zlayer-core 0.10.76

Shared types and configuration for ZLayer container orchestration
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121

# Registry Authentication Module

This module provides flexible authentication for OCI registries, supporting multiple authentication sources.

## Features

- **Docker Config Support**: Automatically reads credentials from `~/.docker/config.json`
- **Multiple Auth Sources**: Anonymous, Basic, Environment Variables, Docker Config
- **Per-Registry Configuration**: Different auth methods for different registries
- **Automatic Registry Detection**: Extracts registry from image references

## Usage

### Basic Usage with Docker Config (Default)

```rust
use zlayer_core::auth::{AuthConfig, AuthResolver};

// Create resolver with default config (uses Docker config)
let config = AuthConfig::default();
let resolver = AuthResolver::new(config);

// Resolve authentication for an image
let auth = resolver.resolve("ghcr.io/owner/repo:tag");
```

### Custom Configuration

```rust
use zlayer_core::auth::{AuthConfig, AuthSource, RegistryAuthConfig};

let config = AuthConfig {
    // Specific auth for GitHub Container Registry
    registries: vec![
        RegistryAuthConfig {
            registry: "ghcr.io".to_string(),
            source: AuthSource::Basic {
                username: "myuser".to_string(),
                password: "mytoken".to_string(),
            },
        },
    ],
    // Default to Docker config for other registries
    default: AuthSource::DockerConfig,
    docker_config_path: None,
};

let resolver = AuthResolver::new(config);
```

### Environment Variable Authentication

```rust
use zlayer_core::auth::{AuthConfig, AuthSource};

let config = AuthConfig {
    registries: vec![],
    default: AuthSource::EnvVar {
        username_var: "REGISTRY_USERNAME".to_string(),
        password_var: "REGISTRY_PASSWORD".to_string(),
    },
    docker_config_path: None,
};

let resolver = AuthResolver::new(config);
```

### Integration with AgentConfig

```rust
use zlayer_core::{AgentConfig, auth::{AuthConfig, AuthSource}};

let agent_config = AgentConfig {
    deployment_name: "my-deployment".to_string(),
    node_id: "node-1".to_string(),
    auth: AuthConfig {
        default: AuthSource::DockerConfig,
        ..Default::default()
    },
    ..Default::default()
};
```

## Docker Config Format

The module supports the standard Docker config.json format:

```json
{
  "auths": {
    "ghcr.io": {
      "auth": "base64(username:password)"
    },
    "docker.io": {
      "username": "myuser",
      "password": "mypass"
    }
  }
}
```

Both the `auth` field (base64-encoded) and plain `username`/`password` fields are supported.

## Registry Detection

The module automatically extracts the registry from image references:

- `ubuntu:latest``docker.io`
- `ghcr.io/owner/repo:tag``ghcr.io`
- `localhost:5000/image``localhost:5000`
- `myregistry.com/path/to/image:v1.0``myregistry.com`

## Testing

Run the test suite with:

```bash
cargo test -p zlayer-core
```

All authentication sources and registry detection logic are thoroughly tested.