refactor(extensions)!: refactor the extensions URLs and errors (#1636)

BREAKING CHANGE: The functionality provided by the mgmt endpoint has beed redesigned - see details below BREAKING CHANGE: The API keys endpoint has been moved - see details below BREAKING CHANGE: The mgmt extension config has been removed - endpoint is now enabled by having both the search and the ui extensions enabled BREAKING CHANGE: The API keys configuration has been moved from extensions to http>auth>apikey mgmt and imagetrust extensions: - separate the _zot/ext/mgmt into 3 separate endpoints: _zot/ext/auth, _zot/ext/notation, _zot/ext/cosign - signature verification logic is in a separate `imagetrust` extension - better hanling or errors in case of signature uploads: logging and error codes (more 400 and less 500 errors) - add authz on signature uploads (and add a new middleware in common for this purpose) - remove the mgmt extension configuration - it is now enabled if the UI and the search extensions are enabled userprefs estension: - userprefs are enabled if both search and ui extensions are enabled (as opposed to just search) apikey extension is removed and logic moved into the api folder - Move apikeys code out of pkg/extensions and into pkg/api - Remove apikey configuration options from the extensions configuration and move it inside the http auth section - remove the build label apikeys other changes: - move most of the logic adding handlers to the extensions endpoints out of routes.go and into the extensions files. - add warnings in case the users are still using configurations with the obsolete settings for mgmt and api keys - add a new function in the extension package which could be a single point of starting backgroud tasks for all extensions - more clear methods for verifying specific extensions are enabled - fix http methods paired with the UI handlers - rebuild swagger docs Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
2026-06-16 20:38:08 +08:00 · 2023-08-02 21:58:34 +03:00
parent 42f9f78125
commit 77149aa85c
61 changed files with 3405 additions and 1471 deletions
@@ -50,6 +50,7 @@ type AuthConfig struct {
 	LDAP      *LDAPConfig
 	Bearer    *BearerConfig
 	OpenID    *OpenIDConfig
+	APIKey    bool
 }

 type BearerConfig struct {
@@ -274,8 +275,7 @@ func (c *Config) IsOpenIDAuthEnabled() bool {
 }

 func (c *Config) IsAPIKeyEnabled() bool {
-	if c.Extensions != nil && c.Extensions.APIKey != nil &&
-		*c.Extensions.APIKey.Enable {
+	if c.HTTP.Auth != nil && c.HTTP.Auth.APIKey {
 		return true
 	}

@@ -308,6 +308,38 @@ func isOpenIDAuthProviderEnabled(config *Config, provider string) bool {
 	return false
 }

+func (c *Config) IsSearchEnabled() bool {
+	return c.Extensions != nil && c.Extensions.Search != nil && *c.Extensions.Search.Enable
+}
+
+func (c *Config) IsUIEnabled() bool {
+	return c.Extensions != nil && c.Extensions.UI != nil && *c.Extensions.UI.Enable
+}
+
+func (c *Config) AreUserPrefsEnabled() bool {
+	return c.IsSearchEnabled() && c.IsUIEnabled()
+}
+
+func (c *Config) IsMgmtEnabled() bool {
+	return c.IsSearchEnabled() && c.IsUIEnabled()
+}
+
+func (c *Config) IsImageTrustEnabled() bool {
+	return c.Extensions != nil && c.Extensions.Trust != nil && *c.Extensions.Trust.Enable
+}
+
+func (c *Config) IsCosignEnabled() bool {
+	return c.IsImageTrustEnabled() && c.Extensions.Trust.Cosign
+}
+
+func (c *Config) IsNotationEnabled() bool {
+	return c.IsImageTrustEnabled() && c.Extensions.Trust.Notation
+}
+
+func (c *Config) IsSyncEnabled() bool {
+	return c.Extensions != nil && c.Extensions.Sync != nil && *c.Extensions.Sync.Enable
+}
+
 func IsOpenIDSupported(provider string) bool {
 	for _, supportedProvider := range openIDSupportedProviders {
 		if supportedProvider == provider {