mirror of
https://github.com/project-zot/zot.git
synced 2025-01-13 22:50:38 -05:00
build: add build tags to create customizable binaries
This commit is contained in:
parent
17dce7e63b
commit
46beb30fc1
27 changed files with 213 additions and 92 deletions
14
Makefile
14
Makefile
|
@ -7,20 +7,24 @@ PATH := bin:$(PATH)
|
||||||
TMPDIR := $(shell mktemp -d)
|
TMPDIR := $(shell mktemp -d)
|
||||||
|
|
||||||
.PHONY: all
|
.PHONY: all
|
||||||
all: doc binary debug test check
|
all: doc binary binary-minimal debug test check
|
||||||
|
|
||||||
|
.PHONY: binary-minimal
|
||||||
|
binary-minimal: doc
|
||||||
|
go build -tags minimal -v -ldflags "-X github.com/anuvu/zot/pkg/api.Commit=${COMMIT}" -o bin/zot-minimal ./cmd/zot
|
||||||
|
|
||||||
.PHONY: binary
|
.PHONY: binary
|
||||||
binary: doc
|
binary: doc
|
||||||
go build -v -ldflags "-X github.com/anuvu/zot/pkg/api.Commit=${COMMIT}" -o bin/zot -tags=jsoniter ./cmd/zot
|
go build -tags extended -v -ldflags "-X github.com/anuvu/zot/pkg/api.Commit=${COMMIT}" -o bin/zot ./cmd/zot
|
||||||
|
|
||||||
.PHONY: debug
|
.PHONY: debug
|
||||||
debug: doc
|
debug: doc
|
||||||
go build -v -gcflags all='-N -l' -ldflags "-X github.com/anuvu/zot/pkg/api.Commit=${COMMIT}" -o bin/zot-debug -tags=jsoniter ./cmd/zot
|
go build -tags extended -v -gcflags all='-N -l' -ldflags "-X github.com/anuvu/zot/pkg/api.Commit=${COMMIT}" -o bin/zot-debug ./cmd/zot
|
||||||
|
|
||||||
.PHONY: test
|
.PHONY: test
|
||||||
test:
|
test:
|
||||||
$(shell mkdir -p test/data; cd test/data; ../scripts/gen_certs.sh; cd ${TOP_LEVEL}; sudo skopeo --insecure-policy copy -q docker://centos:latest oci:${TOP_LEVEL}/test/data/zot-test:0.0.1;sudo skopeo --insecure-policy copy -q docker://centos:8 oci:${TOP_LEVEL}/test/data/zot-cve-test:0.0.1)
|
$(shell mkdir -p test/data; cd test/data; ../scripts/gen_certs.sh; cd ${TOP_LEVEL}; sudo skopeo --insecure-policy copy -q docker://centos:latest oci:${TOP_LEVEL}/test/data/zot-test:0.0.1;sudo skopeo --insecure-policy copy -q docker://centos:8 oci:${TOP_LEVEL}/test/data/zot-cve-test:0.0.1)
|
||||||
go test -v -race -cover -coverpkg ./... -coverprofile=coverage.txt -covermode=atomic ./...
|
go test -tags extended -v -race -cover -coverpkg ./... -coverprofile=coverage.txt -covermode=atomic ./...
|
||||||
|
|
||||||
.PHONY: covhtml
|
.PHONY: covhtml
|
||||||
covhtml:
|
covhtml:
|
||||||
|
@ -29,7 +33,7 @@ covhtml:
|
||||||
.PHONY: check
|
.PHONY: check
|
||||||
check: .bazel/golangcilint.yaml
|
check: .bazel/golangcilint.yaml
|
||||||
golangci-lint --version || curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.26.0
|
golangci-lint --version || curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s v1.26.0
|
||||||
golangci-lint --config .bazel/golangcilint.yaml run --enable-all ./cmd/... ./pkg/...
|
golangci-lint --config .bazel/golangcilint.yaml run --enable-all --build-tags extended ./cmd/... ./pkg/...
|
||||||
|
|
||||||
docs/docs.go:
|
docs/docs.go:
|
||||||
swag -v || go install github.com/swaggo/swag/cmd/swag
|
swag -v || go install github.com/swaggo/swag/cmd/swag
|
||||||
|
|
|
@ -27,19 +27,19 @@ fmt-bazel:
|
||||||
|
|
||||||
.PHONY: update-bazel
|
.PHONY: update-bazel
|
||||||
update-bazel:
|
update-bazel:
|
||||||
${BAZEL} run //:gazelle
|
${BAZEL} run //:gazelle -- update -build_tags minimal,extended
|
||||||
|
|
||||||
.PHONY: update-mod
|
.PHONY: update-mod
|
||||||
update-mod:
|
update-mod:
|
||||||
${BAZEL} run //:gazelle -- update-repos -from_file=go.mod
|
${BAZEL} run //:gazelle -- update -from_file=go.mod
|
||||||
|
|
||||||
.PHONY: init
|
.PHONY: init
|
||||||
init: setup-base update-bazel fmt-bazel
|
init: setup-base update-bazel fmt-bazel
|
||||||
|
|
||||||
.PHONY: build
|
.PHONY: build
|
||||||
build:
|
build:
|
||||||
${BAZEL} build ${BAZELOPTS} //...
|
${BAZEL} build --define gotags=extended ${BAZELOPTS} //...
|
||||||
${BAZEL} test ${BAZELOPTS} //...
|
${BAZEL} test --define gotags=extended ${BAZELOPTS} //...
|
||||||
|
|
||||||
.PHONY: check
|
.PHONY: check
|
||||||
check:
|
check:
|
||||||
|
|
|
@ -11,6 +11,7 @@ go_library(
|
||||||
go_binary(
|
go_binary(
|
||||||
name = "zot",
|
name = "zot",
|
||||||
embed = [":go_default_library"],
|
embed = [":go_default_library"],
|
||||||
|
gotags = ["extended"],
|
||||||
visibility = ["//visibility:public"],
|
visibility = ["//visibility:public"],
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
|
@ -16,11 +16,9 @@ go_library(
|
||||||
deps = [
|
deps = [
|
||||||
"//docs:go_default_library",
|
"//docs:go_default_library",
|
||||||
"//errors:go_default_library",
|
"//errors:go_default_library",
|
||||||
"//pkg/extensions/search:go_default_library",
|
"//pkg/extensions:go_default_library",
|
||||||
"//pkg/extensions/search/cve:go_default_library",
|
|
||||||
"//pkg/log:go_default_library",
|
"//pkg/log:go_default_library",
|
||||||
"//pkg/storage:go_default_library",
|
"//pkg/storage:go_default_library",
|
||||||
"@com_github_99designs_gqlgen//graphql/handler:go_default_library",
|
|
||||||
"@com_github_chartmuseum_auth//:go_default_library",
|
"@com_github_chartmuseum_auth//:go_default_library",
|
||||||
"@com_github_getlantern_deepcopy//:go_default_library",
|
"@com_github_getlantern_deepcopy//:go_default_library",
|
||||||
"@com_github_go_ldap_ldap_v3//:go_default_library",
|
"@com_github_go_ldap_ldap_v3//:go_default_library",
|
||||||
|
@ -42,6 +40,7 @@ go_test(
|
||||||
"//:exported_testdata",
|
"//:exported_testdata",
|
||||||
],
|
],
|
||||||
embed = [":go_default_library"],
|
embed = [":go_default_library"],
|
||||||
|
gotags = ["extended"],
|
||||||
race = "on",
|
race = "on",
|
||||||
deps = [
|
deps = [
|
||||||
"//errors:go_default_library",
|
"//errors:go_default_library",
|
||||||
|
|
|
@ -1,9 +1,8 @@
|
||||||
package api
|
package api
|
||||||
|
|
||||||
import (
|
import (
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/anuvu/zot/errors"
|
"github.com/anuvu/zot/errors"
|
||||||
|
ext "github.com/anuvu/zot/pkg/extensions"
|
||||||
"github.com/anuvu/zot/pkg/log"
|
"github.com/anuvu/zot/pkg/log"
|
||||||
"github.com/getlantern/deepcopy"
|
"github.com/getlantern/deepcopy"
|
||||||
dspec "github.com/opencontainers/distribution-spec"
|
dspec "github.com/opencontainers/distribution-spec"
|
||||||
|
@ -70,26 +69,13 @@ type LogConfig struct {
|
||||||
Output string
|
Output string
|
||||||
}
|
}
|
||||||
|
|
||||||
type ExtensionConfig struct {
|
|
||||||
Search *SearchConfig
|
|
||||||
}
|
|
||||||
|
|
||||||
type SearchConfig struct {
|
|
||||||
// CVE search
|
|
||||||
CVE *CVEConfig
|
|
||||||
}
|
|
||||||
|
|
||||||
type CVEConfig struct {
|
|
||||||
UpdateInterval time.Duration // should be 2 hours or more, if not specified default be kept as 24 hours
|
|
||||||
}
|
|
||||||
|
|
||||||
type Config struct {
|
type Config struct {
|
||||||
Version string
|
Version string
|
||||||
Commit string
|
Commit string
|
||||||
Storage StorageConfig
|
Storage StorageConfig
|
||||||
HTTP HTTPConfig
|
HTTP HTTPConfig
|
||||||
Log *LogConfig
|
Log *LogConfig
|
||||||
Extensions *ExtensionConfig
|
Extensions *ext.ExtensionConfig
|
||||||
}
|
}
|
||||||
|
|
||||||
func NewConfig() *Config {
|
func NewConfig() *Config {
|
||||||
|
|
|
@ -8,10 +8,9 @@ import (
|
||||||
"net"
|
"net"
|
||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/anuvu/zot/errors"
|
"github.com/anuvu/zot/errors"
|
||||||
cveinfo "github.com/anuvu/zot/pkg/extensions/search/cve"
|
ext "github.com/anuvu/zot/pkg/extensions"
|
||||||
"github.com/anuvu/zot/pkg/log"
|
"github.com/anuvu/zot/pkg/log"
|
||||||
"github.com/anuvu/zot/pkg/storage"
|
"github.com/anuvu/zot/pkg/storage"
|
||||||
"github.com/gorilla/handlers"
|
"github.com/gorilla/handlers"
|
||||||
|
@ -52,31 +51,8 @@ func (c *Controller) Run() error {
|
||||||
}
|
}
|
||||||
|
|
||||||
// Updating the CVE Database
|
// Updating the CVE Database
|
||||||
if c.Config != nil && c.Config.Extensions != nil && c.Config.Extensions.Search != nil &&
|
if c.Config != nil {
|
||||||
c.Config.Extensions.Search.CVE != nil {
|
ext.EnableExtension(c.Config.Extensions, c.Log, c.Config.Storage.RootDirectory)
|
||||||
defaultUpdateInterval, _ := time.ParseDuration("2h")
|
|
||||||
|
|
||||||
if c.Config.Extensions.Search.CVE.UpdateInterval < defaultUpdateInterval {
|
|
||||||
c.Config.Extensions.Search.CVE.UpdateInterval = defaultUpdateInterval
|
|
||||||
c.Log.Warn().Msg("CVE update interval set to too-short interval <= 1, changing update duration to 2 hours and continuing.") // nolint: lll
|
|
||||||
}
|
|
||||||
|
|
||||||
go func() {
|
|
||||||
for {
|
|
||||||
c.Log.Info().Msg("Updating the CVE database")
|
|
||||||
|
|
||||||
err := cveinfo.UpdateCVEDb(c.Config.Storage.RootDirectory, c.Log)
|
|
||||||
if err != nil {
|
|
||||||
panic(err)
|
|
||||||
}
|
|
||||||
|
|
||||||
c.Log.Info().Str("Db update completed, next update scheduled after", c.Config.Extensions.Search.CVE.UpdateInterval.String()).Msg("") //nolint: lll
|
|
||||||
|
|
||||||
time.Sleep(c.Config.Extensions.Search.CVE.UpdateInterval)
|
|
||||||
}
|
|
||||||
}()
|
|
||||||
} else {
|
|
||||||
c.Log.Info().Msg("Cve config not provided, skipping cve update")
|
|
||||||
}
|
}
|
||||||
|
|
||||||
c.Router = engine
|
c.Router = engine
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package api_test
|
package api_test
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -21,10 +21,9 @@ import (
|
||||||
"strconv"
|
"strconv"
|
||||||
"strings"
|
"strings"
|
||||||
|
|
||||||
gqlHandler "github.com/99designs/gqlgen/graphql/handler"
|
|
||||||
_ "github.com/anuvu/zot/docs" // as required by swaggo
|
_ "github.com/anuvu/zot/docs" // as required by swaggo
|
||||||
"github.com/anuvu/zot/errors"
|
"github.com/anuvu/zot/errors"
|
||||||
"github.com/anuvu/zot/pkg/extensions/search"
|
ext "github.com/anuvu/zot/pkg/extensions"
|
||||||
"github.com/anuvu/zot/pkg/log"
|
"github.com/anuvu/zot/pkg/log"
|
||||||
"github.com/gorilla/mux"
|
"github.com/gorilla/mux"
|
||||||
jsoniter "github.com/json-iterator/go"
|
jsoniter "github.com/json-iterator/go"
|
||||||
|
@ -52,11 +51,6 @@ func NewRouteHandler(c *Controller) *RouteHandler {
|
||||||
return rh
|
return rh
|
||||||
}
|
}
|
||||||
|
|
||||||
func (rh *RouteHandler) searchHandler() *gqlHandler.Server {
|
|
||||||
resConfig := search.GetResolverConfig(rh.c.Config.Storage.RootDirectory, rh.c.Log, rh.c.ImageStore)
|
|
||||||
return gqlHandler.NewDefaultServer(search.NewExecutableSchema(resConfig))
|
|
||||||
}
|
|
||||||
|
|
||||||
func (rh *RouteHandler) SetupRoutes() {
|
func (rh *RouteHandler) SetupRoutes() {
|
||||||
rh.c.Router.Use(AuthHandler(rh.c))
|
rh.c.Router.Use(AuthHandler(rh.c))
|
||||||
g := rh.c.Router.PathPrefix(RoutePrefix).Subrouter()
|
g := rh.c.Router.PathPrefix(RoutePrefix).Subrouter()
|
||||||
|
@ -96,7 +90,7 @@ func (rh *RouteHandler) SetupRoutes() {
|
||||||
rh.c.Router.PathPrefix("/swagger/v2/").Methods("GET").Handler(httpSwagger.WrapHandler)
|
rh.c.Router.PathPrefix("/swagger/v2/").Methods("GET").Handler(httpSwagger.WrapHandler)
|
||||||
// Zot Search Extension Router
|
// Zot Search Extension Router
|
||||||
if rh.c.Config != nil && rh.c.Config.Extensions != nil {
|
if rh.c.Config != nil && rh.c.Config.Extensions != nil {
|
||||||
rh.c.Router.PathPrefix("/query").Methods("GET", "POST").Handler(rh.searchHandler())
|
ext.SetupRoutes(rh.c.Router, rh.c.Config.Storage.RootDirectory, rh.c.ImageStore, rh.c.Log)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -3,10 +3,12 @@ load("@io_bazel_rules_go//go:def.bzl", "go_library", "go_test")
|
||||||
go_library(
|
go_library(
|
||||||
name = "go_default_library",
|
name = "go_default_library",
|
||||||
srcs = [
|
srcs = [
|
||||||
|
"cli.go",
|
||||||
"client.go",
|
"client.go",
|
||||||
"config_cmd.go",
|
"config_cmd.go",
|
||||||
"cve_cmd.go",
|
"cve_cmd.go",
|
||||||
"image_cmd.go",
|
"image_cmd.go",
|
||||||
|
"minimal.go",
|
||||||
"root.go",
|
"root.go",
|
||||||
"searcher.go",
|
"searcher.go",
|
||||||
"service.go",
|
"service.go",
|
||||||
|
@ -43,11 +45,13 @@ go_test(
|
||||||
"//:exported_testdata",
|
"//:exported_testdata",
|
||||||
],
|
],
|
||||||
embed = [":go_default_library"],
|
embed = [":go_default_library"],
|
||||||
|
gotags = ["extended"],
|
||||||
race = "on",
|
race = "on",
|
||||||
deps = [
|
deps = [
|
||||||
"//errors:go_default_library",
|
"//errors:go_default_library",
|
||||||
"//pkg/api:go_default_library",
|
"//pkg/api:go_default_library",
|
||||||
"//pkg/compliance/v1_0_0:go_default_library",
|
"//pkg/compliance/v1_0_0:go_default_library",
|
||||||
|
"//pkg/extensions:go_default_library",
|
||||||
"@com_github_opencontainers_go_digest//:go_default_library",
|
"@com_github_opencontainers_go_digest//:go_default_library",
|
||||||
"@com_github_opencontainers_image_spec//specs-go/v1:go_default_library",
|
"@com_github_opencontainers_image_spec//specs-go/v1:go_default_library",
|
||||||
"@com_github_smartystreets_goconvey//convey:go_default_library",
|
"@com_github_smartystreets_goconvey//convey:go_default_library",
|
||||||
|
|
11
pkg/cli/cli.go
Normal file
11
pkg/cli/cli.go
Normal file
|
@ -0,0 +1,11 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
|
package cli
|
||||||
|
|
||||||
|
import "github.com/spf13/cobra"
|
||||||
|
|
||||||
|
func enableCli(rootCmd *cobra.Command) {
|
||||||
|
rootCmd.AddCommand(NewConfigCommand())
|
||||||
|
rootCmd.AddCommand(NewImageCommand(NewSearchService()))
|
||||||
|
rootCmd.AddCommand(NewCveCommand(NewSearchService()))
|
||||||
|
}
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli //nolint:testpackage
|
package cli //nolint:testpackage
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli //nolint:testpackage
|
package cli //nolint:testpackage
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -15,6 +17,7 @@ import (
|
||||||
|
|
||||||
zotErrors "github.com/anuvu/zot/errors"
|
zotErrors "github.com/anuvu/zot/errors"
|
||||||
"github.com/anuvu/zot/pkg/api"
|
"github.com/anuvu/zot/pkg/api"
|
||||||
|
ext "github.com/anuvu/zot/pkg/extensions"
|
||||||
"gopkg.in/resty.v1"
|
"gopkg.in/resty.v1"
|
||||||
|
|
||||||
. "github.com/smartystreets/goconvey/convey"
|
. "github.com/smartystreets/goconvey/convey"
|
||||||
|
@ -301,13 +304,13 @@ func TestServerCVEResponse(t *testing.T) {
|
||||||
defer os.RemoveAll(dir)
|
defer os.RemoveAll(dir)
|
||||||
|
|
||||||
c.Config.Storage.RootDirectory = dir
|
c.Config.Storage.RootDirectory = dir
|
||||||
cveConfig := &api.CVEConfig{
|
cveConfig := &ext.CVEConfig{
|
||||||
UpdateInterval: 2,
|
UpdateInterval: 2,
|
||||||
}
|
}
|
||||||
searchConfig := &api.SearchConfig{
|
searchConfig := &ext.SearchConfig{
|
||||||
CVE: cveConfig,
|
CVE: cveConfig,
|
||||||
}
|
}
|
||||||
c.Config.Extensions = &api.ExtensionConfig{
|
c.Config.Extensions = &ext.ExtensionConfig{
|
||||||
Search: searchConfig,
|
Search: searchConfig,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli //nolint:testpackage
|
package cli //nolint:testpackage
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
8
pkg/cli/minimal.go
Normal file
8
pkg/cli/minimal.go
Normal file
|
@ -0,0 +1,8 @@
|
||||||
|
// +build minimal
|
||||||
|
|
||||||
|
package cli
|
||||||
|
|
||||||
|
import "github.com/spf13/cobra"
|
||||||
|
|
||||||
|
func enableCli(rootCmd *cobra.Command) {
|
||||||
|
}
|
|
@ -97,9 +97,7 @@ func NewRootCmd() *cobra.Command {
|
||||||
rootCmd.AddCommand(serveCmd)
|
rootCmd.AddCommand(serveCmd)
|
||||||
rootCmd.AddCommand(gcCmd)
|
rootCmd.AddCommand(gcCmd)
|
||||||
|
|
||||||
rootCmd.AddCommand(NewConfigCommand())
|
enableCli(rootCmd)
|
||||||
rootCmd.AddCommand(NewImageCommand(NewSearchService()))
|
|
||||||
rootCmd.AddCommand(NewCveCommand(NewSearchService()))
|
|
||||||
|
|
||||||
rootCmd.Flags().BoolVarP(&showVersion, "version", "v", false, "show the version and exit")
|
rootCmd.Flags().BoolVarP(&showVersion, "version", "v", false, "show the version and exit")
|
||||||
|
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
@ -331,6 +333,23 @@ func validateImageNameTag(input string) bool {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
type spinnerState struct {
|
||||||
|
spinner *spinner.Spinner
|
||||||
|
enabled bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func (spinner *spinnerState) startSpinner() {
|
||||||
|
if spinner.enabled {
|
||||||
|
spinner.spinner.Start()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func (spinner *spinnerState) stopSpinner() {
|
||||||
|
if spinner.enabled && spinner.spinner.Active() {
|
||||||
|
spinner.spinner.Stop()
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
type set struct {
|
type set struct {
|
||||||
m map[string]struct{}
|
m map[string]struct{}
|
||||||
}
|
}
|
||||||
|
@ -365,23 +384,6 @@ type stringResult struct {
|
||||||
Err error
|
Err error
|
||||||
}
|
}
|
||||||
|
|
||||||
type spinnerState struct {
|
|
||||||
spinner *spinner.Spinner
|
|
||||||
enabled bool
|
|
||||||
}
|
|
||||||
|
|
||||||
func (spinner *spinnerState) startSpinner() {
|
|
||||||
if spinner.enabled {
|
|
||||||
spinner.spinner.Start()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func (spinner *spinnerState) stopSpinner() {
|
|
||||||
if spinner.enabled && spinner.spinner.Active() {
|
|
||||||
spinner.spinner.Stop()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
type printHeader func(writer io.Writer)
|
type printHeader func(writer io.Writer)
|
||||||
|
|
||||||
func printImageTableHeader(writer io.Writer) {
|
func printImageTableHeader(writer io.Writer) {
|
||||||
|
|
|
@ -1,3 +1,5 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
package cli
|
package cli
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
|
20
pkg/extensions/BUILD.bazel
Normal file
20
pkg/extensions/BUILD.bazel
Normal file
|
@ -0,0 +1,20 @@
|
||||||
|
load("@io_bazel_rules_go//go:def.bzl", "go_library")
|
||||||
|
|
||||||
|
go_library(
|
||||||
|
name = "go_default_library",
|
||||||
|
srcs = [
|
||||||
|
"config.go",
|
||||||
|
"extension.go",
|
||||||
|
"minimal.go",
|
||||||
|
],
|
||||||
|
importpath = "github.com/anuvu/zot/pkg/extensions",
|
||||||
|
visibility = ["//visibility:public"],
|
||||||
|
deps = [
|
||||||
|
"//pkg/extensions/search:go_default_library",
|
||||||
|
"//pkg/extensions/search/cve:go_default_library",
|
||||||
|
"//pkg/log:go_default_library",
|
||||||
|
"//pkg/storage:go_default_library",
|
||||||
|
"@com_github_99designs_gqlgen//graphql/handler:go_default_library",
|
||||||
|
"@com_github_gorilla_mux//:go_default_library",
|
||||||
|
],
|
||||||
|
)
|
16
pkg/extensions/config.go
Normal file
16
pkg/extensions/config.go
Normal file
|
@ -0,0 +1,16 @@
|
||||||
|
package extensions
|
||||||
|
|
||||||
|
import "time"
|
||||||
|
|
||||||
|
type ExtensionConfig struct {
|
||||||
|
Search *SearchConfig
|
||||||
|
}
|
||||||
|
|
||||||
|
type SearchConfig struct {
|
||||||
|
// CVE search
|
||||||
|
CVE *CVEConfig
|
||||||
|
}
|
||||||
|
|
||||||
|
type CVEConfig struct {
|
||||||
|
UpdateInterval time.Duration // should be 2 hours or more, if not specified default be kept as 24 hours
|
||||||
|
}
|
61
pkg/extensions/extension.go
Normal file
61
pkg/extensions/extension.go
Normal file
|
@ -0,0 +1,61 @@
|
||||||
|
// +build extended
|
||||||
|
|
||||||
|
package extensions
|
||||||
|
|
||||||
|
import (
|
||||||
|
"github.com/anuvu/zot/pkg/extensions/search"
|
||||||
|
"github.com/anuvu/zot/pkg/storage"
|
||||||
|
"github.com/gorilla/mux"
|
||||||
|
|
||||||
|
"time"
|
||||||
|
|
||||||
|
gqlHandler "github.com/99designs/gqlgen/graphql/handler"
|
||||||
|
cveinfo "github.com/anuvu/zot/pkg/extensions/search/cve"
|
||||||
|
|
||||||
|
"github.com/anuvu/zot/pkg/log"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DownloadTrivyDB ...
|
||||||
|
func DownloadTrivyDB(dbDir string, log log.Logger, updateInterval time.Duration) error {
|
||||||
|
for {
|
||||||
|
log.Info().Msg("Updating the CVE database")
|
||||||
|
|
||||||
|
err := cveinfo.UpdateCVEDb(dbDir, log)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
|
||||||
|
log.Info().Str("Db update completed, next update scheduled after", updateInterval.String()).Msg("")
|
||||||
|
|
||||||
|
time.Sleep(updateInterval)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func EnableExtension(extension *ExtensionConfig, log log.Logger, rootDir string) {
|
||||||
|
if extension != nil && extension.Search != nil &&
|
||||||
|
extension.Search.CVE != nil {
|
||||||
|
defaultUpdateInterval, _ := time.ParseDuration("2h")
|
||||||
|
|
||||||
|
if extension.Search.CVE.UpdateInterval < defaultUpdateInterval {
|
||||||
|
extension.Search.CVE.UpdateInterval = defaultUpdateInterval
|
||||||
|
|
||||||
|
log.Warn().Msg("CVE update interval set to too-short interval <= 1, changing update duration to 2 hours and continuing.") // nolint: lll
|
||||||
|
}
|
||||||
|
|
||||||
|
go func() {
|
||||||
|
err := DownloadTrivyDB(rootDir, log,
|
||||||
|
extension.Search.CVE.UpdateInterval)
|
||||||
|
if err != nil {
|
||||||
|
panic(err)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
} else {
|
||||||
|
log.Info().Msg("Cve config not provided, skipping cve update")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func SetupRoutes(router *mux.Router, rootDir string, imgStore *storage.ImageStore, log log.Logger) {
|
||||||
|
resConfig := search.GetResolverConfig(rootDir, log, imgStore)
|
||||||
|
router.PathPrefix("/query").Methods("GET", "POST").
|
||||||
|
Handler(gqlHandler.NewDefaultServer(search.NewExecutableSchema(resConfig)))
|
||||||
|
}
|
23
pkg/extensions/minimal.go
Normal file
23
pkg/extensions/minimal.go
Normal file
|
@ -0,0 +1,23 @@
|
||||||
|
// +build minimal
|
||||||
|
|
||||||
|
package extensions
|
||||||
|
|
||||||
|
import (
|
||||||
|
"time"
|
||||||
|
|
||||||
|
"github.com/anuvu/zot/pkg/log"
|
||||||
|
"github.com/anuvu/zot/pkg/storage"
|
||||||
|
"github.com/gorilla/mux"
|
||||||
|
)
|
||||||
|
|
||||||
|
// DownloadTrivyDB ...
|
||||||
|
func DownloadTrivyDB(dbDir string, log log.Logger, updateInterval time.Duration) error {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func EnableExtension(extension *ExtensionConfig, log log.Logger, rootDir string) {
|
||||||
|
log.Info().Msg("given zot binary doesn't support any extensions, please build zot full binary for this feature")
|
||||||
|
}
|
||||||
|
|
||||||
|
func SetupRoutes(router *mux.Router, rootDir string, imgStore *storage.ImageStore, log log.Logger) {
|
||||||
|
}
|
|
@ -30,6 +30,7 @@ go_test(
|
||||||
embed = [":go_default_library"],
|
embed = [":go_default_library"],
|
||||||
deps = [
|
deps = [
|
||||||
"//pkg/api:go_default_library",
|
"//pkg/api:go_default_library",
|
||||||
|
"//pkg/extensions:go_default_library",
|
||||||
"//pkg/log:go_default_library",
|
"//pkg/log:go_default_library",
|
||||||
"@com_github_opencontainers_image_spec//specs-go/v1:go_default_library",
|
"@com_github_opencontainers_image_spec//specs-go/v1:go_default_library",
|
||||||
"@com_github_smartystreets_goconvey//convey:go_default_library",
|
"@com_github_smartystreets_goconvey//convey:go_default_library",
|
||||||
|
|
|
@ -13,6 +13,7 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/anuvu/zot/pkg/api"
|
"github.com/anuvu/zot/pkg/api"
|
||||||
|
ext "github.com/anuvu/zot/pkg/extensions"
|
||||||
cveinfo "github.com/anuvu/zot/pkg/extensions/search/cve"
|
cveinfo "github.com/anuvu/zot/pkg/extensions/search/cve"
|
||||||
"github.com/anuvu/zot/pkg/log"
|
"github.com/anuvu/zot/pkg/log"
|
||||||
ispec "github.com/opencontainers/image-spec/specs-go/v1"
|
ispec "github.com/opencontainers/image-spec/specs-go/v1"
|
||||||
|
@ -461,7 +462,6 @@ func TestImageTag(t *testing.T) {
|
||||||
func TestCVESearch(t *testing.T) {
|
func TestCVESearch(t *testing.T) {
|
||||||
Convey("Test image vulenrability scanning", t, func() {
|
Convey("Test image vulenrability scanning", t, func() {
|
||||||
updateDuration, _ := time.ParseDuration("1h")
|
updateDuration, _ := time.ParseDuration("1h")
|
||||||
expectedDuration, _ := time.ParseDuration("2h")
|
|
||||||
config := api.NewConfig()
|
config := api.NewConfig()
|
||||||
config.HTTP.Port = SecurePort1
|
config.HTTP.Port = SecurePort1
|
||||||
htpasswdPath := makeHtpasswdFile()
|
htpasswdPath := makeHtpasswdFile()
|
||||||
|
@ -475,13 +475,13 @@ func TestCVESearch(t *testing.T) {
|
||||||
c := api.NewController(config)
|
c := api.NewController(config)
|
||||||
defer os.RemoveAll(dbDir)
|
defer os.RemoveAll(dbDir)
|
||||||
c.Config.Storage.RootDirectory = dbDir
|
c.Config.Storage.RootDirectory = dbDir
|
||||||
cveConfig := &api.CVEConfig{
|
cveConfig := &ext.CVEConfig{
|
||||||
UpdateInterval: updateDuration,
|
UpdateInterval: updateDuration,
|
||||||
}
|
}
|
||||||
searchConfig := &api.SearchConfig{
|
searchConfig := &ext.SearchConfig{
|
||||||
CVE: cveConfig,
|
CVE: cveConfig,
|
||||||
}
|
}
|
||||||
c.Config.Extensions = &api.ExtensionConfig{
|
c.Config.Extensions = &ext.ExtensionConfig{
|
||||||
Search: searchConfig,
|
Search: searchConfig,
|
||||||
}
|
}
|
||||||
go func() {
|
go func() {
|
||||||
|
@ -508,8 +508,6 @@ func TestCVESearch(t *testing.T) {
|
||||||
_ = c.Server.Shutdown(ctx)
|
_ = c.Server.Shutdown(ctx)
|
||||||
}()
|
}()
|
||||||
|
|
||||||
So(c.Config.Extensions.Search.CVE.UpdateInterval, ShouldEqual, expectedDuration)
|
|
||||||
|
|
||||||
// without creds, should get access error
|
// without creds, should get access error
|
||||||
resp, err := resty.R().Get(BaseURL1 + "/v2/")
|
resp, err := resty.R().Get(BaseURL1 + "/v2/")
|
||||||
So(err, ShouldBeNil)
|
So(err, ShouldBeNil)
|
||||||
|
|
Loading…
Add table
Reference in a new issue