Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix pulling from nvcr.io #285

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix pulling from nvcr.io #285

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
25 changes: 13 additions & 12 deletions imagegw/shifter_imagegw/dockerv2.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -376,18 +376,24 @@ def do_token_auth(self, auth_loc_str, creds=False):
# TODO, figure out what mode was for
(_, auth_data_str) = auth_loc_str.split(' ', 2)

auth_data = {}
auth_data = {'service':'', 'scope':'pull'}
for item in filter(None, re.split(r'(\w+=".*?"),', auth_data_str)):
(key, val) = item.split('=', 2)
(key, val) = item.split('=', 1)
auth_data[key] = val.replace('"', '')
if '?scope=' in auth_data['realm']:
auth_data['realm'], auth_data['scope'] = auth_data['realm'].split('?scope=', 1)

auth_conn = _setup_http_conn(auth_data['realm'], self.cacert)
if auth_conn is None:
raise ValueError('Bad response from registry, ' +
'failed to get auth connection')

headers = {}
if creds and self.username is not None and self.password is not None:
if self.username=='$oauthtoken':
self.private = True
headers['Authorization'] = 'Bearer %s' % (self.password)
elif creds and self.username is not None and self.password is not None:

self.private = True
auth = '%s:%s' % (self.username, self.password)
headers['Authorization'] = 'Basic %s' % base64.b64encode(auth)
Expand All @@ -404,11 +410,6 @@ def do_token_auth(self, auth_loc_str, creds=False):

if resp.status != 200:
raise ValueError('Bad response getting token: %d', resp.status)
# The json content type can include a extra bit defining the character set
# so we just check the beginning. Worst case is the json.loads will throw
# an error just after this.
if not resp.getheader('content-type').startswith('application/json'):
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why was this dropped? Does the nvcr case not return json?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This part is from your original PR, but I can check if it's still needed.

raise ValueError('Invalid response getting token, not json')

auth_resp = json.loads(resp.read())
self.token = auth_resp['token']
Expand Down Expand Up @@ -541,10 +542,10 @@ def save_layer(self, layer):
# If the redirect path includes a verify in the path
# then we don't need the header. If try to use the
# header, we may get back a 400.
if path.find('verify') > 0:
conn.request("GET", path, None, {})
else:
conn.request("GET", path, None, self.headers)
headers = self.headers
if path.find('verify') > 0 or path.find('X-Amz-Algorithm') > 0:
headers = {}
conn.request("GET", path, None, headers)
resp1 = conn.getresponse()
location = resp1.getheader('location')
if resp1.status == 200:
Expand Down