registrytest

package
v0.11.2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 22, 2025 License: Apache-2.0 Imports: 24 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Upload added in v0.8.0

func Upload(ctx context.Context, r ociregistry.Interface, fsys fs.FS) error

Upload uploads the modules found inside fsys (stored in the format described by New) to the given registry.

Types

type ACL added in v0.9.0

type ACL struct {
	// Allow holds the list of allowed paths for a user.
	// If none match, the user is forbidden.
	Allow []string
	// Deny holds the list of denied paths for a user.
	// If any match, the user is forbidden.
	Deny []string
}

ACL determines what endpoints an authenticated user can accesse Both Allow and Deny hold a list of regular expressions that are matched against an HTTP request formatted as a string:

METHOD URL_PATH

For example:

GET /v2/foo/bar

type AuthConfig

type AuthConfig struct {
	// Username and Password hold the basic auth credentials.
	// If UseTokenServer is true, these apply to the token server
	// rather than to the registry itself.
	Username string `json:"username"`
	Password string `json:"password"`

	// BearerToken holds a bearer token to use as auth.
	// If UseTokenServer is true, this applies to the token server
	// rather than to the registry itself.
	BearerToken string `json:"bearerToken"`

	// UseTokenServer starts a token server and directs client
	// requests to acquire auth tokens from that server.
	UseTokenServer bool `json:"useTokenServer"`

	// ACL holds the ACL for an authenticated client.
	// If it's nil, the user is allowed full access.
	// Note: there's only one ACL because we only
	// support a single authenticated user.
	ACL *ACL `json:"acl,omitempty"`

	// Use401InsteadOf403 causes the server to send a 401
	// response even when the credentials are present and correct.
	Use401InsteadOf403 bool `json:"always401"`
}

AuthConfig specifies authorization requirements for the server.

type Registry

type Registry struct {
	// contains filtered or unexported fields
}

func New

func New(fsys fs.FS, prefix string) (*Registry, error)

New starts a registry instance that serves modules found inside fsys. It serves the OCI registry protocol. If prefix is non-empty, all module paths will be prefixed by that, separated by a slash (/).

Each module should be inside a directory named path_vers, where slashes in path have been replaced with underscores and should contain a cue.mod/module.cue file holding the module info.

If there's a file named auth.json in the root directory, it will cause access to the server to be gated by the specified authorization. See the AuthConfig type for details.

The Registry should be closed after use.

func NewServer added in v0.9.0

func NewServer(r ociregistry.Interface, auth *AuthConfig) (*Registry, error)

NewServer is like New except that instead of uploading the contents of a filesystem, it just serves the contents of the given registry guarded by the given auth configuration. If auth is nil, no authentication will be required.

func (*Registry) Close

func (r *Registry) Close()

func (*Registry) Host

func (r *Registry) Host() string

Host returns the hostname for the registry server; for example localhost:13455.

The connection can be assumed to be insecure.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL