Work in progress for checking to see if we have layers to contaminate
This commit is contained in:
parent
236cb09577
commit
039c550c68
66
src/main.rs
66
src/main.rs
|
@ -22,7 +22,7 @@ mod models;
|
|||
/**
|
||||
* Load the settings based on the hierarchy.
|
||||
*
|
||||
* First we load the configuration file (contaminate.yml) if it exists
|
||||
* First we load the configuration file `contaminate.yml` if it exists
|
||||
* Then we look at environment variables.
|
||||
*/
|
||||
fn load_settings() -> config::Config {
|
||||
|
@ -51,6 +51,26 @@ struct AppState {
|
|||
upstream: String,
|
||||
}
|
||||
|
||||
impl AppState {
|
||||
/**
|
||||
* This function returns a true if the configured `layers_dir` has an override
|
||||
* for the given triplet of org/image:digest
|
||||
*
|
||||
* For example, if we have a `<layers_dir>/library/alpine/latest/` directory
|
||||
* with `*.tar.gz` files within it, then the function would return true.
|
||||
*/
|
||||
fn override_exists(&self, org: String, image: String, digest: String) -> bool {
|
||||
let layers_dir = self.conf.get_str("layers_dir")
|
||||
.expect("Unable to access `layers_dir` conf variable");
|
||||
|
||||
info!("Looking in directory: {}", layers_dir);
|
||||
let layers_dir = Path::new(&layers_dir);
|
||||
|
||||
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Proxy the given response to the upstream registry and return the response
|
||||
* back to the client request it.
|
||||
|
@ -99,12 +119,30 @@ async fn proxy_upstream(req: Request<AppState>) -> Response {
|
|||
|
||||
}
|
||||
|
||||
async fn fetch_digest(_req: Request<AppState>) -> String {
|
||||
format!("fetch_digest")
|
||||
/**
|
||||
* This function will fetch and manipulate the upstream manifest, typically
|
||||
* located at `/v2/myorg/myimage/manifests/latest`
|
||||
*
|
||||
* This will return a Response to the client which conforms to the manifest
|
||||
* specification.
|
||||
*/
|
||||
async fn fetch_digest(req: Request<AppState>) -> Response {
|
||||
let org: String = req.param("org").unwrap_or("".to_string());
|
||||
let image: String = req.param("image").unwrap_or("".to_string());
|
||||
let digest: String = req.param("digest").unwrap_or("".to_string());
|
||||
if req.state().override_exists(org, image, digest) {
|
||||
error!("We should not proxy");
|
||||
Response::new(200)
|
||||
}
|
||||
else {
|
||||
error!("We SHOULD proxy");
|
||||
Response::new(200)
|
||||
}
|
||||
}
|
||||
|
||||
async fn fetch_blob(_req: Request<AppState>) -> String {
|
||||
format!("fetch_blob")
|
||||
async fn fetch_blob(req: Request<AppState>) -> Response {
|
||||
info!("fetch_blob: {}", req.uri());
|
||||
Response::new(200)
|
||||
}
|
||||
|
||||
fn main() -> Result<(), std::io::Error> {
|
||||
|
@ -115,6 +153,15 @@ fn main() -> Result<(), std::io::Error> {
|
|||
|
||||
info!("Starting with the following upstream: {}", upstream_url);
|
||||
|
||||
let layers_dir = conf.get_str("layers_dir")
|
||||
.expect("`layers_dir` not properly configured, must be a string");
|
||||
let layers_dir = Path::new(&layers_dir);
|
||||
|
||||
if ! layers_dir.is_dir() {
|
||||
error!("The `layers_dir` ({}) does not appear to be a directory", layers_dir.display());
|
||||
panic!("`layers_dir` must be a directory");
|
||||
}
|
||||
|
||||
let state = AppState {
|
||||
conf: conf,
|
||||
upstream: upstream_url,
|
||||
|
@ -123,7 +170,16 @@ fn main() -> Result<(), std::io::Error> {
|
|||
task::block_on(async {
|
||||
let mut app = tide::with_state(state);
|
||||
app.at("/").get(|_| async move { "Hello, world!" });
|
||||
/*
|
||||
* This route works for "normal" images, which have name of org/image
|
||||
*/
|
||||
app.at("/v2/:org/:image/manifests/:digest").get(fetch_digest);
|
||||
/*
|
||||
* This route works handles images which look like "official" images,
|
||||
* such as `alpine:latest`, which _actually_ maps to `library/alpine:latest`
|
||||
* in DockerHub
|
||||
*/
|
||||
//app.at("/v2/:image/manifests/:digest").get(fetch_digest);
|
||||
app.at("/v2/:org/:image/blobs/:sha").get(fetch_blob);
|
||||
/*
|
||||
* The catch-all for the remainder of the v2 API calls should proxy to
|
||||
|
|
Loading…
Reference in New Issue