arno/clair
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

imagefmt: Move layer blob download logic to blob.go

Browse Source
This commit is contained in:
Sida Chen 2019-02-21 15:21:46 -05:00
parent dd239762f6
commit 891ce1697d
2 changed files with 70 additions and 61 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
blob.go Normal file
View File

@ -0,0 +1,61 @@
package clair
import (
"context"
"crypto/tls"
"io"
"net/http"
"os"
"strings"
log "github.com/sirupsen/logrus"
)
func retrieveLayerBlob(ctx context.Context, blobSha256 string, path string, headers map[string]string) (io.ReadCloser, error) {
if strings.HasPrefix(path, "http://") || strings.HasPrefix(path, "https://") {
return downloadLayerBlob(ctx, blobSha256, path, headers)
}
return loadLayerBlobFromFS(blobSha256)
}
func downloadLayerBlob(ctx context.Context, blobSha256 string, uri string, headers map[string]string) (io.ReadCloser, error) {
request, err := http.NewRequest("GET", uri, nil)
if err != nil {
return nil, RetrieveBlobError
}
if headers != nil {
for k, v := range headers {
request.Header.Set(k, v)
}
}
tr := &http.Transport{
TLSClientConfig: &tls.Config{},
Proxy: http.ProxyFromEnvironment,
}
client := &http.Client{Transport: tr}
r, err := client.Do(request)
if err != nil {
log.WithError(err).Error("could not download layer")
return nil, RetrieveBlobError
}
// Fail if we don't receive a 2xx HTTP status code.
if is2xx(r.StatusCode) {
log.WithField("status", r.StatusCode).Error("could not download layer: expected 2XX")
return nil, RetrieveBlobError
}
return r.Body, nil
}
func is2xx(statusCode int) bool {
return statusCode >= 200 && statusCode < 300
}
func loadLayerBlobFromFS(path string) (io.ReadCloser, error) {
return os.Open(path)
}

70
ext/imagefmt/driver.go
View File

@ -21,19 +21,12 @@
package imagefmt package imagefmt
import ( import (
"crypto/tls"
"fmt" "fmt"
"io" "io"
"math"
"net/http"
"os"
"strings" "strings"
"sync" "sync"
log "github.com/sirupsen/logrus"
"github.com/coreos/clair/pkg/commonerr" "github.com/coreos/clair/pkg/commonerr"
"github.com/coreos/clair/pkg/strutil"
"github.com/coreos/clair/pkg/tarutil" "github.com/coreos/clair/pkg/tarutil"
) )
@ -102,67 +95,22 @@ func UnregisterExtractor(name string) {
delete(extractors, name) delete(extractors, name)
} }
// Extract streams an image layer from disk or over HTTP, determines the // Extract a set of files as FilesMap from a layer blob.
// image format, then extracts the files specified. func Extract(format string, blobReader io.ReadCloser, filePaths []string) (tarutil.FilesMap, error) {
func Extract(format, path string, headers map[string]string, toExtract []string) (tarutil.FilesMap, error) {
var layerReader io.ReadCloser
if strings.HasPrefix(path, "http://") || strings.HasPrefix(path, "https://") {
log.WithField("path", strutil.CleanURL(path)).Debug("start downloading layer blob...")
request, err := http.NewRequest("GET", path, nil)
if err != nil {
return nil, ErrCouldNotFindLayer
}
// Set any provided HTTP Headers.
if headers != nil {
for k, v := range headers {
request.Header.Set(k, v)
}
}
// Send the request and handle the response.
tr := &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: insecureTLS},
Proxy: http.ProxyFromEnvironment,
}
client := &http.Client{Transport: tr}
r, err := client.Do(request)
if err != nil {
log.WithError(err).Error("could not download layer")
return nil, ErrCouldNotFindLayer
}
// Fail if we don't receive a 2xx HTTP status code.
if math.Floor(float64(r.StatusCode/100)) != 2 {
log.WithError(ErrCouldNotFindLayer).WithField("status code", r.StatusCode).Error("could not download layer: expected 2XX")
return nil, ErrCouldNotFindLayer
}
layerReader = r.Body
} else {
log.WithField("path", strutil.CleanURL(path)).Debug("start reading layer blob from local file system...")
var err error
layerReader, err = os.Open(path)
if err != nil {
log.WithError(ErrCouldNotFindLayer).Error("could not open layer")
return nil, ErrCouldNotFindLayer
}
}
defer layerReader.Close()
if extractor, exists := Extractors()[strings.ToLower(format)]; exists { if extractor, exists := Extractors()[strings.ToLower(format)]; exists {
files, err := extractor.ExtractFiles(layerReader, toExtract) files, err := extractor.ExtractFiles(blobReader, filePaths)
if err != nil { if err != nil {
return nil, err return nil, err
} }
return files, nil return files, nil
} }
return nil, commonerr.NewBadRequestError(fmt.Sprintf("unsupported image format '%s'", format)) return nil, fmt.Errorf("unsupported image format '%s'", format)
} }
// SetInsecureTLS sets the insecureTLS to control whether TLS server's certificate chain // IsSupported checks if a format is supported
// and hostname are verified when pulling layers. func IsSupported(format string) bool {
func SetInsecureTLS(insecure bool) { _, ok := Extractors()[strings.ToLower(format)]
insecureTLS = insecure return ok
} }