mirror of
https://github.com/goharbor/harbor.git
synced 2024-11-27 04:35:16 +01:00
Merge pull request #2972 from reasonerjt/master
Fix perf issue and connection leak in Clair.
This commit is contained in:
commit
6bd622196e
@ -62,7 +62,6 @@ func UpdateScanOverview(digest, layerName string, l ...*log.Logger) error {
|
|||||||
vulnMap := make(map[models.Severity]int)
|
vulnMap := make(map[models.Severity]int)
|
||||||
features := res.Layer.Features
|
features := res.Layer.Features
|
||||||
totalComponents := len(features)
|
totalComponents := len(features)
|
||||||
logger.Infof("total features: %d", totalComponents)
|
|
||||||
var temp models.Severity
|
var temp models.Severity
|
||||||
for _, f := range features {
|
for _, f := range features {
|
||||||
sev := models.SevNone
|
sev := models.SevNone
|
||||||
@ -72,7 +71,6 @@ func UpdateScanOverview(digest, layerName string, l ...*log.Logger) error {
|
|||||||
sev = temp
|
sev = temp
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
logger.Infof("Feature: %s, Severity: %d", f.Name, sev)
|
|
||||||
vulnMap[sev]++
|
vulnMap[sev]++
|
||||||
}
|
}
|
||||||
overallSev := models.SevNone
|
overallSev := models.SevNone
|
||||||
|
@ -22,6 +22,7 @@ import (
|
|||||||
"github.com/vmware/harbor/src/jobservice/config"
|
"github.com/vmware/harbor/src/jobservice/config"
|
||||||
"github.com/vmware/harbor/src/jobservice/utils"
|
"github.com/vmware/harbor/src/jobservice/utils"
|
||||||
|
|
||||||
|
"crypto/sha256"
|
||||||
"fmt"
|
"fmt"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -60,6 +61,7 @@ func (iz *Initializer) Enter() (string, error) {
|
|||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
logger.Infof("Image: %s:%s, digest: %s", iz.Context.Repository, iz.Context.Tag, iz.Context.Digest)
|
||||||
iz.Context.token = tk
|
iz.Context.token = tk
|
||||||
iz.Context.clairClient = clair.NewClient(config.ClairEndpoint(), logger)
|
iz.Context.clairClient = clair.NewClient(config.ClairEndpoint(), logger)
|
||||||
iz.prepareLayers(regURL, manifest.References())
|
iz.prepareLayers(regURL, manifest.References())
|
||||||
@ -67,14 +69,16 @@ func (iz *Initializer) Enter() (string, error) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (iz *Initializer) prepareLayers(registryEndpoint string, descriptors []distribution.Descriptor) {
|
func (iz *Initializer) prepareLayers(registryEndpoint string, descriptors []distribution.Descriptor) {
|
||||||
// logger := iz.Context.Logger
|
tokenHeader := map[string]string{"Connection": "close", "Authorization": fmt.Sprintf("Bearer %s", iz.Context.token)}
|
||||||
tokenHeader := map[string]string{"Authorization": fmt.Sprintf("Bearer %s", iz.Context.token)}
|
// form the chain by using the digests of all parent layers in the image, such that if another image is built on top of this image the layer name can be re-used.
|
||||||
|
shaChain := ""
|
||||||
for _, d := range descriptors {
|
for _, d := range descriptors {
|
||||||
if d.MediaType == schema2.MediaTypeConfig {
|
if d.MediaType == schema2.MediaTypeConfig {
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
|
shaChain += string(d.Digest) + "-"
|
||||||
l := models.ClairLayer{
|
l := models.ClairLayer{
|
||||||
Name: fmt.Sprintf("%d-%s", iz.Context.JobID, d.Digest),
|
Name: fmt.Sprintf("%x", sha256.Sum256([]byte(shaChain))),
|
||||||
Headers: tokenHeader,
|
Headers: tokenHeader,
|
||||||
Format: "Docker",
|
Format: "Docker",
|
||||||
Path: utils.BuildBlobURL(registryEndpoint, iz.Context.Repository, string(d.Digest)),
|
Path: utils.BuildBlobURL(registryEndpoint, iz.Context.Repository, string(d.Digest)),
|
||||||
@ -100,7 +104,7 @@ type LayerScanHandler struct {
|
|||||||
func (ls *LayerScanHandler) Enter() (string, error) {
|
func (ls *LayerScanHandler) Enter() (string, error) {
|
||||||
logger := ls.Context.Logger
|
logger := ls.Context.Logger
|
||||||
currentLayer := ls.Context.layers[ls.Context.current]
|
currentLayer := ls.Context.layers[ls.Context.current]
|
||||||
logger.Infof("Entered scan layer handler, current: %d, layer name: %s", ls.Context.current, currentLayer.Name)
|
logger.Infof("Entered scan layer handler, current: %d, layer name: %s, layer path: %s", ls.Context.current, currentLayer.Name, currentLayer.Path)
|
||||||
err := ls.Context.clairClient.ScanLayer(currentLayer)
|
err := ls.Context.clairClient.ScanLayer(currentLayer)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
logger.Errorf("Unexpected error: %v", err)
|
logger.Errorf("Unexpected error: %v", err)
|
||||||
|
Loading…
Reference in New Issue
Block a user