Add ability for specific geographic regions to be blocked from pulling images within a namespace

2018-12-05 15:19:37 -05:00 · 2018-12-05 15:19:37 -05:00 · c3710a6a5e
commit c3710a6a5e
parent c71a43a06c
20 changed files with 257 additions and 37 deletions
--- a/test/registry/fixtures.py
+++ b/test/registry/fixtures.py
@ -15,7 +15,7 @@ from flask_principal import Identity
 from app import storage
 from data.database import (close_db_filter, configure, DerivedStorageForImage, QueueItem, Image,
                           TagManifest, TagManifestToManifest, Manifest, ManifestLegacyImage,
-                           ManifestBlob)
+                           ManifestBlob, NamespaceGeoRestriction, User)
 from data import model
 from data.registry_model import registry_model
 from endpoints.csrf import generate_csrf_token
@ -116,6 +116,13 @@ def registry_server_executor(app):
    TagManifest.delete().execute()
    return 'OK'

+  def set_geo_block_for_namespace(namespace_name, iso_country_code):
+    NamespaceGeoRestriction.create(namespace=User.get(username=namespace_name),
+                                   description='',
+                                   unstructured_json={},
+                                   restricted_region_iso_code=iso_country_code)
+    return 'OK'
+
  executor = LiveServerExecutor()
  executor.register('generate_csrf', generate_csrf)
  executor.register('set_supports_direct_download', set_supports_direct_download)
@ -130,6 +137,7 @@ def registry_server_executor(app):
  executor.register('create_app_repository', create_app_repository)
  executor.register('disable_namespace', disable_namespace)
  executor.register('delete_manifests', delete_manifests)
+  executor.register('set_geo_block_for_namespace', set_geo_block_for_namespace)
  return executor