remove database package

2016-05-02 21:47:14 +02:00 · 2016-05-02 21:47:14 +02:00 · b45f471ccb
commit b45f471ccb
parent d9c84e8907
10 changed files with 103 additions and 320 deletions
--- a/cmd/clairctl/clair/push.go
+++ b/cmd/clairctl/clair/push.go
@ -3,6 +3,7 @@ package clair
 import (
 	"bytes"
 	"encoding/json"
+	"errors"
 	"fmt"
 	"io/ioutil"
 	"net/http"
@ -10,6 +11,9 @@ import (
 	"github.com/coreos/clair/api/v1"
 )

+//ErrOSNotSupported is returned when Clair received a layer which on os not supported
+var ErrOSNotSupported = errors.New("worker: OS and/or package manager are not supported")
+
 //Push send a layer to Clair for analysis
 func Push(layer v1.LayerEnvelope) error {
 	lJSON, err := json.Marshal(layer)
--- a/cmd/clairctl/cmd/analyse.go
+++ b/cmd/clairctl/cmd/analyse.go
@ -7,6 +7,7 @@ import (

 	"github.com/Sirupsen/logrus"
 	"github.com/coreos/clair/cmd/clairctl/clair"
+	"github.com/coreos/clair/cmd/clairctl/config"
 	"github.com/coreos/clair/cmd/clairctl/docker"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@ -49,7 +50,7 @@ func analyse(imageName string) clair.ImageAnalysis {
 		image, err = docker.Pull(imageName)

 		if err != nil {
-			if err == docker.ErrLoginNotFound {
+			if err == config.ErrLoginNotFound {
 				fmt.Println(err)
 			} else {
 				fmt.Println(errInternalError)
--- a/cmd/clairctl/cmd/push.go
+++ b/cmd/clairctl/cmd/push.go
@ -31,7 +31,7 @@ var pushCmd = &cobra.Command{
 			var err error
 			image, err = docker.Pull(imageName)
 			if err != nil {
-				if err == docker.ErrLoginNotFound {
+				if err == config.ErrLoginNotFound {
 					fmt.Println(err)
 				} else {
 					fmt.Println(errInternalError)
--- a/cmd/clairctl/database/database.go
+++ b/cmd/clairctl/database/database.go
@ -1,28 +0,0 @@
-package database
-
-import (
-	"fmt"
-
-	"github.com/Sirupsen/logrus"
-)
-
-var registryMapping map[string]string
-
-//InsertRegistryMapping insert the pair layerID,RegistryURI
-func InsertRegistryMapping(layerDigest string, registryURI string) {
-	logrus.Debugf("Saving %s[%s]", layerDigest, registryURI)
-	registryMapping[layerDigest] = registryURI
-}
-
-//GetRegistryMapping return the registryURI corresponding to the layerID passed as parameter
-func GetRegistryMapping(layerDigest string) (string, error) {
-	registryURI, present := registryMapping[layerDigest]
-	if !present {
-		return "", fmt.Errorf("%v mapping not found", layerDigest)
-	}
-	return registryURI, nil
-}
-
-func init() {
-	registryMapping = map[string]string{}
-}
--- a/cmd/clairctl/docker/image.go
+++ b/cmd/clairctl/docker/image.go
@ -2,6 +2,7 @@ package docker

 import (
 	"encoding/json"
+	"errors"
 	"fmt"
 	"regexp"
 	"strings"
@ -9,7 +10,7 @@ import (
 	"github.com/spf13/viper"
 )

-errDisallowed = errors.New("analysing official images is not allowed")
+var errDisallowed = errors.New("analysing official images is not allowed")

 //Image represent Image Manifest from Docker image, including the registry URL
 type Image struct {
--- a/cmd/clairctl/docker/pull.go
+++ b/cmd/clairctl/docker/pull.go
@ -7,6 +7,7 @@ import (
 	"net/http"

 	"github.com/Sirupsen/logrus"
+	"github.com/coreos/clair/cmd/clairctl/config"
 	"github.com/coreos/clair/cmd/clairctl/docker/httpclient"
 )

@ -49,7 +50,7 @@ func Pull(imageName string) (Image, error) {
 		case http.StatusUnauthorized:
 			return Image{}, ErrUnauthorized
 		case http.StatusNotFound:
-			return Image{}, docker.ErrLoginNotFound
+			return Image{}, config.ErrLoginNotFound
 		default:
 			return Image{}, fmt.Errorf("%d - %s", response.StatusCode, string(body))
 		}
--- a/cmd/clairctl/docker/push.go
+++ b/cmd/clairctl/docker/push.go
@ -8,10 +8,11 @@ import (
 	"github.com/coreos/clair/api/v1"
 	"github.com/coreos/clair/cmd/clairctl/clair"
 	"github.com/coreos/clair/cmd/clairctl/config"
-	"github.com/coreos/clair/cmd/clairctl/database"
 	"github.com/coreos/clair/cmd/clairctl/xstrings"
 )

+var registryMapping map[string]string
+
 //Push image to Clair for analysis
 func Push(image Image) error {
 	layerCount := len(image.FsLayers)
@ -35,7 +36,7 @@ func Push(image Image) error {
 		lUID := xstrings.Substr(layer.BlobSum, 0, 12)
 		logrus.Infof("Pushing Layer %d/%d [%v]", index+1, layerCount, lUID)

-		database.InsertRegistryMapping(layer.BlobSum, image.Registry)
+		insertRegistryMapping(layer.BlobSum, image.Registry)
 		payload := v1.LayerEnvelope{Layer: &v1.Layer{
 			Name:       layer.BlobSum,
 			Path:       image.BlobsURI(layer.BlobSum),
@ -66,3 +67,21 @@ func Push(image Image) error {
 	}
 	return nil
 }
+
+func insertRegistryMapping(layerDigest string, registryURI string) {
+	logrus.Debugf("Saving %s[%s]", layerDigest, registryURI)
+	registryMapping[layerDigest] = registryURI
+}
+
+//GetRegistryMapping return the registryURI corresponding to the layerID passed as parameter
+func GetRegistryMapping(layerDigest string) (string, error) {
+	registryURI, present := registryMapping[layerDigest]
+	if !present {
+		return "", fmt.Errorf("%v mapping not found", layerDigest)
+	}
+	return registryURI, nil
+}
+
+func init() {
+	registryMapping = map[string]string{}
+}
--- a/cmd/clairctl/database/database_test.go
+++ b/cmd/clairctl/database/database_test.go
@ -1,28 +1,28 @@
-package database
+package docker

 import "testing"

 func TestInsertRegistryMapping(t *testing.T) {
 	layerID := "sha256:13be4a52fdee2f6c44948b99b5b65ec703b1ca76c1ab5d2d90ae9bf18347082e"
 	registryURI := "registry:5000"
-	InsertRegistryMapping(layerID, registryURI)
+	insertRegistryMapping(layerID, registryURI)

 	if r := registryMapping[layerID]; r != registryURI {
-		t.Errorf("InsertRegistryMapping(%q,%q) => %q, want %q", layerID, registryURI, r, registryURI)
+		t.Errorf("insertRegistryMapping(%q,%q) => %q, want %q", layerID, registryURI, r, registryURI)
 	}
 }

 func TestGetRegistryMapping(t *testing.T) {
 	layerID := "sha256:13be4a52fdee2f6c44948b99b5b65ec703b1ca76c1ab5d2d90ae9bf18347082e"
 	registryURI := "registry:5000"
-	InsertRegistryMapping(layerID, registryURI)
+	insertRegistryMapping(layerID, registryURI)

 	if r, err := GetRegistryMapping(layerID); r != registryURI {

 		if err != nil {
-			t.Errorf("InsertRegistryMapping(%q,%q) failed => %v", layerID, registryURI, err)
+			t.Errorf("GetRegistryMapping(%q) failed => %v", layerID, err)
 		} else {
-			t.Errorf("InsertRegistryMapping(%q,%q) => %q, want %q", layerID, registryURI, r, registryURI)
+			t.Errorf("GetRegistryMapping(%q) => %q, want %q", layerID, registryURI, r)
 		}
 	}
 }
--- a/cmd/clairctl/server/reverseProxy/reverseProxy.go
+++ b/cmd/clairctl/server/reverseProxy/reverseProxy.go
@ -1,245 +0,0 @@
-package reverseProxy
-
-// Modified version of the original golang HTTP reverse proxy handler
-// And Vars in Gorilla/mux
-// Added support for Filter functions
-
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-import (
-	"io"
-	"log"
-	"net"
-	"net/http"
-	"net/url"
-	"strings"
-	"sync"
-	"time"
-
-	"github.com/Sirupsen/logrus"
-	"github.com/gorilla/context"
-	"github.com/gorilla/mux"
-	"github.com/coreos/clair/cmd/clairctl/database"
-	"github.com/coreos/clair/cmd/clairctl/docker"
-	"github.com/coreos/clair/cmd/clairctl/docker/httpclient"
-	"github.com/wunderlist/moxy"
-)
-
-// FilterFunc is a function that is called to process a proxy response
-// Since it has handle to the response object, it can manipulate the content
-type FilterFunc func(*http.Request, *http.Response)
-
-// onExitFlushLoop is a callback set by tests to detect the state of the
-// flushLoop() goroutine.
-var onExitFlushLoop func()
-
-// ReverseProxy is an HTTP Handler that takes an incoming request and
-// sends it to another server, proxying the response back to the
-// client.
-type ReverseProxy struct {
-	// Director must be a function which modifies
-	// the request into a new request to be sent
-	// using Transport. Its response is then copied
-	// back to the original client unmodified.
-	Director func(*http.Request)
-
-	// Filters must be an array of functions which modify
-	// the response before the body is written
-	Filters []FilterFunc
-
-	// The transport used to perform proxy requests.
-	// If nil, http.DefaultTransport is used.
-	Transport http.RoundTripper
-
-	// FlushInterval specifies the flush interval
-	// to flush to the client while copying the
-	// response body.
-	// If zero, no periodic flushing is done.
-	FlushInterval time.Duration
-
-	// ErrorLog specifies an optional logger for errors
-	// that occur when attempting to proxy the request.
-	// If nil, logging goes to os.Stderr via the log package's
-	// standard logger.
-	ErrorLog *log.Logger
-}
-
-func copyHeader(dst, src http.Header) {
-	for k, vv := range src {
-		for _, v := range vv {
-			dst.Add(k, v)
-		}
-	}
-}
-
-// Hop-by-hop headers. These are removed when sent to the backend.
-// http://www.w3.org/Protocols/rfc2616/rfc2616-sec13.html
-var hopHeaders = []string{
-	"Connection",
-	"Keep-Alive",
-	"Proxy-Authenticate",
-	"Proxy-Authorization",
-	"Te", // canonicalized version of "TE"
-	"Trailers",
-	"Transfer-Encoding",
-	"Upgrade",
-}
-
-func (p *ReverseProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
-
-	transport := p.Transport
-	if transport == nil {
-		transport = http.DefaultTransport
-	}
-
-	outreq := new(http.Request)
-	*outreq = *req // includes shallow copies of maps, but okay
-
-	context.Set(outreq, "in_req", req)
-	p.Director(outreq)
-	outreq.Proto = "HTTP/1.1"
-	outreq.ProtoMajor = 1
-	outreq.ProtoMinor = 1
-	outreq.Close = false
-	// Remove hop-by-hop headers to the backend.  Especially
-	// important is "Connection" because we want a persistent
-	// connection, regardless of what the client sent to us.  This
-	// is modifying the same underlying map from req (shallow
-	// copied above) so we only copy it if necessary.
-	copiedHeaders := false
-	for _, h := range hopHeaders {
-		if outreq.Header.Get(h) != "" {
-			if !copiedHeaders {
-				outreq.Header = make(http.Header)
-				copyHeader(outreq.Header, req.Header)
-				copiedHeaders = true
-			}
-			outreq.Header.Del(h)
-		}
-	}
-
-	if clientIP, _, err := net.SplitHostPort(req.RemoteAddr); err == nil {
-		// If we aren't the first proxy retain prior
-		// X-Forwarded-For information as a comma+space
-		// separated list and fold multiple headers into one.
-		if prior, ok := outreq.Header["X-Forwarded-For"]; ok {
-			clientIP = strings.Join(prior, ", ") + ", " + clientIP
-		}
-		outreq.Header.Set("X-Forwarded-For", clientIP)
-	}
-
-	res, err := transport.RoundTrip(outreq)
-	if err != nil {
-		logrus.Errorf("http: proxy error: %v", err)
-		rw.WriteHeader(http.StatusInternalServerError)
-		return
-	}
-	defer res.Body.Close()
-
-	for _, filterFn := range p.Filters {
-		filterFn(req, res)
-	}
-
-	for _, h := range hopHeaders {
-		res.Header.Del(h)
-	}
-
-	copyHeader(rw.Header(), res.Header)
-
-	rw.WriteHeader(res.StatusCode)
-	p.copyResponse(rw, res.Body)
-}
-
-func (p *ReverseProxy) copyResponse(dst io.Writer, src io.Reader) {
-	if p.FlushInterval != 0 {
-		if wf, ok := dst.(writeFlusher); ok {
-			mlw := &maxLatencyWriter{
-				dst:     wf,
-				latency: p.FlushInterval,
-				done:    make(chan bool),
-			}
-			go mlw.flushLoop()
-			defer mlw.stop()
-			dst = mlw
-		}
-	}
-
-	io.Copy(dst, src)
-}
-
-type writeFlusher interface {
-	io.Writer
-	http.Flusher
-}
-
-type maxLatencyWriter struct {
-	dst     writeFlusher
-	latency time.Duration
-
-	lk   sync.Mutex // protects Write + Flush
-	done chan bool
-}
-
-func (m *maxLatencyWriter) Write(p []byte) (int, error) {
-	m.lk.Lock()
-	defer m.lk.Unlock()
-	return m.dst.Write(p)
-}
-
-func (m *maxLatencyWriter) flushLoop() {
-	t := time.NewTicker(m.latency)
-	defer t.Stop()
-	for {
-		select {
-		case <-m.done:
-			if onExitFlushLoop != nil {
-				onExitFlushLoop()
-			}
-			return
-		case <-t.C:
-			m.lk.Lock()
-			m.dst.Flush()
-			m.lk.Unlock()
-		}
-	}
-}
-
-func (m *maxLatencyWriter) stop() { m.done <- true }
-
-// NewReverseProxy returns a new ReverseProxy that load-balances the proxy requests between multiple hosts defined by the RegistryMapping in the database
-// It also allows to define a chain of filter functions to process the outgoing response(s)
-func NewReverseProxy(filters []FilterFunc) *ReverseProxy {
-	director := func(request *http.Request) {
-
-		inr := context.Get(request, "in_req").(*http.Request)
-		host, _ := database.GetRegistryMapping(mux.Vars(inr)["digest"])
-		out, _ := url.Parse(host)
-		request.URL.Scheme = out.Scheme
-		request.URL.Host = out.Host
-		client := httpclient.Get()
-		req, _ := http.NewRequest("HEAD", request.URL.String(), nil)
-		resp, err := client.Do(req)
-		if err != nil {
-			logrus.Errorf("response error: %v", err)
-			return
-		}
-
-		if resp.StatusCode == http.StatusUnauthorized {
-			logrus.Info("pull from clair is unauthorized")
-			docker.AuthenticateResponse(resp, request)
-		}
-
-		r, _ := http.NewRequest("GET", request.URL.String(), nil)
-		r.Header.Set("Authorization", request.Header.Get("Authorization"))
-		r.Header.Set("Accept-Encoding", request.Header.Get("Accept-Encoding"))
-		*request = *r
-	}
-
-	return &ReverseProxy{
-		Transport: moxy.NewTransport(),
-		Director:  director,
-		Filters:   filters,
-	}
-}
--- a/cmd/clairctl/server/server.go
+++ b/cmd/clairctl/server/server.go
@ -3,47 +3,27 @@ package server
 import (
 	"net"
 	"net/http"
+	"net/http/httputil"
+	"net/url"
 	"os"
+	"regexp"
 	"strings"
 	"time"

 	"github.com/Sirupsen/logrus"
 	"github.com/coreos/clair/cmd/clairctl/docker"
-	"github.com/coreos/clair/cmd/clairctl/server/reverseProxy"
-	"github.com/gorilla/mux"
+	"github.com/coreos/clair/cmd/clairctl/docker/httpclient"
 	"github.com/spf13/viper"
 )

-type handler func(rw http.ResponseWriter, req *http.Request) error
-
-var router *mux.Router
-
 //Serve run a local server with the fileserver and the reverse proxy
 func Serve(sURL string) error {

 	go func() {
-		restrictedFileServer := func(path string) http.Handler {
-			if _, err := os.Stat(path); os.IsNotExist(err) {
-				os.Mkdir(path, 0777)
-			}
+		http.Handle("/v2/", newSingleHostReverseProxy())
+		http.Handle("/local/", http.StripPrefix("/local", restrictedFileServer(docker.TmpLocal())))

-			fc := func(w http.ResponseWriter, r *http.Request) {
-				http.FileServer(http.Dir(path)).ServeHTTP(w, r)
-			}
-			return http.HandlerFunc(fc)
-		}
-
-		router.PathPrefix("/v2/local").Handler(http.StripPrefix("/v2/local", restrictedFileServer(docker.TmpLocal()))).Methods("GET")
-		listener, err := net.Listen("tcp", sURL)
-		if err != nil {
-			logrus.Fatalf("cannot instanciate listener: %v", err)
-		}
-
-		if viper.GetInt("hyperclair.port") == 0 {
-			port := strings.Split(listener.Addr().String(), ":")[1]
-			logrus.Debugf("Update local server port from %q to %q", "0", port)
-			viper.Set("hyperclair.port", port)
-		}
+		listener := tcpListener(sURL)
 		logrus.Info("Starting Server on ", listener.Addr())

 		if err := http.Serve(listener, nil); err != nil {
@ -55,15 +35,65 @@ func Serve(sURL string) error {
 	return nil
 }

-func reverseRegistryHandler() http.HandlerFunc {
-	filters := []reverseProxy.FilterFunc{}
-	proxy := reverseProxy.NewReverseProxy(filters)
-	return proxy.ServeHTTP
+func tcpListener(sURL string) (listener net.Listener) {
+	listener, err := net.Listen("tcp", sURL)
+	if err != nil {
+		logrus.Fatalf("cannot instanciate listener: %v", err)
+	}
+
+	if viper.GetInt("hyperclair.port") == 0 {
+		port := strings.Split(listener.Addr().String(), ":")[1]
+		logrus.Debugf("Update local server port from %q to %q", "0", port)
+		viper.Set("hyperclair.port", port)
+	}
+
+	return
 }

-func init() {
+func restrictedFileServer(path string) http.Handler {
+	if _, err := os.Stat(path); os.IsNotExist(err) {
+		os.Mkdir(path, 0777)
+	}

-	router = mux.NewRouter()
-	router.PathPrefix("/v2").Path("/{repository}/{name}/blobs/{digest}").HandlerFunc(reverseRegistryHandler())
-	http.Handle("/", router)
+	fc := func(w http.ResponseWriter, r *http.Request) {
+		http.FileServer(http.Dir(path)).ServeHTTP(w, r)
+	}
+	return http.HandlerFunc(fc)
+}
+
+func newSingleHostReverseProxy() *httputil.ReverseProxy {
+	director := func(request *http.Request) {
+
+		var validID = regexp.MustCompile(`.*/blobs/(.*)$`)
+		u := request.URL.Path
+		logrus.Debugf("request url: %v", u)
+		if !validID.MatchString(u) {
+			logrus.Errorf("cannot parse url: %v", u)
+		}
+
+		host, _ := docker.GetRegistryMapping(validID.FindStringSubmatch(u)[1])
+		out, _ := url.Parse(host)
+		request.URL.Scheme = out.Scheme
+		request.URL.Host = out.Host
+		client := httpclient.Get()
+		req, _ := http.NewRequest("HEAD", request.URL.String(), nil)
+		resp, err := client.Do(req)
+		if err != nil {
+			logrus.Errorf("response error: %v", err)
+			return
+		}
+
+		if resp.StatusCode == http.StatusUnauthorized {
+			logrus.Info("pull from clair is unauthorized")
+			docker.AuthenticateResponse(resp, request)
+		}
+
+		r, _ := http.NewRequest("GET", request.URL.String(), nil)
+		r.Header.Set("Authorization", request.Header.Get("Authorization"))
+		r.Header.Set("Accept-Encoding", request.Header.Get("Accept-Encoding"))
+		*request = *r
+	}
+	return &httputil.ReverseProxy{
+		Director: director,
+	}
 }