github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
c6eb9e07bb
kubernetes/pkg/kubelet/dockertools
History
Kubernetes Submit Queue 8a35d4c97c Merge pull request #30366 from dims/fix-issue-30355 
Automatic merge from submit-queue

Validate SHA/Tag when checking docker images

Docker API does not validate the tag/sha, for example, all the following
calls work say for a alpine image with short SHA "4e38e38c8ce0"
echo -e "GET /images/alpine:4e38e38c8ce0/json HTTP/1.0\r\n" | nc -U /var/run/docker.sock
echo -e "GET /images/alpine:4e38e38c/json HTTP/1.0\r\n" | nc -U /var/run/docker.sock
echo -e "GET /images/alpine:4/json HTTP/1.0\r\n" | nc -U /var/run/docker.sock

So we should check the response from the Docker API and look for the tags or SHA explicitly.

Fixes #30355
2016-08-12 23:42:40 -07:00
..
fixtures/seccomp Add profile unit tests 2016-06-13 14:39:09 +02:00
container_gc_test.go - Added a DeleteContainer method in Runtime interface 2016-07-08 10:40:30 -07:00
container_gc.go dockershim: implement ContainerStatus() 2016-07-28 18:24:29 -07:00
convert_test.go Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
convert.go Avoiding trying to gc images with no tags which are still in use 2016-07-27 10:31:47 -07:00
docker_manager_test.go Set pod state as "unknown" when CNI plugin fails 2016-08-08 17:55:19 +02:00
docker_manager.go Merge pull request #30137 from nhlfr/cni-plugin-fail 2016-08-12 19:28:14 -07:00
docker_test.go Validate SHA/Tag when checking docker images 2016-08-11 08:53:05 -04:00
docker.go Validate SHA/Tag when checking docker images 2016-08-11 08:53:05 -04:00
exec.go Support terminal resizing for exec/attach/run 2016-07-13 17:06:16 -04:00
fake_docker_client.go dockershim: Implement sandbox methods 2016-08-02 15:24:52 -07:00
fake_manager.go Revert "Remove pod mutation for PVs with supplemental GIDs" 2016-07-14 17:47:46 -07:00
images_test.go Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
images.go Remove "All rights reserved" from all the headers. 2016-06-29 17:47:36 -07:00
instrumented_docker.go Add a dockershim package 2016-07-27 18:30:25 -07:00
kube_docker_client.go Validate SHA/Tag when checking docker images 2016-08-11 08:53:05 -04:00
labels_test.go Add container ports label. 2016-08-08 18:40:18 -07:00
labels.go Add container ports label. 2016-08-08 18:40:18 -07:00