Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
G
gitlab-ce
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
1
Merge Requests
1
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
nexedi
gitlab-ce
Commits
f519a4b7
Commit
f519a4b7
authored
Aug 01, 2019
by
Valery Sizov
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Backport of
https://gitlab.com/gitlab-org/gitlab-ee/merge_requests/3809
Introducing Docker Registry replication
parent
beb7d892
Changes
9
Hide whitespace changes
Inline
Side-by-side
Showing
9 changed files
with
57 additions
and
3 deletions
+57
-3
app/models/container_repository.rb
app/models/container_repository.rb
+5
-1
app/services/auth/container_registry_authentication_service.rb
...ervices/auth/container_registry_authentication_service.rb
+9
-1
config/gitlab.yml.example
config/gitlab.yml.example
+5
-0
config/initializers/0_inflections.rb
config/initializers/0_inflections.rb
+1
-0
config/initializers/1_settings.rb
config/initializers/1_settings.rb
+9
-0
db/migrate/20190612111404_add_geo_container_sync_capacity.rb
db/migrate/20190612111404_add_geo_container_sync_capacity.rb
+13
-0
db/schema.rb
db/schema.rb
+1
-0
spec/factories/container_repositories.rb
spec/factories/container_repositories.rb
+1
-1
spec/services/auth/container_registry_authentication_service_spec.rb
...es/auth/container_registry_authentication_service_spec.rb
+13
-0
No files found.
app/models/container_repository.rb
View file @
f519a4b7
...
@@ -70,10 +70,14 @@ class ContainerRepository < ApplicationRecord
...
@@ -70,10 +70,14 @@ class ContainerRepository < ApplicationRecord
digests
=
tags
.
map
{
|
tag
|
tag
.
digest
}.
to_set
digests
=
tags
.
map
{
|
tag
|
tag
.
digest
}.
to_set
digests
.
all?
do
|
digest
|
digests
.
all?
do
|
digest
|
client
.
delete_repository_tag
(
self
.
path
,
digest
)
delete_tag_by_digest
(
digest
)
end
end
end
end
def
delete_tag_by_digest
(
digest
)
client
.
delete_repository_tag
(
self
.
path
,
digest
)
end
def
self
.
build_from_path
(
path
)
def
self
.
build_from_path
(
path
)
self
.
new
(
project:
path
.
repository_project
,
self
.
new
(
project:
path
.
repository_project
,
name:
path
.
repository_name
)
name:
path
.
repository_name
)
...
...
app/services/auth/container_registry_authentication_service.rb
View file @
f519a4b7
...
@@ -17,6 +17,14 @@ module Auth
...
@@ -17,6 +17,14 @@ module Auth
end
end
def
self
.
full_access_token
(
*
names
)
def
self
.
full_access_token
(
*
names
)
access_token
(
%w(*)
,
names
)
end
def
self
.
pull_access_token
(
*
names
)
access_token
([
'pull'
],
names
)
end
def
self
.
access_token
(
actions
,
names
)
names
=
names
.
flatten
names
=
names
.
flatten
registry
=
Gitlab
.
config
.
registry
registry
=
Gitlab
.
config
.
registry
token
=
JSONWebToken
::
RSAToken
.
new
(
registry
.
key
)
token
=
JSONWebToken
::
RSAToken
.
new
(
registry
.
key
)
...
@@ -25,7 +33,7 @@ module Auth
...
@@ -25,7 +33,7 @@ module Auth
token
.
expire_time
=
token_expire_at
token
.
expire_time
=
token_expire_at
token
[
:access
]
=
names
.
map
do
|
name
|
token
[
:access
]
=
names
.
map
do
|
name
|
{
type:
'repository'
,
name:
name
,
actions:
%w(*)
}
{
type:
'repository'
,
name:
name
,
actions:
actions
}
end
end
token
.
encoded
token
.
encoded
...
...
config/gitlab.yml.example
View file @
f519a4b7
...
@@ -427,6 +427,11 @@ production: &base
...
@@ -427,6 +427,11 @@ production: &base
# If it is blank, it defaults to external_url.
# If it is blank, it defaults to external_url.
node_name: ''
node_name: ''
registry_replication:
# enabled: true
# primary_api_url: http://localhost:5000/ # internal address to the primary registry, will be used by GitLab to directly communicate with primary registry API
#
#
# 2. GitLab CI settings
# 2. GitLab CI settings
# ==========================
# ==========================
...
...
config/initializers/0_inflections.rb
View file @
f519a4b7
...
@@ -19,6 +19,7 @@ ActiveSupport::Inflector.inflections do |inflect|
...
@@ -19,6 +19,7 @@ ActiveSupport::Inflector.inflections do |inflect|
project_registry
project_registry
file_registry
file_registry
job_artifact_registry
job_artifact_registry
container_repository_registry
vulnerability_feedback
vulnerability_feedback
vulnerabilities_feedback
vulnerabilities_feedback
group_view
group_view
...
...
config/initializers/1_settings.rb
View file @
f519a4b7
...
@@ -296,6 +296,12 @@ Gitlab.ee do
...
@@ -296,6 +296,12 @@ Gitlab.ee do
Settings
[
'geo'
]
||=
Settingslogic
.
new
({})
Settings
[
'geo'
]
||=
Settingslogic
.
new
({})
# For backwards compatibility, default to gitlab_url and if so, ensure it ends with "/"
# For backwards compatibility, default to gitlab_url and if so, ensure it ends with "/"
Settings
.
geo
[
'node_name'
]
=
Settings
.
geo
[
'node_name'
].
presence
||
Settings
.
gitlab
[
'url'
].
chomp
(
'/'
).
concat
(
'/'
)
Settings
.
geo
[
'node_name'
]
=
Settings
.
geo
[
'node_name'
].
presence
||
Settings
.
gitlab
[
'url'
].
chomp
(
'/'
).
concat
(
'/'
)
#
# Registry replication
#
Settings
.
geo
[
'registry_replication'
]
||=
Settingslogic
.
new
({})
Settings
.
geo
.
registry_replication
[
'enabled'
]
||=
false
end
end
#
#
...
@@ -473,6 +479,9 @@ Gitlab.ee do
...
@@ -473,6 +479,9 @@ Gitlab.ee do
Settings
.
cron_jobs
[
'geo_repository_verification_secondary_scheduler_worker'
]
||=
Settingslogic
.
new
({})
Settings
.
cron_jobs
[
'geo_repository_verification_secondary_scheduler_worker'
]
||=
Settingslogic
.
new
({})
Settings
.
cron_jobs
[
'geo_repository_verification_secondary_scheduler_worker'
][
'cron'
]
||=
'*/1 * * * *'
Settings
.
cron_jobs
[
'geo_repository_verification_secondary_scheduler_worker'
][
'cron'
]
||=
'*/1 * * * *'
Settings
.
cron_jobs
[
'geo_repository_verification_secondary_scheduler_worker'
][
'job_class'
]
||=
'Geo::RepositoryVerification::Secondary::SchedulerWorker'
Settings
.
cron_jobs
[
'geo_repository_verification_secondary_scheduler_worker'
][
'job_class'
]
||=
'Geo::RepositoryVerification::Secondary::SchedulerWorker'
Settings
.
cron_jobs
[
'geo_container_repository_sync_worker'
]
||=
Settingslogic
.
new
({})
Settings
.
cron_jobs
[
'geo_container_repository_sync_worker'
][
'cron'
]
||=
'*/1 * * * *'
Settings
.
cron_jobs
[
'geo_container_repository_sync_worker'
][
'job_class'
]
||=
'Geo::ContainerRepositorySyncDispatchWorker'
Settings
.
cron_jobs
[
'historical_data_worker'
]
||=
Settingslogic
.
new
({})
Settings
.
cron_jobs
[
'historical_data_worker'
]
||=
Settingslogic
.
new
({})
Settings
.
cron_jobs
[
'historical_data_worker'
][
'cron'
]
||=
'0 12 * * *'
Settings
.
cron_jobs
[
'historical_data_worker'
][
'cron'
]
||=
'0 12 * * *'
Settings
.
cron_jobs
[
'historical_data_worker'
][
'job_class'
]
=
'HistoricalDataWorker'
Settings
.
cron_jobs
[
'historical_data_worker'
][
'job_class'
]
=
'HistoricalDataWorker'
...
...
db/migrate/20190612111404_add_geo_container_sync_capacity.rb
0 → 100644
View file @
f519a4b7
# frozen_string_literal: true
class
AddGeoContainerSyncCapacity
<
ActiveRecord
::
Migration
[
5.1
]
include
Gitlab
::
Database
::
MigrationHelpers
DOWNTIME
=
false
def
change
change_table
:geo_nodes
do
|
t
|
t
.
column
:container_repositories_max_capacity
,
:integer
,
default:
10
,
null:
false
end
end
end
db/schema.rb
View file @
f519a4b7
...
@@ -1435,6 +1435,7 @@ ActiveRecord::Schema.define(version: 2019_07_29_090456) do
...
@@ -1435,6 +1435,7 @@ ActiveRecord::Schema.define(version: 2019_07_29_090456) do
t
.
integer
"minimum_reverification_interval"
,
default:
7
,
null:
false
t
.
integer
"minimum_reverification_interval"
,
default:
7
,
null:
false
t
.
string
"internal_url"
t
.
string
"internal_url"
t
.
string
"name"
,
null:
false
t
.
string
"name"
,
null:
false
t
.
integer
"container_repositories_max_capacity"
,
default:
10
,
null:
false
t
.
index
[
"access_key"
],
name:
"index_geo_nodes_on_access_key"
t
.
index
[
"access_key"
],
name:
"index_geo_nodes_on_access_key"
t
.
index
[
"name"
],
name:
"index_geo_nodes_on_name"
,
unique:
true
t
.
index
[
"name"
],
name:
"index_geo_nodes_on_name"
,
unique:
true
t
.
index
[
"primary"
],
name:
"index_geo_nodes_on_primary"
t
.
index
[
"primary"
],
name:
"index_geo_nodes_on_primary"
...
...
spec/factories/container_repositories.rb
View file @
f519a4b7
...
@@ -2,7 +2,7 @@
...
@@ -2,7 +2,7 @@
FactoryBot
.
define
do
FactoryBot
.
define
do
factory
:container_repository
do
factory
:container_repository
do
name
'test_image'
sequence
(
:name
)
{
|
n
|
"test_image_
#{
n
}
"
}
project
project
transient
do
transient
do
...
...
spec/services/auth/container_registry_authentication_service_spec.rb
View file @
f519a4b7
...
@@ -145,6 +145,19 @@ describe Auth::ContainerRegistryAuthenticationService do
...
@@ -145,6 +145,19 @@ describe Auth::ContainerRegistryAuthenticationService do
it_behaves_like
'not a container repository factory'
it_behaves_like
'not a container repository factory'
end
end
describe
'#pull_access_token'
do
let
(
:project
)
{
create
(
:project
)
}
let
(
:token
)
{
described_class
.
pull_access_token
(
project
.
full_path
)
}
subject
{
{
token:
token
}
}
it_behaves_like
'an accessible'
do
let
(
:actions
)
{
[
'pull'
]
}
end
it_behaves_like
'not a container repository factory'
end
context
'user authorization'
do
context
'user authorization'
do
let
(
:current_user
)
{
create
(
:user
)
}
let
(
:current_user
)
{
create
(
:user
)
}
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment