diff --git a/Dockerfile b/Dockerfile index ac350b97..10e63569 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ FROM golang:1.5 MAINTAINER Quentin Machu -RUN apt-get update && apt-get install -y bzr rpm && apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* +RUN apt-get update && apt-get install -y bzr rpm xz && apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* RUN mkdir /db VOLUME /db diff --git a/docs/API.md b/docs/API.md index 26db2e68..4f6cea55 100644 --- a/docs/API.md +++ b/docs/API.md @@ -112,7 +112,8 @@ It processes and inserts a new Layer in the database. |------|-----|-------------| |ID|String|Unique ID of the Layer| |Path|String|Absolute path or HTTP link pointing to the Layer's tar file| -|ParentID|String|(Optionnal) Unique ID of the Layer's parent +|ParentID|String|(Optional) Unique ID of the Layer's parent| +|ImageFormat|String|Image format of the Layer ('Docker' or 'ACI')| If the Layer has not parent, the ParentID field should be omitted or empty. @@ -346,7 +347,7 @@ It returns the lists of vulnerabilities which affect a given Layer. |Name|Type|Description| |------|-----|-------------| |ID|String|Unique ID of the Layer| -|minimumPriority|Priority|(Optionnal) The minimum priority of the returned vulnerabilities. Defaults to High| +|minimumPriority|Priority|(Optional) The minimum priority of the returned vulnerabilities. Defaults to High| ### Example @@ -389,7 +390,7 @@ It returns the lists of vulnerabilities which are introduced and removed by the |Name|Type|Description| |------|-----|-------------| |ID|String|Unique ID of the Layer| -|minimumPriority|Priority|(Optionnal) The minimum priority of the returned vulnerabilities| +|minimumPriority|Priority|(Optional) The minimum priority of the returned vulnerabilities| ### Example @@ -436,7 +437,7 @@ Counterintuitively, this request is actually a POST to be able to pass a lot of |Name|Type|Description| |------|-----|-------------| |LayersIDs|Array of strings|Unique IDs of Layers| -|minimumPriority|Priority|(Optionnal) The minimum priority of the returned vulnerabilities. Defaults to High| +|minimumPriority|Priority|(Optional) The minimum priority of the returned vulnerabilities. Defaults to High| ### Example diff --git a/worker/detectors/data/aci.go b/worker/detectors/data/aci.go index aa9526cd..43a7a187 100644 --- a/worker/detectors/data/aci.go +++ b/worker/detectors/data/aci.go @@ -30,17 +30,12 @@ func init() { } func (detector *ACIDataDetector) Supported(path string, format string) bool { - switch format { - case "": - if strings.HasSuffix(path, ".aci") { - return true - } - case "aci": + if strings.EqualFold(format, "ACI") { return true } return false } func (detector *ACIDataDetector) Detect(layerReader io.ReadCloser, toExtract []string, maxFileSize int64) (map[string][]byte, error) { - return utils.SelectivelyExtractArchive(layerReader, "./rootfs/", toExtract, maxFileSize) + return utils.SelectivelyExtractArchive(layerReader, "rootfs/", toExtract, maxFileSize) } diff --git a/worker/detectors/data/tar.go b/worker/detectors/data/docker.go similarity index 61% rename from worker/detectors/data/tar.go rename to worker/detectors/data/docker.go index 93a457d1..d1b32ad4 100644 --- a/worker/detectors/data/tar.go +++ b/worker/detectors/data/docker.go @@ -22,25 +22,20 @@ import ( "github.com/coreos/clair/worker/detectors" ) -// TarDataDetector implements DataDetector and detects layer data in 'tar' format -type TarDataDetector struct{} +// DockerDataDetector implements DataDetector and detects layer data in 'Docker' format +type DockerDataDetector struct{} func init() { - detectors.RegisterDataDetector("tar", &TarDataDetector{}) + detectors.RegisterDataDetector("Docker", &DockerDataDetector{}) } -func (detector *TarDataDetector) Supported(path string, format string) bool { - switch format { - case "": - if strings.HasSuffix(path, ".tar") || strings.HasSuffix(path, ".tar.gz") { - return true - } - case "tar": +func (detector *DockerDataDetector) Supported(path string, format string) bool { + if strings.EqualFold(format, "Docker") { return true } return false } -func (detector *TarDataDetector) Detect(layerReader io.ReadCloser, toExtract []string, maxFileSize int64) (map[string][]byte, error) { +func (detector *DockerDataDetector) Detect(layerReader io.ReadCloser, toExtract []string, maxFileSize int64) (map[string][]byte, error) { return utils.SelectivelyExtractArchive(layerReader, "", toExtract, maxFileSize) } diff --git a/worker/worker.go b/worker/worker.go index 08c77dec..2f00a5fe 100644 --- a/worker/worker.go +++ b/worker/worker.go @@ -49,6 +49,9 @@ var ( // SupportedOS is the list of operating system names that the worker supports. SupportedOS = []string{"debian", "ubuntu", "centos"} + + // SupportedImageFormat is the list of image formats that the worker supports. + SupportedImageFormat = []string{"Docker", "ACI"} ) // Process detects the OS of a layer, the packages it installs/removes, and @@ -60,8 +63,22 @@ func Process(ID, parentID, path string, imageFormat string) error { if path == "" { return cerrors.NewBadRequestError("could not process a layer which does not have a path") } + if imageFormat == "" { + return cerrors.NewBadRequestError("could not process a layer which does not have a specified format") + } else { + isSupported := false + for _, format := range SupportedImageFormat { + if strings.EqualFold(imageFormat, format) { + isSupported = true + break + } + } + if !isSupported { + return cerrors.NewBadRequestError("could not process a layer which does not have a supported format") + } + } - log.Debugf("layer %s: processing (Location: %s, Engine version: %d, Parent: %s, format: %s)", ID, utils.CleanURL(path), Version, parentID, imageFormat) + log.Debugf("layer %s: processing (Location: %s, Engine version: %d, Parent: %s, Format: %s)", ID, utils.CleanURL(path), Version, parentID, imageFormat) // Check to see if the layer is already in the database. layer, err := database.FindOneLayerByID(ID, []string{database.FieldLayerEngineVersion})