remote

package
v0.0.0-...-7ccd0ad Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 11, 2024 License: Apache-2.0 Imports: 32 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	DockerContentDigestHeader = "Docker-Content-Digest"
)

Variables

This section is empty.

Functions

func DetectScheme 

func DetectScheme(ctx context.Context, client xhttp.Client, addr string) (string, error)

DetectScheme sniffs the protocol of the target registry server is "http" or "https".

func IsDirectRequest 

func IsDirectRequest(ctx context.Context) bool

IsDirectRequest checks whether the request should send without authorization by the context of the request.

func ManifestAcceptHeader 

func ManifestAcceptHeader(mediaTypes ...string) string

ManifestAcceptHeader returns media types joined by ", " which is used to set the "Accept" request header. When the "mediaTypes" is empty, default media types used.

func WithDirectRequest 

func WithDirectRequest(ctx context.Context) context.Context

WithDirectRequest injects direct signal to tell the http client do request without authorization.

Types

type AuthProvider 

type AuthProvider func(ctx context.Context, host string) authn.AuthConfig

AuthProvider provides the AuthConfig related to the registry.

func NewAuthProviderFromAuthFile 

func NewAuthProviderFromAuthFile(authFile *authfile.AuthFile) AuthProvider

NewAuthProviderFromAuthFile returns an AuthProvider with the *authfile.AuthFile provided.

func NewAuthProviderFromAuthFilePath 

func NewAuthProviderFromAuthFilePath(path string) (AuthProvider, error)

NewAuthProviderFromAuthFilePath returns an AuthProvider with the auth file path provided. It will ignore the file load error when the path is not existed.

type ChallengeCache 

type ChallengeCache = xcache.Cache[authn.Challenge]

ChallengeCache is the cache for the Challenge related to the registry.

type Client 

type Client struct {
	// Client is the underlying HTTP client used to access the remote
	// server. If nil, http.DefaultClient is used.
	Client *http.Client

	// Header contains the custom headers to be added to each request.
	Header http.Header

	// AuthProvider returns AuthConfig related to the registry, which just returns an
	// empty AuthConfig when not found.
	AuthProvider AuthProvider

	// ChallengeCache is the cache for Challenge related to the registry, if not set,
	// default to a cache which will discard all operations.
	ChallengeCache ChallengeCache

	// TokenCache is the cache for Token related to the registry and scopes, if not set,
	// default to a cache which will discard all operations
	TokenCache TokenCache

	// TokenOptions is the options to fetch token for authorization.
	TokenOptions TokenOptions
}

Client implements [HTTPClient] interface for common distribution authentication spec.

func NewClient 

func NewClient() *Client

NewClient returns the default client with the memory-based cache.

func (*Client) Do 

func (c *Client) Do(request *http.Request) (*http.Response, error)

Do performs an HTTP request and returns an HTTP response with additinal processes like authenticating the request.

func (*Client) NewRegistry 

func (c *Client) NewRegistry(ctx context.Context, name ocispecname.Registry) (*Registry, error)

NewRegistry creates a client which implements distribution-spec interface to the remote registry.

func (*Client) NewRepository 

func (c *Client) NewRepository(ctx context.Context, name ocispecname.Repository) (*Repository, error)

NewRepository creates a client which implements distribution-spec interface to the remote repository.

type Registry 

type Registry struct {
	// contains filtered or unexported fields
}

Registry provides access to a remote registry.

func (*Registry) DeleteBlob 

func (spec *Registry) DeleteBlob(ctx context.Context, repo string, dgst digest.Digest) error

DeleteBlob deletes the blob with the given digest in the given repository.

func (*Registry) DeleteManifest 

func (spec *Registry) DeleteManifest(ctx context.Context, repo string, reference string) error

DeleteManifest deletes the manifest with the given digest in the given repository.

func (*Registry) GetBlob 

func (spec *Registry) GetBlob(ctx context.Context, repo string, dgst digest.Digest) (cas.ReadCloser, error)

GetBlob returns the content of the blob with the given digest.

func (*Registry) GetManifest 

func (spec *Registry) GetManifest(ctx context.Context, repo string, reference string) (cas.ReadCloser, error)

GetManifest returns the content of the manifest with the given reference.

func (*Registry) GetReferrers 

func (spec *Registry) GetReferrers(ctx context.Context, repo string, dgst digest.Digest, artifactType string) ([]imgspecv1.Descriptor, error)

GetReferrers returns descriptors of referrers with the given "dgst" and "artifactType" used to filter artifacts.

If the Referrers API returns a 404, the client MUST fallback to pulling the Referrers Tag Schema. The response SHOULD be an image index with the same content that would be expected from the Referrers API. If the response to the Referrers API is a 404, and the Referrers Tag Schema does not return a valid image index, the client SHOULD assume there are no referrers to the manifest.

func (*Registry) GetVersion 

func (spec *Registry) GetVersion(ctx context.Context) (string, error)

GetVersion checks the registry accessible and returns the properties of the registry.

func (*Registry) ListReferrers 

func (spec *Registry) ListReferrers(ctx context.Context, repo string, dgst digest.Digest, artifactType string) ([]imgspecv1.Descriptor, error)

Referrers returns an iterator that can be used to iterate over all the manifests that have the given digest as their Subject.

If "artifactType" is specified, the results will be restricted to only manifests with that type.

func (*Registry) ListRepositories 

func (spec *Registry) ListRepositories(opts ...distribution.ListOption) iter.Iterator[string]

ListRepositories returns an iterator that can be used to iterate over all the repositories in the registry in order.

func (*Registry) ListTags 

func (spec *Registry) ListTags(repo string, opts ...distribution.ListOption) iter.Iterator[string]

ListTags returns an iterator that can be used to iterate over all the tags in the given repository in order.

func (*Registry) MountBlob 

func (spec *Registry) MountBlob(ctx context.Context, repo string, from string, dgst digest.Digest) (bool, error)

MountBlob makes a blob with the given digest that's in "from" repository available in "repo" repository and returns mounted successfully or not.

As distribution-spec specified:

"Alternatively, if a registry does not support cross-repository mounting or is unable to mount the requested blob, it SHOULD return a 202. This indicates that the upload session has begun and that the client MAY proceed with the upload."

So the returns composites as follow:

  • "true, nil" means mount succeed.
  • "false, nil" means mount is unsupported.
  • "false, err" means mount failed with unexpected error.

func (*Registry) Name 

func (spec *Registry) Name() ocispecname.Registry

Name returns the name of the registry.

func (*Registry) Ping 

func (spec *Registry) Ping(ctx context.Context) error

Ping checks registry is accessible.

func (*Registry) PushBlob 

func (spec *Registry) PushBlob(ctx context.Context, repo string, getter cas.ReadCloserGetter) error

PushBlob pushes a blob monolithically to the given repository, reading the descriptor and content from "getter".

Push is done by conventional 2-step monolithic upload instead of a single `POST` request for better overall performance. It also allows early fail on authentication errors.

func (*Registry) PushBlobChunked 

func (spec *Registry) PushBlobChunked(ctx context.Context, repo string, chunkSize int64) (distribution.BlobWriteCloser, error)

PushBlobChunked starts to push a blob to the given repository. The returned [BlobWriteCloser] can be used to stream the upload and resume on temporary errors.

The chunkSize parameter provides a hint for the chunk size to use when writing to the registry. If it's zero, a suitable default will be chosen. It might be larger if the underlying registry requires that.

The context remains active as long as the BlobWriteCloser is around: if it's canceled, it should cause any blocked BlobWriteCloser operations to terminate.

func (*Registry) PushBlobChunkedResume 

func (spec *Registry) PushBlobChunkedResume(ctx context.Context, repo string, chunkSize int64, id string, offset int64) (distribution.BlobWriteCloser, error)

PushBlobChunkedResume resumes a previous push of a blob started with PushBlobChunked. The id should be the value returned from [BlobWriteCloser.ID] from the previous push. and the offset should be the value returned from [BlobWriteCloser.Size].

The offset and chunkSize should similarly be obtained from the previous [BlobWriterCloser] via the [BlobWriteCloser.Size] and [BlobWriteCloser.ChunkSize] methods. Alternatively, set offset to -1 to continue where the last write left off, and to only use chunkSize as a hint like in PushBlobChunked.

The context remains active as long as the BlobWriteCloser is around: if it's canceled, it should cause any blocked BlobWriteCloser operations to terminate.

func (*Registry) PushManifest 

func (spec *Registry) PushManifest(ctx context.Context, repo string, r cas.Reader, tags ...string) error

PushManifest pushes a manifest with the given descriptor and tags.

func (*Registry) Repository 

func (spec *Registry) Repository(path string) *Repository

RepositoryE returns the Repository by the given path which is the repository name.

NOTE: Invalid "path" will cause panic.

func (*Registry) RepositoryE 

func (spec *Registry) RepositoryE(path string) (*Repository, error)

Repository returns the Repository by the given path which is the repository name.

func (*Registry) Spec 

func (spec *Registry) Spec() distribution.Spec

Spec returns the distribution-spec interface.

func (*Registry) StatBlob 

func (spec *Registry) StatBlob(ctx context.Context, repo string, dgst digest.Digest) (imgspecv1.Descriptor, error)

StatBlob returns the descriptor of the blob with the given digest.

func (*Registry) StatManifest 

func (spec *Registry) StatManifest(ctx context.Context, repo string, reference string) (imgspecv1.Descriptor, error)

StatManifest returns the descriptor of the manifest with the given reference.

type Repository 

type Repository struct {
	// contains filtered or unexported fields
}

Repository provides access to a remote repository.

func (*Repository) Blobs 

func (r *Repository) Blobs() distribution.BlobStore

Blobs returns a reference to this repository's blob storage.

func (*Repository) Manifests 

func (r *Repository) Manifests() distribution.ManifestStore

Manifests returns a reference to this repository's manifest storage.

func (*Repository) Name 

func (r *Repository) Name() ocispecname.Repository

Name returns the name of the repository.

func (*Repository) Registry 

func (r *Repository) Registry() *Registry

Registry returns the registry of the repository.

func (*Repository) Tags 

func (r *Repository) Tags() distribution.TagStore

Tags returns a reference to this repository's tag storage.

type TokenCache 

type TokenCache = xcache.Cache[authn.Token]

TokenCache is the cache for the Token related to the registry and scopes.

type TokenOptions 

type TokenOptions struct {
	// ClientID used in fetching OAuth2 token as a required field.
	// If empty, a default client ID is used.
	// Reference:
	// - https://docs.docker.com/registry/spec/auth/oauth/#getting-a-token
	ClientID string

	// ForceAttemptOAuth2 controls whether to follow OAuth2 with password grant
	// instead the distribution spec when authenticating using username and
	// password.
	// References:
	// - https://docs.docker.com/registry/spec/auth/jwt/
	// - https://docs.docker.com/registry/spec/auth/oauth/
	ForceAttemptOAuth2 bool

	// OfflineToken controls whether to return a refresh token along with the bearer token.
	// A refresh token is capable of getting additional bearer tokens for the same subject
	// with different scopes. The refresh token does not have an expiration and should be
	// considered completely opaque to the client.
	// References:
	// - https://docs.docker.com/registry/spec/auth/token/
	OfflineToken bool
}

TokenOptions is the options for fetching token from remote.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.