Beispiel #1
0
func (f *dockerFetcher) fetchImageFrom(u *url.URL, latest bool) (string, error) {
	if !f.InsecureFlags.SkipImageCheck() {
		return "", fmt.Errorf("signature verification for docker images is not supported (try --insecure-options=image)")
	}

	if f.Debug {
		log.Printf("fetching image from %s", u.String())
	}

	aciFile, err := f.fetch(u)
	if err != nil {
		return "", err
	}
	// At this point, the ACI file is removed, but it is kept
	// alive, because we have an fd to it opened.
	defer aciFile.Close()

	key, err := f.S.WriteACI(aciFile, imagestore.ACIFetchInfo{
		Latest: latest,
	})
	if err != nil {
		return "", err
	}

	// docker images don't have signature URL
	newRem := imagestore.NewRemote(u.String(), "")
	newRem.BlobKey = key
	newRem.DownloadTime = time.Now()
	err = f.S.WriteRemote(newRem)
	if err != nil {
		return "", err
	}

	return key, nil
}
Beispiel #2
0
// Hash fetches the URL, optionally verifies it against passed asc,
// stores it in the store and returns the hash.
func (f *httpFetcher) Hash(u *url.URL, a *asc) (string, error) {
	ensureLogger(f.Debug)
	urlStr := u.String()

	if !f.NoCache && f.Rem != nil {
		if useCached(f.Rem.DownloadTime, f.Rem.CacheMaxAge) {
			if f.Debug {
				log.Printf("image for %s isn't expired, not fetching.", urlStr)
			}
			return f.Rem.BlobKey, nil
		}
	}

	if f.Debug {
		log.Printf("fetching image from %s", urlStr)
	}

	aciFile, cd, err := f.fetchURL(u, a, eTag(f.Rem))
	if err != nil {
		return "", err
	}
	defer func() { maybeClose(aciFile) }()

	if key := maybeUseCached(f.Rem, cd); key != "" {
		// TODO(krnowak): that does not update the store with
		// the new CacheMaxAge and Download Time, so it will
		// query the server every time after initial
		// CacheMaxAge is exceeded
		return key, nil
	}
	key, err := f.S.WriteACI(aciFile, imagestore.ACIFetchInfo{
		Latest:          false,
		InsecureOptions: int64(f.InsecureFlags.Value()),
	})
	if err != nil {
		return "", err
	}

	// TODO(krnowak): What's the point of the second parameter?
	// The SigURL field in imagestore.Remote seems to be completely
	// unused.
	newRem := imagestore.NewRemote(urlStr, a.Location)
	newRem.BlobKey = key
	newRem.DownloadTime = time.Now()
	if cd != nil {
		newRem.ETag = cd.ETag
		newRem.CacheMaxAge = cd.MaxAge
	}
	err = f.S.WriteRemote(newRem)
	if err != nil {
		return "", err
	}

	return key, nil
}
Beispiel #3
0
func (f *nameFetcher) fetchImageFromSingleEndpoint(app *discovery.App, aciURL string, a *asc, latest bool) (string, error) {
	if f.Debug {
		log.Printf("fetching image from %s", aciURL)
	}

	u, err := url.Parse(aciURL)
	if err != nil {
		return "", errwrap.Wrap(fmt.Errorf("failed to parse URL %q", aciURL), err)
	}
	rem, err := remoteForURL(f.S, u)
	if err != nil {
		return "", err
	}
	if !f.NoCache && rem != nil {
		if useCached(rem.DownloadTime, rem.CacheMaxAge) {
			if f.Debug {
				log.Printf("image for %s isn't expired, not fetching.", aciURL)
			}
			return rem.BlobKey, nil
		}
	}

	aciFile, cd, err := f.fetch(app, aciURL, a, eTag(rem))
	if err != nil {
		return "", err
	}
	defer func() { maybeClose(aciFile) }()

	if key := maybeUseCached(rem, cd); key != "" {
		return key, nil
	}
	key, err := f.S.WriteACI(aciFile, imagestore.ACIFetchInfo{
		Latest:          latest,
		InsecureOptions: int64(f.InsecureFlags.Value()),
	})
	if err != nil {
		return "", err
	}

	newRem := imagestore.NewRemote(aciURL, a.Location)
	newRem.BlobKey = key
	newRem.DownloadTime = time.Now()
	if cd != nil {
		newRem.ETag = cd.ETag
		newRem.CacheMaxAge = cd.MaxAge
	}
	err = f.S.WriteRemote(newRem)
	if err != nil {
		return "", err
	}

	return key, nil
}
Beispiel #4
0
// Hash opens a file, optionally verifies it against passed asc,
// stores it in the store and returns the hash.
func (f *fileFetcher) Hash(aciPath string, a *asc) (string, error) {
	ensureLogger(f.Debug)
	absPath, err := filepath.Abs(aciPath)
	if err != nil {
		return "", errwrap.Wrap(fmt.Errorf("failed to get an absolute path for %q", aciPath), err)
	}
	aciPath = absPath

	aciFile, err := f.getFile(aciPath, a)
	if err != nil {
		return "", err
	}
	defer aciFile.Close()

	key, err := f.S.WriteACI(aciFile, imagestore.ACIFetchInfo{
		Latest:          false,
		InsecureOptions: int64(f.InsecureFlags.Value()),
	})
	if err != nil {
		return "", err
	}

	ascLocation := ""
	if a != nil {
		ascLocation = "file://" + a.Location
	}

	newRem := imagestore.NewRemote("file://"+aciPath, ascLocation)
	newRem.BlobKey = key
	newRem.DownloadTime = time.Now()
	err = f.S.WriteRemote(newRem)
	if err != nil {
		return "", err
	}

	return key, nil
}