> On Dec. 16, 2016, 11:49 a.m., Jie Yu wrote: > > src/uri/fetchers/docker.cpp, lines 809-829 > > <https://reviews.apache.org/r/54537/diff/2/?file=1586506#file1586506line809> > > > > Let's add a Header abstraction in process::http and move the parsing > > logic there: > > > > ``` > > namespace http { > > > > namespace header { > > > > // https://tools.ietf.org/html/rfc2617. > > class WWWAuthenticate > > { > > public: > > constexpr char NAME[] = "WWW-Authenticate"; > > > > static Try<WWWAuthenticate> create(const string& value); > > > > string scheme(); > > vector<string> challenges(); > > }; > > > > } > > > > class Headers > > { > > typedef hashmap< > > string, > > string, > > CaseInsensitiveHash, > > CaseInsensitiveEqual> Type; > > > > template <typename T> > > Result<T> get() > > { > > Option<string> value = get(T::NAME); > > if (value.isNone()) { > > return None(); > > } > > Try<T> header = T::create(value.get()); > > if (header.isError()) { > > return Error(header.error()); > > } > > return header.get(); > > } > > > > Try<header::WWWAuthenticate> header = > > header::WWWAuthenticate::create(value.get()); > > ... > > } > > > > Option<string> get(const string& key); > > > > string& operator[] (const string& key); > > > > typename Type::iterator begin(); > > typename Type::iterator end(); > > typename Type::const_iterator begin() const; > > typename Type::const_iterator end() const; > > > > Type values; > > }; > > } > > ```
Let me detach the patch from the chain. And use another chain for `basic auth`. - Gilbert ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/54537/#review159483 ----------------------------------------------------------- On Dec. 15, 2016, 9:55 a.m., Gilbert Song wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/54537/ > ----------------------------------------------------------- > > (Updated Dec. 15, 2016, 9:55 a.m.) > > > Review request for mesos, Artem Harutyunyan, Jie Yu, Shuai Lin, and Timothy > Chen. > > > Bugs: MESOS-6758 > https://issues.apache.org/jira/browse/MESOS-6758 > > > Repository: mesos > > > Description > ------- > > This patch implements the support for 'Basic' docker registry > authorization. It is tested by a local authenticated private > registry using 'localhost:443/alpine' docker image. > Please note that the AWS ECS uses Basic authorization but it > does not work yet due to the redirect issue MESOS-5172. > > > Diffs > ----- > > src/uri/fetchers/docker.cpp 3f38dddfb4c089322fe4e13b1ef2070b4835885c > > Diff: https://reviews.apache.org/r/54537/diff/ > > > Testing > ------- > > make check > > Tested with local authenticated registry. Please follow the steps below: > > 1. Start a local private registry and push an image to it. > ``` > docker run -d -p 443:5000 --restart=always --name registry \ > -v `pwd`/auth:/auth \ > -e "REGISTRY_AUTH=htpasswd" \ > -e "REGISTRY_AUTH_HTPASSWD_REALM=Registry Realm" \ > -e REGISTRY_AUTH_HTPASSWD_PATH=/auth/htpasswd \ > -v `pwd`/certs:/certs \ > -e REGISTRY_HTTP_TLS_CERTIFICATE=/certs/localhost.crt \ > -e REGISTRY_HTTP_TLS_KEY=/certs/localhost.key \ > registry:2 > ``` > (*Note: need to generate TLS certificate file and key first) > > Then, push an image to the registry. > ``` > docker push localhost:443/alpine > ``` > > 2. Use `mesos-execute` to test the `localhost:443/alpine` image. > (*Note: need to configure the curl using the curl's default RC file), e.g., > in `~/.curlrc` file: > cacert = "/path/to/cacert.pem" > > > Thanks, > > Gilbert Song > >
