Instead of sending DB IDs, send "internal IDs" which are DB IDs hashed. This way, we can still calculate the ancestors without hitting the DB further, but without leaking the size of the images table

endpoints/api/__init__.py

@@ -1,6 +1,7 @@
 import logging
 import json
 import datetime
+import hashlib
 
 from flask import Blueprint, request, make_response, jsonify, session
 from flask.ext.restful import Resource, abort, Api, reqparse
@@ -344,6 +345,12 @@ def log_action(kind, user_or_orgname, metadata=None, repo=None):
                    metadata=metadata, repository=repo)
 
 
+def calculate_internal_id(dbid):
+  """ Returns an 'internal id' we can send to the frontend that represents the
+      given database ID, but without leaking its actual value.
+  """
+  return hashlib.sha1("internal-db-" + str(dbid)).hexdigest()
+
 import endpoints.api.billing
 import endpoints.api.build
 import endpoints.api.discovery

endpoints/api/image.py

@@ -4,7 +4,7 @@ from collections import defaultdict
 
 from app import storage as store
 from endpoints.api import (resource, nickname, require_repo_read, RepositoryParamResource,
-                           format_date, NotFound)
+                           format_date, NotFound, calculate_internal_id)
 from data import model
 from util.cache import cache_control_flask_restful
 
@@ -15,16 +15,31 @@ def image_view(image):
     extended_props = image.storage
 
   command = extended_props.command
+
+  def internal_id(aid):
+    if aid == '':
+      return ''
+
+    return calculate_internal_id(aid)
+
+  # Calculate the ancestors string, with the DBID's replaced with the
+  # hashed 'internal' IDs.
+  ancestors = [internal_id(a) for a in image.ancestors.split('/')]
+  ancestors_string = '/'.join(ancestors)
+
   return {
     'id': image.docker_image_id,
     'created': format_date(extended_props.created),
     'comment': extended_props.comment,
     'command': json.loads(command) if command else None,
-    'ancestors': image.ancestors,
-    'dbid': image.id,
     'size': extended_props.image_size,
     'locations': list(image.storage.locations),
     'uploading': image.storage.uploading,
+
+    'ancestors': ancestors_string,
+
+    'internal_id': calculate_internal_id(image.id),
+    'sort_index': len(image.ancestors)
   }
 
 

endpoints/api/repository.py

@@ -7,7 +7,8 @@ from data import model
 from endpoints.api import (truthy_bool, format_date, nickname, log_action, validate_json_request,
                            require_repo_read, require_repo_write, require_repo_admin,
                            RepositoryParamResource, resource, query_param, parse_args, ApiResource,
-                           request_error, require_scope, Unauthorized, NotFound, InvalidRequest)
+                           request_error, require_scope, Unauthorized, NotFound, InvalidRequest,
+                           calculate_internal_id)
 from auth.permissions import (ModifyRepositoryPermission, AdministerRepositoryPermission,
                               CreateRepositoryPermission, ReadRepositoryPermission)
 from auth.auth_context import get_authenticated_user
@@ -169,7 +170,7 @@ class Repository(RepositoryParamResource):
       return {
         'name': tag.name,
         'image_id': tag.image.docker_image_id,
-        'dbid': tag.image.id
+        'internal_id': calculate_internal_id(tag.image.id)
       }
 
     organization = None