feat: cache upstream bearer tokens in Redis
ci/woodpecker/pr/pre-commit Pipeline was successful
ci/woodpecker/pr/test Pipeline was successful
ci/woodpecker/pr/build Pipeline was successful

Each upstream 401 re-ran the full token-endpoint dance. Cache the minted
token keyed by remote + challenge, honouring the token's expires_in (with
a safety margin, defaulting to 60s), so subsequent blobs sharing a scope
reuse it.

Refs #77
This commit is contained in:
2026-07-02 00:42:48 +10:00
parent 8d9bc1c422
commit 493b3cb906
2 changed files with 56 additions and 10 deletions
+12
View File
@@ -70,6 +70,18 @@ func (r *Redis) GetETag(ctx context.Context, remote, path string) (string, error
return val, err
}
func (r *Redis) GetToken(ctx context.Context, key string) (string, error) {
val, err := r.client.Get(ctx, "token:"+key).Result()
if err == redis.Nil {
return "", nil
}
return val, err
}
func (r *Redis) SetToken(ctx context.Context, key, token string, ttl time.Duration) error {
return r.client.Set(ctx, "token:"+key, token, ttl).Err()
}
func (r *Redis) IncrCircuitFailure(ctx context.Context, remote string, cooldown time.Duration) (int64, error) {
key := fmt.Sprintf("circuit:%s", remote)
pipe := r.client.Pipeline()