pub trait ArtifactRegistry: Binding {
// Required methods
fn create_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_name: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<RepositoryResponse, AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
fn get_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<RepositoryResponse, AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
fn add_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
access: CrossAccountAccess,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
fn remove_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
access: CrossAccountAccess,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
fn get_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<CrossAccountPermissions, AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
fn generate_credentials<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
permissions: ArtifactRegistryPermissions,
ttl_seconds: Option<u32>,
) -> Pin<Box<dyn Future<Output = Result<ArtifactRegistryCredentials, AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
fn delete_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>
where 'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait;
// Provided methods
fn registry_endpoint(&self) -> String { ... }
fn upstream_repository_prefix(&self) -> String { ... }
}Expand description
A trait for artifact registry bindings that provide container image repository management.
Required Methods§
Sourcefn create_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_name: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<RepositoryResponse, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn create_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_name: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<RepositoryResponse, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Creates a repository within the artifact registry.
repo_name is the logical identifier the caller chose (e.g.
"my-app"). The implementation transforms it to the routable
platform-specific form before calling any backend API; what’s
returned in RepositoryResponse::name is the routable form.
On platforms where image paths are implicit (GAR, ACR, Local), this may not call any backend API — but it still returns a valid routable name.
Sourcefn get_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<RepositoryResponse, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn get_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<RepositoryResponse, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Gets repository details. repo_id is the routable name returned by
Self::create_repository; implementations MUST NOT re-apply
prefixing.
Sourcefn add_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
access: CrossAccountAccess,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn add_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
access: CrossAccountAccess,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Adds cross-account access permissions for a repository. This adds the specified permissions to any existing cross-account permissions.
repo_id is the routable name from Self::create_repository.
For AWS: grants access to specified account IDs with configurable principals and compute service types (ECR repository policy).
For GCP: grants access to serverless robots and service accounts on the parent GAR registry (image-path-level IAM is not supported).
For Azure: not supported — returns OperationNotSupported.
Sourcefn remove_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
access: CrossAccountAccess,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn remove_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
access: CrossAccountAccess,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Removes cross-account access permissions for a repository.
repo_id is the routable name from Self::create_repository.
For AWS: removes access from the ECR repository policy.
For GCP: removes IAM bindings on the parent GAR registry.
For Azure: not supported — returns OperationNotSupported.
Sourcefn get_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<CrossAccountPermissions, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn get_cross_account_access<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<CrossAccountPermissions, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Gets the current cross-account access permissions for a repository.
repo_id is the routable name from Self::create_repository.
For Azure: not supported — returns OperationNotSupported.
Sourcefn generate_credentials<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
permissions: ArtifactRegistryPermissions,
ttl_seconds: Option<u32>,
) -> Pin<Box<dyn Future<Output = Result<ArtifactRegistryCredentials, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn generate_credentials<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
permissions: ArtifactRegistryPermissions,
ttl_seconds: Option<u32>,
) -> Pin<Box<dyn Future<Output = Result<ArtifactRegistryCredentials, AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Generates credentials for accessing a repository with the specified permissions.
repo_id is the routable name from Self::create_repository.
Most platforms produce registry-scoped (not repo-scoped) credentials,
so repo_id typically only affects logging — not the credentials
themselves.
Sourcefn delete_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
fn delete_repository<'life0, 'life1, 'async_trait>(
&'life0 self,
repo_id: &'life1 str,
) -> Pin<Box<dyn Future<Output = Result<(), AlienError<ErrorData>>> + Send + 'async_trait>>where
'life0: 'async_trait,
'life1: 'async_trait,
Self: 'async_trait,
Deletes a repository and all contained images.
repo_id is the routable name from Self::create_repository.
Implementations MUST NOT delete the parent registry (which is owned
by alien-infra); on platforms with implicit image paths (GAR, ACR,
Local) this is a no-op.
Provided Methods§
Sourcefn registry_endpoint(&self) -> String
fn registry_endpoint(&self) -> String
Returns the raw registry endpoint URL (e.g., “https://123456.dkr.ecr.us-east-1.amazonaws.com” or “http://localhost:5000”). Used by the push proxy to forward requests transparently.
Default returns empty string — cloud provider implementations should override.
Sourcefn upstream_repository_prefix(&self) -> String
fn upstream_repository_prefix(&self) -> String
Returns the OCI repository path prefix used for upstream operations.
This identifier serves two related roles, both pointing at the same upstream location:
- Proxy routing. When the push proxy forwards push/pull requests to the upstream registry, this prefix is prepended to the image name portion of the OCI path.
- Shared deployment-image repository name.
alien releasepushes every function image as{prefix}:{logical}-{hash}into one shared repository whose routable name is exactly this prefix. Pass it asrepo_idwhen callingadd_cross_account_access/remove_cross_account_accessfor the deployment cross-account flow.
Examples:
- ECR:
"alien-e2e"— flat repo prefix; also the routable repo name for the shared deployment-image repository - GAR:
"my-project/alien-e2e"— project/repo structure - ACR:
"alien-e2e"— images pushed into this repository prefix; principal pull access is granted on the parent registry - Local:
"artifacts"or similar — cross-account not supported
An empty return value indicates the platform has no shared deployment-image repo at the binding level.
Default returns empty string.
Dyn Compatibility§
This trait is dyn compatible.
In older versions of Rust, dyn compatibility was called "object safety".