2020-06-26 14:09:10 -05:00
|
|
|
package search
|
|
|
|
|
2022-07-15 06:10:51 -05:00
|
|
|
// This file will not be regenerated automatically.
|
|
|
|
//
|
|
|
|
// It serves as dependency injection for your app, add any dependencies you require here.
|
2020-06-26 14:09:10 -05:00
|
|
|
|
|
|
|
import (
|
2022-07-12 07:58:04 -05:00
|
|
|
"sort"
|
2021-01-25 13:04:03 -05:00
|
|
|
"strconv"
|
2022-07-12 07:58:04 -05:00
|
|
|
"strings"
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-01-25 13:04:03 -05:00
|
|
|
godigest "github.com/opencontainers/go-digest"
|
2022-03-21 12:37:23 -05:00
|
|
|
"zotregistry.io/zot/pkg/log" // nolint: gci
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-12-03 22:50:58 -05:00
|
|
|
"zotregistry.io/zot/pkg/extensions/search/common"
|
|
|
|
cveinfo "zotregistry.io/zot/pkg/extensions/search/cve"
|
|
|
|
digestinfo "zotregistry.io/zot/pkg/extensions/search/digest"
|
2022-07-15 06:10:51 -05:00
|
|
|
"zotregistry.io/zot/pkg/extensions/search/gql_generated"
|
2021-12-03 22:50:58 -05:00
|
|
|
"zotregistry.io/zot/pkg/storage"
|
2020-06-26 14:09:10 -05:00
|
|
|
) // THIS CODE IS A STARTING POINT ONLY. IT WILL NOT BE UPDATED WITH SCHEMA CHANGES.
|
|
|
|
|
|
|
|
// Resolver ...
|
|
|
|
type Resolver struct {
|
2021-04-05 19:40:33 -05:00
|
|
|
cveInfo *cveinfo.CveInfo
|
|
|
|
storeController storage.StoreController
|
2021-05-26 12:22:31 -05:00
|
|
|
digestInfo *digestinfo.DigestInfo
|
2021-01-25 13:04:03 -05:00
|
|
|
log log.Logger
|
2020-06-26 14:09:10 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
type cveDetail struct {
|
|
|
|
Title string
|
|
|
|
Description string
|
|
|
|
Severity string
|
2022-07-15 06:10:51 -05:00
|
|
|
PackageList []*gql_generated.PackageInfo
|
2020-06-26 14:09:10 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
// GetResolverConfig ...
|
2022-07-15 06:10:51 -05:00
|
|
|
func GetResolverConfig(log log.Logger, storeController storage.StoreController, enableCVE bool) gql_generated.Config {
|
2021-01-25 13:04:03 -05:00
|
|
|
var cveInfo *cveinfo.CveInfo
|
|
|
|
|
|
|
|
var err error
|
|
|
|
|
|
|
|
if enableCVE {
|
|
|
|
cveInfo, err = cveinfo.GetCVEInfo(storeController, log)
|
|
|
|
if err != nil {
|
|
|
|
panic(err)
|
|
|
|
}
|
2020-06-26 14:09:10 -05:00
|
|
|
}
|
|
|
|
|
2021-09-30 08:27:13 -05:00
|
|
|
digestInfo := digestinfo.NewDigestInfo(storeController, log)
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-01-25 13:04:03 -05:00
|
|
|
resConfig := &Resolver{cveInfo: cveInfo, storeController: storeController, digestInfo: digestInfo, log: log}
|
|
|
|
|
2022-07-15 06:10:51 -05:00
|
|
|
return gql_generated.Config{
|
|
|
|
Resolvers: resConfig, Directives: gql_generated.DirectiveRoot{},
|
|
|
|
Complexity: gql_generated.ComplexityRoot{},
|
2020-06-26 14:09:10 -05:00
|
|
|
}
|
2021-04-05 19:40:33 -05:00
|
|
|
}
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
func (r *queryResolver) getImageListForCVE(repoList []string, cvid string, imgStore storage.ImageStore,
|
2022-03-21 12:37:23 -05:00
|
|
|
trivyCtx *cveinfo.TrivyCtx,
|
2022-07-15 06:10:51 -05:00
|
|
|
) ([]*gql_generated.ImgResultForCve, error) {
|
|
|
|
cveResult := []*gql_generated.ImgResultForCve{}
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-04-05 19:40:33 -05:00
|
|
|
for _, repo := range repoList {
|
2021-01-25 13:04:03 -05:00
|
|
|
r.log.Info().Str("repo", repo).Msg("extracting list of tags available in image repo")
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-04-05 19:40:33 -05:00
|
|
|
name := repo
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-12-13 14:23:31 -05:00
|
|
|
tags, err := r.cveInfo.GetImageListForCVE(repo, cvid, imgStore, trivyCtx)
|
2021-04-05 19:40:33 -05:00
|
|
|
if err != nil {
|
2021-01-25 13:04:03 -05:00
|
|
|
r.log.Error().Err(err).Msg("error getting tag")
|
2020-06-26 14:09:10 -05:00
|
|
|
|
2021-04-05 19:40:33 -05:00
|
|
|
return cveResult, err
|
2020-06-26 14:09:10 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if len(tags) != 0 {
|
2022-07-15 06:10:51 -05:00
|
|
|
cveResult = append(cveResult, &gql_generated.ImgResultForCve{Name: &name, Tags: tags})
|
2020-06-26 14:09:10 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return cveResult, nil
|
|
|
|
}
|
2020-08-19 01:53:04 -05:00
|
|
|
|
2021-09-30 08:27:13 -05:00
|
|
|
func (r *queryResolver) getImageListForDigest(repoList []string,
|
2022-03-21 12:37:23 -05:00
|
|
|
digest string,
|
2022-07-15 06:10:51 -05:00
|
|
|
) ([]*gql_generated.ImgResultForDigest, error) {
|
|
|
|
imgResultForDigest := []*gql_generated.ImgResultForDigest{}
|
2021-05-26 12:22:31 -05:00
|
|
|
|
|
|
|
var errResult error
|
|
|
|
|
|
|
|
for _, repo := range repoList {
|
2021-01-25 13:04:03 -05:00
|
|
|
r.log.Info().Str("repo", repo).Msg("filtering list of tags in image repo by digest")
|
2021-05-26 12:22:31 -05:00
|
|
|
|
2021-09-30 08:27:13 -05:00
|
|
|
tags, err := r.digestInfo.GetImageTagsByDigest(repo, digest)
|
2021-05-26 12:22:31 -05:00
|
|
|
if err != nil {
|
2021-01-25 13:04:03 -05:00
|
|
|
r.log.Error().Err(err).Msg("unable to get filtered list of image tags")
|
|
|
|
|
2021-05-26 12:22:31 -05:00
|
|
|
errResult = err
|
|
|
|
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(tags) != 0 {
|
|
|
|
name := repo
|
|
|
|
|
2022-07-15 06:10:51 -05:00
|
|
|
imgResultForDigest = append(imgResultForDigest, &gql_generated.ImgResultForDigest{Name: &name, Tags: tags})
|
2021-05-26 12:22:31 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return imgResultForDigest, errResult
|
|
|
|
}
|
|
|
|
|
2022-07-15 06:10:51 -05:00
|
|
|
func (r *queryResolver) getImageListWithLatestTag(store storage.ImageStore) ([]*gql_generated.ImageInfo, error) {
|
|
|
|
results := make([]*gql_generated.ImageInfo, 0)
|
2021-01-25 13:04:03 -05:00
|
|
|
|
|
|
|
repoList, err := store.GetRepositories()
|
|
|
|
if err != nil {
|
|
|
|
r.log.Error().Err(err).Msg("extension api: error extracting repositories list")
|
|
|
|
|
|
|
|
return results, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(repoList) == 0 {
|
|
|
|
r.log.Info().Msg("no repositories found")
|
|
|
|
}
|
|
|
|
|
2022-07-12 07:58:04 -05:00
|
|
|
layoutUtils := common.NewBaseOciLayoutUtils(r.storeController, r.log)
|
2021-01-25 13:04:03 -05:00
|
|
|
|
|
|
|
for _, repo := range repoList {
|
2021-09-30 08:27:13 -05:00
|
|
|
tagsInfo, err := layoutUtils.GetImageTagsWithTimestamp(repo)
|
2021-01-25 13:04:03 -05:00
|
|
|
if err != nil {
|
|
|
|
r.log.Error().Err(err).Msg("extension api: error getting tag timestamp info")
|
|
|
|
|
|
|
|
return results, err
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(tagsInfo) == 0 {
|
|
|
|
r.log.Info().Str("no tagsinfo found for repo", repo).Msg(" continuing traversing")
|
|
|
|
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
latestTag := common.GetLatestTag(tagsInfo)
|
|
|
|
|
|
|
|
digest := godigest.Digest(latestTag.Digest)
|
|
|
|
|
2021-09-30 08:27:13 -05:00
|
|
|
manifest, err := layoutUtils.GetImageBlobManifest(repo, digest)
|
2021-01-25 13:04:03 -05:00
|
|
|
if err != nil {
|
|
|
|
r.log.Error().Err(err).Msg("extension api: error reading manifest")
|
|
|
|
|
|
|
|
return results, err
|
|
|
|
}
|
|
|
|
|
|
|
|
size := strconv.FormatInt(manifest.Config.Size, 10)
|
|
|
|
|
|
|
|
name := repo
|
|
|
|
|
2021-09-30 08:27:13 -05:00
|
|
|
imageConfig, err := layoutUtils.GetImageInfo(repo, manifest.Config.Digest)
|
2021-01-25 13:04:03 -05:00
|
|
|
if err != nil {
|
|
|
|
r.log.Error().Err(err).Msg("extension api: error reading image config")
|
|
|
|
|
|
|
|
return results, err
|
|
|
|
}
|
|
|
|
|
|
|
|
labels := imageConfig.Config.Labels
|
|
|
|
|
|
|
|
// Read Description
|
|
|
|
|
|
|
|
desc := common.GetDescription(labels)
|
|
|
|
|
|
|
|
// Read licenses
|
|
|
|
license := common.GetLicense(labels)
|
|
|
|
|
|
|
|
// Read vendor
|
|
|
|
vendor := common.GetVendor(labels)
|
|
|
|
|
|
|
|
// Read categories
|
|
|
|
categories := common.GetCategories(labels)
|
|
|
|
|
2022-07-15 06:10:51 -05:00
|
|
|
results = append(results, &gql_generated.ImageInfo{
|
2021-01-25 13:04:03 -05:00
|
|
|
Name: &name, Latest: &latestTag.Name,
|
|
|
|
Description: &desc, Licenses: &license, Vendor: &vendor,
|
|
|
|
Labels: &categories, Size: &size, LastUpdated: &latestTag.Timestamp,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
return results, nil
|
|
|
|
}
|
|
|
|
|
2022-07-12 07:58:04 -05:00
|
|
|
func cleanQuerry(query string) string {
|
|
|
|
query = strings.ToLower(query)
|
|
|
|
query = strings.Replace(query, ":", " ", 1)
|
|
|
|
|
|
|
|
return query
|
|
|
|
}
|
|
|
|
|
|
|
|
func globalSearch(repoList []string, name, tag string, olu common.OciLayoutUtils, log log.Logger) (
|
|
|
|
[]*gql_generated.RepoSummary, []*gql_generated.ImageSummary, []*gql_generated.LayerSummary,
|
|
|
|
) {
|
|
|
|
repos := []*gql_generated.RepoSummary{}
|
|
|
|
images := []*gql_generated.ImageSummary{}
|
|
|
|
layers := []*gql_generated.LayerSummary{}
|
|
|
|
|
|
|
|
for _, repo := range repoList {
|
|
|
|
repo := repo
|
|
|
|
|
|
|
|
// map used for dedube if 2 images reference the same blob
|
|
|
|
repoLayerBlob2Size := make(map[string]int64, 10)
|
|
|
|
|
|
|
|
// made up of all manifests, configs and image layers
|
|
|
|
repoSize := int64(0)
|
|
|
|
|
|
|
|
lastUpdate, err := olu.GetRepoLastUpdated(repo)
|
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msgf("can't find latest update timestamp for repo: %s", repo)
|
|
|
|
}
|
|
|
|
|
|
|
|
tagsInfo, err := olu.GetImageTagsWithTimestamp(repo)
|
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msgf("can't get tags info for repo: %s", repo)
|
|
|
|
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
repoInfo, err := olu.GetExpandedRepoInfo(repo)
|
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msgf("can't get repo info for repo: %s", repo)
|
|
|
|
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
repoPlatforms := make([]*gql_generated.OsArch, 0, len(tagsInfo))
|
|
|
|
repoVendors := make([]*string, 0, len(repoInfo.Manifests))
|
|
|
|
|
|
|
|
for i, manifest := range repoInfo.Manifests {
|
|
|
|
imageLayersSize := int64(0)
|
|
|
|
manifestSize := olu.GetImageManifestSize(repo, godigest.Digest(tagsInfo[i].Digest))
|
|
|
|
configSize := olu.GetImageConfigSize(repo, godigest.Digest(tagsInfo[i].Digest))
|
|
|
|
|
|
|
|
for _, layer := range manifest.Layers {
|
|
|
|
layer := layer
|
|
|
|
|
|
|
|
layerSize, err := strconv.ParseInt(layer.Size, 10, 64)
|
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msg("invalid layer size")
|
|
|
|
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
repoLayerBlob2Size[layer.Digest] = layerSize
|
|
|
|
imageLayersSize += layerSize
|
|
|
|
|
|
|
|
// if we have a tag we won't match a layer
|
|
|
|
if tag != "" {
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
|
|
|
|
if index := strings.Index(layer.Digest, name); index != -1 {
|
|
|
|
layers = append(layers, &gql_generated.LayerSummary{
|
|
|
|
Digest: &layer.Digest,
|
|
|
|
Size: &layer.Size,
|
|
|
|
Score: &index,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
imageSize := imageLayersSize + manifestSize + configSize
|
|
|
|
repoSize += manifestSize + configSize
|
|
|
|
|
|
|
|
index := strings.Index(repo, name)
|
|
|
|
matchesTag := strings.HasPrefix(manifest.Tag, tag)
|
|
|
|
|
|
|
|
if index != -1 {
|
|
|
|
tag := manifest.Tag
|
|
|
|
size := strconv.Itoa(int(imageSize))
|
|
|
|
vendor := olu.GetImageVendor(repo, godigest.Digest(tagsInfo[i].Digest))
|
|
|
|
lastUpdated := olu.GetImageLastUpdated(repo, godigest.Digest(tagsInfo[i].Digest))
|
|
|
|
|
|
|
|
isSigned := manifest.IsSigned
|
|
|
|
// update matching score
|
|
|
|
score := calculateImageMatchingScore(repo, index, matchesTag)
|
|
|
|
|
|
|
|
os, arch := olu.GetImagePlatform(repo, godigest.Digest(tagsInfo[i].Digest))
|
|
|
|
osArch := &gql_generated.OsArch{
|
|
|
|
Os: &os,
|
|
|
|
Arch: &arch,
|
|
|
|
}
|
|
|
|
|
|
|
|
repoPlatforms = append(repoPlatforms, osArch)
|
|
|
|
repoVendors = append(repoVendors, &vendor)
|
|
|
|
|
|
|
|
images = append(images, &gql_generated.ImageSummary{
|
|
|
|
RepoName: &repo,
|
|
|
|
Tag: &tag,
|
|
|
|
LastUpdated: &lastUpdated,
|
|
|
|
IsSigned: &isSigned,
|
|
|
|
Size: &size,
|
|
|
|
Platform: osArch,
|
|
|
|
Vendor: &vendor,
|
|
|
|
Score: &score,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
for layerBlob := range repoLayerBlob2Size {
|
|
|
|
repoSize += repoLayerBlob2Size[layerBlob]
|
|
|
|
}
|
|
|
|
|
|
|
|
if index := strings.Index(repo, name); index != -1 {
|
|
|
|
repoSize := strconv.FormatInt(repoSize, 10)
|
|
|
|
|
|
|
|
repos = append(repos, &gql_generated.RepoSummary{
|
|
|
|
Name: &repo,
|
|
|
|
LastUpdated: &lastUpdate,
|
|
|
|
Size: &repoSize,
|
|
|
|
Platforms: repoPlatforms,
|
|
|
|
Vendors: repoVendors,
|
|
|
|
Score: &index,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
sort.Slice(repos, func(i, j int) bool {
|
|
|
|
return *repos[i].Score < *repos[j].Score
|
|
|
|
})
|
|
|
|
|
|
|
|
sort.Slice(images, func(i, j int) bool {
|
|
|
|
return *images[i].Score < *images[j].Score
|
|
|
|
})
|
|
|
|
|
|
|
|
sort.Slice(layers, func(i, j int) bool {
|
|
|
|
return *layers[i].Score < *layers[j].Score
|
|
|
|
})
|
|
|
|
|
|
|
|
return repos, images, layers
|
|
|
|
}
|
|
|
|
|
|
|
|
// calcalculateImageMatchingScore iterated from the index of the matched string in the
|
|
|
|
// artifact name until the beginning of the string or until delimitator "/".
|
|
|
|
// The distance represents the score of the match.
|
|
|
|
//
|
|
|
|
// Example:
|
|
|
|
// query: image
|
|
|
|
// repos: repo/test/myimage
|
|
|
|
// Score will be 2.
|
|
|
|
func calculateImageMatchingScore(artefactName string, index int, matchesTag bool) int {
|
|
|
|
score := 0
|
|
|
|
|
|
|
|
for index >= 1 {
|
|
|
|
if artefactName[index-1] == '/' {
|
|
|
|
break
|
|
|
|
}
|
|
|
|
index--
|
|
|
|
score++
|
|
|
|
}
|
|
|
|
|
|
|
|
if !matchesTag {
|
|
|
|
score += 10
|
|
|
|
}
|
|
|
|
|
|
|
|
return score
|
|
|
|
}
|
|
|
|
|
2022-07-15 06:10:51 -05:00
|
|
|
func getGraphqlCompatibleTags(fixedTags []common.TagInfo) []*gql_generated.TagInfo {
|
|
|
|
finalTagList := make([]*gql_generated.TagInfo, 0)
|
2020-08-19 01:53:04 -05:00
|
|
|
|
2020-09-04 15:16:15 -05:00
|
|
|
for _, tag := range fixedTags {
|
2021-01-25 13:04:03 -05:00
|
|
|
fixTag := tag
|
2020-08-19 01:53:04 -05:00
|
|
|
|
2021-01-25 13:04:03 -05:00
|
|
|
finalTagList = append(finalTagList,
|
2022-07-15 06:10:51 -05:00
|
|
|
&gql_generated.TagInfo{Name: &fixTag.Name, Digest: &fixTag.Digest, Timestamp: &fixTag.Timestamp})
|
2020-09-04 15:16:15 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
return finalTagList
|
2020-08-19 01:53:04 -05:00
|
|
|
}
|