Merge pull request #2881 from coreos-inc/fix-verbs

Fix verbs for recent storage change
2017-10-07 00:17:42 -04:00 · 2017-10-07 00:17:42 -04:00 · e646afd75b
commit e646afd75b
parent fba34eb5f0 f67e2baeba
2 changed files with 13 additions and 4 deletions
--- a/endpoints/verbs/init.py
+++ b/endpoints/verbs/init.py
@ -5,7 +5,7 @@ from flask import redirect, Blueprint, abort, send_file, make_response, request

 import features

-from app import app, signer, storage, metric_queue, license_validator
+from app import app, signer, storage, metric_queue, license_validator, config_provider, ip_resolver
 from auth.auth_context import get_authenticated_user
 from auth.decorators import process_auth
 from auth.permissions import ReadRepositoryPermission
@ -48,7 +48,7 @@ def _open_stream(formatter, repo_image, tag, derived_image_id, handlers):

  def get_next_layer():
    # Re-Initialize the storage engine because some may not respond well to forking (e.g. S3)
-    store = Storage(app, metric_queue)
+    store = Storage(app, metric_queue, config_provider=config_provider, ip_resolver=ip_resolver)
    for current_image in image_list:
      current_image_path = model.get_blob_path(current_image.blob)
      current_image_stream = store.stream_read_file(current_image.blob.locations,
@ -97,7 +97,7 @@ def _write_derived_image_to_storage(verb, derived_image, queue_file):
  queue_file.add_exception_handler(handle_exception)

  # Re-Initialize the storage engine because some may not respond well to forking (e.g. S3)
-  store = Storage(app, metric_queue)
+  store = Storage(app, metric_queue, config_provider=config_provider, ip_resolver=ip_resolver)
  image_path = model.get_blob_path(derived_image.blob)
  store.stream_write(derived_image.blob.locations, image_path, queue_file)
  queue_file.close()
--- a/storage/cloud.py
+++ b/storage/cloud.py
@ -613,9 +613,15 @@ class CloudFrontedS3Storage(S3Storage):

  def get_direct_download_url(self, path, request_ip=None, expires_in=60, requires_cors=False,
                              head=False):
+    # If CloudFront could not be loaded, fall back to normal S3.
+    if self.cloudfront_privatekey is None:
+      return super(CloudFrontedS3Storage, self).get_direct_download_url(path, request_ip,
+                                                                        expires_in, requires_cors,
+                                                                        head)
+      
    resolved_ip_info = None
    logger.debug('Got direct download request for path "%s" with IP "%s"', path, request_ip)
-    if request_ip is not None:
+    if request_ip is not None and self._context.ip_resolver is not None:
      # Lookup the IP address in our resolution table and determine whether it is under AWS. If it is,
      # then return an S3 signed URL, since we are in-network.
      resolved_ip_info = self._context.ip_resolver.resolve_ip(request_ip)
@ -652,6 +658,9 @@ class CloudFrontedS3Storage(S3Storage):
    """ Returns the private key, loaded from the config provider, used to sign direct
        download URLs to CloudFront.
    """
+    if self._context.config_provider is None:
+      return None
+
    with self._context.config_provider.get_volume_file(cloudfront_privatekey_filename) as key_file:
        return serialization.load_pem_private_key(
            key_file.read(),