ref(registry): remove insecure_registry calls as a new Registry Proxy takes care of that handling

Author: helgi

README.md

@@ -35,9 +35,7 @@ The Deis project welcomes contributions from all developers. The high level proc
 
 ### Kubernetes
 
-In order to do development on this component, you'll need a working Kubernetes cluster. If you don't have one, follow the [installation instructions][install-k8s] and note that Controller currently targets version 1.2 and higher with the following requirements:
-
-* Docker's `insecure-registry` parameter must include the subnets used by your Kubernetes installation
+In order to do development on this component, you'll need a working Kubernetes cluster. If you don't have one, follow the [installation instructions][install-k8s] and note that Controller currently targets version 1.2 and higher.
 
 ### Helm Classic
 

rootfs/registry/dockerclient.py

@@ -76,7 +76,7 @@ def get_port(self, target, deis_registry=False, creds=None):
         if not deis_registry:
             self.login(repo, creds)
 
-        info = self.inspect_image(target, deis_registry)
+        info = self.inspect_image(target)
         if 'ExposedPorts' not in info['Config']:
             return None
 
@@ -103,11 +103,11 @@ def publish_release(self, source, target, deis_registry=False, creds=None):
 
         try:
             # log into pull repo
-            if not deis_registry:
+            if creds is not None:
                 self.login(repo, creds)
 
             # pull image from source repository
-            self.pull(repo, src_tag, deis_registry)
+            self.pull(repo, src_tag)
 
             # tag the image locally without the repository URL
             image = "{}:{}".format(src_name, src_tag)
@@ -118,24 +118,18 @@ def publish_release(self, source, target, deis_registry=False, creds=None):
         except APIError as e:
             raise RegistryException(str(e))
 
-    def pull(self, repo, tag, insecure_registry=True):
+    def pull(self, repo, tag):
         """Pull a Docker image into the local storage graph."""
         check_blacklist(repo)
         logger.info("Pulling Docker image {}:{}".format(repo, tag))
         with SimpleFlock(self.FLOCKFILE, timeout=1200):
-            stream = self.client.pull(
-                repo, tag=tag, stream=True, decode=True,
-                insecure_registry=insecure_registry
-            )
+            stream = self.client.pull(repo, tag=tag, stream=True, decode=True)
             log_output(stream, 'pull', repo, tag)
 
     def push(self, repo, tag):
         """Push a local Docker image to a registry."""
         logger.info("Pushing Docker image {}:{}".format(repo, tag))
-        stream = self.client.push(
-            repo, tag=tag, stream=True, decode=True,
-            insecure_registry=True
-        )
+        stream = self.client.push(repo, tag=tag, stream=True, decode=True)
         log_output(stream, 'push', repo, tag)
 
     def tag(self, image, repo, tag):
@@ -146,7 +140,7 @@ def tag(self, image, repo, tag):
             raise RegistryException('Tagging {} as {}:{} failed'.format(image, repo, tag))
 
     @backoff.on_exception(backoff.expo, Exception, max_tries=3)
-    def inspect_image(self, target, insecure_registry=True):
+    def inspect_image(self, target):
         """
         Inspect docker image to gather information from it
 
@@ -156,7 +150,7 @@ def inspect_image(self, target, insecure_registry=True):
         repo, tag = docker.utils.parse_repository_tag(target)
 
         # make sure image is pulled locally already
-        self.pull(repo, tag=tag, insecure_registry=insecure_registry)
+        self.pull(repo, tag=tag)
 
         # inspect the image
         return self.client.inspect_image(target)

rootfs/registry/tests.py

@@ -74,8 +74,8 @@ def test_publish_release(self, mock_client):
         publish_release('ozzy/embryo:git-f2a8020', 'quay.io/ozzy/embryo:v4', True)
         docker_push = self.client.client.push
         docker_push.assert_called_with(
-            'localhost:5000/ozzy/embryo', tag='v4', insecure_registry=True,
-            decode=True, stream=True)
+            'localhost:5000/ozzy/embryo', tag='v4', decode=True, stream=True
+        )
 
         # Test that blacklisted image names can't be published
         with self.assertRaises(PermissionDenied):
@@ -173,8 +173,7 @@ def test_pull(self, mock_client):
         self.client = DockerClient()
         self.client.pull('alpine', '3.2')
         docker_pull = self.client.client.pull
-        docker_pull.assert_called_once_with(
-            'alpine', tag='3.2', insecure_registry=True, decode=True, stream=True)
+        docker_pull.assert_called_once_with('alpine', tag='3.2', decode=True, stream=True)
         # Test that blacklisted image names can't be pulled
         with self.assertRaises(PermissionDenied):
             self.client.pull('deis/controller', 'v1.11.1')
@@ -185,8 +184,7 @@ def test_push(self, mock_client):
         self.client = DockerClient()
         self.client.push('ozzy/embryo', 'v4')
         docker_push = self.client.client.push
-        docker_push.assert_called_once_with(
-            'ozzy/embryo', tag='v4', insecure_registry=True, decode=True, stream=True)
+        docker_push.assert_called_once_with('ozzy/embryo', tag='v4', decode=True, stream=True)
 
     def test_tag(self, mock_client):
         self.client = DockerClient()