TrueCloudLab
/
distribution
12
0
Fork 3
Code Issues 2 Pull Requests Packages Projects Releases 1 Wiki Activity
distribution/registry/handlers/images.go

259 lines
7.7 KiB
Go
Raw Normal View History

Move registry package into handler package The goal is to free up the distribution/registry package to include common registry types. This moves the webapp definitions out of the way to allow for this change in the future. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 01:25:40 +00:00
package handlers
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
import (
Factor CloseNotifier use into a new function Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 01:18:50 +00:00
"bytes"
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
"encoding/json"
"fmt"
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
"net/http"
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
"strings"
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
Move layer interface definitions to distribution package After consideration, it has been decided that the interfaces defined in the storage package provide a good base for interacting with various registry instances. Whether interacting with a remote API or a local, on-disk registry, these types have proved flexible. By moving them here, they can become the central components of interacting with distribution components. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-12 00:49:49 +00:00
"github.com/docker/distribution"
Integrate contextual logging with regsitry app This changeset integrates contextual logging into the registry web application. Idiomatic context use is attempted within the current webapp layout. The functionality is centered around making lifecycle objects (application and request context) into contexts themselves. Relevant data has been moved into the context where appropriate. We still have some work to do to factor out the registry.Context object and the dispatching functionality to remove some awkward portions. The api tests were slightly refactored to use a test environment to eliminate common code. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-07 00:19:19 +00:00
ctxu "github.com/docker/distribution/context"
Move from docker-registry to distribution
2014-12-24 00:01:38 +00:00
"github.com/docker/distribution/digest"
Move manifest package to schema1 As we begin our march towards multi-arch, we must prepare for the reality of multiple manifest schemas. This is the beginning of a set of changes to facilitate this. We are both moving this package into its target position where it may live peacefully next to other manfiest versions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-21 04:24:30 +00:00
"github.com/docker/distribution/manifest/schema1"
Round 2 Make Errors a []Error Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-05-27 00:18:32 +00:00
"github.com/docker/distribution/registry/api/errcode"
Run goimports/gofmt on previous changes After all of the perl refactoring, some import orderings were left asunder. This commit corrects that. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-11 02:18:45 +00:00
"github.com/docker/distribution/registry/api/v2"
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
"github.com/gorilla/handlers"
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
"golang.org/x/net/context"
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
)
// imageManifestDispatcher takes the request context and builds the
// appropriate handler for handling image manifest requests.
func imageManifestDispatcher(ctx *Context, r *http.Request) http.Handler {
imageManifestHandler := &imageManifestHandler{
Context: ctx,
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
}
reference := getReference(ctx)
dgst, err := digest.ParseDigest(reference)
if err != nil {
// We just have a tag
imageManifestHandler.Tag = reference
} else {
imageManifestHandler.Digest = dgst
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
Add an "enabled" parameter under "readonly", and make it as if the mutable handlers don't exist when read-only mode is enabled Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-07 01:02:43 +00:00
mhandler := handlers.MethodHandler{
"GET": http.HandlerFunc(imageManifestHandler.GetImageManifest),
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
Add an "enabled" parameter under "readonly", and make it as if the mutable handlers don't exist when read-only mode is enabled Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-08-07 01:02:43 +00:00
if !ctx.readOnly {
mhandler["PUT"] = http.HandlerFunc(imageManifestHandler.PutImageManifest)
mhandler["DELETE"] = http.HandlerFunc(imageManifestHandler.DeleteImageManifest)
}
return mhandler
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
// imageManifestHandler handles http operations on image manifests.
type imageManifestHandler struct {
*Context
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
// One of tag or digest gets set, depending on what is present in context.
Tag string
Digest digest.Digest
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
// GetImageManifest fetches the image manifest from the storage backend, if it exists.
func (imh *imageManifestHandler) GetImageManifest(w http.ResponseWriter, r *http.Request) {
Integrate contextual logging with regsitry app This changeset integrates contextual logging into the registry web application. Idiomatic context use is attempted within the current webapp layout. The functionality is centered around making lifecycle objects (application and request context) into contexts themselves. Relevant data has been moved into the context where appropriate. We still have some work to do to factor out the registry.Context object and the dispatching functionality to remove some awkward portions. The api tests were slightly refactored to use a test environment to eliminate common code. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-07 00:19:19 +00:00
ctxu.GetLogger(imh).Debug("GetImageManifest")
Allow Manifest Service to be configured with function arguments Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-15 17:39:34 +00:00
manifests, err := imh.Repository.Manifests(imh)
if err != nil {
imh.Errors = append(imh.Errors, err)
return
}
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
Move manifest package to schema1 As we begin our march towards multi-arch, we must prepare for the reality of multiple manifest schemas. This is the beginning of a set of changes to facilitate this. We are both moving this package into its target position where it may live peacefully next to other manfiest versions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-21 04:24:30 +00:00
var sm *schema1.SignedManifest
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
if imh.Tag != "" {
sm, err = manifests.GetByTag(imh.Tag)
} else {
Add Etag header for manifests. Return 304 (Not Modified) if retrieved with If-None-Match header Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-18 23:56:05 +00:00
if etagMatch(r, imh.Digest.String()) {
w.WriteHeader(http.StatusNotModified)
return
}
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
sm, err = manifests.Get(imh.Digest)
}
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
if err != nil {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown.WithDetail(err))
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
return
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
// Get the digest, if we don't already have it.
if imh.Digest == "" {
dgst, err := digestManifest(imh, sm)
if err != nil {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid.WithDetail(err))
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
return
}
Add Etag header for manifests. Return 304 (Not Modified) if retrieved with If-None-Match header Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-18 23:56:05 +00:00
if etagMatch(r, dgst.String()) {
w.WriteHeader(http.StatusNotModified)
return
}
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
imh.Digest = dgst
}
Use full json content type with charset parameter
2014-12-31 04:09:45 +00:00
w.Header().Set("Content-Type", "application/json; charset=utf-8")
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
w.Header().Set("Content-Length", fmt.Sprint(len(sm.Raw)))
w.Header().Set("Docker-Content-Digest", imh.Digest.String())
Etags must be quoted according to http spec Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-24 06:03:13 +00:00
w.Header().Set("Etag", fmt.Sprintf(`"%s"`, imh.Digest))
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
w.Write(sm.Raw)
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
Add Etag header for manifests. Return 304 (Not Modified) if retrieved with If-None-Match header Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-18 23:56:05 +00:00
func etagMatch(r *http.Request, etag string) bool {
for _, headerVal := range r.Header["If-None-Match"] {
Etags must be quoted according to http spec Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-07-24 06:03:13 +00:00
if headerVal == etag || headerVal == fmt.Sprintf(`"%s"`, etag) { // allow quoted or unquoted
Add Etag header for manifests. Return 304 (Not Modified) if retrieved with If-None-Match header Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-18 23:56:05 +00:00
return true
}
}
return false
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
// PutImageManifest validates and stores and image in the registry.
func (imh *imageManifestHandler) PutImageManifest(w http.ResponseWriter, r *http.Request) {
Integrate contextual logging with regsitry app This changeset integrates contextual logging into the registry web application. Idiomatic context use is attempted within the current webapp layout. The functionality is centered around making lifecycle objects (application and request context) into contexts themselves. Relevant data has been moved into the context where appropriate. We still have some work to do to factor out the registry.Context object and the dispatching functionality to remove some awkward portions. The api tests were slightly refactored to use a test environment to eliminate common code. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-07 00:19:19 +00:00
ctxu.GetLogger(imh).Debug("PutImageManifest")
Allow Manifest Service to be configured with function arguments Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-06-15 17:39:34 +00:00
manifests, err := imh.Repository.Manifests(imh)
if err != nil {
imh.Errors = append(imh.Errors, err)
return
}
Factor CloseNotifier use into a new function Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 01:18:50 +00:00
var jsonBuf bytes.Buffer
if err := copyFullPayload(w, r, &jsonBuf, imh, "image manifest PUT", &imh.Errors); err != nil {
// copyFullPayload reports the error if necessary
Use CloseNotifier to supress spurious HTTP 400 errors on early disconnect When a client disconnects without completing a HTTP request, we were attempting to process the partial request, which usually leads to a 400 error. These errors can pollute the logs and make it more difficult to track down real bugs. This change uses CloseNotifier to detect disconnects. In combination with checking Content-Length, we can detect a disconnect before sending the full payload, and avoid logging a 400 error. This logic is only applied to PUT, POST, and PATCH endpoints, as these are the places where disconnects during a request are most likely to happen. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-27 17:00:00 +00:00
return
}
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
Move manifest package to schema1 As we begin our march towards multi-arch, we must prepare for the reality of multiple manifest schemas. This is the beginning of a set of changes to facilitate this. We are both moving this package into its target position where it may live peacefully next to other manfiest versions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-21 04:24:30 +00:00
var manifest schema1.SignedManifest
Factor CloseNotifier use into a new function Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-30 01:18:50 +00:00
if err := json.Unmarshal(jsonBuf.Bytes(), &manifest); err != nil {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeManifestInvalid.WithDetail(err))
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
return
}
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
dgst, err := digestManifest(imh, &manifest)
if err != nil {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid.WithDetail(err))
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
return
}
// Validate manifest tag or digest matches payload
if imh.Tag != "" {
if manifest.Tag != imh.Tag {
ctxu.GetLogger(imh).Errorf("invalid tag on manifest payload: %q != %q", manifest.Tag, imh.Tag)
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeTagInvalid)
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
return
}
imh.Digest = dgst
} else if imh.Digest != "" {
if dgst != imh.Digest {
ctxu.GetLogger(imh).Errorf("payload digest does match: %q != %q", dgst, imh.Digest)
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid)
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
return
}
} else {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeTagInvalid.WithDetail("no tag or digest specified"))
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
return
}
if err := manifests.Put(&manifest); err != nil {
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
// TODO(stevvooe): These error handling switches really need to be
// handled by an app global mapper.
Change some incorrect error types in proxy stores from API errors to distribution errors. Fill in missing checks for mutations on a registry pull-through cache. Add unit tests and update documentation. Also, give v2.ErrorCodeUnsupported an HTTP status code, previously it was defaulting to 500, now its 405 Method Not Allowed. Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-11 18:00:30 +00:00
if err == distribution.ErrUnsupported {
imh.Errors = append(imh.Errors, errcode.ErrorCodeUnsupported)
return
}
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
switch err := err.(type) {
Add error return to Repository method on Registry The method (Registry).Repository may now return an error. This is too allow certain implementationt to validate the name or opt to not return a repository under certain conditions. In conjunction with this change, error declarations have been moved into a single file in the distribution package. Several error declarations that had remained in the storage package have been moved into distribution, as well. The declarations for Layer and LayerUpload have also been moved into the main registry file, as a result. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-13 21:59:50 +00:00
case distribution.ErrManifestVerification:
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
for _, verificationError := range err {
switch verificationError := verificationError.(type) {
Refactor Blob Service API This PR refactors the blob service API to be oriented around blob descriptors. Identified by digests, blobs become an abstract entity that can be read and written using a descriptor as a handle. This allows blobs to take many forms, such as a ReadSeekCloser or a simple byte buffer, allowing blob oriented operations to better integrate with blob agnostic APIs (such as the `io` package). The error definitions are now better organized to reflect conditions that can only be seen when interacting with the blob API. The main benefit of this is to separate the much smaller metadata from large file storage. Many benefits also follow from this. Reading and writing has been separated into discrete services. Backend implementation is also simplified, by reducing the amount of metadata that needs to be picked up to simply serve a read. This also improves cacheability. "Opening" a blob simply consists of an access check (Stat) and a path calculation. Caching is greatly simplified and we've made the mapping of provisional to canonical hashes a first-class concept. BlobDescriptorService and BlobProvider can be combined in different ways to achieve varying effects. Recommend Review Approach ------------------------- This is a very large patch. While apologies are in order, we are getting a considerable amount of refactoring. Most changes follow from the changes to the root package (distribution), so start there. From there, the main changes are in storage. Looking at (*repository).Blobs will help to understand the how the linkedBlobStore is wired. One can explore the internals within and also branch out into understanding the changes to the caching layer. Following the descriptions below will also help to guide you. To reduce the chances for regressions, it was critical that major changes to unit tests were avoided. Where possible, they are left untouched and where not, the spirit is hopefully captured. Pay particular attention to where behavior may have changed. Storage ------- The primary changes to the `storage` package, other than the interface updates, were to merge the layerstore and blobstore. Blob access is now layered even further. The first layer, blobStore, exposes a global `BlobStatter` and `BlobProvider`. Operations here provide a fast path for most read operations that don't take access control into account. The `linkedBlobStore` layers on top of the `blobStore`, providing repository- scoped blob link management in the backend. The `linkedBlobStore` implements the full `BlobStore` suite, providing access-controlled, repository-local blob writers. The abstraction between the two is slightly broken in that `linkedBlobStore` is the only channel under which one can write into the global blob store. The `linkedBlobStore` also provides flexibility in that it can act over different link sets depending on configuration. This allows us to use the same code for signature links, manifest links and blob links. Eventually, we will fully consolidate this storage. The improved cache flow comes from the `linkedBlobStatter` component of `linkedBlobStore`. Using a `cachedBlobStatter`, these combine together to provide a simple cache hierarchy that should streamline access checks on read and write operations, or at least provide a single path to optimize. The metrics have been changed in a slightly incompatible way since the former operations, Fetch and Exists, are no longer relevant. The fileWriter and fileReader have been slightly modified to support the rest of the changes. The most interesting is the removal of the `Stat` call from `newFileReader`. This was the source of unnecessary round trips that were only present to look up the size of the resulting reader. Now, one must simply pass in the size, requiring the caller to decide whether or not the `Stat` call is appropriate. In several cases, it turned out the caller already had the size already. The `WriterAt` implementation has been removed from `fileWriter`, since it is no longer required for `BlobWriter`, reducing the number of paths which writes may take. Cache ----- Unfortunately, the `cache` package required a near full rewrite. It was pretty mechanical in that the cache is oriented around the `BlobDescriptorService` slightly modified to include the ability to set the values for individual digests. While the implementation is oriented towards caching, it can act as a primary store. Provisions are in place to have repository local metadata, in addition to global metadata. Fallback is implemented as a part of the storage package to maintain this flexibility. One unfortunate side-effect is that caching is now repository-scoped, rather than global. This should have little effect on performance but may increase memory usage. Handlers -------- The `handlers` package has been updated to leverage the new API. For the most part, the changes are superficial or mechanical based on the API changes. This did expose a bug in the handling of provisional vs canonical digests that was fixed in the unit tests. Configuration ------------- One user-facing change has been made to the configuration and is updated in the associated documentation. The `layerinfo` cache parameter has been deprecated by the `blobdescriptor` cache parameter. Both are equivalent and configuration files should be backward compatible. Notifications ------------- Changes the `notification` package are simply to support the interface changes. Context ------- A small change has been made to the tracing log-level. Traces have been moved from "info" to "debug" level to reduce output when not needed. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-05-12 07:10:29 +00:00
case distribution.ErrManifestBlobUnknown:
Correct unmarshal order for SignedManifest To ensure that we only unmarshal the verified payload into the contained manifest, we first copy the entire incoming buffer into Raw and then unmarshal only the Payload portion of the incoming bytes. If the contents is later verified, the caller can then be sure that the contents of the Manifest fields can be trusted. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-09-15 04:12:33 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeManifestBlobUnknown.WithDetail(verificationError.Digest))
Add error return to Repository method on Registry The method (Registry).Repository may now return an error. This is too allow certain implementationt to validate the name or opt to not return a repository under certain conditions. In conjunction with this change, error declarations have been moved into a single file in the distribution package. Several error declarations that had remained in the storage package have been moved into distribution, as well. The declarations for Layer and LayerUpload have also been moved into the main registry file, as a result. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-13 21:59:50 +00:00
case distribution.ErrManifestUnverified:
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnverified)
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
default:
if verificationError == digest.ErrDigestInvalidFormat {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid)
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
} else {
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown, verificationError)
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
}
}
}
default:
Round 4 Signed-off-by: Doug Davis <dug@us.ibm.com>
2015-06-03 13:52:39 +00:00
imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown.WithDetail(err))
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
return
}
Manifest PUT should return 202 Accepted status Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-04 02:27:40 +00:00
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
// Construct a canonical url for the uploaded manifest.
location, err := imh.urlBuilder.BuildManifestURL(imh.Repository.Name(), imh.Digest.String())
if err != nil {
// NOTE(stevvooe): Given the behavior above, this absurdly unlikely to
// happen. We'll log the error here but proceed as if it worked. Worst
// case, we set an empty location header.
ctxu.GetLogger(imh).Errorf("error building manifest url from digest: %v", err)
}
w.Header().Set("Location", location)
w.Header().Set("Docker-Content-Digest", imh.Digest.String())
Manifest PUT should return 201 Created Change handler, update descriptors table, regenerate API spec, and update test. Signed-off-by: Aaron Lehmann <aaron.lehmann@docker.com>
2015-07-24 17:42:02 +00:00
w.WriteHeader(http.StatusCreated)
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
Manifest and layer soft deletion. Implement the delete API by implementing soft delete for layers and blobs by removing link files and updating the blob descriptor cache. Deletion is configurable - if it is disabled API calls will return an unsupported error. We invalidate the blob descriptor cache by changing the linkedBlobStore's blobStatter to a blobDescriptorService and naming it blobAccessController. Delete() is added throughout the relevant API to support this functionality. Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-05-27 17:52:22 +00:00
// DeleteImageManifest removes the manifest with the given digest from the registry.
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
func (imh *imageManifestHandler) DeleteImageManifest(w http.ResponseWriter, r *http.Request) {
Integrate contextual logging with regsitry app This changeset integrates contextual logging into the registry web application. Idiomatic context use is attempted within the current webapp layout. The functionality is centered around making lifecycle objects (application and request context) into contexts themselves. Relevant data has been moved into the context where appropriate. We still have some work to do to factor out the registry.Context object and the dispatching functionality to remove some awkward portions. The api tests were slightly refactored to use a test environment to eliminate common code. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-07 00:19:19 +00:00
ctxu.GetLogger(imh).Debug("DeleteImageManifest")
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
Manifest and layer soft deletion. Implement the delete API by implementing soft delete for layers and blobs by removing link files and updating the blob descriptor cache. Deletion is configurable - if it is disabled API calls will return an unsupported error. We invalidate the blob descriptor cache by changing the linkedBlobStore's blobStatter to a blobDescriptorService and naming it blobAccessController. Delete() is added throughout the relevant API to support this functionality. Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-05-27 17:52:22 +00:00
manifests, err := imh.Repository.Manifests(imh)
if err != nil {
imh.Errors = append(imh.Errors, err)
return
}
err = manifests.Delete(imh.Digest)
if err != nil {
switch err {
case digest.ErrDigestUnsupported:
case digest.ErrDigestInvalidFormat:
imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid)
return
case distribution.ErrBlobUnknown:
imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown)
return
case distribution.ErrUnsupported:
Move common error codes to errcode package Several error codes are generally useful but tied to the v2 specification definitions. This change moves these error code definitions into the common package for use by the health package, which is not tied to the v2 API. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-06 23:25:08 +00:00
imh.Errors = append(imh.Errors, errcode.ErrorCodeUnsupported)
Change some incorrect error types in proxy stores from API errors to distribution errors. Fill in missing checks for mutations on a registry pull-through cache. Add unit tests and update documentation. Also, give v2.ErrorCodeUnsupported an HTTP status code, previously it was defaulting to 500, now its 405 Method Not Allowed. Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-08-11 18:00:30 +00:00
return
Manifest and layer soft deletion. Implement the delete API by implementing soft delete for layers and blobs by removing link files and updating the blob descriptor cache. Deletion is configurable - if it is disabled API calls will return an unsupported error. We invalidate the blob descriptor cache by changing the linkedBlobStore's blobStatter to a blobDescriptorService and naming it blobAccessController. Delete() is added throughout the relevant API to support this functionality. Signed-off-by: Richard Scothern <richard.scothern@gmail.com>
2015-05-27 17:52:22 +00:00
default:
imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown)
return
}
}
w.WriteHeader(http.StatusAccepted)
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
}
// digestManifest takes a digest of the given manifest. This belongs somewhere
// better but we'll wait for a refactoring cycle to find that real somewhere.
Move manifest package to schema1 As we begin our march towards multi-arch, we must prepare for the reality of multiple manifest schemas. This is the beginning of a set of changes to facilitate this. We are both moving this package into its target position where it may live peacefully next to other manfiest versions. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-08-21 04:24:30 +00:00
func digestManifest(ctx context.Context, sm *schema1.SignedManifest) (digest.Digest, error) {
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
p, err := sm.Payload()
if err != nil {
if !strings.Contains(err.Error(), "missing signature key") {
ctxu.GetLogger(ctx).Errorf("error getting manifest payload: %v", err)
return "", err
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
}
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
// NOTE(stevvooe): There are no signatures but we still have a
// payload. The request will fail later but this is not the
// responsibility of this part of the code.
p = sm.Raw
Initial implementation of Manifest HTTP API Push, pull and delete of manifest files in the registry have been implemented on top of the storage services. Basic workflows, including reporting of missing manifests are tested, including various proposed response codes. Common testing functionality has been collected into shared methods. A test suite may be emerging but it might better to capture more edge cases (such as resumable upload, range requests, etc.) before we commit to a full approach. To support clearer test cases and simpler handler methods, an application aware urlBuilder has been added. We may want to export the functionality for use in the client, which could allow us to abstract away from gorilla/mux. A few error codes have been added to fill in error conditions missing from the proposal. Some use cases have identified some problems with the approach to error reporting that requires more work to reconcile. To resolve this, the mapping of Go errors into error types needs to pulled out of the handlers and into the application. We also need to move to type-based errors, with rich information, rather than value-based errors. ErrorHandlers will probably replace the http.Handlers to make this work correctly. Unrelated to the above, the "length" parameter has been migrated to "size" for completing layer uploads. This change should have gone out before but these diffs ending up being coupled with the parameter name change due to updates to the layer unit tests.
2014-11-26 20:16:58 +00:00
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
Implement immutable manifest reference support This changeset implements immutable manifest references via the HTTP API. Most of the changes follow from modifications to ManifestService. Once updates were made across the repo to implement these changes, the http handlers were change accordingly. The new methods on ManifestService will be broken out into a tagging service in a later PR. Unfortunately, due to complexities around managing the manifest tag index in an eventually consistent manner, direct deletes of manifests have been disabled. Signed-off-by: Stephen J Day <stephen.day@docker.com>
2015-02-26 23:47:04 +00:00
dgst, err := digest.FromBytes(p)
if err != nil {
ctxu.GetLogger(ctx).Errorf("error digesting manifest: %v", err)
return "", err
}
return dgst, err
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}