On Mon, Jun 11, 2018 at 08:25:39AM -0400, Dennis Kliban wrote: > On Wed, Jun 6, 2018 at 9:11 AM, Simon Baatz <[1][email protected]> > ... > > We did not have a use case for distributing the redirect files. This > would be a good feature to add. If you are interested in adding this > functionality, you should start by filing a Story on [2]pulp.plan.io. > Reply with the issue link here and we can work out the details on the > ticket.
I am not sure whether we can contribute this feature (in the end this depends on the complexity). As suggested, I created story #3761 (at [1]) to find out the details and how complex this will be. > - The documentation [0] describes authentication for Crane, but this > authenticates only the redirects delivered by Crane. When adding > basic authentication to the actual content, the Docker daemon will > fail. Apparently, it does not add the credentials when following > the > redirections. > Is there a way to enable protection for both the redirections and > content? (I know that crane 3.2.0 supports Akamai CDN tokens, but > that does not help with a local server.) > > There is not a way to add content protection for the content itself > right now. We found a possible solution: Basic authentication works for content if Crane serves the content directly instead of redirecting. We found that it is surprisingly simple to let Crane do that. As Flask supports "X-Sendfile" out of the box, this should be efficient as well (even more efficient than redirecting. The client does not need the additional round-trip for every artifact.) I think we could post some code soon, which allows to switch between "redirect" and "local content" mode. Should we do the same here and create a story? [1] https://pulp.plan.io/issues/3761 _______________________________________________ Pulp-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/pulp-list
