From 8f88039d2672d2502319eafeefc391ee8e43c7c5 Mon Sep 17 00:00:00 2001
From: Hisham <Hisham.Anver@team.telstra.com>
Date: Fri, 13 Aug 2021 09:33:12 +1000
Subject: [PATCH] enable caching by sha for blobs

---
 entrypoint.sh              | 4 ++++
 nginx.conf                 | 3 +++
 nginx.manifest.common.conf | 2 +-
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 32ba88a..05b096f 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -111,6 +111,7 @@ echo -n "" >/etc/nginx/nginx.manifest.caching.config.conf
     # First tier caching of manifests; configure via MANIFEST_CACHE_PRIMARY_REGEX and MANIFEST_CACHE_PRIMARY_TIME
     location ~ ^/v2/(.*)/manifests/${MANIFEST_CACHE_PRIMARY_REGEX} {
         set \$docker_proxy_request_type "manifest-primary";
+        set \$cache_key \$uri;
         proxy_cache_valid ${MANIFEST_CACHE_PRIMARY_TIME};
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
@@ -120,6 +121,7 @@ EOD
     # Secondary tier caching of manifests; configure via MANIFEST_CACHE_SECONDARY_REGEX and MANIFEST_CACHE_SECONDARY_TIME
     location ~ ^/v2/(.*)/manifests/${MANIFEST_CACHE_SECONDARY_REGEX} {
         set \$docker_proxy_request_type "manifest-secondary";
+        set \$cache_key \$uri;
         proxy_cache_valid ${MANIFEST_CACHE_SECONDARY_TIME};
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
@@ -129,6 +131,7 @@ EOD
     # Default tier caching for manifests. Caches for ${MANIFEST_CACHE_DEFAULT_TIME} (from MANIFEST_CACHE_DEFAULT_TIME)
     location ~ ^/v2/(.*)/manifests/ {
         set \$docker_proxy_request_type "manifest-default";
+        set \$cache_key \$uri;
         proxy_cache_valid ${MANIFEST_CACHE_DEFAULT_TIME};
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
@@ -138,6 +141,7 @@ EOD
     # Manifest caching is disabled. Enable it with ENABLE_MANIFEST_CACHE=true
     location ~ ^/v2/(.*)/manifests/ {
         set \$docker_proxy_request_type "manifest-default-disabled";
+        set \$cache_key \$uri;
         proxy_cache_valid 0s;
         include "/etc/nginx/nginx.manifest.stale.conf";
     }
diff --git a/nginx.conf b/nginx.conf
index 897628e..c0a1e90 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -262,6 +262,7 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
         # For blob requests by digest, do cache, and treat redirects.
         location ~ ^/v2/(.*)/blobs/sha256:(.*) {
             set $docker_proxy_request_type "blob-by-digest";
+            set $cache_key $2;
             include "/etc/nginx/nginx.manifest.common.conf";
         }
 
@@ -269,6 +270,7 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
         # These are some of the requests that DockerHub will throttle.
         location ~ ^/v2/(.*)/manifests/sha256:(.*) {
             set $docker_proxy_request_type "manifest-by-digest";
+            set $cache_key $uri;
             include "/etc/nginx/nginx.manifest.common.conf";
         }
 
@@ -281,6 +283,7 @@ echo "Docker configured with HTTPS_PROXY=$scheme://$http_host/"
         # Since these are mutable, we invalidate them immediately and keep them only in case the backend is down
         location ~ ^/v2/(.*)/blobs/ {
             set $docker_proxy_request_type "blob-mutable";
+            set $cache_key $uri;
             proxy_cache_valid 0s;
             include "/etc/nginx/nginx.manifest.stale.conf";
         }
diff --git a/nginx.manifest.common.conf b/nginx.manifest.common.conf
index 69d809c..41d985b 100644
--- a/nginx.manifest.common.conf
+++ b/nginx.manifest.common.conf
@@ -3,6 +3,6 @@
     add_header X-Docker-Registry-Proxy-Cache-Type "$docker_proxy_request_type";
     proxy_pass https://$targetHost;
     proxy_cache cache;
-    proxy_cache_key   $uri;
+    proxy_cache_key   $cache_key;
     proxy_intercept_errors on;
     error_page 301 302 307 = @handle_redirects;