Skip to content

Commit 6824841

Browse files
committed
feat: local cosmo cloud registry
1 parent d86216f commit 6824841

7 files changed

Lines changed: 60 additions & 11 deletions

File tree

cli/.env.example

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
COSMO_API_KEY=cosmo_669b576aaadc10ee1ae81d9193425705
22
COSMO_API_URL=http://localhost:3001
33
CDN_URL=http://localhost:11000
4-
PLUGIN_REGISTRY_URL=
4+
PLUGIN_REGISTRY_URL=host.docker.internal:5050
55

66
# configure running wgc behind a proxy
77
# HTTPS_PROXY=""

docker-compose.yml

Lines changed: 33 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -191,7 +191,7 @@ services:
191191
depends_on:
192192
rustfs_perms:
193193
condition: service_completed_successfully
194-
command: "rustfs server /data"
194+
command: 'rustfs server /data'
195195
environment:
196196
RUSTFS_CONSOLE_ENABLE: 'true'
197197
RUSTFS_ACCESS_KEY: ${S3_ACCESS_KEY_ID:-admin}
@@ -354,6 +354,38 @@ services:
354354
profiles:
355355
- dev
356356

357+
# Local OCI plugin registry for gRPC plugin development.
358+
# No auth, plain HTTP. For `wgc router plugin publish` to work:
359+
#
360+
# 1. Trust the registry in the Docker daemon (needed for `docker login`).
361+
# OrbStack: edit ~/.orbstack/config/docker.json, then `orb restart docker`:
362+
# { "insecure-registries": ["host.docker.internal:5050"] }
363+
# Docker Desktop: Settings -> Docker Engine, merge the same key, Apply & Restart.
364+
#
365+
# 2. Create a buildx builder with insecure registry support (needed for push):
366+
# cat > /tmp/buildkitd.toml << 'EOF'
367+
# [registry."host.docker.internal:5050"]
368+
# http = true
369+
# insecure = true
370+
# EOF
371+
# docker buildx create --name local-registry --driver docker-container --config /tmp/buildkitd.toml --use
372+
#
373+
# 3. Set PLUGIN_REGISTRY_URL=host.docker.internal:5050 in cli/.env
374+
# (host.docker.internal is required because buildx runs inside a container)
375+
#
376+
# 4. For the router to pull plugins from this registry, set in router/.env:
377+
# PLUGINS_REGISTRY_URL=localhost:5050
378+
# PLUGINS_REGISTRY_INSECURE=true
379+
# (localhost here because the router runs on the host, not in a container)
380+
plugin-registry:
381+
image: registry:2
382+
ports:
383+
- '5050:5000'
384+
networks:
385+
- primary
386+
profiles:
387+
- dev
388+
357389
kafka:
358390
image: bitnamilegacy/kafka:3.7.0
359391
ports:

router-tests/testenv/testenv.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1512,7 +1512,8 @@ func configureRouter(listenerAddr string, testConfig *Config, routerConfig *node
15121512
return nil, fmt.Errorf("RegistryURL must be a host-only OCI registry address (no http:// or https:// scheme), got %q", testConfig.Plugins.RegistryURL)
15131513
}
15141514
pluginsCfg.Registry = config.PluginRegistryConfiguration{
1515-
URL: testConfig.Plugins.RegistryURL,
1515+
URL: testConfig.Plugins.RegistryURL,
1516+
Insecure: true,
15161517
}
15171518
}
15181519
routerOpts = append(routerOpts, core.WithPlugins(pluginsCfg))

router/.env.example

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,11 @@ CONFIG_PATH=demo.config.yaml
1212
#CONFIG_PATH=debug.config.yaml
1313
#GRAPH_CONFIG_SIGN_KEY=7kZKCz7DaLpvHKtaFEupDsBvDD9EEmUB
1414

15+
# For local plugin development with docker-compose registry, set:
16+
PLUGINS_REGISTRY_URL=localhost:5050
17+
PLUGINS_REGISTRY_INSECURE=true
18+
PLUGINS_ENABLED=true
19+
1520
DO_NOT_TRACK=1
1621

1722
# HTTP(S)_PROXY configuration

router/core/graph_server.go

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1816,6 +1816,7 @@ func (s *graphServer) setupConnector(
18161816
Logger: s.logger,
18171817
ImageRef: ref,
18181818
RegistryToken: s.graphApiToken,
1819+
RegistryInsecure: s.plugins.Registry.Insecure,
18191820
StartupConfig: startupConfig,
18201821
Tracer: tracer,
18211822
GetTraceAttributes: getTraceAttributes,

router/pkg/config/config.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1177,7 +1177,8 @@ type PluginsConfiguration struct {
11771177
}
11781178

11791179
type PluginRegistryConfiguration struct {
1180-
URL string `yaml:"url" env:"URL" envDefault:"cosmo-registry.wundergraph.com"`
1180+
URL string `yaml:"url" env:"URL" envDefault:"cosmo-registry.wundergraph.com"`
1181+
Insecure bool `yaml:"insecure" env:"INSECURE" envDefault:"false"`
11811182
}
11821183

11831184
type IntrospectionConfiguration struct {

router/pkg/grpcconnector/grpcpluginoci/grpc_oci_plugin.go

Lines changed: 16 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,7 @@ type GRPCPluginConfig struct {
2525
Logger *zap.Logger
2626
ImageRef string
2727
RegistryToken string
28+
RegistryInsecure bool
2829
StartupConfig grpccommon.GRPCStartupParams
2930
Tracer trace.Tracer
3031
GetTraceAttributes grpccommon.GRPCTraceAttributeGetter
@@ -45,6 +46,7 @@ type GRPCPlugin struct {
4546

4647
registryUsername string
4748
registryPassword string
49+
registryInsecure bool
4850

4951
client *grpccommon.GRPCPluginClient
5052

@@ -63,7 +65,7 @@ func NewGRPCOCIPlugin(config GRPCPluginConfig) (*GRPCPlugin, error) {
6365
return nil, fmt.Errorf("image source is required")
6466
}
6567

66-
if config.RegistryToken == "" {
68+
if config.RegistryToken == "" && !config.RegistryInsecure {
6769
return nil, fmt.Errorf("registry token is required")
6870
}
6971

@@ -78,6 +80,7 @@ func NewGRPCOCIPlugin(config GRPCPluginConfig) (*GRPCPlugin, error) {
7880

7981
registryUsername: "router",
8082
registryPassword: config.RegistryToken,
83+
registryInsecure: config.RegistryInsecure,
8184

8285
tracer: config.Tracer,
8386
startupConfig: config.StartupConfig,
@@ -175,16 +178,22 @@ func (p *GRPCPlugin) cleanupPluginWorkDir() {
175178

176179
// Start implements Plugin.
177180
func (p *GRPCPlugin) Start(ctx context.Context) error {
178-
desc, err := crane.Get(p.imgRef,
179-
crane.WithAuth(&authn.Basic{
180-
Username: p.registryUsername,
181-
Password: p.registryPassword,
182-
}),
181+
opts := []crane.Option{
183182
crane.WithPlatform(&v1.Platform{
184183
Architecture: runtime.GOARCH,
185184
OS: runtime.GOOS,
186185
}),
187-
)
186+
}
187+
if p.registryInsecure {
188+
opts = append(opts, crane.Insecure)
189+
} else {
190+
opts = append(opts, crane.WithAuth(&authn.Basic{
191+
Username: p.registryUsername,
192+
Password: p.registryPassword,
193+
}))
194+
}
195+
196+
desc, err := crane.Get(p.imgRef, opts...)
188197

189198
if err != nil {
190199
return fmt.Errorf("pulling image %s: %w", p.imgRef, err)

0 commit comments

Comments
 (0)