spin_oci/lib.rs
1//! OCI registries integration.
2#![deny(missing_docs)]
3
4mod auth;
5pub mod client;
6mod loader;
7pub mod utils;
8mod validate;
9
10pub use client::{Client, ComposeMode};
11pub use loader::OciLoader;
12
13/// URL scheme used for the locked app "origin" metadata field for OCI-sourced apps.
14pub const ORIGIN_URL_SCHEME: &str = "vnd.fermyon.origin-oci";
15
16/// Applies heuristics to check if the given string "looks like" it may be
17/// an OCI reference.
18///
19/// This is primarily intended to differentiate OCI references from file paths,
20/// which determines the particular heuristics applied.
21pub fn is_probably_oci_reference(maybe_oci: &str) -> bool {
22 // A relative file path such as foo/spin.toml will successfully
23 // parse as an OCI reference, because the parser infers the Docker
24 // registry and the `latest` version. So if the registry resolves
25 // to Docker, but the source *doesn't* contain the string 'docker',
26 // we can guess this is likely a false positive.
27 //
28 // This could be fooled by, e.g., dockerdemo/spin.toml. But we only
29 // go down this path if the file does not exist, and the chances of
30 // a user choosing a filename containing 'docker' THAT ALSO does not
31 // exist are A MILLION TO ONE...
32
33 // If it doesn't parse as a reference, it isn't a reference
34 let Ok(reference) = oci_distribution::Reference::try_from(maybe_oci) else {
35 return false;
36 };
37 // If it has an explicit tag, its probably a reference
38 if reference.tag() != Some("latest") || maybe_oci.ends_with(":latest") {
39 return true;
40 }
41 // If it doesn't have an explicit registry it's hard to tell whether its a
42 // reference; we'll lean towards "no". The reference parser will set the
43 // registry to the Docker default if none is set, which we try to detect.
44 if reference.registry().contains("docker") && !maybe_oci.contains("docker") {
45 return false;
46 }
47 // Passed all the tests; likely a reference
48 true
49}