renovate/renovate
1
0
Fork 0
mirror of https://github.com/renovatebot/renovate.git synced 2025-01-11 22:46:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

feat(docker): add insecureRegistry hostRule (#4590)

Browse source
This commit is contained in:
Zach Willard 2019-10-08 02:19:11 -05:00 committed by Rhys Arkins
parent 8e238ef129
commit 9d9d7ec84e
6 changed files with 46 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
docs/usage/configuration-options.md
View file

@ -378,6 +378,23 @@ Renovate will match against all baseUrls. It does not do a "longest match" algor
### hostType ### hostType
### insecureRegistry
Enable this option to allow Renovate to connect to an [insecure docker registry](https://docs.docker.com/registry/insecure/) that is http only.
Warning: This is insecure and is not recommended.
Example:
```json
{
"hostRules": [
{
"hostName": "reg.insecure.com",
"insecureRegistry": true
}
]
}
```
### timeout ### timeout
Use this figure to adjust the timeout for queries. The default is 60s, which is quite high. To adjust it down to 10s for all queries, do this: Use this figure to adjust the timeout for queries. The default is 60s, which is quite high. To adjust it down to 10s for all queries, do this:

9
lib/config/definitions.ts
View file

@ -1942,6 +1942,15 @@ const options: RenovateOptions[] = [
cli: false, cli: false,
env: false, env: false,
}, },
{
name: 'insecureRegistry',
description: 'explicity turn on insecure docker registry access (http)',
type: 'boolean',
stage: 'repository',
parent: 'hostRules',
cli: false,
env: false,
},
{ {
name: 'prBodyDefinitions', name: 'prBodyDefinitions',
description: 'Table column definitions for use in PR tables', description: 'Table column definitions for use in PR tables',

4
lib/datasource/docker/index.ts
View file

@ -32,6 +32,10 @@ function getRegistryRepository(lookupName: string, registryUrls: string[]) {
if (!registry.match('^https?://')) { if (!registry.match('^https?://')) {
registry = `https://${registry}`; registry = `https://${registry}`;
} }
const opts = hostRules.find({ url: registry });
if (opts.insecureRegistry) {
registry = registry.replace('https', 'http');
}
if (registry.endsWith('.docker.io') && !repository.includes('/')) { if (registry.endsWith('.docker.io') && !repository.includes('/')) {
repository = 'library/' + repository; repository = 'library/' + repository;
} }

2
lib/util/host-rules.ts
View file

@ -12,7 +12,7 @@ export interface HostRule {
token?: string; token?: string;
username?: string; username?: string;
password?: string; password?: string;
insecureRegistry?: boolean;
timeout?: number; timeout?: number;
} }

4
renovate-schema.json
View file

@ -1283,6 +1283,10 @@
"timeout": { "timeout": {
"description": "timeout (in milliseconds) for queries to external endpoints", "description": "timeout (in milliseconds) for queries to external endpoints",
"type": "integer" "type": "integer"
},
"insecureRegistry": {
"description": "explicity turn on insecure docker registry access (http)",
"type": "boolean"
} }
} }
} }

11
test/datasource/docker.spec.ts
View file

@ -91,6 +91,17 @@ describe('api/docker', () => {
'sha256:b3d6068234f3a18ebeedd2dab81e67b6a192e81192a099df4112ecfc7c3be84f' 'sha256:b3d6068234f3a18ebeedd2dab81e67b6a192e81192a099df4112ecfc7c3be84f'
); );
}); });
it('supports docker insecure registry', async () => {
got.mockReturnValueOnce({
headers: {},
});
got.mockReturnValueOnce({
headers: { 'docker-content-digest': 'some-digest' },
});
hostRules.find.mockReturnValueOnce({ insecureRegistry: true });
const res = await docker.getDigest({ lookupName: 'some-dep' });
expect(res).toBe('some-digest');
});
it('supports basic authentication', async () => { it('supports basic authentication', async () => {
got.mockReturnValueOnce({ got.mockReturnValueOnce({
headers: { headers: {