Allowed_image
This commit is contained in:
@@ -64,6 +64,7 @@ const (
|
||||
PURCHASE_RESOURCE = tools.PURCHASE_RESOURCE
|
||||
NATIVE_TOOL = tools.NATIVE_TOOL
|
||||
EXECUTION_VERIFICATION = tools.EXECUTION_VERIFICATION
|
||||
ALLOWED_IMAGE = tools.ALLOWED_IMAGE
|
||||
)
|
||||
|
||||
func GetMySelf() (*peer.Peer, error) {
|
||||
|
||||
56
models/allowed_image/allowed_image.go
Normal file
56
models/allowed_image/allowed_image.go
Normal file
@@ -0,0 +1,56 @@
|
||||
package allowed_image
|
||||
|
||||
import (
|
||||
"cloud.o-forge.io/core/oc-lib/models/utils"
|
||||
"cloud.o-forge.io/core/oc-lib/tools"
|
||||
)
|
||||
|
||||
// AllowedImage représente une image de conteneur autorisée à persister
|
||||
// sur un peer après l'exécution d'un workflow.
|
||||
//
|
||||
// La décision de rétention est entièrement locale au datacenter —
|
||||
// le fournisseur de processing n'a aucun levier sur cette liste.
|
||||
//
|
||||
// Règle de matching (côté oc-datacenter) :
|
||||
// - Registry vide = toutes les registries
|
||||
// - TagConstraint vide = toutes les versions
|
||||
// - TagConstraint non vide = exact ou glob (ex: "3.*", "1.2.3")
|
||||
//
|
||||
// Les entrées IsDefault sont créées au bootstrap et ne peuvent pas
|
||||
// être supprimées via l'API.
|
||||
type AllowedImage struct {
|
||||
utils.AbstractObject
|
||||
|
||||
// Registry source (ex: "docker.io", "registry.example.com").
|
||||
// Vide = wildcard, accepte n'importe quelle registry.
|
||||
Registry string `json:"registry,omitempty" bson:"registry,omitempty"`
|
||||
|
||||
// Image est le nom de l'image sans registry ni tag
|
||||
// (ex: "natsio/nats-box", "library/alpine").
|
||||
Image string `json:"image" bson:"image" validate:"required"`
|
||||
|
||||
// TagConstraint est la contrainte sur le tag.
|
||||
// Vide = toutes les versions autorisées.
|
||||
// Supporte exact ("1.2.3") ou glob ("3.*", "*-alpine").
|
||||
TagConstraint string `json:"tag_constraint,omitempty" bson:"tag_constraint,omitempty"`
|
||||
|
||||
// IsDefault marque les entrées bootstrap insérées au démarrage.
|
||||
// Ces entrées ne peuvent pas être supprimées via l'API.
|
||||
IsDefault bool `json:"is_default,omitempty" bson:"is_default,omitempty"`
|
||||
}
|
||||
|
||||
func (a *AllowedImage) StoreDraftDefault() {
|
||||
a.IsDraft = false // les allowed images sont actives immédiatement
|
||||
}
|
||||
|
||||
func (a *AllowedImage) CanUpdate(set utils.DBObject) (bool, utils.DBObject) {
|
||||
return true, set
|
||||
}
|
||||
|
||||
func (a *AllowedImage) CanDelete() bool {
|
||||
return !a.IsDefault // les entrées bootstrap sont non supprimables
|
||||
}
|
||||
|
||||
func (a *AllowedImage) GetAccessor(request *tools.APIRequest) utils.Accessor {
|
||||
return NewAccessor(request)
|
||||
}
|
||||
23
models/allowed_image/allowed_image_mongo_accessor.go
Normal file
23
models/allowed_image/allowed_image_mongo_accessor.go
Normal file
@@ -0,0 +1,23 @@
|
||||
package allowed_image
|
||||
|
||||
import (
|
||||
"cloud.o-forge.io/core/oc-lib/logs"
|
||||
"cloud.o-forge.io/core/oc-lib/models/utils"
|
||||
"cloud.o-forge.io/core/oc-lib/tools"
|
||||
)
|
||||
|
||||
type allowedImageMongoAccessor struct {
|
||||
utils.AbstractAccessor[*AllowedImage]
|
||||
}
|
||||
|
||||
func NewAccessor(request *tools.APIRequest) *allowedImageMongoAccessor {
|
||||
return &allowedImageMongoAccessor{
|
||||
AbstractAccessor: utils.AbstractAccessor[*AllowedImage]{
|
||||
Logger: logs.CreateLogger(tools.ALLOWED_IMAGE.String()),
|
||||
Request: request,
|
||||
Type: tools.ALLOWED_IMAGE,
|
||||
New: func() *AllowedImage { return &AllowedImage{} },
|
||||
NotImplemented: []string{"CopyOne"},
|
||||
},
|
||||
}
|
||||
}
|
||||
@@ -2,6 +2,7 @@ package models
|
||||
|
||||
import (
|
||||
"cloud.o-forge.io/core/oc-lib/logs"
|
||||
"cloud.o-forge.io/core/oc-lib/models/allowed_image"
|
||||
"cloud.o-forge.io/core/oc-lib/models/bill"
|
||||
"cloud.o-forge.io/core/oc-lib/models/execution_verification"
|
||||
"cloud.o-forge.io/core/oc-lib/models/live"
|
||||
@@ -46,6 +47,7 @@ var ModelsCatalog = map[string]func() utils.DBObject{
|
||||
tools.LIVE_STORAGE.String(): func() utils.DBObject { return &live.LiveStorage{} },
|
||||
tools.BILL.String(): func() utils.DBObject { return &bill.Bill{} },
|
||||
tools.EXECUTION_VERIFICATION.String(): func() utils.DBObject { return &execution_verification.ExecutionVerification{} },
|
||||
tools.ALLOWED_IMAGE.String(): func() utils.DBObject { return &allowed_image.AllowedImage{} },
|
||||
}
|
||||
|
||||
// Model returns the model object based on the model type
|
||||
|
||||
@@ -32,6 +32,7 @@ const (
|
||||
BILL
|
||||
NATIVE_TOOL
|
||||
EXECUTION_VERIFICATION
|
||||
ALLOWED_IMAGE
|
||||
)
|
||||
|
||||
var NOAPI = func() string {
|
||||
@@ -88,6 +89,7 @@ var InnerDefaultAPI = [...]func() string{
|
||||
NOAPI,
|
||||
CATALOGAPI,
|
||||
SCHEDULERAPI,
|
||||
DATACENTERAPI,
|
||||
}
|
||||
|
||||
// Bind the standard data name to the data type
|
||||
@@ -114,6 +116,7 @@ var Str = [...]string{
|
||||
"bill",
|
||||
"native_tool",
|
||||
"execution_verification",
|
||||
"allowed_image",
|
||||
}
|
||||
|
||||
func FromString(comp string) int {
|
||||
|
||||
Reference in New Issue
Block a user