From 3e014d173232dde199aca41f47d2cf6b5302efe5 Mon Sep 17 00:00:00 2001 From: Jess Frazelle Date: Mon, 16 Jul 2018 05:26:50 -0400 Subject: [PATCH] do not show vulns on tags page if there is no clair registry Signed-off-by: Jess Frazelle --- handlers.go | 45 ++++++++++++++++++++++---------------- server.go | 10 ++++++--- server/templates/tags.html | 6 ++++- 3 files changed, 38 insertions(+), 23 deletions(-) diff --git a/handlers.go b/handlers.go index a7be0ca8..1805f08a 100644 --- a/handlers.go +++ b/handlers.go @@ -47,6 +47,7 @@ type AnalysisResult struct { RegistryDomain string `json:"registryDomain"` Name string `json:"name"` LastUpdated string `json:"lastUpdated"` + HasVulns bool `json:"hasVulns"` } func (rc *registryController) repositories(staticDir string, generateTagsFiles bool) error { @@ -65,6 +66,7 @@ func (rc *registryController) repositories(staticDir string, generateTagsFiles b return fmt.Errorf("getting catalog for %s failed: %v", rc.reg.Domain, err) } + var wg sync.WaitGroup for _, repo := range repoList { repoURI := fmt.Sprintf("%s/%s", rc.reg.Domain, repo) r := Repository{ @@ -74,28 +76,36 @@ func (rc *registryController) repositories(staticDir string, generateTagsFiles b result.Repositories = append(result.Repositories, r) - if generateTagsFiles { - // TODO(jessfraz): make this a go routine with a wait group. + if !generateTagsFiles { + // Continue early because we don't need to generate the tags pages. + continue + } + + // Generate the tags pages in a go routine. + wg.Add(1) + go func(repo string) { + defer wg.Done() logrus.Infof("generating static tags page for repo %s", repo) // Parse and execute the tags templates. b, err := rc.generateTagsTemplate(repo) if err != nil { - logrus.Warnf("generating tags tamplate for repo %q failed: %v", repo, err) + logrus.Warnf("generating tags template for repo %q failed: %v", repo, err) } // Create the directory for the static tags files. tagsDir := filepath.Join(staticDir, "repo", repo, "tags") if err := os.MkdirAll(tagsDir, 0755); err != nil { - return err + logrus.Warn(err) } // Write the tags file. tagsFile := filepath.Join(tagsDir, "index.html") if err := ioutil.WriteFile(tagsFile, b, 0755); err != nil { - logrus.Warnf("writing tags tamplate for repo %s to %sfailed: %v", repo, tagsFile, err) + logrus.Warnf("writing tags template for repo %s to %sfailed: %v", repo, tagsFile, err) } - } + }(repo) } + wg.Wait() // Parse & execute the template. logrus.Info("executing the template repositories") @@ -174,6 +184,7 @@ func (rc *registryController) generateTagsTemplate(repo string) ([]byte, error) RegistryDomain: rc.reg.Domain, LastUpdated: time.Now().Local().Format(time.RFC1123), Name: repo, + HasVulns: rc.cl != nil, // if we have a clair client we can return vulns } for _, tag := range tags { @@ -242,19 +253,15 @@ func (rc *registryController) vulnerabilitiesHandler(w http.ResponseWriter, r *h return } - result := clair.VulnerabilityReport{} - - if rc.cl != nil { - result, err = rc.cl.Vulnerabilities(rc.reg, repo, tag) - if err != nil { - logrus.WithFields(logrus.Fields{ - "func": "vulnerabilities", - "URL": r.URL, - "method": r.Method, - }).Errorf("vulnerability scanning for %s:%s failed: %v", repo, tag, err) - w.WriteHeader(http.StatusInternalServerError) - return - } + result, err := rc.cl.Vulnerabilities(rc.reg, repo, tag) + if err != nil { + logrus.WithFields(logrus.Fields{ + "func": "vulnerabilities", + "URL": r.URL, + "method": r.Method, + }).Errorf("vulnerability scanning for %s:%s failed: %v", repo, tag, err) + w.WriteHeader(http.StatusInternalServerError) + return } if strings.HasSuffix(r.URL.String(), ".json") { diff --git a/server.go b/server.go index 45a2a69b..5d94f403 100644 --- a/server.go +++ b/server.go @@ -156,9 +156,13 @@ func (cmd *serverCommand) Run(ctx context.Context, args []string) error { mux.HandleFunc("/repo/{repo}/tags/", rc.tagsHandler) mux.HandleFunc("/repo/{repo}/tag/{tag}", rc.vulnerabilitiesHandler) mux.HandleFunc("/repo/{repo}/tag/{tag}/", rc.vulnerabilitiesHandler) - mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns", rc.vulnerabilitiesHandler) - mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns/", rc.vulnerabilitiesHandler) - mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns.json", rc.vulnerabilitiesHandler) + + // Add the vulns endpoints if we have a client for a clair server. + if rc.cl != nil { + mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns", rc.vulnerabilitiesHandler) + mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns/", rc.vulnerabilitiesHandler) + mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns.json", rc.vulnerabilitiesHandler) + } // Serve the static assets. staticHandler := http.FileServer(http.Dir(staticDir)) diff --git a/server/templates/tags.html b/server/templates/tags.html index 7ba91ec2..3d66c3be 100644 --- a/server/templates/tags.html +++ b/server/templates/tags.html @@ -20,7 +20,7 @@ Name Tag Created - Vulnerabilities + {{if .HasVulns}}Vulnerabilities{{end}} {{ range $key, $value := .Repositories }} @@ -37,11 +37,13 @@ {{ $value.Created.Format "02 Jan, 2006 15:04:05 UTC" }} + {{if .HasVulns}}
+ {{end}} {{ end }} @@ -52,6 +54,7 @@

Last Updated: {{ .LastUpdated }}

+ {{if .HasVulns}} + {{end}}