The Seedwing Proxy is a stateless proxy that sits between a build pipeline and any upstream repository contributing to the build.
By applying a build-specific policy, the Seedwing Proxy will allow or disallow access to the upstream artifacts based upon signatures in Sigstore
, and possibly In-Toto
in the future.
Despite its name, this is not a web/http proxy in the conventional sense. It behaves as a local registry, proxying requests for software artifacts to an actual repository and returning them only if they match a given policy.
The seedwing proxy includes support for both git based registries and those accessible via the newer sparse protocol.
If your cargo installation supports the newer sparse protocol use the following cargo configuration
In .cargo/config
:
[source.seedwing]
registry = "sparse+http://localhost:8181/sparse-crates-io/index/"
[source.crates-io]
replace-with = "seedwing"
To use the git based index protocol use the following cargo configuration
In .cargo/config
:
[source.seedwing]
registry = "http://localhost:8181/crates-io/"
[source.crates-io]
replace-with = "seedwing"
In settings.xml
:
<settings>
<mirrors>
<mirror>
<id>seedwing</id>
<name>Seedwing "Proxy" Repository</name>
<url>http://0.0.0.0:8181/m2</url>
<mirrorOf>central</mirrorOf> <!-- This is important -->
</mirror>
</mirrors>
...
</settings>
For npm
, you first need to set the default npm registry with the URL of the proxy:
npm config set registry http://0.0.0.0:8181/npm
To force your dependencies to be downloaded through the proxy, you should remove your project’s copies and clear the cache prior to installing them:
rm -rf node_modules/
npm cache clean --force
npm install
For bundler
, you must link the rubygems registry with the URL of the proxy:
bundle config set --global mirror.https://rubygems.org http://localhost:8181/gems
To force your gems to be downloaded through the proxy, you should clear the cache prior to installing them:
bundle clean --force
bundle install
To remove the configuration:
bundle config unset --global mirror.https://rubygems.org