goodpackagerepo

World's first good package repository - A schema-driven, secure, and fast artifact storage system.

Features

• 🔒 Secure by Design: Content-addressed storage with SHA256 verification
• ⚡ Lightning Fast: Built-in caching and intelligent indexing
• 📋 Schema-Driven: Declarative configuration with automatic validation
• 🔐 Authentication: Simple admin login with password management
• 🐳 Docker Ready: Full Docker and docker-compose support
• 📦 GHCR Support: Automated builds and publishing to GitHub Container Registry
• 🚀 CapRover Ready: Easy deployment with CapRover PaaS

Quick Start

Using Docker Compose

git clone https://github.com/johndoe6345789/goodpackagerepo.git
cd goodpackagerepo
docker-compose up -d

The frontend will be available at http://localhost:3000 and the backend API at http://localhost:5000.

Default credentials: admin / admin (change after first login!)

Manual Setup

Backend (Flask)

cd backend
pip install -r requirements.txt
export DATA_DIR=/tmp/data
export JWT_SECRET=your-secret-key
python app.py

Frontend (Next.js)

cd frontend
npm install
npm run dev

Documentation

Complete documentation is available at /docs when running the application, including:

• Getting Started Guide
• CapRover Deployment Instructions
• API Usage Examples
• Schema Configuration

Testing

E2E Tests (Playwright)

cd tests
npm install
npx playwright install
npm test

See tests/README.md for more testing options.

Deployment

CapRover

See the full CapRover setup guide in the documentation at /docs#caprover-setup.

Quick summary:

1. Create two apps in CapRover: goodrepo-backend and goodrepo-frontend
2. Deploy from GitHub using the respective captain-definition files
3. Set environment variables
4. Enable HTTPS

Docker Registries

Images are automatically built and pushed to GitHub Container Registry (GHCR) on push to main:

• Backend: ghcr.io/johndoe6345789/goodpackagerepo/backend:latest
• Frontend: ghcr.io/johndoe6345789/goodpackagerepo/frontend:latest

Architecture

• Backend: Flask-based Python API implementing the schema.json specification
• Frontend: Next.js/React application with custom Material Design SCSS
• Storage: SQLite for user auth, filesystem for blobs, in-memory for metadata
• Authentication: JWT-based with bcrypt password hashing

API Endpoints

Authentication

• POST /auth/login - Login and get JWT token
• POST /auth/change-password - Change password
• GET /auth/me - Get current user info

Package Management

• PUT /v1/{namespace}/{name}/{version}/{variant}/blob - Publish package
• GET /v1/{namespace}/{name}/{version}/{variant}/blob - Download package
• GET /v1/{namespace}/{name}/latest - Get latest version
• GET /v1/{namespace}/{name}/versions - List all versions
• PUT /v1/{namespace}/{name}/tags/{tag} - Set tag

Schema Configuration

The repository behavior is defined by schema.json, which includes:

• Entities: Data models with validation rules
• Storage: Blob stores, KV stores, document schemas
• Indexes: Optimized package lookup
• Auth: JWT authentication with scope-based permissions
• API Routes: Declarative pipeline-based endpoints
• Caching: Response and blob caching policies
• Replication: Event sourcing for multi-region sync
• GC: Automatic garbage collection

License

See LICENSE file for details.

Contributing

Contributions are welcome! Please feel free to submit a Pull Request.