endpoints.v1: only work on docker repositories
This commit is contained in:
Jimmy Zelinskie
parent
f086eea754
commit
a2bac7dabd
5 changed files with 73 additions and 2 deletions
|
|
@ -10,7 +10,7 @@ from util.morecollections import AttrDict
|
||||||
|
|
||||||
|
|
||||||
class Repository(namedtuple('Repository', ['id', 'name', 'namespace_name', 'description',
|
class Repository(namedtuple('Repository', ['id', 'name', 'namespace_name', 'description',
|
||||||
'is_public'])):
|
'is_public', 'kind'])):
|
||||||
"""
|
"""
|
||||||
Repository represents a namespaced collection of tags.
|
Repository represents a namespaced collection of tags.
|
||||||
"""
|
"""
|
||||||
|
|
@ -396,7 +396,8 @@ def _repository_for_repo(repo):
|
||||||
name=repo.name,
|
name=repo.name,
|
||||||
namespace_name=repo.namespace_user.username,
|
namespace_name=repo.namespace_user.username,
|
||||||
description=repo.description,
|
description=repo.description,
|
||||||
is_public=model.repository.is_repository_public(repo)
|
is_public=model.repository.is_repository_public(repo),
|
||||||
|
kind=model.repository.get_repo_kind_name(repo),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -18,6 +18,11 @@ from util.itertoolrecipes import take
|
||||||
|
|
||||||
logger = logging.getLogger(__name__)
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
|
def get_repo_kind_name(repo):
|
||||||
|
return Repository.kind.get_name(repo.kind)
|
||||||
|
|
||||||
|
|
||||||
def get_repository_count():
|
def get_repository_count():
|
||||||
return Repository.select().count()
|
return Repository.select().count()
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -182,6 +182,10 @@ def create_repository(namespace_name, repo_name):
|
||||||
message='You do not have permission to modify repository %(namespace)s/%(repository)s',
|
message='You do not have permission to modify repository %(namespace)s/%(repository)s',
|
||||||
issue='no-repo-write-permission',
|
issue='no-repo-write-permission',
|
||||||
namespace=namespace_name, repository=repo_name)
|
namespace=namespace_name, repository=repo_name)
|
||||||
|
elif repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
else:
|
else:
|
||||||
create_perm = CreateRepositoryPermission(namespace_name)
|
create_perm = CreateRepositoryPermission(namespace_name)
|
||||||
if not create_perm.can():
|
if not create_perm.can():
|
||||||
|
|
@ -223,6 +227,9 @@ def update_images(namespace_name, repo_name):
|
||||||
if not repo:
|
if not repo:
|
||||||
# Make sure the repo actually exists.
|
# Make sure the repo actually exists.
|
||||||
abort(404, message='Unknown repository', issue='unknown-repo')
|
abort(404, message='Unknown repository', issue='unknown-repo')
|
||||||
|
elif repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
# Generate a job for each notification that has been added to this repo
|
# Generate a job for each notification that has been added to this repo
|
||||||
logger.debug('Adding notifications for repository')
|
logger.debug('Adding notifications for repository')
|
||||||
|
|
@ -255,6 +262,9 @@ def get_repository_images(namespace_name, repo_name):
|
||||||
repo = model.get_repository(namespace_name, repo_name)
|
repo = model.get_repository(namespace_name, repo_name)
|
||||||
if not repo:
|
if not repo:
|
||||||
abort(404, message='Unknown repository', issue='unknown-repo')
|
abort(404, message='Unknown repository', issue='unknown-repo')
|
||||||
|
elif repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
logger.debug('Building repository image response')
|
logger.debug('Building repository image response')
|
||||||
resp = make_response(json.dumps([]), 200)
|
resp = make_response(json.dumps([]), 200)
|
||||||
|
|
|
||||||
|
|
@ -83,6 +83,11 @@ def head_image_layer(namespace, repository, image_id, headers):
|
||||||
|
|
||||||
logger.debug('Checking repo permissions')
|
logger.debug('Checking repo permissions')
|
||||||
if permission.can() or model.repository_is_public(namespace, repository):
|
if permission.can() or model.repository_is_public(namespace, repository):
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
logger.debug('Looking up placement locations')
|
logger.debug('Looking up placement locations')
|
||||||
locations, _ = model.placement_locations_and_path_docker_v1(namespace, repository, image_id)
|
locations, _ = model.placement_locations_and_path_docker_v1(namespace, repository, image_id)
|
||||||
if locations is None:
|
if locations is None:
|
||||||
|
|
@ -116,6 +121,11 @@ def get_image_layer(namespace, repository, image_id, headers):
|
||||||
|
|
||||||
logger.debug('Checking repo permissions')
|
logger.debug('Checking repo permissions')
|
||||||
if permission.can() or model.repository_is_public(namespace, repository):
|
if permission.can() or model.repository_is_public(namespace, repository):
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
logger.debug('Looking up placement locations and path')
|
logger.debug('Looking up placement locations and path')
|
||||||
locations, path = model.placement_locations_and_path_docker_v1(namespace, repository, image_id)
|
locations, path = model.placement_locations_and_path_docker_v1(namespace, repository, image_id)
|
||||||
if not locations or not path:
|
if not locations or not path:
|
||||||
|
|
@ -151,6 +161,11 @@ def put_image_layer(namespace, repository, image_id):
|
||||||
if not permission.can():
|
if not permission.can():
|
||||||
abort(403)
|
abort(403)
|
||||||
|
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
logger.debug('Retrieving image')
|
logger.debug('Retrieving image')
|
||||||
if model.storage_exists(namespace, repository, image_id):
|
if model.storage_exists(namespace, repository, image_id):
|
||||||
exact_abort(409, 'Image already exists')
|
exact_abort(409, 'Image already exists')
|
||||||
|
|
@ -255,6 +270,11 @@ def put_image_checksum(namespace, repository, image_id):
|
||||||
if not permission.can():
|
if not permission.can():
|
||||||
abort(403)
|
abort(403)
|
||||||
|
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
# Docker Version < 0.10 (tarsum+sha):
|
# Docker Version < 0.10 (tarsum+sha):
|
||||||
old_checksum = request.headers.get('X-Docker-Checksum')
|
old_checksum = request.headers.get('X-Docker-Checksum')
|
||||||
|
|
||||||
|
|
@ -324,6 +344,11 @@ def get_image_json(namespace, repository, image_id, headers):
|
||||||
if not permission.can() and not model.repository_is_public(namespace, repository):
|
if not permission.can() and not model.repository_is_public(namespace, repository):
|
||||||
abort(403)
|
abort(403)
|
||||||
|
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
logger.debug('Looking up repo image')
|
logger.debug('Looking up repo image')
|
||||||
v1_metadata = model.docker_v1_metadata(namespace, repository, image_id)
|
v1_metadata = model.docker_v1_metadata(namespace, repository, image_id)
|
||||||
if v1_metadata is None:
|
if v1_metadata is None:
|
||||||
|
|
@ -353,6 +378,11 @@ def get_image_ancestry(namespace, repository, image_id, headers):
|
||||||
if not permission.can() and not model.repository_is_public(namespace, repository):
|
if not permission.can() and not model.repository_is_public(namespace, repository):
|
||||||
abort(403)
|
abort(403)
|
||||||
|
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
ancestry_docker_ids = model.image_ancestry(namespace, repository, image_id)
|
ancestry_docker_ids = model.image_ancestry(namespace, repository, image_id)
|
||||||
if ancestry_docker_ids is None:
|
if ancestry_docker_ids is None:
|
||||||
abort(404, 'Image %(image_id)s not found', issue='unknown-image', image_id=image_id)
|
abort(404, 'Image %(image_id)s not found', issue='unknown-image', image_id=image_id)
|
||||||
|
|
@ -373,6 +403,11 @@ def put_image_json(namespace, repository, image_id):
|
||||||
if not permission.can():
|
if not permission.can():
|
||||||
abort(403)
|
abort(403)
|
||||||
|
|
||||||
|
repo = model.get_repository(namespace, repository)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, image_id=image_id)
|
||||||
|
|
||||||
logger.debug('Parsing image JSON')
|
logger.debug('Parsing image JSON')
|
||||||
try:
|
try:
|
||||||
uploaded_metadata = request.data
|
uploaded_metadata = request.data
|
||||||
|
|
|
||||||
|
|
@ -27,6 +27,11 @@ def get_tags(namespace_name, repo_name):
|
||||||
permission = ReadRepositoryPermission(namespace_name, repo_name)
|
permission = ReadRepositoryPermission(namespace_name, repo_name)
|
||||||
|
|
||||||
if permission.can() or model.repository_is_public(namespace_name, repo_name):
|
if permission.can() or model.repository_is_public(namespace_name, repo_name):
|
||||||
|
repo = model.get_repository(namespace_name, repo_name)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
tags = model.list_tags(namespace_name, repo_name)
|
tags = model.list_tags(namespace_name, repo_name)
|
||||||
tag_map = {tag.name: tag.image.docker_image_id for tag in tags}
|
tag_map = {tag.name: tag.image.docker_image_id for tag in tags}
|
||||||
return jsonify(tag_map)
|
return jsonify(tag_map)
|
||||||
|
|
@ -42,6 +47,11 @@ def get_tag(namespace_name, repo_name, tag):
|
||||||
permission = ReadRepositoryPermission(namespace_name, repo_name)
|
permission = ReadRepositoryPermission(namespace_name, repo_name)
|
||||||
|
|
||||||
if permission.can() or model.repository_is_public(namespace_name, repo_name):
|
if permission.can() or model.repository_is_public(namespace_name, repo_name):
|
||||||
|
repo = model.get_repository(namespace_name, repo_name)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
image_id = model.find_image_id_by_tag(namespace_name, repo_name, tag)
|
image_id = model.find_image_id_by_tag(namespace_name, repo_name, tag)
|
||||||
if image_id is None:
|
if image_id is None:
|
||||||
abort(404)
|
abort(404)
|
||||||
|
|
@ -64,6 +74,11 @@ def put_tag(namespace_name, repo_name, tag):
|
||||||
if not TAG_REGEX.match(tag):
|
if not TAG_REGEX.match(tag):
|
||||||
abort(400, TAG_ERROR)
|
abort(400, TAG_ERROR)
|
||||||
|
|
||||||
|
repo = model.get_repository(namespace_name, repo_name)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
image_id = json.loads(request.data)
|
image_id = json.loads(request.data)
|
||||||
model.create_or_update_tag(namespace_name, repo_name, image_id, tag)
|
model.create_or_update_tag(namespace_name, repo_name, image_id, tag)
|
||||||
|
|
||||||
|
|
@ -86,6 +101,11 @@ def delete_tag(namespace_name, repo_name, tag):
|
||||||
permission = ModifyRepositoryPermission(namespace_name, repo_name)
|
permission = ModifyRepositoryPermission(namespace_name, repo_name)
|
||||||
|
|
||||||
if permission.can():
|
if permission.can():
|
||||||
|
repo = model.get_repository(namespace_name, repo_name)
|
||||||
|
if repo.kind != 'image':
|
||||||
|
msg = 'This repository is for a managing resource type other than docker images.'
|
||||||
|
abort(415, message=msg, namespace=namespace_name)
|
||||||
|
|
||||||
model.delete_tag(namespace_name, repo_name, tag)
|
model.delete_tag(namespace_name, repo_name, tag)
|
||||||
track_and_log('delete_tag', model.get_repository(namespace_name, repo_name), tag=tag)
|
track_and_log('delete_tag', model.get_repository(namespace_name, repo_name), tag=tag)
|
||||||
return make_response('Deleted', 200)
|
return make_response('Deleted', 200)
|
||||||
|
|
|
||||||
Reference in a new issue