Documentation ¶
Index ¶
- type Image
- func (t *Image) AddEventHandler(handler cache.ResourceEventHandler)
- func (t *Image) Get(ctx context.Context, ns, name string) (*imgv1b1.Image, error)
- func (t *Image) NewImage(ctx context.Context, o NewImageOpts) (*imgv1b1.Image, error)
- func (t *Image) RecentlyFinishedImports(ctx context.Context, img *imgv1b1.Image) ([]imgv1b1.ImageImport, error)
- func (t *Image) Sync(ctx context.Context, img *imgv1b1.Image) error
- func (t *Image) Validate(ctx context.Context, img *imgv1b1.Image) error
- type ImageIO
- type ImageImport
- func (t *ImageImport) AddEventHandler(handler cache.ResourceEventHandler)
- func (t *ImageImport) Delete(ctx context.Context, ii *imgv1b1.ImageImport) error
- func (t *ImageImport) Get(ctx context.Context, ns, name string) (*imgv1b1.ImageImport, error)
- func (t *ImageImport) HashReferenceByImage(ctx context.Context, imgref types.ImageReference, ...) (types.ImageReference, *types.SystemContext, error)
- func (t *ImageImport) Import(ctx context.Context, ii *imgv1b1.ImageImport) (*imgv1b1.HashReference, error)
- func (t *ImageImport) NewImageFor(ctx context.Context, ii *imgv1b1.ImageImport) (*imgv1b1.Image, error)
- func (t *ImageImport) NewImport(ctx context.Context, o ImportOpts) (*imgv1b1.ImageImport, error)
- func (t *ImageImport) Sync(ctx context.Context, ii *imgv1b1.ImageImport) error
- func (t *ImageImport) Validate(ctx context.Context, imp *imgv1b1.ImageImport) error
- type ImportOpts
- type LocalRegistryHostingV1
- type MirrorRegistryConfig
- type NewImageOpts
- type SysContext
- func (s *SysContext) DefaultPolicyContext() (*signature.PolicyContext, error)
- func (s *SysContext) GetRegistryStore(ctx context.Context) (*imagestore.Registry, error)
- func (s *SysContext) MirrorConfig() (MirrorRegistryConfig, error)
- func (s *SysContext) MirrorRegistryAddresses() (string, string, error)
- func (s *SysContext) MirrorRegistryContext(ctx context.Context) *types.SystemContext
- func (s *SysContext) ParseMirrorRegistryConfig() (*LocalRegistryHostingV1, error)
- func (s *SysContext) ParseShipwrightMirrorRegistryConfig() (MirrorRegistryConfig, error)
- func (s *SysContext) RegistriesToSearch(ctx context.Context, domain string) ([]string, error)
- func (s *SysContext) SystemContextsFor(ctx context.Context, imgref types.ImageReference, namespace string, ...) ([]*types.SystemContext, error)
- func (s *SysContext) UnqualifiedRegistries(ctx context.Context) ([]string, error)
- type User
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type Image ¶
type Image struct {
// contains filtered or unexported fields
}
Image gather all actions related to image img objects.
func NewImage ¶
func NewImage( corinf informers.SharedInformerFactory, imgcli imgclient.Interface, imginf imginform.SharedInformerFactory, ) *Image
NewImage returns a handler for all image img related services. I have chosen to go with a lazy approach here, you can pass or omit (nil) any parameter, it is up to the caller to decide what is needed for each specific case.
func (*Image) AddEventHandler ¶
func (t *Image) AddEventHandler(handler cache.ResourceEventHandler)
AddEventHandler adds a handler to Image related events.
func (*Image) Get ¶
Get returns a Image object. Returned object is already a copy of the cached object and may be modified by caller as needed.
func (*Image) NewImage ¶
NewImage creates and saves a new Image object. Saves it to kubernetes api before returning.
func (*Image) RecentlyFinishedImports ¶
func (t *Image) RecentlyFinishedImports( ctx context.Context, img *imgv1b1.Image, ) ([]imgv1b1.ImageImport, error)
RecentlyFinishedImports return all processed ImageImport objects that refer to provided Image and have not being yet marked as already consumed. They are returned in a sorted (from oldest to newest) slice.
type ImageIO ¶
type ImageIO struct {
// contains filtered or unexported fields
}
ImageIO is an entity that gather operations related to Image images input and output. This entity allow users to pull images from or to push images to our mirror registry.
func NewImageIO ¶
func NewImageIO( corinf informers.SharedInformerFactory, imgcli imgclient.Interface, imginf imginform.SharedInformerFactory, ) *ImageIO
NewImageIO returns a new ImageIO object, capable of pulling and pushing Images from our configured mirror registry.
type ImageImport ¶
type ImageImport struct {
// contains filtered or unexported fields
}
ImageImport gather all actions related to image import objects.
func NewImageImport ¶
func NewImageImport( corinf informers.SharedInformerFactory, imgcli imgclient.Interface, imginf imginform.SharedInformerFactory, ) *ImageImport
NewImageImport returns a handler for all Image import related services. I have chosen to go with a lazy approach here, you can pass or omit (nil) any parameter, it is up to the caller to decide what is needed for each specific case. So far this is the best approach, I still plan to review this.
func (*ImageImport) AddEventHandler ¶
func (t *ImageImport) AddEventHandler(handler cache.ResourceEventHandler)
AddEventHandler adds a handler to Image related events.
func (*ImageImport) Delete ¶
func (t *ImageImport) Delete(ctx context.Context, ii *imgv1b1.ImageImport) error
Delete deletes an ImageImport according to some rules. In order to delete an import this import must be flagged as consumed for at least one hour. The exception made is if the import has a bogus or "unparseable" consume timestamp, then we log the fact and delete. We only return an error when we actually attempt to delete using k8s api, if the import is filtered out by any of the forementioned rules a nil is returned instead.
func (*ImageImport) Get ¶
func (t *ImageImport) Get(ctx context.Context, ns, name string) (*imgv1b1.ImageImport, error)
Get returns a ImageImport object. Returned object is already a copy of the cached object and may be modified by caller as needed.
func (*ImageImport) HashReferenceByImage ¶
func (t *ImageImport) HashReferenceByImage( ctx context.Context, imgref types.ImageReference, sysctxs []*types.SystemContext, ) (types.ImageReference, *types.SystemContext, error)
HashReferenceByImage attempts to obtain the hash for a given image on a remote registry. It receives an image reference pointing to an image by its tag (reg.io/repo/img:tag) and returns a image reference by hash (reg.io/repo/img@sha256:abc...). It runs through provided system contexts trying all of them. If no SystemContext is present it does one attempt without authentication. Returns the image reference and the SystemContext that worked or an error.
func (*ImageImport) Import ¶
func (t *ImageImport) Import( ctx context.Context, ii *imgv1b1.ImageImport, ) (*imgv1b1.HashReference, error)
Import runs an import on provided ImageImport. By Import here we mean to discover what is the current hash for a given image in a given tag. We look for the image in all configured unqualified registries using all authentications we can find for the registry in the ImageImport namespace. If the image is set to be mirrored we push the image to our mirror registry.
func (*ImageImport) NewImageFor ¶
func (t *ImageImport) NewImageFor( ctx context.Context, ii *imgv1b1.ImageImport, ) (*imgv1b1.Image, error)
NewImageFor creates a new Image object based on provided ImageImport. Embrace yourselves, from now on I declare WAR on this source code! XXX it may be a good idea to merge ImageImport and Image services into a single entity.
func (*ImageImport) NewImport ¶
func (t *ImageImport) NewImport(ctx context.Context, o ImportOpts) (*imgv1b1.ImageImport, error)
NewImport uses provided ImportOpts to create a new ImageImport object and send it to the cluster. Returns the created object or an error.
func (*ImageImport) Sync ¶
func (t *ImageImport) Sync(ctx context.Context, ii *imgv1b1.ImageImport) error
Sync manages image import change, assuring we have the image imported. Beware that we change ImageImport in place before updating it on api server, i.e. use DeepCopy() before passing the image import in.
func (*ImageImport) Validate ¶
func (t *ImageImport) Validate(ctx context.Context, imp *imgv1b1.ImageImport) error
Validate checks if provided ImageImport contain all mandatory fields. If ImageImport does contains an empty "spec.from" we attempt to load the targetImage.
type ImportOpts ¶
type ImportOpts struct { Namespace string TargetImage string From string Mirror *bool Insecure *bool }
ImportOpts holds the options necessary to call ImageImport.NewImport().
type LocalRegistryHostingV1 ¶
type LocalRegistryHostingV1 struct { // Host documents the host (hostname and port) of the registry, as seen from outside the // cluster. This is the registry host that tools outside the cluster should push images // to. Host string `yaml:"host,omitempty"` // HostFromClusterNetwork documents the host (hostname and port) of the registry, as seen // from networking inside the container pods. This is the registry host that tools running // on pods inside the cluster should push images to. If not set, then tools inside the // cluster should assume the local registry is not available to them. HostFromClusterNetwork string `yaml:"hostFromClusterNetwork,omitempty"` // HostFromContainerRuntime documents the host (hostname and port) of the registry, as // seen from the cluster's container runtime. When tools apply Kubernetes objects to the // cluster, this host should be used for image name fields. If not set, users of this // field should use the value of Host instead. Note that it doesn't make sense // semantically to define this field, but not define Host or HostFromClusterNetwork. That // would imply a way to pull images without a way to push images. HostFromContainerRuntime string `yaml:"hostFromContainerRuntime,omitempty"` // Help contains a URL pointing to documentation for users on how to set up and configure // a local registry. Tools can use this to nudge users to enable the registry. // When possible, the writer should use as permanent a URL as possible to prevent drift // (e.g., a version control SHA). When image pushes to a registry host specified in one of // the other fields fail, the tool should display this help URL to the user. The help URL // should contain instructions on how to diagnose broken or misconfigured registries. Help string `yaml:"help,omitempty"` }
LocalRegistryHostingV1 describes a local registry that developer tools can connect to. A local registry allows clients to load images into the local cluster by pushing to this registry. This is a verbatim copy of what is in the enhancement proposal at https://github.com/kubernetes/enhancements repo keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry
type MirrorRegistryConfig ¶
type MirrorRegistryConfig struct { Address string Username string Password string Repository string Token string Insecure bool }
MirrorRegistryConfig holds the needed data that allows imgctrl to contact the mirror registry.
type NewImageOpts ¶
NewImageOpts holds the options necessary to call Image.NewImage().
type SysContext ¶
type SysContext struct {
// contains filtered or unexported fields
}
SysContext groups tasks related to system context/configuration, deal with things such as configured docker authentications or unqualified registries configs.
func NewSysContext ¶
func NewSysContext(corinf informers.SharedInformerFactory) *SysContext
NewSysContext returns a new SysContext helper.
func (*SysContext) DefaultPolicyContext ¶
func (s *SysContext) DefaultPolicyContext() (*signature.PolicyContext, error)
DefaultPolicyContext returns the default policy context. XXX this should be reviewed.
func (*SysContext) GetRegistryStore ¶
func (s *SysContext) GetRegistryStore(ctx context.Context) (*imagestore.Registry, error)
GetRegistryStore creates an instance of an Registry store entity configured to use our mirror registry as underlying storage.
func (*SysContext) MirrorConfig ¶
func (s *SysContext) MirrorConfig() (MirrorRegistryConfig, error)
MirrorConfig returns the mirror configuration as read from Shipwright namespace or from the kube-public namespace as per KEP.
func (*SysContext) MirrorRegistryAddresses ¶
func (s *SysContext) MirrorRegistryAddresses() (string, string, error)
MirrorRegistryAddresses returns the configured registry address used for mirroring images. This is implemented to comply with KEP at https://github.com/kubernetes/enhancements/ repo, see keps/sig-cluster-lifecycle/generic/1755-communicating-a-local-registry. There are two ways of providing the mirror registry information, the first one is to populate a secret in the current namespace, the other one is by complying with the KEP. We give preference for the secret in the current namespace.
func (*SysContext) MirrorRegistryContext ¶
func (s *SysContext) MirrorRegistryContext(ctx context.Context) *types.SystemContext
MirrorRegistryContext returns the context to be used when talking to the the registry used for mirroring images.
func (*SysContext) ParseMirrorRegistryConfig ¶
func (s *SysContext) ParseMirrorRegistryConfig() (*LocalRegistryHostingV1, error)
ParseMirrorRegistryConfig reads configmap local-registry-hosting from kube-public namespace, parses its content and returns the local registry configuration.
func (*SysContext) ParseShipwrightMirrorRegistryConfig ¶
func (s *SysContext) ParseShipwrightMirrorRegistryConfig() (MirrorRegistryConfig, error)
ParseShipwrightMirrorRegistryConfig parses a secret called "mirror-registry-config" in the pod namespace. This secret holds information on how to connect to the mirror registry.
func (*SysContext) RegistriesToSearch ¶
RegistriesToSearch returns a list of registries to be used when looking for an image. It is either the provided domain or a list of unqualified domains configured globally and returned by UnqualifiedRegistries(). This function is used when trying to understand what an user means when she/he simply asks to import an image called "centos:latest" for instance, in what registries do we need to look for this image? This is the place where we can implement a mirror search.
func (*SysContext) SystemContextsFor ¶
func (s *SysContext) SystemContextsFor( ctx context.Context, imgref types.ImageReference, namespace string, insecure bool, ) ([]*types.SystemContext, error)
SystemContextsFor builds a series of types.SystemContexts, all of them using one of the auth credentials present in the namespace. The last entry is always a nil SystemContext, this last entry means "no auth". Insecure indicate if the returned SystemContexts tolerate invalid TLS certificates.
func (*SysContext) UnqualifiedRegistries ¶
func (s *SysContext) UnqualifiedRegistries(ctx context.Context) ([]string, error)
UnqualifiedRegistries returns the list of unqualified registries configured on the system. XXX this is a place holder as we most likely gonna need to read this from a configuration somewhere.