registryclient

package
v0.0.0-...-201d816 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 16, 2024 License: Apache-2.0 Imports: 24 Imported by: 125

Documentation

Index

Constants

This section is empty.

Variables

View Source
var (
	NoCredentials auth.CredentialStore = &noopCredentialStore{}
)

Functions

func ContentDigestForManifest

func ContentDigestForManifest(manifest distribution.Manifest, algo digest.Algorithm) (digest.Digest, error)

ContentDigestForManifest returns the digest in the provided algorithm of the supplied manifest's contents.

func VerifyManifestIntegrity

func VerifyManifestIntegrity(manifest distribution.Manifest, dgst digest.Digest) error

VerifyManifestIntegrity checks the provided manifest against the specified digest and returns an error if the manifest does not match that digest.

Types

type AlternateBlobSourceStrategy

type AlternateBlobSourceStrategy interface {
	// FirstRequest returns the set of locations that should be searched in a preferred order. If locator
	// is not included in the response it will not be searched. If alternateRepositories is an empty list
	// no lookup will be performed and requests will exit with an error. If alternateRepositories is nil
	// and err is nil, OnFailure will be invoked if the first request fails.
	FirstRequest(ctx context.Context, locator reference.DockerImageReference) (alternateRepositories []reference.DockerImageReference, err error)
	// OnFailure is invoked if FirstRequest returned no error and a nil list of locations if and only if
	// an API call fails on the specified request. The result of alternateRepositories is cached for
	// subsequent calls to that repository.
	OnFailure(ctx context.Context, locator reference.DockerImageReference) (alternateRepositories []reference.DockerImageReference, err error)
}

AlternateBlobSourceStrategy is consulted when a repository cannot be reached to find alternate repositories that may be able to serve a given content-addressed blob. The strategy is consulted at most twice - once before any request is made to a given repository. If FirstRequest() returns a list of alternates, OnFailure is not invoked.

type AuthHandlersFunc

type AuthHandlersFunc func(transport http.RoundTripper, registry *url.URL, repoName string) []auth.AuthenticationHandler

type BasicCredentials

type BasicCredentials struct {
	// contains filtered or unexported fields
}

func NewBasicCredentials

func NewBasicCredentials() *BasicCredentials

func (*BasicCredentials) Add

func (c *BasicCredentials) Add(url *url.URL, username, password string)

func (*BasicCredentials) Basic

func (c *BasicCredentials) Basic(url *url.URL) (string, string)

func (BasicCredentials) RefreshToken

func (s BasicCredentials) RefreshToken(url *url.URL, service string) string

func (BasicCredentials) SetRefreshToken

func (s BasicCredentials) SetRefreshToken(url *url.URL, service string, token string)

type Context

type Context struct {
	Transport          http.RoundTripper
	InsecureTransport  http.RoundTripper
	Challenges         challenge.Manager
	Scopes             []auth.Scope
	Actions            []string
	Retries            int
	Credentials        auth.CredentialStore
	CredentialsFactory CredentialStoreFactory
	RequestModifiers   []transport.RequestModifier
	Limiter            *rate.Limiter
	Alternates         AlternateBlobSourceStrategy

	DisableDigestVerification bool
	// contains filtered or unexported fields
}

func NewContext

func NewContext(transp, insecureTransport http.RoundTripper) *Context

NewContext is capable of creating RepositoryRetrievers.

func (*Context) Copy

func (c *Context) Copy() *Context

func (*Context) Ping

func (c *Context) Ping(ctx context.Context, registry *url.URL, insecure bool) (http.RoundTripper, *url.URL, error)

Ping contacts a registry and returns the transport and URL of the registry or an error.

func (*Context) Repository

func (c *Context) Repository(ctx context.Context, registry *url.URL, repoName string, insecure bool) (distribution.Repository, error)

Repository returns a distribution.Repository against the provided registry and repository name. If insecure is true, HTTP connections are allowed and HTTPS certificate verification errors will be ignored. The returned Repository instance is threadsafe but the ManifestService, TagService, or BlobService are not. Note - the caller is responsible for providing a valid registry url for docker.io - use RepositoryForRef() to avoid that.

func (*Context) RepositoryForRef

func (c *Context) RepositoryForRef(ctx context.Context, ref imagereference.DockerImageReference, insecure bool) (distribution.Repository, error)

RepositoryForRef returns a distribution.Repository against the provided image reference. If insecure is true, HTTP connections are allowed and HTTPS certificate verification errors will be ignored. The returned Repository instance is threadsafe but the ManifestService, TagService, or BlobService are not.

func (*Context) Reset

func (c *Context) Reset()

Reset clears any cached repository info for this context.

func (*Context) WithActions

func (c *Context) WithActions(actions ...string) *Context

func (*Context) WithAlternateBlobSourceStrategy

func (c *Context) WithAlternateBlobSourceStrategy(alternateStrategy AlternateBlobSourceStrategy) *Context

func (*Context) WithCredentials

func (c *Context) WithCredentials(credentials auth.CredentialStore) *Context

func (*Context) WithCredentialsFactory

func (c *Context) WithCredentialsFactory(factory CredentialStoreFactory) *Context

func (*Context) WithRateLimiter

func (c *Context) WithRateLimiter(limiter *rate.Limiter) *Context

func (*Context) WithRequestModifiers

func (c *Context) WithRequestModifiers(modifiers ...transport.RequestModifier) *Context

func (*Context) WithScopes

func (c *Context) WithScopes(scopes ...auth.Scope) *Context

type CredentialStoreFactory

type CredentialStoreFactory interface {
	CredentialStoreFor(image string) auth.CredentialStore
}

CredentialStoreFactory is any entity capable of creating a CredentialStore based on an image path (such as quay.io/fedora/fedora).

type ErrNotV2Registry

type ErrNotV2Registry struct {
	Registry string
	Status   string
}

ErrNotV2Registry is returned when the server does not report itself as a V2 Docker registry

func (*ErrNotV2Registry) Error

func (e *ErrNotV2Registry) Error() string

type ManifestWithLocationService

type ManifestWithLocationService interface {
	distribution.ManifestService

	// GetWithLocation returns the registry URL the provided manifest digest was retrieved from which may be Repository.Named(),
	// or one of the blob mirrors if alternate location for blob sources was provided. It returns an error if the digest could not be
	// located - if an error is returned the source reference (Repository.Named()) will be set.
	GetWithLocation(ctx context.Context, dgst digest.Digest, options ...distribution.ManifestServiceOption) (distribution.Manifest, reference.DockerImageReference, error)
}

ManifestWithLocationService extends the ManifestService to allow clients to retrieve a manifest and get the location of the mirrored manifest. Not all ManifestServices returned from a Repository will support this interface and it must be conditional.

type RefreshTokenStore

type RefreshTokenStore interface {
	RefreshToken(url *url.URL, service string) string
	SetRefreshToken(url *url.URL, service string, token string)
}

func NewRefreshTokenStore

func NewRefreshTokenStore() RefreshTokenStore

type RepositoryRetriever

type RepositoryRetriever interface {
	// Repository returns a properly authenticated distribution.Repository for the given registry, repository
	// name, and insecure toleration behavior.
	Repository(ctx context.Context, registry *url.URL, repoName string, insecure bool) (distribution.Repository, error)
}

RepositoryRetriever fetches a Docker distribution.Repository.

type RepositoryWithLocation

type RepositoryWithLocation interface {
	distribution.Repository

	// Ref returns the DockerImageReference representing this repository.
	Ref() reference.DockerImageReference
}

RepositoryWithLocation extends the Repository and allows clients to know which repository registry this talks to as primary (as a complement to Named() which does not include the URL).

func NewLimitedRetryRepository

func NewLimitedRetryRepository(ref imagereference.DockerImageReference, repo distribution.Repository, retries int, limiter *rate.Limiter) RepositoryWithLocation

NewLimitedRetryRepository wraps a distribution.Repository with helpers that will retry temporary failures over a limited time window and duration, and also obeys a rate limit.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL