From f92f3b3f6fed7be27cfd75b889fda3f389294177 Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Wed, 5 Oct 2022 17:04:32 -0400 Subject: [PATCH 1/6] feat: adds types, unit tests, and loading functionality for RegistryConfig Closes #96 --- README.md | 16 +++ cmd/client/commands/build_collection.go | 5 + cmd/client/commands/options/common.go | 2 +- cmd/client/commands/options/remote.go | 32 ++++- cmd/client/commands/pull.go | 5 + cmd/client/commands/push.go | 5 + cmd/client/commands/serve.go | 16 ++- go.mod | 6 +- registryclient/errors.go | 12 ++ registryclient/orasclient/options.go | 59 ++++----- registryclient/orasclient/oras.go | 132 +++++++++++++++------ registryclient/orasclient/oras_test.go | 82 ++++++++++++- registryclient/registries.go | 76 ++++++++++++ registryclient/registries_test.go | 127 ++++++++++++++++++++ services/collectionmanager/service.go | 32 +++-- services/collectionmanager/service_test.go | 3 +- 16 files changed, 524 insertions(+), 86 deletions(-) create mode 100644 registryclient/errors.go create mode 100644 registryclient/registries.go create mode 100644 registryclient/registries_test.go diff --git a/README.md b/README.md index e908d8ca..db9c1473 100644 --- a/README.md +++ b/README.md @@ -50,6 +50,22 @@ uor-client-go version 4. Use the `uor-client-go pull` command to pull the artifact back to a local workspace. 5. Use the `uor-client-go inspect` command to inspect the build cache to list information about references. +### Registry Config + +This registry config can be stored to individually configure each registry. It should be named `registry-config.yaml`. +The locations this can be stored in are the current working directory and at `$HOME/.uor/registry-config.yaml`. +As a special case, the prefix field can be missing; if so, it defaults to the value of the location field. + +Example: +```bash +registries: + - prefix: "localhost:5001/test" + location: localhost:5001 + skipTLS: false + plainHTTP: true +``` + + ### Build a schema into an artifact A schema can be optionally created prior to building a collection. Collections can then reference an already built schema or no schema at all. diff --git a/cmd/client/commands/build_collection.go b/cmd/client/commands/build_collection.go index 2e45b13d..b9390bf7 100644 --- a/cmd/client/commands/build_collection.go +++ b/cmd/client/commands/build_collection.go @@ -88,6 +88,10 @@ func (o *BuildCollectionOptions) Validate() error { } func (o *BuildCollectionOptions) Run(ctx context.Context) error { + if err := o.Remote.LoadRegistryConfig(); err != nil { + return err + } + space, err := workspace.NewLocalWorkspace(o.RootDir) if err != nil { return err @@ -106,6 +110,7 @@ func (o *BuildCollectionOptions) Run(ctx context.Context) error { orasclient.SkipTLSVerify(o.Insecure), orasclient.WithAuthConfigs(o.Configs), orasclient.WithPlainHTTP(o.PlainHTTP), + orasclient.WithRegistryConfig(o.RegistryConfig), } if !o.NoVerify { diff --git a/cmd/client/commands/options/common.go b/cmd/client/commands/options/common.go index 2a8370f0..694fcc87 100644 --- a/cmd/client/commands/options/common.go +++ b/cmd/client/commands/options/common.go @@ -32,7 +32,7 @@ func (o *Common) BindFlags(fs *pflag.FlagSet) { "Log level (debug, info, warn, error, fatal)") } -// Init initializes default values for Common options. +// Init initializes default values for Common options at runtime. func (o *Common) Init() error { logger, err := log.NewLogrusLogger(o.IOStreams.Out, o.LogLevel) if err != nil { diff --git a/cmd/client/commands/options/remote.go b/cmd/client/commands/options/remote.go index fefc49fe..2b13b777 100644 --- a/cmd/client/commands/options/remote.go +++ b/cmd/client/commands/options/remote.go @@ -1,11 +1,19 @@ package options -import "github.com/spf13/pflag" +import ( + "errors" + + "github.com/spf13/pflag" + "github.com/spf13/viper" + + "github.com/uor-framework/uor-client-go/registryclient" +) // Remote describes remote configuration options that can be set. type Remote struct { - Insecure bool - PlainHTTP bool + Insecure bool + PlainHTTP bool + RegistryConfig registryclient.RegistryConfig } // BindFlags binds options from a flag set to Remote options. @@ -14,6 +22,24 @@ func (o *Remote) BindFlags(fs *pflag.FlagSet) { fs.BoolVarP(&o.PlainHTTP, "plain-http", "", o.PlainHTTP, "use plain http and not https when contacting registries") } +// LoadRegistryConfig loads the registry config from disk. +func (o *Remote) LoadRegistryConfig() error { + viper.SetConfigName("registry-config") + viper.SetConfigType("yaml") + viper.AddConfigPath(".") + viper.AddConfigPath("$HOME/.uor") + err := viper.ReadInConfig() + if err != nil { + var configNotFound viper.ConfigFileNotFoundError + if errors.As(err, &configNotFound) { + return nil + } + return err + } + + return viper.Unmarshal(&o.RegistryConfig) +} + // RemoteAuth describes remote authentication configuration options that can be set. type RemoteAuth struct { Configs []string diff --git a/cmd/client/commands/pull.go b/cmd/client/commands/pull.go index 16dd7cca..d62e74f1 100644 --- a/cmd/client/commands/pull.go +++ b/cmd/client/commands/pull.go @@ -106,6 +106,9 @@ func (o *PullOptions) Validate() error { } func (o *PullOptions) Run(ctx context.Context) error { + if err := o.Remote.LoadRegistryConfig(); err != nil { + return err + } matcher := matchers.PartialAttributeMatcher{} if o.AttributeQuery != "" { @@ -132,8 +135,10 @@ func (o *PullOptions) Run(ctx context.Context) error { orasclient.WithPlainHTTP(o.PlainHTTP), orasclient.WithCache(cache), orasclient.WithPullableAttributes(matcher), + orasclient.WithRegistryConfig(o.RegistryConfig), } + if !o.NoVerify { verificationFn := func(ctx context.Context, reference string) error { o.Logger.Debugf("Checking signature of %s", reference) diff --git a/cmd/client/commands/push.go b/cmd/client/commands/push.go index c72fce94..14a1cda7 100644 --- a/cmd/client/commands/push.go +++ b/cmd/client/commands/push.go @@ -76,10 +76,15 @@ func (o *PushOptions) Run(ctx context.Context) error { return err } + if err := o.Remote.LoadRegistryConfig(); err != nil { + return err + } + client, err := orasclient.NewClient( orasclient.SkipTLSVerify(o.Insecure), orasclient.WithAuthConfigs(o.Configs), orasclient.WithPlainHTTP(o.PlainHTTP), + orasclient.WithRegistryConfig(o.RegistryConfig), ) if err != nil { diff --git a/cmd/client/commands/serve.go b/cmd/client/commands/serve.go index 9775ae39..3850ad3e 100644 --- a/cmd/client/commands/serve.go +++ b/cmd/client/commands/serve.go @@ -72,6 +72,10 @@ func (o *ServeOptions) Validate() error { } func (o *ServeOptions) Run(ctx context.Context) error { + if err := o.Remote.LoadRegistryConfig(); err != nil { + return err + } + ctx, cancel := context.WithCancel(ctx) defer cancel() @@ -86,11 +90,15 @@ func (o *ServeOptions) Run(ctx context.Context) error { manager := defaultmanager.New(cache, o.Logger) opts := collectionmanager.ServiceOptions{ - Insecure: o.Insecure, - PlainHTTP: o.PlainHTTP, - PullCache: cache, + Insecure: o.Insecure, + PlainHTTP: o.PlainHTTP, + PullCache: cache, + RegistryConfig: o.RegistryConfig, + } + service, err := collectionmanager.FromManager(manager, opts) + if err != nil { + return err } - service := collectionmanager.FromManager(manager, opts) // Register the service with the gRPC server managerapi.RegisterCollectionManagerServer(rpc, service) diff --git a/go.mod b/go.mod index 049045d2..c169aaf6 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,10 @@ require ( sigs.k8s.io/yaml v1.3.0 ) -require github.com/sigstore/cosign v1.12.1 +require ( + github.com/sigstore/cosign v1.12.1 + github.com/spf13/viper v1.13.0 +) require ( bitbucket.org/creachadair/shell v0.0.7 // indirect @@ -213,7 +216,6 @@ require ( github.com/soheilhy/cmux v0.1.5 // indirect github.com/spf13/cast v1.5.0 // indirect github.com/spf13/jwalterweatherman v1.1.0 // indirect - github.com/spf13/viper v1.13.0 // indirect github.com/spiffe/go-spiffe/v2 v2.1.1 // indirect github.com/subosito/gotenv v1.4.1 // indirect github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect diff --git a/registryclient/errors.go b/registryclient/errors.go new file mode 100644 index 00000000..b28b75b5 --- /dev/null +++ b/registryclient/errors.go @@ -0,0 +1,12 @@ +package registryclient + +import "fmt" + +// ErrNoAvailableMirrors denotes that all registry mirrors are not accessible. +type ErrNoAvailableMirrors struct { + Registry string +} + +func (e *ErrNoAvailableMirrors) Error() string { + return fmt.Sprintf("registry %q: no avaialble mirrors", e.Registry) +} diff --git a/registryclient/orasclient/options.go b/registryclient/orasclient/options.go index ce7691b0..2d9303bc 100644 --- a/registryclient/orasclient/options.go +++ b/registryclient/orasclient/options.go @@ -2,8 +2,6 @@ package orasclient import ( "context" - "crypto/tls" - "net/http" "sync" ocispec "github.com/opencontainers/image-spec/specs-go/v1" @@ -24,14 +22,16 @@ type ClientOption func(o *ClientConfig) error // ClientConfig contains configuration data for the registry client. type ClientConfig struct { - configs []string - credFn func(context.Context, string) (auth.Credential, error) + outputDir string + configs []string + credFn func(context.Context, string) (auth.Credential, error) + plainHTTP bool + insecure bool + cache content.Store + copyOpts oras.CopyOptions + attributes model.Matcher + registryConfig registryclient.RegistryConfig prePullFn func(context.Context, string) error - plainHTTP bool - insecure bool - cache content.Store - copyOpts oras.CopyOptions - attributes model.Matcher } func (c *ClientConfig) apply(options []ClientOption) error { @@ -62,35 +62,26 @@ func NewClient(options ...ClientOption) (registryclient.Client, error) { return } - // Setup auth client based on config inputs - authClient := &auth.Client{ - Client: &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{ - InsecureSkipVerify: config.insecure, - }, - }, - }, - Cache: auth.NewCache(), - } + client.authCache = auth.NewCache() + client.plainHTTP = config.plainHTTP + client.insecure = config.insecure + client.copyOpts = config.copyOpts + client.destroy = destroy + client.cache = config.cache + client.attributes = config.attributes + client.registryConf = config.registryConfig + client.prePullFn = config.prePullFn if config.credFn != nil { - authClient.Credential = config.credFn + client.credFn = config.credFn } else { store, err := NewAuthStore(config.configs...) if err != nil { return nil, err } - authClient.Credential = store.Credential + client.credFn = store.Credential } - client.authClient = authClient - client.plainHTTP = config.plainHTTP - client.copyOpts = config.copyOpts - client.destroy = destroy - client.cache = config.cache - client.attributes = config.attributes - client.prePullFn = config.prePullFn // We are not allowing this to be configurable since // oras file stores turn artifacts into descriptors in @@ -118,6 +109,16 @@ func WithAuthConfigs(configs []string) ClientOption { } } +// WithRegistryConfig defines the configuration for specific registry +// endpoints. If specified, the configuration for a found registry +// will override WithSkipTLSVerify and WithPlainHTTP. +func WithRegistryConfig(registryConf registryclient.RegistryConfig) ClientOption { + return func(config *ClientConfig) error { + config.registryConfig = registryConf + return nil + } +} + // SkipTLSVerify disables TLS certificate checking. func SkipTLSVerify(insecure bool) ClientOption { return func(config *ClientConfig) error { diff --git a/registryclient/orasclient/oras.go b/registryclient/orasclient/oras.go index 0b290467..ae41c8d9 100644 --- a/registryclient/orasclient/oras.go +++ b/registryclient/orasclient/oras.go @@ -3,9 +3,11 @@ package orasclient import ( "bytes" "context" + "crypto/tls" "errors" "fmt" "io" + "net/http" "path/filepath" "sort" "sync" @@ -16,6 +18,7 @@ import ( "oras.land/oras-go/v2" orascontent "oras.land/oras-go/v2/content" "oras.land/oras-go/v2/content/file" + "oras.land/oras-go/v2/registry" "oras.land/oras-go/v2/registry/remote" "oras.land/oras-go/v2/registry/remote/auth" @@ -30,8 +33,11 @@ import ( ) type orasClient struct { - plainHTTP bool - authClient *auth.Client + plainHTTP bool + insecure bool + authCache auth.Cache + credFn func(context.Context, string) (auth.Credential, error) + registryConf registryclient.RegistryConfig // oras-specific copy options copyOpts oras.CopyOptions // User specified pre-pull actions @@ -121,34 +127,32 @@ func (c *orasClient) LoadCollection(ctx context.Context, reference string) (coll return value.(collection.Collection), nil } - desc, _, err := c.GetManifest(ctx, reference) + repo, err := c.setupRepo(ctx, reference) if err != nil { - return collection.Collection{}, err - } - fetcherFn := func(ctx context.Context, desc ocispec.Descriptor) ([]byte, error) { - return c.GetContent(ctx, reference, desc) + return collection.Collection{}, fmt.Errorf("could not create registry target: %w", err) } - co := collection.New(reference) - if err := collectionloader.LoadFromManifest(ctx, co, fetcherFn, desc); err != nil { + + graph, err := loadCollection(ctx, repo, reference) + if err != nil { return collection.Collection{}, err } - co.Location = reference - c.collections.Store(reference, *co) - return *co, nil + c.collections.Store(reference, graph) + + return graph, nil } // Pull performs a copy of OCI artifacts to a local location from a remote location. -func (c *orasClient) Pull(ctx context.Context, ref string, store content.Store) (ocispec.Descriptor, []ocispec.Descriptor, error) { +func (c *orasClient) Pull(ctx context.Context, reference string, store content.Store) (ocispec.Descriptor, []ocispec.Descriptor, error) { var allDescs []ocispec.Descriptor if c.prePullFn != nil { - if err := c.prePullFn(ctx, ref); err != nil { + if err := c.prePullFn(ctx, reference); err != nil { return ocispec.Descriptor{}, nil, err } } var from oras.Target - repo, err := c.setupRepo(ref) + repo, err := c.setupRepo(ctx, reference) if err != nil { return ocispec.Descriptor{}, allDescs, fmt.Errorf("could not create registry target: %w", err) } @@ -158,9 +162,18 @@ func (c *orasClient) Pull(ctx context.Context, ref string, store content.Store) from = cache.New(repo, c.cache) } - graph, err := c.LoadCollection(ctx, ref) - if err != nil { - return ocispec.Descriptor{}, allDescs, err + // Load the collection manifest from remote or + // the collection cache + var graph collection.Collection + value, exists := c.collections.Load(reference) + if exists { + graph = value.(collection.Collection) + } else { + graph, err = loadCollection(ctx, repo, reference) + if err != nil { + return ocispec.Descriptor{}, allDescs, err + } + c.collections.Store(reference, graph) } // Filter the collection per the matcher criteria @@ -234,7 +247,7 @@ func (c *orasClient) Pull(ctx context.Context, ref string, store content.Store) cCopyOpts := c.copyOpts cCopyOpts.FindSuccessors = successorFn - desc, err := oras.Copy(ctx, from, ref, store, ref, cCopyOpts) + desc, err := oras.Copy(ctx, from, reference, store, reference, cCopyOpts) if err != nil { return ocispec.Descriptor{}, allDescs, err } @@ -243,18 +256,17 @@ func (c *orasClient) Pull(ctx context.Context, ref string, store content.Store) } // Push performs a copy of OCI artifacts to a remote location. -func (c *orasClient) Push(ctx context.Context, store content.Store, ref string) (ocispec.Descriptor, error) { - repo, err := c.setupRepo(ref) +func (c *orasClient) Push(ctx context.Context, store content.Store, reference string) (ocispec.Descriptor, error) { + repo, err := c.setupRepo(ctx, reference) if err != nil { return ocispec.Descriptor{}, fmt.Errorf("could not create registry target: %w", err) } - - return oras.Copy(ctx, store, ref, repo, ref, c.copyOpts) + return oras.Copy(ctx, store, reference, repo, reference, c.copyOpts) } // GetManifest returns the manifest the reference resolves to. func (c *orasClient) GetManifest(ctx context.Context, reference string) (ocispec.Descriptor, io.ReadCloser, error) { - repo, err := c.setupRepo(reference) + repo, err := c.setupRepo(ctx, reference) if err != nil { return ocispec.Descriptor{}, nil, fmt.Errorf("could not create registry target: %w", err) } @@ -263,15 +275,11 @@ func (c *orasClient) GetManifest(ctx context.Context, reference string) (ocispec // GetContent retrieves the content for a specified descriptor at a specified reference. func (c *orasClient) GetContent(ctx context.Context, reference string, desc ocispec.Descriptor) ([]byte, error) { - repo, err := c.setupRepo(reference) + repo, err := c.setupRepo(ctx, reference) if err != nil { return nil, fmt.Errorf("could not create registry target: %w", err) } - r, err := repo.Fetch(ctx, desc) - if err != nil { - return nil, err - } - return orascontent.ReadAll(r, desc) + return getContent(ctx, desc, repo) } // Store returns the source storage being used to store @@ -294,15 +302,43 @@ func (c *orasClient) checkFileStore() error { return nil } +// authClient configures a new auth client with a given configuration. +func (c *orasClient) authClient(insecure bool) *auth.Client { + return &auth.Client{ + Client: &http.Client{ + Transport: &http.Transport{ + TLSClientConfig: &tls.Config{ + InsecureSkipVerify: insecure, + }, + }, + }, + Cache: c.authCache, + Credential: c.credFn, + } +} + // setupRepo configures the client to access the remote repository. -func (c *orasClient) setupRepo(ref string) (*remote.Repository, error) { - repo, err := remote.NewRepository(ref) +func (c *orasClient) setupRepo(ctx context.Context, reference string) (registry.Repository, error) { + registryConfig, err := registryclient.FindRegistry(c.registryConf, reference) + if err != nil { + return nil, err + } + + repo, err := remote.NewRepository(reference) if err != nil { return nil, fmt.Errorf("could not create registry target: %w", err) } - repo.PlainHTTP = c.plainHTTP - repo.Client = c.authClient - return repo, nil + + switch { + case registryConfig == nil: + repo.PlainHTTP = c.plainHTTP + repo.Client = c.authClient(c.insecure) + return repo, nil + default: + repo.PlainHTTP = registryConfig.PlainHTTP + repo.Client = c.authClient(registryConfig.SkipTLS) + return repo, nil + } } // loadFiles stores files in a file store and creates descriptors representing each file in the store. @@ -346,3 +382,29 @@ func getDefaultMediaType(file string) (string, error) { } return mType.String(), nil } + +// loadCollection is a helper function that allows a collection to be loaded with a given repository. +func loadCollection(ctx context.Context, repo registry.Repository, reference string) (collection.Collection, error) { + desc, err := repo.Resolve(ctx, reference) + if err != nil { + return collection.Collection{}, err + } + fetcherFn := func(ctx context.Context, desc ocispec.Descriptor) ([]byte, error) { + return getContent(ctx, desc, repo) + } + co := collection.New(reference) + if err := collectionloader.LoadFromManifest(ctx, co, fetcherFn, desc); err != nil { + return collection.Collection{}, err + } + co.Location = reference + return *co, nil +} + +// getContent is a helper function that allows content to be retrieved with a given repository. +func getContent(ctx context.Context, desc ocispec.Descriptor, repo registry.Repository) ([]byte, error) { + r, err := repo.Fetch(ctx, desc) + if err != nil { + return nil, err + } + return orascontent.ReadAll(r, desc) +} diff --git a/registryclient/orasclient/oras_test.go b/registryclient/orasclient/oras_test.go index 358b24a2..e98b1e65 100644 --- a/registryclient/orasclient/oras_test.go +++ b/registryclient/orasclient/oras_test.go @@ -18,6 +18,7 @@ import ( "github.com/uor-framework/uor-client-go/attributes" "github.com/uor-framework/uor-client-go/attributes/matchers" "github.com/uor-framework/uor-client-go/ocimanifest" + "github.com/uor-framework/uor-client-go/registryclient" ) func TestAddFiles(t *testing.T) { @@ -162,7 +163,7 @@ func TestPushPull(t *testing.T) { require.NoError(t, c.Destroy()) }) - t.Run("Success/PullFilteredCollection", func(t *testing.T) { + t.Run("Success/FilteredCollection", func(t *testing.T) { expDigest := "" matcher := matchers.PartialAttributeMatcher{"test": attributes.NewString("test", "fail")} c, err := NewClient(WithPlainHTTP(true), WithPullableAttributes(matcher)) @@ -221,11 +222,88 @@ func TestPushPull(t *testing.T) { require.NoError(t, c.Destroy()) }) + t.Run("Success/PushWithRegistryConfig", func(t *testing.T) { + cache := memory.New() + expDigest := "sha256:98f36e12e9dbacfbb10b9d1f32a46641eb42de588e54cfd7e8627d950ae8140a" + config := registryclient.RegistryConfig{ + Registries: []registryclient.Registry{ + { + Prefix: u.Host, + Endpoint: registryclient.Endpoint{ + PlainHTTP: true, + Location: u.Host, + }, + }, + }, + } + c, err := NewClient(WithRegistryConfig(config), WithCache(cache)) + require.NoError(t, err) + descs, err := c.AddFiles(ctx, "", testdata) + require.NoError(t, err) + configDesc, err := c.AddContent(ctx, ocimanifest.UORConfigMediaType, []byte("{}"), nil) + require.NoError(t, err) + + mdesc, err := c.AddManifest(ctx, ref, configDesc, nil, descs...) + require.NoError(t, err) + source, err := c.Store() + require.NoError(t, err) + + desc, err := c.Push(context.TODO(), source, ref) + require.NoError(t, err) + require.Equal(t, mdesc.Digest.String(), desc.Digest.String()) + require.Equal(t, expDigest, desc.Digest.String()) + require.NoError(t, c.Destroy()) + }) + + t.Run("Success/PullWithRegistryConfig", func(t *testing.T) { + expDigest := "sha256:98f36e12e9dbacfbb10b9d1f32a46641eb42de588e54cfd7e8627d950ae8140a" + config := registryclient.RegistryConfig{ + Registries: []registryclient.Registry{ + { + Prefix: u.Host, + Endpoint: registryclient.Endpoint{ + PlainHTTP: true, + Location: u.Host, + }, + }, + }, + } + c, err := NewClient(WithRegistryConfig(config)) + require.NoError(t, err) + root, descs, err := c.Pull(context.TODO(), ref, memory.New()) + require.NoError(t, err) + require.Equal(t, expDigest, root.Digest.String()) + require.Len(t, descs, 4) + require.NoError(t, c.Destroy()) + }) + + t.Run("Success/PullWithRegistryConfigNoMatch", func(t *testing.T) { + expDigest := "sha256:98f36e12e9dbacfbb10b9d1f32a46641eb42de588e54cfd7e8627d950ae8140a" + config := registryclient.RegistryConfig{ + Registries: []registryclient.Registry{ + { + Prefix: "anotherhost", + Endpoint: registryclient.Endpoint{ + PlainHTTP: false, + Location: "another-host", + }, + }, + }, + } + c, err := NewClient(WithRegistryConfig(config), WithPlainHTTP(true)) + require.NoError(t, err) + root, descs, err := c.Pull(context.TODO(), ref, memory.New()) + require.NoError(t, err) + require.Equal(t, expDigest, root.Digest.String()) + require.Len(t, descs, 4) + require.NoError(t, c.Destroy()) + }) + t.Run("Failure/ImageDoesNotExist", func(t *testing.T) { c, err := NewClient(WithPlainHTTP(true)) require.NoError(t, err) _, _, err = c.Pull(context.TODO(), notExistRef, memory.New()) - require.EqualError(t, err, fmt.Sprintf("%s: not found", notExistTag)) + require.EqualError(t, err, fmt.Sprintf("%s: not found", notExistRef)) require.NoError(t, c.Destroy()) }) diff --git a/registryclient/registries.go b/registryclient/registries.go new file mode 100644 index 00000000..689ce3a2 --- /dev/null +++ b/registryclient/registries.go @@ -0,0 +1,76 @@ +package registryclient + +import ( + "regexp" + "strings" +) + +// This configuration is slightly modified and paired down version of the registries.conf. +// Source https://github.com/containers/image/blob/main/pkg/sysregistriesv2/system_registries_v2.go. +// More information on why this does not just use the `containers/system_registries_v2` library. +// While this library has a lot of overlapping functionality, it has more functionality than we +// need, and it makes sense to use the `containers` registry client which we are not. Search registries +// will eventually be a used in this library, but will be resolved and related to collection attributes +// and not short names. + +// Endpoint describes a remote location of a registry. +type Endpoint struct { + // The endpoint's remote location. + Location string `mapstructure:"location" json:"location"` + // If true, certs verification will be skipped. + SkipTLS bool `mapstructure:"skipTLS" json:"skipTLS"` + // If true, the client will use HTTP to + // connect to the registry. + PlainHTTP bool `mapstructure:"plainHTTP" json:"plainHTTP"` +} + +// Registry represents a registry. +type Registry struct { + // Prefix is used for endpoint matching. + Prefix string `mapstructure:"prefix" json:"prefix"` + // A registry is an Endpoint too + Endpoint `mapstructure:",squash" json:",inline"` +} + +// RegistryConfig is a configuration to configure multiple +// registry endpoints. +type RegistryConfig struct { + Registries []Registry `mapstructure:"registries" json:"registries"` +} + +// FindRegistry returns the registry from the registry config that +// matches the reference. +func FindRegistry(registryConfig RegistryConfig, ref string) (*Registry, error) { + reg := Registry{} + prefixLen := 0 + + for _, r := range registryConfig.Registries { + match := r.Prefix + if match == "" { + match = r.Location + } + prefixExp, err := regexp.Compile(validPrefix(match)) + if err != nil { + return nil, err + } + if prefixExp.MatchString(ref) { + if len(match) > prefixLen { + reg = r + prefixLen = len(match) + } + } + } + if prefixLen != 0 { + return ®, nil + } + return nil, nil +} + +// validPrefix will check the registry prefix value +// and return a valid regex. +func validPrefix(regPrefix string) string { + if strings.HasPrefix(regPrefix, "*") { + return strings.Replace(regPrefix, "*", ".*", -1) + } + return regPrefix +} diff --git a/registryclient/registries_test.go b/registryclient/registries_test.go new file mode 100644 index 00000000..9822e274 --- /dev/null +++ b/registryclient/registries_test.go @@ -0,0 +1,127 @@ +package registryclient + +import ( + "testing" + + "github.com/stretchr/testify/require" +) + +func TestFindRegistry(t *testing.T) { + type spec struct { + name string + cfg RegistryConfig + inRef string + expError string + expReg Registry + } + cases := []spec{ + { + name: "Success/OneMatch", + cfg: RegistryConfig{ + Registries: []Registry{ + { + Prefix: "*.example.com", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + { + Prefix: "*.not.com", + Endpoint: Endpoint{ + SkipTLS: false, + }, + }, + }, + }, + inRef: "reg.example.com", + expReg: Registry{ + Prefix: "*.example.com", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + }, + { + name: "Success/MultipleMatches", + cfg: RegistryConfig{ + Registries: []Registry{ + { + Prefix: "*.example.com", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + { + Prefix: "*", + Endpoint: Endpoint{ + SkipTLS: false, + }, + }, + }, + }, + inRef: "reg.example.com", + expReg: Registry{ + Prefix: "*.example.com", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + }, + { + name: "Success/SubDomainWildcard", + cfg: RegistryConfig{ + Registries: []Registry{ + { + Prefix: "reg.example.*", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + { + Prefix: "*", + Endpoint: Endpoint{ + SkipTLS: false, + }, + }, + }, + }, + inRef: "reg.example.com", + expReg: Registry{ + Prefix: "reg.example.*", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + }, + { + name: "Success/NotMatch", + cfg: RegistryConfig{ + Registries: []Registry{ + { + Prefix: "*.not.com", + Endpoint: Endpoint{ + SkipTLS: true, + }, + }, + }, + }, + inRef: "reg.example.com", + expReg: Registry{}, + }, + } + for _, c := range cases { + t.Run(c.name, func(t *testing.T) { + reg, err := FindRegistry(c.cfg, c.inRef) + if c.expError != "" { + require.EqualError(t, err, c.expError) + } else { + require.NoError(t, err) + if c.expReg.Prefix == "" { + require.Equal(t, (*Registry)(nil), reg) + } else { + require.Equal(t, c.expReg, *reg) + } + } + }) + } +} diff --git a/services/collectionmanager/service.go b/services/collectionmanager/service.go index e0331aca..73b909da 100644 --- a/services/collectionmanager/service.go +++ b/services/collectionmanager/service.go @@ -2,7 +2,7 @@ package collectionmanager import ( "context" - "fmt" + "os" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" @@ -13,7 +13,9 @@ import ( "github.com/uor-framework/uor-client-go/attributes/matchers" "github.com/uor-framework/uor-client-go/config" "github.com/uor-framework/uor-client-go/content" + "github.com/uor-framework/uor-client-go/log" "github.com/uor-framework/uor-client-go/manager" + "github.com/uor-framework/uor-client-go/registryclient" "github.com/uor-framework/uor-client-go/registryclient/orasclient" "github.com/uor-framework/uor-client-go/util/workspace" ) @@ -29,17 +31,26 @@ type service struct { // ServiceOptions configure the collection manager service with default remote // and collection caching options. type ServiceOptions struct { - Insecure bool - PlainHTTP bool - PullCache content.Store + Insecure bool + PlainHTTP bool + PullCache content.Store + Logger log.Logger + RegistryConfig registryclient.RegistryConfig } // FromManager returns a CollectionManager API server from a Manager type. -func FromManager(mg manager.Manager, serviceOptions ServiceOptions) managerapi.CollectionManagerServer { +func FromManager(mg manager.Manager, serviceOptions ServiceOptions) (managerapi.CollectionManagerServer, error) { + if serviceOptions.Logger == nil { + logger, err := log.NewLogrusLogger(os.Stderr, "debug") + if err != nil { + return nil, err + } + serviceOptions.Logger = logger + } return &service{ mg: mg, options: serviceOptions, - } + }, nil } // PublishContent publishes collection content to a storage provide based on client input. @@ -49,13 +60,15 @@ func (s *service) PublishContent(ctx context.Context, message *managerapi.Publis orasclient.WithCache(s.options.PullCache), orasclient.WithPlainHTTP(s.options.PlainHTTP), orasclient.WithCredentialFunc(authConf.Credential), - orasclient.SkipTLSVerify(s.options.Insecure)) + orasclient.SkipTLSVerify(s.options.Insecure), + orasclient.WithRegistryConfig(s.options.RegistryConfig), + ) if err != nil { return &managerapi.Publish_Response{}, status.Error(codes.Internal, err.Error()) } defer func() { if err := client.Destroy(); err != nil { - fmt.Println(err.Error()) + s.options.Logger.Errorf(err.Error()) } }() @@ -120,13 +133,14 @@ func (s *service) RetrieveContent(ctx context.Context, message *managerapi.Retri orasclient.WithPlainHTTP(s.options.PlainHTTP), orasclient.SkipTLSVerify(s.options.Insecure), orasclient.WithPullableAttributes(matcher), + orasclient.WithRegistryConfig(s.options.RegistryConfig), ) if err != nil { return &managerapi.Retrieve_Response{}, status.Error(codes.Internal, err.Error()) } defer func() { if err := client.Destroy(); err != nil { - fmt.Println(err.Error()) + s.options.Logger.Errorf(err.Error()) } }() diff --git a/services/collectionmanager/service_test.go b/services/collectionmanager/service_test.go index a31454d0..9ebbe881 100644 --- a/services/collectionmanager/service_test.go +++ b/services/collectionmanager/service_test.go @@ -110,7 +110,8 @@ func TestCollectionManagerServer_All(t *testing.T) { require.NoError(t, err) manager := defaultmanager.New(testContentStore{Store: memory.New()}, testlogr) - srv := FromManager(manager, ServiceOptions{PlainHTTP: true}) + srv, err := FromManager(manager, ServiceOptions{PlainHTTP: true}) + require.NoError(t, err) conn, err := grpc.DialContext(ctx, "", grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithContextDialer(dialer(srv))) require.NoError(t, err) From db906d10074b8e738fe21e4e7109ebfa8cbd6a03 Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Thu, 20 Oct 2022 14:28:31 -0400 Subject: [PATCH 2/6] feat: adds registry config section to gRPC API Allows the registry-config.yaml to be used on the client-side only Signed-off-by: Jennifer Power --- .../collectionmanager/v1alpha1/manager.pb.go | 287 ++++++++++++------ .../collectionmanager/v1alpha1/manager.proto | 17 +- cmd/client/commands/serve.go | 13 +- registryclient/registries.go | 4 +- services/collectionmanager/service.go | 50 +-- services/collectionmanager/service_test.go | 8 +- 6 files changed, 241 insertions(+), 138 deletions(-) diff --git a/api/services/collectionmanager/v1alpha1/manager.pb.go b/api/services/collectionmanager/v1alpha1/manager.pb.go index f418fe5b..1a8ae4c5 100644 --- a/api/services/collectionmanager/v1alpha1/manager.pb.go +++ b/api/services/collectionmanager/v1alpha1/manager.pb.go @@ -336,6 +336,70 @@ func (x *File) GetAttributes() *_struct.Struct { return nil } +// RegistryConfig configuration contains configuration information for connecting to a registry. +type RegistryConfig struct { + state protoimpl.MessageState + sizeCache protoimpl.SizeCache + unknownFields protoimpl.UnknownFields + + PlainHttp bool `protobuf:"varint,2,opt,name=plain_http,json=plainHttp,proto3" json:"plain_http,omitempty"` + SkipTlsVerify bool `protobuf:"varint,3,opt,name=skip_tls_verify,json=skipTlsVerify,proto3" json:"skip_tls_verify,omitempty"` + Auth *AuthConfig `protobuf:"bytes,4,opt,name=auth,proto3" json:"auth,omitempty"` +} + +func (x *RegistryConfig) Reset() { + *x = RegistryConfig{} + if protoimpl.UnsafeEnabled { + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[5] + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + ms.StoreMessageInfo(mi) + } +} + +func (x *RegistryConfig) String() string { + return protoimpl.X.MessageStringOf(x) +} + +func (*RegistryConfig) ProtoMessage() {} + +func (x *RegistryConfig) ProtoReflect() protoreflect.Message { + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[5] + if protoimpl.UnsafeEnabled && x != nil { + ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) + if ms.LoadMessageInfo() == nil { + ms.StoreMessageInfo(mi) + } + return ms + } + return mi.MessageOf(x) +} + +// Deprecated: Use RegistryConfig.ProtoReflect.Descriptor instead. +func (*RegistryConfig) Descriptor() ([]byte, []int) { + return file_api_services_collectionmanager_v1alpha1_manager_proto_rawDescGZIP(), []int{5} +} + +func (x *RegistryConfig) GetPlainHttp() bool { + if x != nil { + return x.PlainHttp + } + return false +} + +func (x *RegistryConfig) GetSkipTlsVerify() bool { + if x != nil { + return x.SkipTlsVerify + } + return false +} + +func (x *RegistryConfig) GetAuth() *AuthConfig { + if x != nil { + return x.Auth + } + return nil +} + // AuthConfig contains authorization information for connecting to a registry. type AuthConfig struct { state protoimpl.MessageState @@ -352,7 +416,7 @@ type AuthConfig struct { func (x *AuthConfig) Reset() { *x = AuthConfig{} if protoimpl.UnsafeEnabled { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[5] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[6] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -365,7 +429,7 @@ func (x *AuthConfig) String() string { func (*AuthConfig) ProtoMessage() {} func (x *AuthConfig) ProtoReflect() protoreflect.Message { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[5] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[6] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -378,7 +442,7 @@ func (x *AuthConfig) ProtoReflect() protoreflect.Message { // Deprecated: Use AuthConfig.ProtoReflect.Descriptor instead. func (*AuthConfig) Descriptor() ([]byte, []int) { - return file_api_services_collectionmanager_v1alpha1_manager_proto_rawDescGZIP(), []int{5} + return file_api_services_collectionmanager_v1alpha1_manager_proto_rawDescGZIP(), []int{6} } func (x *AuthConfig) GetUsername() string { @@ -424,13 +488,13 @@ type Retrieve_Request struct { Source string `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"` Destination string `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"` Filter *_struct.Struct `protobuf:"bytes,3,opt,name=filter,proto3" json:"filter,omitempty"` - Auth *AuthConfig `protobuf:"bytes,4,opt,name=auth,proto3" json:"auth,omitempty"` + Config *RegistryConfig `protobuf:"bytes,4,opt,name=config,proto3" json:"config,omitempty"` } func (x *Retrieve_Request) Reset() { *x = Retrieve_Request{} if protoimpl.UnsafeEnabled { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[6] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[7] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -443,7 +507,7 @@ func (x *Retrieve_Request) String() string { func (*Retrieve_Request) ProtoMessage() {} func (x *Retrieve_Request) ProtoReflect() protoreflect.Message { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[6] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[7] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -480,9 +544,9 @@ func (x *Retrieve_Request) GetFilter() *_struct.Struct { return nil } -func (x *Retrieve_Request) GetAuth() *AuthConfig { +func (x *Retrieve_Request) GetConfig() *RegistryConfig { if x != nil { - return x.Auth + return x.Config } return nil } @@ -499,7 +563,7 @@ type Retrieve_Response struct { func (x *Retrieve_Response) Reset() { *x = Retrieve_Response{} if protoimpl.UnsafeEnabled { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[7] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[8] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -512,7 +576,7 @@ func (x *Retrieve_Response) String() string { func (*Retrieve_Response) ProtoMessage() {} func (x *Retrieve_Response) ProtoReflect() protoreflect.Message { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[7] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[8] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -547,16 +611,16 @@ type Publish_Request struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - Source string `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"` - Destination string `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"` - Collection *Collection `protobuf:"bytes,3,opt,name=collection,proto3" json:"collection,omitempty"` - Auth *AuthConfig `protobuf:"bytes,4,opt,name=auth,proto3" json:"auth,omitempty"` + Source string `protobuf:"bytes,1,opt,name=source,proto3" json:"source,omitempty"` + Destination string `protobuf:"bytes,2,opt,name=destination,proto3" json:"destination,omitempty"` + Collection *Collection `protobuf:"bytes,3,opt,name=collection,proto3" json:"collection,omitempty"` + Config *RegistryConfig `protobuf:"bytes,4,opt,name=config,proto3" json:"config,omitempty"` } func (x *Publish_Request) Reset() { *x = Publish_Request{} if protoimpl.UnsafeEnabled { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[8] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[9] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -569,7 +633,7 @@ func (x *Publish_Request) String() string { func (*Publish_Request) ProtoMessage() {} func (x *Publish_Request) ProtoReflect() protoreflect.Message { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[8] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[9] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -606,9 +670,9 @@ func (x *Publish_Request) GetCollection() *Collection { return nil } -func (x *Publish_Request) GetAuth() *AuthConfig { +func (x *Publish_Request) GetConfig() *RegistryConfig { if x != nil { - return x.Auth + return x.Config } return nil } @@ -625,7 +689,7 @@ type Publish_Response struct { func (x *Publish_Response) Reset() { *x = Publish_Response{} if protoimpl.UnsafeEnabled { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[9] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[10] ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) ms.StoreMessageInfo(mi) } @@ -638,7 +702,7 @@ func (x *Publish_Response) String() string { func (*Publish_Response) ProtoMessage() {} func (x *Publish_Response) ProtoReflect() protoreflect.Message { - mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[9] + mi := &file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[10] if protoimpl.UnsafeEnabled && x != nil { ms := protoimpl.X.MessageStateOf(protoimpl.Pointer(x)) if ms.LoadMessageInfo() == nil { @@ -687,35 +751,36 @@ var file_api_services_collectionmanager_v1alpha1_manager_proto_rawDesc = []byte{ 0x09, 0x52, 0x06, 0x64, 0x65, 0x74, 0x61, 0x69, 0x6c, 0x22, 0x2f, 0x0a, 0x08, 0x53, 0x65, 0x76, 0x65, 0x72, 0x69, 0x74, 0x79, 0x12, 0x0b, 0x0a, 0x07, 0x49, 0x4e, 0x56, 0x41, 0x4c, 0x49, 0x44, 0x10, 0x00, 0x12, 0x09, 0x0a, 0x05, 0x45, 0x52, 0x52, 0x4f, 0x52, 0x10, 0x01, 0x12, 0x0b, 0x0a, - 0x07, 0x57, 0x41, 0x52, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x22, 0x87, 0x02, 0x0a, 0x08, 0x52, - 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x1a, 0x9d, 0x01, 0x0a, 0x07, 0x52, 0x65, 0x71, 0x75, + 0x07, 0x57, 0x41, 0x52, 0x4e, 0x49, 0x4e, 0x47, 0x10, 0x02, 0x22, 0x8f, 0x02, 0x0a, 0x08, 0x52, + 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x1a, 0xa5, 0x01, 0x0a, 0x07, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x2f, 0x0a, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, - 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x27, - 0x0a, 0x04, 0x61, 0x75, 0x74, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, - 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, - 0x67, 0x52, 0x04, 0x61, 0x75, 0x74, 0x68, 0x1a, 0x5b, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x70, 0x6f, - 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x73, 0x18, 0x01, - 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x73, 0x12, 0x35, 0x0a, - 0x0b, 0x64, 0x69, 0x61, 0x67, 0x6e, 0x6f, 0x73, 0x74, 0x69, 0x63, 0x73, 0x18, 0x02, 0x20, 0x03, - 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x44, 0x69, 0x61, - 0x67, 0x6e, 0x6f, 0x73, 0x74, 0x69, 0x63, 0x52, 0x0b, 0x64, 0x69, 0x61, 0x67, 0x6e, 0x6f, 0x73, - 0x74, 0x69, 0x63, 0x73, 0x22, 0x88, 0x02, 0x0a, 0x07, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, - 0x1a, 0xa1, 0x01, 0x0a, 0x07, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, - 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x6f, - 0x75, 0x72, 0x63, 0x65, 0x12, 0x20, 0x0a, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, - 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x69, - 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, 0x0a, 0x0a, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, - 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, - 0x61, 0x67, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, - 0x0a, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x27, 0x0a, 0x04, 0x61, - 0x75, 0x74, 0x68, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, - 0x67, 0x65, 0x72, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x04, - 0x61, 0x75, 0x74, 0x68, 0x1a, 0x59, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x53, 0x74, 0x72, 0x75, 0x63, 0x74, 0x52, 0x06, 0x66, 0x69, 0x6c, 0x74, 0x65, 0x72, 0x12, 0x2f, + 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, + 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, + 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x1a, + 0x5b, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x18, 0x0a, 0x07, 0x64, + 0x69, 0x67, 0x65, 0x73, 0x74, 0x73, 0x18, 0x01, 0x20, 0x03, 0x28, 0x09, 0x52, 0x07, 0x64, 0x69, + 0x67, 0x65, 0x73, 0x74, 0x73, 0x12, 0x35, 0x0a, 0x0b, 0x64, 0x69, 0x61, 0x67, 0x6e, 0x6f, 0x73, + 0x74, 0x69, 0x63, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, + 0x61, 0x67, 0x65, 0x72, 0x2e, 0x44, 0x69, 0x61, 0x67, 0x6e, 0x6f, 0x73, 0x74, 0x69, 0x63, 0x52, + 0x0b, 0x64, 0x69, 0x61, 0x67, 0x6e, 0x6f, 0x73, 0x74, 0x69, 0x63, 0x73, 0x22, 0x90, 0x02, 0x0a, + 0x07, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x1a, 0xa9, 0x01, 0x0a, 0x07, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x12, 0x16, 0x0a, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x18, 0x01, + 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x12, 0x20, 0x0a, 0x0b, + 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x02, 0x20, 0x01, 0x28, + 0x09, 0x52, 0x0b, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x12, 0x33, + 0x0a, 0x0a, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x18, 0x03, 0x20, 0x01, + 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x43, 0x6f, 0x6c, + 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x52, 0x0a, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, + 0x69, 0x6f, 0x6e, 0x12, 0x2f, 0x0a, 0x06, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x18, 0x04, 0x20, + 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x65, + 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x06, 0x63, 0x6f, + 0x6e, 0x66, 0x69, 0x67, 0x1a, 0x59, 0x0a, 0x08, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x12, 0x16, 0x0a, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, 0x06, 0x64, 0x69, 0x67, 0x65, 0x73, 0x74, 0x12, 0x35, 0x0a, 0x0b, 0x64, 0x69, 0x61, 0x67, 0x6e, 0x6f, 0x73, 0x74, 0x69, 0x63, 0x73, 0x18, 0x02, 0x20, 0x03, 0x28, 0x0b, 0x32, 0x13, 0x2e, @@ -734,35 +799,43 @@ var file_api_services_collectionmanager_v1alpha1_manager_proto_rawDesc = []byte{ 0x04, 0x66, 0x69, 0x6c, 0x65, 0x12, 0x37, 0x0a, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x17, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x53, 0x74, 0x72, 0x75, - 0x63, 0x74, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x22, 0xb3, - 0x01, 0x0a, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1a, 0x0a, - 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, 0x28, 0x09, 0x52, - 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, 0x70, 0x61, 0x73, - 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, 0x70, 0x61, 0x73, - 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x25, 0x0a, 0x0e, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x5f, - 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x73, - 0x65, 0x72, 0x76, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, 0x21, 0x0a, 0x0c, - 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, 0x04, 0x20, 0x01, - 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x12, - 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, - 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x54, - 0x6f, 0x6b, 0x65, 0x6e, 0x32, 0xa8, 0x01, 0x0a, 0x11, 0x43, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, - 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x12, 0x47, 0x0a, 0x0e, 0x50, 0x75, - 0x62, 0x6c, 0x69, 0x73, 0x68, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x12, 0x18, 0x2e, 0x6d, - 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x2e, 0x52, - 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x19, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, - 0x2e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, - 0x65, 0x22, 0x00, 0x12, 0x4a, 0x0a, 0x0f, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x43, - 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x12, 0x19, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, - 0x2e, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, - 0x74, 0x1a, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x74, 0x72, - 0x69, 0x65, 0x76, 0x65, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x42, - 0x50, 0x5a, 0x4e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x75, 0x6f, - 0x72, 0x2d, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x77, 0x6f, 0x72, 0x6b, 0x2f, 0x75, 0x6f, 0x72, 0x2d, - 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2d, 0x67, 0x6f, 0x2f, 0x61, 0x70, 0x69, 0x2f, 0x73, 0x65, - 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, 0x74, 0x69, 0x6f, - 0x6e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x61, 0x6c, 0x70, 0x68, 0x61, - 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, + 0x63, 0x74, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x22, 0x80, + 0x01, 0x0a, 0x0e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, + 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x6c, 0x61, 0x69, 0x6e, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x18, + 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x70, 0x6c, 0x61, 0x69, 0x6e, 0x48, 0x74, 0x74, 0x70, + 0x12, 0x26, 0x0a, 0x0f, 0x73, 0x6b, 0x69, 0x70, 0x5f, 0x74, 0x6c, 0x73, 0x5f, 0x76, 0x65, 0x72, + 0x69, 0x66, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x73, 0x6b, 0x69, 0x70, 0x54, + 0x6c, 0x73, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x12, 0x27, 0x0a, 0x04, 0x61, 0x75, 0x74, 0x68, + 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, + 0x2e, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x04, 0x61, 0x75, 0x74, + 0x68, 0x22, 0xb3, 0x01, 0x0a, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, + 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, + 0x28, 0x09, 0x52, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x12, 0x1a, 0x0a, 0x08, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x09, 0x52, 0x08, + 0x70, 0x61, 0x73, 0x73, 0x77, 0x6f, 0x72, 0x64, 0x12, 0x25, 0x0a, 0x0e, 0x73, 0x65, 0x72, 0x76, + 0x65, 0x72, 0x5f, 0x61, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, + 0x52, 0x0d, 0x73, 0x65, 0x72, 0x76, 0x65, 0x72, 0x41, 0x64, 0x64, 0x72, 0x65, 0x73, 0x73, 0x12, + 0x21, 0x0a, 0x0c, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x5f, 0x74, 0x6f, 0x6b, 0x65, 0x6e, 0x18, + 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0b, 0x61, 0x63, 0x63, 0x65, 0x73, 0x73, 0x54, 0x6f, 0x6b, + 0x65, 0x6e, 0x12, 0x23, 0x0a, 0x0d, 0x72, 0x65, 0x66, 0x72, 0x65, 0x73, 0x68, 0x5f, 0x74, 0x6f, + 0x6b, 0x65, 0x6e, 0x18, 0x05, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x72, 0x65, 0x66, 0x72, 0x65, + 0x73, 0x68, 0x54, 0x6f, 0x6b, 0x65, 0x6e, 0x32, 0xa8, 0x01, 0x0a, 0x11, 0x43, 0x6f, 0x6c, 0x6c, + 0x65, 0x63, 0x74, 0x69, 0x6f, 0x6e, 0x4d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x12, 0x47, 0x0a, + 0x0e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x12, + 0x18, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, + 0x68, 0x2e, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x1a, 0x19, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x72, 0x2e, 0x50, 0x75, 0x62, 0x6c, 0x69, 0x73, 0x68, 0x2e, 0x52, 0x65, 0x73, 0x70, + 0x6f, 0x6e, 0x73, 0x65, 0x22, 0x00, 0x12, 0x4a, 0x0a, 0x0f, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, + 0x76, 0x65, 0x43, 0x6f, 0x6e, 0x74, 0x65, 0x6e, 0x74, 0x12, 0x19, 0x2e, 0x6d, 0x61, 0x6e, 0x61, + 0x67, 0x65, 0x72, 0x2e, 0x52, 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x2e, 0x52, 0x65, 0x71, + 0x75, 0x65, 0x73, 0x74, 0x1a, 0x1a, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x52, + 0x65, 0x74, 0x72, 0x69, 0x65, 0x76, 0x65, 0x2e, 0x52, 0x65, 0x73, 0x70, 0x6f, 0x6e, 0x73, 0x65, + 0x22, 0x00, 0x42, 0x50, 0x5a, 0x4e, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, + 0x2f, 0x75, 0x6f, 0x72, 0x2d, 0x66, 0x72, 0x61, 0x6d, 0x65, 0x77, 0x6f, 0x72, 0x6b, 0x2f, 0x75, + 0x6f, 0x72, 0x2d, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x2d, 0x67, 0x6f, 0x2f, 0x61, 0x70, 0x69, + 0x2f, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x73, 0x2f, 0x63, 0x6f, 0x6c, 0x6c, 0x65, 0x63, + 0x74, 0x69, 0x6f, 0x6e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2f, 0x76, 0x31, 0x61, 0x6c, + 0x70, 0x68, 0x61, 0x31, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33, } var ( @@ -778,7 +851,7 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_rawDescGZIP() [] } var file_api_services_collectionmanager_v1alpha1_manager_proto_enumTypes = make([]protoimpl.EnumInfo, 1) -var file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes = make([]protoimpl.MessageInfo, 10) +var file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes = make([]protoimpl.MessageInfo, 11) var file_api_services_collectionmanager_v1alpha1_manager_proto_goTypes = []interface{}{ (Diagnostic_Severity)(0), // 0: manager.Diagnostic.Severity (*Diagnostic)(nil), // 1: manager.Diagnostic @@ -786,32 +859,34 @@ var file_api_services_collectionmanager_v1alpha1_manager_proto_goTypes = []inter (*Publish)(nil), // 3: manager.Publish (*Collection)(nil), // 4: manager.Collection (*File)(nil), // 5: manager.File - (*AuthConfig)(nil), // 6: manager.AuthConfig - (*Retrieve_Request)(nil), // 7: manager.Retrieve.Request - (*Retrieve_Response)(nil), // 8: manager.Retrieve.Response - (*Publish_Request)(nil), // 9: manager.Publish.Request - (*Publish_Response)(nil), // 10: manager.Publish.Response - (*_struct.Struct)(nil), // 11: google.protobuf.Struct + (*RegistryConfig)(nil), // 6: manager.RegistryConfig + (*AuthConfig)(nil), // 7: manager.AuthConfig + (*Retrieve_Request)(nil), // 8: manager.Retrieve.Request + (*Retrieve_Response)(nil), // 9: manager.Retrieve.Response + (*Publish_Request)(nil), // 10: manager.Publish.Request + (*Publish_Response)(nil), // 11: manager.Publish.Response + (*_struct.Struct)(nil), // 12: google.protobuf.Struct } var file_api_services_collectionmanager_v1alpha1_manager_proto_depIdxs = []int32{ 0, // 0: manager.Diagnostic.severity:type_name -> manager.Diagnostic.Severity 5, // 1: manager.Collection.files:type_name -> manager.File - 11, // 2: manager.File.attributes:type_name -> google.protobuf.Struct - 11, // 3: manager.Retrieve.Request.filter:type_name -> google.protobuf.Struct - 6, // 4: manager.Retrieve.Request.auth:type_name -> manager.AuthConfig - 1, // 5: manager.Retrieve.Response.diagnostics:type_name -> manager.Diagnostic - 4, // 6: manager.Publish.Request.collection:type_name -> manager.Collection - 6, // 7: manager.Publish.Request.auth:type_name -> manager.AuthConfig - 1, // 8: manager.Publish.Response.diagnostics:type_name -> manager.Diagnostic - 9, // 9: manager.CollectionManager.PublishContent:input_type -> manager.Publish.Request - 7, // 10: manager.CollectionManager.RetrieveContent:input_type -> manager.Retrieve.Request - 10, // 11: manager.CollectionManager.PublishContent:output_type -> manager.Publish.Response - 8, // 12: manager.CollectionManager.RetrieveContent:output_type -> manager.Retrieve.Response - 11, // [11:13] is the sub-list for method output_type - 9, // [9:11] is the sub-list for method input_type - 9, // [9:9] is the sub-list for extension type_name - 9, // [9:9] is the sub-list for extension extendee - 0, // [0:9] is the sub-list for field type_name + 12, // 2: manager.File.attributes:type_name -> google.protobuf.Struct + 7, // 3: manager.RegistryConfig.auth:type_name -> manager.AuthConfig + 12, // 4: manager.Retrieve.Request.filter:type_name -> google.protobuf.Struct + 6, // 5: manager.Retrieve.Request.config:type_name -> manager.RegistryConfig + 1, // 6: manager.Retrieve.Response.diagnostics:type_name -> manager.Diagnostic + 4, // 7: manager.Publish.Request.collection:type_name -> manager.Collection + 6, // 8: manager.Publish.Request.config:type_name -> manager.RegistryConfig + 1, // 9: manager.Publish.Response.diagnostics:type_name -> manager.Diagnostic + 10, // 10: manager.CollectionManager.PublishContent:input_type -> manager.Publish.Request + 8, // 11: manager.CollectionManager.RetrieveContent:input_type -> manager.Retrieve.Request + 11, // 12: manager.CollectionManager.PublishContent:output_type -> manager.Publish.Response + 9, // 13: manager.CollectionManager.RetrieveContent:output_type -> manager.Retrieve.Response + 12, // [12:14] is the sub-list for method output_type + 10, // [10:12] is the sub-list for method input_type + 10, // [10:10] is the sub-list for extension type_name + 10, // [10:10] is the sub-list for extension extendee + 0, // [0:10] is the sub-list for field type_name } func init() { file_api_services_collectionmanager_v1alpha1_manager_proto_init() } @@ -881,7 +956,7 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_init() { } } file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[5].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*AuthConfig); i { + switch v := v.(*RegistryConfig); i { case 0: return &v.state case 1: @@ -893,7 +968,7 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_init() { } } file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[6].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Retrieve_Request); i { + switch v := v.(*AuthConfig); i { case 0: return &v.state case 1: @@ -905,7 +980,7 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_init() { } } file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[7].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Retrieve_Response); i { + switch v := v.(*Retrieve_Request); i { case 0: return &v.state case 1: @@ -917,7 +992,7 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_init() { } } file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[8].Exporter = func(v interface{}, i int) interface{} { - switch v := v.(*Publish_Request); i { + switch v := v.(*Retrieve_Response); i { case 0: return &v.state case 1: @@ -929,6 +1004,18 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_init() { } } file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[9].Exporter = func(v interface{}, i int) interface{} { + switch v := v.(*Publish_Request); i { + case 0: + return &v.state + case 1: + return &v.sizeCache + case 2: + return &v.unknownFields + default: + return nil + } + } + file_api_services_collectionmanager_v1alpha1_manager_proto_msgTypes[10].Exporter = func(v interface{}, i int) interface{} { switch v := v.(*Publish_Response); i { case 0: return &v.state @@ -947,7 +1034,7 @@ func file_api_services_collectionmanager_v1alpha1_manager_proto_init() { GoPackagePath: reflect.TypeOf(x{}).PkgPath(), RawDescriptor: file_api_services_collectionmanager_v1alpha1_manager_proto_rawDesc, NumEnums: 1, - NumMessages: 10, + NumMessages: 11, NumExtensions: 0, NumServices: 1, }, diff --git a/api/services/collectionmanager/v1alpha1/manager.proto b/api/services/collectionmanager/v1alpha1/manager.proto index c2af9b02..5ef26a34 100644 --- a/api/services/collectionmanager/v1alpha1/manager.proto +++ b/api/services/collectionmanager/v1alpha1/manager.proto @@ -5,11 +5,11 @@ // use protoc to generate stubs for your target language. syntax = "proto3"; +package manager; + import "google/protobuf/struct.proto"; option go_package = "github.com/uor-framework/uor-client-go/api/services/collectionmanager/v1alpha1"; -package manager; - // CollectionManager is an endpoint that can retrieve and publish Collection // contents for clients. service CollectionManager { @@ -35,7 +35,7 @@ message Retrieve { string source = 1; string destination = 2; google.protobuf.Struct filter = 3; - AuthConfig auth = 4; + RegistryConfig config = 4; } message Response { repeated string digests = 1; @@ -48,7 +48,7 @@ message Publish { string source = 1; string destination = 2; Collection collection = 3; - AuthConfig auth = 4; + RegistryConfig config = 4; } message Response { @@ -71,6 +71,13 @@ message File { google.protobuf.Struct attributes = 2; } +// RegistryConfig configuration contains configuration information for connecting to a registry. +message RegistryConfig { + bool plain_http = 2; + bool skip_tls_verify = 3; + AuthConfig auth = 4; +} + // AuthConfig contains authorization information for connecting to a registry. message AuthConfig { string username = 1; @@ -80,3 +87,5 @@ message AuthConfig { string refresh_token = 5; } + + diff --git a/cmd/client/commands/serve.go b/cmd/client/commands/serve.go index 3850ad3e..26333270 100644 --- a/cmd/client/commands/serve.go +++ b/cmd/client/commands/serve.go @@ -27,7 +27,6 @@ import ( type ServeOptions struct { *options.Common SocketLocation string - options.Remote } var clientServeExamples = examples.Example{ @@ -54,8 +53,6 @@ func NewServeCmd(common *options.Common) *cobra.Command { }, } - o.Remote.BindFlags(cmd.Flags()) - return cmd } @@ -72,10 +69,6 @@ func (o *ServeOptions) Validate() error { } func (o *ServeOptions) Run(ctx context.Context) error { - if err := o.Remote.LoadRegistryConfig(); err != nil { - return err - } - ctx, cancel := context.WithCancel(ctx) defer cancel() @@ -90,10 +83,8 @@ func (o *ServeOptions) Run(ctx context.Context) error { manager := defaultmanager.New(cache, o.Logger) opts := collectionmanager.ServiceOptions{ - Insecure: o.Insecure, - PlainHTTP: o.PlainHTTP, - PullCache: cache, - RegistryConfig: o.RegistryConfig, + Logger: o.Logger, + PullCache: cache, } service, err := collectionmanager.FromManager(manager, opts) if err != nil { diff --git a/registryclient/registries.go b/registryclient/registries.go index 689ce3a2..20ed7195 100644 --- a/registryclient/registries.go +++ b/registryclient/registries.go @@ -40,7 +40,7 @@ type RegistryConfig struct { // FindRegistry returns the registry from the registry config that // matches the reference. -func FindRegistry(registryConfig RegistryConfig, ref string) (*Registry, error) { +func FindRegistry(registryConfig RegistryConfig, reference string) (*Registry, error) { reg := Registry{} prefixLen := 0 @@ -53,7 +53,7 @@ func FindRegistry(registryConfig RegistryConfig, ref string) (*Registry, error) if err != nil { return nil, err } - if prefixExp.MatchString(ref) { + if prefixExp.MatchString(reference) { if len(match) > prefixLen { reg = r prefixLen = len(match) diff --git a/services/collectionmanager/service.go b/services/collectionmanager/service.go index 73b909da..e5852166 100644 --- a/services/collectionmanager/service.go +++ b/services/collectionmanager/service.go @@ -15,7 +15,6 @@ import ( "github.com/uor-framework/uor-client-go/content" "github.com/uor-framework/uor-client-go/log" "github.com/uor-framework/uor-client-go/manager" - "github.com/uor-framework/uor-client-go/registryclient" "github.com/uor-framework/uor-client-go/registryclient/orasclient" "github.com/uor-framework/uor-client-go/util/workspace" ) @@ -31,11 +30,8 @@ type service struct { // ServiceOptions configure the collection manager service with default remote // and collection caching options. type ServiceOptions struct { - Insecure bool - PlainHTTP bool - PullCache content.Store - Logger log.Logger - RegistryConfig registryclient.RegistryConfig + Logger log.Logger + PullCache content.Store } // FromManager returns a CollectionManager API server from a Manager type. @@ -55,14 +51,13 @@ func FromManager(mg manager.Manager, serviceOptions ServiceOptions) (managerapi. // PublishContent publishes collection content to a storage provide based on client input. func (s *service) PublishContent(ctx context.Context, message *managerapi.Publish_Request) (*managerapi.Publish_Response, error) { - authConf := authConfig{message.Auth} - client, err := orasclient.NewClient( + clientOpts := []orasclient.ClientOption{ orasclient.WithCache(s.options.PullCache), - orasclient.WithPlainHTTP(s.options.PlainHTTP), - orasclient.WithCredentialFunc(authConf.Credential), - orasclient.SkipTLSVerify(s.options.Insecure), - orasclient.WithRegistryConfig(s.options.RegistryConfig), - ) + } + registryConfig := message.GetConfig() + clientOpts = append(clientOpts, processRegistryConfig(registryConfig)...) + + client, err := orasclient.NewClient(clientOpts...) if err != nil { return &managerapi.Publish_Response{}, status.Error(codes.Internal, err.Error()) } @@ -125,16 +120,15 @@ func (s *service) RetrieveContent(ctx context.Context, message *managerapi.Retri return &managerapi.Retrieve_Response{}, status.Error(codes.Internal, err.Error()) } - authConf := authConfig{message.Auth} var matcher matchers.PartialAttributeMatcher = attrSet.List() - client, err := orasclient.NewClient( + clientOpts := []orasclient.ClientOption{ orasclient.WithCache(s.options.PullCache), - orasclient.WithCredentialFunc(authConf.Credential), - orasclient.WithPlainHTTP(s.options.PlainHTTP), - orasclient.SkipTLSVerify(s.options.Insecure), orasclient.WithPullableAttributes(matcher), - orasclient.WithRegistryConfig(s.options.RegistryConfig), - ) + } + registryConfig := message.GetConfig() + clientOpts = append(clientOpts, processRegistryConfig(registryConfig)...) + + client, err := orasclient.NewClient(clientOpts...) if err != nil { return &managerapi.Retrieve_Response{}, status.Error(codes.Internal, err.Error()) } @@ -164,3 +158,19 @@ func (s *service) RetrieveContent(ctx context.Context, message *managerapi.Retri return &managerapi.Retrieve_Response{Digests: digests}, nil } + +// processRegistryConfig processes a registry config into client options. +func processRegistryConfig(config *managerapi.RegistryConfig) []orasclient.ClientOption { + if config != nil { + authConf := authConfig{config.Auth} + return []orasclient.ClientOption{ + orasclient.WithCredentialFunc(authConf.Credential), + orasclient.SkipTLSVerify(config.SkipTlsVerify), + orasclient.WithPlainHTTP(config.PlainHttp), + } + } + // Make sure you return a nil auth config to get an empty credential. For the server, we + // always want override the default credential locations. + authConf := authConfig{} + return []orasclient.ClientOption{orasclient.WithCredentialFunc(authConf.Credential)} +} diff --git a/services/collectionmanager/service_test.go b/services/collectionmanager/service_test.go index 9ebbe881..631d7527 100644 --- a/services/collectionmanager/service_test.go +++ b/services/collectionmanager/service_test.go @@ -110,7 +110,7 @@ func TestCollectionManagerServer_All(t *testing.T) { require.NoError(t, err) manager := defaultmanager.New(testContentStore{Store: memory.New()}, testlogr) - srv, err := FromManager(manager, ServiceOptions{PlainHTTP: true}) + srv, err := FromManager(manager, ServiceOptions{}) require.NoError(t, err) conn, err := grpc.DialContext(ctx, "", grpc.WithTransportCredentials(insecure.NewCredentials()), grpc.WithContextDialer(dialer(srv))) @@ -126,6 +126,9 @@ func TestCollectionManagerServer_All(t *testing.T) { pRequest := &managerapi.Publish_Request{ Source: c.workspace, Destination: fmt.Sprintf("%s/test:latest", u.Host), + Config: &managerapi.RegistryConfig{ + PlainHttp: true, + }, } if c.collection != nil { @@ -158,6 +161,9 @@ func TestCollectionManagerServer_All(t *testing.T) { rRequest := &managerapi.Retrieve_Request{ Source: fmt.Sprintf("%s/test:latest", u.Host), Destination: destination, + Config: &managerapi.RegistryConfig{ + PlainHttp: true, + }, } if c.filter != nil { From a4759517af9b52b3cafcc6ceb9a11c66aa99829b Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Thu, 20 Oct 2022 16:12:08 -0400 Subject: [PATCH 3/6] chore: removes unused error types in registry client Signed-off-by: Jennifer Power --- .../collectionmanager/v1alpha1/manager.pb.go | 12 ++++++------ .../collectionmanager/v1alpha1/manager.proto | 9 +++------ registryclient/errors.go | 12 ------------ 3 files changed, 9 insertions(+), 24 deletions(-) delete mode 100644 registryclient/errors.go diff --git a/api/services/collectionmanager/v1alpha1/manager.pb.go b/api/services/collectionmanager/v1alpha1/manager.pb.go index 1a8ae4c5..39a020f3 100644 --- a/api/services/collectionmanager/v1alpha1/manager.pb.go +++ b/api/services/collectionmanager/v1alpha1/manager.pb.go @@ -342,9 +342,9 @@ type RegistryConfig struct { sizeCache protoimpl.SizeCache unknownFields protoimpl.UnknownFields - PlainHttp bool `protobuf:"varint,2,opt,name=plain_http,json=plainHttp,proto3" json:"plain_http,omitempty"` - SkipTlsVerify bool `protobuf:"varint,3,opt,name=skip_tls_verify,json=skipTlsVerify,proto3" json:"skip_tls_verify,omitempty"` - Auth *AuthConfig `protobuf:"bytes,4,opt,name=auth,proto3" json:"auth,omitempty"` + PlainHttp bool `protobuf:"varint,1,opt,name=plain_http,json=plainHttp,proto3" json:"plain_http,omitempty"` + SkipTlsVerify bool `protobuf:"varint,2,opt,name=skip_tls_verify,json=skipTlsVerify,proto3" json:"skip_tls_verify,omitempty"` + Auth *AuthConfig `protobuf:"bytes,3,opt,name=auth,proto3" json:"auth,omitempty"` } func (x *RegistryConfig) Reset() { @@ -802,11 +802,11 @@ var file_api_services_collectionmanager_v1alpha1_manager_proto_rawDesc = []byte{ 0x63, 0x74, 0x52, 0x0a, 0x61, 0x74, 0x74, 0x72, 0x69, 0x62, 0x75, 0x74, 0x65, 0x73, 0x22, 0x80, 0x01, 0x0a, 0x0e, 0x52, 0x65, 0x67, 0x69, 0x73, 0x74, 0x72, 0x79, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1d, 0x0a, 0x0a, 0x70, 0x6c, 0x61, 0x69, 0x6e, 0x5f, 0x68, 0x74, 0x74, 0x70, 0x18, - 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x70, 0x6c, 0x61, 0x69, 0x6e, 0x48, 0x74, 0x74, 0x70, + 0x01, 0x20, 0x01, 0x28, 0x08, 0x52, 0x09, 0x70, 0x6c, 0x61, 0x69, 0x6e, 0x48, 0x74, 0x74, 0x70, 0x12, 0x26, 0x0a, 0x0f, 0x73, 0x6b, 0x69, 0x70, 0x5f, 0x74, 0x6c, 0x73, 0x5f, 0x76, 0x65, 0x72, - 0x69, 0x66, 0x79, 0x18, 0x03, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x73, 0x6b, 0x69, 0x70, 0x54, + 0x69, 0x66, 0x79, 0x18, 0x02, 0x20, 0x01, 0x28, 0x08, 0x52, 0x0d, 0x73, 0x6b, 0x69, 0x70, 0x54, 0x6c, 0x73, 0x56, 0x65, 0x72, 0x69, 0x66, 0x79, 0x12, 0x27, 0x0a, 0x04, 0x61, 0x75, 0x74, 0x68, - 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, + 0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x13, 0x2e, 0x6d, 0x61, 0x6e, 0x61, 0x67, 0x65, 0x72, 0x2e, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x52, 0x04, 0x61, 0x75, 0x74, 0x68, 0x22, 0xb3, 0x01, 0x0a, 0x0a, 0x41, 0x75, 0x74, 0x68, 0x43, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x12, 0x1a, 0x0a, 0x08, 0x75, 0x73, 0x65, 0x72, 0x6e, 0x61, 0x6d, 0x65, 0x18, 0x01, 0x20, 0x01, diff --git a/api/services/collectionmanager/v1alpha1/manager.proto b/api/services/collectionmanager/v1alpha1/manager.proto index 5ef26a34..220bff3f 100644 --- a/api/services/collectionmanager/v1alpha1/manager.proto +++ b/api/services/collectionmanager/v1alpha1/manager.proto @@ -73,9 +73,9 @@ message File { // RegistryConfig configuration contains configuration information for connecting to a registry. message RegistryConfig { - bool plain_http = 2; - bool skip_tls_verify = 3; - AuthConfig auth = 4; + bool plain_http = 1; + bool skip_tls_verify = 2; + AuthConfig auth = 3; } // AuthConfig contains authorization information for connecting to a registry. @@ -86,6 +86,3 @@ message AuthConfig { string access_token = 4; string refresh_token = 5; } - - - diff --git a/registryclient/errors.go b/registryclient/errors.go deleted file mode 100644 index b28b75b5..00000000 --- a/registryclient/errors.go +++ /dev/null @@ -1,12 +0,0 @@ -package registryclient - -import "fmt" - -// ErrNoAvailableMirrors denotes that all registry mirrors are not accessible. -type ErrNoAvailableMirrors struct { - Registry string -} - -func (e *ErrNoAvailableMirrors) Error() string { - return fmt.Sprintf("registry %q: no avaialble mirrors", e.Registry) -} From 3d7b1fd37bf2a40150b18973249b7ed863e6fc4f Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Thu, 20 Oct 2022 17:07:56 -0400 Subject: [PATCH 4/6] chore: standardizes on term "skip-tls-verify" when disabling cert validation Signed-off-by: Jennifer Power --- README.md | 2 +- cmd/client/commands/build_collection.go | 2 +- cmd/client/commands/options/remote.go | 6 +++--- cmd/client/commands/pull.go | 2 +- cmd/client/commands/push.go | 2 +- cmd/client/commands/sigstore.go | 4 ++-- registryclient/orasclient/options.go | 8 ++++---- registryclient/orasclient/oras.go | 6 +++--- registryclient/registries.go | 2 +- registryclient/registries_test.go | 20 ++++++++++---------- 10 files changed, 27 insertions(+), 27 deletions(-) diff --git a/README.md b/README.md index db9c1473..cf7b06ef 100644 --- a/README.md +++ b/README.md @@ -61,7 +61,7 @@ Example: registries: - prefix: "localhost:5001/test" location: localhost:5001 - skipTLS: false + skipTLSVerify: false plainHTTP: true ``` diff --git a/cmd/client/commands/build_collection.go b/cmd/client/commands/build_collection.go index b9390bf7..c3f361ed 100644 --- a/cmd/client/commands/build_collection.go +++ b/cmd/client/commands/build_collection.go @@ -107,7 +107,7 @@ func (o *BuildCollectionOptions) Run(ctx context.Context) error { } var clientOpts = []orasclient.ClientOption{ - orasclient.SkipTLSVerify(o.Insecure), + orasclient.SkipTLSVerify(o.SkipTLSVerify), orasclient.WithAuthConfigs(o.Configs), orasclient.WithPlainHTTP(o.PlainHTTP), orasclient.WithRegistryConfig(o.RegistryConfig), diff --git a/cmd/client/commands/options/remote.go b/cmd/client/commands/options/remote.go index 2b13b777..0d7140c0 100644 --- a/cmd/client/commands/options/remote.go +++ b/cmd/client/commands/options/remote.go @@ -11,15 +11,15 @@ import ( // Remote describes remote configuration options that can be set. type Remote struct { - Insecure bool + SkipTLSVerify bool PlainHTTP bool RegistryConfig registryclient.RegistryConfig } // BindFlags binds options from a flag set to Remote options. func (o *Remote) BindFlags(fs *pflag.FlagSet) { - fs.BoolVarP(&o.Insecure, "insecure", "", o.Insecure, "allow connections to registries SSL registry without certs") - fs.BoolVarP(&o.PlainHTTP, "plain-http", "", o.PlainHTTP, "use plain http and not https when contacting registries") + fs.BoolVar(&o.SkipTLSVerify, "skip-tls-verify", o.SkipTLSVerify, "disable TLS certificate verification when contacting registries") + fs.BoolVar(&o.PlainHTTP, "plain-http", o.PlainHTTP, "use plain http and not https when contacting registries") } // LoadRegistryConfig loads the registry config from disk. diff --git a/cmd/client/commands/pull.go b/cmd/client/commands/pull.go index d62e74f1..87949c85 100644 --- a/cmd/client/commands/pull.go +++ b/cmd/client/commands/pull.go @@ -130,7 +130,7 @@ func (o *PullOptions) Run(ctx context.Context) error { } var clientOpts = []orasclient.ClientOption{ - orasclient.SkipTLSVerify(o.Insecure), + orasclient.SkipTLSVerify(o.SkipTLSVerify), orasclient.WithAuthConfigs(o.Configs), orasclient.WithPlainHTTP(o.PlainHTTP), orasclient.WithCache(cache), diff --git a/cmd/client/commands/push.go b/cmd/client/commands/push.go index 14a1cda7..0d7c9dfb 100644 --- a/cmd/client/commands/push.go +++ b/cmd/client/commands/push.go @@ -81,7 +81,7 @@ func (o *PushOptions) Run(ctx context.Context) error { } client, err := orasclient.NewClient( - orasclient.SkipTLSVerify(o.Insecure), + orasclient.SkipTLSVerify(o.SkipTLSVerify), orasclient.WithAuthConfigs(o.Configs), orasclient.WithPlainHTTP(o.PlainHTTP), orasclient.WithRegistryConfig(o.RegistryConfig), diff --git a/cmd/client/commands/sigstore.go b/cmd/client/commands/sigstore.go index c27a4446..a4911eea 100644 --- a/cmd/client/commands/sigstore.go +++ b/cmd/client/commands/sigstore.go @@ -39,7 +39,7 @@ func signCollection(_ context.Context, reference string, authConfigs []string, r regopts := cosignopts.RegistryOptions{ Keychain: authn.DefaultKeychain, } - if remoteOpts.PlainHTTP || remoteOpts.Insecure { + if remoteOpts.PlainHTTP || remoteOpts.SkipTLSVerify { regopts.AllowInsecure = true } @@ -70,7 +70,7 @@ func verifyCollection(ctx context.Context, reference string, authConfigs []strin Keychain: authn.DefaultKeychain, } - if remoteOpts.PlainHTTP || remoteOpts.Insecure { + if remoteOpts.PlainHTTP || remoteOpts.SkipTLSVerify { regopts.AllowInsecure = true } diff --git a/registryclient/orasclient/options.go b/registryclient/orasclient/options.go index 2d9303bc..ae5c2983 100644 --- a/registryclient/orasclient/options.go +++ b/registryclient/orasclient/options.go @@ -26,7 +26,7 @@ type ClientConfig struct { configs []string credFn func(context.Context, string) (auth.Credential, error) plainHTTP bool - insecure bool + skipTLSVerify bool cache content.Store copyOpts oras.CopyOptions attributes model.Matcher @@ -64,7 +64,7 @@ func NewClient(options ...ClientOption) (registryclient.Client, error) { client.authCache = auth.NewCache() client.plainHTTP = config.plainHTTP - client.insecure = config.insecure + client.skipTLSVerify = config.skipTLSVerify client.copyOpts = config.copyOpts client.destroy = destroy client.cache = config.cache @@ -120,9 +120,9 @@ func WithRegistryConfig(registryConf registryclient.RegistryConfig) ClientOption } // SkipTLSVerify disables TLS certificate checking. -func SkipTLSVerify(insecure bool) ClientOption { +func SkipTLSVerify(skipTLSVerify bool) ClientOption { return func(config *ClientConfig) error { - config.insecure = insecure + config.skipTLSVerify = skipTLSVerify return nil } } diff --git a/registryclient/orasclient/oras.go b/registryclient/orasclient/oras.go index ae41c8d9..b602c460 100644 --- a/registryclient/orasclient/oras.go +++ b/registryclient/orasclient/oras.go @@ -34,7 +34,7 @@ import ( type orasClient struct { plainHTTP bool - insecure bool + skipTLSVerify bool authCache auth.Cache credFn func(context.Context, string) (auth.Credential, error) registryConf registryclient.RegistryConfig @@ -332,11 +332,11 @@ func (c *orasClient) setupRepo(ctx context.Context, reference string) (registry. switch { case registryConfig == nil: repo.PlainHTTP = c.plainHTTP - repo.Client = c.authClient(c.insecure) + repo.Client = c.authClient(c.skipTLSVerify) return repo, nil default: repo.PlainHTTP = registryConfig.PlainHTTP - repo.Client = c.authClient(registryConfig.SkipTLS) + repo.Client = c.authClient(registryConfig.SkipTLSVerify) return repo, nil } } diff --git a/registryclient/registries.go b/registryclient/registries.go index 20ed7195..798000bf 100644 --- a/registryclient/registries.go +++ b/registryclient/registries.go @@ -18,7 +18,7 @@ type Endpoint struct { // The endpoint's remote location. Location string `mapstructure:"location" json:"location"` // If true, certs verification will be skipped. - SkipTLS bool `mapstructure:"skipTLS" json:"skipTLS"` + SkipTLSVerify bool `mapstructure:"skipTLSVerify" json:"skipTLSVerify"` // If true, the client will use HTTP to // connect to the registry. PlainHTTP bool `mapstructure:"plainHTTP" json:"plainHTTP"` diff --git a/registryclient/registries_test.go b/registryclient/registries_test.go index 9822e274..df868fe0 100644 --- a/registryclient/registries_test.go +++ b/registryclient/registries_test.go @@ -22,13 +22,13 @@ func TestFindRegistry(t *testing.T) { { Prefix: "*.example.com", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, { Prefix: "*.not.com", Endpoint: Endpoint{ - SkipTLS: false, + SkipTLSVerify: false, }, }, }, @@ -37,7 +37,7 @@ func TestFindRegistry(t *testing.T) { expReg: Registry{ Prefix: "*.example.com", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, }, @@ -48,13 +48,13 @@ func TestFindRegistry(t *testing.T) { { Prefix: "*.example.com", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, { Prefix: "*", Endpoint: Endpoint{ - SkipTLS: false, + SkipTLSVerify: false, }, }, }, @@ -63,7 +63,7 @@ func TestFindRegistry(t *testing.T) { expReg: Registry{ Prefix: "*.example.com", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, }, @@ -74,13 +74,13 @@ func TestFindRegistry(t *testing.T) { { Prefix: "reg.example.*", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, { Prefix: "*", Endpoint: Endpoint{ - SkipTLS: false, + SkipTLSVerify: false, }, }, }, @@ -89,7 +89,7 @@ func TestFindRegistry(t *testing.T) { expReg: Registry{ Prefix: "reg.example.*", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, }, @@ -100,7 +100,7 @@ func TestFindRegistry(t *testing.T) { { Prefix: "*.not.com", Endpoint: Endpoint{ - SkipTLS: true, + SkipTLSVerify: true, }, }, }, From b0b19da6db014f924411ba740e0ee27d4ddfeeaf Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Mon, 7 Nov 2022 14:18:12 -0500 Subject: [PATCH 5/6] fix: removes unused filed from orasclient options Signed-off-by: Jennifer Power --- registryclient/orasclient/options.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/registryclient/orasclient/options.go b/registryclient/orasclient/options.go index ae5c2983..17049cf9 100644 --- a/registryclient/orasclient/options.go +++ b/registryclient/orasclient/options.go @@ -22,7 +22,6 @@ type ClientOption func(o *ClientConfig) error // ClientConfig contains configuration data for the registry client. type ClientConfig struct { - outputDir string configs []string credFn func(context.Context, string) (auth.Credential, error) plainHTTP bool @@ -31,7 +30,7 @@ type ClientConfig struct { copyOpts oras.CopyOptions attributes model.Matcher registryConfig registryclient.RegistryConfig - prePullFn func(context.Context, string) error + prePullFn func(context.Context, string) error } func (c *ClientConfig) apply(options []ClientOption) error { @@ -82,7 +81,6 @@ func NewClient(options ...ClientOption) (registryclient.Client, error) { client.credFn = store.Credential } - // We are not allowing this to be configurable since // oras file stores turn artifacts into descriptors in // specific way we want to reuse. From d5a1ac17b4d9400d0196b1681f0f81253d146b33 Mon Sep 17 00:00:00 2001 From: Jennifer Power Date: Mon, 7 Nov 2022 14:29:15 -0500 Subject: [PATCH 6/6] fix: adds formatting fixes Signed-off-by: Jennifer Power --- cmd/client/commands/pull.go | 1 - registryclient/orasclient/oras.go | 10 +++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/cmd/client/commands/pull.go b/cmd/client/commands/pull.go index 87949c85..86b287bf 100644 --- a/cmd/client/commands/pull.go +++ b/cmd/client/commands/pull.go @@ -138,7 +138,6 @@ func (o *PullOptions) Run(ctx context.Context) error { orasclient.WithRegistryConfig(o.RegistryConfig), } - if !o.NoVerify { verificationFn := func(ctx context.Context, reference string) error { o.Logger.Debugf("Checking signature of %s", reference) diff --git a/registryclient/orasclient/oras.go b/registryclient/orasclient/oras.go index b602c460..0d0b4a94 100644 --- a/registryclient/orasclient/oras.go +++ b/registryclient/orasclient/oras.go @@ -33,11 +33,11 @@ import ( ) type orasClient struct { - plainHTTP bool - skipTLSVerify bool - authCache auth.Cache - credFn func(context.Context, string) (auth.Credential, error) - registryConf registryclient.RegistryConfig + plainHTTP bool + skipTLSVerify bool + authCache auth.Cache + credFn func(context.Context, string) (auth.Credential, error) + registryConf registryclient.RegistryConfig // oras-specific copy options copyOpts oras.CopyOptions // User specified pre-pull actions