github.com/devdivbcp/moby@v17.12.0-ce-rc1.0.20200726071732-2d4bfdc789ad+incompatible/distribution/pull.go (about) 1 package distribution // import "github.com/docker/docker/distribution" 2 3 import ( 4 "context" 5 "fmt" 6 7 "github.com/docker/distribution/reference" 8 "github.com/docker/docker/api" 9 "github.com/docker/docker/distribution/metadata" 10 "github.com/docker/docker/pkg/progress" 11 refstore "github.com/docker/docker/reference" 12 "github.com/docker/docker/registry" 13 "github.com/opencontainers/go-digest" 14 specs "github.com/opencontainers/image-spec/specs-go/v1" 15 "github.com/pkg/errors" 16 "github.com/sirupsen/logrus" 17 ) 18 19 // Puller is an interface that abstracts pulling for different API versions. 20 type Puller interface { 21 // Pull tries to pull the image referenced by `tag` 22 // Pull returns an error if any, as well as a boolean that determines whether to retry Pull on the next configured endpoint. 23 // 24 Pull(ctx context.Context, ref reference.Named, platform *specs.Platform) error 25 } 26 27 // newPuller returns a Puller interface that will pull from either a v1 or v2 28 // registry. The endpoint argument contains a Version field that determines 29 // whether a v1 or v2 puller will be created. The other parameters are passed 30 // through to the underlying puller implementation for use during the actual 31 // pull operation. 32 func newPuller(endpoint registry.APIEndpoint, repoInfo *registry.RepositoryInfo, imagePullConfig *ImagePullConfig) (Puller, error) { 33 switch endpoint.Version { 34 case registry.APIVersion2: 35 return &v2Puller{ 36 V2MetadataService: metadata.NewV2MetadataService(imagePullConfig.MetadataStore), 37 endpoint: endpoint, 38 config: imagePullConfig, 39 repoInfo: repoInfo, 40 }, nil 41 case registry.APIVersion1: 42 return nil, fmt.Errorf("protocol version %d no longer supported. Please contact admins of registry %s", endpoint.Version, endpoint.URL) 43 } 44 return nil, fmt.Errorf("unknown version %d for registry %s", endpoint.Version, endpoint.URL) 45 } 46 47 // Pull initiates a pull operation. image is the repository name to pull, and 48 // tag may be either empty, or indicate a specific tag to pull. 49 func Pull(ctx context.Context, ref reference.Named, imagePullConfig *ImagePullConfig) error { 50 // Resolve the Repository name from fqn to RepositoryInfo 51 repoInfo, err := imagePullConfig.RegistryService.ResolveRepository(ref) 52 if err != nil { 53 return err 54 } 55 56 // makes sure name is not `scratch` 57 if err := ValidateRepoName(repoInfo.Name); err != nil { 58 return err 59 } 60 61 endpoints, err := imagePullConfig.RegistryService.LookupPullEndpoints(reference.Domain(repoInfo.Name)) 62 if err != nil { 63 return err 64 } 65 66 var ( 67 lastErr error 68 69 // discardNoSupportErrors is used to track whether an endpoint encountered an error of type registry.ErrNoSupport 70 // By default it is false, which means that if an ErrNoSupport error is encountered, it will be saved in lastErr. 71 // As soon as another kind of error is encountered, discardNoSupportErrors is set to true, avoiding the saving of 72 // any subsequent ErrNoSupport errors in lastErr. 73 // It's needed for pull-by-digest on v1 endpoints: if there are only v1 endpoints configured, the error should be 74 // returned and displayed, but if there was a v2 endpoint which supports pull-by-digest, then the last relevant 75 // error is the ones from v2 endpoints not v1. 76 discardNoSupportErrors bool 77 78 // confirmedV2 is set to true if a pull attempt managed to 79 // confirm that it was talking to a v2 registry. This will 80 // prevent fallback to the v1 protocol. 81 confirmedV2 bool 82 83 // confirmedTLSRegistries is a map indicating which registries 84 // are known to be using TLS. There should never be a plaintext 85 // retry for any of these. 86 confirmedTLSRegistries = make(map[string]struct{}) 87 ) 88 for _, endpoint := range endpoints { 89 if imagePullConfig.RequireSchema2 && endpoint.Version == registry.APIVersion1 { 90 continue 91 } 92 93 if confirmedV2 && endpoint.Version == registry.APIVersion1 { 94 logrus.Debugf("Skipping v1 endpoint %s because v2 registry was detected", endpoint.URL) 95 continue 96 } 97 98 if endpoint.URL.Scheme != "https" { 99 if _, confirmedTLS := confirmedTLSRegistries[endpoint.URL.Host]; confirmedTLS { 100 logrus.Debugf("Skipping non-TLS endpoint %s for host/port that appears to use TLS", endpoint.URL) 101 continue 102 } 103 } 104 105 logrus.Debugf("Trying to pull %s from %s %s", reference.FamiliarName(repoInfo.Name), endpoint.URL, endpoint.Version) 106 107 puller, err := newPuller(endpoint, repoInfo, imagePullConfig) 108 if err != nil { 109 lastErr = err 110 continue 111 } 112 113 if err := puller.Pull(ctx, ref, imagePullConfig.Platform); err != nil { 114 // Was this pull cancelled? If so, don't try to fall 115 // back. 116 fallback := false 117 select { 118 case <-ctx.Done(): 119 default: 120 if fallbackErr, ok := err.(fallbackError); ok { 121 fallback = true 122 confirmedV2 = confirmedV2 || fallbackErr.confirmedV2 123 if fallbackErr.transportOK && endpoint.URL.Scheme == "https" { 124 confirmedTLSRegistries[endpoint.URL.Host] = struct{}{} 125 } 126 err = fallbackErr.err 127 } 128 } 129 if fallback { 130 if _, ok := err.(ErrNoSupport); !ok { 131 // Because we found an error that's not ErrNoSupport, discard all subsequent ErrNoSupport errors. 132 discardNoSupportErrors = true 133 // append subsequent errors 134 lastErr = err 135 } else if !discardNoSupportErrors { 136 // Save the ErrNoSupport error, because it's either the first error or all encountered errors 137 // were also ErrNoSupport errors. 138 // append subsequent errors 139 lastErr = err 140 } 141 logrus.Infof("Attempting next endpoint for pull after error: %v", err) 142 continue 143 } 144 logrus.Errorf("Not continuing with pull after error: %v", err) 145 return TranslatePullError(err, ref) 146 } 147 148 imagePullConfig.ImageEventLogger(reference.FamiliarString(ref), reference.FamiliarName(repoInfo.Name), "pull") 149 return nil 150 } 151 152 if lastErr == nil { 153 lastErr = fmt.Errorf("no endpoints found for %s", reference.FamiliarString(ref)) 154 } 155 156 return TranslatePullError(lastErr, ref) 157 } 158 159 // writeStatus writes a status message to out. If layersDownloaded is true, the 160 // status message indicates that a newer image was downloaded. Otherwise, it 161 // indicates that the image is up to date. requestedTag is the tag the message 162 // will refer to. 163 func writeStatus(requestedTag string, out progress.Output, layersDownloaded bool) { 164 if layersDownloaded { 165 progress.Message(out, "", "Status: Downloaded newer image for "+requestedTag) 166 } else { 167 progress.Message(out, "", "Status: Image is up to date for "+requestedTag) 168 } 169 } 170 171 // ValidateRepoName validates the name of a repository. 172 func ValidateRepoName(name reference.Named) error { 173 if reference.FamiliarName(name) == api.NoBaseImageSpecifier { 174 return errors.WithStack(reservedNameError(api.NoBaseImageSpecifier)) 175 } 176 return nil 177 } 178 179 func addDigestReference(store refstore.Store, ref reference.Named, dgst digest.Digest, id digest.Digest) error { 180 dgstRef, err := reference.WithDigest(reference.TrimNamed(ref), dgst) 181 if err != nil { 182 return err 183 } 184 185 if oldTagID, err := store.Get(dgstRef); err == nil { 186 if oldTagID != id { 187 // Updating digests not supported by reference store 188 logrus.Errorf("Image ID for digest %s changed from %s to %s, cannot update", dgst.String(), oldTagID, id) 189 } 190 return nil 191 } else if err != refstore.ErrDoesNotExist { 192 return err 193 } 194 195 return store.AddDigest(dgstRef, id, true) 196 }