f1c8c41408
Commitcb6f002350
implemented a generic Manifest interface to represent manifests in the registry and remove references to schema specific manifests. As part of this refactor, the Describable interface was introduced, which allowed for a single ManifestBuilder interface to handle both schema1 and schema2 manifests. Implementations of Describable are generally objects which can be described, not simply descriptors, but for convenience, this interface was also implemented on Descriptor in2ff77c00ba
. This interface served its purpose, but no longer needed for most cases; schema2 (and OCI) descriptors do not need this method, making it only needed for `schema1.Reference`, which is now deprecated. Requiring this interface to be implemented limits interoperability between distribution's Descriptor and the OCI Descriptor types, which are identical in every other way, except for the presence of the Describable interface. This patch: - Removes the `Descriptor.Descriptor()` method (no longer implementing the `Describable` interface). - Updates ManifestBuilder interface and implementations to accept either - Updates ManifestBuilder interface and implementations to accept a `Descriptor`. After this patch, the caller is responsible for changing a describable type into a descriptor; builder.AppendReference(describable.Descriptor()) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
248 lines
9.2 KiB
Go
248 lines
9.2 KiB
Go
package distribution
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"fmt"
|
|
"io"
|
|
"net/http"
|
|
"time"
|
|
|
|
"github.com/distribution/reference"
|
|
"github.com/opencontainers/go-digest"
|
|
v1 "github.com/opencontainers/image-spec/specs-go/v1"
|
|
)
|
|
|
|
var (
|
|
// ErrBlobExists returned when blob already exists
|
|
ErrBlobExists = errors.New("blob exists")
|
|
|
|
// ErrBlobDigestUnsupported when blob digest is an unsupported version.
|
|
ErrBlobDigestUnsupported = errors.New("unsupported blob digest")
|
|
|
|
// ErrBlobUnknown when blob is not found.
|
|
ErrBlobUnknown = errors.New("unknown blob")
|
|
|
|
// ErrBlobUploadUnknown returned when upload is not found.
|
|
ErrBlobUploadUnknown = errors.New("blob upload unknown")
|
|
|
|
// ErrBlobInvalidLength returned when the blob has an expected length on
|
|
// commit, meaning mismatched with the descriptor or an invalid value.
|
|
ErrBlobInvalidLength = errors.New("blob invalid length")
|
|
)
|
|
|
|
// ErrBlobInvalidDigest returned when digest check fails.
|
|
type ErrBlobInvalidDigest struct {
|
|
Digest digest.Digest
|
|
Reason error
|
|
}
|
|
|
|
func (err ErrBlobInvalidDigest) Error() string {
|
|
return fmt.Sprintf("invalid digest for referenced layer: %v, %v",
|
|
err.Digest, err.Reason)
|
|
}
|
|
|
|
// ErrBlobMounted returned when a blob is mounted from another repository
|
|
// instead of initiating an upload session.
|
|
type ErrBlobMounted struct {
|
|
From reference.Canonical
|
|
Descriptor Descriptor
|
|
}
|
|
|
|
func (err ErrBlobMounted) Error() string {
|
|
return fmt.Sprintf("blob mounted from: %v to: %v",
|
|
err.From, err.Descriptor)
|
|
}
|
|
|
|
// Descriptor describes targeted content. Used in conjunction with a blob
|
|
// store, a descriptor can be used to fetch, store and target any kind of
|
|
// blob. The struct also describes the wire protocol format. Fields should
|
|
// only be added but never changed.
|
|
type Descriptor struct {
|
|
// MediaType describe the type of the content. All text based formats are
|
|
// encoded as utf-8.
|
|
MediaType string `json:"mediaType,omitempty"`
|
|
|
|
// Digest uniquely identifies the content. A byte stream can be verified
|
|
// against this digest.
|
|
Digest digest.Digest `json:"digest,omitempty"`
|
|
|
|
// Size in bytes of content.
|
|
Size int64 `json:"size,omitempty"`
|
|
|
|
// URLs contains the source URLs of this content.
|
|
URLs []string `json:"urls,omitempty"`
|
|
|
|
// Annotations contains arbitrary metadata relating to the targeted content.
|
|
Annotations map[string]string `json:"annotations,omitempty"`
|
|
|
|
// Platform describes the platform which the image in the manifest runs on.
|
|
// This should only be used when referring to a manifest.
|
|
Platform *v1.Platform `json:"platform,omitempty"`
|
|
|
|
// NOTE: Before adding a field here, please ensure that all
|
|
// other options have been exhausted. Much of the type relationships
|
|
// depend on the simplicity of this type.
|
|
}
|
|
|
|
// BlobStatter makes blob descriptors available by digest. The service may
|
|
// provide a descriptor of a different digest if the provided digest is not
|
|
// canonical.
|
|
type BlobStatter interface {
|
|
// Stat provides metadata about a blob identified by the digest. If the
|
|
// blob is unknown to the describer, ErrBlobUnknown will be returned.
|
|
Stat(ctx context.Context, dgst digest.Digest) (Descriptor, error)
|
|
}
|
|
|
|
// BlobDeleter enables deleting blobs from storage.
|
|
type BlobDeleter interface {
|
|
Delete(ctx context.Context, dgst digest.Digest) error
|
|
}
|
|
|
|
// BlobEnumerator enables iterating over blobs from storage
|
|
type BlobEnumerator interface {
|
|
Enumerate(ctx context.Context, ingester func(dgst digest.Digest) error) error
|
|
}
|
|
|
|
// BlobDescriptorService manages metadata about a blob by digest. Most
|
|
// implementations will not expose such an interface explicitly. Such mappings
|
|
// should be maintained by interacting with the BlobIngester. Hence, this is
|
|
// left off of BlobService and BlobStore.
|
|
type BlobDescriptorService interface {
|
|
BlobStatter
|
|
|
|
// SetDescriptor assigns the descriptor to the digest. The provided digest and
|
|
// the digest in the descriptor must map to identical content but they may
|
|
// differ on their algorithm. The descriptor must have the canonical
|
|
// digest of the content and the digest algorithm must match the
|
|
// annotators canonical algorithm.
|
|
//
|
|
// Such a facility can be used to map blobs between digest domains, with
|
|
// the restriction that the algorithm of the descriptor must match the
|
|
// canonical algorithm (ie sha256) of the annotator.
|
|
SetDescriptor(ctx context.Context, dgst digest.Digest, desc Descriptor) error
|
|
|
|
// Clear enables descriptors to be unlinked
|
|
Clear(ctx context.Context, dgst digest.Digest) error
|
|
}
|
|
|
|
// BlobDescriptorServiceFactory creates middleware for BlobDescriptorService.
|
|
type BlobDescriptorServiceFactory interface {
|
|
BlobAccessController(svc BlobDescriptorService) BlobDescriptorService
|
|
}
|
|
|
|
// BlobProvider describes operations for getting blob data.
|
|
type BlobProvider interface {
|
|
// Get returns the entire blob identified by digest along with the descriptor.
|
|
Get(ctx context.Context, dgst digest.Digest) ([]byte, error)
|
|
|
|
// Open provides an [io.ReadSeekCloser] to the blob identified by the provided
|
|
// descriptor. If the blob is not known to the service, an error is returned.
|
|
Open(ctx context.Context, dgst digest.Digest) (io.ReadSeekCloser, error)
|
|
}
|
|
|
|
// BlobServer can serve blobs via http.
|
|
type BlobServer interface {
|
|
// ServeBlob attempts to serve the blob, identified by dgst, via http. The
|
|
// service may decide to redirect the client elsewhere or serve the data
|
|
// directly.
|
|
//
|
|
// This handler only issues successful responses, such as 2xx or 3xx,
|
|
// meaning it serves data or issues a redirect. If the blob is not
|
|
// available, an error will be returned and the caller may still issue a
|
|
// response.
|
|
//
|
|
// The implementation may serve the same blob from a different digest
|
|
// domain. The appropriate headers will be set for the blob, unless they
|
|
// have already been set by the caller.
|
|
ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error
|
|
}
|
|
|
|
// BlobIngester ingests blob data.
|
|
type BlobIngester interface {
|
|
// Put inserts the content p into the blob service, returning a descriptor
|
|
// or an error.
|
|
Put(ctx context.Context, mediaType string, p []byte) (Descriptor, error)
|
|
|
|
// Create allocates a new blob writer to add a blob to this service. The
|
|
// returned handle can be written to and later resumed using an opaque
|
|
// identifier. With this approach, one can Close and Resume a BlobWriter
|
|
// multiple times until the BlobWriter is committed or cancelled.
|
|
Create(ctx context.Context, options ...BlobCreateOption) (BlobWriter, error)
|
|
|
|
// Resume attempts to resume a write to a blob, identified by an id.
|
|
Resume(ctx context.Context, id string) (BlobWriter, error)
|
|
}
|
|
|
|
// BlobCreateOption is a general extensible function argument for blob creation
|
|
// methods. A BlobIngester may choose to honor any or none of the given
|
|
// BlobCreateOptions, which can be specific to the implementation of the
|
|
// BlobIngester receiving them.
|
|
// TODO (brianbland): unify this with ManifestServiceOption in the future
|
|
type BlobCreateOption interface {
|
|
Apply(interface{}) error
|
|
}
|
|
|
|
// CreateOptions is a collection of blob creation modifiers relevant to general
|
|
// blob storage intended to be configured by the BlobCreateOption.Apply method.
|
|
type CreateOptions struct {
|
|
Mount struct {
|
|
ShouldMount bool
|
|
From reference.Canonical
|
|
// Stat allows to pass precalculated descriptor to link and return.
|
|
// Blob access check will be skipped if set.
|
|
Stat *Descriptor
|
|
}
|
|
}
|
|
|
|
// BlobWriter provides a handle for inserting data into a blob store.
|
|
// Instances should be obtained from BlobWriteService.Writer and
|
|
// BlobWriteService.Resume. If supported by the store, a writer can be
|
|
// recovered with the id.
|
|
type BlobWriter interface {
|
|
io.WriteCloser
|
|
io.ReaderFrom
|
|
|
|
// Size returns the number of bytes written to this blob.
|
|
Size() int64
|
|
|
|
// ID returns the identifier for this writer. The ID can be used with the
|
|
// Blob service to later resume the write.
|
|
ID() string
|
|
|
|
// StartedAt returns the time this blob write was started.
|
|
StartedAt() time.Time
|
|
|
|
// Commit completes the blob writer process. The content is verified
|
|
// against the provided provisional descriptor, which may result in an
|
|
// error. Depending on the implementation, written data may be validated
|
|
// against the provisional descriptor fields. If MediaType is not present,
|
|
// the implementation may reject the commit or assign "application/octet-
|
|
// stream" to the blob. The returned descriptor may have a different
|
|
// digest depending on the blob store, referred to as the canonical
|
|
// descriptor.
|
|
Commit(ctx context.Context, provisional Descriptor) (canonical Descriptor, err error)
|
|
|
|
// Cancel ends the blob write without storing any data and frees any
|
|
// associated resources. Any data written thus far will be lost. Cancel
|
|
// implementations should allow multiple calls even after a commit that
|
|
// result in a no-op. This allows use of Cancel in a defer statement,
|
|
// increasing the assurance that it is correctly called.
|
|
Cancel(ctx context.Context) error
|
|
}
|
|
|
|
// BlobService combines the operations to access, read and write blobs. This
|
|
// can be used to describe remote blob services.
|
|
type BlobService interface {
|
|
BlobStatter
|
|
BlobProvider
|
|
BlobIngester
|
|
}
|
|
|
|
// BlobStore represent the entire suite of blob related operations. Such an
|
|
// implementation can access, read, write, delete and serve blobs.
|
|
type BlobStore interface {
|
|
BlobService
|
|
BlobServer
|
|
BlobDeleter
|
|
}
|