Dependency Proxy workhorse migration implementation plan (workhorse + rails)

Why are we doing this work

This issue describes the workhorse work needed to deliver &6396 (closed).

Relevant links

• Parent Issue
• Rails counterpart issue
• Sequence diagram
• Discussion around possible approaches

Possible approaches

There are a two possible approaches as described in this comment. For future features using this need of "download and cache from an external url" will need to implement the following:

Option 1: Using a response header

• the rails that returns the new response header
• the /authorize rails endpoint
• the upload rails endpoint

Option 2: Using a route handler

• the /authorize rails endpoint
• the upload rails endpoint
• the new route in workhorse router

Implementation plan

The items below only describes the route handler approach, the response header approach has not been broken out. Both approaches should be evaluated before choosing the best one to solve this problem.

• Add the blob route to the upstream routes to be intercepted.
• Update the response to the /authorize request to accept a json payload with fields (URL and token) for requesting an image from an external registry.
  • Use the returned URL and token to request the blob and upload it to the configured file storage system.
  • Allow workhorse to then follow the existing logic to return the file metadata back to rails to complete the originally received request to download the blob.
  • Return the blob file