InvalidResponse,
FreshLoginRequired,
NotFound,
)
from endpoints.decorators import check_anon_protection, require_xhr_from_browser, check_readonly
from util.metrics.prometheus import timed_blueprint
from util.names import parse_namespace_repository
from util.pagination import encrypt_page_token, decrypt_page_token
from util.request import get_request_ip
from util.timedeltastring import convert_to_timedelta
from __init__models_pre_oci import pre_oci_model as model
logger = logging.getLogger(__name__)
api_bp = timed_blueprint(Blueprint("api", __name__))
CROSS_DOMAIN_HEADERS = ["Authorization", "Content-Type", "X-Requested-With"]
FRESH_LOGIN_TIMEOUT = convert_to_timedelta(app.config.get("FRESH_LOGIN_TIMEOUT", "10m"))
class ApiExceptionHandlingApi(Api):
@crossdomain(origin="*", headers=CROSS_DOMAIN_HEADERS)
def handle_error(self, error):
return super(ApiExceptionHandlingApi, self).handle_error(error)
api = ApiExceptionHandlingApi()
api.init_app(api_bp)
api.decorators = [
from endpoints.v2.blob import BLOB_DIGEST_ROUTE
from image.appc import AppCImageFormatter
from image.shared import ManifestException
from image.docker.squashed import SquashedDockerImageFormatter
from storage import Storage
from util.audit import track_and_log, wrap_repository
from util.http import exact_abort
from util.metrics.prometheus import timed_blueprint
from util.registry.filelike import wrap_with_handler
from util.registry.queuefile import QueueFile
from util.registry.queueprocess import QueueProcess
from util.registry.tarlayerformat import TarLayerFormatterReporter
logger = logging.getLogger(__name__)
verbs = timed_blueprint(Blueprint("verbs", __name__))
verb_stream_passes = Counter(
"quay_verb_stream_passes_total",
"number of passes over a tar stream used by verb requests",
labelnames=["kind"],
)
LAYER_MIMETYPE = "binary/octet-stream"
QUEUE_FILE_TIMEOUT = 15 # seconds
class VerbReporter(TarLayerFormatterReporter):
def __init__(self, kind):
import logging
from functools import wraps
from flask import Blueprint, make_response, jsonify
import features
from app import app
from data.readreplica import ReadOnlyModeException
from endpoints.decorators import anon_protect, anon_allowed
from util.http import abort
from util.metrics.prometheus import timed_blueprint
logger = logging.getLogger(__name__)
v1_bp = timed_blueprint(Blueprint("v1", __name__))
# Note: This is *not* part of the Docker index spec. This is here for our own health check,
# since we have nginx handle the _ping below.
@v1_bp.route("/_internal_ping")
@anon_allowed
def internal_ping():
return make_response("true", 200)
@v1_bp.route("/_ping")
@anon_allowed
def ping():
# NOTE: any changes made here must also be reflected in the nginx config
response = make_response("true", 200)
V2RegistryException,
Unauthorized,
Unsupported,
NameUnknown,
ReadOnlyMode,
InvalidRequest,
QuotaExceeded,
)
from util.http import abort
from util.metrics.prometheus import timed_blueprint
from util.registry.dockerver import docker_version
from util.pagination import encrypt_page_token, decrypt_page_token
from proxy import UpstreamRegistryError
logger = logging.getLogger(__name__)
v2_bp = timed_blueprint(Blueprint("v2", __name__))
@v2_bp.app_errorhandler(V2RegistryException)
def handle_registry_v2_exception(error):
response = jsonify({"errors": [error.as_dict()]})
response.status_code = error.http_status_code
if response.status_code == 401:
response.headers.extend(
get_auth_headers(repository=error.repository, scopes=error.scopes))
logger.debug("sending response: %s", response.get_data())
return response
@v2_bp.app_errorhandler(ReadOnlyModeException)
from functools import wraps
from cnr.exception import Forbidden
from flask import Blueprint
from auth.permissions import (
AdministerRepositoryPermission,
ReadRepositoryPermission,
ModifyRepositoryPermission,
)
from endpoints.appr.decorators import require_repo_permission
from util.metrics.prometheus import timed_blueprint
logger = logging.getLogger(__name__)
appr_bp = timed_blueprint(Blueprint("appr", __name__))
def _raise_method(repository, scopes):
raise Forbidden("Unauthorized access for: %s" % repository, {
"package": repository,
"scopes": scopes
})
def _get_reponame_kwargs(*args, **kwargs):
return [kwargs["namespace"], kwargs["package_name"]]
require_app_repo_read = require_repo_permission(
ReadRepositoryPermission,
