mirror of
https://github.com/renovatebot/renovate.git
synced 2025-01-11 14:36:25 +00:00
feat(docker): add insecureRegistry hostRule (#4590)
This commit is contained in:
parent
8e238ef129
commit
9d9d7ec84e
6 changed files with 46 additions and 1 deletions
|
@ -378,6 +378,23 @@ Renovate will match against all baseUrls. It does not do a "longest match" algor
|
|||
|
||||
### hostType
|
||||
|
||||
### insecureRegistry
|
||||
|
||||
Enable this option to allow Renovate to connect to an [insecure docker registry](https://docs.docker.com/registry/insecure/) that is http only.
|
||||
Warning: This is insecure and is not recommended.
|
||||
Example:
|
||||
|
||||
```json
|
||||
{
|
||||
"hostRules": [
|
||||
{
|
||||
"hostName": "reg.insecure.com",
|
||||
"insecureRegistry": true
|
||||
}
|
||||
]
|
||||
}
|
||||
```
|
||||
|
||||
### timeout
|
||||
|
||||
Use this figure to adjust the timeout for queries. The default is 60s, which is quite high. To adjust it down to 10s for all queries, do this:
|
||||
|
|
|
@ -1942,6 +1942,15 @@ const options: RenovateOptions[] = [
|
|||
cli: false,
|
||||
env: false,
|
||||
},
|
||||
{
|
||||
name: 'insecureRegistry',
|
||||
description: 'explicity turn on insecure docker registry access (http)',
|
||||
type: 'boolean',
|
||||
stage: 'repository',
|
||||
parent: 'hostRules',
|
||||
cli: false,
|
||||
env: false,
|
||||
},
|
||||
{
|
||||
name: 'prBodyDefinitions',
|
||||
description: 'Table column definitions for use in PR tables',
|
||||
|
|
|
@ -32,6 +32,10 @@ function getRegistryRepository(lookupName: string, registryUrls: string[]) {
|
|||
if (!registry.match('^https?://')) {
|
||||
registry = `https://${registry}`;
|
||||
}
|
||||
const opts = hostRules.find({ url: registry });
|
||||
if (opts.insecureRegistry) {
|
||||
registry = registry.replace('https', 'http');
|
||||
}
|
||||
if (registry.endsWith('.docker.io') && !repository.includes('/')) {
|
||||
repository = 'library/' + repository;
|
||||
}
|
||||
|
|
|
@ -12,7 +12,7 @@ export interface HostRule {
|
|||
token?: string;
|
||||
username?: string;
|
||||
password?: string;
|
||||
|
||||
insecureRegistry?: boolean;
|
||||
timeout?: number;
|
||||
}
|
||||
|
||||
|
|
|
@ -1283,6 +1283,10 @@
|
|||
"timeout": {
|
||||
"description": "timeout (in milliseconds) for queries to external endpoints",
|
||||
"type": "integer"
|
||||
},
|
||||
"insecureRegistry": {
|
||||
"description": "explicity turn on insecure docker registry access (http)",
|
||||
"type": "boolean"
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
@ -91,6 +91,17 @@ describe('api/docker', () => {
|
|||
'sha256:b3d6068234f3a18ebeedd2dab81e67b6a192e81192a099df4112ecfc7c3be84f'
|
||||
);
|
||||
});
|
||||
it('supports docker insecure registry', async () => {
|
||||
got.mockReturnValueOnce({
|
||||
headers: {},
|
||||
});
|
||||
got.mockReturnValueOnce({
|
||||
headers: { 'docker-content-digest': 'some-digest' },
|
||||
});
|
||||
hostRules.find.mockReturnValueOnce({ insecureRegistry: true });
|
||||
const res = await docker.getDigest({ lookupName: 'some-dep' });
|
||||
expect(res).toBe('some-digest');
|
||||
});
|
||||
it('supports basic authentication', async () => {
|
||||
got.mockReturnValueOnce({
|
||||
headers: {
|
||||
|
|
Loading…
Reference in a new issue