package registrytest

import "cuelang.org/go/internal/registrytest"

Index ¶

• func Upload(ctx context.Context, r ociregistry.Interface, fsys fs.FS) error
• type ACL
• type AuthConfig
• type Registry
• func New(fsys fs.FS, prefix string) (*Registry, error)
• func NewServer(r ociregistry.Interface, auth *AuthConfig) (*Registry, error)
• func (r *Registry) Close()
• func (r *Registry) Host() string

Functions ¶

func Upload ¶

func Upload(ctx context.Context, r ociregistry.Interface, fsys fs.FS) error

Upload uploads the modules found inside fsys (stored in the format described by New) to the given registry.

Types ¶

type ACL ¶

type ACL struct {
	// Allow holds the list of allowed paths for a user.
	// If none match, the user is forbidden.
	Allow []string
	// Deny holds the list of denied paths for a user.
	// If any match, the user is forbidden.
	Deny []string
}

ACL determines what endpoints an authenticated user can accesse Both Allow and Deny hold a list of regular expressions that are matched against an HTTP request formatted as a string:

METHOD URL_PATH

For example:

GET /v2/foo/bar

type AuthConfig ¶

type AuthConfig struct {
	// Username and Password hold the basic auth credentials.
	// If UseTokenServer is true, these apply to the token server
	// rather than to the registry itself.
	Username string `json:"username"`
	Password string `json:"password"`

	// BearerToken holds a bearer token to use as auth.
	// If UseTokenServer is true, this applies to the token server
	// rather than to the registry itself.
	BearerToken string `json:"bearerToken"`

	// UseTokenServer starts a token server and directs client
	// requests to acquire auth tokens from that server.
	UseTokenServer bool `json:"useTokenServer"`

	// ACL holds the ACL for an authenticated client.
	// If it's nil, the user is allowed full access.
	// Note: there's only one ACL because we only
	// support a single authenticated user.
	ACL *ACL `json:"acl,omitempty"`

	// Use401InsteadOf403 causes the server to send a 401
	// response even when the credentials are present and correct.
	Use401InsteadOf403 bool `json:"always401"`
}

AuthConfig specifies authorization requirements for the server.

type Registry ¶

type Registry struct {
	// contains filtered or unexported fields
}

func New ¶

func New(fsys fs.FS, prefix string) (*Registry, error)

New starts a registry instance that serves modules found inside fsys. It serves the OCI registry protocol. If prefix is non-empty, all module paths will be prefixed by that, separated by a slash (/).

Each module should be inside a directory named path_vers, where slashes in path have been replaced with underscores and should contain a cue.mod/module.cue file holding the module info.

If there's a file named auth.json in the root directory, it will cause access to the server to be gated by the specified authorization. See the AuthConfig type for details.

The Registry should be closed after use.

func NewServer ¶

func NewServer(r ociregistry.Interface, auth *AuthConfig) (*Registry, error)

NewServer is like New except that instead of uploading the contents of a filesystem, it just serves the contents of the given registry guarded by the given auth configuration. If auth is nil, no authentication will be required.

func (*Registry) Close ¶

func (r *Registry) Close()

func (*Registry) Host ¶

func (r *Registry) Host() string

Host returns the hostname for the registry server; for example localhost:13455.

The connection can be assumed to be insecure.

Source Files ¶

fileio.go registry.go