Merge pull request #541 from coreos-inc/python-registry-v2-yaml-sucks
Remove yaml and switch to JSON because yaml is so slow
This commit is contained in:
commit
7ca04f41dd
2 changed files with 15 additions and 14 deletions
|
@ -4,7 +4,6 @@
|
||||||
import logging
|
import logging
|
||||||
import re
|
import re
|
||||||
import jwt.utils
|
import jwt.utils
|
||||||
import yaml
|
|
||||||
import json
|
import json
|
||||||
|
|
||||||
from flask import make_response, request, url_for
|
from flask import make_response, request, url_for
|
||||||
|
@ -64,9 +63,7 @@ class SignedManifest(object):
|
||||||
def __init__(self, manifest_bytes):
|
def __init__(self, manifest_bytes):
|
||||||
self._bytes = manifest_bytes
|
self._bytes = manifest_bytes
|
||||||
|
|
||||||
# TODO(jakedt): If the manifest_bytes doesn't parse as valid YAML, safe_load returns the
|
self._parsed = json.loads(manifest_bytes)
|
||||||
# same string again. We should throw some sort of exception.
|
|
||||||
self._parsed = yaml.safe_load(manifest_bytes)
|
|
||||||
self._signatures = self._parsed[_SIGNATURES_KEY]
|
self._signatures = self._parsed[_SIGNATURES_KEY]
|
||||||
self._namespace, self._repo_name = self._parsed[_REPO_NAME_KEY].split('/')
|
self._namespace, self._repo_name = self._parsed[_REPO_NAME_KEY].split('/')
|
||||||
self._tag = self._parsed[_REPO_TAG_KEY]
|
self._tag = self._parsed[_REPO_TAG_KEY]
|
||||||
|
@ -110,9 +107,7 @@ class SignedManifest(object):
|
||||||
image_digest = digest_tools.Digest.parse_digest(blob_sum_obj[_BLOB_SUM_KEY])
|
image_digest = digest_tools.Digest.parse_digest(blob_sum_obj[_BLOB_SUM_KEY])
|
||||||
metadata_string = history_obj[_V1_COMPAT_KEY]
|
metadata_string = history_obj[_V1_COMPAT_KEY]
|
||||||
|
|
||||||
# TODO(jakedt): If the metadata_string doesn't parse as valid YAML, safe_load returns the
|
v1_metadata = json.loads(metadata_string)
|
||||||
# same string again. We should throw some sort of exception.
|
|
||||||
v1_metadata = yaml.safe_load(metadata_string)
|
|
||||||
command_list = v1_metadata.get('container_config', {}).get('Cmd', None)
|
command_list = v1_metadata.get('container_config', {}).get('Cmd', None)
|
||||||
command = json.dumps(command_list) if command_list else None
|
command = json.dumps(command_list) if command_list else None
|
||||||
|
|
||||||
|
@ -123,12 +118,15 @@ class SignedManifest(object):
|
||||||
|
|
||||||
@property
|
@property
|
||||||
def payload(self):
|
def payload(self):
|
||||||
protected = self._signatures[0][_PROTECTED_KEY]
|
protected = str(self._signatures[0][_PROTECTED_KEY])
|
||||||
parsed_protected = yaml.safe_load(jwt.utils.base64url_decode(protected))
|
|
||||||
|
parsed_protected = json.loads(jwt.utils.base64url_decode(protected))
|
||||||
logger.debug('parsed_protected: %s', parsed_protected)
|
logger.debug('parsed_protected: %s', parsed_protected)
|
||||||
|
|
||||||
signed_content_head = self._bytes[:parsed_protected[_FORMAT_LENGTH_KEY]]
|
signed_content_head = self._bytes[:parsed_protected[_FORMAT_LENGTH_KEY]]
|
||||||
logger.debug('signed content head: %s', signed_content_head)
|
logger.debug('signed content head: %s', signed_content_head)
|
||||||
signed_content_tail = jwt.utils.base64url_decode(parsed_protected[_FORMAT_TAIL_KEY])
|
|
||||||
|
signed_content_tail = jwt.utils.base64url_decode(str(parsed_protected[_FORMAT_TAIL_KEY]))
|
||||||
logger.debug('signed content tail: %s', signed_content_tail)
|
logger.debug('signed content tail: %s', signed_content_tail)
|
||||||
return signed_content_head + signed_content_tail
|
return signed_content_head + signed_content_tail
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@ import endpoints.decorated
|
||||||
import json
|
import json
|
||||||
import features
|
import features
|
||||||
import hashlib
|
import hashlib
|
||||||
|
import logging
|
||||||
|
|
||||||
import tarfile
|
import tarfile
|
||||||
import shutil
|
import shutil
|
||||||
|
@ -48,6 +49,8 @@ except ValueError:
|
||||||
# DB connection.
|
# DB connection.
|
||||||
|
|
||||||
testbp = Blueprint('testbp', __name__)
|
testbp = Blueprint('testbp', __name__)
|
||||||
|
logger = logging.getLogger(__name__)
|
||||||
|
|
||||||
|
|
||||||
@testbp.route('/csrf', methods=['GET'])
|
@testbp.route('/csrf', methods=['GET'])
|
||||||
def generate_csrf():
|
def generate_csrf():
|
||||||
|
@ -101,6 +104,7 @@ class TestFeature(object):
|
||||||
|
|
||||||
_PORT_NUMBER = 5001
|
_PORT_NUMBER = 5001
|
||||||
_CLEAN_DATABASE_PATH = None
|
_CLEAN_DATABASE_PATH = None
|
||||||
|
_JWK = RSAKey(key=RSA.generate(2048))
|
||||||
|
|
||||||
|
|
||||||
def get_new_database_uri():
|
def get_new_database_uri():
|
||||||
|
@ -334,6 +338,9 @@ class V2RegistryPushMixin(V2RegistryMixin):
|
||||||
checksum = 'sha256:' + hashlib.sha256(full_contents).hexdigest()
|
checksum = 'sha256:' + hashlib.sha256(full_contents).hexdigest()
|
||||||
builder.add_layer(checksum, json.dumps({'id': image_id, 'data': contents}))
|
builder.add_layer(checksum, json.dumps({'id': image_id, 'data': contents}))
|
||||||
|
|
||||||
|
# Build the manifest.
|
||||||
|
manifest = builder.build(_JWK)
|
||||||
|
|
||||||
# Push the image's layers.
|
# Push the image's layers.
|
||||||
for image_id, contents in images.iteritems():
|
for image_id, contents in images.iteritems():
|
||||||
chunks = None
|
chunks = None
|
||||||
|
@ -368,10 +375,6 @@ class V2RegistryPushMixin(V2RegistryMixin):
|
||||||
self.conduct('PUT', location, params=dict(digest=checksum), expected_code=201, auth='jwt')
|
self.conduct('PUT', location, params=dict(digest=checksum), expected_code=201, auth='jwt')
|
||||||
|
|
||||||
# Write the manifest.
|
# Write the manifest.
|
||||||
new_key = RSA.generate(2048)
|
|
||||||
jwk = RSAKey(key=new_key)
|
|
||||||
manifest = builder.build(jwk)
|
|
||||||
|
|
||||||
self.conduct('PUT', '/v2/%s/%s/manifests/%s' % (namespace, repository, tag_name),
|
self.conduct('PUT', '/v2/%s/%s/manifests/%s' % (namespace, repository, tag_name),
|
||||||
data=manifest.bytes, expected_code=202,
|
data=manifest.bytes, expected_code=202,
|
||||||
headers={'Content-Type': 'application/json'}, auth='jwt')
|
headers={'Content-Type': 'application/json'}, auth='jwt')
|
||||||
|
|
Reference in a new issue