docker registry in rust

Rewrite of the Docker Registry HTTP API V2 in rust, using actix-web. It is intended to be used as a private registry for docker images as a replacement for nexus.

This project will implement the server-side of the registry API, but not the client-side. For client-side functionality, please use dkregistry-rs.

This is a work in progress.

Planned Features:

• LDAP Authentication (with groups): Each group can be limited to a namespaces (e.g. group "dev" can only pull/push images matching "foo/img/*")
• Better Lifecycle Management: e.g. keep only the latest 5 major, 3 minor (of the last major version), all patch versions (of the last major version) of an image, or is accessed in the last 30 days.
• Use maven-inspired semver tags: e.g. "-SNAPSHOT" for latest build, "-RC" for release candidate. Releases can be configured as non over-writable.
• Allow saving to local file system or S3.
• Using a database for reference counting and garbage collection.

Currently, only the basic functionality is implemented. The following features are missing:

TODOs

• rewrite endpoints for actix-web
• add logging
• docker push pong:8000/foo/sen:1.2.3 -> invalid checksum digest format
• docker pull pong:8000/foo/sen:1.2.3 -> Error response from daemon: missing signature key
• add CORS Headers
• HEAD /v2//blobs/sha256:
• basic auth credentials
• ldap auth
• make ldap search configurable
• docker login with username and password
• sha256 checks
• Streaming upload
• Streaming download
• add tests, based on https://github.com/ecarrara/oci-registry-client
• add synchronisation for concurrent uploads
• add support for multiple registries in one instance
• add test-container for testing against ldap
• deduplicate layers
• add proxying request to other registries
• add support grouping registries in namespaces, e.g. first query the "dev" registry, then the "prod" registry before ghcr.io is queried.
• add rights management for namespaces
• add docker-compose file for easy setup of database
• add database backend for reference counting and garbage collection: https://diesel.rs/guides/getting-started.html
  • add database schema
  • add database connection pool
  • add mapping
  • add/update last access timestamp to manifests, layers and tags
  • parse manifest and add layers to database
  • add garbage collection for unused layers
• async calls to database: https://hub.packtpub.com/multithreading-in-rust-using-crates-tutorial/
• add search within database
  • add /v2/_catalog listing
  • add /v2//tags/list
• delete unfinished uploads
• multiple uploads of the same tag result in multiple manifests, indentation is changed (3 vs 4 spaces).
• add /v2/_catalog listing
• add /v2//tags/list
• config file for auth and storage backends
• implement storage backend for local fs
• add tls support
• semver parsing for tags, keeping the latest x-major, y-minor, z-patch versions
• cleanup-jobs for removing old images/manifests: https://docs.rs/job_scheduler/latest/job_scheduler/

Maybe

• add DELETE Endpoints
• make trait for auth backend
• add docker login token support
• add virtual host support
• make trait for storage backend
• implement storage backend for s3

License

Licensed under

• MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)