create a new bot verison on docker push
This commit is contained in:
Ilion Beyst
parent
0f14dee499
commit
7eb02a2efc
1 changed files with 16 additions and 5 deletions
|
|
@ -15,6 +15,7 @@ use std::path::PathBuf;
|
||||||
use tokio::io::AsyncWriteExt;
|
use tokio::io::AsyncWriteExt;
|
||||||
use tokio_util::io::ReaderStream;
|
use tokio_util::io::ReaderStream;
|
||||||
|
|
||||||
|
use crate::db::bots::NewBotVersion;
|
||||||
use crate::util::gen_alphanumeric;
|
use crate::util::gen_alphanumeric;
|
||||||
use crate::{db, DatabaseConnection};
|
use crate::{db, DatabaseConnection};
|
||||||
|
|
||||||
|
|
@ -339,7 +340,7 @@ async fn put_manifest(
|
||||||
Path((repository_name, reference)): Path<(String, String)>,
|
Path((repository_name, reference)): Path<(String, String)>,
|
||||||
mut stream: BodyStream,
|
mut stream: BodyStream,
|
||||||
) -> Result<impl IntoResponse, StatusCode> {
|
) -> Result<impl IntoResponse, StatusCode> {
|
||||||
check_access(&repository_name, &auth, &db_conn)?;
|
let bot = check_access(&repository_name, &auth, &db_conn)?;
|
||||||
|
|
||||||
let repository_dir = PathBuf::from(REGISTRY_PATH)
|
let repository_dir = PathBuf::from(REGISTRY_PATH)
|
||||||
.join("manifests")
|
.join("manifests")
|
||||||
|
|
@ -368,6 +369,15 @@ async fn put_manifest(
|
||||||
let digest_path = repository_dir.join(&content_digest).with_extension("json");
|
let digest_path = repository_dir.join(&content_digest).with_extension("json");
|
||||||
tokio::fs::copy(manifest_path, digest_path).await.unwrap();
|
tokio::fs::copy(manifest_path, digest_path).await.unwrap();
|
||||||
|
|
||||||
|
// Register the new image as a bot version
|
||||||
|
// TODO: how should tags be handled?
|
||||||
|
let new_version = NewBotVersion {
|
||||||
|
bot_id: Some(bot.id),
|
||||||
|
code_bundle_path: None,
|
||||||
|
container_digest: Some(&content_digest),
|
||||||
|
};
|
||||||
|
db::bots::create_bot_version(&new_version, &db_conn).expect("could not save bot version");
|
||||||
|
|
||||||
Ok(Response::builder()
|
Ok(Response::builder()
|
||||||
.status(StatusCode::CREATED)
|
.status(StatusCode::CREATED)
|
||||||
.header(
|
.header(
|
||||||
|
|
@ -380,12 +390,13 @@ async fn put_manifest(
|
||||||
}
|
}
|
||||||
|
|
||||||
/// Ensure that the accessed repository exists
|
/// Ensure that the accessed repository exists
|
||||||
/// and the user is allowed to access ti
|
/// and the user is allowed to access it.
|
||||||
|
/// Returns the associated bot.
|
||||||
fn check_access(
|
fn check_access(
|
||||||
repository_name: &str,
|
repository_name: &str,
|
||||||
auth: &RegistryAuth,
|
auth: &RegistryAuth,
|
||||||
db_conn: &DatabaseConnection,
|
db_conn: &DatabaseConnection,
|
||||||
) -> Result<(), StatusCode> {
|
) -> Result<db::bots::Bot, StatusCode> {
|
||||||
use diesel::OptionalExtension;
|
use diesel::OptionalExtension;
|
||||||
|
|
||||||
// TODO: it would be nice to provide the found repository
|
// TODO: it would be nice to provide the found repository
|
||||||
|
|
@ -396,10 +407,10 @@ fn check_access(
|
||||||
.ok_or(StatusCode::NOT_FOUND)?;
|
.ok_or(StatusCode::NOT_FOUND)?;
|
||||||
|
|
||||||
match &auth {
|
match &auth {
|
||||||
RegistryAuth::Admin => Ok(()),
|
RegistryAuth::Admin => Ok(bot),
|
||||||
RegistryAuth::User(user) => {
|
RegistryAuth::User(user) => {
|
||||||
if bot.owner_id == Some(user.id) {
|
if bot.owner_id == Some(user.id) {
|
||||||
Ok(())
|
Ok(bot)
|
||||||
} else {
|
} else {
|
||||||
Err(StatusCode::FORBIDDEN)
|
Err(StatusCode::FORBIDDEN)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue