debian-mirror-gitlab/lib/container_registry/client.rb

170 lines
4.9 KiB
Ruby
Raw Normal View History

2018-12-13 13:39:08 +05:30
# frozen_string_literal: true
2016-06-02 11:05:42 +05:30
require 'faraday'
require 'faraday_middleware'
2019-12-21 20:55:43 +05:30
require 'digest'
2016-06-02 11:05:42 +05:30
module ContainerRegistry
class Client
attr_accessor :uri
2019-09-30 21:07:59 +05:30
DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE = 'application/vnd.docker.distribution.manifest.v2+json'
OCI_MANIFEST_V1_TYPE = 'application/vnd.oci.image.manifest.v1+json'
2019-12-21 20:55:43 +05:30
CONTAINER_IMAGE_V1_TYPE = 'application/vnd.docker.container.image.v1+json'
2019-09-30 21:07:59 +05:30
ACCEPTED_TYPES = [DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE, OCI_MANIFEST_V1_TYPE].freeze
2016-06-02 11:05:42 +05:30
2016-08-24 12:49:21 +05:30
# Taken from: FaradayMiddleware::FollowRedirects
REDIRECT_CODES = Set.new [301, 302, 303, 307]
2016-06-02 11:05:42 +05:30
def initialize(base_uri, options = {})
@base_uri = base_uri
2016-08-24 12:49:21 +05:30
@options = options
2016-06-02 11:05:42 +05:30
end
def repository_tags(name)
2016-08-24 12:49:21 +05:30
response_body faraday.get("/v2/#{name}/tags/list")
2016-06-02 11:05:42 +05:30
end
def repository_manifest(name, reference)
2016-08-24 12:49:21 +05:30
response_body faraday.get("/v2/#{name}/manifests/#{reference}")
2016-06-02 11:05:42 +05:30
end
def repository_tag_digest(name, reference)
2016-08-24 12:49:21 +05:30
response = faraday.head("/v2/#{name}/manifests/#{reference}")
2016-06-02 11:05:42 +05:30
response.headers['docker-content-digest'] if response.success?
end
def delete_repository_tag(name, reference)
2019-12-21 20:55:43 +05:30
result = faraday.delete("/v2/#{name}/manifests/#{reference}")
result.success? || result.status == 404
end
def upload_raw_blob(path, blob)
digest = "sha256:#{Digest::SHA256.hexdigest(blob)}"
if upload_blob(path, blob, digest).success?
[blob, digest]
end
end
def upload_blob(name, content, digest)
upload = faraday.post("/v2/#{name}/blobs/uploads/")
2019-12-26 22:10:19 +05:30
return upload unless upload.success?
2019-12-21 20:55:43 +05:30
location = URI(upload.headers['location'])
faraday.put("#{location.path}?#{location.query}") do |req|
req.params['digest'] = digest
req.headers['Content-Type'] = 'application/octet-stream'
req.body = content
end
end
def generate_empty_manifest(path)
image = {
config: {}
}
image, image_digest = upload_raw_blob(path, JSON.pretty_generate(image))
return unless image
{
schemaVersion: 2,
mediaType: DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE,
config: {
mediaType: CONTAINER_IMAGE_V1_TYPE,
size: image.size,
digest: image_digest
}
}
2016-06-02 11:05:42 +05:30
end
def blob(name, digest, type = nil)
2016-08-24 12:49:21 +05:30
type ||= 'application/octet-stream'
response_body faraday_blob.get("/v2/#{name}/blobs/#{digest}", nil, 'Accept' => type), allow_redirect: true
2016-06-02 11:05:42 +05:30
end
def delete_blob(name, digest)
2019-12-21 20:55:43 +05:30
result = faraday.delete("/v2/#{name}/blobs/#{digest}")
result.success? || result.status == 404
end
def put_tag(name, reference, manifest)
response = faraday.put("/v2/#{name}/manifests/#{reference}") do |req|
req.headers['Content-Type'] = DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE
req.body = JSON.pretty_generate(manifest)
end
response.headers['docker-content-digest'] if response.success?
2016-06-02 11:05:42 +05:30
end
2016-08-24 12:49:21 +05:30
2016-06-02 11:05:42 +05:30
private
2016-08-24 12:49:21 +05:30
2016-06-02 11:05:42 +05:30
def initialize_connection(conn, options)
conn.request :json
2016-08-24 12:49:21 +05:30
if options[:user] && options[:password]
conn.request(:basic_auth, options[:user].to_s, options[:password].to_s)
elsif options[:token]
conn.request(:authorization, :bearer, options[:token].to_s)
end
2018-05-09 12:01:36 +05:30
yield(conn) if block_given?
2016-08-24 12:49:21 +05:30
conn.adapter :net_http
end
def accept_manifest(conn)
2019-09-30 21:07:59 +05:30
conn.headers['Accept'] = ACCEPTED_TYPES
2016-06-02 11:05:42 +05:30
2016-06-22 15:30:34 +05:30
conn.response :json, content_type: 'application/json'
conn.response :json, content_type: 'application/vnd.docker.distribution.manifest.v1+prettyjws'
conn.response :json, content_type: 'application/vnd.docker.distribution.manifest.v1+json'
2019-09-30 21:07:59 +05:30
conn.response :json, content_type: DOCKER_DISTRIBUTION_MANIFEST_V2_TYPE
conn.response :json, content_type: OCI_MANIFEST_V1_TYPE
2016-08-24 12:49:21 +05:30
end
2016-06-02 11:05:42 +05:30
2016-08-24 12:49:21 +05:30
def response_body(response, allow_redirect: false)
if allow_redirect && REDIRECT_CODES.include?(response.status)
response = redirect_response(response.headers['location'])
2016-06-02 11:05:42 +05:30
end
2016-08-24 12:49:21 +05:30
response.body if response && response.success?
end
def redirect_response(location)
return unless location
2019-10-12 21:52:04 +05:30
uri = URI(@base_uri).merge(location)
raise ArgumentError, "Invalid scheme for #{location}" unless %w[http https].include?(uri.scheme)
faraday_redirect.get(uri)
2016-06-02 11:05:42 +05:30
end
2016-06-22 15:30:34 +05:30
2016-08-24 12:49:21 +05:30
def faraday
@faraday ||= Faraday.new(@base_uri) do |conn|
2018-05-09 12:01:36 +05:30
initialize_connection(conn, @options, &method(:accept_manifest))
2016-08-24 12:49:21 +05:30
end
end
def faraday_blob
@faraday_blob ||= Faraday.new(@base_uri) do |conn|
initialize_connection(conn, @options)
end
2016-06-22 15:30:34 +05:30
end
2017-09-10 17:25:29 +05:30
# Create a new request to make sure the Authorization header is not inserted
# via the Faraday middleware
def faraday_redirect
@faraday_redirect ||= Faraday.new(@base_uri) do |conn|
conn.request :json
conn.adapter :net_http
end
end
2016-06-02 11:05:42 +05:30
end
end
2019-12-04 20:38:33 +05:30
ContainerRegistry::Client.prepend_if_ee('EE::ContainerRegistry::Client')