shouldRetryWithCredentials reports whether an anonymous registry request failed in a way that authenticating might fix: the registry denied access (401 Unauthorized or 403 Forbidden) or rate-limited the anonymous request (429 Too Many Requests, since authenticated accounts get higher limits).
(err error)
| 275 | // (401 Unauthorized or 403 Forbidden) or rate-limited the anonymous request |
| 276 | // (429 Too Many Requests, since authenticated accounts get higher limits). |
| 277 | func shouldRetryWithCredentials(err error) bool { |
| 278 | var terr *transport.Error |
| 279 | if !errors.As(err, &terr) { |
| 280 | return false |
| 281 | } |
| 282 | switch terr.StatusCode { |
| 283 | case http.StatusUnauthorized, http.StatusForbidden, http.StatusTooManyRequests: |
| 284 | return true |
| 285 | default: |
| 286 | return false |
| 287 | } |
| 288 | } |
| 289 | |
| 290 | func hasCagentAnnotation(annotations map[string]string) bool { |
| 291 | _, exists := annotations["io.docker.agent.version"] |
no outgoing calls