2022-03-30 10:42:47 +02:00
|
|
|
// Copyright 2021 The Gitea Authors. All rights reserved.
|
2022-11-27 19:20:29 +01:00
|
|
|
// SPDX-License-Identifier: MIT
|
2022-03-30 10:42:47 +02:00
|
|
|
|
|
|
|
|
package packages
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"io"
|
2023-07-03 15:33:28 +02:00
|
|
|
"net/url"
|
2022-03-30 10:42:47 +02:00
|
|
|
"path"
|
2022-11-15 09:08:59 +01:00
|
|
|
"strings"
|
2022-03-30 10:42:47 +02:00
|
|
|
|
2023-07-03 15:33:28 +02:00
|
|
|
"code.gitea.io/gitea/modules/setting"
|
2022-03-30 10:42:47 +02:00
|
|
|
"code.gitea.io/gitea/modules/storage"
|
2022-11-15 09:08:59 +01:00
|
|
|
"code.gitea.io/gitea/modules/util"
|
2022-03-30 10:42:47 +02:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
// BlobHash256Key is the key to address a blob content
|
|
|
|
|
type BlobHash256Key string
|
|
|
|
|
|
|
|
|
|
// ContentStore is a wrapper around ObjectStorage
|
|
|
|
|
type ContentStore struct {
|
|
|
|
|
store storage.ObjectStorage
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// NewContentStore creates the default package store
|
|
|
|
|
func NewContentStore() *ContentStore {
|
|
|
|
|
contentStore := &ContentStore{storage.Packages}
|
|
|
|
|
return contentStore
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get gets a package blob
|
|
|
|
|
func (s *ContentStore) Get(key BlobHash256Key) (storage.Object, error) {
|
2022-08-16 06:05:15 +02:00
|
|
|
return s.store.Open(KeyToRelativePath(key))
|
2022-03-30 10:42:47 +02:00
|
|
|
}
|
|
|
|
|
|
2023-07-03 15:33:28 +02:00
|
|
|
func (s *ContentStore) ShouldServeDirect() bool {
|
|
|
|
|
return setting.Packages.Storage.MinioConfig.ServeDirect
|
|
|
|
|
}
|
|
|
|
|
|
Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (#32365)
Fix #28121
I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.
https://github.com/go-gitea/gitea/blob/348d1d0f322ca57c459acd902f54821d687ca804/routers/api/packages/container/container.go#L712-L717
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.
https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
<img width="600px"
src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>
In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.
```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```
---
Most S3-like services support specifying the content type when storing
objects. However, Gitea always use `application/octet-stream`.
Therefore, I believe we also need to improve the `Save` method to
support storing objects with the correct content type.
https://github.com/go-gitea/gitea/blob/b7fb20e73e63b8edc9b90c52073e248bef428fcc/modules/storage/minio.go#L214-L221
(cherry picked from commit 0690cb076bf63f71988a709f62a9c04660b51a4f)
Conflicts:
- modules/storage/azureblob.go
Dropped the change, as we do not support Azure blob storage.
- modules/storage/helper.go
Resolved by adjusting their `discardStorage` to our
`DiscardStorage`
- routers/api/actions/artifacts.go
routers/api/actions/artifactsv4.go
routers/web/repo/actions/view.go
routers/web/repo/download.go
Resolved the conflicts by manually adding the new `nil`
parameter to the `storage.Attachments.URL()` calls.
Originally conflicted due to differences in the if expression
above these calls.
2024-10-31 16:28:25 +01:00
|
|
|
func (s *ContentStore) GetServeDirectURL(key BlobHash256Key, filename string, reqParams url.Values) (*url.URL, error) {
|
|
|
|
|
return s.store.URL(KeyToRelativePath(key), filename, reqParams)
|
2023-07-03 15:33:28 +02:00
|
|
|
}
|
|
|
|
|
|
2022-11-25 06:47:46 +01:00
|
|
|
// FIXME: Workaround to be removed in v1.20
|
|
|
|
|
// https://github.com/go-gitea/gitea/issues/19586
|
|
|
|
|
func (s *ContentStore) Has(key BlobHash256Key) error {
|
|
|
|
|
_, err := s.store.Stat(KeyToRelativePath(key))
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
2022-03-30 10:42:47 +02:00
|
|
|
// Save stores a package blob
|
|
|
|
|
func (s *ContentStore) Save(key BlobHash256Key, r io.Reader, size int64) error {
|
2022-08-16 06:05:15 +02:00
|
|
|
_, err := s.store.Save(KeyToRelativePath(key), r, size)
|
2022-03-30 10:42:47 +02:00
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Delete deletes a package blob
|
|
|
|
|
func (s *ContentStore) Delete(key BlobHash256Key) error {
|
2022-08-16 06:05:15 +02:00
|
|
|
return s.store.Delete(KeyToRelativePath(key))
|
2022-03-30 10:42:47 +02:00
|
|
|
}
|
|
|
|
|
|
2022-08-16 06:05:15 +02:00
|
|
|
// KeyToRelativePath converts the sha256 key aabb000000... to aa/bb/aabb000000...
|
|
|
|
|
func KeyToRelativePath(key BlobHash256Key) string {
|
2022-03-30 10:42:47 +02:00
|
|
|
return path.Join(string(key)[0:2], string(key)[2:4], string(key))
|
|
|
|
|
}
|
2022-11-15 09:08:59 +01:00
|
|
|
|
|
|
|
|
// RelativePathToKey converts a relative path aa/bb/aabb000000... to the sha256 key aabb000000...
|
|
|
|
|
func RelativePathToKey(relativePath string) (BlobHash256Key, error) {
|
|
|
|
|
parts := strings.SplitN(relativePath, "/", 3)
|
|
|
|
|
if len(parts) != 3 || len(parts[0]) != 2 || len(parts[1]) != 2 || len(parts[2]) < 4 || parts[0]+parts[1] != parts[2][0:4] {
|
|
|
|
|
return "", util.ErrInvalidArgument
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return BlobHash256Key(parts[2]), nil
|
|
|
|
|
}
|
