Rewrite of the Docker Registry HTTP API V2 in rust, using actix-web. It is intended to be used as a private registry for docker images as a replacement for nexus.
This project will implement the server-side of the registry API, but not the client-side. For client-side functionality, please use dkregistry-rs.
This is a work in progress.
- LDAP Authentication (with groups): Each group can be limited to a namespaces (e.g. group "dev" can only pull/push images matching "foo/img/*")
- Better Lifecycle Management: e.g. keep only the latest 5 major, 3 minor (of the last major version), all patch versions (of the last major version) of an image, or is accessed in the last 30 days.
- Use maven-inspired semver tags: e.g. "-SNAPSHOT" for latest build, "-RC" for release candidate. Releases can be configured as non over-writable.
- Allow saving to local file system or S3.
- Using a database for reference counting and garbage collection.
Currently, only the basic functionality is implemented. The following features are missing:
- rewrite endpoints for actix-web
- add logging
- docker push pong:8000/foo/sen:1.2.3 -> invalid checksum digest format
- docker pull pong:8000/foo/sen:1.2.3 -> Error response from daemon: missing signature key
- add CORS Headers
- HEAD /v2//blobs/sha256:
- basic auth credentials
- ldap auth
- make ldap search configurable
-
docker login
with username and password - sha256 checks
- Streaming upload
- Streaming download
- add tests, based on https://github.com/ecarrara/oci-registry-client
- add synchronisation for concurrent uploads
- add support for multiple registries in one instance
- add test-container for testing against ldap
- deduplicate layers
- add proxying request to other registries
- add support grouping registries in namespaces, e.g. first query the "dev" registry, then the "prod" registry before ghcr.io is queried.
- add rights management for namespaces
- add docker-compose file for easy setup of database
- add database backend for reference counting and garbage collection: https://diesel.rs/guides/getting-started.html
- add database schema
- add database connection pool
- add mapping
- add/update last access timestamp to manifests, layers and tags
- parse manifest and add layers to database
- add garbage collection for unused layers
- async calls to database: https://hub.packtpub.com/multithreading-in-rust-using-crates-tutorial/
- add search within database
- add /v2/_catalog listing
- add /v2//tags/list
- delete unfinished uploads
- multiple uploads of the same tag result in multiple manifests, indentation is changed (3 vs 4 spaces).
- add /v2/_catalog listing
- add /v2//tags/list
- config file for auth and storage backends
- implement storage backend for local fs
- add tls support
- semver parsing for tags, keeping the latest x-major, y-minor, z-patch versions
- cleanup-jobs for removing old images/manifests: https://docs.rs/job_scheduler/latest/job_scheduler/
- add DELETE Endpoints
- make trait for auth backend
- add
docker login
token support - add virtual host support
- make trait for storage backend
- implement storage backend for s3
Licensed under
- MIT license (LICENSE-MIT or http://opensource.org/licenses/MIT)