Fix performance issue and connection leakage

2025-02-23 15:21:35 +01:00 · 2017-08-03 20:14:28 +08:00 · 2017-08-03 20:14:28 +08:00 · fa0cb8731c
commit fa0cb8731c
parent af1b11df2f
2 changed files with 8 additions and 6 deletions
--- a/src/common/utils/clair/utils.go
+++ b/src/common/utils/clair/utils.go
@ -62,7 +62,6 @@ func UpdateScanOverview(digest, layerName string, l ...*log.Logger) error {
 	vulnMap := make(map[models.Severity]int)
 	features := res.Layer.Features
 	totalComponents := len(features)
-	logger.Infof("total features: %d", totalComponents)
 	var temp models.Severity
 	for _, f := range features {
 		sev := models.SevNone
@ -72,7 +71,6 @@ func UpdateScanOverview(digest, layerName string, l ...*log.Logger) error {
 				sev = temp
 			}
 		}
-		logger.Infof("Feature: %s, Severity: %d", f.Name, sev)
 		vulnMap[sev]++
 	}
 	overallSev := models.SevNone
--- a/src/jobservice/scan/handlers.go
+++ b/src/jobservice/scan/handlers.go
@ -23,6 +23,7 @@ import (
 	"github.com/vmware/harbor/src/jobservice/config"
 	"github.com/vmware/harbor/src/jobservice/utils"

+	"crypto/sha256"
 	"fmt"
 	"net/http"
 )
@ -64,6 +65,7 @@ func (iz *Initializer) Enter() (string, error) {
 	if err != nil {
 		return "", err
 	}
+	logger.Infof("Image: %s:%s, digest: %s", iz.Context.Repository, iz.Context.Tag, iz.Context.Digest)
 	iz.Context.token = tk
 	iz.Context.clairClient = clair.NewClient(config.ClairEndpoint(), logger)
 	iz.prepareLayers(regURL, manifest.References())
@ -71,14 +73,16 @@ func (iz *Initializer) Enter() (string, error) {
 }

 func (iz *Initializer) prepareLayers(registryEndpoint string, descriptors []distribution.Descriptor) {
-	//	logger := iz.Context.Logger
-	tokenHeader := map[string]string{"Authorization": fmt.Sprintf("Bearer %s", iz.Context.token)}
+	tokenHeader := map[string]string{"Connection": "close", "Authorization": fmt.Sprintf("Bearer %s", iz.Context.token)}
+	// form the chain by using the digests of all parent layers in the image, such that if another image is built on top of this image the layer name can be re-used.
+	shaChain := ""
 	for _, d := range descriptors {
 		if d.MediaType == schema2.MediaTypeConfig {
 			continue
 		}
+		shaChain += string(d.Digest) + "-"
 		l := models.ClairLayer{
-			Name:    fmt.Sprintf("%d-%s", iz.Context.JobID, d.Digest),
+			Name:    fmt.Sprintf("%x", sha256.Sum256([]byte(shaChain))),
 			Headers: tokenHeader,
 			Format:  "Docker",
 			Path:    utils.BuildBlobURL(registryEndpoint, iz.Context.Repository, string(d.Digest)),
@ -104,7 +108,7 @@ type LayerScanHandler struct {
 func (ls *LayerScanHandler) Enter() (string, error) {
 	logger := ls.Context.Logger
 	currentLayer := ls.Context.layers[ls.Context.current]
-	logger.Infof("Entered scan layer handler, current: %d, layer name: %s", ls.Context.current, currentLayer.Name)
+	logger.Infof("Entered scan layer handler, current: %d, layer name: %s, layer path: %s", ls.Context.current, currentLayer.Name, currentLayer.Path)
 	err := ls.Context.clairClient.ScanLayer(currentLayer)
 	if err != nil {
 		logger.Errorf("Unexpected error: %v", err)