-
Notifications
You must be signed in to change notification settings - Fork 508
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WIP: Client API implementation #1119
Conversation
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <dclwrnc@gmail.com> (github: endophage)
…ld be working Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
…d code Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: David Lawrence <david.lawrence@docker.com> Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com> (github: endophage)
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
Signed-off-by: Nassim 'Nass' Eddequiouaq <eddequiouaq.nassim@gmail.com>
…e. Wrapping up configuration of auth Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
…r everyone Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
…exercise some of the code while I had a debugger running Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This mostly is looking really good! I left some comments from my first pass, I plan to do a more in-depth review soon.
client_api/api/api.proto
Outdated
// Notary Interface | ||
service Notary { | ||
// AddTarget adds a target to the TUF repository and re-signs. | ||
rpc AddTarget(TargetAction) returns (BasicResponse) {} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should these take an optional list of roles to sign with? I know the default is to sign with all available, but that might not be the desired behavior when we get to thresholding
client_api/api/server.go
Outdated
gun, | ||
srv.upstream, | ||
rt, | ||
remoteStore, // remote store |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
don't know that this comment is adding much :)
cmd/notary/repo_factory.go
Outdated
|
||
type repoFactory func(gun data.GUN) (client.Repository, error) | ||
|
||
func ConfigureRepo(v *viper.Viper, retriever notary.PassRetriever, onlineOperation bool) repoFactory { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 this really cleans things up
utils/token/accesscontroller.go
Outdated
@@ -0,0 +1,215 @@ | |||
package token |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍 for a dependency removed
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm actually going to try and upstream these auth pieces back into distribution. I don't particularly want a forked version I have to keep up to date if somebody changes something. The version in docker/distribution is basically the canonical version for Docker but it was too tightly coupled with net/http and I needed to make progress.
|
||
const remoteConfigField = "api" | ||
|
||
type repoFactory func(gun data.GUN) (client.Repository, error) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the naming here could be confusing, because RepoBuilder
already exists. Maybe more explicitly clientRepoFactory
? (same for filename as well)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have some stuff to discuss at our maintainers meeting at DockerCon that may obsolete RepoBuilder :-)
offlineAccess: false, | ||
forceOAuth: false, | ||
clientID: clientID, | ||
//scopes: []Scope{ |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
these comments should be cleaned up
return fmt.Sprintf("%s:%s:%s", repoType, rs.Repository, strings.Join(rs.Actions, ",")) | ||
} | ||
|
||
//// RegistryScope represents a token scope for access |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
if this is unused it should be removed
} | ||
|
||
func (th *TokenHandler) AuthorizeRequest(params map[string]string, scopes ...string) (string, error) { | ||
//th.tokenLock.Lock() |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
remove these? can't think of a reason there would need to be a lock here.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a token cache (map[something]something
) I removed that this was locking.
); err != nil { | ||
return nil, err | ||
} | ||
if err := publishRepo(r); err != nil { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should the responsibility to publish be pushed back to the "clientapi client" instead of in the "clientapi server"?
IIRC this mirrors the current cli behavior, just wondering if there's a good reason to keep them coupled together.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the case where somebody horizontally scales Client API's (I'm just using that as the name for this new service), there's no guarantee you'll hit the same instance again. I think it's a lot cleaner and easier to implement if every operation is a one shot that publishes (where appropriate, we intend to support things like letting clients add keys, which would still require some kind of synchronization between instances).
return nil, err | ||
} | ||
|
||
resTargets := make([]*TargetWithRole, len(targets)) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can these be factored out? Maybe something like NewTargetWithRole(Target)
and NewTargetWithRoles([]Target)
They only really need to be serialized here so I understand not separating it out, but if they were separate it would be very clear that all this server does is proxy commands to a repo object and then serialize the results.
(Same comment for all of the other serialization happening in this file)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Signed-off-by: David Lawrence <david.lawrence@docker.com> (github: endophage)
Superseded by #1139 |
Huge feature list here and apologies for the PR bomb.
GRPC Endpoint Name : [permissions]
(documentation to be written) that allows users to arbitrarily configure in more permissions per GRPC API. Users would need their token server to issue those permissions as appropriate to their users.Still needed:
Shout out to @n4ss for all the hard work on this. Go get some sleep!
cc @ecordell @lewiada