From efda5034d9275d53ddde58f764f2517abe076034 Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Fri, 31 Jul 2015 13:42:53 -0700 Subject: [PATCH] can't be so restrictive on notary's GUN matching in URLs Signed-off-by: David Lawrence (github: endophage) --- server/server.go | 13 ++++++------- utils/http.go | 24 +++++++++++++++++++++++- 2 files changed, 29 insertions(+), 8 deletions(-) diff --git a/server/server.go b/server/server.go index 306bd5a747..1b9067b890 100644 --- a/server/server.go +++ b/server/server.go @@ -8,7 +8,6 @@ import ( "net/http" "github.com/Sirupsen/logrus" - "github.com/docker/distribution/registry/api/v2" "github.com/docker/distribution/registry/auth" "github.com/endophage/gotuf/data" "github.com/endophage/gotuf/signed" @@ -85,12 +84,12 @@ func Run(ctx context.Context, addr, tlsCertFile, tlsKeyFile string, trust signed r := mux.NewRouter() r.Methods("GET").Path("/v2/").Handler(hand(handlers.MainHandler)) - r.Methods("POST").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/").Handler(hand(handlers.AtomicUpdateHandler, "push", "pull")) - r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(hand(handlers.GetHandler, "pull")) - r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/timestamp.json").Handler(hand(handlers.GetTimestampHandler, "pull")) - r.Methods("GET").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/timestamp.key").Handler(hand(handlers.GetTimestampKeyHandler, "push", "pull")) - r.Methods("DELETE").Path("/v2/{imageName:" + v2.RepositoryNameRegexp.String() + "}/_trust/tuf/").Handler(hand(handlers.DeleteHandler, "push", "pull")) - + r.Methods("POST").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(hand(handlers.AtomicUpdateHandler, "push", "pull")) + r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/{tufRole:(root|targets|snapshot)}.json").Handler(hand(handlers.GetHandler, "pull")) + r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.json").Handler(hand(handlers.GetTimestampHandler, "pull")) + r.Methods("GET").Path("/v2/{imageName:.*}/_trust/tuf/timestamp.key").Handler(hand(handlers.GetTimestampKeyHandler, "push", "pull")) + r.Methods("DELETE").Path("/v2/{imageName:.*}/_trust/tuf/").Handler(hand(handlers.DeleteHandler, "push", "pull")) + r.Methods("GET", "POST", "PUT", "HEAD", "DELETE").Path("/{other:.*}").Handler(hand(utils.NotFoundHandler)) svr := http.Server{ Addr: addr, Handler: r, diff --git a/utils/http.go b/utils/http.go index 155e59cc08..eafa221925 100644 --- a/utils/http.go +++ b/utils/http.go @@ -7,6 +7,7 @@ import ( "github.com/docker/distribution/registry/api/errcode" "github.com/docker/distribution/registry/api/v2" "github.com/docker/distribution/registry/auth" + "github.com/docker/notary/errors" "github.com/endophage/gotuf/signed" "github.com/gorilla/mux" "golang.org/x/net/context" @@ -66,13 +67,28 @@ func (root *rootHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { } } if err := root.handler(ctx, w, r); err != nil { - logrus.Error("[Notary Server] ", err.Error()) + if err, ok := err.(errcode.Error); ok { + logrus.Errorf( + "[Notary Server] %d %s %s", + err.Code.Descriptor().HTTPStatusCode, + r.Method, + r.URL.Path, + ) + } else { + logrus.Errorf( + "[Notary Server] 5XX %s %s %s", + r.Method, + r.URL.Path, + err.Error(), + ) + } e := errcode.ServeJSON(w, err) if e != nil { logrus.Error(e) } return } + logrus.Infof("[Notary Server] 200 %s %s", r.Method, r.URL.Path) return } @@ -89,3 +105,9 @@ func buildAccessRecords(repo string, actions ...string) []auth.Access { } return requiredAccess } + +// NotFoundHandler is used as a generic catch all handler to return the ErrMetadataNotFound +// 404 response +func NotFoundHandler(ctx context.Context, w http.ResponseWriter, r *http.Request) error { + return errors.ErrMetadataNotFound.WithDetail(nil) +}