TrueCloudLab
/
distribution
12
0
Fork 3
Code Issues 2 Pull Requests Packages Projects Releases 1 Wiki Activity
distribution/registry/app.go

272 lines
8.3 KiB
Go
Raw Normal View History

Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
package registry
import (
Implement V2 API base endpoint This implements a base endpoint that will respond with a 200 OK and an empty json response. Such an endpoint can be used as to ping the v2 service or as an endpoint to check authorization status.
2014-12-11 06:33:36 +00:00
"fmt"
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
"net/http"
Move from docker-registry to distribution
2014-12-24 00:01:38 +00:00
"github.com/docker/distribution/api/v2"
"github.com/docker/distribution/auth"
"github.com/docker/distribution/configuration"
"github.com/docker/distribution/storage"
"github.com/docker/distribution/storagedriver"
"github.com/docker/distribution/storagedriver/factory"
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
log "github.com/Sirupsen/logrus"
"github.com/gorilla/mux"
)
// App is a global registry application object. Shared resources can be placed
// on this object that will be accessible from all requests. Any writable
// fields should be protected.
type App struct {
Config configuration.Configuration
router *mux.Router
Initial implementation of Layer API The http API has its first set of endpoints to implement the core aspects of fetching and uploading layers. Uploads can be started and completed in a single chunk and the content can be fetched via tarsum. Most proposed error conditions should be represented but edge cases likely remain. In this version, note that the layers are still called layers, even though the routes are pointing to blobs. This will change with backend refactoring over the next few weeks. The unit tests are a bit of a shamble but these need to be carefully written along with the core specification process. As the the client-server interaction solidifies, we can port this into a verification suite for registry providers.
2014-11-21 03:57:01 +00:00
// driver maintains the app global storage driver instance.
driver storagedriver.StorageDriver
// services contains the main services instance for the application.
services *storage.Services
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
Adds support for content redirects for layer downloads Includes a delegate implementation which redirects to the URL generated by the storagedriver, and a cloudfront implementation. Satisfies proposal #49
2015-01-09 00:55:40 +00:00
layerHandler storage.LayerHandler
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
accessController auth.AccessController
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
// NewApp takes a configuration and returns a configured app, ready to serve
// requests. The app only implements ServeHTTP and can be wrapped in other
// handlers accordingly.
func NewApp(configuration configuration.Configuration) *App {
app := &App{
Config: configuration,
Migrate references to consolidated v2 package Routes and errors are now all referenced from a single v2 package. This packages exports are acceptable for use in the server side as well as integration into docker core.
2014-12-12 06:24:25 +00:00
router: v2.Router(),
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
}
// Register the handler dispatchers.
Migrate references to consolidated v2 package Routes and errors are now all referenced from a single v2 package. This packages exports are acceptable for use in the server side as well as integration into docker core.
2014-12-12 06:24:25 +00:00
app.register(v2.RouteNameBase, func(ctx *Context, r *http.Request) http.Handler {
Implement V2 API base endpoint This implements a base endpoint that will respond with a 200 OK and an empty json response. Such an endpoint can be used as to ping the v2 service or as an endpoint to check authorization status.
2014-12-11 06:33:36 +00:00
return http.HandlerFunc(apiBase)
})
Migrate references to consolidated v2 package Routes and errors are now all referenced from a single v2 package. This packages exports are acceptable for use in the server side as well as integration into docker core.
2014-12-12 06:24:25 +00:00
app.register(v2.RouteNameManifest, imageManifestDispatcher)
app.register(v2.RouteNameTags, tagsDispatcher)
app.register(v2.RouteNameBlob, layerDispatcher)
app.register(v2.RouteNameBlobUpload, layerUploadDispatcher)
app.register(v2.RouteNameBlobUploadChunk, layerUploadDispatcher)
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
Initial implementation of Layer API The http API has its first set of endpoints to implement the core aspects of fetching and uploading layers. Uploads can be started and completed in a single chunk and the content can be fetched via tarsum. Most proposed error conditions should be represented but edge cases likely remain. In this version, note that the layers are still called layers, even though the routes are pointing to blobs. This will change with backend refactoring over the next few weeks. The unit tests are a bit of a shamble but these need to be carefully written along with the core specification process. As the the client-server interaction solidifies, we can port this into a verification suite for registry providers.
2014-11-21 03:57:01 +00:00
driver, err := factory.Create(configuration.Storage.Type(), configuration.Storage.Parameters())
if err != nil {
// TODO(stevvooe): Move the creation of a service into a protected
// method, where this is created lazily. Its status can be queried via
// a health check.
panic(err)
}
app.driver = driver
app.services = storage.NewServices(app.driver)
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
authType := configuration.Auth.Type()
if authType != "" {
accessController, err := auth.GetAccessController(configuration.Auth.Type(), configuration.Auth.Parameters())
if err != nil {
panic(fmt.Sprintf("unable to configure authorization (%s): %v", authType, err))
}
app.accessController = accessController
}
Fixes tests, moves layerhandler in config file
2015-01-09 01:29:22 +00:00
layerHandlerType := configuration.LayerHandler.Type()
Adds support for content redirects for layer downloads Includes a delegate implementation which redirects to the URL generated by the storagedriver, and a cloudfront implementation. Satisfies proposal #49
2015-01-09 00:55:40 +00:00
if layerHandlerType != "" {
Fixes tests, moves layerhandler in config file
2015-01-09 01:29:22 +00:00
lh, err := storage.GetLayerHandler(layerHandlerType, configuration.LayerHandler.Parameters(), driver)
Adds support for content redirects for layer downloads Includes a delegate implementation which redirects to the URL generated by the storagedriver, and a cloudfront implementation. Satisfies proposal #49
2015-01-09 00:55:40 +00:00
if err != nil {
panic(fmt.Sprintf("unable to configure layer handler (%s): %v", layerHandlerType, err))
}
app.layerHandler = lh
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
return app
}
func (app *App) ServeHTTP(w http.ResponseWriter, r *http.Request) {
app.router.ServeHTTP(w, r)
}
// register a handler with the application, by route name. The handler will be
// passed through the application filters and context will be constructed at
// request time.
func (app *App) register(routeName string, dispatch dispatchFunc) {
// TODO(stevvooe): This odd dispatcher/route registration is by-product of
// some limitations in the gorilla/mux router. We are using it to keep
// routing consistent between the client and server, but we may want to
// replace it with manual routing and structure-based dispatch for better
// control over the request execution.
app.router.GetRoute(routeName).Handler(app.dispatcher(dispatch))
}
// dispatchFunc takes a context and request and returns a constructed handler
// for the route. The dispatcher will use this to dynamically create request
// specific handlers for each endpoint without creating a new router for each
// request.
type dispatchFunc func(ctx *Context, r *http.Request) http.Handler
// TODO(stevvooe): dispatchers should probably have some validation error
// chain with proper error reporting.
Initial implementation of Layer API The http API has its first set of endpoints to implement the core aspects of fetching and uploading layers. Uploads can be started and completed in a single chunk and the content can be fetched via tarsum. Most proposed error conditions should be represented but edge cases likely remain. In this version, note that the layers are still called layers, even though the routes are pointing to blobs. This will change with backend refactoring over the next few weeks. The unit tests are a bit of a shamble but these need to be carefully written along with the core specification process. As the the client-server interaction solidifies, we can port this into a verification suite for registry providers.
2014-11-21 03:57:01 +00:00
// singleStatusResponseWriter only allows the first status to be written to be
// the valid request status. The current use case of this class should be
// factored out.
type singleStatusResponseWriter struct {
http.ResponseWriter
status int
}
func (ssrw *singleStatusResponseWriter) WriteHeader(status int) {
if ssrw.status != 0 {
return
}
ssrw.status = status
ssrw.ResponseWriter.WriteHeader(status)
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
// dispatcher returns a handler that constructs a request specific context and
// handler, using the dispatch factory function.
func (app *App) dispatcher(dispatch dispatchFunc) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
context := app.context(r)
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
if err := app.authorized(w, r, context); err != nil {
return
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
context.log = log.WithField("name", context.Name)
handler := dispatch(context, r)
Initial implementation of Layer API The http API has its first set of endpoints to implement the core aspects of fetching and uploading layers. Uploads can be started and completed in a single chunk and the content can be fetched via tarsum. Most proposed error conditions should be represented but edge cases likely remain. In this version, note that the layers are still called layers, even though the routes are pointing to blobs. This will change with backend refactoring over the next few weeks. The unit tests are a bit of a shamble but these need to be carefully written along with the core specification process. As the the client-server interaction solidifies, we can port this into a verification suite for registry providers.
2014-11-21 03:57:01 +00:00
ssrw := &singleStatusResponseWriter{ResponseWriter: w}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
context.log.Infoln("handler", resolveHandlerName(r.Method, handler))
Initial implementation of Layer API The http API has its first set of endpoints to implement the core aspects of fetching and uploading layers. Uploads can be started and completed in a single chunk and the content can be fetched via tarsum. Most proposed error conditions should be represented but edge cases likely remain. In this version, note that the layers are still called layers, even though the routes are pointing to blobs. This will change with backend refactoring over the next few weeks. The unit tests are a bit of a shamble but these need to be carefully written along with the core specification process. As the the client-server interaction solidifies, we can port this into a verification suite for registry providers.
2014-11-21 03:57:01 +00:00
handler.ServeHTTP(ssrw, r)
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
// Automated error response handling here. Handlers may return their
// own errors if they need different behavior (such as range errors
// for layer upload).
Initial implementation of Layer API The http API has its first set of endpoints to implement the core aspects of fetching and uploading layers. Uploads can be started and completed in a single chunk and the content can be fetched via tarsum. Most proposed error conditions should be represented but edge cases likely remain. In this version, note that the layers are still called layers, even though the routes are pointing to blobs. This will change with backend refactoring over the next few weeks. The unit tests are a bit of a shamble but these need to be carefully written along with the core specification process. As the the client-server interaction solidifies, we can port this into a verification suite for registry providers.
2014-11-21 03:57:01 +00:00
if context.Errors.Len() > 0 {
if ssrw.status == 0 {
w.WriteHeader(http.StatusBadRequest)
}
Carve out initial application structure This changeset defines the application structure to be used for the http side of the new registry. The main components are the App and Context structs. The App context is instance global and manages global configuration and resources. Context contains request-specific resources that may be created as a by-product of an in-flight request. To latently construct per-request handlers and leverage gorilla/mux, a dispatch structure has been propped up next to the main handler flow. Without this, a router and all handlers need to be constructed on every request. By constructing handlers on each request, we ensure thread isolation and can carefully control the security context of in-flight requests. There are unit tests covering this functionality.
2014-11-11 02:57:38 +00:00
serveJSON(w, context.Errors)
}
})
}
Implement V2 API base endpoint This implements a base endpoint that will respond with a 200 OK and an empty json response. Such an endpoint can be used as to ping the v2 service or as an endpoint to check authorization status.
2014-12-11 06:33:36 +00:00
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
// context constructs the context object for the application. This only be
// called once per request.
func (app *App) context(r *http.Request) *Context {
vars := mux.Vars(r)
context := &Context{
App: app,
Name: vars["name"],
urlBuilder: v2.NewURLBuilderFromRequest(r),
}
// Store vars for underlying handlers.
context.vars = vars
return context
}
// authorized checks if the request can proceed with with request access-
// level. If it cannot, the method will return an error.
func (app *App) authorized(w http.ResponseWriter, r *http.Request, context *Context) error {
if app.accessController == nil {
return nil // access controller is not enabled.
}
var accessRecords []auth.Access
Ensure that unset Context.Name only allowed on base route If Context.Name is not set, the acceess controller may allow an unintended request through. By only allowing a request to proceed without a name on the base route, we provide some protection if future bugs forget to set the context properly.
2014-12-19 01:20:35 +00:00
if context.Name != "" {
resource := auth.Resource{
Type: "repository",
Name: context.Name,
}
switch r.Method {
case "GET", "HEAD":
accessRecords = append(accessRecords,
auth.Access{
Resource: resource,
Action: "pull",
})
case "POST", "PUT", "PATCH":
accessRecords = append(accessRecords,
auth.Access{
Resource: resource,
Action: "pull",
},
auth.Access{
Resource: resource,
Action: "push",
})
case "DELETE":
// DELETE access requires full admin rights, which is represented
// as "*". This may not be ideal.
accessRecords = append(accessRecords,
auth.Access{
Resource: resource,
Action: "*",
})
}
} else {
// Only allow the name not to be set on the base route.
route := mux.CurrentRoute(r)
if route == nil || route.GetName() != v2.RouteNameBase {
// For this to be properly secured, context.Name must always be set
// for a resource that may make a modification. The only condition
// under which name is not set and we still allow access is when the
// base route is accessed. This section prevents us from making that
// mistake elsewhere in the code, allowing any operation to proceed.
Use full json content type with charset parameter
2014-12-31 04:09:45 +00:00
w.Header().Set("Content-Type", "application/json; charset=utf-8")
Ensure that unset Context.Name only allowed on base route If Context.Name is not set, the acceess controller may allow an unintended request through. By only allowing a request to proceed without a name on the base route, we provide some protection if future bugs forget to set the context properly.
2014-12-19 01:20:35 +00:00
w.WriteHeader(http.StatusForbidden)
var errs v2.Errors
errs.Push(v2.ErrorCodeUnauthorized)
serveJSON(w, errs)
}
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
}
if err := app.accessController.Authorized(r, accessRecords...); err != nil {
switch err := err.(type) {
case auth.Challenge:
Use full json content type with charset parameter
2014-12-31 04:09:45 +00:00
w.Header().Set("Content-Type", "application/json; charset=utf-8")
Integrate auth.AccessController into registry app This changeset integrates the AccessController into the main registry app. This includes support for configuration and a test implementation, called "silly" auth. Auth is only enabled if the configuration is present but takes measure to ensure that configuration errors don't allow the appserver to start with open access.
2014-12-18 20:30:19 +00:00
err.ServeHTTP(w, r)
var errs v2.Errors
errs.Push(v2.ErrorCodeUnauthorized, accessRecords)
serveJSON(w, errs)
default:
// This condition is a potential security problem either in
// the configuration or whatever is backing the access
// controller. Just return a bad request with no information
// to avoid exposure. The request should not proceed.
context.log.Errorf("error checking authorization: %v", err)
w.WriteHeader(http.StatusBadRequest)
}
return err
}
return nil
}
Implement V2 API base endpoint This implements a base endpoint that will respond with a 200 OK and an empty json response. Such an endpoint can be used as to ping the v2 service or as an endpoint to check authorization status.
2014-12-11 06:33:36 +00:00
// apiBase implements a simple yes-man for doing overall checks against the
// api. This can support auth roundtrips to support docker login.
func apiBase(w http.ResponseWriter, r *http.Request) {
const emptyJSON = "{}"
// Provide a simple /v2/ 200 OK response with empty json response.
Use full json content type with charset parameter
2014-12-31 04:09:45 +00:00
w.Header().Set("Content-Type", "application/json; charset=utf-8")
Implement V2 API base endpoint This implements a base endpoint that will respond with a 200 OK and an empty json response. Such an endpoint can be used as to ping the v2 service or as an endpoint to check authorization status.
2014-12-11 06:33:36 +00:00
w.Header().Set("Content-Length", fmt.Sprint(len(emptyJSON)))
fmt.Fprint(w, emptyJSON)
}