Change V1 to use the manifest builder and new registry data model

2018-09-24 18:57:27 -04:00 · 2018-09-24 18:57:27 -04:00 · 4520f9e842
commit 4520f9e842
parent 65d5be23c7
12 changed files with 291 additions and 689 deletions
--- a/endpoints/v1/tag.py
+++ b/endpoints/v1/tag.py
@ -5,10 +5,10 @@ from flask import abort, request, jsonify, make_response, session

 from auth.decorators import process_auth
 from auth.permissions import (ReadRepositoryPermission, ModifyRepositoryPermission)
-from data import model
+from data.registry_model import registry_model
+from data.registry_model.manifestbuilder import lookup_manifest_builder
 from endpoints.decorators import anon_protect, parse_repository_name
 from endpoints.v1 import v1_bp
-from endpoints.v1.models_pre_oci import pre_oci_model as model
 from util.audit import track_and_log
 from util.names import TAG_ERROR, TAG_REGEX

@ -21,15 +21,13 @@ logger = logging.getLogger(__name__)
@parse_repository_name()
 def get_tags(namespace_name, repo_name):
  permission = ReadRepositoryPermission(namespace_name, repo_name)
+  repository_ref = registry_model.lookup_repository(namespace_name, repo_name, kind_filter='image')
+  if permission.can() or (repository_ref is not None and repository_ref.is_public):
+    if repository_ref is None:
+      abort(404)

-  if permission.can() or model.repository_is_public(namespace_name, repo_name):
-    repo = model.get_repository(namespace_name, repo_name)
-    if repo.kind != 'image':
-      msg = 'This repository is for managing %s resources and not container images.' % repo.kind
-      abort(405, message=msg, namespace=namespace_name)
-
-    tags = model.list_tags(namespace_name, repo_name)
-    tag_map = {tag.name: tag.image.docker_image_id for tag in tags}
+    tags = registry_model.list_repository_tags(repository_ref, include_legacy_images=True)
+    tag_map = {tag.name: tag.legacy_image.docker_image_id for tag in tags}
    return jsonify(tag_map)

  abort(403)
@ -41,18 +39,16 @@ def get_tags(namespace_name, repo_name):
@parse_repository_name()
 def get_tag(namespace_name, repo_name, tag):
  permission = ReadRepositoryPermission(namespace_name, repo_name)
-
-  if permission.can() or model.repository_is_public(namespace_name, repo_name):
-    repo = model.get_repository(namespace_name, repo_name)
-    if repo.kind != 'image':
-      msg = 'This repository is for managing %s resources and not container images.' % repo.kind
-      abort(405, message=msg, namespace=namespace_name)
-
-    image_id = model.find_image_id_by_tag(namespace_name, repo_name, tag)
-    if image_id is None:
+  repository_ref = registry_model.lookup_repository(namespace_name, repo_name, kind_filter='image')
+  if permission.can() or (repository_ref is not None and repository_ref.is_public):
+    if repository_ref is None:
      abort(404)

-    resp = make_response('"%s"' % image_id)
+    tag = registry_model.get_repo_tag(repository_ref, tag, include_legacy_image=True)
+    if tag is None:
+      abort(404)
+
+    resp = make_response('"%s"' % tag.legacy_image.docker_image_id)
    resp.headers['Content-Type'] = 'application/json'
    return resp

@ -65,24 +61,33 @@ def get_tag(namespace_name, repo_name, tag):
@parse_repository_name()
 def put_tag(namespace_name, repo_name, tag):
  permission = ModifyRepositoryPermission(namespace_name, repo_name)
+  repository_ref = registry_model.lookup_repository(namespace_name, repo_name, kind_filter='image')

-  if permission.can():
+  if permission.can() and repository_ref is not None:
    if not TAG_REGEX.match(tag):
      abort(400, TAG_ERROR)

-    repo = model.get_repository(namespace_name, repo_name)
-    if repo.kind != 'image':
-      msg = 'This repository is for managing %s resources and not container images.' % repo.kind
-      abort(405, message=msg, namespace=namespace_name)
-
    image_id = json.loads(request.data)
-    model.create_or_update_tag(namespace_name, repo_name, image_id, tag)

-    # Store the updated tag.
-    if 'pushed_tags' not in session:
-      session['pushed_tags'] = {}
+    # Check for the image ID first in a builder (for an in-progress push).
+    builder = lookup_manifest_builder(repository_ref, session.get('manifest_builder'))
+    if builder is not None:
+      layer = builder.lookup_layer(image_id)
+      if layer is not None:
+        commited_tag = builder.commit_tag_and_manifest(tag, layer)
+        if commited_tag is None:
+          abort(400)

-    session['pushed_tags'][tag] = image_id
+        return make_response('Created', 200)
+
+    # Check if there is an existing image we should use (for PUT calls outside of a normal push
+    # operation).
+    legacy_image = registry_model.get_legacy_image(repository_ref, image_id)
+    if legacy_image is None:
+      abort(400)
+
+    if registry_model.retarget_tag(repository_ref, tag, legacy_image) is None:
+      abort(400)

    return make_response('Created', 200)

@ -95,18 +100,13 @@ def put_tag(namespace_name, repo_name, tag):
@parse_repository_name()
 def delete_tag(namespace_name, repo_name, tag):
  permission = ModifyRepositoryPermission(namespace_name, repo_name)
+  repository_ref = registry_model.lookup_repository(namespace_name, repo_name, kind_filter='image')

-  if permission.can():
-    repo = model.get_repository(namespace_name, repo_name)
-    if repo is None:
-      abort(403)
+  if permission.can() and repository_ref is not None:
+    if not registry_model.delete_tag(repository_ref, tag):
+      abort(404)

-    if repo.kind != 'image':
-      msg = 'This repository is for managing %s resources and not container images.' % repo.kind
-      abort(405, message=msg, namespace=namespace_name)
-
-    model.delete_tag(namespace_name, repo_name, tag)
-    track_and_log('delete_tag', model.get_repository(namespace_name, repo_name), tag=tag)
+    track_and_log('delete_tag', repository_ref, tag=tag)
    return make_response('Deleted', 200)

  abort(403)