From 68a2fa54dedcdbe893ec811413d1703e5f6ac2dc Mon Sep 17 00:00:00 2001
From: Grzegorz Bizon <grzesiek.bizon@gmail.com>
Date: Wed, 22 Mar 2017 11:08:23 +0100
Subject: [PATCH] Remove out-of-scope changes for multi-level images
---
.../admin/application_settings_controller.rb | 6 --
.../admin/container_registry_controller.rb | 11 ----
app/models/application_setting.rb | 6 --
.../admin/container_registry/show.html.haml | 31 ----------
app/views/admin/dashboard/_head.html.haml | 4 --
config/routes/admin.rb | 2 -
...ry_access_token_to_application_settings.rb | 13 ----
doc/administration/container_registry.md | 18 ------
lib/api/api.rb | 1 -
lib/api/helpers.rb | 10 ----
lib/api/registry_events.rb | 60 -------------------
lib/container_registry/ROADMAP.md | 7 ---
12 files changed, 169 deletions(-)
delete mode 100644 app/controllers/admin/container_registry_controller.rb
delete mode 100644 app/views/admin/container_registry/show.html.haml
delete mode 100644 db/migrate/20161213212947_add_container_registry_access_token_to_application_settings.rb
delete mode 100644 lib/api/registry_events.rb
delete mode 100644 lib/container_registry/ROADMAP.md
diff --git a/app/controllers/admin/application_settings_controller.rb b/app/controllers/admin/application_settings_controller.rb
index 1d0bd6e0b81..8d831ffdd70 100644
--- a/app/controllers/admin/application_settings_controller.rb
+++ b/app/controllers/admin/application_settings_controller.rb
@@ -29,12 +29,6 @@ class Admin::ApplicationSettingsController < Admin::ApplicationController
redirect_to :back
end
- def reset_container_registry_token
- @application_setting.reset_container_registry_access_token!
- flash[:notice] = 'New container registry access token has been generated!'
- redirect_to :back
- end
-
def clear_repository_check_states
RepositoryCheck::ClearWorker.perform_async
diff --git a/app/controllers/admin/container_registry_controller.rb b/app/controllers/admin/container_registry_controller.rb
deleted file mode 100644
index 265c032c67d..00000000000
--- a/app/controllers/admin/container_registry_controller.rb
+++ /dev/null
@@ -1,11 +0,0 @@
-class Admin::ContainerRegistryController < Admin::ApplicationController
- def show
- @access_token = container_registry_access_token
- end
-
- private
-
- def container_registry_access_token
- current_application_settings.container_registry_access_token
- end
-end
diff --git a/app/models/application_setting.rb b/app/models/application_setting.rb
index 9d01a70c77d..671a0fe98cc 100644
--- a/app/models/application_setting.rb
+++ b/app/models/application_setting.rb
@@ -4,7 +4,6 @@ class ApplicationSetting < ActiveRecord::Base
add_authentication_token_field :runners_registration_token
add_authentication_token_field :health_check_access_token
- add_authentication_token_field :container_registry_access_token
CACHE_KEY = 'application_setting.last'.freeze
DOMAIN_LIST_SEPARATOR = %r{\s*[,;]\s* # comma or semicolon, optionally surrounded by whitespace
@@ -158,7 +157,6 @@ class ApplicationSetting < ActiveRecord::Base
before_save :ensure_runners_registration_token
before_save :ensure_health_check_access_token
- before_save :ensure_container_registry_access_token
after_commit do
Rails.cache.write(CACHE_KEY, self)
@@ -332,10 +330,6 @@ class ApplicationSetting < ActiveRecord::Base
ensure_health_check_access_token!
end
- def container_registry_access_token
- ensure_container_registry_access_token!
- end
-
def sidekiq_throttling_enabled?
return false unless sidekiq_throttling_column_exists?
diff --git a/app/views/admin/container_registry/show.html.haml b/app/views/admin/container_registry/show.html.haml
deleted file mode 100644
index ffaa7736d65..00000000000
--- a/app/views/admin/container_registry/show.html.haml
+++ /dev/null
@@ -1,31 +0,0 @@
-- @no_container = true
-= render "admin/dashboard/head"
-
-%div{ class: container_class }
-
- %p.prepend-top-default
- %span
- To properly configure the Container Registry you should add the following
- access token to the Docker Registry config.yml as follows:
- %pre
- %code
- :plain
- notifications:
- endpoints:
- - ...
- headers:
- X-Registry-Token: [#{@access_token}]
- %br
- Access token is
- %code{ id: 'registry-token' }= @access_token
-
- .bs-callout.clearfix
- .pull-left
- %p
- You can reset container registry access token by pressing the button below.
- %p
- = button_to reset_container_registry_token_admin_application_settings_path,
- method: :put, class: 'btn btn-default',
- data: { confirm: 'Are you sure you want to reset container registry token?' } do
- = icon('refresh')
- Reset container registry access token
diff --git a/app/views/admin/dashboard/_head.html.haml b/app/views/admin/dashboard/_head.html.haml
index dbd039547fa..7893c1dee97 100644
--- a/app/views/admin/dashboard/_head.html.haml
+++ b/app/views/admin/dashboard/_head.html.haml
@@ -27,7 +27,3 @@
= link_to admin_runners_path, title: 'Runners' do
%span
Runners
- = nav_link path: 'container_registry#show' do
- = link_to admin_container_registry_path, title: 'Registry' do
- %span
- Registry
diff --git a/config/routes/admin.rb b/config/routes/admin.rb
index fcbe2e2c435..486ce3c5c87 100644
--- a/config/routes/admin.rb
+++ b/config/routes/admin.rb
@@ -63,7 +63,6 @@ namespace :admin do
resource :background_jobs, controller: 'background_jobs', only: [:show]
resource :system_info, controller: 'system_info', only: [:show]
resources :requests_profiles, only: [:index, :show], param: :name, constraints: { name: /.+\.html/ }
- resource :container_registry, controller: 'container_registry', only: [:show]
resources :projects, only: [:index]
@@ -94,7 +93,6 @@ namespace :admin do
resources :services, only: [:index, :edit, :update]
put :reset_runners_token
put :reset_health_check_token
- put :reset_container_registry_token
put :clear_repository_check_states
end
diff --git a/db/migrate/20161213212947_add_container_registry_access_token_to_application_settings.rb b/db/migrate/20161213212947_add_container_registry_access_token_to_application_settings.rb
deleted file mode 100644
index 23d87cc6d0a..00000000000
--- a/db/migrate/20161213212947_add_container_registry_access_token_to_application_settings.rb
+++ /dev/null
@@ -1,13 +0,0 @@
-# See http://doc.gitlab.com/ce/development/migration_style_guide.html
-# for more information on how to write migrations for GitLab.
-
-class AddContainerRegistryAccessTokenToApplicationSettings < ActiveRecord::Migration
- include Gitlab::Database::MigrationHelpers
-
- # Set this constant to true if this migration requires downtime.
- DOWNTIME = false
-
- def change
- add_column :application_settings, :container_registry_access_token, :string
- end
-end
diff --git a/doc/administration/container_registry.md b/doc/administration/container_registry.md
index dc4e57f25fb..f707039827b 100644
--- a/doc/administration/container_registry.md
+++ b/doc/administration/container_registry.md
@@ -87,23 +87,6 @@ auth:
rootcertbundle: /root/certs/certbundle
```
-Also a notification endpoint must be configured with the token from
-Admin Area -> Overview -> Registry (`/admin/container_registry`) like in the following sample:
-
-```
-notifications:
- endpoints:
- - name: listener
- url: https://gitlab.example.com/api/v3/registry_events
- headers:
- X-Registry-Token: [57Cx95fc2zHFh93VTiGD]
- timeout: 500ms
- threshold: 5
- backoff: 1s
-```
-
-Check the [Registry endpoint configuration][registry-endpoint] for details.
-
## Container Registry domain configuration
There are two ways you can configure the Registry's external domain.
@@ -600,7 +583,6 @@ notifications:
[storage-config]: https://docs.docker.com/registry/configuration/#storage
[registry-http-config]: https://docs.docker.com/registry/configuration/#http
[registry-auth]: https://docs.docker.com/registry/configuration/#auth
-[registry-endpoint]: https://docs.docker.com/registry/notifications/#/configuration
[token-config]: https://docs.docker.com/registry/configuration/#token
[8-8-docs]: https://gitlab.com/gitlab-org/gitlab-ce/blob/8-8-stable/doc/administration/container_registry.md
[registry-ssl]: https://gitlab.com/gitlab-org/gitlab-ce/blob/master/lib/support/nginx/registry-ssl
diff --git a/lib/api/api.rb b/lib/api/api.rb
index 7c7bfada7d0..1bf20f76ad6 100644
--- a/lib/api/api.rb
+++ b/lib/api/api.rb
@@ -104,7 +104,6 @@ module API
mount ::API::Namespaces
mount ::API::Notes
mount ::API::NotificationSettings
- mount ::API::RegistryEvents
mount ::API::Pipelines
mount ::API::ProjectHooks
mount ::API::Projects
diff --git a/lib/api/helpers.rb b/lib/api/helpers.rb
index 3c173b544aa..bd22b82476b 100644
--- a/lib/api/helpers.rb
+++ b/lib/api/helpers.rb
@@ -111,16 +111,6 @@ module API
end
end
- def authenticate_container_registry_access_token!
- token = request.headers['X-Registry-Token']
- unless token.present? && ActiveSupport::SecurityUtils.variable_size_secure_compare(
- token,
- current_application_settings.container_registry_access_token
- )
- unauthorized!
- end
- end
-
def authenticated_as_admin!
authenticate!
forbidden! unless current_user.is_admin?
diff --git a/lib/api/registry_events.rb b/lib/api/registry_events.rb
deleted file mode 100644
index 8c53e0fcfc0..00000000000
--- a/lib/api/registry_events.rb
+++ /dev/null
@@ -1,60 +0,0 @@
-module API
- # RegistryEvents API
- class RegistryEvents < Grape::API
- before { authenticate_container_registry_access_token! }
-
- content_type :json, 'application/vnd.docker.distribution.events.v1+json'
-
- params do
- requires :events, type: Array, desc: 'The ID of a project' do
- requires :id, type: String, desc: 'The ID of the event'
- requires :timestamp, type: String, desc: 'Timestamp of the event'
- requires :action, type: String, desc: 'Action performed by event'
- requires :target, type: Hash, desc: 'Target of the event' do
- optional :mediaType, type: String, desc: 'Media type of the target'
- optional :size, type: Integer, desc: 'Size in bytes of the target'
- requires :digest, type: String, desc: 'Digest of the target'
- requires :repository, type: String, desc: 'Repository of target'
- optional :url, type: String, desc: 'Url of the target'
- optional :tag, type: String, desc: 'Tag of the target'
- end
- requires :request, type: Hash, desc: 'Request of the event' do
- requires :id, type: String, desc: 'The ID of the request'
- optional :addr, type: String, desc: 'IP Address of the request client'
- optional :host, type: String, desc: 'Hostname of the registry instance'
- requires :method, type: String, desc: 'Request method'
- requires :useragent, type: String, desc: 'UserAgent header of the request'
- end
- requires :actor, type: Hash, desc: 'Actor that initiated the event' do
- optional :name, type: String, desc: 'Actor name'
- end
- requires :source, type: Hash, desc: 'Source of the event' do
- optional :addr, type: String, desc: 'Hostname of source registry node'
- optional :instanceID, type: String, desc: 'Source registry node instanceID'
- end
- end
- end
- resource :registry_events do
- post do
- params['events'].each do |event|
- repository = event['target']['repository']
-
- if event['action'] == 'push' && !!event['target']['tag']
- namespace, container_image_name = ContainerImage::split_namespace(repository)
- project = Project::find_by_full_path(namespace)
-
- if project
- container_image = project.container_images.find_or_create_by(name: container_image_name, path: container_image_name)
-
- unless container_image.valid?
- render_api_error!({ error: "Failed to create container image!" }, 400)
- end
- else
- not_found!('Project')
- end
- end
- end
- end
- end
- end
-end
diff --git a/lib/container_registry/ROADMAP.md b/lib/container_registry/ROADMAP.md
deleted file mode 100644
index e0a20776404..00000000000
--- a/lib/container_registry/ROADMAP.md
+++ /dev/null
@@ -1,7 +0,0 @@
-## Road map
-
-### Initial thoughts
-
-- Determine if image names will be persisted or fetched from API
-- If persisted, how to update the stored names upon modification
-- If fetched, how to fetch only images of a given project
--
GitLab