taiars/nora
1
0
Fork 0
mirror of https://github.com/getnora-io/nora.git synced 2026-04-12 10:20:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: taiars:v0.5.0
Branches Tags
taiars:main taiars:chore/quality-tooling
taiars:v0.5.0 taiars:v0.4.0 taiars:v0.3.0 taiars:v0.2.35 taiars:v0.2.34 taiars:v0.2.33 taiars:v0.2.32 taiars:v0.2.31 taiars:v0.2.30 taiars:v0.2.29 taiars:v0.2.28 taiars:v0.2.27 taiars:v0.2.26 taiars:v0.2.25 taiars:v0.2.24 taiars:v0.2.23 taiars:v0.2.22 taiars:v0.2.21 taiars:v0.2.20 taiars:v0.2.19 taiars:v0.2.18 taiars:v0.2.17 taiars:v0.2.16 taiars:v0.2.15 taiars:v0.2.14 taiars:v0.2.13 taiars:v0.2.12 taiars:v0.2.11 taiars:v0.2.10 taiars:v0.2.9 taiars:v0.2.8 taiars:v0.2.7 taiars:v0.2.6 taiars:v0.2.5 taiars:v0.2.4 taiars:v0.2.3 taiars:v0.2.2 taiars:v0.2.1
...
compare: taiars:v0.2.10
Branches Tags
taiars:main taiars:chore/quality-tooling
taiars:v0.5.0 taiars:v0.4.0 taiars:v0.3.0 taiars:v0.2.35 taiars:v0.2.34 taiars:v0.2.33 taiars:v0.2.32 taiars:v0.2.31 taiars:v0.2.30 taiars:v0.2.29 taiars:v0.2.28 taiars:v0.2.27 taiars:v0.2.26 taiars:v0.2.25 taiars:v0.2.24 taiars:v0.2.23 taiars:v0.2.22 taiars:v0.2.21 taiars:v0.2.20 taiars:v0.2.19 taiars:v0.2.18 taiars:v0.2.17 taiars:v0.2.16 taiars:v0.2.15 taiars:v0.2.14 taiars:v0.2.13 taiars:v0.2.12 taiars:v0.2.11 taiars:v0.2.10 taiars:v0.2.9 taiars:v0.2.8 taiars:v0.2.7 taiars:v0.2.6 taiars:v0.2.5 taiars:v0.2.4 taiars:v0.2.3 taiars:v0.2.2 taiars:v0.2.1

16 Commits
v0.5.0 ... v0.2.10

Author SHA1 Message Date
DevITWay
0a5f267374 Bump version to 0.2.10 2026-01-26 18:43:21 +00:00
DevITWay
5353faef88 Apply dark theme to all UI pages 
- Convert registry list, docker detail, package detail, maven detail pages to dark theme
- Use layout_dark instead of layout for all pages
- Update colors: bg-[#1e293b] cards, slate-700 borders, slate-200/400 text
- Mark unused light theme functions with #[allow(dead_code)]
 2026-01-26 18:43:11 +00:00
DevITWay
a1c51e1b6b Bump version to 0.2.9 2026-01-26 18:02:43 +00:00
DevITWay
9cea0673da Bump version to 0.2.8 2026-01-26 17:46:34 +00:00
DevITWay
24f198e172 Add dashboard endpoint to OpenAPI documentation 
- Add /api/ui/dashboard endpoint with dashboard tag
- Add schemas: DashboardResponse, GlobalStats, RegistryCardStats, MountPoint, ActivityEntry
- Update API version to 0.2.7 in OpenAPI spec
 2026-01-26 17:45:54 +00:00
DevITWay
5eca1817af Display version dynamically in UI sidebar 
- Add VERSION constant using CARGO_PKG_VERSION
- Show version in both light and dark theme sidebars
- Update workspace version to 0.2.7
 2026-01-26 17:31:39 +00:00
DevITWay
80a96527fa Fix clippy warnings 2026-01-26 16:44:01 +00:00
DevITWay
1abe0df25a Fix formatting 2026-01-26 16:39:48 +00:00
DevITWay
38c727491b Add dashboard metrics, activity log, and dark theme 
- Add DashboardMetrics for tracking downloads/uploads/cache hits per registry
- Add ActivityLog for recent activity with bounded size (50 entries)
- Instrument Docker, npm, Maven, and Cargo handlers with metrics
- Add /api/ui/dashboard endpoint with global stats and activity
- Implement dark theme dashboard with real-time polling (5s interval)
- Add mount points table showing registry paths and proxy upstreams
 2026-01-26 16:21:25 +00:00
DevITWay
d0a9459acd Fix Docker push/pull: add PATCH endpoint for chunked uploads 
- Add PATCH handler for /v2/{name}/blobs/uploads/{uuid} to support
  chunked blob uploads (Docker sends data chunks via PATCH)
- Include Range header in PATCH response to indicate bytes received
- Add Docker-Content-Digest header to GET manifest responses
- Store manifests by both tag and digest for proper pull support
- Add parking_lot dependency for upload session state management
 2026-01-26 12:01:05 +00:00
DevITWay
482a68637e Fix rate limiting: exempt health/metrics, increase upload limits 
- Health, metrics, UI, and API docs are now exempt from rate limiting
- Increased upload rate limits to 200 req/s with burst of 500 for Docker compatibility
 2026-01-26 11:04:14 +00:00
DevITWay
61f8a39279 Use self-hosted runner for release builds 
16-core runner should be 3-4x faster than GitHub's 2-core runners
 2026-01-26 10:39:04 +00:00
DevITWay
835a6f0b14 Speed up release workflow 
- Remove duplicate tests (already run on push to main)
- Build only for amd64 (arm64 rarely needed for VPS)
 2026-01-26 10:18:11 +00:00
DevITWay
340c49bf12 Fix formatting 2026-01-26 10:14:11 +00:00
DevITWay
c84d13c26e Increase upload rate limits for Docker parallel requests 
Docker client sends many parallel requests when pushing layers.
Increased upload rate limiter from 10 req/s to 50 req/s and burst from 20 to 100.
 2026-01-26 10:10:45 +00:00
DevITWay
7e8978533a fix: resolve clippy warnings and format code 2026-01-26 08:31:00 +00:00
27 changed files with 2092 additions and 253 deletions
Expand all files Collapse all files

20
.github/workflows/release.yml vendored
View File

@@ -9,25 +9,9 @@ env:
IMAGE_NAME: ${{ github.repository }}
jobs:
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Install Rust
uses: dtolnay/rust-toolchain@stable
- name: Cache cargo
uses: Swatinem/rust-cache@v2
- name: Run tests
run: cargo test --package nora-registry
build:
name: Build & Push
runs-on: ubuntu-latest
needs: test
runs-on: self-hosted
permissions:
contents: read
packages: write
@@ -63,7 +47,7 @@ jobs:
uses: docker/build-push-action@v5
with:
context: .
platforms: linux/amd64,linux/arm64
platforms: linux/amd64
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

7
Cargo.lock generated
View File

@@ -1185,7 +1185,7 @@ checksum = "38bf9645c8b145698bb0b18a4637dcacbc421ea49bef2317e4fd8065a387cf21"
[[package]]
name = "nora-cli"
version = "0.1.0"
version = "0.2.9"
dependencies = [
"clap",
"flate2",
@@ -1199,7 +1199,7 @@ dependencies = [
[[package]]
name = "nora-registry"
version = "0.1.0"
version = "0.2.9"
dependencies = [
"async-trait",
"axum",
@@ -1212,6 +1212,7 @@ dependencies = [
"httpdate",
"indicatif",
"lazy_static",
"parking_lot",
"prometheus",
"reqwest",
"serde",
@@ -1233,7 +1234,7 @@ dependencies = [
[[package]]
name = "nora-storage"
version = "0.1.0"
version = "0.2.9"
dependencies = [
"axum",
"base64",

2
Cargo.toml
View File

@@ -7,7 +7,7 @@ members = [
]
[workspace.package]
version = "0.1.0"
version = "0.2.10"
edition = "2021"
license = "MIT"
authors = ["DevITWay <devitway@gmail.com>"]

152
SESSION_NOTES.md Normal file
View File

@@ -0,0 +1,152 @@
# NORA Development Session Notes
---
## 2026-01-26 - Dashboard Expansion
### Iteration 1: Planning & Exploration
- Received detailed implementation plan for dashboard expansion
- Explored codebase structure using Task agent
- Identified key files to modify:
- `main.rs` - AppState
- `ui/api.rs`, `ui/mod.rs`, `ui/components.rs`, `ui/templates.rs`
- `registry/docker.rs`, `npm.rs`, `maven.rs`, `cargo_registry.rs`
### Iteration 2: Infrastructure (Phase 1)
- Created `src/dashboard_metrics.rs`:
- `DashboardMetrics` struct with AtomicU64 counters
- Per-registry tracking (docker, npm, maven, cargo, pypi)
- `record_download()`, `record_upload()`, `record_cache_hit/miss()`
- `cache_hit_rate()` calculation
- Created `src/activity_log.rs`:
- `ActionType` enum: Pull, Push, CacheHit, ProxyFetch
- `ActivityEntry` struct with timestamp, action, artifact, registry, source
- `ActivityLog` with RwLock<VecDeque> (bounded to 50 entries)
### Iteration 3: AppState Update (Phase 2)
- Updated `main.rs`:
- Added `mod activity_log` and `mod dashboard_metrics`
- Extended `AppState` with `metrics: DashboardMetrics` and `activity: ActivityLog`
- Initialized in `run_server()`
### Iteration 4: API Endpoint (Phase 3)
- Updated `ui/api.rs`:
- Added structs: `DashboardResponse`, `GlobalStats`, `RegistryCardStats`, `MountPoint`
- Implemented `api_dashboard()` - aggregates all metrics, storage stats, activity
- Updated `ui/mod.rs`:
- Added route `/api/ui/dashboard`
- Modified `dashboard()` handler to use new response
### Iteration 5: Dark Theme UI (Phase 4)
- Updated `ui/components.rs` with ~400 new lines:
- `layout_dark()` - dark theme wrapper (#0f172a background)
- `sidebar_dark()`, `header_dark()` - dark theme navigation
- `render_global_stats()` - 5-column stats grid
- `render_registry_card()` - extended card with metrics
- `render_mount_points_table()` - registry paths and proxies
- `render_activity_row()`, `render_activity_log()` - activity display
- `render_polling_script()` - 5-second auto-refresh JS
### Iteration 6: Dashboard Template (Phase 5)
- Updated `ui/templates.rs`:
- Refactored `render_dashboard()` to accept `DashboardResponse`
- Added uptime display, global stats, registry cards grid
- Added mount points table and activity log
- Added `format_relative_time()` helper
### Iteration 7: Registry Instrumentation (Phase 6)
- `registry/docker.rs`:
- `download_blob()` - record download + cache hit + activity
- `get_manifest()` - record download + cache hit + activity
- `upload_blob()` - record upload + activity
- `put_manifest()` - record upload + activity
- `registry/npm.rs`:
- Cache hit tracking for local storage
- Cache miss + proxy fetch tracking
- `registry/maven.rs`:
- `download()` - cache hit/miss + activity
- `upload()` - record upload + activity
- `registry/cargo_registry.rs`:
- `download()` - record download + activity
### Iteration 8: Build & Test
- `cargo build` - compiled successfully with minor warnings
- Fixed warnings:
- Removed unused `RegistryStats` import
- Added `#[allow(dead_code)]` to `stat_card()`
- `cargo test` - all 75 tests passed
### Iteration 9: Server Testing
- Started server: `cargo run --release --bin nora`
- Tested endpoints:
```
GET /health - OK
GET /api/ui/dashboard - returns full metrics JSON
GET /ui/ - dark theme dashboard HTML
GET /v2/test/manifests/v1 - triggered Docker metrics
GET /npm/lodash/-/lodash-4.17.21.tgz - triggered npm proxy metrics
```
- Verified metrics tracking:
- Downloads: 3 (2 Docker + 1 npm)
- Cache hit rate: 66.67%
- Activity log populated with Pull, ProxyFetch events
### Iteration 10: Git Commit & Push
- Staged 11 files (2 new, 9 modified)
- Commit: `93f9655 Add dashboard metrics, activity log, and dark theme`
- Pushed to `origin/main`
### Iteration 11: Documentation
- Updated `TODO.md` with v0.2.1 section
- Created this `SESSION_NOTES.md`
---
### Key Decisions Made
1. **In-memory metrics** - AtomicU64 for thread-safety, reset on restart
2. **Bounded activity log** - 50 entries max, oldest evicted
3. **Polling over WebSocket** - simpler, 5-second interval sufficient
4. **Dark theme only for dashboard** - registry list pages keep light theme
### Files Changed Summary
```
New:
nora-registry/src/activity_log.rs
nora-registry/src/dashboard_metrics.rs
Modified:
nora-registry/src/main.rs (+8 lines)
nora-registry/src/registry/cargo_registry.rs (+13 lines)
nora-registry/src/registry/docker.rs (+47 lines)
nora-registry/src/registry/maven.rs (+36 lines)
nora-registry/src/registry/npm.rs (+29 lines)
nora-registry/src/ui/api.rs (+154 lines)
nora-registry/src/ui/components.rs (+394 lines)
nora-registry/src/ui/mod.rs (+5 lines)
nora-registry/src/ui/templates.rs (+180/-79 lines)
Total: ~1004 insertions, 79 deletions
```
### Useful Commands
```bash
# Start server
cargo run --release --bin nora
# Test dashboard
curl http://127.0.0.1:4000/api/ui/dashboard
# View UI
open http://127.0.0.1:4000/ui/
# Trigger metrics
curl http://127.0.0.1:4000/v2/test/manifests/v1
curl http://127.0.0.1:4000/npm/lodash/-/lodash-4.17.21.tgz -o /dev/null
```
---

503
TODO.md Normal file
View File

@@ -0,0 +1,503 @@
# NORA Roadmap / TODO
## v0.2.0 - DONE
- [x] Unit tests (75 tests passing)
- [x] Input validation (path traversal protection)
- [x] Rate limiting (brute-force protection)
- [x] Request ID tracking
- [x] Migrate command (local <-> S3)
- [x] Error handling (thiserror)
- [x] SVG brand icons
---
## v0.2.1 - Dashboard Expansion (2026-01-26) - DONE
### Commit: 93f9655
### New Files
- `nora-registry/src/dashboard_metrics.rs` - AtomicU64 counters for metrics
- `nora-registry/src/activity_log.rs` - Bounded activity log (50 entries)
### Modified Files
- `nora-registry/src/main.rs` - Added modules, updated AppState
- `nora-registry/src/ui/api.rs` - Added DashboardResponse, api_dashboard()
- `nora-registry/src/ui/mod.rs` - Added /api/ui/dashboard route
- `nora-registry/src/ui/components.rs` - Dark theme components
- `nora-registry/src/ui/templates.rs` - New render_dashboard()
- `nora-registry/src/registry/docker.rs` - Instrumented handlers
- `nora-registry/src/registry/npm.rs` - Instrumented with cache tracking
- `nora-registry/src/registry/maven.rs` - Instrumented download/upload
- `nora-registry/src/registry/cargo_registry.rs` - Instrumented download
### Features Implemented
- [x] Global stats panel (downloads, uploads, artifacts, cache hit %, storage)
- [x] Per-registry metrics (Docker, Maven, npm, Cargo, PyPI)
- [x] Mount points table with proxy upstreams
- [x] Activity log (last 20 events)
- [x] Dark theme (#0f172a background, #1e293b cards)
- [x] Auto-refresh polling (5 seconds)
- [x] Cache hit/miss tracking
### API Endpoints
- `GET /api/ui/dashboard` - Full dashboard data as JSON
### Dark Theme Colors
```
Background: #0f172a (slate-950)
Cards: #1e293b (slate-800)
Borders: slate-700
Text primary: slate-200
Text secondary: slate-400
Accent: blue-400
```
### Testing Commands
```bash
# Test dashboard API
curl http://127.0.0.1:4000/api/ui/dashboard
# Test Docker pull (triggers metrics)
curl http://127.0.0.1:4000/v2/test/manifests/v1
# Test npm proxy (triggers cache miss)
curl http://127.0.0.1:4000/npm/lodash/-/lodash-4.17.21.tgz -o /dev/null
```
### Future Improvements (Dashboard)
- [ ] Add PyPI download instrumentation
- [ ] Persist metrics to disk (currently reset on restart)
- [ ] Add WebSocket for real-time updates (instead of polling)
- [ ] Add graphs/charts for metrics over time
- [ ] Add user/client tracking in activity log
- [ ] Dark/light theme toggle
---
## v0.3.0 - OIDC / Workload Identity Federation
### Killer Feature: OIDC for CI/CD
Zero-secret authentication for GitHub Actions, GitLab CI, etc.
**Goal:** Replace manual `ROBOT_TOKEN` rotation with federated identity.
```yaml
# GitHub Actions example
permissions:
id-token: write
steps:
- name: Login to NORA
uses: nora/login-action@v1
```
### Config Structure (draft)
```toml
[auth.oidc]
enabled = true
# GitHub Actions
[[auth.oidc.providers]]
name = "github-actions"
issuer = "https://token.actions.githubusercontent.com"
audience = "https://nora.example.com"
[[auth.oidc.providers.rules]]
# Claim matching (supports glob)
match = { repository = "my-org/*", ref = "refs/heads/main" }
# Granted permissions
permissions = ["push:my-org/*", "pull:*"]
[[auth.oidc.providers.rules]]
match = { repository = "my-org/*", ref = "refs/heads/*" }
permissions = ["pull:*"]
# GitLab CI
[[auth.oidc.providers]]
name = "gitlab-ci"
issuer = "https://gitlab.com"
audience = "https://nora.example.com"
[[auth.oidc.providers.rules]]
match = { project_path = "my-group/*" }
permissions = ["push:my-group/*", "pull:*"]
```
### Implementation Tasks
- [ ] JWT validation library (jsonwebtoken crate)
- [ ] OIDC discovery (/.well-known/openid-configuration)
- [ ] JWKS fetching and caching
- [ ] Claims extraction and glob matching
- [ ] Permission resolution from rules
- [ ] Token exchange endpoint (POST /auth/oidc/token)
- [ ] GitHub Action: `nora/login-action`
---
## v0.4.0 - Transparent Docker Hub Proxy
### Pain Point
Harbor forces tag changes: `docker pull my-harbor/proxy-cache/library/nginx`
This breaks Helm charts hardcoded to `nginx`.
### Goal
Transparent pull-through cache:
```bash
docker pull nora.example.com/nginx # -> proxies to Docker Hub
```
### Implementation Tasks
- [ ] Registry v2 API interception
- [ ] Upstream registry configuration
- [ ] Cache layer management
- [ ] Rate limit handling (Docker Hub limits)
---
## v0.5.0 - Repo-level RBAC
### Challenge
Per-repository permissions need fast lookup (100 layers per push).
### Solution
Glob patterns for 90% of cases:
```toml
[[auth.rules]]
subject = "team-frontend"
permissions = ["push:frontend/*", "pull:*"]
[[auth.rules]]
subject = "ci-bot"
permissions = ["push:*/release-*", "pull:*"]
```
### Implementation Tasks
- [ ] In-memory permission cache
- [ ] Glob pattern matcher (globset crate)
- [ ] Permission inheritance (org -> project -> repo)
---
## Target Audience
1. DevOps engineers tired of Java/Go monsters
2. Edge/IoT installations (Raspberry Pi, branch offices)
3. Educational platforms (student labs)
4. CI/CD pipelines (GitHub Actions, GitLab CI)
## Competitive Advantages
| Feature | NORA | Harbor | Nexus |
|---------|------|--------|-------|
| Memory | <100MB | 2GB+ | 4GB+ |
| OIDC for CI | v0.3.0 | No | No |
| Transparent proxy | v0.4.0 | No (tag rewrite) | Partial |
| Single binary | Yes | No (microservices) | No (Java) |
| Zero-config upgrade | Yes | Complex | Complex |
---
## v0.6.0 - Online Garbage Collection
### Pain Point
Harbor GC blocks registry for hours. Can't push during cleanup.
### Goal
Non-blocking garbage collection with zero downtime.
### Implementation Tasks
- [ ] Mark-and-sweep without locking
- [ ] Background blob cleanup
- [ ] Progress reporting via API/CLI
- [ ] `nora gc --dry-run` preview
---
## v0.7.0 - Retention Policies
### Pain Point
"Keep last 10 tags" sounds simple, works poorly everywhere.
### Goal
Declarative retention rules in config:
```toml
[[retention]]
match = "*/dev-*"
keep_last = 5
[[retention]]
match = "*/release-*"
keep_last = 20
older_than = "90d"
[[retention]]
match = "**/pr-*"
older_than = "7d"
```
### Implementation Tasks
- [ ] Glob pattern matching for repos/tags
- [ ] Age-based and count-based rules
- [ ] Dry-run mode
- [ ] Scheduled execution (cron-style)
---
## v0.8.0 - Multi-tenancy & Quotas
### Pain Point
Harbor projects have quotas but configuration is painful. Nexus has no real isolation.
### Goal
Simple namespaces with limits:
```toml
[[tenants]]
name = "team-frontend"
storage_quota = "50GB"
rate_limit = { push = 100, pull = 1000 } # per hour
[[tenants]]
name = "team-backend"
storage_quota = "100GB"
```
### Implementation Tasks
- [ ] Tenant isolation (namespace prefix)
- [ ] Storage quota tracking
- [ ] Per-tenant rate limiting
- [ ] Usage reporting API
---
## v0.9.0 - Smart Replication
### Pain Point
Harbor replication rules are complex, errors silently swallowed.
### Goal
Simple CLI-driven replication with clear feedback:
```bash
nora replicate --to remote-dc --filter "prod/*" --dry-run
nora replicate --from gcr.io/my-project/* --to local/imported/
```
### Implementation Tasks
- [ ] Push-based replication to remote NORA
- [ ] Pull-based import from external registries (Docker Hub, GCR, ECR, Quay)
- [ ] Filter by glob patterns
- [ ] Progress bar and detailed logs
- [ ] Retry logic with exponential backoff
---
## v1.0.0 - Production Ready
### Features to polish
- [ ] Full CLI (`nora images ls`, `nora tag`, `nora delete`)
- [ ] Webhooks with filters and retry logic
- [ ] Enhanced Prometheus metrics (per-repo stats, cache hit ratio, bandwidth per tenant)
- [ ] TUI dashboard (optional)
- [ ] Helm chart for Kubernetes deployment
- [ ] Official Docker image on ghcr.io
---
## Future Ideas (v1.x+)
### Cold Storage Tiering
Auto-move old tags to S3 Glacier:
```toml
[[storage.tiering]]
match = "*"
older_than = "180d"
move_to = "s3-glacier"
```
### Vulnerability Scanning Integration
Not built-in (use Trivy), but:
- [ ] Webhook on push -> trigger external scan
- [ ] Store scan results as OCI artifacts
- [ ] Block pull if critical CVEs (policy)
### Image Signing (Cosign/Notation)
- [ ] Signature storage (OCI artifacts)
- [ ] Policy enforcement (reject unsigned)
### P2P Distribution (Dragonfly/Kraken style)
For large clusters pulling same image simultaneously.
---
---
## Architecture / DDD
### Current State (v0.2.0)
Monolithic structure, all in `nora-registry/src/`:
```
src/
├── main.rs # CLI + server setup
├── auth.rs # htpasswd + basic auth
├── tokens.rs # API tokens
├── storage/ # Storage backends (local, s3)
├── registry/ # Protocol handlers (docker, maven, npm, cargo, pypi)
├── ui/ # Web dashboard
└── ...
```
### Target Architecture (v1.0+)
#### Domain-Driven Design Boundaries
```
nora/
├── nora-core/ # Domain layer (no dependencies)
│ ├── src/
│ │ ├── artifact.rs # Artifact, Digest, Tag, Manifest
│ │ ├── repository.rs # Repository, Namespace
│ │ ├── identity.rs # User, ServiceAccount, Token
│ │ ├── policy.rs # Permission, Rule, Quota
│ │ └── events.rs # DomainEvent (ArtifactPushed, etc.)
├── nora-auth/ # Authentication bounded context
│ ├── src/
│ │ ├── htpasswd.rs # Basic auth provider
│ │ ├── oidc.rs # OIDC/JWT provider
│ │ ├── token.rs # API token provider
│ │ └── rbac.rs # Permission resolver
├── nora-storage/ # Storage bounded context
│ ├── src/
│ │ ├── backend.rs # StorageBackend trait
│ │ ├── local.rs # Filesystem
│ │ ├── s3.rs # S3-compatible
│ │ ├── tiered.rs # Hot/cold tiering
│ │ └── gc.rs # Garbage collection
├── nora-registry/ # Application layer (HTTP API)
│ ├── src/
│ │ ├── api/
│ │ │ ├── oci.rs # OCI Distribution API (/v2/)
│ │ │ ├── maven.rs # Maven repository
│ │ │ ├── npm.rs # npm registry
│ │ │ ├── cargo.rs # Cargo registry
│ │ │ └── pypi.rs # PyPI (simple API)
│ │ ├── proxy/ # Upstream proxy/cache
│ │ ├── webhook/ # Event webhooks
│ │ └── ui/ # Web dashboard
├── nora-cli/ # CLI application
│ ├── src/
│ │ ├── commands/
│ │ │ ├── serve.rs
│ │ │ ├── images.rs # nora images ls/delete/tag
│ │ │ ├── gc.rs # nora gc
│ │ │ ├── backup.rs # nora backup/restore
│ │ │ ├── migrate.rs # nora migrate
│ │ │ └── replicate.rs
│ │ └── tui/ # Optional TUI dashboard
└── nora-sdk/ # Client SDK (for nora/login-action)
└── src/
├── client.rs # HTTP client
└── oidc.rs # Token exchange
```
#### Key Principles
1. **Hexagonal Architecture**
- Core domain has no external dependencies
- Ports (traits) define boundaries
- Adapters implement ports (S3, filesystem, OIDC providers)
2. **Event-Driven**
- Domain events: `ArtifactPushed`, `ArtifactDeleted`, `TagCreated`
- Webhooks subscribe to events
- Async processing for GC, replication
3. **CQRS-lite**
- Commands: Push, Delete, CreateToken
- Queries: List, Get, Search
- Separate read/write paths for hot endpoints
4. **Configuration as Code**
- All policies in `nora.toml`
- No database for config (file-based)
- GitOps friendly
#### Trait Boundaries (Ports)
```rust
// nora-core/src/ports.rs
#[async_trait]
pub trait ArtifactStore {
async fn push_blob(&self, digest: &Digest, data: Bytes) -> Result<()>;
async fn get_blob(&self, digest: &Digest) -> Result<Bytes>;
async fn push_manifest(&self, repo: &Repository, tag: &Tag, manifest: &Manifest) -> Result<()>;
async fn get_manifest(&self, repo: &Repository, reference: &Reference) -> Result<Manifest>;
async fn list_tags(&self, repo: &Repository) -> Result<Vec<Tag>>;
async fn delete(&self, repo: &Repository, reference: &Reference) -> Result<()>;
}
#[async_trait]
pub trait IdentityProvider {
async fn authenticate(&self, credentials: &Credentials) -> Result<Identity>;
async fn authorize(&self, identity: &Identity, action: &Action, resource: &Resource) -> Result<bool>;
}
#[async_trait]
pub trait EventPublisher {
async fn publish(&self, event: DomainEvent) -> Result<()>;
}
```
#### Migration Path
| Phase | Action |
|-------|--------|
| v0.3 | Extract `nora-auth` crate (OIDC work) |
| v0.4 | Extract `nora-core` domain types |
| v0.5 | Extract `nora-storage` with trait boundaries |
| v0.6+ | Refactor registry handlers to use ports |
| v1.0 | Full hexagonal architecture |
### Technical Debt to Address
- [ ] Remove `unwrap()` in non-test code (started in e9984cf)
- [ ] Add tracing spans to all handlers
- [ ] Consistent error types across modules
- [ ] Extract hardcoded limits to config
- [ ] Add OpenTelemetry support (traces, not just metrics)
### Performance Requirements
| Metric | Target |
|--------|--------|
| Memory (idle) | <50MB |
| Memory (under load) | <100MB |
| Startup time | <1s |
| Blob throughput | Wire speed (no processing overhead) |
| Manifest latency | <10ms p99 |
| Auth check | <1ms (cached) |
### Security Requirements
- [ ] No secrets in logs (already redacting)
- [ ] TLS termination (or trust reverse proxy)
- [ ] Content-addressable storage (immutable blobs)
- [ ] Audit log for all mutations
- [ ] SBOM generation for NORA itself
---
## Notes
- S3 storage: already implemented
- Web UI: minimalist read-only dashboard (done)
- TUI: consider for v1.0
- Vulnerability scanning: out of scope (use Trivy externally)
- Image signing: out of scope for now (use cosign externally)

83
deploy/demo-traffic.sh Normal file
View File

@@ -0,0 +1,83 @@
#!/bin/bash
# Demo traffic simulator for NORA registry
# Generates random registry activity for dashboard demo
REGISTRY="http://localhost:4000"
LOG_FILE="/var/log/nora-demo-traffic.log"
# Sample packages to fetch
NPM_PACKAGES=("lodash" "express" "react" "axios" "moment" "underscore" "chalk" "debug")
MAVEN_ARTIFACTS=(
"org/apache/commons/commons-lang3/3.12.0/commons-lang3-3.12.0.pom"
"com/google/guava/guava/31.1-jre/guava-31.1-jre.pom"
"org/slf4j/slf4j-api/2.0.0/slf4j-api-2.0.0.pom"
)
DOCKER_IMAGES=("alpine" "busybox" "hello-world")
log() {
echo "[$(date '+%Y-%m-%d %H:%M:%S')] $1" >> "$LOG_FILE"
}
# Random sleep between min and max seconds
random_sleep() {
local min=$1
local max=$2
local delay=$((RANDOM % (max - min + 1) + min))
sleep $delay
}
# Fetch random npm package
fetch_npm() {
local pkg=${NPM_PACKAGES[$RANDOM % ${#NPM_PACKAGES[@]}]}
log "NPM: fetching $pkg"
curl -s "$REGISTRY/npm/$pkg" > /dev/null 2>&1
}
# Fetch random maven artifact
fetch_maven() {
local artifact=${MAVEN_ARTIFACTS[$RANDOM % ${#MAVEN_ARTIFACTS[@]}]}
log "MAVEN: fetching $artifact"
curl -s "$REGISTRY/maven2/$artifact" > /dev/null 2>&1
}
# Docker push/pull cycle
docker_cycle() {
local img=${DOCKER_IMAGES[$RANDOM % ${#DOCKER_IMAGES[@]}]}
local tag="demo-$(date +%s)"
log "DOCKER: push/pull cycle for $img"
# Tag and push
docker tag "$img:latest" "localhost:4000/demo/$img:$tag" 2>/dev/null
docker push "localhost:4000/demo/$img:$tag" > /dev/null 2>&1
# Pull back
docker rmi "localhost:4000/demo/$img:$tag" > /dev/null 2>&1
docker pull "localhost:4000/demo/$img:$tag" > /dev/null 2>&1
# Cleanup
docker rmi "localhost:4000/demo/$img:$tag" > /dev/null 2>&1
}
# Main loop
log "Starting demo traffic simulator"
while true; do
# Random operation
op=$((RANDOM % 10))
case $op in
0|1|2|3) # 40% npm
fetch_npm
;;
4|5|6) # 30% maven
fetch_maven
;;
7|8|9) # 30% docker
docker_cycle
;;
esac
# Random delay: 30-120 seconds
random_sleep 30 120
done

15
deploy/nora-demo-traffic.service Normal file
View File

@@ -0,0 +1,15 @@
[Unit]
Description=NORA Demo Traffic Simulator
After=docker.service
Requires=docker.service
[Service]
Type=simple
ExecStart=/opt/nora/demo-traffic.sh
Restart=always
RestartSec=10
StandardOutput=journal
StandardError=journal
[Install]
WantedBy=multi-user.target

1
nora-registry/Cargo.toml
View File

@@ -41,6 +41,7 @@ chrono = { version = "0.4", features = ["serde"] }
thiserror = "2"
tower_governor = "0.8"
governor = "0.10"
parking_lot = "0.12"
[dev-dependencies]
tempfile = "3"

98
nora-registry/src/activity_log.rs Normal file
View File

@@ -0,0 +1,98 @@
use chrono::{DateTime, Utc};
use parking_lot::RwLock;
use serde::Serialize;
use std::collections::VecDeque;
/// Type of action that was performed
#[derive(Debug, Clone, Serialize, PartialEq)]
pub enum ActionType {
Pull,
Push,
CacheHit,
ProxyFetch,
}
impl std::fmt::Display for ActionType {
fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
match self {
ActionType::Pull => write!(f, "PULL"),
ActionType::Push => write!(f, "PUSH"),
ActionType::CacheHit => write!(f, "CACHE"),
ActionType::ProxyFetch => write!(f, "PROXY"),
}
}
}
/// A single activity log entry
#[derive(Debug, Clone, Serialize)]
pub struct ActivityEntry {
pub timestamp: DateTime<Utc>,
pub action: ActionType,
pub artifact: String,
pub registry: String,
pub source: String, // "LOCAL", "PROXY", "CACHE"
}
impl ActivityEntry {
pub fn new(action: ActionType, artifact: String, registry: &str, source: &str) -> Self {
Self {
timestamp: Utc::now(),
action,
artifact,
registry: registry.to_string(),
source: source.to_string(),
}
}
}
/// Thread-safe activity log with bounded size
pub struct ActivityLog {
entries: RwLock<VecDeque<ActivityEntry>>,
max_entries: usize,
}
impl ActivityLog {
pub fn new(max: usize) -> Self {
Self {
entries: RwLock::new(VecDeque::with_capacity(max)),
max_entries: max,
}
}
/// Add a new entry to the log, removing oldest if at capacity
pub fn push(&self, entry: ActivityEntry) {
let mut entries = self.entries.write();
if entries.len() >= self.max_entries {
entries.pop_front();
}
entries.push_back(entry);
}
/// Get the most recent N entries (newest first)
pub fn recent(&self, count: usize) -> Vec<ActivityEntry> {
let entries = self.entries.read();
entries.iter().rev().take(count).cloned().collect()
}
/// Get all entries (newest first)
pub fn all(&self) -> Vec<ActivityEntry> {
let entries = self.entries.read();
entries.iter().rev().cloned().collect()
}
/// Get the total number of entries
pub fn len(&self) -> usize {
self.entries.read().len()
}
/// Check if the log is empty
pub fn is_empty(&self) -> bool {
self.entries.read().is_empty()
}
}
impl Default for ActivityLog {
fn default() -> Self {
Self::new(50)
}
}

4
nora-registry/src/auth.rs
View File

@@ -405,7 +405,9 @@ mod tests {
// Protected paths
assert!(!is_public_path("/v2/myimage/blobs/sha256:abc"));
assert!(!is_public_path("/v2/library/nginx/manifests/latest"));
assert!(!is_public_path("/maven2/com/example/artifact/1.0/artifact.jar"));
assert!(!is_public_path(
"/maven2/com/example/artifact/1.0/artifact.jar"
));
assert!(!is_public_path("/npm/lodash"));
}

114
nora-registry/src/dashboard_metrics.rs Normal file
View File

@@ -0,0 +1,114 @@
use std::sync::atomic::{AtomicU64, Ordering};
use std::time::Instant;
/// Dashboard metrics for tracking registry activity
/// Uses atomic counters for thread-safe access without locks
pub struct DashboardMetrics {
// Global counters
pub downloads: AtomicU64,
pub uploads: AtomicU64,
pub cache_hits: AtomicU64,
pub cache_misses: AtomicU64,
// Per-registry download counters
pub docker_downloads: AtomicU64,
pub docker_uploads: AtomicU64,
pub npm_downloads: AtomicU64,
pub maven_downloads: AtomicU64,
pub maven_uploads: AtomicU64,
pub cargo_downloads: AtomicU64,
pub pypi_downloads: AtomicU64,
pub start_time: Instant,
}
impl DashboardMetrics {
pub fn new() -> Self {
Self {
downloads: AtomicU64::new(0),
uploads: AtomicU64::new(0),
cache_hits: AtomicU64::new(0),
cache_misses: AtomicU64::new(0),
docker_downloads: AtomicU64::new(0),
docker_uploads: AtomicU64::new(0),
npm_downloads: AtomicU64::new(0),
maven_downloads: AtomicU64::new(0),
maven_uploads: AtomicU64::new(0),
cargo_downloads: AtomicU64::new(0),
pypi_downloads: AtomicU64::new(0),
start_time: Instant::now(),
}
}
/// Record a download event for the specified registry
pub fn record_download(&self, registry: &str) {
self.downloads.fetch_add(1, Ordering::Relaxed);
match registry {
"docker" => self.docker_downloads.fetch_add(1, Ordering::Relaxed),
"npm" => self.npm_downloads.fetch_add(1, Ordering::Relaxed),
"maven" => self.maven_downloads.fetch_add(1, Ordering::Relaxed),
"cargo" => self.cargo_downloads.fetch_add(1, Ordering::Relaxed),
"pypi" => self.pypi_downloads.fetch_add(1, Ordering::Relaxed),
_ => 0,
};
}
/// Record an upload event for the specified registry
pub fn record_upload(&self, registry: &str) {
self.uploads.fetch_add(1, Ordering::Relaxed);
match registry {
"docker" => self.docker_uploads.fetch_add(1, Ordering::Relaxed),
"maven" => self.maven_uploads.fetch_add(1, Ordering::Relaxed),
_ => 0,
};
}
/// Record a cache hit
pub fn record_cache_hit(&self) {
self.cache_hits.fetch_add(1, Ordering::Relaxed);
}
/// Record a cache miss
pub fn record_cache_miss(&self) {
self.cache_misses.fetch_add(1, Ordering::Relaxed);
}
/// Calculate the cache hit rate as a percentage
pub fn cache_hit_rate(&self) -> f64 {
let hits = self.cache_hits.load(Ordering::Relaxed);
let misses = self.cache_misses.load(Ordering::Relaxed);
let total = hits + misses;
if total == 0 {
0.0
} else {
(hits as f64 / total as f64) * 100.0
}
}
/// Get download count for a specific registry
pub fn get_registry_downloads(&self, registry: &str) -> u64 {
match registry {
"docker" => self.docker_downloads.load(Ordering::Relaxed),
"npm" => self.npm_downloads.load(Ordering::Relaxed),
"maven" => self.maven_downloads.load(Ordering::Relaxed),
"cargo" => self.cargo_downloads.load(Ordering::Relaxed),
"pypi" => self.pypi_downloads.load(Ordering::Relaxed),
_ => 0,
}
}
/// Get upload count for a specific registry
pub fn get_registry_uploads(&self, registry: &str) -> u64 {
match registry {
"docker" => self.docker_uploads.load(Ordering::Relaxed),
"maven" => self.maven_uploads.load(Ordering::Relaxed),
_ => 0,
}
}
}
impl Default for DashboardMetrics {
fn default() -> Self {
Self::new()
}
}

1
nora-registry/src/error.rs
View File

@@ -1,3 +1,4 @@
#![allow(dead_code)]
//! Application error handling with HTTP response conversion
//!
//! Provides a unified error type that can be converted to HTTP responses

28
nora-registry/src/main.rs
View File

@@ -1,6 +1,8 @@
mod activity_log;
mod auth;
mod backup;
mod config;
mod dashboard_metrics;
mod error;
mod health;
mod metrics;
@@ -23,17 +25,15 @@ use tokio::signal;
use tracing::{error, info, warn};
use tracing_subscriber::{fmt, prelude::*, EnvFilter};
use activity_log::ActivityLog;
use auth::HtpasswdAuth;
use config::{Config, StorageMode};
use dashboard_metrics::DashboardMetrics;
pub use storage::Storage;
use tokens::TokenStore;
#[derive(Parser)]
#[command(
name = "nora",
version,
about = "Multi-protocol artifact registry"
)]
#[command(name = "nora", version, about = "Multi-protocol artifact registry")]
struct Cli {
#[command(subcommand)]
command: Option<Commands>,
@@ -75,6 +75,8 @@ pub struct AppState {
pub start_time: Instant,
pub auth: Option<HtpasswdAuth>,
pub tokens: Option<TokenStore>,
pub metrics: DashboardMetrics,
pub activity: ActivityLog,
}
#[tokio::main]
@@ -209,6 +211,8 @@ async fn run_server(config: Config, storage: Storage) {
start_time,
auth,
tokens,
metrics: DashboardMetrics::new(),
activity: ActivityLog::new(50),
});
// Token routes with strict rate limiting (brute-force protection)
@@ -223,14 +227,22 @@ async fn run_server(config: Config, storage: Storage) {
.merge(registry::pypi_routes())
.layer(rate_limit::upload_rate_limiter());
let app = Router::new()
// Routes WITHOUT rate limiting (health, metrics, UI)
let public_routes = Router::new()
.merge(health::routes())
.merge(metrics::routes())
.merge(ui::routes())
.merge(openapi::routes())
.merge(openapi::routes());
// Routes WITH rate limiting
let rate_limited_routes = Router::new()
.merge(auth_routes)
.merge(registry_routes)
.layer(rate_limit::general_rate_limiter()) // General rate limit for all routes
.layer(rate_limit::general_rate_limiter());
let app = Router::new()
.merge(public_routes)
.merge(rate_limited_routes)
.layer(DefaultBodyLimit::max(100 * 1024 * 1024)) // 100MB default body limit
.layer(middleware::from_fn(request_id::request_id_middleware))
.layer(middleware::from_fn(metrics::metrics_middleware))

11
nora-registry/src/migrate.rs
View File

@@ -8,17 +8,12 @@ use indicatif::{ProgressBar, ProgressStyle};
use tracing::{info, warn};
/// Migration options
#[derive(Default)]
pub struct MigrateOptions {
/// If true, show what would be migrated without copying
pub dry_run: bool,
}
impl Default for MigrateOptions {
fn default() -> Self {
Self { dry_run: false }
}
}
/// Migration statistics
#[derive(Debug, Default)]
pub struct MigrateStats {
@@ -64,7 +59,9 @@ pub async fn migrate(
let pb = ProgressBar::new(keys.len() as u64);
pb.set_style(
ProgressStyle::default_bar()
.template("{spinner:.green} [{elapsed_precise}] [{bar:40.cyan/blue}] {pos}/{len} ({eta})")
.template(
"{spinner:.green} [{elapsed_precise}] [{bar:40.cyan/blue}] {pos}/{len} ({eta})",
)
.expect("Invalid progress bar template")
.progress_chars("#>-"),
);

90
nora-registry/src/openapi.rs
View File

@@ -15,7 +15,7 @@ use crate::AppState;
#[openapi(
info(
title = "Nora",
version = "0.1.0",
version = "0.2.10",
description = "Multi-protocol package registry supporting Docker, Maven, npm, Cargo, and PyPI",
license(name = "MIT"),
contact(name = "DevITWay", url = "https://github.com/getnora-io/nora")
@@ -25,6 +25,7 @@ use crate::AppState;
),
tags(
(name = "health", description = "Health check endpoints"),
(name = "dashboard", description = "Dashboard & Metrics API"),
(name = "docker", description = "Docker Registry v2 API"),
(name = "maven", description = "Maven Repository API"),
(name = "npm", description = "npm Registry API"),
@@ -36,6 +37,8 @@ use crate::AppState;
// Health
crate::openapi::health_check,
crate::openapi::readiness_check,
// Dashboard
crate::openapi::dashboard_metrics,
// Docker
crate::openapi::docker_version,
crate::openapi::docker_catalog,
@@ -59,6 +62,11 @@ use crate::AppState;
HealthResponse,
StorageHealth,
RegistriesHealth,
DashboardResponse,
GlobalStats,
RegistryCardStats,
MountPoint,
ActivityEntry,
DockerVersion,
DockerCatalog,
DockerTags,
@@ -182,6 +190,72 @@ pub struct ErrorResponse {
pub error: String,
}
#[derive(Serialize, ToSchema)]
pub struct DashboardResponse {
/// Global statistics across all registries
pub global_stats: GlobalStats,
/// Per-registry statistics
pub registry_stats: Vec<RegistryCardStats>,
/// Registry mount points and proxy configuration
pub mount_points: Vec<MountPoint>,
/// Recent activity log entries
pub activity: Vec<ActivityEntry>,
/// Server uptime in seconds
pub uptime_seconds: u64,
}
#[derive(Serialize, ToSchema)]
pub struct GlobalStats {
/// Total downloads across all registries
pub downloads: u64,
/// Total uploads across all registries
pub uploads: u64,
/// Total artifact count
pub artifacts: u64,
/// Cache hit percentage (0-100)
pub cache_hit_percent: f64,
/// Total storage used in bytes
pub storage_bytes: u64,
}
#[derive(Serialize, ToSchema)]
pub struct RegistryCardStats {
/// Registry name (docker, maven, npm, cargo, pypi)
pub name: String,
/// Number of artifacts in this registry
pub artifact_count: usize,
/// Download count for this registry
pub downloads: u64,
/// Upload count for this registry
pub uploads: u64,
/// Storage used by this registry in bytes
pub size_bytes: u64,
}
#[derive(Serialize, ToSchema)]
pub struct MountPoint {
/// Registry display name
pub registry: String,
/// URL mount path (e.g., /v2/, /maven2/)
pub mount_path: String,
/// Upstream proxy URL if configured
pub proxy_upstream: Option<String>,
}
#[derive(Serialize, ToSchema)]
pub struct ActivityEntry {
/// ISO 8601 timestamp
pub timestamp: String,
/// Action type (Pull, Push, CacheHit, ProxyFetch)
pub action: String,
/// Artifact name/identifier
pub artifact: String,
/// Registry type
pub registry: String,
/// Source (LOCAL, PROXY, CACHE)
pub source: String,
}
// ============ Path Operations (documentation only) ============
/// Health check endpoint
@@ -208,6 +282,20 @@ pub async fn health_check() {}
)]
pub async fn readiness_check() {}
/// Dashboard metrics and activity
///
/// Returns comprehensive metrics including downloads, uploads, cache statistics,
/// per-registry stats, mount points configuration, and recent activity log.
#[utoipa::path(
get,
path = "/api/ui/dashboard",
tag = "dashboard",
responses(
(status = 200, description = "Dashboard metrics", body = DashboardResponse)
)
)]
pub async fn dashboard_metrics() {}
/// Docker Registry version check
#[utoipa::path(
get,

20
nora-registry/src/rate_limit.rs
View File

@@ -1,3 +1,4 @@
#![allow(dead_code)]
//! Rate limiting configuration and middleware
//!
//! Provides rate limiting to protect against:
@@ -27,11 +28,11 @@ pub struct RateLimitConfig {
impl Default for RateLimitConfig {
fn default() -> Self {
Self {
auth_rps: 1, // 1 req/sec for auth (strict)
auth_burst: 5, // Allow burst of 5
upload_rps: 10, // 10 req/sec for uploads
upload_burst: 20, // Allow burst of 20
general_rps: 100, // 100 req/sec general
auth_rps: 1, // 1 req/sec for auth (strict)
auth_burst: 5, // Allow burst of 5
upload_rps: 200, // 200 req/sec for uploads (Docker needs high parallelism)
upload_burst: 500, // Allow burst of 500
general_rps: 100, // 100 req/sec general
general_burst: 200, // Allow burst of 200
}
}
@@ -57,15 +58,16 @@ pub fn auth_rate_limiter() -> tower_governor::GovernorLayer<
/// Create rate limiter layer for upload endpoints
///
/// Default: 10 requests per second, burst of 20
/// Default: 200 requests per second, burst of 500
/// High limits to accommodate Docker client's aggressive parallel layer uploads
pub fn upload_rate_limiter() -> tower_governor::GovernorLayer<
tower_governor::key_extractor::PeerIpKeyExtractor,
governor::middleware::StateInformationMiddleware,
axum::body::Body,
> {
let config = GovernorConfigBuilder::default()
.per_second(10)
.burst_size(20)
.per_second(200)
.burst_size(500)
.use_headers()
.finish()
.unwrap();
@@ -100,7 +102,7 @@ mod tests {
let config = RateLimitConfig::default();
assert_eq!(config.auth_rps, 1);
assert_eq!(config.auth_burst, 5);
assert_eq!(config.upload_rps, 10);
assert_eq!(config.upload_rps, 200);
assert_eq!(config.general_rps, 100);
}

13
nora-registry/src/registry/cargo_registry.rs
View File

@@ -1,3 +1,4 @@
use crate::activity_log::{ActionType, ActivityEntry};
use crate::AppState;
use axum::{
extract::{Path, State},
@@ -37,7 +38,17 @@ async fn download(
crate_name, version, crate_name, version
);
match state.storage.get(&key).await {
Ok(data) => (StatusCode::OK, data).into_response(),
Ok(data) => {
state.metrics.record_download("cargo");
state.metrics.record_cache_hit();
state.activity.push(ActivityEntry::new(
ActionType::Pull,
format!("{}@{}", crate_name, version),
"cargo",
"LOCAL",
));
(StatusCode::OK, data).into_response()
}
Err(_) => StatusCode::NOT_FOUND.into_response(),
}
}

186
nora-registry/src/registry/docker.rs
View File

@@ -1,3 +1,4 @@
use crate::activity_log::{ActionType, ActivityEntry};
use crate::validation::{validate_digest, validate_docker_name, validate_docker_reference};
use crate::AppState;
use axum::{
@@ -5,12 +6,19 @@ use axum::{
extract::{Path, State},
http::{header, HeaderName, StatusCode},
response::{IntoResponse, Response},
routing::{get, head, put},
routing::{get, head, patch, put},
Json, Router,
};
use parking_lot::RwLock;
use serde_json::{json, Value};
use std::collections::HashMap;
use std::sync::Arc;
/// In-progress upload sessions for chunked uploads
/// Maps UUID -> accumulated data
static UPLOAD_SESSIONS: std::sync::LazyLock<RwLock<HashMap<String, Vec<u8>>>> =
std::sync::LazyLock::new(|| RwLock::new(HashMap::new()));
pub fn routes() -> Router<Arc<AppState>> {
Router::new()
.route("/v2/", get(check))
@@ -20,7 +28,10 @@ pub fn routes() -> Router<Arc<AppState>> {
"/v2/{name}/blobs/uploads/",
axum::routing::post(start_upload),
)
.route("/v2/{name}/blobs/uploads/{uuid}", put(upload_blob))
.route(
"/v2/{name}/blobs/uploads/{uuid}",
patch(patch_blob).put(upload_blob),
)
.route("/v2/{name}/manifests/{reference}", get(get_manifest))
.route("/v2/{name}/manifests/{reference}", put(put_manifest))
.route("/v2/{name}/tags/list", get(list_tags))
@@ -65,12 +76,22 @@ async fn download_blob(
let key = format!("docker/{}/blobs/{}", name, digest);
match state.storage.get(&key).await {
Ok(data) => (
StatusCode::OK,
[(header::CONTENT_TYPE, "application/octet-stream")],
data,
)
.into_response(),
Ok(data) => {
state.metrics.record_download("docker");
state.metrics.record_cache_hit();
state.activity.push(ActivityEntry::new(
ActionType::Pull,
format!("{}@{}", name, &digest[..19.min(digest.len())]),
"docker",
"LOCAL",
));
(
StatusCode::OK,
[(header::CONTENT_TYPE, "application/octet-stream")],
data,
)
.into_response()
}
Err(_) => StatusCode::NOT_FOUND.into_response(),
}
}
@@ -92,9 +113,46 @@ async fn start_upload(Path(name): Path<String>) -> Response {
.into_response()
}
/// PATCH handler for chunked blob uploads
/// Docker client sends data chunks via PATCH, then finalizes with PUT
async fn patch_blob(Path((name, uuid)): Path<(String, String)>, body: Bytes) -> Response {
if let Err(e) = validate_docker_name(&name) {
return (StatusCode::BAD_REQUEST, e.to_string()).into_response();
}
// Append data to the upload session and get total size
let total_size = {
let mut sessions = UPLOAD_SESSIONS.write();
let session = sessions.entry(uuid.clone()).or_default();
session.extend_from_slice(&body);
session.len()
};
let location = format!("/v2/{}/blobs/uploads/{}", name, uuid);
// Range header indicates bytes 0 to (total_size - 1) have been received
let range = if total_size > 0 {
format!("0-{}", total_size - 1)
} else {
"0-0".to_string()
};
(
StatusCode::ACCEPTED,
[
(header::LOCATION, location),
(header::RANGE, range),
(HeaderName::from_static("docker-upload-uuid"), uuid),
],
)
.into_response()
}
/// PUT handler for completing blob uploads
/// Handles both monolithic uploads (body contains all data) and
/// chunked upload finalization (body may be empty, data in session)
async fn upload_blob(
State(state): State<Arc<AppState>>,
Path((name, _uuid)): Path<(String, String)>,
Path((name, uuid)): Path<(String, String)>,
axum::extract::Query(params): axum::extract::Query<std::collections::HashMap<String, String>>,
body: Bytes,
) -> Response {
@@ -111,9 +169,31 @@ async fn upload_blob(
return (StatusCode::BAD_REQUEST, e.to_string()).into_response();
}
// Get data from chunked session if exists, otherwise use body directly
let data = {
let mut sessions = UPLOAD_SESSIONS.write();
if let Some(mut session_data) = sessions.remove(&uuid) {
// Chunked upload: append any final body data and use session
if !body.is_empty() {
session_data.extend_from_slice(&body);
}
session_data
} else {
// Monolithic upload: use body directly
body.to_vec()
}
};
let key = format!("docker/{}/blobs/{}", name, digest);
match state.storage.put(&key, &body).await {
match state.storage.put(&key, &data).await {
Ok(()) => {
state.metrics.record_upload("docker");
state.activity.push(ActivityEntry::new(
ActionType::Push,
format!("{}@{}", name, &digest[..19.min(digest.len())]),
"docker",
"LOCAL",
));
let location = format!("/v2/{}/blobs/{}", name, digest);
(StatusCode::CREATED, [(header::LOCATION, location)]).into_response()
}
@@ -134,15 +214,32 @@ async fn get_manifest(
let key = format!("docker/{}/manifests/{}.json", name, reference);
match state.storage.get(&key).await {
Ok(data) => (
StatusCode::OK,
[(
header::CONTENT_TYPE,
"application/vnd.docker.distribution.manifest.v2+json",
)],
data,
)
.into_response(),
Ok(data) => {
state.metrics.record_download("docker");
state.metrics.record_cache_hit();
state.activity.push(ActivityEntry::new(
ActionType::Pull,
format!("{}:{}", name, reference),
"docker",
"LOCAL",
));
// Calculate digest for Docker-Content-Digest header
use sha2::Digest;
let digest = format!("sha256:{:x}", sha2::Sha256::digest(&data));
(
StatusCode::OK,
[
(
header::CONTENT_TYPE,
"application/vnd.docker.distribution.manifest.v2+json".to_string(),
),
(HeaderName::from_static("docker-content-digest"), digest),
],
data,
)
.into_response()
}
Err(_) => StatusCode::NOT_FOUND.into_response(),
}
}
@@ -159,29 +256,42 @@ async fn put_manifest(
return (StatusCode::BAD_REQUEST, e.to_string()).into_response();
}
// Calculate digest
use sha2::Digest;
let digest = format!("sha256:{:x}", sha2::Sha256::digest(&body));
// Store by tag/reference
let key = format!("docker/{}/manifests/{}.json", name, reference);
match state.storage.put(&key, &body).await {
Ok(()) => {
use sha2::Digest;
let digest = format!("sha256:{:x}", sha2::Sha256::digest(&body));
let location = format!("/v2/{}/manifests/{}", name, reference);
(
StatusCode::CREATED,
[
(header::LOCATION, location),
(HeaderName::from_static("docker-content-digest"), digest),
],
)
.into_response()
}
Err(_) => StatusCode::INTERNAL_SERVER_ERROR.into_response(),
if state.storage.put(&key, &body).await.is_err() {
return StatusCode::INTERNAL_SERVER_ERROR.into_response();
}
// Also store by digest for direct digest lookups
let digest_key = format!("docker/{}/manifests/{}.json", name, digest);
if state.storage.put(&digest_key, &body).await.is_err() {
return StatusCode::INTERNAL_SERVER_ERROR.into_response();
}
state.metrics.record_upload("docker");
state.activity.push(ActivityEntry::new(
ActionType::Push,
format!("{}:{}", name, reference),
"docker",
"LOCAL",
));
let location = format!("/v2/{}/manifests/{}", name, reference);
(
StatusCode::CREATED,
[
(header::LOCATION, location),
(HeaderName::from_static("docker-content-digest"), digest),
],
)
.into_response()
}
async fn list_tags(
State(state): State<Arc<AppState>>,
Path(name): Path<String>,
) -> Response {
async fn list_tags(State(state): State<Arc<AppState>>, Path(name): Path<String>) -> Response {
if let Err(e) = validate_docker_name(&name) {
return (StatusCode::BAD_REQUEST, e.to_string()).into_response();
}

52
nora-registry/src/registry/maven.rs
View File

@@ -1,3 +1,4 @@
use crate::activity_log::{ActionType, ActivityEntry};
use crate::AppState;
use axum::{
body::Bytes,
@@ -19,8 +20,27 @@ pub fn routes() -> Router<Arc<AppState>> {
async fn download(State(state): State<Arc<AppState>>, Path(path): Path<String>) -> Response {
let key = format!("maven/{}", path);
// Extract artifact name for logging (last 2-3 path components)
let artifact_name = path
.split('/')
.rev()
.take(3)
.collect::<Vec<_>>()
.into_iter()
.rev()
.collect::<Vec<_>>()
.join("/");
// Try local storage first
if let Ok(data) = state.storage.get(&key).await {
state.metrics.record_download("maven");
state.metrics.record_cache_hit();
state.activity.push(ActivityEntry::new(
ActionType::CacheHit,
artifact_name,
"maven",
"CACHE",
));
return with_content_type(&path, data).into_response();
}
@@ -30,6 +50,15 @@ async fn download(State(state): State<Arc<AppState>>, Path(path): Path<String>)
match fetch_from_proxy(&url, state.config.maven.proxy_timeout).await {
Ok(data) => {
state.metrics.record_download("maven");
state.metrics.record_cache_miss();
state.activity.push(ActivityEntry::new(
ActionType::ProxyFetch,
artifact_name,
"maven",
"PROXY",
));
// Cache in local storage (fire and forget)
let storage = state.storage.clone();
let key_clone = key.clone();
@@ -53,8 +82,29 @@ async fn upload(
body: Bytes,
) -> StatusCode {
let key = format!("maven/{}", path);
// Extract artifact name for logging
let artifact_name = path
.split('/')
.rev()
.take(3)
.collect::<Vec<_>>()
.into_iter()
.rev()
.collect::<Vec<_>>()
.join("/");
match state.storage.put(&key, &body).await {
Ok(()) => StatusCode::CREATED,
Ok(()) => {
state.metrics.record_upload("maven");
state.activity.push(ActivityEntry::new(
ActionType::Push,
artifact_name,
"maven",
"LOCAL",
));
StatusCode::CREATED
}
Err(_) => StatusCode::INTERNAL_SERVER_ERROR,
}
}

29
nora-registry/src/registry/npm.rs
View File

@@ -1,3 +1,4 @@
use crate::activity_log::{ActionType, ActivityEntry};
use crate::AppState;
use axum::{
body::Bytes,
@@ -29,8 +30,25 @@ async fn handle_request(State(state): State<Arc<AppState>>, Path(path): Path<Str
format!("npm/{}/metadata.json", path)
};
// Extract package name for logging
let package_name = if is_tarball {
path.split("/-/").next().unwrap_or(&path).to_string()
} else {
path.clone()
};
// Try local storage first
if let Ok(data) = state.storage.get(&key).await {
if is_tarball {
state.metrics.record_download("npm");
state.metrics.record_cache_hit();
state.activity.push(ActivityEntry::new(
ActionType::CacheHit,
package_name,
"npm",
"CACHE",
));
}
return with_content_type(is_tarball, data).into_response();
}
@@ -45,6 +63,17 @@ async fn handle_request(State(state): State<Arc<AppState>>, Path(path): Path<Str
};
if let Ok(data) = fetch_from_proxy(&url, state.config.npm.proxy_timeout).await {
if is_tarball {
state.metrics.record_download("npm");
state.metrics.record_cache_miss();
state.activity.push(ActivityEntry::new(
ActionType::ProxyFetch,
package_name,
"npm",
"PROXY",
));
}
// Cache in local storage (fire and forget)
let storage = state.storage.clone();
let key_clone = key.clone();

6
nora-registry/src/storage/mod.rs
View File

@@ -76,10 +76,8 @@ impl Storage {
pub async fn list(&self, prefix: &str) -> Vec<String> {
// Empty prefix is valid for listing all
if !prefix.is_empty() {
if let Err(_) = validate_storage_key(prefix) {
return Vec::new();
}
if !prefix.is_empty() && validate_storage_key(prefix).is_err() {
return Vec::new();
}
self.inner.list(prefix).await
}

157
nora-registry/src/ui/api.rs
View File

@@ -1,5 +1,6 @@
use super::components::{format_size, format_timestamp, html_escape};
use super::templates::encode_uri_component;
use crate::activity_log::ActivityEntry;
use crate::AppState;
use crate::Storage;
use axum::{
@@ -8,6 +9,7 @@ use axum::{
};
use serde::{Deserialize, Serialize};
use std::collections::{HashMap, HashSet};
use std::sync::atomic::Ordering;
use std::sync::Arc;
#[derive(Serialize)]
@@ -67,6 +69,40 @@ pub struct SearchQuery {
pub q: Option<String>,
}
#[derive(Serialize)]
pub struct DashboardResponse {
pub global_stats: GlobalStats,
pub registry_stats: Vec<RegistryCardStats>,
pub mount_points: Vec<MountPoint>,
pub activity: Vec<ActivityEntry>,
pub uptime_seconds: u64,
}
#[derive(Serialize)]
pub struct GlobalStats {
pub downloads: u64,
pub uploads: u64,
pub artifacts: u64,
pub cache_hit_percent: f64,
pub storage_bytes: u64,
}
#[derive(Serialize)]
pub struct RegistryCardStats {
pub name: String,
pub artifact_count: usize,
pub downloads: u64,
pub uploads: u64,
pub size_bytes: u64,
}
#[derive(Serialize)]
pub struct MountPoint {
pub registry: String,
pub mount_path: String,
pub proxy_upstream: Option<String>,
}
// ============ API Handlers ============
pub async fn api_stats(State(state): State<Arc<AppState>>) -> Json<RegistryStats> {
@@ -74,6 +110,127 @@ pub async fn api_stats(State(state): State<Arc<AppState>>) -> Json<RegistryStats
Json(stats)
}
pub async fn api_dashboard(State(state): State<Arc<AppState>>) -> Json<DashboardResponse> {
let registry_stats = get_registry_stats(&state.storage).await;
// Calculate total storage size
let all_keys = state.storage.list("").await;
let mut total_storage: u64 = 0;
let mut docker_size: u64 = 0;
let mut maven_size: u64 = 0;
let mut npm_size: u64 = 0;
let mut cargo_size: u64 = 0;
let mut pypi_size: u64 = 0;
for key in &all_keys {
if let Some(meta) = state.storage.stat(key).await {
total_storage += meta.size;
if key.starts_with("docker/") {
docker_size += meta.size;
} else if key.starts_with("maven/") {
maven_size += meta.size;
} else if key.starts_with("npm/") {
npm_size += meta.size;
} else if key.starts_with("cargo/") {
cargo_size += meta.size;
} else if key.starts_with("pypi/") {
pypi_size += meta.size;
}
}
}
let total_artifacts = registry_stats.docker
+ registry_stats.maven
+ registry_stats.npm
+ registry_stats.cargo
+ registry_stats.pypi;
let global_stats = GlobalStats {
downloads: state.metrics.downloads.load(Ordering::Relaxed),
uploads: state.metrics.uploads.load(Ordering::Relaxed),
artifacts: total_artifacts as u64,
cache_hit_percent: state.metrics.cache_hit_rate(),
storage_bytes: total_storage,
};
let registry_card_stats = vec![
RegistryCardStats {
name: "docker".to_string(),
artifact_count: registry_stats.docker,
downloads: state.metrics.get_registry_downloads("docker"),
uploads: state.metrics.get_registry_uploads("docker"),
size_bytes: docker_size,
},
RegistryCardStats {
name: "maven".to_string(),
artifact_count: registry_stats.maven,
downloads: state.metrics.get_registry_downloads("maven"),
uploads: state.metrics.get_registry_uploads("maven"),
size_bytes: maven_size,
},
RegistryCardStats {
name: "npm".to_string(),
artifact_count: registry_stats.npm,
downloads: state.metrics.get_registry_downloads("npm"),
uploads: 0,
size_bytes: npm_size,
},
RegistryCardStats {
name: "cargo".to_string(),
artifact_count: registry_stats.cargo,
downloads: state.metrics.get_registry_downloads("cargo"),
uploads: 0,
size_bytes: cargo_size,
},
RegistryCardStats {
name: "pypi".to_string(),
artifact_count: registry_stats.pypi,
downloads: state.metrics.get_registry_downloads("pypi"),
uploads: 0,
size_bytes: pypi_size,
},
];
let mount_points = vec![
MountPoint {
registry: "Docker".to_string(),
mount_path: "/v2/".to_string(),
proxy_upstream: None,
},
MountPoint {
registry: "Maven".to_string(),
mount_path: "/maven2/".to_string(),
proxy_upstream: state.config.maven.proxies.first().cloned(),
},
MountPoint {
registry: "npm".to_string(),
mount_path: "/npm/".to_string(),
proxy_upstream: state.config.npm.proxy.clone(),
},
MountPoint {
registry: "Cargo".to_string(),
mount_path: "/cargo/".to_string(),
proxy_upstream: None,
},
MountPoint {
registry: "PyPI".to_string(),
mount_path: "/simple/".to_string(),
proxy_upstream: None,
},
];
let activity = state.activity.recent(20);
let uptime_seconds = state.start_time.elapsed().as_secs();
Json(DashboardResponse {
global_stats,
registry_stats: registry_card_stats,
mount_points,
activity,
uptime_seconds,
})
}
pub async fn api_list(
State(state): State<Arc<AppState>>,
Path(registry_type): Path<String>,

389
nora-registry/src/ui/components.rs
View File

@@ -1,5 +1,13 @@
/// Main layout wrapper with header and sidebar
pub fn layout(title: &str, content: &str, active_page: Option<&str>) -> String {
/// Application version from Cargo.toml
const VERSION: &str = env!("CARGO_PKG_VERSION");
/// Dark theme layout wrapper for dashboard
pub fn layout_dark(
title: &str,
content: &str,
active_page: Option<&str>,
extra_scripts: &str,
) -> String {
format!(
r##"<!DOCTYPE html>
<html lang="en">
@@ -14,7 +22,7 @@ pub fn layout(title: &str, content: &str, active_page: Option<&str>) -> String {
.sidebar-open {{ overflow: hidden; }}
</style>
</head>
<body class="bg-slate-100 min-h-screen">
<body class="bg-[#0f172a] min-h-screen">
<div class="flex h-screen overflow-hidden">
<!-- Mobile sidebar overlay -->
<div id="sidebar-overlay" class="fixed inset-0 bg-black/50 z-40 hidden md:hidden" onclick="toggleSidebar()"></div>
@@ -51,16 +59,372 @@ pub fn layout(title: &str, content: &str, active_page: Option<&str>) -> String {
}}
}}
</script>
{}
</body>
</html>"##,
html_escape(title),
sidebar(active_page),
header(),
content
sidebar_dark(active_page),
header_dark(),
content,
extra_scripts
)
}
/// Sidebar navigation component
/// Dark theme sidebar
fn sidebar_dark(active_page: Option<&str>) -> String {
let active = active_page.unwrap_or("");
let docker_icon = r#"<path fill="currentColor" d="M13.983 11.078h2.119a.186.186 0 00.186-.185V9.006a.186.186 0 00-.186-.186h-2.119a.185.185 0 00-.185.185v1.888c0 .102.083.185.185.185m-2.954-5.43h2.118a.186.186 0 00.186-.186V3.574a.186.186 0 00-.186-.185h-2.118a.185.185 0 00-.185.185v1.888c0 .102.082.185.185.186m0 2.716h2.118a.187.187 0 00.186-.186V6.29a.186.186 0 00-.186-.185h-2.118a.185.185 0 00-.185.185v1.887c0 .102.082.185.185.186m-2.93 0h2.12a.186.186 0 00.184-.186V6.29a.185.185 0 00-.185-.185H8.1a.185.185 0 00-.185.185v1.887c0 .102.083.185.185.186m-2.964 0h2.119a.186.186 0 00.185-.186V6.29a.185.185 0 00-.185-.185H5.136a.186.186 0 00-.186.185v1.887c0 .102.084.185.186.186m5.893 2.715h2.118a.186.186 0 00.186-.185V9.006a.186.186 0 00-.186-.186h-2.118a.185.185 0 00-.185.185v1.888c0 .102.082.185.185.185m-2.93 0h2.12a.185.185 0 00.184-.185V9.006a.185.185 0 00-.184-.186h-2.12a.185.185 0 00-.184.185v1.888c0 .102.083.185.185.185m-2.964 0h2.119a.185.185 0 00.185-.185V9.006a.185.185 0 00-.185-.186h-2.12a.186.186 0 00-.185.186v1.887c0 .102.084.185.186.185m-2.92 0h2.12a.185.185 0 00.184-.185V9.006a.185.185 0 00-.184-.186h-2.12a.185.185 0 00-.184.185v1.888c0 .102.082.185.185.185M23.763 9.89c-.065-.051-.672-.51-1.954-.51-.338.001-.676.03-1.01.087-.248-1.7-1.653-2.53-1.716-2.566l-.344-.199-.226.327c-.284.438-.49.922-.612 1.43-.23.97-.09 1.882.403 2.661-.595.332-1.55.413-1.744.42H.751a.751.751 0 00-.75.748 11.376 11.376 0 00.692 4.062c.545 1.428 1.355 2.48 2.41 3.124 1.18.723 3.1 1.137 5.275 1.137.983.003 1.963-.086 2.93-.266a12.248 12.248 0 003.823-1.389c.98-.567 1.86-1.288 2.61-2.136 1.252-1.418 1.998-2.997 2.553-4.4h.221c1.372 0 2.215-.549 2.68-1.009.309-.293.55-.65.707-1.046l.098-.288Z"/>"#;
let maven_icon = r#"<path fill="currentColor" d="M12 2C6.48 2 2 6.48 2 12s4.48 10 10 10 10-4.48 10-10S17.52 2 12 2zm-1 17.93c-3.95-.49-7-3.85-7-7.93 0-.62.08-1.21.21-1.79L9 15v1c0 1.1.9 2 2 2v1.93zm6.9-2.54c-.26-.81-1-1.39-1.9-1.39h-1v-3c0-.55-.45-1-1-1H8v-2h2c.55 0 1-.45 1-1V7h2c1.1 0 2-.9 2-2v-.41c2.93 1.19 5 4.06 5 7.41 0 2.08-.8 3.97-2.1 5.39z"/>"#;
let npm_icon = r#"<path fill="currentColor" d="M0 7.334v8h6.666v1.332H12v-1.332h12v-8H0zm6.666 6.664H5.334v-4H3.999v4H1.335V8.667h5.331v5.331zm4 0v1.336H8.001V8.667h5.334v5.332h-2.669v-.001zm12.001 0h-1.33v-4h-1.336v4h-1.335v-4h-1.33v4h-2.671V8.667h8.002v5.331zM10.665 10H12v2.667h-1.335V10z"/>"#;
let cargo_icon = r#"<path fill="currentColor" d="M23.834 8.101a13.912 13.912 0 0 1-13.643 11.72 10.105 10.105 0 0 1-1.994-.12 6.111 6.111 0 0 1-5.082-5.761 5.934 5.934 0 0 1 11.867-.084c.025.983-.401 1.846-1.277 1.871-.936 0-1.374-.668-1.374-1.567v-2.5a1.531 1.531 0 0 0-1.52-1.533H8.715a3.648 3.648 0 1 0 2.695 6.08l.073-.11.074.121a2.58 2.58 0 0 0 2.2 1.048 2.909 2.909 0 0 0 2.695-3.04 7.912 7.912 0 0 0-.217-1.933 7.404 7.404 0 0 0-14.64 1.603 7.497 7.497 0 0 0 7.308 7.405 12.822 12.822 0 0 0 2.14-.12 11.927 11.927 0 0 0 9.98-10.023.117.117 0 0 0-.043-.117.115.115 0 0 0-.084-.023l-.09.024a.116.116 0 0 1-.147-.085.116.116 0 0 1 .054-.133zm-14.49 7.072a2.162 2.162 0 1 1 0-4.324 2.162 2.162 0 0 1 0 4.324z"/>"#;
let pypi_icon = r#"<path fill="currentColor" d="M14.25.18l.9.2.73.26.59.3.45.32.34.34.25.34.16.33.1.3.04.26.02.2-.01.13V8.5l-.05.63-.13.55-.21.46-.26.38-.3.31-.33.25-.35.19-.35.14-.33.1-.3.07-.26.04-.21.02H8.83l-.69.05-.59.14-.5.22-.41.27-.33.32-.27.35-.2.36-.15.37-.1.35-.07.32-.04.27-.02.21v3.06H3.23l-.21-.03-.28-.07-.32-.12-.35-.18-.36-.26-.36-.36-.35-.46-.32-.59-.28-.73-.21-.88-.14-1.05L0 11.97l.06-1.22.16-1.04.24-.87.32-.71.36-.57.4-.44.42-.33.42-.24.4-.16.36-.1.32-.05.24-.01h.16l.06.01h8.16v-.83H6.24l-.01-2.75-.02-.37.05-.34.11-.31.17-.28.25-.26.31-.23.38-.2.44-.18.51-.15.58-.12.64-.1.71-.06.77-.04.84-.02 1.27.05 1.07.13zm-6.3 1.98l-.23.33-.08.41.08.41.23.34.33.22.41.09.41-.09.33-.22.23-.34.08-.41-.08-.41-.23-.33-.33-.22-.41-.09-.41.09-.33.22zM21.1 6.11l.28.06.32.12.35.18.36.27.36.35.35.47.32.59.28.73.21.88.14 1.04.05 1.23-.06 1.23-.16 1.04-.24.86-.32.71-.36.57-.4.45-.42.33-.42.24-.4.16-.36.09-.32.05-.24.02-.16-.01h-8.22v.82h5.84l.01 2.76.02.36-.05.34-.11.31-.17.29-.25.25-.31.24-.38.2-.44.17-.51.15-.58.13-.64.09-.71.07-.77.04-.84.01-1.27-.04-1.07-.14-.9-.2-.73-.25-.59-.3-.45-.33-.34-.34-.25-.34-.16-.33-.1-.3-.04-.25-.02-.2.01-.13v-5.34l.05-.64.13-.54.21-.46.26-.38.3-.32.33-.24.35-.2.35-.14.33-.1.3-.06.26-.04.21-.02.13-.01h5.84l.69-.05.59-.14.5-.21.41-.28.33-.32.27-.35.2-.36.15-.36.1-.35.07-.32.04-.28.02-.21V6.07h2.09l.14.01.21.03zm-6.47 14.25l-.23.33-.08.41.08.41.23.33.33.23.41.08.41-.08.33-.23.23-.33.08-.41-.08-.41-.23-.33-.33-.23-.41-.08-.41.08-.33.23z"/>"#;
let nav_items = [
(
"dashboard",
"/ui/",
"Dashboard",
r#"<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M3 12l2-2m0 0l7-7 7 7M5 10v10a1 1 0 001 1h3m10-11l2 2m-2-2v10a1 1 0 01-1 1h-3m-6 0a1 1 0 001-1v-4a1 1 0 011-1h2a1 1 0 011 1v4a1 1 0 001 1m-6 0h6"/>"#,
true,
),
("docker", "/ui/docker", "Docker", docker_icon, false),
("maven", "/ui/maven", "Maven", maven_icon, false),
("npm", "/ui/npm", "npm", npm_icon, false),
("cargo", "/ui/cargo", "Cargo", cargo_icon, false),
("pypi", "/ui/pypi", "PyPI", pypi_icon, false),
];
let nav_html: String = nav_items.iter().map(|(id, href, label, icon_path, is_stroke)| {
let is_active = active == *id;
let active_class = if is_active {
"bg-slate-700 text-white"
} else {
"text-slate-300 hover:bg-slate-700 hover:text-white"
};
let (fill_attr, stroke_attr) = if *is_stroke {
("none", r#" stroke="currentColor""#)
} else {
("currentColor", "")
};
format!(r##"
<a href="{}" class="flex items-center px-4 py-3 text-sm font-medium rounded-lg transition-colors {}">
<svg class="w-5 h-5 mr-3" fill="{}"{} viewBox="0 0 24 24">
{}
</svg>
{}
</a>
"##, href, active_class, fill_attr, stroke_attr, icon_path, label)
}).collect();
format!(
r#"
<div id="sidebar" class="fixed md:static inset-y-0 left-0 z-50 w-64 bg-slate-800 text-white flex flex-col transform -translate-x-full md:translate-x-0 transition-transform duration-200 ease-in-out">
<div class="h-16 flex items-center justify-between px-6 border-b border-slate-700">
<div class="flex items-center">
<img src="{}" alt="NORA" class="h-8" />
</div>
<button onclick="toggleSidebar()" class="md:hidden p-1 rounded-lg hover:bg-slate-700">
<svg class="w-6 h-6" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M6 18L18 6M6 6l12 12"/>
</svg>
</button>
</div>
<nav class="flex-1 px-4 py-6 space-y-1 overflow-y-auto">
<div class="text-xs font-semibold text-slate-400 uppercase tracking-wider px-4 mb-3">
Navigation
</div>
{}
<div class="text-xs font-semibold text-slate-400 uppercase tracking-wider px-4 mt-8 mb-3">
Registries
</div>
</nav>
<div class="px-4 py-4 border-t border-slate-700">
<div class="text-xs text-slate-400">
Nora v{}
</div>
</div>
</div>
"#,
super::logo::LOGO_BASE64,
nav_html,
VERSION
)
}
/// Dark theme header
fn header_dark() -> String {
r##"
<header class="h-16 bg-[#1e293b] border-b border-slate-700 flex items-center justify-between px-4 md:px-6">
<div class="flex items-center">
<button onclick="toggleSidebar()" class="md:hidden p-2 -ml-2 mr-2 rounded-lg hover:bg-slate-700">
<svg class="w-6 h-6 text-slate-300" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 6h16M4 12h16M4 18h16"/>
</svg>
</button>
<div class="md:hidden flex items-center">
<span class="font-bold text-slate-200 tracking-tight">N<span class="inline-block w-4 h-4 rounded-full border-2 border-current align-middle mx-px"></span>RA</span>
</div>
</div>
<div class="flex items-center space-x-2 md:space-x-4">
<a href="https://github.com/getnora-io/nora" target="_blank" class="p-2 text-slate-400 hover:text-slate-200 hover:bg-slate-700 rounded-lg">
<svg class="w-5 h-5" fill="currentColor" viewBox="0 0 24 24">
<path fill-rule="evenodd" d="M12 2C6.477 2 2 6.484 2 12.017c0 4.425 2.865 8.18 6.839 9.504.5.092.682-.217.682-.483 0-.237-.008-.868-.013-1.703-2.782.605-3.369-1.343-3.369-1.343-.454-1.158-1.11-1.466-1.11-1.466-.908-.62.069-.608.069-.608 1.003.07 1.531 1.032 1.531 1.032.892 1.53 2.341 1.088 2.91.832.092-.647.35-1.088.636-1.338-2.22-.253-4.555-1.113-4.555-4.951 0-1.093.39-1.988 1.029-2.688-.103-.253-.446-1.272.098-2.65 0 0 .84-.27 2.75 1.026A9.564 9.564 0 0112 6.844c.85.004 1.705.115 2.504.337 1.909-1.296 2.747-1.027 2.747-1.027.546 1.379.202 2.398.1 2.651.64.7 1.028 1.595 1.028 2.688 0 3.848-2.339 4.695-4.566 4.943.359.309.678.92.678 1.855 0 1.338-.012 2.419-.012 2.747 0 .268.18.58.688.482A10.019 10.019 0 0022 12.017C22 6.484 17.522 2 12 2z" clip-rule="evenodd"/>
</svg>
</a>
<a href="/api-docs" class="p-2 text-slate-400 hover:text-slate-200 hover:bg-slate-700 rounded-lg" title="API Docs">
<svg class="w-5 h-5" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M9 12h6m-6 4h6m2 5H7a2 2 0 01-2-2V5a2 2 0 012-2h5.586a1 1 0 01.707.293l5.414 5.414a1 1 0 01.293.707V19a2 2 0 01-2 2z"/>
</svg>
</a>
</div>
</header>
"##.to_string()
}
/// Render global stats row (5-column grid)
pub fn render_global_stats(
downloads: u64,
uploads: u64,
artifacts: u64,
cache_hit_percent: f64,
storage_bytes: u64,
) -> String {
format!(
r##"
<div class="grid grid-cols-2 md:grid-cols-3 lg:grid-cols-5 gap-4 mb-6">
<div class="bg-[#1e293b] rounded-lg p-4 border border-slate-700">
<div class="text-slate-400 text-sm mb-1">Downloads</div>
<div id="stat-downloads" class="text-2xl font-bold text-slate-200">{}</div>
</div>
<div class="bg-[#1e293b] rounded-lg p-4 border border-slate-700">
<div class="text-slate-400 text-sm mb-1">Uploads</div>
<div id="stat-uploads" class="text-2xl font-bold text-slate-200">{}</div>
</div>
<div class="bg-[#1e293b] rounded-lg p-4 border border-slate-700">
<div class="text-slate-400 text-sm mb-1">Artifacts</div>
<div id="stat-artifacts" class="text-2xl font-bold text-slate-200">{}</div>
</div>
<div class="bg-[#1e293b] rounded-lg p-4 border border-slate-700">
<div class="text-slate-400 text-sm mb-1">Cache Hit</div>
<div id="stat-cache-hit" class="text-2xl font-bold text-slate-200">{:.1}%</div>
</div>
<div class="bg-[#1e293b] rounded-lg p-4 border border-slate-700">
<div class="text-slate-400 text-sm mb-1">Storage</div>
<div id="stat-storage" class="text-2xl font-bold text-slate-200">{}</div>
</div>
</div>
"##,
downloads,
uploads,
artifacts,
cache_hit_percent,
format_size(storage_bytes)
)
}
/// Render registry card with extended metrics
pub fn render_registry_card(
name: &str,
icon_path: &str,
artifact_count: usize,
downloads: u64,
uploads: u64,
size_bytes: u64,
href: &str,
) -> String {
format!(
r##"
<a href="{}" id="registry-{}" class="block bg-[#1e293b] rounded-lg border border-slate-700 p-4 md:p-6 hover:border-blue-400 transition-all">
<div class="flex items-center justify-between mb-3">
<svg class="w-8 h-8 text-slate-400" fill="currentColor" viewBox="0 0 24 24">
{}
</svg>
<span class="text-xs font-medium text-green-400 bg-green-400/10 px-2 py-1 rounded-full">ACTIVE</span>
</div>
<div class="text-lg font-semibold text-slate-200 mb-2">{}</div>
<div class="grid grid-cols-2 gap-2 text-sm">
<div>
<span class="text-slate-500">Artifacts</span>
<div class="text-slate-300 font-medium">{}</div>
</div>
<div>
<span class="text-slate-500">Size</span>
<div class="text-slate-300 font-medium">{}</div>
</div>
<div>
<span class="text-slate-500">Downloads</span>
<div class="text-slate-300 font-medium">{}</div>
</div>
<div>
<span class="text-slate-500">Uploads</span>
<div class="text-slate-300 font-medium">{}</div>
</div>
</div>
</a>
"##,
href,
name.to_lowercase(),
icon_path,
name,
artifact_count,
format_size(size_bytes),
downloads,
uploads
)
}
/// Render mount points table
pub fn render_mount_points_table(mount_points: &[(String, String, Option<String>)]) -> String {
let rows: String = mount_points
.iter()
.map(|(registry, mount_path, proxy)| {
let proxy_display = proxy.as_deref().unwrap_or("-");
format!(
r##"
<tr class="border-b border-slate-700">
<td class="py-3 text-slate-300">{}</td>
<td class="py-3 font-mono text-blue-400">{}</td>
<td class="py-3 text-slate-400">{}</td>
</tr>
"##,
registry, mount_path, proxy_display
)
})
.collect();
format!(
r##"
<div class="bg-[#1e293b] rounded-lg border border-slate-700 overflow-hidden">
<div class="px-4 py-3 border-b border-slate-700">
<h3 class="text-slate-200 font-semibold">Mount Points</h3>
</div>
<table class="w-full">
<thead>
<tr class="text-left text-xs text-slate-500 uppercase border-b border-slate-700">
<th class="px-4 py-2">Registry</th>
<th class="px-4 py-2">Mount Path</th>
<th class="px-4 py-2">Proxy Upstream</th>
</tr>
</thead>
<tbody class="px-4">
{}
</tbody>
</table>
</div>
"##,
rows
)
}
/// Render a single activity log row
pub fn render_activity_row(
timestamp: &str,
action: &str,
artifact: &str,
registry: &str,
source: &str,
) -> String {
let action_color = match action {
"PULL" => "text-blue-400",
"PUSH" => "text-green-400",
"CACHE" => "text-yellow-400",
"PROXY" => "text-purple-400",
_ => "text-slate-400",
};
format!(
r##"
<tr class="border-b border-slate-700/50 text-sm">
<td class="py-2 text-slate-500">{}</td>
<td class="py-2 font-medium {}"><span class="px-2 py-0.5 bg-slate-700 rounded">{}</span></td>
<td class="py-2 text-slate-300 font-mono text-xs">{}</td>
<td class="py-2 text-slate-400">{}</td>
<td class="py-2 text-slate-500">{}</td>
</tr>
"##,
timestamp,
action_color,
action,
html_escape(artifact),
registry,
source
)
}
/// Render the activity log container
pub fn render_activity_log(rows: &str) -> String {
format!(
r##"
<div class="bg-[#1e293b] rounded-lg border border-slate-700 overflow-hidden">
<div class="px-4 py-3 border-b border-slate-700">
<h3 class="text-slate-200 font-semibold">Recent Activity</h3>
</div>
<div class="overflow-x-auto">
<table class="w-full" id="activity-log">
<thead>
<tr class="text-left text-xs text-slate-500 uppercase border-b border-slate-700">
<th class="px-4 py-2">Time</th>
<th class="px-4 py-2">Action</th>
<th class="px-4 py-2">Artifact</th>
<th class="px-4 py-2">Registry</th>
<th class="px-4 py-2">Source</th>
</tr>
</thead>
<tbody class="px-4">
{}
</tbody>
</table>
</div>
</div>
"##,
rows
)
}
/// Render the polling script for auto-refresh
pub fn render_polling_script() -> String {
r##"
<script>
setInterval(async () => {
try {
const data = await fetch('/api/ui/dashboard').then(r => r.json());
// Update global stats
document.getElementById('stat-downloads').textContent = data.global_stats.downloads;
document.getElementById('stat-uploads').textContent = data.global_stats.uploads;
document.getElementById('stat-artifacts').textContent = data.global_stats.artifacts;
document.getElementById('stat-cache-hit').textContent = data.global_stats.cache_hit_percent.toFixed(1) + '%';
// Format storage size
const bytes = data.global_stats.storage_bytes;
let sizeStr;
if (bytes >= 1073741824) sizeStr = (bytes / 1073741824).toFixed(1) + ' GB';
else if (bytes >= 1048576) sizeStr = (bytes / 1048576).toFixed(1) + ' MB';
else if (bytes >= 1024) sizeStr = (bytes / 1024).toFixed(1) + ' KB';
else sizeStr = bytes + ' B';
document.getElementById('stat-storage').textContent = sizeStr;
// Update uptime
const uptime = document.getElementById('uptime');
if (uptime) {
const secs = data.uptime_seconds;
const hours = Math.floor(secs / 3600);
const mins = Math.floor((secs % 3600) / 60);
uptime.textContent = hours + 'h ' + mins + 'm';
}
} catch (e) {
console.error('Dashboard poll failed:', e);
}
}, 5000);
</script>
"##.to_string()
}
/// Sidebar navigation component (light theme, unused)
#[allow(dead_code)]
fn sidebar(active_page: Option<&str>) -> String {
let active = active_page.unwrap_or("");
@@ -142,17 +506,19 @@ fn sidebar(active_page: Option<&str>) -> String {
<!-- Footer -->
<div class="px-4 py-4 border-t border-slate-700">
<div class="text-xs text-slate-400">
Nora v0.2.0
Nora v{}
</div>
</div>
</div>
"#,
super::logo::LOGO_BASE64,
nav_html
nav_html,
VERSION
)
}
/// Header component
/// Header component (light theme, unused)
#[allow(dead_code)]
fn header() -> String {
r##"
<header class="h-16 bg-white border-b border-slate-200 flex items-center justify-between px-4 md:px-6">
@@ -193,7 +559,8 @@ pub mod icons {
pub const PYPI: &str = r#"<path fill="currentColor" d="M14.25.18l.9.2.73.26.59.3.45.32.34.34.25.34.16.33.1.3.04.26.02.2-.01.13V8.5l-.05.63-.13.55-.21.46-.26.38-.3.31-.33.25-.35.19-.35.14-.33.1-.3.07-.26.04-.21.02H8.83l-.69.05-.59.14-.5.22-.41.27-.33.32-.27.35-.2.36-.15.37-.1.35-.07.32-.04.27-.02.21v3.06H3.23l-.21-.03-.28-.07-.32-.12-.35-.18-.36-.26-.36-.36-.35-.46-.32-.59-.28-.73-.21-.88-.14-1.05L0 11.97l.06-1.22.16-1.04.24-.87.32-.71.36-.57.4-.44.42-.33.42-.24.4-.16.36-.1.32-.05.24-.01h.16l.06.01h8.16v-.83H6.24l-.01-2.75-.02-.37.05-.34.11-.31.17-.28.25-.26.31-.23.38-.2.44-.18.51-.15.58-.12.64-.1.71-.06.77-.04.84-.02 1.27.05 1.07.13zm-6.3 1.98l-.23.33-.08.41.08.41.23.34.33.22.41.09.41-.09.33-.22.23-.34.08-.41-.08-.41-.23-.33-.33-.22-.41-.09-.41.09-.33.22zM21.1 6.11l.28.06.32.12.35.18.36.27.36.35.35.47.32.59.28.73.21.88.14 1.04.05 1.23-.06 1.23-.16 1.04-.24.86-.32.71-.36.57-.4.45-.42.33-.42.24-.4.16-.36.09-.32.05-.24.02-.16-.01h-8.22v.82h5.84l.01 2.76.02.36-.05.34-.11.31-.17.29-.25.25-.31.24-.38.2-.44.17-.51.15-.58.13-.64.09-.71.07-.77.04-.84.01-1.27-.04-1.07-.14-.9-.2-.73-.25-.59-.3-.45-.33-.34-.34-.25-.34-.16-.33-.1-.3-.04-.25-.02-.2.01-.13v-5.34l.05-.64.13-.54.21-.46.26-.38.3-.32.33-.24.35-.2.35-.14.33-.1.3-.06.26-.04.21-.02.13-.01h5.84l.69-.05.59-.14.5-.21.41-.28.33-.32.27-.35.2-.36.15-.36.1-.35.07-.32.04-.28.02-.21V6.07h2.09l.14.01.21.03zm-6.47 14.25l-.23.33-.08.41.08.41.23.33.33.23.41.08.41-.08.33-.23.23-.33.08-.41-.08-.41-.23-.33-.33-.23-.41-.08-.41.08-.33.23z"/>"#;
}
/// Stat card for dashboard with SVG icon
/// Stat card for dashboard with SVG icon (used in light theme pages)
#[allow(dead_code)]
pub fn stat_card(name: &str, icon_path: &str, count: usize, href: &str, unit: &str) -> String {
format!(
r##"

5
nora-registry/src/ui/mod.rs
View File

@@ -33,6 +33,7 @@ pub fn routes() -> Router<Arc<AppState>> {
.route("/ui/pypi/{name}", get(pypi_detail))
// API endpoints for HTMX
.route("/api/ui/stats", get(api_stats))
.route("/api/ui/dashboard", get(api_dashboard))
.route("/api/ui/{registry_type}/list", get(api_list))
.route("/api/ui/{registry_type}/{name}", get(api_detail))
.route("/api/ui/{registry_type}/search", get(api_search))
@@ -40,8 +41,8 @@ pub fn routes() -> Router<Arc<AppState>> {
// Dashboard page
async fn dashboard(State(state): State<Arc<AppState>>) -> impl IntoResponse {
let stats = get_registry_stats(&state.storage).await;
Html(render_dashboard(&stats))
let response = api_dashboard(State(state)).await.0;
Html(render_dashboard(&response))
}
// Docker pages

352
nora-registry/src/ui/templates.rs
View File

@@ -1,78 +1,139 @@
use super::api::{DockerDetail, MavenDetail, PackageDetail, RegistryStats, RepoInfo};
use super::api::{DashboardResponse, DockerDetail, MavenDetail, PackageDetail, RepoInfo};
use super::components::*;
/// Renders the main dashboard page
pub fn render_dashboard(stats: &RegistryStats) -> String {
let content = format!(
r##"
<div class="mb-8">
<h1 class="text-2xl font-bold text-slate-800 mb-2">Dashboard</h1>
<p class="text-slate-500">Overview of all registries</p>
</div>
<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-5 gap-6 mb-8">
{}
{}
{}
{}
{}
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 p-6">
<h2 class="text-lg font-semibold text-slate-800 mb-4">Quick Links</h2>
<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 gap-4">
<a href="/ui/docker" class="flex items-center p-3 rounded-lg border border-slate-200 hover:border-blue-300 hover:bg-blue-50 transition-colors">
<svg class="w-8 h-8 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<div>
<div class="font-medium text-slate-700">Docker Registry</div>
<div class="text-sm text-slate-500">API: /v2/</div>
</div>
</a>
<a href="/ui/maven" class="flex items-center p-3 rounded-lg border border-slate-200 hover:border-blue-300 hover:bg-blue-50 transition-colors">
<svg class="w-8 h-8 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<div>
<div class="font-medium text-slate-700">Maven Repository</div>
<div class="text-sm text-slate-500">API: /maven2/</div>
</div>
</a>
<a href="/ui/npm" class="flex items-center p-3 rounded-lg border border-slate-200 hover:border-blue-300 hover:bg-blue-50 transition-colors">
<svg class="w-8 h-8 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<div>
<div class="font-medium text-slate-700">npm Registry</div>
<div class="text-sm text-slate-500">API: /npm/</div>
</div>
</a>
<a href="/ui/cargo" class="flex items-center p-3 rounded-lg border border-slate-200 hover:border-blue-300 hover:bg-blue-50 transition-colors">
<svg class="w-8 h-8 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<div>
<div class="font-medium text-slate-700">Cargo Registry</div>
<div class="text-sm text-slate-500">API: /cargo/</div>
</div>
</a>
<a href="/ui/pypi" class="flex items-center p-3 rounded-lg border border-slate-200 hover:border-blue-300 hover:bg-blue-50 transition-colors">
<svg class="w-8 h-8 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<div>
<div class="font-medium text-slate-700">PyPI Repository</div>
<div class="text-sm text-slate-500">API: /simple/</div>
</div>
</a>
</div>
</div>
"##,
stat_card("Docker", icons::DOCKER, stats.docker, "/ui/docker", "images"),
stat_card("Maven", icons::MAVEN, stats.maven, "/ui/maven", "artifacts"),
stat_card("npm", icons::NPM, stats.npm, "/ui/npm", "packages"),
stat_card("Cargo", icons::CARGO, stats.cargo, "/ui/cargo", "crates"),
stat_card("PyPI", icons::PYPI, stats.pypi, "/ui/pypi", "packages"),
// Quick Links icons
icons::DOCKER,
icons::MAVEN,
icons::NPM,
icons::CARGO,
icons::PYPI,
/// Renders the main dashboard page with dark theme
pub fn render_dashboard(data: &DashboardResponse) -> String {
// Render global stats
let global_stats = render_global_stats(
data.global_stats.downloads,
data.global_stats.uploads,
data.global_stats.artifacts,
data.global_stats.cache_hit_percent,
data.global_stats.storage_bytes,
);
layout("Dashboard", &content, Some("dashboard"))
// Render registry cards
let registry_cards: String = data
.registry_stats
.iter()
.map(|r| {
let icon = match r.name.as_str() {
"docker" => icons::DOCKER,
"maven" => icons::MAVEN,
"npm" => icons::NPM,
"cargo" => icons::CARGO,
"pypi" => icons::PYPI,
_ => icons::DOCKER,
};
let display_name = match r.name.as_str() {
"docker" => "Docker",
"maven" => "Maven",
"npm" => "npm",
"cargo" => "Cargo",
"pypi" => "PyPI",
_ => &r.name,
};
render_registry_card(
display_name,
icon,
r.artifact_count,
r.downloads,
r.uploads,
r.size_bytes,
&format!("/ui/{}", r.name),
)
})
.collect();
// Render mount points
let mount_data: Vec<(String, String, Option<String>)> = data
.mount_points
.iter()
.map(|m| {
(
m.registry.clone(),
m.mount_path.clone(),
m.proxy_upstream.clone(),
)
})
.collect();
let mount_points = render_mount_points_table(&mount_data);
// Render activity log
let activity_rows: String = if data.activity.is_empty() {
r##"<tr><td colspan="5" class="py-8 text-center text-slate-500">No recent activity</td></tr>"##.to_string()
} else {
data.activity
.iter()
.map(|entry| {
let time_ago = format_relative_time(&entry.timestamp);
render_activity_row(
&time_ago,
&entry.action.to_string(),
&entry.artifact,
&entry.registry,
&entry.source,
)
})
.collect()
};
let activity_log = render_activity_log(&activity_rows);
// Format uptime
let hours = data.uptime_seconds / 3600;
let mins = (data.uptime_seconds % 3600) / 60;
let uptime_str = format!("{}h {}m", hours, mins);
let content = format!(
r##"
<div class="mb-6">
<div class="flex items-center justify-between">
<div>
<h1 class="text-2xl font-bold text-slate-200 mb-1">Dashboard</h1>
<p class="text-slate-400">Overview of all registries</p>
</div>
<div class="text-right">
<div class="text-sm text-slate-500">Uptime</div>
<div id="uptime" class="text-lg font-semibold text-slate-300">{}</div>
</div>
</div>
</div>
{}
<div class="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-3 xl:grid-cols-5 gap-4 mb-6">
{}
</div>
<div class="grid grid-cols-1 lg:grid-cols-2 gap-6">
{}
{}
</div>
"##,
uptime_str, global_stats, registry_cards, mount_points, activity_log,
);
let polling_script = render_polling_script();
layout_dark("Dashboard", &content, Some("dashboard"), &polling_script)
}
/// Format timestamp as relative time (e.g., "2 min ago")
fn format_relative_time(timestamp: &chrono::DateTime<chrono::Utc>) -> String {
let now = chrono::Utc::now();
let diff = now.signed_duration_since(*timestamp);
if diff.num_seconds() < 60 {
"just now".to_string()
} else if diff.num_minutes() < 60 {
let mins = diff.num_minutes();
format!("{} min{} ago", mins, if mins == 1 { "" } else { "s" })
} else if diff.num_hours() < 24 {
let hours = diff.num_hours();
format!("{} hour{} ago", hours, if hours == 1 { "" } else { "s" })
} else {
let days = diff.num_days();
format!("{} day{} ago", days, if days == 1 { "" } else { "s" })
}
}
/// Renders a registry list page (docker, maven, npm, cargo, pypi)
@@ -94,12 +155,12 @@ pub fn render_registry_list(registry_type: &str, title: &str, repos: &[RepoInfo]
format!("/ui/{}/{}", registry_type, encode_uri_component(&repo.name));
format!(
r##"
<tr class="hover:bg-slate-50 cursor-pointer" onclick="window.location='{}'">
<tr class="hover:bg-slate-700 cursor-pointer" onclick="window.location='{}'">
<td class="px-6 py-4">
<a href="{}" class="text-blue-600 hover:text-blue-800 font-medium">{}</a>
<a href="{}" class="text-blue-400 hover:text-blue-300 font-medium">{}</a>
</td>
<td class="px-6 py-4 text-slate-600">{}</td>
<td class="px-6 py-4 text-slate-600">{}</td>
<td class="px-6 py-4 text-slate-400">{}</td>
<td class="px-6 py-4 text-slate-400">{}</td>
<td class="px-6 py-4 text-slate-500 text-sm">{}</td>
</tr>
"##,
@@ -125,9 +186,9 @@ pub fn render_registry_list(registry_type: &str, title: &str, repos: &[RepoInfo]
r##"
<div class="mb-6 flex items-center justify-between">
<div class="flex items-center">
<svg class="w-10 h-10 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<svg class="w-10 h-10 mr-3 text-slate-400" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<div>
<h1 class="text-2xl font-bold text-slate-800">{}</h1>
<h1 class="text-2xl font-bold text-slate-200">{}</h1>
<p class="text-slate-500">{} repositories</p>
</div>
</div>
@@ -135,29 +196,29 @@ pub fn render_registry_list(registry_type: &str, title: &str, repos: &[RepoInfo]
<div class="relative">
<input type="text"
placeholder="Search repositories..."
class="pl-10 pr-4 py-2 border border-slate-300 rounded-lg focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent"
class="pl-10 pr-4 py-2 bg-slate-800 border border-slate-600 text-slate-200 rounded-lg focus:outline-none focus:ring-2 focus:ring-blue-500 focus:border-transparent placeholder-slate-500"
hx-get="/api/ui/{}/search"
hx-trigger="keyup changed delay:300ms"
hx-target="#repo-table-body"
name="q">
<svg class="absolute left-3 top-2.5 h-5 w-5 text-slate-400" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<svg class="absolute left-3 top-2.5 h-5 w-5 text-slate-500" fill="none" stroke="currentColor" viewBox="0 0 24 24">
<path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M21 21l-6-6m2-5a7 7 0 11-14 0 7 7 0 0114 0z"/>
</svg>
</div>
</div>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 overflow-hidden">
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 overflow-hidden">
<table class="w-full">
<thead class="bg-slate-50 border-b border-slate-200">
<thead class="bg-slate-800 border-b border-slate-700">
<tr>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Name</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">{}</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Updated</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Name</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">{}</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Updated</th>
</tr>
</thead>
<tbody id="repo-table-body" class="divide-y divide-slate-200">
<tbody id="repo-table-body" class="divide-y divide-slate-700">
{}
</tbody>
</table>
@@ -171,7 +232,7 @@ pub fn render_registry_list(registry_type: &str, title: &str, repos: &[RepoInfo]
table_rows
);
layout(title, &content, Some(registry_type))
layout_dark(title, &content, Some(registry_type), "")
}
/// Renders Docker image detail page
@@ -185,11 +246,11 @@ pub fn render_docker_detail(name: &str, detail: &DockerDetail) -> String {
.map(|tag| {
format!(
r##"
<tr class="hover:bg-slate-50">
<tr class="hover:bg-slate-700">
<td class="px-6 py-4">
<span class="font-mono text-sm bg-slate-100 px-2 py-1 rounded">{}</span>
<span class="font-mono text-sm bg-slate-700 text-slate-200 px-2 py-1 rounded">{}</span>
</td>
<td class="px-6 py-4 text-slate-600">{}</td>
<td class="px-6 py-4 text-slate-400">{}</td>
<td class="px-6 py-4 text-slate-500 text-sm">{}</td>
</tr>
"##,
@@ -208,18 +269,18 @@ pub fn render_docker_detail(name: &str, detail: &DockerDetail) -> String {
r##"
<div class="mb-6">
<div class="flex items-center mb-2">
<a href="/ui/docker" class="text-blue-600 hover:text-blue-800">Docker Registry</a>
<span class="mx-2 text-slate-400">/</span>
<span class="text-slate-800 font-medium">{}</span>
<a href="/ui/docker" class="text-blue-400 hover:text-blue-300">Docker Registry</a>
<span class="mx-2 text-slate-500">/</span>
<span class="text-slate-200 font-medium">{}</span>
</div>
<div class="flex items-center">
<svg class="w-10 h-10 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<h1 class="text-2xl font-bold text-slate-800">{}</h1>
<svg class="w-10 h-10 mr-3 text-slate-400" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<h1 class="text-2xl font-bold text-slate-200">{}</h1>
</div>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 p-6 mb-6">
<h2 class="text-lg font-semibold text-slate-800 mb-3">Pull Command</h2>
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 p-6 mb-6">
<h2 class="text-lg font-semibold text-slate-200 mb-3">Pull Command</h2>
<div class="flex items-center bg-slate-900 text-green-400 rounded-lg p-4 font-mono text-sm">
<code class="flex-1">{}</code>
<button onclick="navigator.clipboard.writeText('{}')" class="ml-4 text-slate-400 hover:text-white transition-colors" title="Copy to clipboard">
@@ -230,19 +291,19 @@ pub fn render_docker_detail(name: &str, detail: &DockerDetail) -> String {
</div>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 overflow-hidden">
<div class="px-6 py-4 border-b border-slate-200">
<h2 class="text-lg font-semibold text-slate-800">Tags ({} total)</h2>
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 overflow-hidden">
<div class="px-6 py-4 border-b border-slate-700">
<h2 class="text-lg font-semibold text-slate-200">Tags ({} total)</h2>
</div>
<table class="w-full">
<thead class="bg-slate-50 border-b border-slate-200">
<thead class="bg-slate-800 border-b border-slate-700">
<tr>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Tag</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Created</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Tag</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Created</th>
</tr>
</thead>
<tbody class="divide-y divide-slate-200">
<tbody class="divide-y divide-slate-700">
{}
</tbody>
</table>
@@ -257,7 +318,7 @@ pub fn render_docker_detail(name: &str, detail: &DockerDetail) -> String {
tags_rows
);
layout(&format!("{} - Docker", name), &content, Some("docker"))
layout_dark(&format!("{} - Docker", name), &content, Some("docker"), "")
}
/// Renders package detail page (npm, cargo, pypi)
@@ -274,11 +335,11 @@ pub fn render_package_detail(registry_type: &str, name: &str, detail: &PackageDe
.map(|v| {
format!(
r##"
<tr class="hover:bg-slate-50">
<tr class="hover:bg-slate-700">
<td class="px-6 py-4">
<span class="font-mono text-sm bg-slate-100 px-2 py-1 rounded">{}</span>
<span class="font-mono text-sm bg-slate-700 text-slate-200 px-2 py-1 rounded">{}</span>
</td>
<td class="px-6 py-4 text-slate-600">{}</td>
<td class="px-6 py-4 text-slate-400">{}</td>
<td class="px-6 py-4 text-slate-500 text-sm">{}</td>
</tr>
"##,
@@ -305,18 +366,18 @@ pub fn render_package_detail(registry_type: &str, name: &str, detail: &PackageDe
r##"
<div class="mb-6">
<div class="flex items-center mb-2">
<a href="/ui/{}" class="text-blue-600 hover:text-blue-800">{}</a>
<span class="mx-2 text-slate-400">/</span>
<span class="text-slate-800 font-medium">{}</span>
<a href="/ui/{}" class="text-blue-400 hover:text-blue-300">{}</a>
<span class="mx-2 text-slate-500">/</span>
<span class="text-slate-200 font-medium">{}</span>
</div>
<div class="flex items-center">
<svg class="w-10 h-10 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<h1 class="text-2xl font-bold text-slate-800">{}</h1>
<svg class="w-10 h-10 mr-3 text-slate-400" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<h1 class="text-2xl font-bold text-slate-200">{}</h1>
</div>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 p-6 mb-6">
<h2 class="text-lg font-semibold text-slate-800 mb-3">Install Command</h2>
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 p-6 mb-6">
<h2 class="text-lg font-semibold text-slate-200 mb-3">Install Command</h2>
<div class="flex items-center bg-slate-900 text-green-400 rounded-lg p-4 font-mono text-sm">
<code class="flex-1">{}</code>
<button onclick="navigator.clipboard.writeText('{}')" class="ml-4 text-slate-400 hover:text-white transition-colors" title="Copy to clipboard">
@@ -327,19 +388,19 @@ pub fn render_package_detail(registry_type: &str, name: &str, detail: &PackageDe
</div>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 overflow-hidden">
<div class="px-6 py-4 border-b border-slate-200">
<h2 class="text-lg font-semibold text-slate-800">Versions ({} total)</h2>
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 overflow-hidden">
<div class="px-6 py-4 border-b border-slate-700">
<h2 class="text-lg font-semibold text-slate-200">Versions ({} total)</h2>
</div>
<table class="w-full">
<thead class="bg-slate-50 border-b border-slate-200">
<thead class="bg-slate-800 border-b border-slate-700">
<tr>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Version</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Published</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Version</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Published</th>
</tr>
</thead>
<tbody class="divide-y divide-slate-200">
<tbody class="divide-y divide-slate-700">
{}
</tbody>
</table>
@@ -356,10 +417,11 @@ pub fn render_package_detail(registry_type: &str, name: &str, detail: &PackageDe
versions_rows
);
layout(
layout_dark(
&format!("{} - {}", name, registry_title),
&content,
Some(registry_type),
"",
)
}
@@ -371,11 +433,11 @@ pub fn render_maven_detail(path: &str, detail: &MavenDetail) -> String {
detail.artifacts.iter().map(|a| {
let download_url = format!("/maven2/{}/{}", path, a.filename);
format!(r##"
<tr class="hover:bg-slate-50">
<tr class="hover:bg-slate-700">
<td class="px-6 py-4">
<a href="{}" class="text-blue-600 hover:text-blue-800 font-mono text-sm">{}</a>
<a href="{}" class="text-blue-400 hover:text-blue-300 font-mono text-sm">{}</a>
</td>
<td class="px-6 py-4 text-slate-600">{}</td>
<td class="px-6 py-4 text-slate-400">{}</td>
</tr>
"##, download_url, html_escape(&a.filename), format_size(a.size))
}).collect::<Vec<_>>().join("")
@@ -404,33 +466,33 @@ pub fn render_maven_detail(path: &str, detail: &MavenDetail) -> String {
r##"
<div class="mb-6">
<div class="flex items-center mb-2">
<a href="/ui/maven" class="text-blue-600 hover:text-blue-800">Maven Repository</a>
<span class="mx-2 text-slate-400">/</span>
<span class="text-slate-800 font-medium">{}</span>
<a href="/ui/maven" class="text-blue-400 hover:text-blue-300">Maven Repository</a>
<span class="mx-2 text-slate-500">/</span>
<span class="text-slate-200 font-medium">{}</span>
</div>
<div class="flex items-center">
<svg class="w-10 h-10 mr-3 text-slate-600" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<h1 class="text-2xl font-bold text-slate-800">{}</h1>
<svg class="w-10 h-10 mr-3 text-slate-400" fill="currentColor" viewBox="0 0 24 24">{}</svg>
<h1 class="text-2xl font-bold text-slate-200">{}</h1>
</div>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 p-6 mb-6">
<h2 class="text-lg font-semibold text-slate-800 mb-3">Maven Dependency</h2>
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 p-6 mb-6">
<h2 class="text-lg font-semibold text-slate-200 mb-3">Maven Dependency</h2>
<pre class="bg-slate-900 text-green-400 rounded-lg p-4 font-mono text-sm overflow-x-auto">{}</pre>
</div>
<div class="bg-white rounded-lg shadow-sm border border-slate-200 overflow-hidden">
<div class="px-6 py-4 border-b border-slate-200">
<h2 class="text-lg font-semibold text-slate-800">Artifacts ({} files)</h2>
<div class="bg-[#1e293b] rounded-lg shadow-sm border border-slate-700 overflow-hidden">
<div class="px-6 py-4 border-b border-slate-700">
<h2 class="text-lg font-semibold text-slate-200">Artifacts ({} files)</h2>
</div>
<table class="w-full">
<thead class="bg-slate-50 border-b border-slate-200">
<thead class="bg-slate-800 border-b border-slate-700">
<tr>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Filename</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-600 uppercase tracking-wider">Size</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Filename</th>
<th class="px-6 py-3 text-left text-xs font-semibold text-slate-400 uppercase tracking-wider">Size</th>
</tr>
</thead>
<tbody class="divide-y divide-slate-200">
<tbody class="divide-y divide-slate-700">
{}
</tbody>
</table>
@@ -444,7 +506,7 @@ pub fn render_maven_detail(path: &str, detail: &MavenDetail) -> String {
artifact_rows
);
layout(&format!("{} - Maven", path), &content, Some("maven"))
layout_dark(&format!("{} - Maven", path), &content, Some("maven"), "")
}
/// Returns SVG icon path for the registry type
@@ -455,7 +517,9 @@ fn get_registry_icon(registry_type: &str) -> &'static str {
"npm" => icons::NPM,
"cargo" => icons::CARGO,
"pypi" => icons::PYPI,
_ => r#"<path fill="currentColor" d="M10 4H4c-1.1 0-1.99.9-1.99 2L2 18c0 1.1.9 2 2 2h16c1.1 0 2-.9 2-2V8c0-1.1-.9-2-2-2h-8l-2-2z"/>"#,
_ => {
r#"<path fill="currentColor" d="M10 4H4c-1.1 0-1.99.9-1.99 2L2 18c0 1.1.9 2 2 2h16c1.1 0 2-.9 2-2V8c0-1.1-.9-2-2-2h-8l-2-2z"/>"#
}
}
}

3
nora-registry/src/validation.rs
View File

@@ -1,3 +1,4 @@
#![allow(dead_code)]
//! Input validation for artifact registry paths and identifiers
//!
//! Provides security validation to prevent path traversal attacks and
@@ -92,7 +93,7 @@ pub fn validate_storage_key(key: &str) -> Result<(), ValidationError> {
// Check each segment
for segment in key.split('/') {
if segment.is_empty() && key != "" {
if segment.is_empty() && !key.is_empty() {
// Allow trailing slash but not double slashes
continue;
}

4
nora-storage/src/main.rs
View File

@@ -133,9 +133,7 @@ async fn main() {
.expect("Failed to bind to address");
info!("nora-storage (S3 compatible) running on http://{}", addr);
axum::serve(listener, app)
.await
.expect("Server error");
axum::serve(listener, app).await.expect("Server error");
}
async fn list_buckets(State(state): State<Arc<AppState>>) -> Response {