mirror of https://github.com/harness/drone.git
128 lines
4.1 KiB
Go
128 lines
4.1 KiB
Go
// Source: https://github.com/distribution/distribution
|
|
|
|
// Copyright 2014 https://github.com/distribution/distribution Authors
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package docker
|
|
|
|
import (
|
|
"context"
|
|
"crypto/rand"
|
|
"fmt"
|
|
|
|
corestore "github.com/harness/gitness/app/store"
|
|
"github.com/harness/gitness/registry/app/dist_temp/dcontext"
|
|
"github.com/harness/gitness/registry/app/dist_temp/errcode"
|
|
storagedriver "github.com/harness/gitness/registry/app/driver"
|
|
"github.com/harness/gitness/registry/app/pkg"
|
|
registrystorage "github.com/harness/gitness/registry/app/storage"
|
|
"github.com/harness/gitness/registry/app/store"
|
|
"github.com/harness/gitness/registry/gc"
|
|
"github.com/harness/gitness/types"
|
|
|
|
"github.com/jmoiron/sqlx"
|
|
"github.com/opencontainers/go-digest"
|
|
"github.com/rs/zerolog/log"
|
|
)
|
|
|
|
// randomSecretSize is the number of random bytes to generate if no secret
|
|
// was specified.
|
|
const randomSecretSize = 32
|
|
|
|
// App is a global registry application object. Shared resources can be placed
|
|
// on this object that will be accessible from all requests. Any writable
|
|
// fields should be protected.
|
|
type App struct {
|
|
context.Context
|
|
|
|
Config *types.Config
|
|
storageService *registrystorage.Service
|
|
}
|
|
|
|
// NewApp takes a configuration and returns a configured app.
|
|
func NewApp(
|
|
ctx context.Context, sqlDB *sqlx.DB, storageDeleter storagedriver.StorageDeleter,
|
|
blobRepo store.BlobRepository, spaceStore corestore.SpaceStore,
|
|
cfg *types.Config, storageService *registrystorage.Service,
|
|
gcService gc.Service,
|
|
) *App {
|
|
app := &App{
|
|
Context: ctx,
|
|
Config: cfg,
|
|
storageService: storageService,
|
|
}
|
|
app.configureSecret(cfg)
|
|
gcService.Start(ctx, sqlDB, spaceStore, blobRepo, storageDeleter, cfg)
|
|
return app
|
|
}
|
|
|
|
func GetStorageService(cfg *types.Config, driver storagedriver.StorageDriver) *registrystorage.Service {
|
|
options := registrystorage.GetRegistryOptions()
|
|
if cfg.Registry.Storage.S3Storage.Delete {
|
|
options = append(options, registrystorage.EnableDelete)
|
|
}
|
|
|
|
if cfg.Registry.Storage.S3Storage.Redirect {
|
|
options = append(options, registrystorage.EnableRedirect)
|
|
} else {
|
|
log.Info().Msg("backend redirection disabled")
|
|
}
|
|
|
|
storageService, err := registrystorage.NewStorageService(driver, options...)
|
|
if err != nil {
|
|
panic("could not create storage service: " + err.Error())
|
|
}
|
|
return storageService
|
|
}
|
|
|
|
func LogError(errList errcode.Errors) {
|
|
for _, e1 := range errList {
|
|
log.Error().Err(e1).Msgf("error: %v", e1)
|
|
}
|
|
}
|
|
|
|
// configureSecret creates a random secret if a secret wasn't included in the
|
|
// configuration.
|
|
func (app *App) configureSecret(configuration *types.Config) {
|
|
if configuration.Registry.HTTP.Secret == "" {
|
|
var secretBytes [randomSecretSize]byte
|
|
if _, err := rand.Read(secretBytes[:]); err != nil {
|
|
panic(fmt.Sprintf("could not generate random bytes for HTTP secret: %v", err))
|
|
}
|
|
configuration.Registry.HTTP.Secret = string(secretBytes[:])
|
|
dcontext.GetLogger(app, log.Warn()).
|
|
Msg(
|
|
"No HTTP secret provided - generated random secret. This may cause problems with uploads if" +
|
|
" multiple registries are behind a load-balancer. To provide a shared secret," +
|
|
" set the GITNESS_REGISTRY_HTTP_SECRET environment variable.",
|
|
)
|
|
}
|
|
}
|
|
|
|
// context constructs the context object for the application. This only be
|
|
// called once per request.
|
|
func (app *App) GetBlobsContext(c context.Context, info pkg.RegistryInfo) *Context {
|
|
context := &Context{
|
|
App: app,
|
|
Context: c,
|
|
UUID: info.Reference,
|
|
Digest: digest.Digest(info.Digest),
|
|
}
|
|
context.URLBuilder = info.URLBuilder
|
|
blobStore := app.storageService.OciBlobsStore(c, info.RegIdentifier, info.RootIdentifier)
|
|
context.OciBlobStore = blobStore
|
|
|
|
return context
|
|
}
|