-
Notifications
You must be signed in to change notification settings - Fork 4.8k
/
Copy pathimage_registry.go
303 lines (258 loc) · 7.97 KB
/
image_registry.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
package huawei
import (
"crypto/tls"
"encoding/base64"
"encoding/json"
"fmt"
"io/ioutil"
"net/http"
"time"
"github.com/goharbor/harbor/src/replication/model"
)
// FetchImages gets resources from Huawei SWR
func (a *adapter) FetchImages(filters []*model.Filter) ([]*model.Resource, error) {
resources := []*model.Resource{}
urls := fmt.Sprintf("%s/dockyard/v2/repositories?filter=center::self", a.registry.URL)
r, err := http.NewRequest("GET", urls, nil)
if err != nil {
return resources, err
}
r.Header.Add("content-type", "application/json; charset=utf-8")
encodeAuth := base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", a.registry.Credential.AccessKey, a.registry.Credential.AccessSecret)))
r.Header.Add("Authorization", "Basic "+encodeAuth)
client := &http.Client{}
if a.registry.Insecure == true {
client = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
},
}
}
resp, err := client.Do(r)
if err != nil {
return resources, err
}
defer resp.Body.Close()
code := resp.StatusCode
if code >= 300 || code < 200 {
body, _ := ioutil.ReadAll(resp.Body)
return resources, fmt.Errorf("[%d][%s]", code, string(body))
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return resources, err
}
repos := []hwRepoQueryResult{}
err = json.Unmarshal(body, &repos)
if err != nil {
return resources, err
}
for _, repo := range repos {
resource := parseRepoQueryResultToResource(repo)
resource.Registry = a.registry
resources = append(resources, resource)
}
return resources, nil
}
// ManifestExist check the manifest of Huawei SWR
func (a *adapter) ManifestExist(repository, reference string) (exist bool, digest string, err error) {
token, err := getJwtToken(a, repository)
if err != nil {
return exist, digest, err
}
urls := fmt.Sprintf("%s/v2/%s/manifests/%s", a.registry.URL, repository, reference)
r, err := http.NewRequest("GET", urls, nil)
if err != nil {
return exist, digest, err
}
r.Header.Add("content-type", "application/json; charset=utf-8")
r.Header.Add("Authorization", "Bearer "+token.Token)
client := &http.Client{}
if a.registry.Insecure == true {
client = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
},
}
}
resp, err := client.Do(r)
if err != nil {
return exist, digest, err
}
defer resp.Body.Close()
code := resp.StatusCode
if code >= 300 || code < 200 {
if code == 404 {
return false, digest, nil
}
body, _ := ioutil.ReadAll(resp.Body)
return exist, digest, fmt.Errorf("[%d][%s]", code, string(body))
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return exist, digest, err
}
exist = true
manifest := hwManifest{}
err = json.Unmarshal(body, &manifest)
if err != nil {
return exist, digest, err
}
return exist, manifest.Config.Digest, nil
}
// DeleteManifest delete the manifest of Huawei SWR
func (a *adapter) DeleteManifest(repository, reference string) error {
token, err := getJwtToken(a, repository)
if err != nil {
return err
}
urls := fmt.Sprintf("%s/v2/%s/manifests/%s", a.registry.URL, repository, reference)
r, err := http.NewRequest("DELETE", urls, nil)
if err != nil {
return err
}
r.Header.Add("content-type", "application/json; charset=utf-8")
r.Header.Add("Authorization", "Bearer "+token.Token)
client := &http.Client{}
if a.registry.Insecure == true {
client = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
},
}
}
resp, err := client.Do(r)
if err != nil {
return err
}
defer resp.Body.Close()
code := resp.StatusCode
if code >= 300 || code < 200 {
body, _ := ioutil.ReadAll(resp.Body)
return fmt.Errorf("[%d][%s]", code, string(body))
}
return nil
}
func parseRepoQueryResultToResource(repo hwRepoQueryResult) *model.Resource {
var resource model.Resource
info := make(map[string]interface{})
info["category"] = repo.Category
info["description"] = repo.Description
info["size"] = repo.Size
info["is_public"] = repo.IsPublic
info["num_images"] = repo.NumImages
info["num_download"] = repo.NumDownload
info["created_at"] = repo.CreatedAt
info["updated_at"] = repo.UpdatedAt
info["domain_name"] = repo.DomainName
info["status"] = repo.Status
info["total_range"] = repo.TotalRange
repository := &model.Repository{
Name: fmt.Sprintf("%s/%s", repo.NamespaceName, repo.Name),
Metadata: info,
}
resource.ExtendedInfo = info
resource.Metadata = &model.ResourceMetadata{
Repository: repository,
Vtags: repo.Tags,
Labels: []string{},
}
resource.Deleted = false
resource.Override = false
resource.Type = model.ResourceTypeImage
return &resource
}
type hwRepoQueryResult struct {
Name string `json:"name"`
Category string `json:"category"`
Description string `json:"description"`
Size int64 `json:"size" `
IsPublic bool `json:"is_public"`
NumImages int64 `json:"num_images"`
NumDownload int64 `json:"num_download"`
CreatedAt time.Time `json:"created_at"`
UpdatedAt time.Time `json:"updated_at"`
Logo string `json:"logo"`
LogoURL string `json:"url"`
Path string `json:"path"`
InternalPath string `json:"internal_path"`
DomainName string `json:"domain_name"`
NamespaceName string `json:"namespace"`
Tags []string `json:"tags"`
Status bool `json:"status"`
TotalRange int64 `json:"total_range"`
}
func getJwtToken(a *adapter, repository string) (token jwtToken, err error) {
urls := fmt.Sprintf("%s/swr/auth/v2/registry/auth?scope=repository:%s:push,pull", a.registry.URL, repository)
r, err := http.NewRequest("GET", urls, nil)
if err != nil {
return token, err
}
r.Header.Add("content-type", "application/json; charset=utf-8")
encodeAuth := base64.StdEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", a.registry.Credential.AccessKey, a.registry.Credential.AccessSecret)))
r.Header.Add("Authorization", "Basic "+encodeAuth)
client := &http.Client{}
if a.registry.Insecure == true {
client = &http.Client{
Transport: &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
},
}
}
resp, err := client.Do(r)
if err != nil {
return token, err
}
defer resp.Body.Close()
code := resp.StatusCode
if code >= 300 || code < 200 {
body, _ := ioutil.ReadAll(resp.Body)
return token, fmt.Errorf("[%d][%s]", code, string(body))
}
body, err := ioutil.ReadAll(resp.Body)
if err != nil {
return token, err
}
err = json.Unmarshal(body, &token)
if err != nil {
return token, err
}
return token, nil
}
type jwtToken struct {
Token string `json:"token" description:"token return to user"`
ExpiresIn int `json:"expires_in" description:"describes token will expires in how many seconds later"`
IssuedAt time.Time `json:"issued_at" description:"token issued time"`
}
type hwManifest struct {
// SchemaVersion is the image manifest schema that this image follows
SchemaVersion int `json:"schemaVersion"`
// MediaType is the media type of this schema.
MediaType string `json:"mediaType,omitempty"`
// Config references the image configuration as a blob.
Config hwDescriptor `json:"config"`
// Layers lists descriptors for the layers referenced by the
// configuration.
Layers []hwDescriptor `json:"layers"`
// summary keeps the summary infos
Summary hwManifestSummary `json:"-"`
}
type hwDescriptor struct {
// MediaType describe the type of the content. All text based formats are
// encoded as utf-8.
MediaType string `json:"mediaType,omitempty"`
// Size in bytes of content.
Size int64 `json:"size,omitempty"`
// Digest uniquely identifies the content. A byte stream can be verified
// against this digest.
Digest string `json:"digest,omitempty"`
// URLs contains the source URLs of this content.
URLs []string `json:"urls,omitempty"`
// depandence
Dependence string `json:"dependence,omitempty"`
}
type hwManifestSummary struct {
Config string
RepoTags []string
Layers []string
}