Created
July 11, 2017 16:13
-
-
Save lucab/73a3519e2086a27cd21cbbf50abed6ff to your computer and use it in GitHub Desktop.
Rust remote client example for Docker notary (TUF)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env run-cargo-script | |
//! For the shebang to work, do a `cargo install cargo-script` first. | |
//! | |
//! ```cargo | |
//! [dependencies] | |
//! dkregistry = "0.1" | |
//! hyper = "0.10" | |
//! hyper-rustls = "0.6" | |
//! serde_json = "1" | |
//! tokio-core = "0.1" | |
//! tuf = { git = "https://github.com/lucab/rust-tuf", rev = "wip/develop" } | |
//! ``` | |
extern crate dkregistry; | |
extern crate hyper; | |
extern crate hyper_rustls; | |
extern crate serde_json; | |
extern crate tokio_core; | |
extern crate tuf; | |
use dkregistry::v2; | |
use hyper::header::{Authorization, Bearer}; | |
use hyper::net::HttpsConnector; | |
use hyper_rustls::TlsClient; | |
use tokio_core::reactor; | |
use tuf::interchange::JsonDataInterchange; | |
use tuf::metadata::TargetPath; | |
use tuf::repository::{HttpHook, HttpRepository, Repository}; | |
fn main() { | |
let notary = "notary.docker.io"; | |
let registry = "docker.io"; | |
let image = "lucab/dct-test"; | |
let token = { | |
let mut tcore = reactor::Core::new().unwrap(); | |
let dclient = v2::Client::configure(&tcore.handle()) | |
.registry(notary) | |
.build() | |
.unwrap(); | |
let scope = format!("repository:{}/{}:pull", registry, image); | |
let scopes_vec = vec![scope.as_str()]; | |
let token_req = dclient.login(scopes_vec).unwrap(); | |
let t = tcore.run(token_req).unwrap().token().to_string(); | |
t | |
}; | |
let targets_meta = { | |
let tls = HttpsConnector::new(TlsClient::new()); | |
let cl = hyper::Client::with_connector(tls); | |
let url = format!("https://{}/v2/{}/{}/_trust/tuf", notary, registry, image) | |
.parse() | |
.unwrap(); | |
let mut repo = HttpRepository::<JsonDataInterchange>::new(url, cl, None); | |
let hook: HttpHook = Box::new(move |r| { | |
let auth = Authorization(Bearer { token: token.clone() }); | |
Ok(r.header(auth)) | |
}); | |
repo.http_hook(Some(hook)); | |
let tgt = TargetPath::new("targets.json".into()).unwrap(); | |
let resp = repo.fetch_target(&tgt).unwrap(); | |
let r: serde_json::Value = serde_json::from_reader(resp).unwrap(); | |
r | |
}; | |
println!("{:#}", targets_meta); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment