func runDiscover(args []string) (exit int) {
if len(args) < 1 {
stderr("discover: at least one name required")
}
for _, name := range args {
app, err := discovery.NewAppFromString(name)
if app.Labels["os"] == "" {
app.Labels["os"] = runtime.GOOS
}
if app.Labels["arch"] == "" {
app.Labels["arch"] = runtime.GOARCH
}
if err != nil {
stderr("%s: %s", name, err)
return 1
}
eps, attempts, err := discovery.DiscoverEndpoints(*app, transportFlags.Insecure)
if err != nil {
stderr("error fetching %s: %s", name, err)
return 1
}
for _, a := range attempts {
fmt.Printf("discover walk: prefix: %s error: %v\n", a.Prefix, a.Error)
}
for _, aciEndpoint := range eps.ACIEndpoints {
fmt.Printf("ACI: %s, ASC: %s\n", aciEndpoint.ACI, aciEndpoint.ASC)
}
if len(eps.Keys) > 0 {
fmt.Println("Keys: " + strings.Join(eps.Keys, ","))
}
}
return
}
func (f *nameFetcher) discoverApp(app *discovery.App) (*discovery.Endpoints, error) {
// TODO(krnowak): Instead of hardcoding InsecureHttp, we probably
// should use f.InsecureFlags.AllowHttp and
// f.InsecureFlags.AllowHttpCredentials (if they are
// introduced) on it. Needs some work first on appc/spec side.
// https://github.com/appc/spec/issues/545
// https://github.com/coreos/rkt/issues/1836
insecure := discovery.InsecureHttp
if f.InsecureFlags.SkipTlsCheck() {
insecure = insecure | discovery.InsecureTls
}
hostHeaders := config.ResolveAuthPerHost(f.Headers)
ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
if f.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
func discoverApp(app *discovery.App, insecure bool) (*discovery.Endpoints, error) {
ep, attempts, err := discovery.DiscoverEndpoints(*app, insecure)
if globalFlags.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
func runDiscover(args []string) (exit int) {
if len(args) < 1 {
stderr("discover: at least one name required")
}
for _, name := range args {
app, err := discovery.NewAppFromString(name)
if app.Labels["os"] == "" {
app.Labels["os"] = runtime.GOOS
}
if app.Labels["arch"] == "" {
app.Labels["arch"] = runtime.GOARCH
}
if err != nil {
stderr("%s: %s", name, err)
return 1
}
insecure := discovery.InsecureNone
if transportFlags.Insecure {
insecure = discovery.InsecureTls | discovery.InsecureHttp
}
eps, attempts, err := discovery.DiscoverEndpoints(*app, nil, insecure)
if err != nil {
stderr("error fetching %s: %s", name, err)
return 1
}
for _, a := range attempts {
fmt.Printf("discover walk: prefix: %s error: %v\n", a.Prefix, a.Error)
}
if outputJson {
jsonBytes, err := json.MarshalIndent(&eps, "", " ")
if err != nil {
stderr("error generating JSON: %s", err)
return 1
}
fmt.Println(string(jsonBytes))
} else {
for _, aciEndpoint := range eps.ACIEndpoints {
fmt.Printf("ACI: %s, ASC: %s\n", aciEndpoint.ACI, aciEndpoint.ASC)
}
if len(eps.Keys) > 0 {
fmt.Println("Keys: " + strings.Join(eps.Keys, ","))
}
}
}
return
}
func discoverApp(app *discovery.App, headers map[string]config.Headerer, insecure bool) (*discovery.Endpoints, error) {
hostHeaders := config.ResolveAuthPerHost(headers)
ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
if globalFlags.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
func (f *nameFetcher) discoverApp(app *discovery.App) (*discovery.Endpoints, error) {
insecure := discovery.InsecureNone
if f.InsecureFlags.SkipTLSCheck() {
insecure = insecure | discovery.InsecureTls
}
if f.InsecureFlags.AllowHTTP() {
insecure = insecure | discovery.InsecureHttp
}
hostHeaders := config.ResolveAuthPerHost(f.Headers)
ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
if f.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
// fetchSingleImage will take an image as either a URL or a name string and
// import it into the store if found. If discover is true meta-discovery is
// enabled. If asc is not "", it must exist as a local file and will be used
// as the signature file for verification, unless verification is disabled.
func (f *fetcher) fetchSingleImage(img string, asc string, discover bool) (string, error) {
var (
ascFile *os.File
err error
)
if asc != "" && f.ks != nil {
ascFile, err = os.Open(asc)
if err != nil {
return "", fmt.Errorf("unable to open signature file: %v", err)
}
defer ascFile.Close()
}
u, err := url.Parse(img)
if err != nil {
return "", fmt.Errorf("not a valid image reference (%s)", img)
}
// if img refers to a local file, ensure the scheme is file:// and make the url path absolute
_, err = os.Stat(u.Path)
if err == nil {
u.Path, err = filepath.Abs(u.Path)
if err != nil {
return "", fmt.Errorf("unable to get abs path: %v", err)
}
u.Scheme = "file"
} else if !os.IsNotExist(err) {
return "", fmt.Errorf("unable to access %q: %v", img, err)
}
if discover && u.Scheme == "" {
if f.local {
app, err := discovery.NewAppFromString(img)
if err != nil {
return "", err
}
labels, err := types.LabelsFromMap(app.Labels)
if err != nil {
return "", err
}
return f.s.GetACI(app.Name, labels)
}
if app := newDiscoveryApp(img); app != nil {
stdout("rkt: searching for app image %s", img)
ep, attempts, err := discovery.DiscoverEndpoints(*app, true)
if globalFlags.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return "", err
}
if len(ep.ACIEndpoints) == 0 {
return "", fmt.Errorf("no endpoints discovered")
}
latest := false
// No specified version label, mark it as latest
if _, ok := app.Labels["version"]; !ok {
latest = true
}
return f.fetchImageFromEndpoints(ep, ascFile, latest)
}
}
switch u.Scheme {
case "http", "https", "docker", "file":
default:
return "", fmt.Errorf("rkt only supports http, https, docker or file URLs (%s)", img)
}
return f.fetchImageFromURL(u.String(), u.Scheme, ascFile, false)
}