diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 554d98e..e0d3cfb 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -25,7 +25,7 @@ jobs: persist-credentials: false - name: Log in to the Container registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 with: registry: ghcr.io username: ${{ github.actor }} @@ -38,7 +38,7 @@ jobs: images: ghcr.io/${{ github.repository }} - name: Build and push Docker image - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f with: context: . push: true diff --git a/go.mod b/go.mod index 85869db..7ae8518 100644 --- a/go.mod +++ b/go.mod @@ -13,7 +13,7 @@ require ( github.com/git-pkgs/vulns v0.1.4 github.com/go-chi/chi/v5 v5.2.5 github.com/jmoiron/sqlx v1.4.0 - github.com/lib/pq v1.12.2 + github.com/lib/pq v1.12.3 github.com/prometheus/client_golang v1.23.2 github.com/prometheus/client_model v0.6.2 github.com/spdx/tools-golang v0.5.7 @@ -22,7 +22,7 @@ require ( golang.org/x/sync v0.20.0 google.golang.org/protobuf v1.36.11 gopkg.in/yaml.v3 v3.0.1 - modernc.org/sqlite v1.48.0 + modernc.org/sqlite v1.48.2 ) require ( diff --git a/go.sum b/go.sum index dda4a35..9bdf6f9 100644 --- a/go.sum +++ b/go.sum @@ -432,8 +432,8 @@ github.com/ldez/usetesting v0.5.0/go.mod h1:Spnb4Qppf8JTuRgblLrEWb7IE6rDmUpGvxY3 github.com/leonklingele/grouper v1.1.2 h1:o1ARBDLOmmasUaNDesWqWCIFH3u7hoFlM84YrjT3mIY= github.com/leonklingele/grouper v1.1.2/go.mod h1:6D0M/HVkhs2yRKRFZUoGjeDy7EZTfFBE9gl4kjmIGkA= github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o= -github.com/lib/pq v1.12.2 h1:ajJNv84limnK3aPbDIhLtcjrUbqAw/5XNdkuI6KNe/Q= -github.com/lib/pq v1.12.2/go.mod h1:/p+8NSbOcwzAEI7wiMXFlgydTwcgTr3OSKMsD2BitpA= +github.com/lib/pq v1.12.3 h1:tTWxr2YLKwIvK90ZXEw8GP7UFHtcbTtty8zsI+YjrfQ= +github.com/lib/pq v1.12.3/go.mod h1:/p+8NSbOcwzAEI7wiMXFlgydTwcgTr3OSKMsD2BitpA= github.com/lucasb-eyer/go-colorful v1.2.0 h1:1nnpGOrhyZZuNyfu1QjKiUICQ74+3FNCN69Aj6K7nkY= github.com/lucasb-eyer/go-colorful v1.2.0/go.mod h1:R4dSotOR9KMtayYi1e77YzuveK+i7ruzyGqttikkLy0= github.com/macabu/inamedparam v0.2.0 h1:VyPYpOc10nkhI2qeNUdh3Zket4fcZjEWe35poddBCpE= @@ -873,8 +873,8 @@ modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8= modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns= modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w= modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE= -modernc.org/sqlite v1.48.0 h1:ElZyLop3Q2mHYk5IFPPXADejZrlHu7APbpB0sF78bq4= -modernc.org/sqlite v1.48.0/go.mod h1:hWjRO6Tj/5Ik8ieqxQybiEOUXy0NJFNp2tpvVpKlvig= +modernc.org/sqlite v1.48.2 h1:5CnW4uP8joZtA0LedVqLbZV5GD7F/0x91AXeSyjoh5c= +modernc.org/sqlite v1.48.2/go.mod h1:hWjRO6Tj/5Ik8ieqxQybiEOUXy0NJFNp2tpvVpKlvig= modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0= modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A= modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= diff --git a/internal/config/config.go b/internal/config/config.go index a82840f..f5aebdf 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -58,6 +58,7 @@ import ( "time" "github.com/git-pkgs/proxy/internal/config/cargo" + "github.com/git-pkgs/proxy/internal/config/debian" "gopkg.in/yaml.v3" ) @@ -247,6 +248,9 @@ func Default() *Config { Cargo: cargo.Config{ IncludeDefault: true, }, + Debian: debian.Config{ + IncludeDefault: true, + }, }, Upstream: UpstreamConfig{ NPM: "https://registry.npmjs.org", @@ -347,6 +351,9 @@ func (c *Config) Validate() error { if c.Ecosystem.Cargo.IncludeDefault { c.Ecosystem.Cargo.Route = append(c.Ecosystem.Cargo.Route, cargo.RouteDefault) } + if c.Ecosystem.Debian.IncludeDefault { + c.Ecosystem.Debian.Route = append(c.Ecosystem.Debian.Route, debian.RouteDefault) + } if c.Listen == "" { return fmt.Errorf("listen address is required") @@ -403,6 +410,9 @@ func (c *Config) Validate() error { if err := c.Ecosystem.Cargo.Validate(); err != nil { return err } + if err := c.Ecosystem.Debian.Validate(); err != nil { + return err + } return nil } diff --git a/internal/config/debian/debian.go b/internal/config/debian/debian.go new file mode 100644 index 0000000..06c5f97 --- /dev/null +++ b/internal/config/debian/debian.go @@ -0,0 +1,72 @@ +package debian + +import ( + "fmt" + "net/url" +) + +// Config configures routes +type Config struct { + IncludeDefault bool `json:"include_default" yaml:"include_default"` + Route []RouteConfig `json:"route" yaml:"route"` +} + +// RouteConfig configures a route +type RouteConfig struct { + Path string `json:"path" yaml:"path"` + Upstream []UpstreamConfig `json:"upstream" yaml:"upstream"` +} + +// UpstreamConfig configures an upstream (source) +type UpstreamConfig struct { + Name string `json:"name" yaml:"name"` + Upstream string `json:"upstream" yaml:"upstream"` +} + +// RouteDefault is the default route +var RouteDefault = RouteConfig{ + Path: "/debian", + Upstream: []UpstreamConfig{ + { + Name: "debian.org", + Upstream: "http://deb.debian.org/debian", + }, + }, +} + +func (c *Config) Validate() error { + for _, route := range c.Route { + if err := route.Validate(); err != nil { + return err + } + } + + return nil +} + +func (r *RouteConfig) Validate() error { + // TODO: validate Path + + if len(r.Upstream) == 0 { + return fmt.Errorf("debian route %q does not have any upstreams", r.Path) + } + if len(r.Upstream) > 1 { + return fmt.Errorf("debian route %q has multiple upstreams; this is not yet supported", r.Path) + } + + for _, upstream := range r.Upstream { + if err := upstream.Validate(); err != nil { + return err + } + } + + return nil +} + +func (u *UpstreamConfig) Validate() error { + if _, err := url.Parse(u.Upstream); err != nil { + return fmt.Errorf("debian upstream upstream %q is not a valid URL", u.Upstream) + } + + return nil +} diff --git a/internal/config/ecosystem.go b/internal/config/ecosystem.go index a542698..bc0bc62 100644 --- a/internal/config/ecosystem.go +++ b/internal/config/ecosystem.go @@ -2,9 +2,11 @@ package config import ( "github.com/git-pkgs/proxy/internal/config/cargo" + "github.com/git-pkgs/proxy/internal/config/debian" ) // Ecosystem configuration (routes and upstreams) type EcosystemConfig struct { - Cargo cargo.Config `json:"cargo" yaml:"cargo"` + Cargo cargo.Config `json:"cargo" yaml:"cargo"` + Debian debian.Config `json:"debian" yaml:"debian"` } diff --git a/internal/handler/cargo_test.go b/internal/handler/cargo_test.go index d80634f..9f76a9c 100644 --- a/internal/handler/cargo_test.go +++ b/internal/handler/cargo_test.go @@ -48,7 +48,7 @@ func TestCargoBuildIndexPath(t *testing.T) { func TestCargoConfigEndpoint(t *testing.T) { h := &CargoHandler{ proxyURL: "http://localhost:8080", - path: "/cargo", + path: "/xyzzy", } req := httptest.NewRequest(http.MethodGet, "/config.json", nil) @@ -65,7 +65,7 @@ func TestCargoConfigEndpoint(t *testing.T) { t.Fatalf("failed to parse config: %v", err) } - expectedDL := "http://localhost:8080/cargo/crates/{crate}/{version}/download" + expectedDL := "http://localhost:8080/xyzzy/crates/{crate}/{version}/download" if config.DL != expectedDL { t.Errorf("DL = %q, want %q", config.DL, expectedDL) } diff --git a/internal/handler/debian.go b/internal/handler/debian.go index b767f6d..8b313dd 100644 --- a/internal/handler/debian.go +++ b/internal/handler/debian.go @@ -2,33 +2,39 @@ package handler import ( "fmt" + "github.com/git-pkgs/proxy/internal/config/debian" "net/http" "regexp" "strings" ) const ( - debianUpstream = "http://deb.debian.org/debian" - debMatchCount = 4 // full match + name + version + arch + debMatchCount = 4 // full match + name + version + arch ) // DebianHandler handles APT/Debian repository protocol requests. // It proxies requests to upstream Debian/Ubuntu repositories and caches .deb packages. type DebianHandler struct { proxy *Proxy + path string upstreamURL string proxyURL string } // NewDebianHandler creates a new Debian/APT protocol handler. -func NewDebianHandler(proxy *Proxy, proxyURL string) *DebianHandler { +func NewDebianHandler(proxy *Proxy, proxyURL string, cfg debian.RouteConfig) *DebianHandler { return &DebianHandler{ proxy: proxy, - upstreamURL: debianUpstream, + path: cfg.Path, + upstreamURL: cfg.Upstream[0].Upstream, proxyURL: strings.TrimSuffix(proxyURL, "/"), } } +func (h *DebianHandler) Path() string { + return h.path +} + // Routes returns the HTTP handler for Debian requests. // Mount this at /debian on your router. func (h *DebianHandler) Routes() http.Handler { diff --git a/internal/handler/debian_test.go b/internal/handler/debian_test.go index dfdd326..6a26573 100644 --- a/internal/handler/debian_test.go +++ b/internal/handler/debian_test.go @@ -2,6 +2,7 @@ package handler import ( "testing" + "github.com/git-pkgs/proxy/internal/config/debian" ) func TestDebianHandler_parsePoolPath(t *testing.T) { @@ -18,6 +19,6 @@ func TestDebianHandler_parsePoolPath(t *testing.T) { } func TestDebianHandler_Routes(t *testing.T) { - h := NewDebianHandler(nil, "http://localhost:8080") + h := NewDebianHandler(nil, "http://localhost:8080", debian.RouteDefault) assertRoutesBasics(t, h.Routes(), "/dists/stable/Release", "/pool/../../../etc/passwd") } diff --git a/internal/handler/download_test.go b/internal/handler/download_test.go index 639e976..620b022 100644 --- a/internal/handler/download_test.go +++ b/internal/handler/download_test.go @@ -10,6 +10,7 @@ import ( "testing" "time" + "github.com/git-pkgs/proxy/internal/config/debian" "github.com/git-pkgs/proxy/internal/database" "github.com/git-pkgs/proxy/internal/storage" "github.com/git-pkgs/purl" @@ -897,7 +898,7 @@ func TestDebianHandler_DownloadCacheMiss(t *testing.T) { ContentType: "application/vnd.debian.binary-package", } - h := NewDebianHandler(proxy, "http://localhost") + h := NewDebianHandler(proxy, "http://localhost", debian.RouteDefault) srv := httptest.NewServer(h.Routes()) defer srv.Close() diff --git a/internal/server/server.go b/internal/server/server.go index 657d0ca..9196b19 100644 --- a/internal/server/server.go +++ b/internal/server/server.go @@ -182,7 +182,6 @@ func (s *Server) Start() error { condaHandler := handler.NewCondaHandler(proxy, s.cfg.BaseURL) cranHandler := handler.NewCRANHandler(proxy, s.cfg.BaseURL) containerHandler := handler.NewContainerHandler(proxy, s.cfg.BaseURL) - debianHandler := handler.NewDebianHandler(proxy, s.cfg.BaseURL) rpmHandler := handler.NewRPMHandler(proxy, s.cfg.BaseURL) for _, route := range s.cfg.Ecosystem.Cargo.Route { @@ -191,6 +190,12 @@ func (s *Server) Start() error { s.logger.Info("mounted handler", "ecosystem", "cargo", "path", routeHandler.Path()) } + for _, route := range s.cfg.Ecosystem.Debian.Route { + routeHandler := handler.NewDebianHandler(proxy, s.cfg.BaseURL, route) + r.Mount(routeHandler.Path(), http.StripPrefix(routeHandler.Path(), routeHandler.Routes())) + s.logger.Info("mounted handler", "ecosystem", "debian", "path", routeHandler.Path()) + } + r.Mount("/npm", http.StripPrefix("/npm", npmHandler.Routes())) r.Mount("/gem", http.StripPrefix("/gem", gemHandler.Routes())) r.Mount("/go", http.StripPrefix("/go", goHandler.Routes())) @@ -204,7 +209,6 @@ func (s *Server) Start() error { r.Mount("/conda", http.StripPrefix("/conda", condaHandler.Routes())) r.Mount("/cran", http.StripPrefix("/cran", cranHandler.Routes())) r.Mount("/v2", http.StripPrefix("/v2", containerHandler.Routes())) - r.Mount("/debian", http.StripPrefix("/debian", debianHandler.Routes())) r.Mount("/rpm", http.StripPrefix("/rpm", rpmHandler.Routes())) // Health, stats, and static endpoints