From fa0cb8731c3fd9bd075b02df7d86a8d92ae34646 Mon Sep 17 00:00:00 2001
From: Tan Jiang <jiangd@vmware.com>
Date: Thu, 3 Aug 2017 20:14:28 +0800
Subject: [PATCH] Fix performance issue and connection leakage

---
 src/common/utils/clair/utils.go |  2 --
 src/jobservice/scan/handlers.go | 12 ++++++++----
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/src/common/utils/clair/utils.go b/src/common/utils/clair/utils.go
index f4f3fdfc1..5bb71d802 100644
--- a/src/common/utils/clair/utils.go
+++ b/src/common/utils/clair/utils.go
@@ -62,7 +62,6 @@ func UpdateScanOverview(digest, layerName string, l ...*log.Logger) error {
 	vulnMap := make(map[models.Severity]int)
 	features := res.Layer.Features
 	totalComponents := len(features)
-	logger.Infof("total features: %d", totalComponents)
 	var temp models.Severity
 	for _, f := range features {
 		sev := models.SevNone
@@ -72,7 +71,6 @@ func UpdateScanOverview(digest, layerName string, l ...*log.Logger) error {
 				sev = temp
 			}
 		}
-		logger.Infof("Feature: %s, Severity: %d", f.Name, sev)
 		vulnMap[sev]++
 	}
 	overallSev := models.SevNone
diff --git a/src/jobservice/scan/handlers.go b/src/jobservice/scan/handlers.go
index cee15a2b6..177752542 100644
--- a/src/jobservice/scan/handlers.go
+++ b/src/jobservice/scan/handlers.go
@@ -23,6 +23,7 @@ import (
 	"github.com/vmware/harbor/src/jobservice/config"
 	"github.com/vmware/harbor/src/jobservice/utils"
 
+	"crypto/sha256"
 	"fmt"
 	"net/http"
 )
@@ -64,6 +65,7 @@ func (iz *Initializer) Enter() (string, error) {
 	if err != nil {
 		return "", err
 	}
+	logger.Infof("Image: %s:%s, digest: %s", iz.Context.Repository, iz.Context.Tag, iz.Context.Digest)
 	iz.Context.token = tk
 	iz.Context.clairClient = clair.NewClient(config.ClairEndpoint(), logger)
 	iz.prepareLayers(regURL, manifest.References())
@@ -71,14 +73,16 @@ func (iz *Initializer) Enter() (string, error) {
 }
 
 func (iz *Initializer) prepareLayers(registryEndpoint string, descriptors []distribution.Descriptor) {
-	//	logger := iz.Context.Logger
-	tokenHeader := map[string]string{"Authorization": fmt.Sprintf("Bearer %s", iz.Context.token)}
+	tokenHeader := map[string]string{"Connection": "close", "Authorization": fmt.Sprintf("Bearer %s", iz.Context.token)}
+	// form the chain by using the digests of all parent layers in the image, such that if another image is built on top of this image the layer name can be re-used.
+	shaChain := ""
 	for _, d := range descriptors {
 		if d.MediaType == schema2.MediaTypeConfig {
 			continue
 		}
+		shaChain += string(d.Digest) + "-"
 		l := models.ClairLayer{
-			Name:    fmt.Sprintf("%d-%s", iz.Context.JobID, d.Digest),
+			Name:    fmt.Sprintf("%x", sha256.Sum256([]byte(shaChain))),
 			Headers: tokenHeader,
 			Format:  "Docker",
 			Path:    utils.BuildBlobURL(registryEndpoint, iz.Context.Repository, string(d.Digest)),
@@ -104,7 +108,7 @@ type LayerScanHandler struct {
 func (ls *LayerScanHandler) Enter() (string, error) {
 	logger := ls.Context.Logger
 	currentLayer := ls.Context.layers[ls.Context.current]
-	logger.Infof("Entered scan layer handler, current: %d, layer name: %s", ls.Context.current, currentLayer.Name)
+	logger.Infof("Entered scan layer handler, current: %d, layer name: %s, layer path: %s", ls.Context.current, currentLayer.Name, currentLayer.Path)
 	err := ls.Context.clairClient.ScanLayer(currentLayer)
 	if err != nil {
 		logger.Errorf("Unexpected error: %v", err)