feat(registry): provide registry maintenance readonly mode (#1978)

Co-authored-by: root <root@localhost.localdomain>
tkestack · May 30, 2022 · b24b841 · b24b841
1 parent f469aaa
commit b24b841
Show file tree

Hide file tree

Showing 7 changed files with 172 additions and 0 deletions.
diff --git a/...tke-installer/app/installer/manifests/charts/tke-registry/templates/tke-registry-api.yaml b/...tke-installer/app/installer/manifests/charts/tke-registry/templates/tke-registry-api.yaml
@@ -329,6 +329,9 @@ data:
 {{- end }}
       delete:
         enabled: true
+      maintenance:
+        readonly:
+          enabled: false
     security:
       tokenPrivateKeyFile: /etc/registry/private_key.pem
       tokenPublicKeyFile: /etc/registry/public_key.crt

diff --git a/pkg/registry/apis/config/types.go b/pkg/registry/apis/config/types.go
@@ -50,6 +50,8 @@ type Storage struct {
 	Etcd *EtcdStorage
 	// +optional
 	Delete *Delete
+	// +optional
+	Maintenance *Maintenance
 }
 type EtcdStorage struct {
 	CAFile    string
@@ -119,6 +121,15 @@ type Delete struct {
 	Enabled bool
 }
 
+// Maintenance ReadOnly enabled set to true, clients will not be allowed to write to the registry.
+type Maintenance struct {
+	ReadOnly ReadOnly
+}
+
+type ReadOnly struct {
+	Enabled bool
+}
+
 type Security struct {
 	TokenPrivateKeyFile string
 	TokenPublicKeyFile  string

diff --git a/pkg/registry/apis/config/v1/types.go b/pkg/registry/apis/config/v1/types.go
@@ -50,6 +50,8 @@ type Storage struct {
 	Etcd *EtcdStorage `json:"etcd,omitempty" yaml:"etcd,omitempty"`
 	// +optional
 	Delete *Delete `json:"delete,omitempty" yaml:"delete,omitempty"`
+	// +optional
+	Maintenance *Maintenance `json:"maintenance,omitempty" yaml:"maintenance,omitempty"`
 }
 
 type EtcdStorage struct {
@@ -120,6 +122,15 @@ type Delete struct {
 	Enabled bool `json:"enabled" yaml:"enabled"`
 }
 
+// Maintenance ReadOnly enabled set to true, clients will not be allowed to write to the registry.
+type Maintenance struct {
+	ReadOnly ReadOnly `json:"readonly" yaml:"readonly"`
+}
+
+type ReadOnly struct {
+	Enabled bool `json:"enabled" yaml:"enabled"`
+}
+
 type Security struct {
 	TokenPrivateKeyFile string `json:"tokenPrivateKeyFile" yaml:"tokenPrivateKeyFile"`
 	TokenPublicKeyFile  string `json:"tokenPublicKeyFile" yaml:"tokenPublicKeyFile"`

diff --git a/pkg/registry/apis/config/v1/zz_generated.conversion.go b/pkg/registry/apis/config/v1/zz_generated.conversion.go
diff --git a/pkg/registry/apis/config/v1/zz_generated.deepcopy.go b/pkg/registry/apis/config/v1/zz_generated.deepcopy.go
diff --git a/pkg/registry/apis/config/zz_generated.deepcopy.go b/pkg/registry/apis/config/zz_generated.deepcopy.go
diff --git a/pkg/registry/distribution/distribution.go b/pkg/registry/distribution/distribution.go
@@ -266,5 +266,10 @@ func buildStorageConfiguration(opts *Options) map[string]configuration.Parameter
 		deleteDriver["enabled"] = storageCfg.Delete.Enabled
 		storage["delete"] = deleteDriver
 	}
+	if storageCfg.Maintenance != nil {
+		storage["maintenance"] = configuration.Parameters{
+			"readonly": map[interface{}]interface{}{"enabled": storageCfg.Maintenance.ReadOnly.Enabled},
+		}
+	}
 	return storage
 }