-
Notifications
You must be signed in to change notification settings - Fork 390
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Gitlab registry support #1283
Gitlab registry support #1283
Conversation
Thanks for submitting your first pull request! You are awesome! 🤗 |
Would be very hyped to see this PR go through |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you for opening this! I've left some comments, will be happy to continue reviewing and getting this in. \o/
tag = tag_splits[1] | ||
else: | ||
image_name = full_name | ||
tag = 'latest' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In the current implementation, I think the tag is left unspecified if it isn't present. Let's preserve that?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wouldn't mind. If i see correctly, the tag is passed to registry.get_image_manifest()
where the following happens:
"{}/v2/{}/manifests/{}".format(self.url, image, tag)
So if tag is an empty string, could this be a problem for the manifests API? Idk personally, as i am pretty much clueless about this.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@rappertomate I think tag is just always required to be specified when pushing, and is never left empty. I wouldn't mind raising an exception if tag is empty or None, but we can tackle that in another PR. I mostly just wanted to make sure the behavior doesn't change.
I think once that's done I'll happily merge this.
image_name = full_name | ||
tag = 'latest' | ||
|
||
if re.fullmatch('[a-z0-9]{4,40}/[a-z0-9._-]{2,255}', image_name): |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Could we not instead just check for the number of /
present? The full validator for image names is at https://github.com/distribution/distribution/blob/main/reference/regexp.go, and I'm not sure if this is exactly right. Can we get away with not using regexes?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not so sure. What if we have self-host registries without any paths to specify user or project? The unit test shows an example:
("weirdregistry.com/image:tag", "image", "tag")
vs.
("jupyterhub/k8s-binderhub:0.2.0-a2079a5", "jupyterhub/k8s-binderhub", "0.2.0-a2079a5")
This distinction cannot be covered by just counting /
. And the purpose of this PR should be to cover these edge cases as well imo.
I just merged this, let's deploy this and see how it goes :) I think the behavior change with |
Have you deployed this yet @yuvipanda ? |
I gave it a quick shot on minikube and it works as expected. I have tested it with a private GitLab instance using Helm values as described in the initial post of this PR. I'm not involved with operating any BinderHub instance anymore these days which is why I'm not available to test this more thoroughly. |
I'll give it a go too |
@betatim jupyterhub/mybinder.org-deploy#1991 just deployed it |
This PR provides support for GitLab image registry and possibly also further non-Docker Hub image registries, the latter not tested.
New code was tested against following image registries using minikube:
Besides parsing image names, we also append the query param
service=container_registry
when sending requests to read manifests. I have noticed that without, both Gitlab.com and my private instance, can't be accessed properly. See Gitlab docs for more context. I can tell that in case of Docker Hub, the extra param is no issue and i assume same applies for other Image registries.Note that this is mostly not my own work, most of the code is based on #986 .
For reference, the relevant parts of an example config using Gitlab.com image registry: