登录 注册
开源 企业版 高校版 私有云 Gitee AI NEW
扫描微信二维码支付
取消
支付完成
Watch
不关注 关注所有动态 仅关注版本发行动态 关注但不提醒动态
1 Star 0 Fork 14

iGxnon/KubeOS

forked from src-openEuler/KubeOS 
代码 Issues 0 Pull Requests 0 Wiki 统计 流水线
服务
加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
项目仓库所选许可证以仓库主分支所使用许可证为准
克隆/下载
0010-fix-check-image-name-is-valid-regex.patch 4.66 KB
一键复制 编辑 原始数据 按行查看 历史
weiyuhang 提交于 2024-03-13 14:26 . sync branch to openEuler-22.03-LTS-SP1
123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
From f2c736335868873cd0cb7562a7ba95ee7c19a315 Mon Sep 17 00:00:00 2001

From: Yuhang Wei <weiyuhang3@huawei.com>

Date: Thu, 25 Jan 2024 11:57:16 +0800

Subject: [PATCH 10/13] fix: check image name is valid regex



the regex for checking the validity of the  container image image is wrong in case of "IP:PORT@sha256:111"



Signed-off-by: Yuhang Wei <weiyuhang3@huawei.com>

---

 .../manager/src/utils/container_image.rs      | 73 ++++++++++++++++---

 1 file changed, 62 insertions(+), 11 deletions(-)



diff --git a/KubeOS-Rust/manager/src/utils/container_image.rs b/KubeOS-Rust/manager/src/utils/container_image.rs

index a54fc19..dc31925 100644

--- a/KubeOS-Rust/manager/src/utils/container_image.rs

+++ b/KubeOS-Rust/manager/src/utils/container_image.rs

@@ -17,7 +17,7 @@ use regex::Regex;

 use super::executor::CommandExecutor;

 

 pub fn is_valid_image_name(image: &str) -> Result<()> {

-    let pattern = r"^(?P<Registry>[a-z0-9\-.]+\.[a-z0-9\-]+:?[0-9]*)?/?((?P<Name>[a-zA-Z0-9-_]+?)|(?P<UserName>[a-zA-Z0-9-_]+?)/(?P<ImageName>[a-zA-Z-_]+?))(?P<Tag>(?::[\w_.-]+)?|(?:@sha256:[a-fA-F0-9]+)?)$";

+    let pattern = r"^((?:[\w.-]+)(?::\d+)?/)*(?:[\w.-]+)((?::[\w_.-]+)?|(?:@sha256:[a-fA-F0-9]+)?)$";

     let reg_ex = Regex::new(pattern)?;

     if !reg_ex.is_match(image) {

         bail!("Invalid image name: {}", image);

@@ -172,16 +172,67 @@ mod tests {

     #[test]

     fn test_is_valid_image_name() {

         init();

-        let out = is_valid_image_name("nginx").unwrap();

-        assert_eq!(out, ());

-        let out =

-            is_valid_image_name("docker.example.com:5000/gmr/alpine@sha256:11111111111111111111111111111111").unwrap();

-        assert_eq!(out, ());

-        let out =

-            is_valid_image_name("sosedoff/pgweb:latest@sha256:5a156ff125e5a12ac7ff43ee5120fa249cf62248337b6d04574c8");

-        match out {

-            Ok(_) => assert_eq!(true, false),

-            Err(_) => assert_eq!(true, true),

+        let correct_images = vec![

+            "alpine",

+            "alpine:latest",

+            "localhost/latest",

+            "library/alpine",

+            "localhost:1234/test",

+            "test:1234/blaboon",

+            "alpine:3.7",

+            "docker.example.edu/gmr/alpine:3.7",

+            "docker.example.com:5000/gmr/alpine@sha256:5a156ff125e5a12ac7ff43ee5120fa249cf62248337b6d04abc574c8",

+            "docker.example.co.uk/gmr/alpine/test2:latest",

+            "registry.dobby.org/dobby/dobby-servers/arthound:2019-08-08",

+            "owasp/zap:3.8.0",

+            "registry.dobby.co/dobby/dobby-servers/github-run:2021-10-04",

+            "docker.elastic.co/kibana/kibana:7.6.2",

+            "registry.dobby.org/dobby/dobby-servers/lerphound:latest",

+            "registry.dobby.org/dobby/dobby-servers/marbletown-poc:2021-03-29",

+            "marbles/marbles:v0.38.1",

+            "registry.dobby.org/dobby/dobby-servers/loophole@sha256:5a156ff125e5a12ac7ff43ee5120fa249cf62248337b6d04abc574c8",

+            "sonatype/nexon:3.30.0",

+            "prom/node-exporter:v1.1.1",

+            "sosedoff/pgweb@sha256:5a156ff125e5a12ac7ff43ee5120fa249cf62248337b6d04abc574c8",

+            "sosedoff/pgweb:latest",

+            "registry.dobby.org/dobby/dobby-servers/arpeggio:2021-06-01",

+            "registry.dobby.org/dobby/antique-penguin:release-production",

+            "dalprodictus/halcon:6.7.5",

+            "antigua/antigua:v31",

+            "weblate/weblate:4.7.2-1",

+            "redis:4.0.01-alpine",

+            "registry.dobby.com/dobby/dobby-servers/github-run:latest",

+            "192.168.122.123:5000/kubeos-x86_64:2023-01",

+        ];

+        let wrong_images = vec![

+            "alpine;v1.0",

+            "alpine:latest@sha256:11111111111111111111111111111111",

+            "alpine|v1.0",

+            "alpine&v1.0",

+            "sosedoff/pgweb:latest@sha256:5a156ff125e5a12ac7ff43ee5120fa249cf62248337b6d04574c8",

+            "192.168.122.123:5000/kubeos-x86_64:2023-01@sha256:1a1a1a1a1a1a1a1a1a1a1a1a1a1a",

+            "192.168.122.123:5000@sha256:1a1a1a1a1a1a1a1a1a1a1a1a1a1a",

+            "myimage$%^&",

+            ":myimage",

+            "/myimage",

+            "myimage/",

+            "myimage:",

+            "myimage@@latest",

+            "myimage::tag",

+            "registry.com//myimage:tag",

+            " myimage",

+            "myimage ",

+            "registry.com/:tag",

+            "myimage:",

+            "",

+            ":tag",

+            "IP:5000@sha256:1a1a1a1a1a1a1a1a1a1a1a1a1a1a",

+        ];

+        for image in correct_images {

+            assert!(is_valid_image_name(image).is_ok());

+        }

+        for image in wrong_images {

+            assert!(is_valid_image_name(image).is_err());

         }

     }

 

-- 

2.34.1
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化
1
https://gitee.com/iGxnon/KubeOS.git
git@gitee.com:iGxnon/KubeOS.git
iGxnon
KubeOS
KubeOS
master
点此查找更多帮助

搜索帮助

Git 命令在线学习 如何在 Gitee 导入 GitHub 仓库
Git 仓库基础操作
企业版和社区版功能对比
SSH 公钥设置
如何处理代码冲突
仓库体积过大,如何减小?
如何找回被删除的仓库数据
Gitee 产品配额说明
GitHub仓库快速导入Gitee及同步更新
什么是 Release(发行版)
将 PHP 项目自动发布到 packagist.org
仓库举报
回到顶部