Support registry no need auth

.github/workflows/deploy.yaml

@@ -20,7 +20,7 @@ jobs:
           node-version: "12.x"
       - run: npm install
       - name: Publish
-        uses: cloudflare/wrangler-action@1.2.0
+        uses: cloudflare/wrangler-action@2.0.0
         with:
           apiToken: ${{ secrets.CF_API_TOKEN }}
         env:

src/index.js

@@ -8,6 +8,7 @@ const routes = {
   "quay.libcuda.so": "https://quay.io",
   "gcr.libcuda.so": "https://gcr.io",
   "k8s-gcr.libcuda.so": "https://k8s.gcr.io",
+  "k8s.libcuda.so": "https://registry.k8s.io",
   "ghcr.libcuda.so": "https://ghcr.io",
   "cloudsmith.libcuda.so": "https://docker.cloudsmith.io",
 };
@@ -24,32 +25,47 @@ function routeByHosts(host) {
 
 async function handleRequest(request) {
   const url = new URL(request.url);
-  if (url.pathname == "/v2/") {
-    const headers = new Headers();
-    if (MODE == "debug") {
-      headers.set(
-        "Www-Authenticate",
-        `Bearer realm="${LOCAL_ADDRESS}/v2/auth",service="cloudflare-docker-proxy"`
-      );
-    } else {
-      headers.set(
-        "Www-Authenticate",
-        `Bearer realm="https://${url.hostname}/v2/auth",service="cloudflare-docker-proxy"`
-      );
-    }
-    return new Response(JSON.stringify({ message: "UNAUTHORIZED" }), {
-      status: 401,
-      headers: headers,
-    });
-  }
   const upstream = routeByHosts(url.hostname);
   if (upstream === "") {
     return new Response(
       JSON.stringify({
         routes: routes,
-      })
+      }),
+      {
+        status: 404,
+      }
     );
   }
+  // check if need to authenticate
+  if (url.pathname == "/v2/") {
+    const newUrl = new URL(upstream + "/v2/");
+    const resp = await fetch(newUrl.toString(), {
+      method: "GET",
+      redirect: "follow",
+    });
+    if (resp.status === 200) {
+    } else if (resp.status === 401) {
+      const headers = new Headers();
+      if (MODE == "debug") {
+        headers.set(
+          "Www-Authenticate",
+          `Bearer realm="${LOCAL_ADDRESS}/v2/auth",service="cloudflare-docker-proxy"`
+        );
+      } else {
+        headers.set(
+          "Www-Authenticate",
+          `Bearer realm="https://${url.hostname}/v2/auth",service="cloudflare-docker-proxy"`
+        );
+      }
+      return new Response(JSON.stringify({ message: "UNAUTHORIZED" }), {
+        status: 401,
+        headers: headers,
+      });
+    } else {
+      return resp;
+    }
+  }
+  // get token
   if (url.pathname == "/v2/auth") {
     const newUrl = new URL(upstream + "/v2/");
     const resp = await fetch(newUrl.toString(), {
@@ -66,6 +82,7 @@ async function handleRequest(request) {
     const wwwAuthenticate = parseAuthenticate(authenticateStr);
     return await fetchToken(wwwAuthenticate, url.searchParams);
   }
+  // foward requests
   const newUrl = new URL(upstream + url.pathname);
   const newReq = new Request(newUrl, {
     method: request.method,

wrangler.toml

@@ -1,15 +1,7 @@
 name = "cloudflare-docker-proxy"
-type = "webpack"
-
-account_id = ""
 workers_dev = true
-route = ""
-zone_id = ""
-
-webpack_config = "webpack.config.js"
 compatibility_date = "2021-12-07"
 
-
 [dev]
 ip = "0.0.0.0"
 port = 8787
@@ -23,5 +15,5 @@ TARGET_UPSTREAM=""
 
 [env.dev.vars]
 MODE="debug"
-LOCAL_ADDRESS="http://192.168.50.160:8787"
+LOCAL_ADDRESS="http://192.168.10.102:8787"
 TARGET_UPSTREAM="https://registry-1.docker.io"