multi registry support v3
This commit is contained in:
@@ -1,92 +1,7 @@
|
||||
/**
|
||||
* Interfaces and types for OCI Distribution Specification compliant registry
|
||||
* OCI Distribution Specification specific interfaces
|
||||
*/
|
||||
|
||||
/**
|
||||
* Credentials for authentication
|
||||
*/
|
||||
export interface IRegistryCredentials {
|
||||
username: string;
|
||||
password: string;
|
||||
}
|
||||
|
||||
/**
|
||||
* Actions that can be performed on a repository
|
||||
*/
|
||||
export type TRegistryAction = 'pull' | 'push' | 'delete' | '*';
|
||||
|
||||
/**
|
||||
* JWT token structure for OCI registry authentication
|
||||
*/
|
||||
export interface IRegistryToken {
|
||||
/** Issuer */
|
||||
iss: string;
|
||||
/** Subject (user identifier) */
|
||||
sub: string;
|
||||
/** Audience (service name) */
|
||||
aud: string;
|
||||
/** Expiration timestamp */
|
||||
exp: number;
|
||||
/** Not before timestamp */
|
||||
nbf: number;
|
||||
/** Issued at timestamp */
|
||||
iat: number;
|
||||
/** JWT ID */
|
||||
jti?: string;
|
||||
/** Access permissions */
|
||||
access: Array<{
|
||||
type: 'repository' | 'registry';
|
||||
name: string;
|
||||
actions: TRegistryAction[];
|
||||
}>;
|
||||
}
|
||||
|
||||
/**
|
||||
* Callback function for user login - returns JWT token
|
||||
* @param credentials - User credentials
|
||||
* @returns JWT token string
|
||||
*/
|
||||
export type TLoginCallback = (
|
||||
credentials: IRegistryCredentials
|
||||
) => Promise<string>;
|
||||
|
||||
/**
|
||||
* Callback function for authorization check
|
||||
* @param token - JWT token string
|
||||
* @param repository - Repository name (e.g., "library/nginx")
|
||||
* @param action - Action to perform
|
||||
* @returns true if authorized, false otherwise
|
||||
*/
|
||||
export type TAuthCallback = (
|
||||
token: string,
|
||||
repository: string,
|
||||
action: TRegistryAction
|
||||
) => Promise<boolean>;
|
||||
|
||||
/**
|
||||
* Configuration for the registry
|
||||
*/
|
||||
export interface IRegistryConfig {
|
||||
/** Storage bucket configuration */
|
||||
storage: {
|
||||
accessKey: string;
|
||||
accessSecret: string;
|
||||
endpoint: string;
|
||||
port?: number;
|
||||
useSsl?: boolean;
|
||||
region?: string;
|
||||
bucketName: string;
|
||||
};
|
||||
/** Service name for token authentication */
|
||||
serviceName: string;
|
||||
/** Token realm (authorization server URL) */
|
||||
tokenRealm: string;
|
||||
/** Login callback */
|
||||
loginCallback: TLoginCallback;
|
||||
/** Authorization callback */
|
||||
authCallback: TAuthCallback;
|
||||
}
|
||||
|
||||
/**
|
||||
* OCI manifest structure
|
||||
*/
|
||||
@@ -175,17 +90,6 @@ export interface IReferrersResponse {
|
||||
}>;
|
||||
}
|
||||
|
||||
/**
|
||||
* Registry error response
|
||||
*/
|
||||
export interface IRegistryError {
|
||||
errors: Array<{
|
||||
code: string;
|
||||
message: string;
|
||||
detail?: any;
|
||||
}>;
|
||||
}
|
||||
|
||||
/**
|
||||
* Pagination options for listing
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user