Add TLS-aware Docker context resolution in coast-docker#1
Closed
agustif wants to merge 1 commit intoaf/docker-context-resolutionfrom
Closed
Add TLS-aware Docker context resolution in coast-docker#1agustif wants to merge 1 commit intoaf/docker-context-resolutionfrom
agustif wants to merge 1 commit intoaf/docker-context-resolutionfrom
Conversation
Extend `coast-docker::host` so context-driven Docker endpoints can resolve TLS transport from Docker context storage. Preserve explicit env-driven DOCKER_HOST / DOCKER_TLS_VERIFY / DOCKER_CERT_PATH behavior by continuing to defer that path to Bollard's env-aware defaults. Reject ssh:// contexts explicitly in this slice. Refs: coast-guard#63 Co-authored-by: Codex <noreply@openai.com>
Owner
Author
|
Closing in favor of upstream draft PR coast-guard#64. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Draft follow-up for coast-guard#63, stacked on top of the Docker-context resolver work from coast-guard#61.
This PR adds TLS-aware Docker context resolution inside
coast-docker::hostonly.What changed
<TLSPath>/docker/{ca,cert,key}.pem<TLSPath>/{ca,cert,key}.pemunix:///npipe://-> socket pathtcp:///http://without TLS material -> HTTPtcp:///https://with TLS material -> TLSssh://-> explicit unsupported errorDOCKER_HOST/DOCKER_TLS_VERIFY/DOCKER_CERT_PATHbehavior is still delegated to Bollard defaultsWhy this is stacked
This depends directly on the shared resolver introduced in coast-guard#61. To keep the diff small, this draft is based on that branch instead of opening a larger PR against
main.Validation
cargo test -p coast-docker --libcargo test -p coast-cli doctor:: -- --nocaptureOut of scope
coast-guardbuild fixes