mirror of
https://github.com/project-zot/zot.git
synced 2024-12-23 22:27:35 -05:00
c0aaca8ed1
(cherry picked from commit d557da0baba819b7cd7e6b5941528776e125ac6d) build(ui): fix stacker builds (cherry picked from commit ba25daf02b4a9bc7ee1cb6f84b7a6b096ca7d61f) build(ui): various fixes - Fix metrics endpoint - Fix unit tests unit tests - Make the ui build optional in the makefile before the linter lint runs in the golangci-lint workflow - Do not attempt to include UI routes if search is enabled - Fix authorization for search endpoint fix: use zot tag in ui make target (cherry picked from commit 2a6882fa23f06b2d68c6c299773a6ff50bf90e78) Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com> Signed-off-by: Catalin Hofnar <catalin.hofnar@gmail.com> Signed-off-by: Andrei Aaron <aaaron@luxoft.com> Co-authored-by: Ramkumar Chinchani <rchincha@cisco.com>
120 lines
3.6 KiB
Go
120 lines
3.6 KiB
Go
//go:build search
|
|
// +build search
|
|
|
|
package extensions
|
|
|
|
import (
|
|
"time"
|
|
|
|
gqlHandler "github.com/99designs/gqlgen/graphql/handler"
|
|
"github.com/gorilla/mux"
|
|
distext "github.com/opencontainers/distribution-spec/specs-go/v1/extensions"
|
|
|
|
"zotregistry.io/zot/pkg/api/config"
|
|
"zotregistry.io/zot/pkg/api/constants"
|
|
"zotregistry.io/zot/pkg/extensions/search"
|
|
cveinfo "zotregistry.io/zot/pkg/extensions/search/cve"
|
|
"zotregistry.io/zot/pkg/extensions/search/gql_generated"
|
|
"zotregistry.io/zot/pkg/log"
|
|
"zotregistry.io/zot/pkg/meta/repodb"
|
|
"zotregistry.io/zot/pkg/storage"
|
|
)
|
|
|
|
type CveInfo cveinfo.CveInfo
|
|
|
|
func GetCVEInfo(config *config.Config, storeController storage.StoreController,
|
|
repoDB repodb.RepoDB, log log.Logger,
|
|
) CveInfo {
|
|
if config.Extensions.Search == nil || !*config.Extensions.Search.Enable || config.Extensions.Search.CVE == nil {
|
|
return nil
|
|
}
|
|
|
|
dbRepository := ""
|
|
|
|
if config.Extensions.Search.CVE.Trivy != nil {
|
|
dbRepository = config.Extensions.Search.CVE.Trivy.DBRepository
|
|
}
|
|
|
|
return cveinfo.NewCVEInfo(storeController, repoDB, dbRepository, log)
|
|
}
|
|
|
|
func EnableSearchExtension(config *config.Config, storeController storage.StoreController,
|
|
repoDB repodb.RepoDB, cveInfo CveInfo, log log.Logger,
|
|
) {
|
|
if config.Extensions.Search != nil && *config.Extensions.Search.Enable && config.Extensions.Search.CVE != nil {
|
|
defaultUpdateInterval, _ := time.ParseDuration("2h")
|
|
|
|
if config.Extensions.Search.CVE.UpdateInterval < defaultUpdateInterval {
|
|
config.Extensions.Search.CVE.UpdateInterval = defaultUpdateInterval
|
|
|
|
log.Warn().Msg("CVE update interval set to too-short interval < 2h, changing update duration to 2 hours and continuing.") //nolint:lll // gofumpt conflicts with lll
|
|
}
|
|
|
|
go func() {
|
|
err := downloadTrivyDB(cveInfo, log, config.Extensions.Search.CVE.UpdateInterval)
|
|
if err != nil {
|
|
log.Error().Err(err).Msg("error while downloading TrivyDB")
|
|
}
|
|
}()
|
|
} else {
|
|
log.Info().Msg("CVE config not provided, skipping CVE update")
|
|
}
|
|
}
|
|
|
|
func downloadTrivyDB(cveInfo CveInfo, log log.Logger, updateInterval time.Duration) error {
|
|
for {
|
|
log.Info().Msg("updating the CVE database")
|
|
|
|
err := cveInfo.UpdateDB()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
log.Info().Str("DB update completed, next update scheduled after", updateInterval.String()).Msg("")
|
|
|
|
time.Sleep(updateInterval)
|
|
}
|
|
}
|
|
|
|
func SetupSearchRoutes(config *config.Config, router *mux.Router, storeController storage.StoreController,
|
|
repoDB repodb.RepoDB, cveInfo CveInfo, log log.Logger,
|
|
) {
|
|
log.Info().Msg("setting up search routes")
|
|
|
|
if config.Extensions.Search != nil && *config.Extensions.Search.Enable {
|
|
resConfig := search.GetResolverConfig(log, storeController, repoDB, cveInfo)
|
|
|
|
extRouter := router.PathPrefix(constants.ExtSearchPrefix).Subrouter()
|
|
extRouter.Methods("GET", "POST", "OPTIONS").
|
|
Handler(gqlHandler.NewDefaultServer(gql_generated.NewExecutableSchema(resConfig)))
|
|
}
|
|
}
|
|
|
|
func getExtension(name, url, description string, endpoints []string) distext.Extension {
|
|
return distext.Extension{
|
|
Name: name,
|
|
URL: url,
|
|
Description: description,
|
|
Endpoints: endpoints,
|
|
}
|
|
}
|
|
|
|
func GetExtensions(config *config.Config) distext.ExtensionList {
|
|
extensionList := distext.ExtensionList{}
|
|
|
|
extensions := make([]distext.Extension, 0)
|
|
|
|
if config.Extensions != nil && config.Extensions.Search != nil {
|
|
endpoints := []string{constants.FullSearchPrefix}
|
|
searchExt := getExtension("_zot",
|
|
"https://github.com/project-zot/zot/blob/"+config.ReleaseTag+"/pkg/extensions/_zot.md",
|
|
"zot registry extensions",
|
|
endpoints)
|
|
|
|
extensions = append(extensions, searchExt)
|
|
}
|
|
|
|
extensionList.Extensions = extensions
|
|
|
|
return extensionList
|
|
}
|