cli: use versionsapi fetcher to fetch image ref

Signed-off-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
This commit is contained in:
Paul Meyer 2023-01-03 09:52:06 +01:00
parent e1a0a01ac3
commit f19a90527b
3 changed files with 235 additions and 247 deletions

View File

@ -9,132 +9,28 @@ package image
import (
"context"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"net/url"
"os"
"path"
"strings"
"io/fs"
"regexp"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/constants"
"github.com/edgelesssys/constellation/v2/internal/shortname"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/edgelesssys/constellation/v2/internal/versionsapi/fetcher"
"github.com/spf13/afero"
)
// imageName is a struct that describes a Constellation OS imageName name.
type imageName struct {
Ref string
Stream string
Version string
}
func newImageName(name string) (*imageName, error) {
ref, stream, version, err := shortname.ToParts(name)
if err != nil {
return nil, err
}
return &imageName{
Ref: ref,
Stream: stream,
Version: version,
}, nil
}
func (i *imageName) infoPath() string {
return path.Join(constants.CDNAPIPrefix, "ref", i.Ref, "stream", i.Stream, "image", i.Version, "info.json")
}
func (i *imageName) shortname() string {
return shortname.FromParts(i.Ref, i.Stream, i.Version)
}
// filename is the override file name for the image info file.
func (i *imageName) filename() string {
name := i.shortname()
// replace all non-alphanumeric characters with an underscore
name = strings.Map(func(r rune) rune {
if r >= 'a' && r <= 'z' || r >= 'A' && r <= 'Z' || r >= '0' && r <= '9' || r == '-' || r == '.' {
return r
}
return '_'
}, name)
return name + ".json"
}
// imageInfo is a lookup table for image references.
//
// Example:
//
// {
// "aws": {
// "us-west-2": "ami-0123456789abcdef0"
// },
// "azure": {
// "cvm": "cvm-image-id"
// },
// "gcp": {
// "sev-es": "projects/<project>/global/images/<image>"
// },
// "qemu": {
// "default": "https://cdn.example.com/image.raw"
// },
// "version": "1.0.0",
// "debug": false
// }
type imageInfo struct {
AWS map[string]string `json:"aws,omitempty"`
Azure map[string]string `json:"azure,omitempty"`
GCP map[string]string `json:"gcp,omitempty"`
QEMU map[string]string `json:"qemu,omitempty"`
Debug bool `json:"debug,omitempty"`
Version string `json:"version,omitempty"`
}
// getReference returns the image reference for a given CSP and image variant.
func (l *imageInfo) getReference(csp, variant string) (string, error) {
if l == nil {
return "", fmt.Errorf("image info is nil")
}
var cspList map[string]string
switch cloudprovider.FromString(csp) {
case cloudprovider.AWS:
cspList = l.AWS
case cloudprovider.Azure:
cspList = l.Azure
case cloudprovider.GCP:
cspList = l.GCP
case cloudprovider.QEMU:
cspList = l.QEMU
default:
return "", fmt.Errorf("image not available for CSP %q", csp)
}
if cspList == nil {
return "", fmt.Errorf("image not available for CSP %q", csp)
}
ref, ok := cspList[variant]
if !ok {
return "", fmt.Errorf("image not available for variant %q", variant)
}
return ref, nil
}
// Fetcher fetches image references using a lookup table.
type Fetcher struct {
httpc httpc
fetcher versionsAPIImageInfoFetcher
fs *afero.Afero
}
// New returns a new image fetcher.
func New() *Fetcher {
return &Fetcher{
httpc: http.DefaultClient,
fetcher: fetcher.NewFetcher(),
fs: &afero.Afero{Fs: afero.NewOsFs()},
}
}
@ -146,27 +42,31 @@ func (f *Fetcher) FetchReference(ctx context.Context, config *config.Config) (st
if err != nil {
return "", err
}
image, err := newImageName(config.Image)
ver, err := versionsapi.NewVersionFromShortPath(config.Image, versionsapi.VersionKindImage)
if err != nil {
return "", err
}
return f.fetch(ctx, provider, image, variant)
}
// fetch fetches the image reference for a given image name, uid, CSP and image variant.
func (f *Fetcher) fetch(ctx context.Context, csp cloudprovider.Provider, img *imageName, variant string) (string, error) {
raw, err := getFromFile(f.fs, img)
if err != nil && os.IsNotExist(err) {
raw, err = getFromURL(ctx, f.httpc, img)
imgInfoReq := versionsapi.ImageInfo{
Ref: ver.Ref,
Stream: ver.Stream,
Version: ver.Version,
}
imgInfo, err := getFromFile(f.fs, imgInfoReq)
if err != nil && errors.Is(err, fs.ErrNotExist) {
imgInfo, err = f.fetcher.FetchImageInfo(ctx, imgInfoReq)
}
if err != nil {
return "", fmt.Errorf("fetching image reference: %w", err)
return "", err
}
var info imageInfo
if err := json.Unmarshal(raw, &info); err != nil {
return "", fmt.Errorf("decoding image reference: %w", err)
if err := imgInfo.Validate(); err != nil {
return "", fmt.Errorf("validating image info file: %w", err)
}
return info.getReference(strings.ToLower(csp.String()), variant)
return getReferenceFromImageInfo(provider, variant, imgInfo)
}
// variant returns the image variant for a given CSP and configuration.
@ -189,42 +89,58 @@ func variant(provider cloudprovider.Provider, config *config.Config) (string, er
}
}
func getFromFile(fs *afero.Afero, img *imageName) ([]byte, error) {
return fs.ReadFile(img.filename())
func getFromFile(fs *afero.Afero, imgInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error) {
fileName := imageInfoFilename(imgInfo)
raw, err := fs.ReadFile(fileName)
if err != nil {
return versionsapi.ImageInfo{}, err
}
var newInfo versionsapi.ImageInfo
if err := json.Unmarshal(raw, &newInfo); err != nil {
return versionsapi.ImageInfo{}, fmt.Errorf("decoding image info file: %w", err)
}
return newInfo, nil
}
// getFromURL fetches the image lookup table from a URL.
func getFromURL(ctx context.Context, client httpc, img *imageName) ([]byte, error) {
url, err := url.Parse(constants.CDNRepositoryURL)
if err != nil {
return nil, fmt.Errorf("parsing image version repository URL: %w", err)
}
url.Path = img.infoPath()
req, err := http.NewRequestWithContext(ctx, http.MethodGet, url.String(), http.NoBody)
if err != nil {
return nil, err
}
var filenameReplaceRegexp = regexp.MustCompile(`([^a-zA-Z0-9.-])`)
resp, err := client.Do(req)
if err != nil {
return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
switch resp.StatusCode {
case http.StatusNotFound:
return nil, fmt.Errorf("image %q does not exist", img.shortname())
func imageInfoFilename(imgInfo versionsapi.ImageInfo) string {
path := imgInfo.JSONPath()
return filenameReplaceRegexp.ReplaceAllString(path, "_")
}
// getReferenceFromImageInfo returns the image reference for a given CSP and image variant.
func getReferenceFromImageInfo(provider cloudprovider.Provider, variant string, imgInfo versionsapi.ImageInfo,
) (string, error) {
var providerList map[string]string
switch provider {
case cloudprovider.AWS:
providerList = imgInfo.AWS
case cloudprovider.Azure:
providerList = imgInfo.Azure
case cloudprovider.GCP:
providerList = imgInfo.GCP
case cloudprovider.QEMU:
providerList = imgInfo.QEMU
default:
return nil, fmt.Errorf("unexpected status code %d", resp.StatusCode)
return "", fmt.Errorf("image not available in image info for CSP %q", provider.String())
}
if providerList == nil {
return "", fmt.Errorf("image not available in image info for CSP %q", provider.String())
}
content, err := io.ReadAll(resp.Body)
if err != nil {
return nil, err
ref, ok := providerList[variant]
if !ok {
return "", fmt.Errorf("image not available in image info for variant %q", variant)
}
return content, nil
return ref, nil
}
type httpc interface {
Do(req *http.Request) (*http.Response, error)
type versionsAPIImageInfoFetcher interface {
FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (versionsapi.ImageInfo, error)
}

View File

@ -7,16 +7,16 @@ SPDX-License-Identifier: AGPL-3.0-only
package image
import (
"bytes"
"context"
"io"
"encoding/json"
"errors"
"net/http"
"os"
"strings"
"testing"
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
"github.com/edgelesssys/constellation/v2/internal/config"
"github.com/edgelesssys/constellation/v2/internal/file"
"github.com/edgelesssys/constellation/v2/internal/versionsapi"
"github.com/spf13/afero"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
@ -29,38 +29,57 @@ func TestMain(m *testing.M) {
func TestGetReference(t *testing.T) {
testCases := map[string]struct {
info *imageInfo
csp, variant string
info versionsapi.ImageInfo
provider cloudprovider.Provider
variant string
wantReference string
wantErr bool
}{
"reference exists": {
info: &imageInfo{AWS: map[string]string{"someVariant": "someReference"}},
csp: "aws",
"reference exists aws": {
info: versionsapi.ImageInfo{AWS: map[string]string{"someVariant": "someReference"}},
provider: cloudprovider.AWS,
variant: "someVariant",
wantReference: "someReference",
},
"reference exists azure": {
info: versionsapi.ImageInfo{Azure: map[string]string{"someVariant": "someReference"}},
provider: cloudprovider.Azure,
variant: "someVariant",
wantReference: "someReference",
},
"reference exists gcp": {
info: versionsapi.ImageInfo{GCP: map[string]string{"someVariant": "someReference"}},
provider: cloudprovider.GCP,
variant: "someVariant",
wantReference: "someReference",
},
"reference exists qemu": {
info: versionsapi.ImageInfo{QEMU: map[string]string{"someVariant": "someReference"}},
provider: cloudprovider.QEMU,
variant: "someVariant",
wantReference: "someReference",
},
"csp does not exist": {
info: &imageInfo{AWS: map[string]string{"someVariant": "someReference"}},
csp: "nonExistingCSP",
info: versionsapi.ImageInfo{AWS: map[string]string{"someVariant": "someReference"}},
provider: cloudprovider.Unknown,
variant: "someVariant",
wantErr: true,
},
"variant does not exist": {
info: &imageInfo{AWS: map[string]string{"someVariant": "someReference"}},
csp: "aws",
info: versionsapi.ImageInfo{AWS: map[string]string{"someVariant": "someReference"}},
provider: cloudprovider.AWS,
variant: "nonExistingVariant",
wantErr: true,
},
"info is nil": {
info: nil,
csp: "aws",
"info is empty": {
info: versionsapi.ImageInfo{},
provider: cloudprovider.AWS,
variant: "someVariant",
wantErr: true,
},
"csp is nil": {
info: &imageInfo{AWS: nil},
csp: "aws",
info: versionsapi.ImageInfo{AWS: nil},
provider: cloudprovider.AWS,
variant: "someVariant",
wantErr: true,
},
@ -71,7 +90,7 @@ func TestGetReference(t *testing.T) {
assert := assert.New(t)
require := require.New(t)
reference, err := tc.info.getReference(tc.csp, tc.variant)
reference, err := getReferenceFromImageInfo(tc.provider, tc.variant, tc.info)
if tc.wantErr {
assert.Error(err)
@ -83,14 +102,6 @@ func TestGetReference(t *testing.T) {
}
}
func TestGetReferenceOnNil(t *testing.T) {
assert := assert.New(t)
var lut *imageInfo
_, err := lut.getReference("someCSP", "someVariant")
assert.Error(err)
}
func TestVariant(t *testing.T) {
testCases := map[string]struct {
csp cloudprovider.Provider
@ -161,55 +172,104 @@ func TestVariant(t *testing.T) {
func TestFetchReference(t *testing.T) {
img := "ref/abc/stream/nightly/v1.2.3"
client := newTestClient(func(req *http.Request) *http.Response {
if strings.HasSuffix(req.URL.String(), "/constellation/v1/ref/abc/stream/nightly/image/v1.2.3/info.json") {
return &http.Response{
StatusCode: http.StatusOK,
Body: io.NopCloser(bytes.NewBufferString(lut)),
Header: make(http.Header),
newImgInfo := func() versionsapi.ImageInfo {
return versionsapi.ImageInfo{
Ref: "abc",
Stream: "nightly",
Version: "v1.2.3",
QEMU: map[string]string{"default": "someReference"},
AWS: map[string]string{"foo": "bar"},
Azure: map[string]string{"foo": "bar"},
GCP: map[string]string{"foo": "bar"},
}
}
return &http.Response{
StatusCode: http.StatusNotFound,
Body: io.NopCloser(bytes.NewBufferString("Not found.")),
Header: make(http.Header),
}
})
imgInfoPath := imageInfoFilename(newImgInfo())
testCases := map[string]struct {
config *config.Config
overrideFile string
imageInfoFetcher versionsAPIImageInfoFetcher
localFile []byte
wantReference string
wantErr bool
}{
"reference fetched remotely": {
config: &config.Config{Image: img, Provider: config.ProviderConfig{
QEMU: &config.QEMUConfig{},
}},
config: &config.Config{
Image: img,
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
imageInfoFetcher: &stubVersionsAPIImageFetcher{
fetchImageInfoInfo: newImgInfo(),
},
wantReference: "someReference",
},
"reference fetched remotely fails": {
config: &config.Config{
Image: img,
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
imageInfoFetcher: &stubVersionsAPIImageFetcher{
fetchImageInfoErr: errors.New("failed"),
},
wantErr: true,
},
"reference fetched locally": {
config: &config.Config{Image: img, Provider: config.ProviderConfig{
QEMU: &config.QEMUConfig{},
}},
overrideFile: `{"qemu":{"default":"localOverrideReference"}}`,
config: &config.Config{
Image: img,
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
localFile: func() []byte {
info := newImgInfo()
info.QEMU["default"] = "localOverrideReference"
file, err := json.Marshal(info)
require.NoError(t, err)
return file
}(),
wantReference: "localOverrideReference",
},
"lut is invalid": {
config: &config.Config{Image: img, Provider: config.ProviderConfig{
QEMU: &config.QEMUConfig{},
}},
overrideFile: `{`,
"local file first": {
config: &config.Config{
Image: img,
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
imageInfoFetcher: &stubVersionsAPIImageFetcher{
fetchImageInfoInfo: newImgInfo(),
},
localFile: func() []byte {
info := newImgInfo()
info.QEMU["default"] = "localOverrideReference"
file, err := json.Marshal(info)
require.NoError(t, err)
return file
}(),
wantReference: "localOverrideReference",
},
"local file is invalid": {
config: &config.Config{
Image: img,
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
localFile: []byte("invalid"),
wantErr: true,
},
"local file has invalid image info": {
config: &config.Config{
Image: img,
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
localFile: func() []byte {
info := newImgInfo()
info.Ref = ""
file, err := json.Marshal(info)
require.NoError(t, err)
return file
}(),
wantErr: true,
},
"image version does not exist": {
config: &config.Config{Image: "nonExistingImageName", Provider: config.ProviderConfig{
QEMU: &config.QEMUConfig{},
}},
wantErr: true,
config: &config.Config{
Image: "nonExistingImageName",
Provider: config.ProviderConfig{QEMU: &config.QEMUConfig{}},
},
"invalid config": {
config: &config.Config{},
wantErr: true,
},
}
@ -219,11 +279,20 @@ func TestFetchReference(t *testing.T) {
assert := assert.New(t)
require := require.New(t)
fetcher := &Fetcher{
httpc: client,
fs: newImageVersionStubFs(t, img, tc.overrideFile),
fs := afero.NewMemMapFs()
af := &afero.Afero{Fs: fs}
if tc.localFile != nil {
fh := file.NewHandler(af)
require.NoError(fh.Write(imgInfoPath, tc.localFile))
}
fetcher := &Fetcher{
fetcher: tc.imageInfoFetcher,
fs: af,
}
reference, err := fetcher.FetchReference(context.Background(), tc.config)
if tc.wantErr {
assert.Error(err)
return
@ -234,6 +303,17 @@ func TestFetchReference(t *testing.T) {
}
}
type stubVersionsAPIImageFetcher struct {
fetchImageInfoInfo versionsapi.ImageInfo
fetchImageInfoErr error
}
func (f *stubVersionsAPIImageFetcher) FetchImageInfo(ctx context.Context, imageInfo versionsapi.ImageInfo) (
versionsapi.ImageInfo, error,
) {
return f.fetchImageInfoInfo, f.fetchImageInfoErr
}
func must(t *testing.T, err error) {
t.Helper()
if err != nil {
@ -255,15 +335,3 @@ func newTestClient(fn roundTripFunc) *http.Client {
Transport: fn,
}
}
func newImageVersionStubFs(t *testing.T, image string, overrideFile string) *afero.Afero {
fs := afero.NewMemMapFs()
img, err := newImageName(image)
must(t, err)
if overrideFile != "" {
must(t, afero.WriteFile(fs, img.filename(), []byte(overrideFile), os.ModePerm))
}
return &afero.Afero{Fs: fs}
}
const lut = `{"qemu":{"default":"someReference"}}`

View File

@ -137,3 +137,7 @@ func (*nopWriteCloser) Write(p []byte) (int, error) {
func (*nopWriteCloser) Close() error {
return nil
}
type httpc interface {
Do(req *http.Request) (*http.Response, error)
}