oras

package
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Sep 17, 2025 License: MIT Imports: 15 Imported by: 0

Documentation

Overview

Package oras provides caching functionality for HTTP transports and authentication credentials. This file contains optimized caching mechanisms for improved performance in OCI registry operations.

Package oras provides ORAS wrapper functionality. This isolates the ORAS dependency in an internal package.

Package oras provides ORAS wrapper functionality. This file contains interface definitions for testing and dependency injection.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func ClearAuthCache 

func ClearAuthCache()

ClearAuthCache clears all cached authentication credentials. This is primarily intended for testing to ensure test isolation.

func NewRepository 

func NewRepository(ctx context.Context, reference string, opts *AuthOptions) (*remote.Repository, error)

NewRepository creates a new ORAS repository with authentication configured. It sets up the default Docker credential chain and applies any auth overrides. Uses connection pooling for improved performance across multiple operations.

Parameters:

  • ctx: Context for the operation
  • reference: Full OCI reference (e.g., "ghcr.io/org/repo:tag")
  • opts: Authentication options (can be nil for default behavior)

Returns:

  • Configured remote repository ready for ORAS operations
  • Error if repository creation fails

Authentication behavior:

  1. If CredentialFunc is provided, it takes complete precedence
  2. If StaticAuth is provided, it overrides credentials for that specific registry
  3. Otherwise, uses ORAS's default Docker credential chain (config + helpers)

This isolates ORAS authentication logic and provides clean injection points for testing and programmatic credential management.

func Push 

func Push(ctx context.Context, reference string, descriptor *PushDescriptor, opts *AuthOptions) error

Push pushes an artifact to an OCI registry using ORAS. Streaming from io.ReadSeeker when possible; falls back to buffered.

Types

type AuthConfig 

type AuthConfig struct {
	Username string
	Password string
}

AuthConfig represents authentication configuration for ORAS operations. This matches the public AuthConfig struct for consistency.

type AuthOptions 

type AuthOptions struct {
	// StaticAuth provides static credentials for a specific registry.
	// If set, this overrides the default Docker credential chain for that registry.
	StaticRegistry string
	StaticUsername string
	StaticPassword string

	// CredentialFunc provides a custom credential callback.
	// If set, this completely overrides the default credential chain.
	CredentialFunc CredentialFunc

	// HTTPConfig controls HTTP vs HTTPS and certificate validation.
	HTTPConfig *HTTPConfig

	// Transport provides a custom HTTP transport with connection pooling.
	// If nil, a default transport with connection pooling is used.
	Transport http.RoundTripper
}

AuthOptions configures authentication and HTTP settings for ORAS operations.

type Client 

type Client interface {
	// Push pushes an artifact to an OCI registry.
	Push(ctx context.Context, reference string, descriptor *PushDescriptor, opts *AuthOptions) error

	// Pull pulls an artifact from an OCI registry.
	Pull(ctx context.Context, reference string, opts *AuthOptions) (*PullDescriptor, error)
}

Client defines the interface for ORAS operations that can be mocked for testing.

type CredentialFunc 

type CredentialFunc = auth.CredentialFunc

CredentialFunc is an alias for ORAS's credential function type. It provides credentials for a given registry (host:port).

type DefaultORASClient 

type DefaultORASClient struct{}

DefaultORASClient implements Client using the real ORAS library.

func (*DefaultORASClient) Pull 

func (c *DefaultORASClient) Pull(ctx context.Context, reference string, opts *AuthOptions) (*PullDescriptor, error)

Pull pulls an artifact from an OCI registry using the real ORAS library.

func (*DefaultORASClient) Push 

func (c *DefaultORASClient) Push(
	ctx context.Context,
	reference string,
	descriptor *PushDescriptor,
	opts *AuthOptions,
) error

Push pushes an artifact to an OCI registry using the real ORAS library.

type HTTPConfig 

type HTTPConfig struct {
	// AllowHTTP enables HTTP instead of HTTPS for registry connections.
	AllowHTTP bool

	// AllowInsecure allows connections with self-signed certificates.
	AllowInsecure bool

	// Registries specifies which registries this applies to.
	// If empty, applies to all registries.
	Registries []string
}

HTTPConfig contains configuration for HTTP transport settings.

type PullDescriptor 

type PullDescriptor struct {
	MediaType string
	Data      io.ReadCloser
	Size      int64
}

PullDescriptor describes the content pulled from an OCI registry. It contains metadata about the pulled artifact.

func Pull 

func Pull(ctx context.Context, reference string, opts *AuthOptions) (*PullDescriptor, error)

Pull pulls an artifact from an OCI registry using ORAS. It retrieves the content and returns it as a descriptor with a reader.

Parameters:

  • ctx: Context for the operation
  • reference: Full OCI reference (e.g., "ghcr.io/org/repo:tag")
  • opts: Authentication options (can be nil for default behavior)

Returns the pulled descriptor and an error if the pull operation fails.

type PushDescriptor 

type PushDescriptor struct {
	MediaType   string
	Data        io.Reader
	Size        int64
	Annotations map[string]string
	Platform    string
}

PushDescriptor describes the content to be pushed to an OCI registry. It contains the media type and the data stream for the artifact.

Source Files

View all Source files

Directories

Path Synopsis

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.