tblyler/reg
1
0
Fork 0
mirror of https://github.com/genuinetools/reg.git synced 2024-06-25 17:14:47 -04:00
Code Issues Projects Releases Wiki Activity

Fix repo with slashes, no vulnerability scan on tags page (#25)

Browse source 
* Fix for slashes in repo names

* Make routing work with repos which have slashes

* Do not calculate vulnerabilities on tags
This commit is contained in:
Stefan Majer 2017-04-25 15:45:02 +02:00 committed by Jess Frazelle
parent e1d409fefd
commit e98fd4918c
4 changed files with 23 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

27
server/handlers.go
View file

@ -4,6 +4,7 @@ import (
"encoding/json"
"fmt"
"net/http"
"net/url"
"os"
"path/filepath"
"strings"
@ -95,8 +96,8 @@ func (rc *registryController) tagsHandler(w http.ResponseWriter, r *http.Request
}).Info("fetching tags")
vars := mux.Vars(r)
repo := vars["repo"]
if repo == "" {
repo, err := url.QueryUnescape(vars["repo"])
if err != nil || repo == "" {
w.WriteHeader(http.StatusNotFound)
fmt.Fprint(w, "Empty repo")
return
@ -126,6 +127,8 @@ func (rc *registryController) tagsHandler(w http.ResponseWriter, r *http.Request
"func": "tags",
"URL": r.URL,
"method": r.Method,
"repo": repo,
"tag": tag,
}).Errorf("getting v1 manifest for %s:%s failed: %v", repo, tag, err)
w.WriteHeader(http.StatusNotFound)
fmt.Fprint(w, "Manifest not found")
@ -161,20 +164,6 @@ func (rc *registryController) tagsHandler(w http.ResponseWriter, r *http.Request
Created: createdDate,
}
if rc.cl != nil {
vuln, err := rc.cl.Vulnerabilities(rc.reg, repo, tag, m1)
if err != nil {
logrus.WithFields(logrus.Fields{
"func": "tags",
"URL": r.URL,
"method": r.Method,
}).Errorf("vulnerability scanning for %s:%s failed: %v", repo, tag, err)
w.WriteHeader(http.StatusInternalServerError)
return
}
rp.VulnerabilityReport = vuln
}
result.Repositories = append(result.Repositories, rp)
}
@ -198,10 +187,10 @@ func (rc *registryController) vulnerabilitiesHandler(w http.ResponseWriter, r *h
}).Info("fetching vulnerabilities")
vars := mux.Vars(r)
repo := vars["repo"]
repo, err := url.QueryUnescape(vars["repo"])
tag := vars["tag"]
if repo == "" {
if err != nil || repo == "" {
w.WriteHeader(http.StatusNotFound)
fmt.Fprint(w, "Empty repo")
return
@ -219,6 +208,8 @@ func (rc *registryController) vulnerabilitiesHandler(w http.ResponseWriter, r *h
"func": "vulnerabilities",
"URL": r.URL,
"method": r.Method,
"repo": repo,
"tag": tag,
}).Errorf("getting v1 manifest for %s:%s failed: %v", repo, tag, err)
w.WriteHeader(http.StatusNotFound)
fmt.Fprint(w, "Manifest not found")

15
server/server.go
View file

@ -207,16 +207,17 @@ func main() {
// create mux server
mux := mux.NewRouter()
mux.UseEncodedPath()
// static files handler
staticHandler := http.FileServer(http.Dir(staticDir))
mux.HandleFunc("/repo/{repo}", rc.tagsHandler)
mux.HandleFunc("/repo/{repo}/", rc.tagsHandler)
mux.HandleFunc("/repo/{repo}/{tag}", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/{tag}/", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/{tag}/vulns", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/{tag}/vulns/", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/{tag}/vulns.json", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/tags", rc.tagsHandler)
mux.HandleFunc("/repo/{repo}/tags/", rc.tagsHandler)
mux.HandleFunc("/repo/{repo}/tag/{tag}", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/tag/{tag}/", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns/", rc.vulnerabilitiesHandler)
mux.HandleFunc("/repo/{repo}/tag/{tag}/vulns.json", rc.vulnerabilitiesHandler)
mux.PathPrefix("/static/").Handler(http.StripPrefix("/static/", staticHandler))
mux.Handle("/", staticHandler)

4
server/templates/repositories.html
View file

@ -27,13 +27,13 @@
{{ range $key, $value := .Repositories }}
<tr>
<td valign="top">
<a href="/repo/{{ $value.Name | urlquery }}">
<a href="/repo/{{ $value.Name | urlquery }}/tags">
{{ $value.Name }}
</a>
</td>
<td align="right" nowrap>
<a href="/repo/{{ $value.Name | urlquery }}">
<a href="/repo/{{ $value.Name | urlquery }}/tags">
<code>docker pull {{ $value.URI }}</code>
</a>
</td>

8
server/templates/tags.html
View file

@ -25,12 +25,12 @@
{{ range $key, $value := .Repositories }}
<tr>
<td valign="left" nowrap>
<a href="/repo/{{ $value.Name | urlquery }}/{{ $value.Tag }}/vulns">
<a href="/repo/{{ $value.Name | urlquery }}/tag/{{ $value.Tag }}/vulns">
{{ $value.Name }}
</a>
</td>
<td align="right" nowrap>
<a href="/repo/{{ $value.Name | urlquery }}/{{ $value.Tag }}/vulns">
<a href="/repo/{{ $value.Name | urlquery }}/tag/{{ $value.Tag }}/vulns">
{{ $value.Tag }}
</a>
</td>
@ -38,7 +38,7 @@
{{ $value.Created.Format "02 Jan, 2006 15:04:05 UTC" }}
</td>
<td align="right" nowrap>
<a href="/repo/{{ $value.Name | urlquery }}/{{ $value.Tag }}/vulns" id="{{ $value.Name }}:{{ $value.Tag }}">
<a href="/repo/{{ $value.Name | urlquery }}/tag/{{ $value.Tag }}/vulns" id="{{ $value.Name }}:{{ $value.Tag }}">
<div class="signal"></div>
</a>
</td>
@ -54,7 +54,7 @@
<script type="text/javascript">
var ajaxCalls = [
{{ range $key, $value := .Repositories }}
'/repo/{{ $value.Name | urlquery }}/{{ $value.Tag }}/vulns.json',
'/repo/{{ $value.Name | urlquery }}/tag/{{ $value.Tag }}/vulns.json',
{{ end }}
];
window.onload = function() {