// metaDiscoverPubKeyLocations discovers the locations of public keys through ACDiscovery by applying prefix as an ACApp
func (m *Manager) metaDiscoverPubKeyLocations(prefix string) ([]string, error) {
app, err := discovery.NewAppFromString(prefix)
if err != nil {
return nil, err
}
hostHeaders := config.ResolveAuthPerHost(m.AuthPerHost)
insecure := discovery.InsecureNone
if m.InsecureAllowHTTP {
insecure = insecure | discovery.InsecureHttp
}
if m.InsecureSkipTLSCheck {
insecure = insecure | discovery.InsecureTls
}
ep, attempts, err := discovery.DiscoverPublicKeys(*app, hostHeaders, insecure)
if err != nil {
return nil, err
}
if m.Debug {
for _, a := range attempts {
log.PrintE(fmt.Sprintf("meta tag 'ac-discovery-pubkeys' not found on %s", a.Prefix), a.Error)
}
}
return ep.Keys, nil
}
func (f *nameFetcher) discoverApp(app *discovery.App) (*discovery.Endpoints, error) {
// TODO(krnowak): Instead of hardcoding InsecureHttp, we probably
// should use f.InsecureFlags.AllowHttp and
// f.InsecureFlags.AllowHttpCredentials (if they are
// introduced) on it. Needs some work first on appc/spec side.
// https://github.com/appc/spec/issues/545
// https://github.com/coreos/rkt/issues/1836
insecure := discovery.InsecureHttp
if f.InsecureFlags.SkipTlsCheck() {
insecure = insecure | discovery.InsecureTls
}
hostHeaders := config.ResolveAuthPerHost(f.Headers)
ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
if f.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
func discoverApp(app *discovery.App, headers map[string]config.Headerer, insecure bool) (*discovery.Endpoints, error) {
hostHeaders := config.ResolveAuthPerHost(headers)
ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
if globalFlags.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
// metaDiscoverPubKeyLocations discovers the public key through ACDiscovery by applying prefix as an ACApp
func (m *Manager) metaDiscoverPubKeyLocations(prefix string) ([]string, error) {
app, err := discovery.NewAppFromString(prefix)
if err != nil {
return nil, err
}
hostHeaders := config.ResolveAuthPerHost(m.AuthPerHost)
ep, attempts, err := discovery.DiscoverPublicKeys(*app, hostHeaders, m.InsecureAllowHttp)
if err != nil {
return nil, err
}
if m.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery-pubkeys' not found on %s: %v", a.Prefix, a.Error)
}
}
return ep.Keys, nil
}
func (f *nameFetcher) discoverApp(app *discovery.App) (discovery.ACIEndpoints, error) {
insecure := discovery.InsecureNone
if f.InsecureFlags.SkipTLSCheck() {
insecure = insecure | discovery.InsecureTLS
}
if f.InsecureFlags.AllowHTTP() {
insecure = insecure | discovery.InsecureHTTP
}
hostHeaders := config.ResolveAuthPerHost(f.Headers)
ep, attempts, err := discovery.DiscoverACIEndpoints(*app, hostHeaders, insecure, 0)
if f.Debug {
for _, a := range attempts {
log.PrintE(fmt.Sprintf("meta tag 'ac-discovery' not found on %s", a.Prefix), a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}
func (f *nameFetcher) discoverApp(app *discovery.App) (*discovery.Endpoints, error) {
insecure := discovery.InsecureNone
if f.InsecureFlags.SkipTlsCheck() {
insecure = insecure | discovery.InsecureTls
}
if f.InsecureFlags.AllowHTTP() {
insecure = insecure | discovery.InsecureHttp
}
hostHeaders := config.ResolveAuthPerHost(f.Headers)
ep, attempts, err := discovery.DiscoverEndpoints(*app, hostHeaders, insecure)
if f.Debug {
for _, a := range attempts {
stderr("meta tag 'ac-discovery' not found on %s: %v", a.Prefix, a.Error)
}
}
if err != nil {
return nil, err
}
if len(ep.ACIEndpoints) == 0 {
return nil, fmt.Errorf("no endpoints discovered")
}
return ep, nil
}