Allow config authors to always use Prefix

Previously an unset Location was only allowed for wildcarded Prefixes. This commit will allow any valid Prefix. Fixes: #1191 (comment) Co-authored-by: Miloslav Trmač <mitr@redhat.com> Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
containers · Sep 1, 2021 · 3c68593 · 3c68593
1 parent 4fcb523
commit 3c68593
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 19 deletions.
diff --git a/docs/containers-registries.conf.5.md b/docs/containers-registries.conf.5.md
@@ -82,7 +82,7 @@ location = "internal-registry-for-example.net/bar"
 requests for the image `example.com/foo/myimage:latest` will actually work with the
 `internal-registry-for-example.net/bar/myimage:latest` image.
 
-With a `prefix` containing a wildcard in the format: "*.example.com" for subdomain matching,
+With any valid `prefix` with or without a wildcard in the format: "*.example.com" for subdomain matching,
 the location can be empty. In such a case,
 prefix matching will occur, but no reference rewrite will occur. The
 original requested image string will be used as-is. But other settings like
@@ -92,6 +92,10 @@ Example: Given
 ```
 prefix = "*.example.com"
 ```
+OR
+```
+prefix = "blah.example.com"
+```
 requests for the image `blah.example.com/foo/myimage:latest` will be used
 as-is. But other settings like insecure/blocked/mirrors will be applied to matching images
 

diff --git a/pkg/sysregistriesv2/system_registries_v2.go b/pkg/sysregistriesv2/system_registries_v2.go
@@ -75,14 +75,7 @@ func (e *Endpoint) rewriteReference(ref reference.Named, prefix string) (referen
 	}
 	// In the case of an empty `location` field, simply return the original
 	// input ref as-is.
-	//
-	// FIXME: already validated in postProcessRegistries, so check can probably
-	// be dropped.
-	// https://github.com/containers/image/pull/1191#discussion_r610621608
 	if e.Location == "" {
-		if prefix[:2] != "*." {
-			return nil, fmt.Errorf("invalid prefix '%v' for empty location, should be in the format: *.example.com", prefix)
-		}
 		return ref, nil
 	}
 	newNamedRef = e.Location + refString[prefixLen:]
@@ -357,21 +350,26 @@ func (config *V2RegistriesConf) postProcessRegistries() error {
 			return err
 		}
 
-		if reg.Prefix == "" {
-			if reg.Location == "" {
-				return &InvalidRegistries{s: "invalid condition: both location and prefix are unset"}
-			}
-			reg.Prefix = reg.Location
-		} else {
+		// Allow config authors to always use Prefix.
+		if reg.Prefix != "" {
 			reg.Prefix, err = parseLocation(reg.Prefix)
 			if err != nil {
 				return err
 			}
-			// FIXME: allow config authors to always use Prefix.
-			// https://github.com/containers/image/pull/1191#discussion_r610622495
-			if reg.Prefix[:2] != "*." && reg.Location == "" {
-				return &InvalidRegistries{s: "invalid condition: location is unset and prefix is not in the format: *.example.com"}
+			if reg.Location != "" {
+				reg.Location, err = parseLocation(reg.Location)
+				if err != nil {
+					return err
+				}
+			}
+		} else if reg.Location != "" {
+			reg.Prefix, err = parseLocation(reg.Location)
+			if err != nil {
+				return err
 			}
+			reg.Location = reg.Prefix
+		} else {
+			return &InvalidRegistries{s: "invalid condition: both location and prefix are unset"}
 		}
 
 		// make sure mirrors are valid

diff --git a/pkg/sysregistriesv2/system_registries_v2_test.go b/pkg/sysregistriesv2/system_registries_v2_test.go
@@ -579,6 +579,14 @@ func TestRewriteReferenceSuccess(t *testing.T) {
 		{"sub.example.io/library/prefix/image", "*.example.io", "example.com", "example.com/library/prefix/image"},
 		{"another.sub.example.io:5000/library/prefix/image:latest", "*.sub.example.io", "example.com", "example.com:5000/library/prefix/image:latest"},
 		{"foo.bar.io/ns1/ns2/ns3/ns4", "*.bar.io", "omg.bbq.com/roflmao", "omg.bbq.com/roflmao/ns1/ns2/ns3/ns4"},
+		// Empty location with non-wildcard prefix examples. Essentially, no
+		// rewrite occurs and original reference is used as-is.
+		{"registry.com/foo", "registry.com", "", "registry.com/foo"},
+		{"abc.internal.registry.com/foo:bar", "abc.internal.registry.com", "", "abc.internal.registry.com/foo:bar"},
+		{"abc.internal.registry.com/foo/bar:baz", "abc.internal.registry.com", "", "abc.internal.registry.com/foo/bar:baz"},
+		{"alien.vs.predator.foobar.io:5000/foo@sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "alien.vs.predator.foobar.io", "",
+			"alien.vs.predator.foobar.io:5000/foo@sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"},
+		{"alien.vs.predator.foobar.io:5000/omg:bbq", "alien.vs.predator.foobar.io", "", "alien.vs.predator.foobar.io:5000/omg:bbq"},
 		// Empty location with wildcard prefix examples. Essentially, no
 		// rewrite occurs and original reference is used as-is.
 		{"abc.internal.registry.com/foo:bar", "*.internal.registry.com", "", "abc.internal.registry.com/foo:bar"},
@@ -602,7 +610,6 @@ func TestRewriteReferenceFailedDuringParseNamed(t *testing.T) {
 		{"example.com/foo/image:latest", "example.com/foo", "example.com/path/"},
 		{"example.com/foo@sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
 			"example.com/foo", "example.com"},
-		{"example.com:5000/image:latest", "example.com", ""},
 		{"example.com:5000/image:latest", "example.com", "example.com:5000"},
 		// Malformed prefix
 		{"example.com/foo/image:latest", "example.com//foo", "example.com/path"},