Description
Feature Description
Spinning off #19270 (comment) into its own ticket as recommended
I wish Gitea supported "remote", or "proxy" repositories.
These are package repositories that proxy an external source of packages, hence configured with proxy URL, but are otherwise same as local package repositories, as they can be pulled from as usual.
Example: A local Pypi.org proxy. Local build system would be configured to use both the private package registry for "internal" (private) packages, but now fetching dependencies on Pypi.org through local Gitea too.
Advantages:
- Shorter round-trip to fetch packages = faster build times
- Improved auditability of dependencies (one place for all
$internet_stuff) - Offline-able build systems helps with disaster recovery, privacy...
- Mitigate bad/rogue updates by having solid cacheing
This feature in Docker repositories would remove any need for Dockerhub ECR mirror, which many have to set up to avoid Dockerhub's recent rate-limiting.
The canonical example of the feature is in JFrog's Artifactory.
Effectively, Gitea would, for these proxy repositories, become a local package cache. The biggest technical decision is about when to invalidate cache (docker image's "latest" tag moves pretty quickly, but if you already have a local copy, do you serve it as-is? even if you got it 2 years ago?)
Pushing this feature to its extreme, Artifactory provides Virtual Repositories that aggregate both remote (public proxies) and local (private to org) repositories into one place.
I understand this feature can be a big investment, and acknowledge that there may be no particular need for it. I mostly envy the feature, and wish for Gitea to succeed by out-executing Artifactory, given the new Package Registry is already encroaching on that a bit.
Screenshots
