3d2fd1b538
1. add new registry api under resources.kubesphere.io/v1alpha3 2. deprecate registry api v1alpha2 Registry API v1alpha2 uses docker client to authenticate image registry secret, which depends on docker.sock. We used to mount host `/var/run/docker.sock` to deployment. It will prevent us imgrating to containerd since no `docker.sock` exists. Registry API v1alpha3 comes to rescure, it wraps library go-containerregistry and compatible with docker registry, Harbor etc.
84 lines
2.0 KiB
Go
84 lines
2.0 KiB
Go
package v2
|
|
|
|
import (
|
|
"context"
|
|
"net/http"
|
|
|
|
"github.com/google/go-containerregistry/pkg/authn"
|
|
"github.com/google/go-containerregistry/pkg/name"
|
|
v1 "github.com/google/go-containerregistry/pkg/v1"
|
|
"github.com/google/go-containerregistry/pkg/v1/remote"
|
|
)
|
|
|
|
const (
|
|
// DefaultRegistry is the registry name that will be used if no registry
|
|
// provided and the default is not overridden.
|
|
DefaultRegistry = "index.docker.io"
|
|
defaultRegistryAlias = "docker.io"
|
|
|
|
// DefaultTag is the tag name that will be used if no tag provided and the
|
|
// default is not overridden.
|
|
DefaultTag = "latest"
|
|
)
|
|
|
|
type options struct {
|
|
name []name.Option
|
|
remote []remote.Option
|
|
platform *v1.Platform
|
|
}
|
|
|
|
func makeOptions(opts ...Option) options {
|
|
opt := options{
|
|
remote: []remote.Option{
|
|
remote.WithAuth(authn.Anonymous),
|
|
},
|
|
}
|
|
for _, o := range opts {
|
|
o(&opt)
|
|
}
|
|
return opt
|
|
}
|
|
|
|
// Option is a functional option
|
|
type Option func(*options)
|
|
|
|
// WithTransport is a functional option for overriding the default transport
|
|
// for remote operations.
|
|
func WithTransport(t http.RoundTripper) Option {
|
|
return func(o *options) {
|
|
o.remote = append(o.remote, remote.WithTransport(t))
|
|
}
|
|
}
|
|
|
|
// Insecure is an Option that allows image references to be fetched without TLS.
|
|
func Insecure(o *options) {
|
|
o.name = append(o.name, name.Insecure)
|
|
}
|
|
|
|
// WithAuth is a functional option for overriding the default authenticator
|
|
// for remote operations.
|
|
//
|
|
func WithAuth(auth authn.Authenticator) Option {
|
|
return func(o *options) {
|
|
// Replace the default keychain at position 0.
|
|
o.remote[0] = remote.WithAuth(auth)
|
|
}
|
|
}
|
|
|
|
// WithContext is a functional option for setting the context.
|
|
func WithContext(ctx context.Context) Option {
|
|
return func(o *options) {
|
|
o.remote = append(o.remote, remote.WithContext(ctx))
|
|
}
|
|
}
|
|
|
|
// WithPlatform is an Option to specify the platform.
|
|
func WithPlatform(platform *v1.Platform) Option {
|
|
return func(o *options) {
|
|
if platform != nil {
|
|
o.remote = append(o.remote, remote.WithPlatform(*platform))
|
|
}
|
|
o.platform = platform
|
|
}
|
|
}
|