Check other potential alises if Docker Hub #605
Conversation
There was a problem hiding this comment.
Thanks @chanseokoh ! This looks like it works for inferring credential helpers, but #586 would involve adding the alias for the Docker config retrieval (DockerConfigCredentialRetriever)
| } | ||
|
|
||
| @VisibleForTesting | ||
| Authorization findOtherDockerHubCredential(String dockerHubRegistry) |
There was a problem hiding this comment.
Generally, we want to try to keep the build steps (AsyncStep) as minimal as possible and delegate the real logic to other classes. So, here for example, we should have probably put the credential helper inference logic inside a DockerCredentialHelperInferer rather than in this AsyncStep so that we could unit test against it well.
There was a problem hiding this comment.
Just to verify, what I understand from your comments is to minimizing code lines in AsyncStep classes by moving code out to different classes, and not about minimizing operations and time the steps take, right?
|
Looking at the code of I initially thought it would be more complete to do this at the |
chanseokoh
force-pushed
the
i586-docker-aliases
branch
from
67c985d to
b641be1
Compare
|
Ready for review. I've talked to @coollog, and for now as the first step and a quick fix, this PR just looks into |
Oops. Was going to say honestly, I am not sure if there should be some special handling for the extra path |
| * @param registry the registry for which the alias group is requested | ||
| * @return non-empty list of registries where {@code registry} is the first element | ||
| */ | ||
| public static ImmutableList<String> getAliasesGroup(String registry) { |
There was a problem hiding this comment.
This method should return List to minimize exposing Guava classes in APIs. Right?
There was a problem hiding this comment.
Hmm... I didn't intend for this class to be part of the public API, but I guess there is no way to keep it private to the API while the class is declared public. I'll change it to List.
|
@coollog said the way it manipulated the list to place the given registry at the front (i.e., removing the element and adding it at the front in sequence) did not really feel natural. I agree, so I updated to do it in the functional way. |
| import com.google.common.collect.ImmutableList; | ||
| import java.util.ArrayDeque; | ||
|
|
||
| public class RegistryAliasGroup { |
There was a problem hiding this comment.
For consistent style, we include a javadoc for each class.
| private static final ImmutableList<ImmutableList<String>> REGISTRY_ALIAS_GROUPS = | ||
| ImmutableList.of( | ||
| // Docker Hub alias group | ||
| ImmutableList.of("registry.hub.docker.com", "index.docker.io")); |
There was a problem hiding this comment.
Yeah, no need to be a list.
| // Found a group. Move the requested "registry" to the front before returning it. | ||
| Stream<String> self = Stream.of(registry); | ||
| Stream<String> withoutSelf = aliasGroup.stream().filter(alias -> !registry.equals(alias)); | ||
| return Stream.concat(self, withoutSelf).collect(Collectors.toList()); |
There was a problem hiding this comment.
Perhaps this could even return the stream itself.
There was a problem hiding this comment.
I just tried returning a stream, but it does not seem concise at the caller side. We can switch to Stream later if it seems fit.
There was a problem hiding this comment.
Sounds good. For later, the caller could use something like:
Authorization authorization = getAliasesGroup()
.map(registryAlias -> retrieve(dockerConfigTemplate, registryAlias))
.filter(Objects::nonNull)
.findFirst();
if (authorization.isPresent()) {
return authorization.get();
}
There was a problem hiding this comment.
Yeah, probably even do .findFirst().orElse(null);
|
|
||
| @Test | ||
| public void testGetAliasesGroup_registryHubDockerCom() { | ||
| Assert.assertArrayEquals( |
There was a problem hiding this comment.
nit: I think in this codebase, we prefer to use List over raw arrays, such that this can be like Assert.assertEquals(theList, Arrays.asList(a, b, c).
There was a problem hiding this comment.
That is certainly better.
jib-maven-plugin/CHANGELOG.md
Outdated
| @@ -8,6 +8,8 @@ All notable changes to this project will be documented in this file. | |||
|
|
|||
| - `jib:buildTar` goal to build an image tarball at `target/jib-image.tar`, which can be loaded into docker using `docker load` ([#514](https://github.com/GoogleContainerTools/jib/issues/514)) | |||
|
|
|||
| - For Docker Hub, also tries registry aliases when getting a credential from `docker.config` | |||
There was a problem hiding this comment.
nit: probably just call it "the Docker config" - docker.config may imply something else
Also, for formatting, it's good to include the pull request/issue number/link and I think this line should probably be under Fixed
There was a problem hiding this comment.
+1, also adding this to jib-gradle-plugin.
| import java.util.stream.Collectors; | ||
| import java.util.stream.Stream; | ||
|
|
||
| public class RegistryAliasGroup { |
There was a problem hiding this comment.
For consistent style, we include a javadoc for each class
jib-gradle-plugin/CHANGELOG.md
Outdated
| @@ -8,6 +8,8 @@ All notable changes to this project will be documented in this file. | |||
|
|
|||
| - `jibBuildTar` task to build an image tarball at `build/jib-image.tar`, which can be loaded into docker using `docker load` ([#514](https://github.com/GoogleContainerTools/jib/issues/514)) | |||
|
|
|||
| - For Docker Hub, also tries registry aliases when getting a credential from the Docker config | |||
There was a problem hiding this comment.
small nit: for consistency, we should keep the entries with no empty lines inbetween (line 8 should not actually be there either)
Part of #586.