75 lines
3.2 KiB
Go
75 lines
3.2 KiB
Go
package storage
|
|
|
|
import (
|
|
"context"
|
|
|
|
"atcr.io/pkg/appview/readme"
|
|
"atcr.io/pkg/atproto"
|
|
"atcr.io/pkg/auth"
|
|
"atcr.io/pkg/auth/oauth"
|
|
)
|
|
|
|
// PushWebhookDispatcher dispatches push event webhooks.
|
|
// Defined here (in storage) to avoid import cycles with the webhooks package.
|
|
type PushWebhookDispatcher interface {
|
|
DispatchForPush(ctx context.Context, event PushWebhookEvent)
|
|
}
|
|
|
|
// ManifestReferenceChecker checks if a manifest digest is referenced as a child
|
|
// of a manifest list (multi-arch image). Used to protect manifest list children
|
|
// from auto-removal when their parent list is still tagged.
|
|
type ManifestReferenceChecker interface {
|
|
IsManifestReferenced(did, digest string) (bool, error)
|
|
}
|
|
|
|
// PushWebhookEvent contains the data needed to dispatch a push webhook.
|
|
type PushWebhookEvent struct {
|
|
OwnerDID string
|
|
OwnerHandle string
|
|
PusherDID string
|
|
PusherHandle string
|
|
Repository string
|
|
Tag string
|
|
Digest string
|
|
MediaType string
|
|
HoldDID string
|
|
HoldEndpoint string
|
|
}
|
|
|
|
// HoldDIDLookup interface for querying and updating hold DIDs in manifests
|
|
type HoldDIDLookup interface {
|
|
GetLatestHoldDIDForRepo(did, repository string) (string, error)
|
|
UpdateManifestHoldDID(did, oldHoldDID, newHoldDID string) (int64, error)
|
|
}
|
|
|
|
// RegistryContext bundles all the context needed for registry operations
|
|
// This includes both per-request data (DID, hold) and shared services
|
|
type RegistryContext struct {
|
|
// Per-request identity and routing information
|
|
// Owner = the user whose repository is being accessed
|
|
// Puller = the authenticated user making the request (from JWT Subject)
|
|
DID string // Owner's DID - whose repo is being accessed (e.g., "did:plc:abc123")
|
|
Handle string // Owner's handle (e.g., "alice.bsky.social")
|
|
HoldDID string // Hold service DID (e.g., "did:web:hold01.atcr.io" or "did:plc:abc123")
|
|
HoldURL string // Resolved HTTP URL for the hold service
|
|
PDSEndpoint string // Owner's PDS endpoint URL
|
|
Repository string // Image repository name (e.g., "debian")
|
|
ServiceToken string // Service token for hold authentication (from puller's PDS)
|
|
ATProtoClient *atproto.Client // Authenticated ATProto client for the owner
|
|
AuthMethod string // Auth method used ("oauth" or "app_password")
|
|
PullerDID string // Puller's DID - who is making the request (from JWT Subject)
|
|
PullerPDSEndpoint string // Puller's PDS endpoint URL
|
|
HasPushScope bool // Whether the JWT token has push scope (used to filter pull stats)
|
|
|
|
// Per-request user preferences
|
|
AutoRemoveUntagged bool // Whether to auto-delete untagged manifests on tag overwrite
|
|
|
|
// Shared services (same for all requests)
|
|
Database HoldDIDLookup // Database for hold DID lookups
|
|
Authorizer auth.HoldAuthorizer // Hold access authorization
|
|
Refresher *oauth.Refresher // OAuth session manager
|
|
ReadmeFetcher *readme.Fetcher // README fetcher for repo pages
|
|
WebhookDispatcher PushWebhookDispatcher // Push webhook dispatcher (nil if not configured)
|
|
ManifestRefChecker ManifestReferenceChecker // Checks if digest is a manifest list child (nil-safe)
|
|
}
|