2016-02-01 12:59:10 +01:00
|
|
|
/*
|
|
|
|
|
Copyright (c) 2016 VMware, Inc. All Rights Reserved.
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
2016-02-26 11:54:14 +01:00
|
|
|
|
2016-02-01 12:59:10 +01:00
|
|
|
package service
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
2016-04-22 03:18:51 +02:00
|
|
|
"net/http"
|
|
|
|
|
"os"
|
2016-03-01 11:21:56 +01:00
|
|
|
"regexp"
|
2016-04-21 18:28:59 +02:00
|
|
|
"sort"
|
2016-02-01 12:59:10 +01:00
|
|
|
"strings"
|
|
|
|
|
|
|
|
|
|
"github.com/vmware/harbor/dao"
|
|
|
|
|
"github.com/vmware/harbor/models"
|
|
|
|
|
svc_utils "github.com/vmware/harbor/service/utils"
|
2016-03-25 02:31:50 +01:00
|
|
|
"github.com/vmware/harbor/utils/log"
|
2016-04-22 03:18:51 +02:00
|
|
|
"github.com/vmware/harbor/utils/registry"
|
|
|
|
|
"github.com/vmware/harbor/utils/registry/errors"
|
2016-02-01 12:59:10 +01:00
|
|
|
|
|
|
|
|
"github.com/astaxie/beego"
|
|
|
|
|
)
|
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// NotificationHandler handles request on /service/notifications/, which listens to registry's events.
|
2016-02-01 12:59:10 +01:00
|
|
|
type NotificationHandler struct {
|
|
|
|
|
beego.Controller
|
2016-04-22 03:18:51 +02:00
|
|
|
registry *registry.Registry
|
2016-04-21 18:28:59 +02:00
|
|
|
}
|
|
|
|
|
|
2016-03-01 11:21:56 +01:00
|
|
|
const manifestPattern = `^application/vnd.docker.distribution.manifest.v\d\+json`
|
2016-02-01 12:59:10 +01:00
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// Post handles POST request, and records audit log or refreshes cache based on event.
|
2016-02-01 12:59:10 +01:00
|
|
|
func (n *NotificationHandler) Post() {
|
|
|
|
|
var notification models.Notification
|
2016-04-15 07:17:32 +02:00
|
|
|
//log.Info("Notification Handler triggered!\n")
|
2016-03-25 02:08:44 +01:00
|
|
|
// log.Infof("request body in string: %s", string(n.Ctx.Input.CopyBody()))
|
2016-02-01 12:59:10 +01:00
|
|
|
err := json.Unmarshal(n.Ctx.Input.CopyBody(1<<32), ¬ification)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
2016-03-26 17:18:11 +01:00
|
|
|
log.Errorf("error while decoding json: %v", err)
|
2016-02-01 12:59:10 +01:00
|
|
|
return
|
|
|
|
|
}
|
2016-04-22 14:26:28 +02:00
|
|
|
var username, action, repo, project, repoTag, tagURL, digest string
|
2016-03-01 11:21:56 +01:00
|
|
|
var matched bool
|
2016-04-22 03:18:51 +02:00
|
|
|
var client *http.Client
|
2016-02-01 12:59:10 +01:00
|
|
|
for _, e := range notification.Events {
|
2016-03-01 11:21:56 +01:00
|
|
|
matched, err = regexp.MatchString(manifestPattern, e.Target.MediaType)
|
|
|
|
|
if err != nil {
|
2016-03-26 17:18:11 +01:00
|
|
|
log.Errorf("Failed to match the media type against pattern, error: %v", err)
|
2016-03-01 11:21:56 +01:00
|
|
|
matched = false
|
|
|
|
|
}
|
|
|
|
|
if matched && strings.HasPrefix(e.Request.UserAgent, "docker") {
|
2016-02-01 12:59:10 +01:00
|
|
|
username = e.Actor.Name
|
|
|
|
|
action = e.Action
|
|
|
|
|
repo = e.Target.Repository
|
2016-04-22 14:26:28 +02:00
|
|
|
tagURL = e.Target.URL
|
2016-04-22 03:18:51 +02:00
|
|
|
digest = e.Target.Digest
|
2016-04-21 18:28:59 +02:00
|
|
|
|
2016-04-22 03:18:51 +02:00
|
|
|
client = registry.NewClientUsernameAuthHandlerEmbeded(username)
|
|
|
|
|
log.Debug("initializing username auth handler: %s", username)
|
|
|
|
|
endpoint := os.Getenv("REGISTRY_URL")
|
|
|
|
|
r, err1 := registry.New(endpoint, client)
|
2016-04-21 18:28:59 +02:00
|
|
|
if err1 != nil {
|
2016-04-22 03:18:51 +02:00
|
|
|
log.Fatalf("error occurred while initializing auth handler for repository API: %v", err1)
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
n.registry = r
|
|
|
|
|
|
|
|
|
|
_, _, payload, err2 := n.registry.PullManifest(repo, digest, registry.ManifestVersion1)
|
|
|
|
|
|
|
|
|
|
if err2 != nil {
|
2016-04-22 14:26:28 +02:00
|
|
|
log.Errorf("Failed to get manifests for repo, repo name: %s, tag: %s, error: %v", repo, tagURL, err2)
|
2016-04-21 18:28:59 +02:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
maniDig := models.ManifestDigest{}
|
2016-04-22 03:18:51 +02:00
|
|
|
err = json.Unmarshal(payload, &maniDig)
|
2016-04-21 18:28:59 +02:00
|
|
|
if err != nil {
|
2016-04-22 14:26:28 +02:00
|
|
|
log.Errorf("Failed to decode json from response for manifests, repo name: %s, tag: %s, error: %v", repo, tagURL, err)
|
2016-04-21 18:28:59 +02:00
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
var digestLayers []string
|
|
|
|
|
var tagLayers []string
|
|
|
|
|
for _, diglayer := range maniDig.Layers {
|
|
|
|
|
digestLayers = append(digestLayers, diglayer.Digest)
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-22 03:18:51 +02:00
|
|
|
tags, err := n.registry.ListTag(repo)
|
2016-04-21 18:28:59 +02:00
|
|
|
if err != nil {
|
2016-04-22 03:18:51 +02:00
|
|
|
e, ok := errors.ParseError(err)
|
|
|
|
|
if ok {
|
|
|
|
|
log.Info(e)
|
|
|
|
|
} else {
|
|
|
|
|
log.Error(err)
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
2016-04-21 18:28:59 +02:00
|
|
|
|
2016-04-22 03:18:51 +02:00
|
|
|
log.Infof("tags : %v ", tags)
|
|
|
|
|
|
|
|
|
|
for _, tag := range tags {
|
|
|
|
|
_, _, payload, err := n.registry.PullManifest(repo, tag, registry.ManifestVersion1)
|
|
|
|
|
if err != nil {
|
|
|
|
|
e, ok := errors.ParseError(err)
|
|
|
|
|
if ok {
|
|
|
|
|
log.Info(e)
|
|
|
|
|
} else {
|
|
|
|
|
log.Error(err)
|
2016-04-21 18:28:59 +02:00
|
|
|
}
|
2016-04-22 03:18:51 +02:00
|
|
|
continue
|
|
|
|
|
}
|
|
|
|
|
taginfo := models.Manifest{}
|
|
|
|
|
err = json.Unmarshal(payload, &taginfo)
|
|
|
|
|
if err != nil {
|
|
|
|
|
log.Errorf("Failed to decode json from response for manifests, repo name: %s, tag: %s, error: %v", repo, tag, err)
|
|
|
|
|
continue
|
2016-04-21 18:28:59 +02:00
|
|
|
}
|
2016-04-22 03:18:51 +02:00
|
|
|
for _, fslayer := range taginfo.FsLayers {
|
|
|
|
|
tagLayers = append(tagLayers, fslayer.BlobSum)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
sort.Strings(digestLayers)
|
|
|
|
|
sort.Strings(tagLayers)
|
|
|
|
|
eq := compStringArray(digestLayers, tagLayers)
|
|
|
|
|
if eq {
|
2016-04-22 14:26:28 +02:00
|
|
|
repoTag = tag
|
2016-04-22 03:18:51 +02:00
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
2016-04-21 18:28:59 +02:00
|
|
|
}
|
|
|
|
|
|
2016-02-01 12:59:10 +01:00
|
|
|
if strings.Contains(repo, "/") {
|
|
|
|
|
project = repo[0:strings.LastIndex(repo, "/")]
|
|
|
|
|
}
|
|
|
|
|
if username == "" {
|
|
|
|
|
username = "anonymous"
|
|
|
|
|
}
|
2016-04-22 14:26:28 +02:00
|
|
|
log.Debugf("repo tag is : %v ", repoTag)
|
|
|
|
|
go dao.AccessLog(username, project, repo, repoTag, action)
|
2016-02-01 12:59:10 +01:00
|
|
|
if action == "push" {
|
|
|
|
|
go func() {
|
|
|
|
|
err2 := svc_utils.RefreshCatalogCache()
|
|
|
|
|
if err2 != nil {
|
2016-03-26 17:18:11 +01:00
|
|
|
log.Errorf("Error happens when refreshing cache: %v", err2)
|
2016-02-01 12:59:10 +01:00
|
|
|
}
|
|
|
|
|
}()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-26 11:35:55 +01:00
|
|
|
// Render returns nil as it won't render any template.
|
2016-02-01 12:59:10 +01:00
|
|
|
func (n *NotificationHandler) Render() error {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
2016-04-21 18:28:59 +02:00
|
|
|
|
|
|
|
|
func compStringArray(a, b []string) bool {
|
|
|
|
|
if a == nil && b == nil {
|
|
|
|
|
return true
|
|
|
|
|
}
|
|
|
|
|
if a == nil || b == nil {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
if len(a) != len(b) {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
for i, v := range a {
|
|
|
|
|
if v != b[i] {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return true
|
|
|
|
|
}
|
