feat: v3 Go rewrite — full artifact proxy with web UI, TUI, and Terraform provider

Complete rewrite of ArtifactAPI from Python/FastAPI to Go as a single binary.

Core engine:
- 10 package providers: generic, docker, helm, pypi, npm, rpm, alpine,
  puppet, terraform, goproxy — each with built-in mutable patterns
- Content-addressable storage (SHA256 dedup across all remotes)
- Three-tier caching: Redis (TTL/locks) → S3/MinIO (blobs) → upstream
- Classifier with allowlist/blocklist per-remote (empty = allow all)
- Circuit breaker, conditional revalidation, stale-on-error
- Background garbage collection for orphaned blobs
- Access logging to PostgreSQL

API:
- v1 proxy endpoints (backwards compatible)
- v2 management API: CRUD remotes/virtuals, object browser, stats,
  health, SSE events, probe/test endpoint
- Virtual repos with index merging (Helm YAML + PyPI HTML)

Frontend (React + Vite, separate Dockerfile):
- Dashboard with stats, health indicators, top remotes
- Remotes list with type filter, remote detail with config/patterns
- Object browser with pagination and evict
- Test Remote page: probe any remote path, see headers/size/timing
- Virtuals page with expandable member lists

TUI (Bubble Tea):
- Dashboard, remotes list/detail, object browser, virtuals
- Vim-style navigation, artifactapi tui --endpoint <url>

Infrastructure:
- S3 client supports MinIO, Ceph RGW, AWS S3 (minio-go)
- PostgreSQL schema with migrations
- Docker Compose: API + UI + Postgres 17 + Redis 7 + MinIO
- Makefile with Go version check, build/test/lint/fmt/e2e targets
- Distroless Docker image (~15MB)

Testing:
- Unit tests for models, classifier, providers, mergers
- E2E tests with testcontainers-go (real Postgres/Redis/MinIO)

Terraform config:
- All 40 production remotes + helm virtual as HCL
- Provider repo: terraform-provider-artifactapi v0.0.1 (separate)
This commit is contained in:
2026-06-07 15:53:14 +10:00
parent f25bf6cb29
commit deabda9895
111 changed files with 11428 additions and 741 deletions
+58
View File
@@ -0,0 +1,58 @@
package helm
import (
"context"
"net/http"
"strings"
"git.unkin.net/unkin/artifactapi/internal/auth"
"git.unkin.net/unkin/artifactapi/internal/provider"
"git.unkin.net/unkin/artifactapi/pkg/models"
)
func init() {
provider.Register(&Provider{})
}
type Provider struct{}
func (p *Provider) Type() models.PackageType { return models.PackageHelm }
func (p *Provider) Classify(path string) provider.Mutability {
if strings.HasSuffix(path, "index.yaml") || strings.HasSuffix(path, "index.yml") {
return provider.Mutable
}
return provider.Immutable
}
func (p *Provider) ContentType(path string) string {
if strings.HasSuffix(path, ".tgz") || strings.HasSuffix(path, ".tar.gz") {
return "application/gzip"
}
if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") {
return "text/yaml"
}
return "application/octet-stream"
}
func (p *Provider) UpstreamURL(remote models.Remote, path string) string {
return strings.TrimRight(remote.BaseURL, "/") + "/" + strings.TrimLeft(path, "/")
}
func (p *Provider) RewriteResponse(body []byte, remote models.Remote, proxyBaseURL string) ([]byte, error) {
if proxyBaseURL == "" {
return nil, nil
}
content := string(body)
baseURL := strings.TrimRight(remote.BaseURL, "/")
proxyURL := strings.TrimRight(proxyBaseURL, "/") + "/api/v1/remote/" + remote.Name
rewritten := strings.ReplaceAll(content, baseURL, proxyURL)
if rewritten == content {
return nil, nil
}
return []byte(rewritten), nil
}
func (p *Provider) AuthHeaders(_ context.Context, remote models.Remote) (http.Header, error) {
return auth.BasicHeaders(remote), nil
}
+51
View File
@@ -0,0 +1,51 @@
package helm_test
import (
"strings"
"testing"
"git.unkin.net/unkin/artifactapi/internal/provider"
"git.unkin.net/unkin/artifactapi/internal/provider/helm"
"git.unkin.net/unkin/artifactapi/pkg/models"
)
func TestProvider_Type(t *testing.T) {
p := &helm.Provider{}
if p.Type() != models.PackageHelm {
t.Errorf("expected helm, got %q", p.Type())
}
}
func TestProvider_Classify(t *testing.T) {
p := &helm.Provider{}
tests := []struct {
path string
want provider.Mutability
}{
{"index.yaml", provider.Mutable},
{"index.yml", provider.Mutable},
{"chart-1.0.tgz", provider.Immutable},
{"charts/nginx-1.0.tgz", provider.Immutable},
}
for _, tt := range tests {
if got := p.Classify(tt.path); got != tt.want {
t.Errorf("Classify(%q) = %v, want %v", tt.path, got, tt.want)
}
}
}
func TestProvider_RewriteResponse(t *testing.T) {
p := &helm.Provider{}
body := []byte("urls:\n- https://charts.example.com/chart-1.0.tgz")
remote := models.Remote{Name: "helm-test", BaseURL: "https://charts.example.com"}
rewritten, err := p.RewriteResponse(body, remote, "https://proxy.example.com")
if err != nil {
t.Fatal(err)
}
if rewritten == nil {
t.Fatal("expected rewrite")
}
if !strings.Contains(string(rewritten), "proxy.example.com/api/v1/remote/helm-test") {
t.Errorf("expected proxy URL in body: %s", rewritten)
}
}