From f7d9816f05e4031afc6490ca4e54a334494c0b7b Mon Sep 17 00:00:00 2001
From: Martin Braun <braun@neuroforge.de>
Date: Wed, 16 Oct 2024 09:28:21 +0200
Subject: [PATCH] fix distribution api calls (routing in express was wrong),
 enforce _ after the tenant name in resource names

---
 .gitignore          |  2 ++
 swarmgate/routes.ts | 13 ++-----------
 2 files changed, 4 insertions(+), 11 deletions(-)

diff --git a/.gitignore b/.gitignore
index c6bba59..c857434 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
+registry_auth_overrides.json
+
 # Logs
 logs
 *.log
diff --git a/swarmgate/routes.ts b/swarmgate/routes.ts
index 802b8f7..8252775 100644
--- a/swarmgate/routes.ts
+++ b/swarmgate/routes.ts
@@ -67,18 +67,10 @@ function getAuthForDockerImage(image: string): {
     registry: string
 } {
     let registry = getRegistryFromDockerImage(image);
-    console.log(`detected registry: ${registry} for image ${image}`);
     if (!registry) {
         registry = 'docker.io';
     }
     const auth = getAuthForRegistry(registry);
-    console.log(`auth for registry ${registry}: ${JSON.stringify({
-        anonymous: auth?.anonymous,
-        username: auth?.username,
-        email: auth?.email,
-        password: "***",
-        serveraddress: auth?.serveraddress
-    })}`);
     return {
         auth: auth,
         registry: registry
@@ -88,10 +80,9 @@ function getAuthForDockerImage(image: string): {
 
 export function setupRoutes(tenantLabelValue: string) {
     const router = express.Router();
-    const namePrefix = process.env.NAME_PREFIX || tenantLabelValue;
 
     function isResourceNameAllowed(name: string): boolean {
-        if (name.startsWith(namePrefix)) {
+        if (name.startsWith(tenantLabelValue + '_')) {
             return true;
         }
         return false;
@@ -224,7 +215,7 @@ export function setupRoutes(tenantLabelValue: string) {
     router.get('/:version?/info', proxyRequestToDockerWithStrippedAuthInfo);
 
     // make image resolution work
-    router.get('/:version?/distribution/:name/json', async (req: express.Request, res: express.Response) => {
+    router.get('/:version?/distribution/:name(*)/json', async (req: express.Request, res: express.Response) => {
         console.log("distribution json for image", req.params.name);
 
         stripAuthInfo(req);