Move filtered registry search out of the image service#45086
Move filtered registry search out of the image service#45086neersighted merged 2 commits intomoby:masterfrom
Conversation
corhere
added
area/api
|
I'm leaning towards keeping this more separate from the registry; "search" is a bit of an odd one, because search is not part of the OCI distribution specification. Search was implemented in "docker registry v1" (the Docker Index (hence So search did not become part of the OCI specs. The search functionality in the daemon is still in place mostly for backward compatibility, and because the old (v1) search API is the only documented search API, so some other registry implementations also added support for it (by lack of other specifications for searching). That said; some registries (including Docker Hub) provide other (more advanced) search functionality, and there's been some talk about defining a OCI spec for searching/indexing (not sure if that ever got actual progress though). With the above in mind, I'd like to keep it separate with the potential to;
In either case; my thinking was to "try to keep it as isolated as possible" |
corhere
changed the title
The search interface is separated from the image distribution interface. The implementation is tied to the registry service, but that was already the case. Think of this PR as more of "getting search out of the wrong place to unblock containerd integration" than "getting search into the perfect place." We can still make #44032 happen; this PR just takes the pressure off. |
corhere
force-pushed
the
search-in-registry-service
branch
from
adfc66d to
55213f7
Compare
rumpl
left a comment
rumpl
left a comment
There was a problem hiding this comment.
LGTM, a great first step, and love that it unblocks containerd a bit. Thanks
tianon
left a comment
tianon
left a comment
There was a problem hiding this comment.
I agree that somewhere else is probably better, but also that "registry" seems like a more appropriate home than the image store for this Hub-specific behavior (given Hub is a registry, even if this isn't an OCI-specified endpoint). 😅
(In other words, this seems like a very small, easy net win on the path to that larger reconsideration ❤️)
neersighted
left a comment
neersighted
left a comment
There was a problem hiding this comment.
Looks like a sensible cleanup/separation of concerns to me, and eases the containerd integration work. Needs a rebase, but otherwise LGTM.
SearchRegistryForImages does not make sense as part of the image service interface. The implementation just wraps the search API of the registry service to filter the results client-side. It has nothing to do with local image storage, and the implementation of search does not need to change when changing which backend (graph driver vs. containerd snapshotter) is used for local image storage. Filtering of the search results is an implementation detail: the consumer of the results does not care which actor does the filtering so long as the results are filtered as requested. Move filtering into the exported API of the registry service to hide the implementation details. Only one thing---the registry service implementation---would need to change in order to support server-side filtering of search results if Docker Hub or other registry servers were to add support for it to their APIs. Use a fake registry server in the search unit tests to avoid having to mock out the registry API client. Signed-off-by: Cory Snider <[email protected]>
Move interface definitions to the packages which use the registry service. https://github.com/golang/go/wiki/CodeReviewComments#interfaces Signed-off-by: Cory Snider <[email protected]>
corhere
force-pushed
the
search-in-registry-service
branch
from
55213f7 to
7b3acdf
Compare
|
|
||
| "github.com/docker/docker/api/types/filters" | ||
| "github.com/docker/docker/api/types/registry" | ||
| "github.com/docker/docker/dockerversion" |
There was a problem hiding this comment.
This import causes the CLI to also pull in docker/cli@a5d122d (commit vendoring is from a temporary branch, so link will likely be broken at some point);
- github.com/docker/docker/dockerversion
- -> github.com/docker/docker/pkg/useragent
- -> github.com/docker/docker/pkg/parsers/kernel
- -> golang.org/x/sys/windows/registry
We'll probably need to have a look at passing the dockerversion / dockerversion.DockerUserAgent(ctx) somehow
/cc @corhere @neersighted
There was a problem hiding this comment.
Yeah, TBH, the whole dockerversion.DockerUserAgent() (or more specifically, why it's added here?) is a bit weird. If I'm not mistaken, it takes the client's user-agent, and appends the "daemon" user-agent (so that both the "upstream" client (e.g. docker CLI), and the daemon are included.
Overall that seems fine, but definitely feels like something that should be set when constructing the service (or perhaps to be passed when calling it). Haven't looked how we handle this for the other "registry" cases (docker pull / docker push).
6 participants
Move filtered registry search logic out of the image service as querying a remote registry is unrelated to the functionality of the image service. Move the logic into the registry service as it is the source of truth for the registry configuration, which makes it the most cohesive place to put it which does not require more extensive refactoring.