Upstream/harbor
1
0
Fork 0
mirror of https://github.com/goharbor/harbor.git synced 2024-12-26 10:38:00 +01:00
Code Issues Projects Releases Wiki Activity

enable policy checker for head manifest request (#15056)

Browse Source 
As from docker v20, the containerd leverages the cache when to pull a manifest, that leads to the
client doesn't send the get manifest request if the image exists in local.

The content trust and vul checker are only valid for get manifest request, the PR is to enable the checkers on
head manifest request to handle the containerd local cache scenario.

Signed-off-by: Wang Yan <wangyan@vmware.com>
This commit is contained in:
Wang Yan 2021-06-03 16:54:04 +08:00 committed by GitHub
parent a2992327be
commit ea35e7b9ec
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/server/registry/route.go
View File

@ -59,6 +59,8 @@ func RegisterRoutes() {
Path("/*/manifests/:reference").
Middleware(metric.InjectOpIDMiddleware(metric.ManifestOperationID)).
Middleware(repoproxy.ManifestMiddleware()).
Middleware(contenttrust.Middleware()).
Middleware(vulnerable.Middleware()).
HandlerFunc(getManifest)
root.NewRoute().
Method(http.MethodDelete).