diff options
| author | sskaje <sskaje@gmail.com> | 2025-03-11 21:33:46 +0800 |
|---|---|---|
| committer | sskaje <sskaje@gmail.com> | 2025-03-11 22:14:53 +0800 |
| commit | a8e0f015ea91859163ac9befad8a6e8ac68dec9a (patch) | |
| tree | 9a951975c3a6f1265d9c973fcb6290adf5dadfd8 | |
| parent | 77b53f1ab2c280f864f56b90dd841d060e2f2b32 (diff) | |
| download | vyos-1x-a8e0f015ea91859163ac9befad8a6e8ac68dec9a.tar.gz vyos-1x-a8e0f015ea91859163ac9befad8a6e8ac68dec9a.zip | |
T7092: Change validators: regex to host-name|address + port + path
| -rw-r--r-- | data/templates/container/registries.conf.j2 | 6 | ||||
| -rw-r--r-- | interface-definitions/container.xml.in | 46 | ||||
| -rwxr-xr-x | src/conf_mode/container.py | 7 |
3 files changed, 52 insertions, 7 deletions
diff --git a/data/templates/container/registries.conf.j2 b/data/templates/container/registries.conf.j2 index 48b3c7c4a..b5c7eed9b 100644 --- a/data/templates/container/registries.conf.j2 +++ b/data/templates/container/registries.conf.j2 @@ -30,7 +30,11 @@ unqualified-search-registries = {{ registry_list }} {% for r, r_options in registry.items() if r_options.disable is not vyos_defined %} [[registry]] -location = "{{ r_options.mirror if r_options.mirror is vyos_defined else r }}" +{% if r_options.mirror is vyos_defined %} +location = "{{ r_options.mirror.host_name if r_options.mirror.host_name is vyos_defined else r_options.mirror.address }}{{ ":" + r_options.mirror.port if r_options.mirror.port is vyos_defined }}{{ r_options.mirror.path if r_options.mirror.path is vyos_defined }}" +{% else %} +location = "{{ r }}" +{% endif %} insecure = {{ 'true' if r_options.insecure is vyos_defined else 'false' }} prefix = "{{ r }}" {% endfor %} diff --git a/interface-definitions/container.xml.in b/interface-definitions/container.xml.in index c8d4bbdd1..a17777af0 100644 --- a/interface-definitions/container.xml.in +++ b/interface-definitions/container.xml.in @@ -544,14 +544,48 @@ <valueless/> </properties> </leafNode> - <leafNode name="mirror"> + <node name="mirror"> <properties> - <help>Registry mirror, use host[:port][/path]</help> - <constraint> - <regex>^(?:[[:alnum:]-]+(?:\.[[:alnum:]-]+)*|(?:[[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}|\[[[:xdigit:]:]+])(?::[[:digit:]]{1,5})?(?:\/[^[:space:]?#]*)?$</regex> - </constraint> + <help>Registry mirror, use host-name|address[:port][/path]</help> </properties> - </leafNode> + <children> + <leafNode name="address"> + <properties> + <help>IP address of container registry mirror</help> + <valueHelp> + <format>ipv4</format> + <description>IPv4 address of container registry mirror</description> + </valueHelp> + <valueHelp> + <format>ipv6</format> + <description>IPv6 address of container registry mirror</description> + </valueHelp> + <constraint> + <validator name="ip-address"/> + <validator name="ipv6-link-local"/> + </constraint> + </properties> + </leafNode> + <leafNode name="host-name"> + <properties> + <help>Hostname of container registry mirror</help> + <valueHelp> + <format>hostname</format> + <description>FQDN of container registry mirror</description> + </valueHelp> + <constraint> + <validator name="fqdn"/> + </constraint> + </properties> + </leafNode> + #include <include/port-number.xml.i> + <leafNode name="path"> + <properties> + <help>Path of container registry mirror, optional, must be start with '/' if not empty</help> + </properties> + </leafNode> + </children> + </node> </children> </tagNode> </children> diff --git a/src/conf_mode/container.py b/src/conf_mode/container.py index 594de3eb0..8f57be06d 100755 --- a/src/conf_mode/container.py +++ b/src/conf_mode/container.py @@ -273,6 +273,13 @@ def verify(container): if 'registry' in container: for registry, registry_config in container['registry'].items(): + if 'mirror' in registry_config: + if 'host_name' in registry_config['mirror'] and 'address' in registry_config['mirror']: + raise ConfigError(f'Container registry mirror address/host-name are mutually exclusive!') + + if 'path' in registry_config['mirror'] and not registry_config['mirror']['path'].startswith('/'): + raise ConfigError('Container registry mirror path must start with "/"!') + if 'authentication' not in registry_config: continue if not {'username', 'password'} <= set(registry_config['authentication']): |