ := normalizePath(ctx, "/v2/kube-apiserver/manifests/v1.35.3", nil)
|
||||
if path != "/v2/kube-apiserver/manifests/v1.35.3" {
|
||||
t.Fatalf("expected non-docker hub path to remain unchanged, got %s", path)
|
||||
}
|
||||
}
|
||||
|
||||
func TestSplitDockerRepoPath(t *testing.T) {
|
||||
repo, rest, ok := splitDockerRepoPath("/v2/library/nginx/manifests/latest")
|
||||
if !ok || repo != "library/nginx" || rest != "/manifests/latest" {
|
||||
|
||||
@@ -222,8 +222,8 @@ func TestDockerManifestHeadDoesNotOverwriteCache(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
func TestDockerNamespaceFallbackAddsLibrary(t *testing.T) {
|
||||
stub := newCacheFlowStub(t, dockerManifestPath)
|
||||
func TestDockerNonDockerHubUpstreamKeepsOriginalPath(t *testing.T) {
|
||||
stub := newCacheFlowStub(t, dockerManifestNoNamespacePath)
|
||||
defer stub.Close()
|
||||
|
||||
storageDir := t.TempDir()
|
||||
@@ -277,7 +277,7 @@ func TestDockerNamespaceFallbackAddsLibrary(t *testing.T) {
|
||||
}
|
||||
if resp.StatusCode != fiber.StatusOK {
|
||||
body, _ := io.ReadAll(resp.Body)
|
||||
t.Fatalf("expected 200 when fallback applies, got %d (body=%s)", resp.StatusCode, string(body))
|
||||
t.Fatalf("expected 200 when upstream keeps original path, got %d (body=%s)", resp.StatusCode, string(body))
|
||||
}
|
||||
resp.Body.Close()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user