2021-01-29 00:20:46 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
class DependencyProxy::Registry
|
2021-02-22 17:27:13 +05:30
|
|
|
AUTH_URL = 'https://auth.docker.io'
|
|
|
|
LIBRARY_URL = 'https://registry-1.docker.io/v2'
|
|
|
|
PROXY_AUTH_URL = Gitlab::Utils.append_path(Gitlab.config.gitlab.url, "jwt/auth")
|
2021-01-29 00:20:46 +05:30
|
|
|
|
|
|
|
class << self
|
|
|
|
def auth_url(image)
|
|
|
|
"#{AUTH_URL}/token?service=registry.docker.io&scope=repository:#{image_path(image)}:pull"
|
|
|
|
end
|
|
|
|
|
|
|
|
def manifest_url(image, tag)
|
|
|
|
"#{LIBRARY_URL}/#{image_path(image)}/manifests/#{tag}"
|
|
|
|
end
|
|
|
|
|
|
|
|
def blob_url(image, blob_sha)
|
|
|
|
"#{LIBRARY_URL}/#{image_path(image)}/blobs/#{blob_sha}"
|
|
|
|
end
|
|
|
|
|
2021-02-22 17:27:13 +05:30
|
|
|
def authenticate_header
|
|
|
|
"Bearer realm=\"#{PROXY_AUTH_URL}\",service=\"#{::Auth::DependencyProxyAuthenticationService::AUDIENCE}\""
|
|
|
|
end
|
|
|
|
|
2021-01-29 00:20:46 +05:30
|
|
|
private
|
|
|
|
|
|
|
|
def image_path(image)
|
|
|
|
if image.include?('/')
|
|
|
|
image
|
|
|
|
else
|
|
|
|
"library/#{image}"
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|