155ab77cff
As correctly mentioned in https://cl.tvl.fyi/c/depot/+/9652/comment/03b9b96e_bbb337fd/, we shouldn't be using these magic constants, but pull them from where they're defined. This already is a dependency of go-nix, and pkg/pathinfosvc/server.go, so no changes in go.mod. Change-Id: I0cc41ce040fcbddf4b6171417bc9b0de55af4991 Reviewed-on: https://cl.tvl.fyi/c/depot/+/9653 Tested-by: BuildkiteCI Reviewed-by: Brian McGee <brian@bmcgee.ie>
141 lines
4.4 KiB
Go
141 lines
4.4 KiB
Go
package http
|
|
|
|
import (
|
|
"bufio"
|
|
"bytes"
|
|
"fmt"
|
|
"net/http"
|
|
|
|
castorev1pb "code.tvl.fyi/tvix/castore/protos"
|
|
"code.tvl.fyi/tvix/nar-bridge/pkg/importer"
|
|
"github.com/go-chi/chi/v5"
|
|
mh "github.com/multiformats/go-multihash/core"
|
|
nixhash "github.com/nix-community/go-nix/pkg/hash"
|
|
"github.com/sirupsen/logrus"
|
|
log "github.com/sirupsen/logrus"
|
|
)
|
|
|
|
func registerNarPut(s *Server) {
|
|
s.handler.Put(narUrl, func(w http.ResponseWriter, r *http.Request) {
|
|
defer r.Body.Close()
|
|
|
|
ctx := r.Context()
|
|
|
|
// parse the narhash sent in the request URL
|
|
narHashFromUrl, err := parseNarHashFromUrl(chi.URLParamFromCtx(ctx, "narhash"))
|
|
if err != nil {
|
|
log.WithError(err).WithField("url", r.URL).Error("unable to decode nar hash from url")
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
_, err := w.Write([]byte("unable to decode nar hash from url"))
|
|
if err != nil {
|
|
log.WithError(err).Error("unable to write error message to client")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
log := log.WithField("narhash_url", narHashFromUrl.SRIString())
|
|
|
|
directoriesUploader := importer.NewDirectoriesUploader(ctx, s.directoryServiceClient)
|
|
defer directoriesUploader.Done() //nolint:errcheck
|
|
|
|
rootNode, narSize, narSha256, err := importer.Import(
|
|
ctx,
|
|
// buffer the body by 10MiB
|
|
bufio.NewReaderSize(r.Body, 10*1024*1024),
|
|
importer.GenBlobUploaderCb(ctx, s.blobServiceClient),
|
|
func(directory *castorev1pb.Directory) ([]byte, error) {
|
|
return directoriesUploader.Put(directory)
|
|
},
|
|
)
|
|
|
|
if err != nil {
|
|
log.Errorf("error during NAR import: %v", err)
|
|
w.WriteHeader(http.StatusInternalServerError)
|
|
_, err := w.Write([]byte(fmt.Sprintf("error during NAR import: %v", err)))
|
|
if err != nil {
|
|
log.WithError(err).Errorf("unable to write error message to client")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
log.Debug("closing the stream")
|
|
|
|
// Close the directories uploader
|
|
directoriesPutResponse, err := directoriesUploader.Done()
|
|
if err != nil {
|
|
log.WithError(err).Error("error during directory upload")
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
_, err := w.Write([]byte("error during directory upload"))
|
|
if err != nil {
|
|
log.WithError(err).Errorf("unable to write error message to client")
|
|
}
|
|
|
|
return
|
|
}
|
|
// If we uploaded directories (so directoriesPutResponse doesn't return null),
|
|
// the RootDigest field in directoriesPutResponse should match the digest
|
|
// returned in the PathInfo struct returned by the `Import` call.
|
|
// This check ensures the server-side came up with the same root hash.
|
|
|
|
if directoriesPutResponse != nil {
|
|
rootDigestPathInfo := rootNode.GetDirectory().GetDigest()
|
|
rootDigestDirectoriesPutResponse := directoriesPutResponse.GetRootDigest()
|
|
|
|
log := log.WithFields(logrus.Fields{
|
|
"root_digest_pathinfo": rootDigestPathInfo,
|
|
"root_digest_directories_put_resp": rootDigestDirectoriesPutResponse,
|
|
})
|
|
if !bytes.Equal(rootDigestPathInfo, rootDigestDirectoriesPutResponse) {
|
|
log.Errorf("returned root digest doesn't match what's calculated")
|
|
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
_, err := w.Write([]byte("error in root digest calculation"))
|
|
if err != nil {
|
|
log.WithError(err).Error("unable to write error message to client")
|
|
}
|
|
|
|
return
|
|
}
|
|
}
|
|
|
|
// Compare the nar hash specified in the URL with the one that has been
|
|
// calculated while processing the NAR file.
|
|
narHash, err := nixhash.FromHashTypeAndDigest(mh.SHA2_256, narSha256)
|
|
if err != nil {
|
|
panic("must parse nixbase32")
|
|
}
|
|
|
|
if !bytes.Equal(narHashFromUrl.Digest(), narHash.Digest()) {
|
|
log := log.WithFields(logrus.Fields{
|
|
"narhash_received_sha256": narHash.SRIString(),
|
|
"narsize": narSize,
|
|
})
|
|
log.Error("received bytes don't match narhash from URL")
|
|
|
|
w.WriteHeader(http.StatusBadRequest)
|
|
_, err := w.Write([]byte("received bytes don't match narHash specified in URL"))
|
|
if err != nil {
|
|
log.WithError(err).Errorf("unable to write error message to client")
|
|
}
|
|
|
|
return
|
|
}
|
|
|
|
// Insert the partial pathinfo structs into our lookup map,
|
|
// so requesting the NAR file will be possible.
|
|
// The same might exist already, but it'll have the same contents (so
|
|
// replacing will be a no-op), except maybe the root node Name field value, which
|
|
// is safe to ignore (as not part of the NAR).
|
|
s.narDbMu.Lock()
|
|
s.narDb[narHash.SRIString()] = &narData{
|
|
rootNode: rootNode,
|
|
narSize: narSize,
|
|
}
|
|
s.narDbMu.Unlock()
|
|
|
|
// Done!
|
|
})
|
|
|
|
}
|