Make the dependency proxy host configurable

🍎 Proposal

The first step in implementing generic image registry support for dependency proxy is removing the hardcoded sections of dependency proxy code.

Task 1: Make the dependency proxy more dynamic

1. Add an application settings to hold the default host for the dependency proxy:

   container_dependency_proxy_default_host = 'https://registry-1.docker.io'

   This setting should be accessible via the API and the admin UI. It should require admin permissions to update.

2. Update the DependencyProxy::Registry model and the DependencyProxy::RequestTokenService.

   The RequestTokenService should make an additional request before it gets the auth_url. First it needs to make an empty curl request to the default host with a path of /v2/. The response will be a 401 unauthorized and the www-authenticate header should be parsed to obtain the Bearer realm value, and the service value:

   curl -i https://registry-1.docker.io/v2/
   HTTP/1.1 401 Unauthorized
   content-type: application/json
   docker-distribution-api-version: registry/2.0
   www-authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io"
   date: Mon, 24 May 2021 17:42:06 GMT
   content-length: 87
   strict-transport-security: max-age=31536000
   
   {"errors":[{"code":"UNAUTHORIZED","message":"authentication required","detail":null}]}

   You can now see how those values should be used to build the auth_url in the DependencyProxy::Registry model.

   The goal is to remove the AUTH_URL and LIBRARY_URL constants, and update the various methods using those values to instead use the new application setting value along with the values returned in the initial request header when needed.

📄 Related issues and epics

• Generic image registry support for dependency proxy epic
• Technical investigation issue