Add tufmetadata endpoint
This commit is contained in:
Evan Cordell
parent
1bfca871ec
commit
9515f18fb6
9 changed files with 282 additions and 1 deletions
34
endpoints/api/signing.py
Normal file
34
endpoints/api/signing.py
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
""" List and manage repository vulnerabilities and other security information. """
|
||||
|
||||
import logging
|
||||
import features
|
||||
|
||||
from app import tuf_metadata_api
|
||||
from endpoints.api import (require_repo_read, path_param,
|
||||
RepositoryParamResource, resource, nickname, show_if,
|
||||
disallow_for_app_repositories)
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
|
||||
def _default_signed_tags_for_repository(namespace, repository):
|
||||
""" Fetches the tags in the targets/releases delegation, which is the one the docker client will trust. """
|
||||
tag_data, _ = tuf_metadata_api.get_default_tags(namespace, repository)
|
||||
return {
|
||||
'tags': tag_data.keys()
|
||||
}
|
||||
|
||||
|
||||
@show_if(features.SIGNING)
|
||||
@resource('/v1/repository/<apirepopath:repository>/signatures')
|
||||
@path_param('repository', 'The full path of the repository. e.g. namespace/name')
|
||||
class RepositorySignatures(RepositoryParamResource):
|
||||
""" Operations for managing the signatures in a repository image. """
|
||||
|
||||
@require_repo_read
|
||||
@nickname('getRepoSignatures')
|
||||
@disallow_for_app_repositories
|
||||
def get(self, namespace, repository):
|
||||
""" Fetches the list of signed tags for the repository"""
|
||||
return _default_signed_tags_for_repository(namespace, repository)
|
||||
|
||||
|
|
@ -10,6 +10,7 @@ from endpoints.api.repositorynotification import (RepositoryNotification,
|
|||
RepositoryNotificationList,
|
||||
TestRepositoryNotification)
|
||||
from endpoints.api.secscan import RepositoryImageSecurity, RepositoryManifestSecurity
|
||||
from endpoints.api.signing import RepositorySignatures
|
||||
from endpoints.api.tag import ListRepositoryTags, RepositoryTag, RepositoryTagImages, RestoreTag
|
||||
from endpoints.api.trigger import (BuildTriggerList, BuildTrigger, BuildTriggerSubdirs,
|
||||
BuildTriggerActivate, BuildTriggerAnalyze, ActivateBuildTrigger,
|
||||
|
|
@ -48,6 +49,7 @@ FIELD_ARGS = {'trigger_uuid': '1234', 'field_name': 'foobar'}
|
|||
(TestRepositoryNotification, 'post', NOTIFICATION_ARGS),
|
||||
(RepositoryImageSecurity, 'get', IMAGE_ARGS),
|
||||
(RepositoryManifestSecurity, 'get', MANIFEST_ARGS),
|
||||
(RepositorySignatures, 'get', None),
|
||||
(ListRepositoryTags, 'get', None),
|
||||
(RepositoryTag, 'put', TAG_ARGS),
|
||||
(RepositoryTag, 'delete', TAG_ARGS),
|
||||
|
|
|
|||
Reference in a new issue