Is your feature request related to a problem? Please describe.
Hi,
Currently have unsupported service image updates because my provider is using Jfrog based docker repo.
It impact service updates and we have to specify directly the service manifest file.
Following logs are generated by the updater component : [CV] Cannot fetch latest tag for service YARA - cccs/assemblyline-service-yara.
Describe the solution you'd like
Jfrog API is described here : https://docs.jfrog.com/artifactory/reference/listDockerTags
We can add specific profile for Jfrog or extend the ContainerRegistry class so we can directly specify the url
A specific repokey, a local name for the jfrog repo have to be given to forge the url
In some cases the repokey can be derivated from the hostname of repo's fqdn but it dont seems to always be the case so a new repokey variable might be added via config or env.
Additional context
Here is a potential draft prototype of a class to add to the updater/helper.py code
class JfrogRegistry(ContainerRegistry):
def _get_proprietary_registry_tags(self, server, image_name, auth, verify, **repokey**):
# Find latest tag for each types
url = f"https://{server}/artifactory/api/docker/{repokey}/v2/{image_name}/tags/list"
# Get tag list
headers = {}
if auth:
headers["Authorization"] = auth
resp = requests.get(url, headers=headers, verify=verify)
# Test for valid response
if resp.ok:
# Test for positive list of tags
resp_data = resp.json()
return resp_data['tags']
return []
REGISTRY_TYPE_MAPPING = {
'docker': DockerRegistry(),
'harbor': HarborRegistry(),
'jfrog' : JfrogRegistry()
}
It also seems necessary to add Auth Bearer specific code because following test consider having both password and username to be set :
if service_config.docker_config.registry_username and service_config.docker_config.registry_password
Thank you so much
Is your feature request related to a problem? Please describe.
Hi,
Currently have unsupported service image updates because my provider is using Jfrog based docker repo.
It impact service updates and we have to specify directly the service manifest file.
Following logs are generated by the updater component : [CV] Cannot fetch latest tag for service YARA - cccs/assemblyline-service-yara.
Describe the solution you'd like
Jfrog API is described here : https://docs.jfrog.com/artifactory/reference/listDockerTags
We can add specific profile for Jfrog or extend the ContainerRegistry class so we can directly specify the url
A specific repokey, a local name for the jfrog repo have to be given to forge the url
In some cases the repokey can be derivated from the hostname of repo's fqdn but it dont seems to always be the case so a new repokey variable might be added via config or env.
Additional context
Here is a potential draft prototype of a class to add to the updater/helper.py code
It also seems necessary to add Auth Bearer specific code because following test consider having both password and username to be set :
if service_config.docker_config.registry_username and service_config.docker_config.registry_passwordThank you so much