quay

package
v0.2023.21 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 22, 2023 License: Apache-2.0 Imports: 25 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var Initializer = serviceprovider.Initializer{
	Probe:       quayProbe{},
	Constructor: serviceprovider.ConstructorFunc(newQuay),
}

Functions

func DockerLogin added in v0.5.5 

func DockerLogin(ctx context.Context, cl *http.Client, repository string, username string, password string) (string, error)

DockerLogin performs docker login to quay using the provided username and password (that might be a robot account creds) and returns a JWT token that can be used as a bearer token in the subsequent requests to the docker API in quay. `repository` is in the form of `org/name`. If the provided credentials are invalid, an empty string is returned. An error is returned when the attempt to parse the login response fails or any other error during the login process.

Types

type EntityRecord added in v0.5.5 

type EntityRecord struct {
	// LastRefreshTime is used to determine whether this record should be refreshed or not
	LastRefreshTime int64
	// PossessedScopes is the list of scopes possessed by the token on a given entity
	PossessedScopes []Scope
}

EntityRecord stores the scopes possessed by some token for given "entity" (either repository or organization).

type LoginTokenInfo added in v0.5.5 

type LoginTokenInfo struct {
	Username     string
	Repositories map[string]LoginTokenRepositoryInfo
}

LoginTokenInfo is the output of the AnalyzeLoginToken function describing the information extracted from the JWT token obtained after a successful docker login from the DockerLogin function.

func AnalyzeLoginToken added in v0.5.5 

func AnalyzeLoginToken(token string) (LoginTokenInfo, error)

AnalyzeLoginToken analyzes the JWT token obtained from the DockerLogin function to figure out the capabilities of token obtained for some repository.

type LoginTokenRepositoryInfo added in v0.5.5 

type LoginTokenRepositoryInfo struct {
	Pushable bool
	Pullable bool
}

LoginTokenRepositoryInfo represents the capabilities mentioned in the JWT docker login token for a certain repository.

type Quay 

type Quay struct {
	Configuration *opconfig.OperatorConfiguration

	BaseUrl         string
	OAuthCapability serviceprovider.OAuthCapability
	// contains filtered or unexported fields
}

func (*Quay) CheckRepositoryAccess added in v0.5.1 

func (q *Quay) CheckRepositoryAccess(ctx context.Context, cl client.Client, accessCheck *api.SPIAccessCheck) (*api.SPIAccessCheckStatus, error)

func (*Quay) GetBaseUrl 

func (q *Quay) GetBaseUrl() string

func (*Quay) GetDownloadFileCapability added in v0.8.3 

func (q *Quay) GetDownloadFileCapability() serviceprovider.DownloadFileCapability

func (*Quay) GetOAuthCapability added in v0.2023.21 

func (q *Quay) GetOAuthCapability() serviceprovider.OAuthCapability

func (*Quay) GetRefreshTokenCapability added in v0.2023.21 

func (q *Quay) GetRefreshTokenCapability() serviceprovider.RefreshTokenCapability

func (*Quay) GetType 

func (q *Quay) GetType() config.ServiceProviderType

func (*Quay) LookupTokens added in v0.2023.21 

func (q *Quay) LookupTokens(ctx context.Context, cl client.Client, binding *api.SPIAccessTokenBinding) ([]api.SPIAccessToken, error)

func (*Quay) MapToken added in v0.5.5 

func (q *Quay) MapToken(ctx context.Context, binding *api.SPIAccessTokenBinding, token *api.SPIAccessToken, tokenData *api.Token) (serviceprovider.AccessTokenMapper, error)

func (*Quay) PersistMetadata 

func (q *Quay) PersistMetadata(ctx context.Context, _ client.Client, token *api.SPIAccessToken) error

func (*Quay) Validate added in v0.5.5 

func (q *Quay) Validate(ctx context.Context, validated serviceprovider.Validated) (serviceprovider.ValidationResult, error)

type RepositoryMetadata added in v0.5.5 

type RepositoryMetadata struct {
	Repository   EntityRecord
	Organization EntityRecord
}

RepositoryMetadata is the return value of the FetchRepo method. It represents the scopes that are granted for some token on a given repository and organization it belongs to.

type Scope added in v0.4.3 

type Scope string

Scope represents a Quay OAuth scope 

const (
	OAuthTokenUserName       = "$oauthtoken"
	ScopeRepoRead      Scope = "repo:read"
	ScopeRepoWrite     Scope = "repo:write"
	ScopeRepoAdmin     Scope = "repo:admin"
	ScopeRepoCreate    Scope = "repo:create"
	ScopeUserRead      Scope = "user:read"
	ScopeUserAdmin     Scope = "user:admin"
	ScopeOrgAdmin      Scope = "org:admin"
	// These are not real scopes in Quay, but we represent the permissions of the robot tokens with them
	ScopePush Scope = "push"
	ScopePull Scope = "pull"
)

func (Scope) Implies added in v0.5.5 

func (s Scope) Implies(other Scope) bool

Implies returns true if the scope implies the other scope. A scope implies itself.

func (Scope) IsIncluded added in v0.5.5 

func (s Scope) IsIncluded(scopes []Scope) bool

IsIncluded determines if a scope is included (either directly or through implication) in the provided list of scopes.

type TokenState added in v0.4.3 

type TokenState struct {
	Repositories  map[string]EntityRecord
	Organizations map[string]EntityRecord
}

TokenState represents the all the known scopes for all repositories for some token. This is persisted in the status of the SPIAccessToken object.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.