Merge pull request #58 from factorysh/features/image-pull

Image pull

Author: athoune

application/application.go

@@ -166,11 +166,11 @@ func New(cfg *conf.Conf) (*Application, error) {
 				r.Route("/{commit}", func(r chi.Router) {
 					r.Group(func(r chi.Router) {
 						r.Use(authMiddleware.Middleware())
-						r.Post("/", a.PostTaskHandler)                  // create a new Task
-						r.Get("/", a.TaskHandler(false))                // what is the state of this Task
-						r.Get("/volumes/*", a.VolumesHandler(6, false)) // data wrote by docker run
-						r.Get("/logs", a.TaskLogsHandler(false))        // stdout/stderr of the docker run
-						r.Get("/sink", a.SinkHandler)                   // follow the task status
+						r.Post("/", a.PostTaskHandler)
+						r.Post("/_image", a.PostImageHandler)
+						r.Get("/", a.TaskHandler(false))
+						r.Get("/volumes/*", a.VolumesHandler(6, false))
+						r.Get("/logs", a.TaskLogsHandler(false))
 					})
 					r.Group(func(r chi.Router) {
 						r.Use(a.RefererMiddleware)

application/images.go

@@ -0,0 +1,143 @@
+package application
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"net/http"
+	"net/url"
+	"strings"
+	"time"
+
+	"github.com/docker/docker/api/types"
+	"github.com/docker/docker/client"
+	"github.com/go-chi/chi/v5"
+	"go.uber.org/zap"
+)
+
+// ImageParams describe body data
+type ImageParams struct {
+	Name      string `json:"name"`
+	AuthToken string `json:"auth_token"`
+}
+
+// PostImageHandler is used to pull the request image, see https://docs.docker.com/engine/api/sdk/examples/#pull-an-image-with-authentication
+func (a *Application) PostImageHandler(w http.ResponseWriter, r *http.Request) {
+	var imageParams ImageParams
+
+	serviceID := chi.URLParam(r, "serviceID")
+	project := chi.URLParam(r, "project")
+	commit := chi.URLParam(r, "commit")
+	l := a.logger.With(
+		zap.String("service", serviceID),
+		zap.String("project", project),
+		zap.String("commit", commit),
+	)
+
+	if !a.Services[serviceID].Meta().UserDockerCompose {
+		l.Warn("service does not accept custom image")
+		http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
+		return
+	}
+
+	d := json.NewDecoder(r.Body)
+	err := d.Decode(&imageParams)
+	if err != nil {
+		l.Warn("decoding post image handler params error", zap.Error(err))
+		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		return
+	}
+
+	if err := verifyImageName(imageParams.Name, project, commit); err != nil {
+		l.Warn("verifying image name error", zap.Error(err))
+		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		return
+	}
+
+	authConfig := types.AuthConfig{
+		Username: "gitlab-ci-token",
+		Password: imageParams.AuthToken,
+	}
+	encoded, err := json.Marshal(authConfig)
+	if err != nil {
+		l.Warn("encoding auth config", zap.Error(err))
+		http.Error(w, http.StatusText(http.StatusBadRequest), http.StatusBadRequest)
+		return
+	}
+
+	auth := base64.URLEncoding.EncodeToString(encoded)
+	cli, err := client.NewClientWithOpts(client.FromEnv)
+	if err != nil {
+		l.Warn("new client error", zap.Error(err))
+		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+	}
+
+	ended := make(chan bool)
+	f, flushable := w.(http.Flusher)
+	if flushable {
+		go func() {
+			ticker := time.NewTicker(1 * time.Second)
+			for {
+				select {
+				case <-ticker.C:
+					io.WriteString(w, "#")
+					if flushable {
+						f.Flush()
+					}
+				case <-ended:
+					return
+				case <-r.Context().Done():
+					return
+				}
+			}
+		}()
+	}
+
+	out, err := cli.ImagePull(r.Context(), imageParams.Name, types.ImagePullOptions{RegistryAuth: auth})
+	if err != nil {
+		l.Warn("error when downloading image", zap.Error(err))
+		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+	}
+	defer out.Close()
+
+	// ⚠ consume the reader or nothing happens
+	_, err = ioutil.ReadAll(out)
+	if flushable {
+		ended <- true
+	}
+	if err != nil {
+		l.Warn("error when downloading image", zap.Error(err))
+		http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+	}
+
+	w.Write([]byte("|> Image pulled successfully\n"))
+	w.WriteHeader(http.StatusOK)
+}
+
+func verifyImageName(name string, project string, commit string) error {
+	parts := strings.Split(name, ":")
+
+	if len(parts) < 2 {
+		return fmt.Errorf("invalid image name %s", name)
+	}
+
+	if parts[len(parts)-1] != commit {
+		return fmt.Errorf("image label name is not equal to commit sha : %s != %s", parts[len(parts)-1], commit)
+	}
+
+	unescaped, err := url.PathUnescape(project)
+	if err != nil {
+		return err
+	}
+
+	if !strings.Contains(name, unescaped) {
+		return fmt.Errorf("image %s do not match project %s", name, unescaped)
+	}
+
+	return nil
+}

application/task.go

@@ -12,6 +12,7 @@ import (
 	"strings"
 	"time"
 
+	docker "github.com/docker/docker/client"
 	"github.com/docker/docker/pkg/stdcopy"
 	_claims "github.com/factorysh/microdensity/claims"
 	"github.com/factorysh/microdensity/html"
@@ -231,6 +232,13 @@ func (a *Application) TaskLogzHandler(latest bool) func(http.ResponseWriter, *ht
 		}
 
 		reader, err := t.Logs(r.Context(), false)
+		if docker.IsErrNotFound(err) {
+			l.Warn("container not found", zap.Error(err))
+			w.WriteHeader(http.StatusNotFound)
+			w.Write([]byte(http.StatusText(http.StatusNotFound)))
+			return
+		}
+
 		if err != nil {
 			l.Warn("Task log error", zap.Error(err))
 			w.WriteHeader(http.StatusInternalServerError)
@@ -280,6 +288,13 @@ func (a *Application) TaskLogsHandler(latest bool) func(http.ResponseWriter, *ht
 		}
 
 		err = a.renderLogsPageForTask(r.Context(), t, w)
+		if docker.IsErrNotFound(err) {
+			l.Warn("container not found", zap.Error(err))
+			w.WriteHeader(http.StatusNotFound)
+			w.Write([]byte(http.StatusText(http.StatusNotFound)))
+			return
+		}
+
 		if err != nil {
 			l.Warn("when rendering a logs page", zap.Error(err))
 			w.WriteHeader(http.StatusInternalServerError)

run/compose.go

@@ -46,7 +46,7 @@ func (c *ComposeRun) Cancel() {
 	cancelFunc()
 }
 
-func NewComposeRun(home string) (*ComposeRun, error) {
+func NewComposeRun(home string, env map[string]string) (*ComposeRun, error) {
 	logger, err := zap.NewProduction()
 	if err != nil {
 		return nil, err
@@ -71,7 +71,7 @@ func NewComposeRun(home string) (*ComposeRun, error) {
 		return nil, err
 	}
 
-	project, details, err := LoadCompose(home)
+	project, details, err := LoadCompose(home, env)
 	if err != nil {
 		l.Error("Load compose error", zap.Error(err))
 		return nil, err
@@ -247,7 +247,7 @@ func (c *ComposeRun) runCommand(stdout io.WriteCloser, stderr io.WriteCloser, co
 }
 
 // LoadCompose loads a docker-compose.yml file
-func LoadCompose(home string) (*types.Project, *types.ConfigDetails, error) {
+func LoadCompose(home string, env map[string]string) (*types.Project, *types.ConfigDetails, error) {
 	path := filepath.Join(home, "docker-compose.yml")
 	cfg, err := os.Open(path)
 	if err != nil {
@@ -268,7 +268,7 @@ func LoadCompose(home string) (*types.Project, *types.ConfigDetails, error) {
 				Content:  raw,
 			},
 		},
-		Environment: map[string]string{},
+		Environment: env,
 	}
 
 	p, err := loader.Load(details)

run/compose_test.go

@@ -34,7 +34,7 @@ func TestCompose(t *testing.T) {
 		t.Skip("Skipping testing in CI environment")
 	}
 
-	cr, err := NewComposeRun("../demo/services/demo")
+	cr, err := NewComposeRun("../demo/services/demo", map[string]string{})
 	assert.NoError(t, err)
 	buff := &bytes.Buffer{}
 

run/run.go

@@ -70,7 +70,7 @@ func (r *Runner) Prepare(t *task.Task, env map[string]string) (string, error) {
 		return "", fmt.Errorf("task with id `%s` already prepared", t.Id)
 	}
 
-	runnable, err := NewComposeRun(fmt.Sprintf("%s/%s", r.servicesDir, t.Service))
+	runnable, err := NewComposeRun(fmt.Sprintf("%s/%s", r.servicesDir, t.Service), env)
 	if err != nil {
 		return "", err
 	}

service/service.go

@@ -24,5 +24,5 @@ type Service interface {
 // Meta contains metadata about the linked service
 type Meta struct {
 	Description       string `yaml:"description"`
-	UserDockerCompose bool   `yaml:"bool"`
+	UserDockerCompose bool   `yaml:"user_docker_compose"`
 }

service/validation.go

@@ -28,7 +28,7 @@ func ValidateServicesDefinitions(servicesDir string) error {
 }
 
 func validateServiceDefinition(path string) error {
-	p, _, err := run.LoadCompose(path)
+	p, _, err := run.LoadCompose(path, map[string]string{})
 	if err != nil {
 		return err
 	}