// RootHandler returns the handler that routes all the paths from / for the
// server.
func RootHandler(ac auth.AccessController, ctx context.Context, trust signed.CryptoService) http.Handler {
hand := utils.RootHandlerFactory(ac, ctx, trust)
r := mux.NewRouter()
r.Methods("GET").Path("/v2/").Handler(hand(handlers.MainHandler))
r.Methods("POST").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("UpdateTuf"),
hand(handlers.AtomicUpdateHandler, "push", "pull")))
r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("GetRole"),
hand(handlers.GetHandler, "pull")))
r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.json").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("GetTimestamp"),
hand(handlers.GetTimestampHandler, "pull")))
r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.key").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("GetTimestampKey"),
hand(handlers.GetTimestampKeyHandler, "push", "pull")))
r.Methods("DELETE").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("DeleteTuf"),
hand(handlers.DeleteHandler, "push", "pull")))
r.Methods("GET").Path("/_notary_server/health").Handler(hand(
func(ctx context.Context, w http.ResponseWriter, r *http.Request) error {
health.StatusHandler(w, r)
return nil
}))
r.Methods("GET").Path("/_notary_server/metrics").Handler(prometheus.Handler())
r.Methods("GET", "POST", "PUT", "HEAD", "DELETE").Path("/{other:.*}").Handler(hand(utils.NotFoundHandler))
return r
}
// RootHandler returns the handler that routes all the paths from / for the
// server.
func RootHandler(ac auth.AccessController, ctx context.Context, trust signed.CryptoService) http.Handler {
hand := utils.RootHandlerFactory(ac, ctx, trust)
r := mux.NewRouter()
r.Methods("GET").Path("/v2/").Handler(hand(handlers.MainHandler))
r.Methods("POST").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("UpdateTuf"),
hand(handlers.AtomicUpdateHandler, "push", "pull")))
r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:root|targets(?:/[^/\\s]+)*|snapshot|timestamp}.{checksum:[a-fA-F0-9]{64}|[a-fA-F0-9]{96}|[a-fA-F0-9]{128}}.json").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("GetRoleByHash"),
hand(handlers.GetHandler, "pull")))
r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:root|targets(?:/[^/\\s]+)*|snapshot|timestamp}.json").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("GetRole"),
hand(handlers.GetHandler, "pull")))
r.Methods("GET").Path(
"/v2/{imageName:.*}/_trust/tuf/{tufRole:snapshot|timestamp}.key").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("GetKey"),
hand(handlers.GetKeyHandler, "push", "pull")))
r.Methods("DELETE").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(
prometheus.InstrumentHandlerWithOpts(
prometheusOpts("DeleteTuf"),
hand(handlers.DeleteHandler, "push", "pull")))
r.Methods("GET").Path("/_notary_server/health").HandlerFunc(health.StatusHandler)
r.Methods("GET").Path("/metrics").Handler(prometheus.Handler())
r.Methods("GET", "POST", "PUT", "HEAD", "DELETE").Path("/{other:.*}").Handler(
hand(handlers.NotFoundHandler))
return r
}
// RootHandler returns the handler that routes all the paths from / for the
// server.
func RootHandler(ctx context.Context, ac auth.AccessController, trust signed.CryptoService,
consistent, current utils.CacheControlConfig, repoPrefixes []string) http.Handler {
authWrapper := utils.RootHandlerFactory(ctx, ac, trust)
createHandler := func(opts _serverEndpoint) http.Handler {
var wrapped http.Handler
wrapped = authWrapper(opts.ServerHandler, opts.PermissionsRequired...)
if opts.IncludeCacheHeaders {
wrapped = utils.WrapWithCacheHandler(opts.CacheControlConfig, wrapped)
}
wrapped = filterImagePrefixes(repoPrefixes, opts.ErrorIfGUNInvalid, wrapped)
return prometheus.InstrumentHandlerWithOpts(prometheusOpts(opts.OperationName), wrapped)
}
invalidGUNErr := errors.ErrInvalidGUN.WithDetail(fmt.Sprintf("Require GUNs with prefix: %v", repoPrefixes))
notFoundError := errors.ErrMetadataNotFound.WithDetail(nil)
r := mux.NewRouter()
r.Methods("GET").Path("/v2/").Handler(authWrapper(handlers.MainHandler))
r.Methods("POST").Path("/v2/{imageName:[^*]+}/_trust/tuf/").Handler(createHandler(_serverEndpoint{
OperationName: "UpdateTUF",
ErrorIfGUNInvalid: invalidGUNErr,
ServerHandler: handlers.AtomicUpdateHandler,
PermissionsRequired: []string{"push", "pull"},
}))
r.Methods("GET").Path("/v2/{imageName:[^*]+}/_trust/tuf/{tufRole:root|targets(?:/[^/\\s]+)*|snapshot|timestamp}.{checksum:[a-fA-F0-9]{64}|[a-fA-F0-9]{96}|[a-fA-F0-9]{128}}.json").Handler(createHandler(_serverEndpoint{
OperationName: "GetRoleByHash",
ErrorIfGUNInvalid: notFoundError,
IncludeCacheHeaders: true,
CacheControlConfig: consistent,
ServerHandler: handlers.GetHandler,
PermissionsRequired: []string{"pull"},
}))
r.Methods("GET").Path("/v2/{imageName:[^*]+}/_trust/tuf/{tufRole:root|targets(?:/[^/\\s]+)*|snapshot|timestamp}.json").Handler(createHandler(_serverEndpoint{
OperationName: "GetRole",
ErrorIfGUNInvalid: notFoundError,
IncludeCacheHeaders: true,
CacheControlConfig: current,
ServerHandler: handlers.GetHandler,
PermissionsRequired: []string{"pull"},
}))
r.Methods("GET").Path(
"/v2/{imageName:[^*]+}/_trust/tuf/{tufRole:snapshot|timestamp}.key").Handler(createHandler(_serverEndpoint{
OperationName: "GetKey",
ErrorIfGUNInvalid: notFoundError,
ServerHandler: handlers.GetKeyHandler,
PermissionsRequired: []string{"push", "pull"},
}))
r.Methods("POST").Path(
"/v2/{imageName:[^*]+}/_trust/tuf/{tufRole:snapshot|timestamp}.key").Handler(createHandler(_serverEndpoint{
OperationName: "RotateKey",
ErrorIfGUNInvalid: notFoundError,
ServerHandler: handlers.RotateKeyHandler,
PermissionsRequired: []string{"*"},
}))
r.Methods("DELETE").Path("/v2/{imageName:[^*]+}/_trust/tuf/").Handler(createHandler(_serverEndpoint{
OperationName: "DeleteTUF",
ErrorIfGUNInvalid: notFoundError,
ServerHandler: handlers.DeleteHandler,
PermissionsRequired: []string{"*"},
}))
r.Methods("GET").Path("/v2/{imageName:[^*]+}/_trust/changefeed").Handler(createHandler(_serverEndpoint{
OperationName: "Changefeed",
ErrorIfGUNInvalid: notFoundError,
ServerHandler: handlers.Changefeed,
PermissionsRequired: []string{"pull"},
}))
r.Methods("GET").Path("/v2/_trust/changefeed").Handler(createHandler(_serverEndpoint{
OperationName: "Changefeed",
ServerHandler: handlers.Changefeed,
PermissionsRequired: []string{"*"},
}))
r.Methods("GET").Path("/_notary_server/health").HandlerFunc(health.StatusHandler)
r.Methods("GET").Path("/metrics").Handler(prometheus.Handler())
r.Methods("GET", "POST", "PUT", "HEAD", "DELETE").Path("/{other:.*}").Handler(
authWrapper(handlers.NotFoundHandler))
return r
}
