From 95e772f8f48cfdecfcdd26b01a546dc80c1f6ff0 Mon Sep 17 00:00:00 2001 From: Ahir Reddy Date: Sat, 25 Nov 2017 13:58:43 -0800 Subject: [PATCH 1/4] add certificates arg --- tools/fast_puller_.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tools/fast_puller_.py b/tools/fast_puller_.py index c01d6aaf0..5607bd681 100755 --- a/tools/fast_puller_.py +++ b/tools/fast_puller_.py @@ -45,6 +45,13 @@ parser.add_argument('--directory', action='store', help='Where to save the image\'s files.') +parser.add_argument('--certificate', nargs='*', help='A comma separated ' + + 'tuple of key file, cert, and domain. (From httplib2 ' + + 'docs) Add a key and cert that will be used for an SSL ' + + 'connection to the specified domain. keyfile is the name ' + + 'of a PEM formatted file that contains your private key. ' + + 'certfile is a PEM formatted certificate chain file.') + _THREADS = 8 From d05966fe42f7f20186014430f80d76d2ad43be17 Mon Sep 17 00:00:00 2001 From: Ahir Reddy Date: Sat, 25 Nov 2017 14:05:29 -0800 Subject: [PATCH 2/4] add certificate --- tools/fast_puller_.py | 6 +++++- transport/transport_pool_.py | 12 ++++++++++++ 2 files changed, 17 insertions(+), 1 deletion(-) diff --git a/tools/fast_puller_.py b/tools/fast_puller_.py index 5607bd681..1ff9115f1 100755 --- a/tools/fast_puller_.py +++ b/tools/fast_puller_.py @@ -45,7 +45,7 @@ parser.add_argument('--directory', action='store', help='Where to save the image\'s files.') -parser.add_argument('--certificate', nargs='*', help='A comma separated ' + +parser.add_argument('--certificates', nargs='*', help='A comma separated ' + 'tuple of key file, cert, and domain. (From httplib2 ' + 'docs) Add a key and cert that will be used for an SSL ' + 'connection to the specified domain. keyfile is the name ' + @@ -65,6 +65,10 @@ def main(): transport = transport_pool.Http(httplib2.Http, size=_THREADS) + for item in args.certificates: + key, cert, domain = item.split(',') + transport.add_certificate(key, cert, domain) + if '@' in args.name: name = docker_name.Digest(args.name) else: diff --git a/transport/transport_pool_.py b/transport/transport_pool_.py index fda5550a7..8c9f0e7b4 100755 --- a/transport/transport_pool_.py +++ b/transport/transport_pool_.py @@ -47,6 +47,18 @@ def _return_transport(self, transport): # We returned an item, notify a waiting thread. self._condition.notify(n=1) + def add_certificate(self, key, cert, domain): + """Adds a certificate to all of the underlying transports. + + From httplib2 docs: + + Add a key and cert that will be used for an SSL connection to the + specified domain. keyfile is the name of a PEM formatted file that contains + your private key. certfile is a PEM formatted certificate chain file. + """ + for transport in self._transports: + transport.add_certificate(key, cert, domain) + def request(self, *args, **kwargs): """This awaits a transport and delegates the request call. From 26fd6553021ef1b2474bfc66de160f6b08512d5f Mon Sep 17 00:00:00 2001 From: Ahir Reddy Date: Sat, 25 Nov 2017 14:06:22 -0800 Subject: [PATCH 3/4] certificates --- tools/fast_pusher_.py | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/tools/fast_pusher_.py b/tools/fast_pusher_.py index 5a3f8468b..2dcee186e 100755 --- a/tools/fast_pusher_.py +++ b/tools/fast_pusher_.py @@ -61,6 +61,13 @@ parser.add_argument('--oci', action='store_true', help='Push the image with an OCI Manifest.') +parser.add_argument('--certificates', nargs='*', help='A comma separated ' + + 'tuple of key file, cert, and domain. (From httplib2 ' + + 'docs) Add a key and cert that will be used for an SSL ' + + 'connection to the specified domain. keyfile is the name ' + + 'of a PEM formatted file that contains your private key. ' + + 'certfile is a PEM formatted certificate chain file.') + _THREADS = 8 @@ -123,6 +130,10 @@ def main(): transport = transport_pool.Http(httplib2.Http, size=_THREADS) + for item in args.certificates: + key, cert, domain = item.split(',') + transport.add_certificate(key, cert, domain) + # Resolve the appropriate credential to use based on the standard Docker # client logic. creds = docker_creds.DefaultKeychain.Resolve(name) From 5127610dd7583b3dedf137b699ded1e4270a137b Mon Sep 17 00:00:00 2001 From: Ahir Reddy Date: Sat, 25 Nov 2017 14:13:08 -0800 Subject: [PATCH 4/4] verify first --- tools/fast_puller_.py | 8 +++++--- tools/fast_pusher_.py | 8 +++++--- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/tools/fast_puller_.py b/tools/fast_puller_.py index 1ff9115f1..8527eca8b 100755 --- a/tools/fast_puller_.py +++ b/tools/fast_puller_.py @@ -65,9 +65,11 @@ def main(): transport = transport_pool.Http(httplib2.Http, size=_THREADS) - for item in args.certificates: - key, cert, domain = item.split(',') - transport.add_certificate(key, cert, domain) + if args.certificates: + for item in args.certificates: + logging.info('Adding certificate %s', item) + key, cert, domain = item.split(',') + transport.add_certificate(key, cert, domain) if '@' in args.name: name = docker_name.Digest(args.name) diff --git a/tools/fast_pusher_.py b/tools/fast_pusher_.py index 2dcee186e..0f89797dc 100755 --- a/tools/fast_pusher_.py +++ b/tools/fast_pusher_.py @@ -130,9 +130,11 @@ def main(): transport = transport_pool.Http(httplib2.Http, size=_THREADS) - for item in args.certificates: - key, cert, domain = item.split(',') - transport.add_certificate(key, cert, domain) + if args.certificates: + for item in args.certificates: + logging.info('Adding certificate %s', item) + key, cert, domain = item.split(',') + transport.add_certificate(key, cert, domain) # Resolve the appropriate credential to use based on the standard Docker # client logic.