2023-03-28 12:20:09 -05:00
|
|
|
package meta
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
import (
|
|
|
|
godigest "github.com/opencontainers/go-digest"
|
|
|
|
|
|
|
|
"zotregistry.io/zot/pkg/log"
|
2023-03-28 12:20:09 -05:00
|
|
|
"zotregistry.io/zot/pkg/meta/common"
|
2023-07-18 12:27:26 -05:00
|
|
|
mTypes "zotregistry.io/zot/pkg/meta/types"
|
2023-01-09 15:37:44 -05:00
|
|
|
"zotregistry.io/zot/pkg/storage"
|
|
|
|
)
|
|
|
|
|
2023-07-18 12:27:26 -05:00
|
|
|
// OnUpdateManifest is called when a new manifest is added. It updates metadb according to the type
|
2023-01-09 15:37:44 -05:00
|
|
|
// of image pushed(normal images, signatues, etc.). In care of any errors, it makes sure to keep
|
2023-07-18 12:27:26 -05:00
|
|
|
// consistency between metadb and the image store.
|
2023-03-10 13:37:29 -05:00
|
|
|
func OnUpdateManifest(repo, reference, mediaType string, digest godigest.Digest, body []byte,
|
2023-07-18 12:27:26 -05:00
|
|
|
storeController storage.StoreController, metaDB mTypes.MetaDB, log log.Logger,
|
2023-01-09 15:37:44 -05:00
|
|
|
) error {
|
2023-03-10 13:37:29 -05:00
|
|
|
imgStore := storeController.GetImageStore(repo)
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
// check if image is a signature
|
2023-05-15 04:02:23 -05:00
|
|
|
isSignature, signatureType, signedManifestDigest, err := storage.CheckIsImageSignature(repo, body, reference)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msg("can't check if image is a signature or not")
|
|
|
|
|
2023-03-10 13:37:29 -05:00
|
|
|
if err := imgStore.DeleteImageManifest(repo, reference, false); err != nil {
|
2023-04-27 21:44:22 -05:00
|
|
|
log.Error().Err(err).Str("manifest", reference).Str("repository", repo).Msg("couldn't remove image manifest in repo")
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
metadataSuccessfullySet := true
|
|
|
|
|
|
|
|
if isSignature {
|
2023-07-18 12:27:26 -05:00
|
|
|
layersInfo, errGetLayers := GetSignatureLayersInfo(repo, reference, digest.String(), signatureType, body,
|
2023-05-24 11:46:16 -05:00
|
|
|
imgStore, log)
|
|
|
|
if errGetLayers != nil {
|
2023-01-09 15:37:44 -05:00
|
|
|
metadataSuccessfullySet = false
|
2023-05-24 11:46:16 -05:00
|
|
|
err = errGetLayers
|
|
|
|
} else {
|
2023-07-18 12:27:26 -05:00
|
|
|
err = metaDB.AddManifestSignature(repo, signedManifestDigest, mTypes.SignatureMetadata{
|
2023-05-24 11:46:16 -05:00
|
|
|
SignatureType: signatureType,
|
|
|
|
SignatureDigest: digest.String(),
|
|
|
|
LayersInfo: layersInfo,
|
|
|
|
})
|
|
|
|
if err != nil {
|
2023-07-18 12:27:26 -05:00
|
|
|
log.Error().Err(err).Msg("metadb: error while putting repo meta")
|
2023-05-24 11:46:16 -05:00
|
|
|
metadataSuccessfullySet = false
|
|
|
|
} else {
|
2023-07-18 12:27:26 -05:00
|
|
|
err = metaDB.UpdateSignaturesValidity(repo, signedManifestDigest)
|
2023-05-24 11:46:16 -05:00
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Str("repository", repo).Str("reference", reference).Str("digest",
|
2023-07-18 12:27:26 -05:00
|
|
|
signedManifestDigest.String()).Msg("metadb: failed verify signatures validity for signed image")
|
2023-05-24 11:46:16 -05:00
|
|
|
metadataSuccessfullySet = false
|
|
|
|
}
|
|
|
|
}
|
2023-01-09 15:37:44 -05:00
|
|
|
}
|
|
|
|
} else {
|
2023-07-31 14:16:09 -05:00
|
|
|
err = SetImageMetaFromInput(repo, reference, mediaType, digest, body,
|
2023-07-18 12:27:26 -05:00
|
|
|
imgStore, metaDB, log)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
|
|
|
metadataSuccessfullySet = false
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if !metadataSuccessfullySet {
|
2023-07-31 14:16:09 -05:00
|
|
|
log.Info().Str("tag", reference).Str("repository", repo).Msg("uploading image meta was unsuccessful for tag in repo")
|
2023-01-09 15:37:44 -05:00
|
|
|
|
2023-03-10 13:37:29 -05:00
|
|
|
if err := imgStore.DeleteImageManifest(repo, reference, false); err != nil {
|
2023-04-27 21:44:22 -05:00
|
|
|
log.Error().Err(err).Str("reference", reference).Str("repository", repo).
|
|
|
|
Msg("couldn't remove image manifest in repo")
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2023-07-18 12:27:26 -05:00
|
|
|
// OnDeleteManifest is called when a manifest is deleted. It updates metadb according to the type
|
2023-01-09 15:37:44 -05:00
|
|
|
// of image pushed(normal images, signatues, etc.). In care of any errors, it makes sure to keep
|
2023-07-18 12:27:26 -05:00
|
|
|
// consistency between metadb and the image store.
|
2023-03-10 13:37:29 -05:00
|
|
|
func OnDeleteManifest(repo, reference, mediaType string, digest godigest.Digest, manifestBlob []byte,
|
2023-07-18 12:27:26 -05:00
|
|
|
storeController storage.StoreController, metaDB mTypes.MetaDB, log log.Logger,
|
2023-01-09 15:37:44 -05:00
|
|
|
) error {
|
2023-03-10 13:37:29 -05:00
|
|
|
imgStore := storeController.GetImageStore(repo)
|
2023-01-09 15:37:44 -05:00
|
|
|
|
2023-03-10 13:37:29 -05:00
|
|
|
isSignature, signatureType, signedManifestDigest, err := storage.CheckIsImageSignature(repo, manifestBlob,
|
2023-05-15 04:02:23 -05:00
|
|
|
reference)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msg("can't check if image is a signature or not")
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
manageRepoMetaSuccessfully := true
|
|
|
|
|
|
|
|
if isSignature {
|
2023-07-18 12:27:26 -05:00
|
|
|
err = metaDB.DeleteSignature(repo, signedManifestDigest, mTypes.SignatureMetadata{
|
2023-01-09 15:37:44 -05:00
|
|
|
SignatureDigest: digest.String(),
|
|
|
|
SignatureType: signatureType,
|
|
|
|
})
|
|
|
|
if err != nil {
|
2023-07-18 12:27:26 -05:00
|
|
|
log.Error().Err(err).Msg("metadb: can't check if image is a signature or not")
|
2023-01-09 15:37:44 -05:00
|
|
|
manageRepoMetaSuccessfully = false
|
|
|
|
}
|
|
|
|
} else {
|
2023-07-18 12:27:26 -05:00
|
|
|
err = metaDB.DeleteRepoTag(repo, reference)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
2023-07-18 12:27:26 -05:00
|
|
|
log.Info().Msg("metadb: restoring image store")
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
// restore image store
|
2023-05-12 11:32:01 -05:00
|
|
|
_, _, err := imgStore.PutImageManifest(repo, reference, mediaType, manifestBlob)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
2023-07-18 12:27:26 -05:00
|
|
|
log.Error().Err(err).Msg("metadb: error while restoring image store, database is not consistent")
|
2023-01-09 15:37:44 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
manageRepoMetaSuccessfully = false
|
|
|
|
}
|
2023-03-10 13:37:29 -05:00
|
|
|
|
2023-07-31 14:16:09 -05:00
|
|
|
if referredDigest, hasSubject := common.GetReferredSubject(manifestBlob); hasSubject {
|
|
|
|
err := metaDB.DeleteReferrer(repo, referredDigest, digest)
|
2023-03-10 13:37:29 -05:00
|
|
|
if err != nil {
|
2023-07-18 12:27:26 -05:00
|
|
|
log.Error().Err(err).Msg("metadb: error while deleting referrer")
|
2023-03-10 13:37:29 -05:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
2023-01-09 15:37:44 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if !manageRepoMetaSuccessfully {
|
2023-04-27 21:44:22 -05:00
|
|
|
log.Info().Str("tag", reference).Str("repository", repo).
|
2023-07-18 12:27:26 -05:00
|
|
|
Msg("metadb: deleting image meta was unsuccessful for tag in repo")
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// OnDeleteManifest is called when a manifest is downloaded. It increments the download couter on that manifest.
|
2023-05-10 12:15:33 -05:00
|
|
|
func OnGetManifest(name, reference string, body []byte,
|
2023-07-18 12:27:26 -05:00
|
|
|
storeController storage.StoreController, metaDB mTypes.MetaDB, log log.Logger,
|
2023-01-09 15:37:44 -05:00
|
|
|
) error {
|
|
|
|
// check if image is a signature
|
2023-05-15 04:02:23 -05:00
|
|
|
isSignature, _, _, err := storage.CheckIsImageSignature(name, body, reference)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
|
|
|
log.Error().Err(err).Msg("can't check if manifest is a signature or not")
|
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
if !isSignature {
|
2023-07-18 12:27:26 -05:00
|
|
|
err := metaDB.IncrementImageDownloads(name, reference)
|
2023-01-09 15:37:44 -05:00
|
|
|
if err != nil {
|
2023-04-27 21:44:22 -05:00
|
|
|
log.Error().Err(err).Str("repository", name).Str("reference", reference).
|
|
|
|
Msg("unexpected error for image")
|
2023-01-09 15:37:44 -05:00
|
|
|
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return nil
|
|
|
|
}
|