docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1736 from aanand/deprecate-allow-insecure-ssl 

Deprecate --allow-insecure-ssl
This commit is contained in:
Mazz Mosley 2015-07-23 14:09:17 +01:00
parent 70c7d27c4e 04a773f1c8
commit 65cc84140a
12 changed files with 28 additions and 66 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
compose/cli/main.py
View File

@ -26,6 +26,11 @@ from .utils import yesno, get_version_info
log = logging.getLogger(__name__) log = logging.getLogger(__name__)
INSECURE_SSL_WARNING = """
Warning: --allow-insecure-ssl is deprecated and has no effect.
It will be removed in a future version of Compose.
"""
def main(): def main():
setup_logging() setup_logging()
@ -232,13 +237,13 @@ class TopLevelCommand(Command):
Usage: pull [options] [SERVICE...] Usage: pull [options] [SERVICE...]
Options: Options:
--allow-insecure-ssl Allow insecure connections to the docker --allow-insecure-ssl Deprecated - no effect.
registry
""" """
insecure_registry = options['--allow-insecure-ssl'] if options['--allow-insecure-ssl']:
log.warn(INSECURE_SSL_WARNING)
project.pull( project.pull(
service_names=options['SERVICE'], service_names=options['SERVICE'],
insecure_registry=insecure_registry
) )
def rm(self, project, options): def rm(self, project, options):
@ -280,8 +285,7 @@ class TopLevelCommand(Command):
Usage: run [options] [-e KEY=VAL...] SERVICE [COMMAND] [ARGS...] Usage: run [options] [-e KEY=VAL...] SERVICE [COMMAND] [ARGS...]
Options: Options:
--allow-insecure-ssl Allow insecure connections to the docker --allow-insecure-ssl Deprecated - no effect.
registry
-d Detached mode: Run container in the background, print -d Detached mode: Run container in the background, print
new container name. new container name.
--entrypoint CMD Override the entrypoint of the image. --entrypoint CMD Override the entrypoint of the image.
@ -296,7 +300,8 @@ class TopLevelCommand(Command):
""" """
service = project.get_service(options['SERVICE']) service = project.get_service(options['SERVICE'])
insecure_registry = options['--allow-insecure-ssl'] if options['--allow-insecure-ssl']:
log.warn(INSECURE_SSL_WARNING)
if not options['--no-deps']: if not options['--no-deps']:
deps = service.get_linked_names() deps = service.get_linked_names()
@ -306,7 +311,6 @@ class TopLevelCommand(Command):
service_names=deps, service_names=deps,
start_deps=True, start_deps=True,
allow_recreate=False, allow_recreate=False,
insecure_registry=insecure_registry,
) )
tty = True tty = True
@ -344,7 +348,6 @@ class TopLevelCommand(Command):
container = service.create_container( container = service.create_container(
quiet=True, quiet=True,
one_off=True, one_off=True,
insecure_registry=insecure_registry,
**container_options **container_options
) )
except APIError as e: except APIError as e:
@ -453,8 +456,7 @@ class TopLevelCommand(Command):
Usage: up [options] [SERVICE...] Usage: up [options] [SERVICE...]
Options: Options:
--allow-insecure-ssl Allow insecure connections to the docker --allow-insecure-ssl Deprecated - no effect.
registry
-d Detached mode: Run containers in the background, -d Detached mode: Run containers in the background,
print new container names. print new container names.
--no-color Produce monochrome output. --no-color Produce monochrome output.
@ -468,7 +470,9 @@ class TopLevelCommand(Command):
when attached or when containers are already when attached or when containers are already
running. (default: 10) running. (default: 10)
""" """
insecure_registry = options['--allow-insecure-ssl'] if options['--allow-insecure-ssl']:
log.warn(INSECURE_SSL_WARNING)
detached = options['-d'] detached = options['-d']
monochrome = options['--no-color'] monochrome = options['--no-color']
@ -487,7 +491,6 @@ class TopLevelCommand(Command):
start_deps=start_deps, start_deps=start_deps,
allow_recreate=allow_recreate, allow_recreate=allow_recreate,
force_recreate=force_recreate, force_recreate=force_recreate,
insecure_registry=insecure_registry,
do_build=not options['--no-build'], do_build=not options['--no-build'],
timeout=timeout timeout=timeout
) )

6
compose/project.py
View File

@ -239,7 +239,6 @@ class Project(object):
start_deps=True, start_deps=True,
allow_recreate=True, allow_recreate=True,
force_recreate=False, force_recreate=False,
insecure_registry=False,
do_build=True, do_build=True,
timeout=DEFAULT_TIMEOUT): timeout=DEFAULT_TIMEOUT):
@ -262,7 +261,6 @@ class Project(object):
for service in services for service in services
for container in service.execute_convergence_plan( for container in service.execute_convergence_plan(
plans[service.name], plans[service.name],
insecure_registry=insecure_registry,
do_build=do_build, do_build=do_build,
timeout=timeout timeout=timeout
) )
@ -302,9 +300,9 @@ class Project(object):
return plans return plans
def pull(self, service_names=None, insecure_registry=False): def pull(self, service_names=None):
for service in self.get_services(service_names, include_deps=True): for service in self.get_services(service_names, include_deps=True):
service.pull(insecure_registry=insecure_registry) service.pull()
def containers(self, service_names=None, stopped=False, one_off=False): def containers(self, service_names=None, stopped=False, one_off=False):
if service_names: if service_names:

16
compose/service.py
View File

@ -247,7 +247,6 @@ class Service(object):
def create_container(self, def create_container(self,
one_off=False, one_off=False,
insecure_registry=False,
do_build=True, do_build=True,
previous_container=None, previous_container=None,
number=None, number=None,
@ -259,7 +258,6 @@ class Service(object):
""" """
self.ensure_image_exists( self.ensure_image_exists(
do_build=do_build, do_build=do_build,
insecure_registry=insecure_registry,
) )
container_options = self._get_container_create_options( container_options = self._get_container_create_options(
@ -275,8 +273,7 @@ class Service(object):
return Container.create(self.client, **container_options) return Container.create(self.client, **container_options)
def ensure_image_exists(self, def ensure_image_exists(self,
do_build=True, do_build=True):
insecure_registry=False):
try: try:
self.image() self.image()
@ -290,7 +287,7 @@ class Service(object):
else: else:
raise NeedsBuildError(self) raise NeedsBuildError(self)
else: else:
self.pull(insecure_registry=insecure_registry) self.pull()
def image(self): def image(self):
try: try:
@ -360,14 +357,12 @@ class Service(object):
def execute_convergence_plan(self, def execute_convergence_plan(self,
plan, plan,
insecure_registry=False,
do_build=True, do_build=True,
timeout=DEFAULT_TIMEOUT): timeout=DEFAULT_TIMEOUT):
(action, containers) = plan (action, containers) = plan
if action == 'create': if action == 'create':
container = self.create_container( container = self.create_container(
insecure_registry=insecure_registry,
do_build=do_build, do_build=do_build,
) )
self.start_container(container) self.start_container(container)
@ -378,7 +373,6 @@ class Service(object):
return [ return [
self.recreate_container( self.recreate_container(
c, c,
insecure_registry=insecure_registry,
timeout=timeout timeout=timeout
) )
for c in containers for c in containers
@ -401,7 +395,6 @@ class Service(object):
def recreate_container(self, def recreate_container(self,
container, container,
insecure_registry=False,
timeout=DEFAULT_TIMEOUT): timeout=DEFAULT_TIMEOUT):
"""Recreate a container. """Recreate a container.
@ -426,7 +419,6 @@ class Service(object):
'%s_%s' % (container.short_id, container.name)) '%s_%s' % (container.short_id, container.name))
new_container = self.create_container( new_container = self.create_container(
insecure_registry=insecure_registry,
do_build=False, do_build=False,
previous_container=container, previous_container=container,
number=container.labels.get(LABEL_CONTAINER_NUMBER), number=container.labels.get(LABEL_CONTAINER_NUMBER),
@ -761,7 +753,7 @@ class Service(object):
return True return True
return False return False
def pull(self, insecure_registry=False): def pull(self):
if 'image' not in self.options: if 'image' not in self.options:
return return
@ -772,7 +764,7 @@ class Service(object):
repo, repo,
tag=tag, tag=tag,
stream=True, stream=True,
insecure_registry=insecure_registry) )
stream_output(output, sys.stdout) stream_output(output, sys.stdout)

6
contrib/completion/bash/docker-compose
View File

@ -195,7 +195,7 @@ _docker-compose_ps() {
_docker-compose_pull() { _docker-compose_pull() {
case "$cur" in case "$cur" in
-*) -*)
COMPREPLY=( $( compgen -W "--allow-insecure-ssl --help" -- "$cur" ) ) COMPREPLY=( $( compgen -W "--help" -- "$cur" ) )
;; ;;
*) *)
__docker-compose_services_from_image __docker-compose_services_from_image
@ -248,7 +248,7 @@ _docker-compose_run() {
case "$cur" in case "$cur" in
-*) -*)
COMPREPLY=( $( compgen -W "--allow-insecure-ssl -d --entrypoint -e --help --no-deps --rm --service-ports -T --user -u" -- "$cur" ) ) COMPREPLY=( $( compgen -W "-d --entrypoint -e --help --no-deps --rm --service-ports -T --user -u" -- "$cur" ) )
;; ;;
*) *)
__docker-compose_services_all __docker-compose_services_all
@ -315,7 +315,7 @@ _docker-compose_up() {
case "$cur" in case "$cur" in
-*) -*)
COMPREPLY=( $( compgen -W "--allow-insecure-ssl -d --help --no-build --no-color --no-deps --no-recreate --force-recreate --timeout -t" -- "$cur" ) ) COMPREPLY=( $( compgen -W "-d --help --no-build --no-color --no-deps --no-recreate --force-recreate --timeout -t" -- "$cur" ) )
;; ;;
*) *)
__docker-compose_services_all __docker-compose_services_all

3
contrib/completion/zsh/_docker-compose
View File

@ -202,7 +202,6 @@ __docker-compose_subcommand () {
;; ;;
(pull) (pull)
_arguments \ _arguments \
'--allow-insecure-ssl[Allow insecure connections to the docker registry]' \
'--help[Print usage]' \ '--help[Print usage]' \
'*:services:__docker-compose_services_from_image' && ret=0 '*:services:__docker-compose_services_from_image' && ret=0
;; ;;
@ -215,7 +214,6 @@ __docker-compose_subcommand () {
;; ;;
(run) (run)
_arguments \ _arguments \
'--allow-insecure-ssl[Allow insecure connections to the docker registry]' \
'-d[Detached mode: Run container in the background, print new container name.]' \ '-d[Detached mode: Run container in the background, print new container name.]' \
'--entrypoint[Overwrite the entrypoint of the image.]:entry point: ' \ '--entrypoint[Overwrite the entrypoint of the image.]:entry point: ' \
'*-e[KEY=VAL Set an environment variable (can be used multiple times)]:environment variable KEY=VAL: ' \ '*-e[KEY=VAL Set an environment variable (can be used multiple times)]:environment variable KEY=VAL: ' \
@ -247,7 +245,6 @@ __docker-compose_subcommand () {
;; ;;
(up) (up)
_arguments \ _arguments \
'--allow-insecure-ssl[Allow insecure connections to the docker registry]' \
'-d[Detached mode: Run containers in the background, print new container names.]' \ '-d[Detached mode: Run containers in the background, print new container names.]' \
'--help[Print usage]' \ '--help[Print usage]' \
'--no-color[Produce monochrome output.]' \ '--no-color[Produce monochrome output.]' \

3
docs/reference/pull.md
View File

@ -12,9 +12,6 @@ parent = "smn_compose_cli"
``` ```
Usage: pull [options] [SERVICE...] Usage: pull [options] [SERVICE...]
Options:
--allow-insecure-ssl Allow insecure connections to the docker registry
``` ```
Pulls service images. Pulls service images.

2
docs/reference/run.md
View File

@ -14,8 +14,6 @@ parent = "smn_compose_cli"
Usage: run [options] [-e KEY=VAL...] SERVICE [COMMAND] [ARGS...] Usage: run [options] [-e KEY=VAL...] SERVICE [COMMAND] [ARGS...]
Options: Options:
--allow-insecure-ssl Allow insecure connections to the docker
registry
-d Detached mode: Run container in the background, print -d Detached mode: Run container in the background, print
new container name. new container name.
--entrypoint CMD Override the entrypoint of the image. --entrypoint CMD Override the entrypoint of the image.

2
docs/reference/up.md
View File

@ -14,8 +14,6 @@ parent = "smn_compose_cli"
Usage: up [options] [SERVICE...] Usage: up [options] [SERVICE...]
Options: Options:
--allow-insecure-ssl Allow insecure connections to the docker
registry
-d Detached mode: Run containers in the background, -d Detached mode: Run containers in the background,
print new container names. print new container names.
--no-color Produce monochrome output. --no-color Produce monochrome output.

2
requirements.txt
View File

@ -1,5 +1,5 @@
PyYAML==3.10 PyYAML==3.10
docker-py==1.3.0 docker-py==1.3.1
dockerpty==0.3.4 dockerpty==0.3.4
docopt==0.6.1 docopt==0.6.1
requests==2.6.1 requests==2.6.1

2
setup.py
View File

@ -30,7 +30,7 @@ install_requires = [
'requests >= 2.6.1, < 2.7', 'requests >= 2.6.1, < 2.7',
'texttable >= 0.8.1, < 0.9', 'texttable >= 0.8.1, < 0.9',
'websocket-client >= 0.32.0, < 1.0', 'websocket-client >= 0.32.0, < 1.0',
'docker-py >= 1.3.0, < 1.4', 'docker-py >= 1.3.1, < 1.4',
'dockerpty >= 0.3.4, < 0.4', 'dockerpty >= 0.3.4, < 0.4',
'six >= 1.3.0, < 2', 'six >= 1.3.0, < 2',
] ]

2
tests/integration/state_test.py
View File

@ -155,7 +155,6 @@ class ProjectWithDependenciesTest(ProjectTestCase):
def converge(service, def converge(service,
allow_recreate=True, allow_recreate=True,
force_recreate=False, force_recreate=False,
insecure_registry=False,
do_build=True): do_build=True):
""" """
If a container for this service doesn't exist, create and start one. If there are If a container for this service doesn't exist, create and start one. If there are
@ -168,7 +167,6 @@ def converge(service,
return service.execute_convergence_plan( return service.execute_convergence_plan(
plan, plan,
insecure_registry=insecure_registry,
do_build=do_build, do_build=do_build,
timeout=1, timeout=1,
) )

21
tests/unit/service_test.py
View File

@ -229,11 +229,10 @@ class ServiceTest(unittest.TestCase):
@mock.patch('compose.service.log', autospec=True) @mock.patch('compose.service.log', autospec=True)
def test_pull_image(self, mock_log): def test_pull_image(self, mock_log):
service = Service('foo', client=self.mock_client, image='someimage:sometag') service = Service('foo', client=self.mock_client, image='someimage:sometag')
service.pull(insecure_registry=True) service.pull()
self.mock_client.pull.assert_called_once_with( self.mock_client.pull.assert_called_once_with(
'someimage', 'someimage',
tag='sometag', tag='sometag',
insecure_registry=True,
stream=True) stream=True)
mock_log.info.assert_called_once_with('Pulling foo (someimage:sometag)...') mock_log.info.assert_called_once_with('Pulling foo (someimage:sometag)...')
@ -243,26 +242,8 @@ class ServiceTest(unittest.TestCase):
self.mock_client.pull.assert_called_once_with( self.mock_client.pull.assert_called_once_with(
'ababab', 'ababab',
tag='latest', tag='latest',
insecure_registry=False,
stream=True) stream=True)
def test_create_container_from_insecure_registry(self):
service = Service('foo', client=self.mock_client, image='someimage:sometag')
images = []
def pull(repo, tag=None, insecure_registry=False, **kwargs):
self.assertEqual('someimage', repo)
self.assertEqual('sometag', tag)
self.assertTrue(insecure_registry)
images.append({'Id': 'abc123'})
return []
service.image = lambda *args, **kwargs: mock_get_image(images)
self.mock_client.pull = pull
service.create_container(insecure_registry=True)
self.assertEqual(1, len(images))
@mock.patch('compose.service.Container', autospec=True) @mock.patch('compose.service.Container', autospec=True)
def test_recreate_container(self, _): def test_recreate_container(self, _):
mock_container = mock.create_autospec(Container) mock_container = mock.create_autospec(Container)