Security scanner garbage collection support

Adds support for calling GC in the security scanner for any layers+storage removed by GC on the Quay side
2016-12-22 14:55:26 -05:00 · 2016-12-22 14:55:26 -05:00 · d609e6a1c4
commit d609e6a1c4
parent 5225642850
4 changed files with 87 additions and 23 deletions
--- a/util/secscan/fake.py
+++ b/util/secscan/fake.py
@ -5,7 +5,7 @@ import urlparse

 from contextlib import contextmanager
 from httmock import urlmatch, HTTMock, all_requests
-from util.secscan.api import UNKNOWN_PARENT_LAYER_ERROR_MSG
+from util.secscan.api import UNKNOWN_PARENT_LAYER_ERROR_MSG, compute_layer_id

@contextmanager
 def fake_security_scanner(hostname='fakesecurityscanner'):
@ -72,7 +72,7 @@ class FakeSecurityScanner(object):

  def layer_id(self, layer):
    """ Returns the Quay Security Scanner layer ID for the given layer (Image row). """
-    return '%s.%s' % (layer.docker_image_id, layer.storage.uuid)
+    return compute_layer_id(layer)

  def add_layer(self, layer_id):
    """ Adds a layer to the security scanner, with no features or vulnerabilities. """
@ -172,6 +172,20 @@ class FakeSecurityScanner(object):
        'content': json.dumps({'Layer': layer_data}),
      }

+    @urlmatch(netloc=r'(.*\.)?' + self.hostname, path=r'/v1/layers/(.+)', method='DELETE')
+    def remove_layer_mock(url, _):
+      layer_id = url.path[len('/v1/layers/'):]
+      if not layer_id in self.layers:
+        return {
+          'status_code': 404,
+          'content': json.dumps({'Error': {'Message': 'Unknown layer'}}),
+        }
+
+      self.layers.pop(layer_id)
+      return {
+        'status_code': 204, 'content': '',
+      }
+
    @urlmatch(netloc=r'(.*\.)?' + self.hostname, path=r'/v1/layers', method='POST')
    def post_layer_mock(_, request):
      body_data = json.loads(request.body)
@ -274,5 +288,5 @@ class FakeSecurityScanner(object):
    def response_content(url, _):
      raise Exception('Unknown endpoint: ' + str(url))

-    return [get_layer_mock, post_layer_mock, get_notification, delete_notification,
-            response_content]
+    return [get_layer_mock, post_layer_mock, remove_layer_mock, get_notification,
+            delete_notification, response_content]