quay/endpoints/v1/tag.py

import logging
import json

from flask import abort, request, jsonify, make_response, session

from util.names import TAG_ERROR, TAG_REGEX
from auth.auth import process_auth
from auth.permissions import (ReadRepositoryPermission,
                              ModifyRepositoryPermission)
from data import model
from endpoints.common import parse_repository_name
from endpoints.decorators import anon_protect
from endpoints.v1 import v1_bp
from endpoints.trackhelper import track_and_log


logger = logging.getLogger(__name__)


@v1_bp.route('/repositories/<repopath:repository>/tags', methods=['GET'])
@process_auth
@anon_protect
@parse_repository_name()
def get_tags(namespace_name, repo_name):
  permission = ReadRepositoryPermission(namespace_name, repo_name)

  if permission.can() or model.repository.repository_is_public(namespace_name, repo_name):
    tags = model.tag.list_repository_tags(namespace_name, repo_name)
    tag_map = {tag.name: tag.image.docker_image_id for tag in tags}
    return jsonify(tag_map)

  abort(403)


@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['GET'])
@process_auth
@anon_protect
@parse_repository_name()
def get_tag(namespace_name, repo_name, tag):
  permission = ReadRepositoryPermission(namespace_name, repo_name)

  if permission.can() or model.repository.repository_is_public(namespace_name, repo_name):
    try:
      tag_image = model.tag.get_tag_image(namespace_name, repo_name, tag)
    except model.DataModelException:
      abort(404)

    resp = make_response('"%s"' % tag_image.docker_image_id)
    resp.headers['Content-Type'] = 'application/json'
    return resp

  abort(403)


@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['PUT'])
@process_auth
@anon_protect
@parse_repository_name()
def put_tag(namespace_name, repo_name, tag):
  permission = ModifyRepositoryPermission(namespace_name, repo_name)

  if permission.can():
    if not TAG_REGEX.match(tag):
      abort(400, TAG_ERROR)

    docker_image_id = json.loads(request.data)
    model.tag.create_or_update_tag(namespace_name, repo_name, tag, docker_image_id)

    # Store the updated tag.
    if 'pushed_tags' not in session:
      session['pushed_tags'] = {}

    session['pushed_tags'][tag] = docker_image_id

    return make_response('Created', 200)

  abort(403)


@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['DELETE'])
@process_auth
@anon_protect
@parse_repository_name()
def delete_tag(namespace_name, repo_name, tag):
  permission = ModifyRepositoryPermission(namespace_name, repo_name)

  if permission.can():
    model.tag.delete_tag(namespace_name, repo_name, tag)
    track_and_log('delete_tag', model.repository.get_repository(namespace_name, repo_name),
                  tag=tag)
    return make_response('Deleted', 200)

  abort(403)
Add the registry code. 2013-09-25 21:50:03 +00:00			`import logging`
Update to support running on elasticbeanstalk. 2013-09-30 20:14:48 +00:00			`import json`
Add the registry code. 2013-09-25 21:50:03 +00:00
Accidental refactor, split out legacy.py into separate sumodules and update all call sites. 2015-07-15 21:25:41 +00:00			`from flask import abort, request, jsonify, make_response, session`
Add the registry code. 2013-09-25 21:50:03 +00:00
Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. This support is placed behind a feature flag. 2016-01-21 20:40:51 +00:00			`from util.names import TAG_ERROR, TAG_REGEX`
Add the registry code. 2013-09-25 21:50:03 +00:00			`from auth.auth import process_auth`
			`from auth.permissions import (ReadRepositoryPermission,`
			`ModifyRepositoryPermission)`
			`from data import model`
Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. This support is placed behind a feature flag. 2016-01-21 20:40:51 +00:00			`from endpoints.common import parse_repository_name`
Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 21:52:44 +00:00			`from endpoints.decorators import anon_protect`
Start of a v2 API. 2015-06-22 21:37:13 +00:00			`from endpoints.v1 import v1_bp`
Change manifest delete to mark tag as dead and log 2015-12-10 20:15:24 +00:00			`from endpoints.trackhelper import track_and_log`
Add the registry code. 2013-09-25 21:50:03 +00:00

			`logger = logging.getLogger(__name__)`


Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. This support is placed behind a feature flag. 2016-01-21 20:40:51 +00:00			`@v1_bp.route('/repositories/<repopath:repository>/tags', methods=['GET'])`
Add the registry code. 2013-09-25 21:50:03 +00:00			`@process_auth`
Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 21:52:44 +00:00			`@anon_protect`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`@parse_repository_name()`
			`def get_tags(namespace_name, repo_name):`
			`permission = ReadRepositoryPermission(namespace_name, repo_name)`
Add the registry code. 2013-09-25 21:50:03 +00:00
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`if permission.can() or model.repository.repository_is_public(namespace_name, repo_name):`
			`tags = model.tag.list_repository_tags(namespace_name, repo_name)`
Missed some Image.image_id instances. 2013-10-01 21:23:44 +00:00			`tag_map = {tag.name: tag.image.docker_image_id for tag in tags}`
Add the registry code. 2013-09-25 21:50:03 +00:00			`return jsonify(tag_map)`

			`abort(403)`


Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. This support is placed behind a feature flag. 2016-01-21 20:40:51 +00:00			`@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['GET'])`
Add the registry code. 2013-09-25 21:50:03 +00:00			`@process_auth`
Add a feature flag for disabling unauthenticated access to the registry in its entirety. 2015-05-19 21:52:44 +00:00			`@anon_protect`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`@parse_repository_name()`
			`def get_tag(namespace_name, repo_name, tag):`
			`permission = ReadRepositoryPermission(namespace_name, repo_name)`
Add the registry code. 2013-09-25 21:50:03 +00:00
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`if permission.can() or model.repository.repository_is_public(namespace_name, repo_name):`
New tests and small fixes while comparing against the V2 spec Fixes #391 2015-09-29 19:02:03 +00:00			`try:`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`tag_image = model.tag.get_tag_image(namespace_name, repo_name, tag)`
New tests and small fixes while comparing against the V2 spec Fixes #391 2015-09-29 19:02:03 +00:00			`except model.DataModelException:`
			`abort(404)`

Fix the curl usage to get a single tag. 2013-11-12 01:00:01 +00:00			`resp = make_response('"%s"' % tag_image.docker_image_id)`
			`resp.headers['Content-Type'] = 'application/json'`
			`return resp`
Add the registry code. 2013-09-25 21:50:03 +00:00
			`abort(403)`


Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. This support is placed behind a feature flag. 2016-01-21 20:40:51 +00:00			`@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['PUT'])`
Add the registry code. 2013-09-25 21:50:03 +00:00			`@process_auth`
Add a test to verify that all important blueprints have all their methods decorated This ensures that we don't accidentally add a blueprint method without either explicitly blacklisting or whitelisting anonymous access 2015-06-02 19:56:44 +00:00			`@anon_protect`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`@parse_repository_name()`
			`def put_tag(namespace_name, repo_name, tag):`
			`permission = ModifyRepositoryPermission(namespace_name, repo_name)`
Add the registry code. 2013-09-25 21:50:03 +00:00
			`if permission.can():`
Update tag validation Fixes #536 2015-10-05 20:36:33 +00:00			`if not TAG_REGEX.match(tag):`
			`abort(400, TAG_ERROR)`

Missed some Image.image_id instances. 2013-10-01 21:23:44 +00:00			`docker_image_id = json.loads(request.data)`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`model.tag.create_or_update_tag(namespace_name, repo_name, tag, docker_image_id)`
Add the registry code. 2013-09-25 21:50:03 +00:00
Fix the updated_tags information by storing it in the session 2014-10-22 18:14:56 +00:00			`# Store the updated tag.`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`if 'pushed_tags' not in session:`
Fix the updated_tags information by storing it in the session 2014-10-22 18:14:56 +00:00			`session['pushed_tags'] = {}`

			`session['pushed_tags'][tag] = docker_image_id`

Add the registry code. 2013-09-25 21:50:03 +00:00			`return make_response('Created', 200)`

			`abort(403)`


Fix Docker Auth and our V2 registry paths to support library (i.e. namespace-less) repositories. This support is placed behind a feature flag. 2016-01-21 20:40:51 +00:00			`@v1_bp.route('/repositories/<repopath:repository>/tags/<tag>', methods=['DELETE'])`
Add the registry code. 2013-09-25 21:50:03 +00:00			`@process_auth`
Add a test to verify that all important blueprints have all their methods decorated This ensures that we don't accidentally add a blueprint method without either explicitly blacklisting or whitelisting anonymous access 2015-06-02 19:56:44 +00:00			`@anon_protect`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`@parse_repository_name()`
			`def delete_tag(namespace_name, repo_name, tag):`
			`permission = ModifyRepositoryPermission(namespace_name, repo_name)`
Add the registry code. 2013-09-25 21:50:03 +00:00
			`if permission.can():`
use kwargs for parse_repository_name 2016-03-09 21:20:28 +00:00			`model.tag.delete_tag(namespace_name, repo_name, tag)`
			`track_and_log('delete_tag', model.repository.get_repository(namespace_name, repo_name),`
Change manifest delete to mark tag as dead and log 2015-12-10 20:15:24 +00:00			`tag=tag)`
Switch the delete tag response code to match the registry spect. 2014-02-06 22:33:50 +00:00			`return make_response('Deleted', 200)`
Add the registry code. 2013-09-25 21:50:03 +00:00
			`abort(403)`