b46c116f6b
ci/woodpecker/tag/docker Pipeline was successful
Complete rewrite of ArtifactAPI from Python/FastAPI to Go as a single binary. Core engine: - 10 package providers: generic, docker, helm, pypi, npm, rpm, alpine, puppet, terraform, goproxy — each with built-in mutable patterns - Content-addressable storage (SHA256 dedup across all remotes) - Three-tier caching: Redis (TTL/locks) → S3/MinIO (blobs) → upstream - Classifier with allowlist/blocklist per-remote (empty = allow all) - Circuit breaker, conditional revalidation, stale-on-error - Background garbage collection for orphaned blobs - Access logging to PostgreSQL API: - v1 proxy endpoints (backwards compatible) - v2 management API: CRUD remotes/virtuals, object browser, stats, health, SSE events, probe/test endpoint - Virtual repos with index merging (Helm YAML + PyPI HTML) Frontend (React + Vite, separate Dockerfile): - Dashboard with stats, health indicators, top remotes - Remotes list with type filter, remote detail with config/patterns - Object browser with pagination and evict - Test Remote page: probe any remote path, see headers/size/timing - Virtuals page with expandable member lists TUI (Bubble Tea): - Dashboard, remotes list/detail, object browser, virtuals - Vim-style navigation, artifactapi tui --endpoint <url> Infrastructure: - S3 client supports MinIO, Ceph RGW, AWS S3 (minio-go) - PostgreSQL schema with migrations - Docker Compose: API + UI + Postgres 17 + Redis 7 + MinIO - Makefile with Go version check, build/test/lint/fmt/e2e targets - Distroless Docker image (~15MB) Testing: - Unit tests for models, classifier, providers, mergers - E2E tests with testcontainers-go (real Postgres/Redis/MinIO) Terraform config: - All 40 production remotes + helm virtual as HCL - Provider repo: terraform-provider-artifactapi v0.0.1 (separate) --------- Co-authored-by: Ben Vincent <ben@unkin.net> Reviewed-on: #47
89 lines
2.1 KiB
Go
89 lines
2.1 KiB
Go
package terraform
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"net/http"
|
|
"net/url"
|
|
"regexp"
|
|
"strings"
|
|
|
|
"git.unkin.net/unkin/artifactapi/internal/auth"
|
|
"git.unkin.net/unkin/artifactapi/internal/provider"
|
|
"git.unkin.net/unkin/artifactapi/pkg/models"
|
|
)
|
|
|
|
func init() {
|
|
provider.Register(&Provider{})
|
|
}
|
|
|
|
var versionsRe = regexp.MustCompile(`[^/]+/[^/]+/versions$`)
|
|
|
|
type Provider struct{}
|
|
|
|
func (p *Provider) Type() models.PackageType { return models.PackageTerraform }
|
|
|
|
func (p *Provider) Classify(path string) provider.Mutability {
|
|
if versionsRe.MatchString(path) {
|
|
return provider.Mutable
|
|
}
|
|
return provider.Immutable
|
|
}
|
|
|
|
func (p *Provider) ContentType(path string) string {
|
|
lower := strings.ToLower(path)
|
|
if strings.HasSuffix(lower, ".zip") {
|
|
return "application/zip"
|
|
}
|
|
if strings.HasSuffix(lower, ".sig") {
|
|
return "application/octet-stream"
|
|
}
|
|
return "application/json"
|
|
}
|
|
|
|
func (p *Provider) UpstreamURL(remote models.Remote, path string) string {
|
|
return strings.TrimRight(remote.BaseURL, "/") + "/v1/providers/" + strings.TrimLeft(path, "/")
|
|
}
|
|
|
|
func (p *Provider) RewriteResponse(body []byte, remote models.Remote, proxyBaseURL string) ([]byte, error) {
|
|
if remote.ReleasesRemote == "" {
|
|
return nil, nil
|
|
}
|
|
if !json.Valid(body) {
|
|
return nil, nil
|
|
}
|
|
|
|
var data map[string]any
|
|
if err := json.Unmarshal(body, &data); err != nil {
|
|
return nil, nil
|
|
}
|
|
|
|
changed := false
|
|
for _, field := range []string{"download_url", "shasums_url", "shasums_signature_url"} {
|
|
if val, ok := data[field].(string); ok && val != "" {
|
|
rewritten := rewriteDownloadURL(val, remote.ReleasesRemote, proxyBaseURL)
|
|
if rewritten != val {
|
|
data[field] = rewritten
|
|
changed = true
|
|
}
|
|
}
|
|
}
|
|
|
|
if !changed {
|
|
return nil, nil
|
|
}
|
|
return json.Marshal(data)
|
|
}
|
|
|
|
func rewriteDownloadURL(originalURL, releasesRemote, proxyBaseURL string) string {
|
|
parsed, err := url.Parse(originalURL)
|
|
if err != nil || proxyBaseURL == "" {
|
|
return originalURL
|
|
}
|
|
return strings.TrimRight(proxyBaseURL, "/") + "/api/v1/remote/" + releasesRemote + parsed.Path
|
|
}
|
|
|
|
func (p *Provider) AuthHeaders(_ context.Context, remote models.Remote) (http.Header, error) {
|
|
return auth.BasicHeaders(remote), nil
|
|
}
|