docker-engine-ruby 0.7.2 → 0.7.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (14) hide show
  1. checksums.yaml +4 -4
  2. data/CHANGELOG.md +4 -0
  3. data/README.md +10 -1
  4. data/lib/docker_engine_ruby/client.rb +10 -2
  5. data/lib/docker_engine_ruby/internal/transport/base_client.rb +3 -0
  6. data/lib/docker_engine_ruby/internal/transport/pooled_net_requester.rb +10 -2
  7. data/lib/docker_engine_ruby/version.rb +1 -1
  8. data/rbi/docker_engine_ruby/client.rbi +6 -2
  9. data/rbi/docker_engine_ruby/internal/transport/base_client.rbi +2 -0
  10. data/rbi/docker_engine_ruby/internal/transport/pooled_net_requester.rbi +4 -1
  11. data/sig/docker_engine_ruby/client.rbs +4 -1
  12. data/sig/docker_engine_ruby/internal/transport/base_client.rbs +1 -0
  13. data/sig/docker_engine_ruby/internal/transport/pooled_net_requester.rbs +2 -0
  14. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: cff37aa30011a27df0c003775bfcdad05a655e1d4fcc5e537a9e3d802211caa6
4
- data.tar.gz: 80e03ef8dba5fcf1d501b08b5fabe388e8c6e9bd37d915a1d05b592c5d7aa905
3
+ metadata.gz: e73699711feb4aeef5afb77d55ee8fa7cd56a299be8055851902ae5f4a70ee0e
4
+ data.tar.gz: a1dfa1dc7a2ce60e4fd8a670419aed00e690ddf1d509c7661e0433b581c0b983
5
5
  SHA512:
6
- metadata.gz: 5fb1dea729c8a8266fa41c017fc23000dcdbbec3170abbb1e24b5412671198fed1866405024f7f1c1f29cd419af483110f69337f8e71e0e567a33b7080c1c0a5
7
- data.tar.gz: 964f96f9ffd40214d32bff6c60c4d99e0ee916ab3a1943bc49c14af1905cfeaafc17a214f01b99539862bafaab134c0e559efc3a2d9770643022fa34b8101127
6
+ metadata.gz: c1d20af5fec9dd9c9f21472cd2dd6fac13a9c457b5e8f1db22ce9e6fe81396d3b00e630c0214afffd408385db9c8ae1702c5dfdde56cfdb9a9e777844fedeb35
7
+ data.tar.gz: 282bb31fc5659dbea022fa5f8199304f3036b5739816182df8314ea337aebb066b3bdf8d60c5e0e00a977807603fe22ba3b877d66bb10b275e70511fdb17444a
data/CHANGELOG.md CHANGED
@@ -1,5 +1,9 @@
1
1
  # Changelog
2
2
 
3
+ ## 0.7.3 (2026-02-24)
4
+
5
+ Full Changelog: [v0.7.2...v0.7.3](https://github.com/Hexlet/docker-ruby/compare/v0.7.2...v0.7.3)
6
+
3
7
  ## 0.7.2 (2026-02-20)
4
8
 
5
9
  Full Changelog: [v0.7.1...v0.7.2](https://github.com/Hexlet/docker-ruby/compare/v0.7.1...v0.7.2)
data/README.md CHANGED
@@ -17,7 +17,7 @@ To use this gem, install via Bundler by adding the following to your application
17
17
  <!-- x-release-please-start-version -->
18
18
 
19
19
  ```ruby
20
- gem "docker-engine-ruby", "~> 0.7.2"
20
+ gem "docker-engine-ruby", "~> 0.7.3"
21
21
  ```
22
22
 
23
23
  <!-- x-release-please-end -->
@@ -132,6 +132,15 @@ docker = DockerEngineRuby::Client.new(
132
132
  )
133
133
  ```
134
134
 
135
+ By default, peer verification is enabled. You can disable it explicitly:
136
+
137
+ ```ruby
138
+ docker = DockerEngineRuby::Client.new(
139
+ base_url: "https://localhost:2376",
140
+ tls_verify_peer: false
141
+ )
142
+ ```
143
+
135
144
  You can also configure these through environment variables:
136
145
 
137
146
  - `DOCKER_TLS_CA_CERT_PATH`
data/lib/docker_engine_ruby/client.rb CHANGED
@@ -15,6 +15,9 @@ module DockerEngineRuby
15
15
  # Default max retry delay in seconds.
16
16
  DEFAULT_MAX_RETRY_DELAY = 8.0
17
17
 
18
+ # Whether to verify server TLS certificate chain.
19
+ DEFAULT_TLS_VERIFY_PEER = true
20
+
18
21
  # rubocop:disable Style/MutableConstant
19
22
  # @type [Hash{Symbol=>String}]
20
23
  ENVIRONMENTS = {production: "http://localhost:2375", production_tls: "https://localhost:2376"}
@@ -106,6 +109,8 @@ module DockerEngineRuby
106
109
  # @param initial_retry_delay [Float]
107
110
  #
108
111
  # @param max_retry_delay [Float]
112
+ #
113
+ # @param tls_verify_peer [Boolean] Whether to verify server TLS certificate chain.
109
114
  def initialize(
110
115
  tls_ca_cert_path: ENV["DOCKER_TLS_CA_CERT_PATH"],
111
116
  tls_client_cert_path: ENV["DOCKER_TLS_CLIENT_CERT_PATH"],
@@ -115,10 +120,12 @@ module DockerEngineRuby
115
120
  max_retries: self.class::DEFAULT_MAX_RETRIES,
116
121
  timeout: self.class::DEFAULT_TIMEOUT_IN_SECONDS,
117
122
  initial_retry_delay: self.class::DEFAULT_INITIAL_RETRY_DELAY,
118
- max_retry_delay: self.class::DEFAULT_MAX_RETRY_DELAY
123
+ max_retry_delay: self.class::DEFAULT_MAX_RETRY_DELAY,
124
+ tls_verify_peer: self.class::DEFAULT_TLS_VERIFY_PEER
119
125
  )
120
126
  base_url ||= DockerEngineRuby::Client::ENVIRONMENTS.fetch(environment&.to_sym || :production) do
121
- message = "environment must be one of #{DockerEngineRuby::Client::ENVIRONMENTS.keys}, got #{environment}"
127
+ message = "environment must be one of " \
128
+ "#{DockerEngineRuby::Client::ENVIRONMENTS.keys}, got #{environment}"
122
129
  raise ArgumentError.new(message)
123
130
  end
124
131
 
@@ -132,6 +139,7 @@ module DockerEngineRuby
132
139
  max_retries: max_retries,
133
140
  initial_retry_delay: initial_retry_delay,
134
141
  max_retry_delay: max_retry_delay,
142
+ tls_verify_peer: tls_verify_peer,
135
143
  tls_ca_cert_path: @tls_ca_cert_path,
136
144
  tls_client_cert_path: @tls_client_cert_path,
137
145
  tls_client_key_path: @tls_client_key_path
data/lib/docker_engine_ruby/internal/transport/base_client.rb CHANGED
@@ -197,6 +197,7 @@ module DockerEngineRuby
197
197
  # @param max_retry_delay [Float]
198
198
  # @param headers [Hash{String=>String, Integer, Array<String, Integer, nil>, nil}]
199
199
  # @param idempotency_header [String, nil]
200
+ # @param tls_verify_peer [Boolean]
200
201
  # @param tls_ca_cert_path [String, nil]
201
202
  # @param tls_client_cert_path [String, nil]
202
203
  # @param tls_client_key_path [String, nil]
@@ -208,6 +209,7 @@ module DockerEngineRuby
208
209
  max_retry_delay: 0.0,
209
210
  headers: {},
210
211
  idempotency_header: nil,
212
+ tls_verify_peer: true,
211
213
  tls_ca_cert_path: nil,
212
214
  tls_client_cert_path: nil,
213
215
  tls_client_key_path: nil
@@ -219,6 +221,7 @@ module DockerEngineRuby
219
221
  end
220
222
  @requester = DockerEngineRuby::Internal::Transport::PooledNetRequester.new(
221
223
  unix_socket_path: @unix_socket_path,
224
+ tls_verify_peer: tls_verify_peer,
222
225
  tls_ca_cert_path: tls_ca_cert_path,
223
226
  tls_client_cert_path: tls_client_cert_path,
224
227
  tls_client_key_path: tls_client_key_path
data/lib/docker_engine_ruby/internal/transport/pooled_net_requester.rb CHANGED
@@ -37,10 +37,11 @@ module DockerEngineRuby
37
37
  # @param tls_cert [OpenSSL::X509::Certificate, nil]
38
38
  # @param tls_key [OpenSSL::PKey::PKey, nil]
39
39
  # @param unix_socket_path [String, nil]
40
+ # @param tls_verify_peer [Boolean]
40
41
  # @param url [URI::Generic]
41
42
  #
42
43
  # @return [Net::HTTP]
43
- def connect(cert_store:, tls_cert:, tls_key:, unix_socket_path:, url:)
44
+ def connect(cert_store:, tls_cert:, tls_key:, unix_socket_path:, tls_verify_peer:, url:)
44
45
  if unix_socket_path
45
46
  return UnixSocketHTTP.new(unix_socket_path).tap do
46
47
  _1.use_ssl = false
@@ -65,6 +66,7 @@ module DockerEngineRuby
65
66
  _1.cert_store = cert_store
66
67
  _1.cert = tls_cert if tls_cert
67
68
  _1.key = tls_key if tls_key
69
+ _1.verify_mode = tls_verify_peer ? OpenSSL::SSL::VERIFY_PEER : OpenSSL::SSL::VERIFY_NONE
68
70
  end
69
71
  end
70
72
  end
@@ -141,6 +143,7 @@ module DockerEngineRuby
141
143
  tls_cert: @tls_cert,
142
144
  tls_key: @tls_key,
143
145
  unix_socket_path: unix_socket_path,
146
+ tls_verify_peer: @tls_verify_peer,
144
147
  url: url
145
148
  )
146
149
  end
@@ -236,9 +239,11 @@ module DockerEngineRuby
236
239
  # @param tls_client_cert_path [String, nil]
237
240
  # @param tls_client_key_path [String, nil]
238
241
  # @param unix_socket_path [String, nil]
242
+ # @param tls_verify_peer [Boolean]
239
243
  def initialize(
240
244
  size: self.class::DEFAULT_MAX_CONNECTIONS,
241
245
  unix_socket_path: nil,
246
+ tls_verify_peer: true,
242
247
  tls_ca_cert_path: nil,
243
248
  tls_client_cert_path: nil,
244
249
  tls_client_key_path: nil
@@ -246,12 +251,15 @@ module DockerEngineRuby
246
251
  @mutex = Mutex.new
247
252
  @size = size
248
253
  @default_unix_socket_path = unix_socket_path
254
+ @tls_verify_peer = tls_verify_peer
249
255
  @cert_store = OpenSSL::X509::Store.new.tap(&:set_default_paths)
250
256
  @cert_store.add_file(tls_ca_cert_path) if tls_ca_cert_path
251
257
 
252
258
  if tls_client_cert_path || tls_client_key_path
253
259
  if tls_client_cert_path.nil? || tls_client_key_path.nil?
254
- raise ArgumentError.new("Both tls_client_cert_path and tls_client_key_path must be provided together.")
260
+ raise ArgumentError.new(
261
+ "Both tls_client_cert_path and tls_client_key_path must be provided together."
262
+ )
255
263
  end
256
264
 
257
265
  @tls_cert = OpenSSL::X509::Certificate.new(File.read(tls_client_cert_path))
data/lib/docker_engine_ruby/version.rb CHANGED
@@ -1,5 +1,5 @@
1
1
  # frozen_string_literal: true
2
2
 
3
3
  module DockerEngineRuby
4
- VERSION = "0.7.2"
4
+ VERSION = "0.7.3"
5
5
  end
data/rbi/docker_engine_ruby/client.rbi CHANGED
@@ -10,6 +10,8 @@ module DockerEngineRuby
10
10
 
11
11
  DEFAULT_MAX_RETRY_DELAY = T.let(8.0, Float)
12
12
 
13
+ DEFAULT_TLS_VERIFY_PEER = T.let(T.unsafe(nil), T::Boolean)
14
+
13
15
  ENVIRONMENTS =
14
16
  T.let(
15
17
  {
@@ -88,7 +90,8 @@ module DockerEngineRuby
88
90
  max_retries: Integer,
89
91
  timeout: Float,
90
92
  initial_retry_delay: Float,
91
- max_retry_delay: Float
93
+ max_retry_delay: Float,
94
+ tls_verify_peer: T::Boolean
92
95
  ).returns(T.attached_class)
93
96
  end
94
97
  def self.new(
@@ -115,7 +118,8 @@ module DockerEngineRuby
115
118
  max_retries: DockerEngineRuby::Client::DEFAULT_MAX_RETRIES,
116
119
  timeout: DockerEngineRuby::Client::DEFAULT_TIMEOUT_IN_SECONDS,
117
120
  initial_retry_delay: DockerEngineRuby::Client::DEFAULT_INITIAL_RETRY_DELAY,
118
- max_retry_delay: DockerEngineRuby::Client::DEFAULT_MAX_RETRY_DELAY
121
+ max_retry_delay: DockerEngineRuby::Client::DEFAULT_MAX_RETRY_DELAY,
122
+ tls_verify_peer: DockerEngineRuby::Client::DEFAULT_TLS_VERIFY_PEER
119
123
  )
120
124
  end
121
125
  end
data/rbi/docker_engine_ruby/internal/transport/base_client.rbi CHANGED
@@ -166,6 +166,7 @@ module DockerEngineRuby
166
166
  )
167
167
  ],
168
168
  idempotency_header: T.nilable(String),
169
+ tls_verify_peer: T::Boolean,
169
170
  tls_ca_cert_path: T.nilable(String),
170
171
  tls_client_cert_path: T.nilable(String),
171
172
  tls_client_key_path: T.nilable(String)
@@ -179,6 +180,7 @@ module DockerEngineRuby
179
180
  max_retry_delay: 0.0,
180
181
  headers: {},
181
182
  idempotency_header: nil,
183
+ tls_verify_peer: true,
182
184
  tls_ca_cert_path: nil,
183
185
  tls_client_cert_path: nil,
184
186
  tls_client_key_path: nil
data/rbi/docker_engine_ruby/internal/transport/pooled_net_requester.rbi CHANGED
@@ -31,12 +31,13 @@ module DockerEngineRuby
31
31
  cert_store: OpenSSL::X509::Store,
32
32
  tls_cert: T.nilable(OpenSSL::X509::Certificate),
33
33
  tls_key: T.nilable(OpenSSL::PKey::PKey),
34
+ tls_verify_peer: T::Boolean,
34
35
  url: URI::Generic
35
36
  ).returns(
36
37
  Net::HTTP
37
38
  )
38
39
  end
39
- def connect(cert_store:, tls_cert:, tls_key:, url:)
40
+ def connect(cert_store:, tls_cert:, tls_key:, tls_verify_peer:, url:)
40
41
  end
41
42
 
42
43
  # @api private
@@ -81,6 +82,7 @@ module DockerEngineRuby
81
82
  sig do
82
83
  params(
83
84
  size: Integer,
85
+ tls_verify_peer: T::Boolean,
84
86
  tls_ca_cert_path: T.nilable(String),
85
87
  tls_client_cert_path: T.nilable(String),
86
88
  tls_client_key_path: T.nilable(String)
@@ -88,6 +90,7 @@ module DockerEngineRuby
88
90
  end
89
91
  def self.new(
90
92
  size: DockerEngineRuby::Internal::Transport::PooledNetRequester::DEFAULT_MAX_CONNECTIONS,
93
+ tls_verify_peer: true,
91
94
  tls_ca_cert_path: nil,
92
95
  tls_client_cert_path: nil,
93
96
  tls_client_key_path: nil
data/sig/docker_engine_ruby/client.rbs CHANGED
@@ -8,6 +8,8 @@ module DockerEngineRuby
8
8
 
9
9
  DEFAULT_MAX_RETRY_DELAY: Float
10
10
 
11
+ DEFAULT_TLS_VERIFY_PEER: bool
12
+
11
13
  ENVIRONMENTS: {
12
14
  production: "http://localhost:2375",
13
15
  production_tls: "https://localhost:2376"
@@ -58,7 +60,8 @@ module DockerEngineRuby
58
60
  ?max_retries: Integer,
59
61
  ?timeout: Float,
60
62
  ?initial_retry_delay: Float,
61
- ?max_retry_delay: Float
63
+ ?max_retry_delay: Float,
64
+ ?tls_verify_peer: bool
62
65
  ) -> void
63
66
  end
64
67
  end
data/sig/docker_engine_ruby/internal/transport/base_client.rbs CHANGED
@@ -83,6 +83,7 @@ module DockerEngineRuby
83
83
  | Integer
84
84
  | ::Array[(String | Integer)?])?],
85
85
  ?idempotency_header: String?,
86
+ ?tls_verify_peer: bool,
86
87
  ?tls_ca_cert_path: String?,
87
88
  ?tls_client_cert_path: String?,
88
89
  ?tls_client_key_path: String?
data/sig/docker_engine_ruby/internal/transport/pooled_net_requester.rbs CHANGED
@@ -21,6 +21,7 @@ module DockerEngineRuby
21
21
  cert_store: OpenSSL::X509::Store,
22
22
  tls_cert: OpenSSL::X509::Certificate?,
23
23
  tls_key: OpenSSL::PKey::PKey?,
24
+ tls_verify_peer: bool,
24
25
  url: URI::Generic
25
26
  ) -> top
26
27
 
@@ -45,6 +46,7 @@ module DockerEngineRuby
45
46
 
46
47
  def initialize: (
47
48
  ?size: Integer,
49
+ ?tls_verify_peer: bool,
48
50
  ?tls_ca_cert_path: String?,
49
51
  ?tls_client_cert_path: String?,
50
52
  ?tls_client_key_path: String?
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: docker-engine-ruby
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.7.2
4
+ version: 0.7.3
5
5
  platform: ruby
6
6
  authors:
7
7
  - Docker
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2026-02-20 00:00:00.000000000 Z
11
+ date: 2026-02-24 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: cgi