Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
openeuler
isula-build
提交
35bd7f6e
I
isula-build
项目概览
openeuler
/
isula-build
通知
5
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
I
isula-build
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
35bd7f6e
编写于
8月 26, 2020
作者:
O
openeuler-ci-bot
提交者:
Gitee
8月 26, 2020
浏览文件
操作
浏览文件
下载
差异文件
!62 refactor: change the default authentication method
Merge pull request !62 from DCCooper/refactor
上级
268009b0
ddfe126e
变更
20
隐藏空白更改
内联
并排
Showing
20 changed file
with
595 addition
and
268 deletion
+595
-268
api/services/control.pb.go
api/services/control.pb.go
+93
-112
api/services/control.proto
api/services/control.proto
+4
-7
builder/builder.go
builder/builder.go
+3
-2
builder/builder_test.go
builder/builder_test.go
+6
-1
builder/dockerfile/builder.go
builder/dockerfile/builder.go
+10
-5
builder/dockerfile/builder_test.go
builder/dockerfile/builder_test.go
+26
-23
builder/dockerfile/stage_builder_test.go
builder/dockerfile/stage_builder_test.go
+4
-0
cmd/cli/build.go
cmd/cli/build.go
+5
-12
cmd/cli/build_test.go
cmd/cli/build_test.go
+11
-3
cmd/cli/login.go
cmd/cli/login.go
+9
-16
cmd/cli/login_test.go
cmd/cli/login_test.go
+21
-1
cmd/daemon/main.go
cmd/daemon/main.go
+18
-1
constant.go
constant.go
+2
-0
daemon/daemon.go
daemon/daemon.go
+18
-32
daemon/daemon_test.go
daemon/daemon_test.go
+0
-49
daemon/login.go
daemon/login.go
+2
-4
util/cipher.go
util/cipher.go
+103
-0
util/cipher_test.go
util/cipher_test.go
+218
-0
util/util.go
util/util.go
+15
-0
util/util_test.go
util/util_test.go
+27
-0
未找到文件。
api/services/control.pb.go
浏览文件 @
35bd7f6e
...
...
@@ -72,14 +72,12 @@ type BuildRequest struct {
Iidfile
string
`protobuf:"bytes,8,opt,name=iidfile,proto3" json:"iidfile,omitempty"`
// buildStatic is used to hold the options for static build
BuildStatic
*
BuildStatic
`protobuf:"bytes,9,opt,name=buildStatic,proto3" json:"buildStatic,omitempty"`
// encryptKey is key to encrypt items in buildArgs
EncryptKey
string
`protobuf:"bytes,10,opt,name=encryptKey,proto3" json:"encryptKey,omitempty"`
// additionalTag is the tag applied to the built image
AdditionalTag
string
`protobuf:"bytes,1
1
,opt,name=additionalTag,proto3" json:"additionalTag,omitempty"`
AdditionalTag
string
`protobuf:"bytes,1
0
,opt,name=additionalTag,proto3" json:"additionalTag,omitempty"`
// capAddList indicates Linux capabilities for RUN command
CapAddList
[]
string
`protobuf:"bytes,1
2
,rep,name=capAddList,proto3" json:"capAddList,omitempty"`
CapAddList
[]
string
`protobuf:"bytes,1
1
,rep,name=capAddList,proto3" json:"capAddList,omitempty"`
// entityID is an id to descript a physic building
EntityID
string
`protobuf:"bytes,1
3
,opt,name=entityID,proto3" json:"entityID,omitempty"`
EntityID
string
`protobuf:"bytes,1
2
,opt,name=entityID,proto3" json:"entityID,omitempty"`
XXX_NoUnkeyedLiteral
struct
{}
`json:"-"`
XXX_unrecognized
[]
byte
`json:"-"`
XXX_sizecache
int32
`json:"-"`
...
...
@@ -172,13 +170,6 @@ func (m *BuildRequest) GetBuildStatic() *BuildStatic {
return
nil
}
func
(
m
*
BuildRequest
)
GetEncryptKey
()
string
{
if
m
!=
nil
{
return
m
.
EncryptKey
}
return
""
}
func
(
m
*
BuildRequest
)
GetAdditionalTag
()
string
{
if
m
!=
nil
{
return
m
.
AdditionalTag
...
...
@@ -864,9 +855,7 @@ type LoginRequest struct {
// username is username to login
Username
string
`protobuf:"bytes,2,opt,name=username,proto3" json:"username,omitempty"`
// password is password to login
Password
string
`protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"`
// key is aes key used for encrypt and decrypt password
Key
string
`protobuf:"bytes,4,opt,name=key,proto3" json:"key,omitempty"`
Password
string
`protobuf:"bytes,3,opt,name=password,proto3" json:"password,omitempty"`
XXX_NoUnkeyedLiteral
struct
{}
`json:"-"`
XXX_unrecognized
[]
byte
`json:"-"`
XXX_sizecache
int32
`json:"-"`
...
...
@@ -917,13 +906,6 @@ func (m *LoginRequest) GetPassword() string {
return
""
}
func
(
m
*
LoginRequest
)
GetKey
()
string
{
if
m
!=
nil
{
return
m
.
Key
}
return
""
}
type
LoginResponse
struct
{
// login response sent to front-end
Content
string
`protobuf:"bytes,1,opt,name=content,proto3" json:"content,omitempty"`
...
...
@@ -1542,96 +1524,95 @@ func init() {
func
init
()
{
proto
.
RegisterFile
(
"api/services/control.proto"
,
fileDescriptor_d71ef680555cb937
)
}
var
fileDescriptor_d71ef680555cb937
=
[]
byte
{
// 1418 bytes of a gzipped FileDescriptorProto
0x1f
,
0x8b
,
0x08
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x02
,
0xff
,
0x8c
,
0x56
,
0x6d
,
0x6f
,
0xdb
,
0xb6
,
0x13
,
0xff
,
0xcb
,
0x72
,
0x9c
,
0xe4
,
0x64
,
0xa7
,
0x01
,
0xff
,
0x45
,
0x26
,
0xb8
,
0x69
,
0x9b
,
0x69
,
0xc5
,
0xe0
,
0x75
,
0x80
,
0x93
,
0x66
,
0x7d
,
0xb1
,
0x0e
,
0xeb
,
0xb0
,
0x3c
,
0xb4
,
0x9d
,
0xd7
,
0xd6
,
0xc1
,
0x94
,
0xac
,
0x7b
,
0x59
,
0xb0
,
0x36
,
0xa3
,
0x10
,
0x91
,
0x44
,
0x8d
,
0xa4
,
0xd2
,
0x7a
,
0xfb
,
0x1a
,
0x7b
,
0x33
,
0x60
,
0xfb
,
0x0c
,
0xfb
,
0x20
,
0xfb
,
0x02
,
0xfb
,
0x38
,
0x03
,
0x29
,
0x52
,
0x92
,
0x2d
,
0xa7
,
0xdd
,
0x3b
,
0xde
,
0xef
,
0xee
,
0xc8
,
0x7b
,
0xe2
,
0xdd
,
0x41
,
0x1f
,
0x67
,
0x74
,
0x57
,
0x10
,
0x7e
,
0x45
,
0x27
,
0x44
,
0xec
,
0x4e
,
0x58
,
0x2a
,
0x39
,
0x8b
,
0x87
,
0x19
,
0x67
,
0x92
,
0xa1
,
0x0d
,
0x2a
,
0xf2
,
0x18
,
0x0f
,
0xdf
,
0xe4
,
0x34
,
0x9e
,
0x0e
,
0xaf
,
0x1e
,
0xf4
,
0x6f
,
0x45
,
0x8c
,
0x45
,
0x31
,
0xd9
,
0xd5
,
0xdc
,
0x37
,
0xf9
,
0xf9
,
0x2e
,
0x49
,
0x32
,
0x39
,
0x2b
,
0x84
,
0xfb
,
0x77
,
0x17
,
0x99
,
0x92
,
0x26
,
0x44
,
0x48
,
0x9c
,
0x64
,
0x85
,
0x40
,
0xf0
,
0x97
,
0x0b
,
0xdd
,
0x43
,
0x75
,
0x55
,
0x48
,
0x7e
,
0xce
,
0x89
,
0x90
,
0x68
,
0x1b
,
0xd6
,
0xf5
,
0xd5
,
0x67
,
0xb3
,
0x8c
,
0xf8
,
0xce
,
0x8e
,
0x33
,
0x58
,
0x0f
,
0x2b
,
0x00
,
0xf9
,
0xb0
,
0xaa
,
0x89
,
0xd1
,
0xb1
,
0xdf
,
0xd2
,
0x3c
,
0x4b
,
0xa2
,
0x3b
,
0x00
,
0xca
,
0x4e
,
0xf2
,
0x4e
,
0x1e
,
0x53
,
0xee
,
0xbb
,
0x9a
,
0x59
,
0x43
,
0xd0
,
0x0e
,
0x78
,
0xe7
,
0x34
,
0x26
,
0x47
,
0x0a
,
0x49
,
0xa5
,
0xdf
,
0xd6
,
0x02
,
0x75
,
0x08
,
0x6d
,
0x41
,
0x87
,
0xe5
,
0x32
,
0xcb
,
0xa5
,
0xbf
,
0xa2
,
0x99
,
0x86
,
0x2a
,
0x2d
,
0x3a
,
0xe0
,
0x91
,
0xf0
,
0x3b
,
0x3b
,
0x6e
,
0x69
,
0x91
,
0x02
,
0xd0
,
0x4d
,
0x58
,
0xc9
,
0x38
,
0x7b
,
0x37
,
0xf3
,
0x57
,
0x77
,
0x9c
,
0xc1
,
0x5a
,
0x58
,
0x10
,
0xca
,
0x4e
,
0x4a
,
0xa7
,
0xea
,
0x76
,
0x7f
,
0xad
,
0xb0
,
0xd3
,
0x90
,
0xe8
,
0x31
,
0x78
,
0x5a
,
0xf9
,
0x54
,
0x62
,
0x49
,
0x27
,
0xfe
,
0xfa
,
0x8e
,
0x33
,
0xf0
,
0xf6
,
0x6f
,
0x0d
,
0xe7
,
0x83
,
0x3a
,
0x3c
,
0xac
,
0x44
,
0xc2
,
0xba
,
0xbc
,
0x72
,
0x93
,
0xa4
,
0x13
,
0x3e
,
0xcb
,
0xe4
,
0x73
,
0x32
,
0xf3
,
0xa1
,
0x70
,
0xb3
,
0x42
,
0xd0
,
0x3d
,
0xe8
,
0xe1
,
0xe9
,
0x94
,
0x4a
,
0xca
,
0x52
,
0x1c
,
0x9f
,
0xe1
,
0xc8
,
0xf7
,
0xb4
,
0xc8
,
0x3c
,
0xa8
,
0x83
,
0x85
,
0xb3
,
0x83
,
0xe9
,
0xf4
,
0x05
,
0x15
,
0xd2
,
0xef
,
0x6a
,
0x9f
,
0x6a
,
0x08
,
0xea
,
0xc3
,
0x1a
,
0x49
,
0x25
,
0x95
,
0xb3
,
0xd1
,
0xb1
,
0xdf
,
0xd3
,
0x17
,
0x94
,
0x74
,
0x70
,
0x00
,
0xbd
,
0x51
,
0x92
,
0x31
,
0x2e
,
0x6b
,
0x19
,
0xe3
,
0xe4
,
0x9c
,
0x70
,
0x92
,
0x4e
,
0xca
,
0x8c
,
0x95
,
0x00
,
0x42
,
0xd0
,
0x9e
,
0x62
,
0x89
,
0x75
,
0xba
,
0xba
,
0xa1
,
0x3e
,
0x07
,
0x01
,
0x6c
,
0xd8
,
0x2b
,
0x44
,
0xc6
,
0x52
,
0x41
,
0xd0
,
0x26
,
0xb8
,
0x31
,
0x8b
,
0x8c
,
0xb6
,
0x3a
,
0x06
,
0xcf
,
0xc0
,
0xab
,
0x05
,
0x01
,
0x7d
,
0x69
,
0xcb
,
0x82
,
0x26
,
0xc5
,
0x23
,
0xde
,
0x7e
,
0x7f
,
0x58
,
0x14
,
0xd7
,
0xd0
,
0x16
,
0xd7
,
0xf0
,
0xcc
,
0x16
,
0x57
,
0x58
,
0x09
,
0x07
,
0x8f
,
0xa1
,
0x67
,
0x0a
,
0xcc
,
0xbc
,
0xa5
,
0x72
,
0x93
,
0xe0
,
0x88
,
0x8c
,
0x8e
,
0xcd
,
0x7b
,
0x96
,
0x5c
,
0x6a
,
0xeb
,
0x67
,
0xd0
,
0x53
,
0x26
,
0xe4
,
0xc2
,
0xba
,
0x5b
,
0x2b
,
0x41
,
0x67
,
0xae
,
0x04
,
0x83
,
0xfb
,
0xb0
,
0x61
,
0x45
,
0xab
,
0xa7
,
0x26
,
0xa6
,
0xe0
,
0x8c
,
0xac
,
0x21
,
0x83
,
0xcf
,
0xc1
,
0x53
,
0x91
,
0xae
,
0xc5
,
0x50
,
0x1b
,
0x31
,
0xc6
,
0x49
,
0x19
,
0xc3
,
0x12
,
0x08
,
0x1e
,
0x02
,
0x9c
,
0xe1
,
0xc8
,
0xca
,
0xde
,
0x84
,
0x15
,
0xcd
,
0x32
,
0x72
,
0x05
,
0xa1
,
0x22
,
0x28
,
0x71
,
0x64
,
0x7e
,
0x85
,
0x3a
,
0x06
,
0x7f
,
0x3b
,
0xd0
,
0x2d
,
0xde
,
0x30
,
0xd6
,
0x7c
,
0x03
,
0x1d
,
0x2d
,
0x2b
,
0x7c
,
0x67
,
0xc7
,
0x1d
,
0x78
,
0xfb
,
0x9f
,
0x2e
,
0x56
,
0x5d
,
0x5d
,
0x7a
,
0x38
,
0xd2
,
0x41
,
0x49
,
0xcf
,
0x59
,
0x68
,
0xb4
,
0xfa
,
0xbf
,
0xc2
,
0x7a
,
0x09
,
0xaa
,
0x12
,
0xe2
,
0x24
,
0x63
,
0x82
,
0x4a
,
0xc6
,
0x67
,
0xc6
,
0x94
,
0x1a
,
0xd2
,
0xb4
,
0x07
,
0x6d
,
0x40
,
0x8b
,
0x4e
,
0xcd
,
0xcf
,
0x6c
,
0xd1
,
0xa9
,
0x0e
,
0x0e
,
0x27
,
0x58
,
0x92
,
0xa9
,
0xf9
,
0x8d
,
0x96
,
0x54
,
0x79
,
0x10
,
0xf4
,
0x17
,
0x62
,
0xfe
,
0xa1
,
0x3e
,
0x07
,
0x7f
,
0x3a
,
0x70
,
0xe3
,
0x15
,
0xe1
,
0x82
,
0xb2
,
0xb4
,
0x1e
,
0xde
,
0xab
,
0x02
,
0xb2
,
0xe1
,
0x35
,
0xa4
,
0x8a
,
0x67
,
0xc4
,
0x8c
,
0xb8
,
0xb1
,
0xa1
,
0x02
,
0x34
,
0x97
,
0xca
,
0x23
,
0x96
,
0x24
,
0x54
,
0x1a
,
0x83
,
0x2a
,
0xa0
,
0xea
,
0x40
,
0xaa
,
0xd4
,
0xda
,
0xf5
,
0x0e
,
0x44
,
0x13
,
0xa2
,
0xbb
,
0x84
,
0x38
,
0xe0
,
0x93
,
0x8b
,
0xb2
,
0x4b
,
0x68
,
0x2a
,
0xf8
,
0x01
,
0x7a
,
0x21
,
0x49
,
0xd8
,
0x15
,
0xa9
,
0xd5
,
0x49
,
0x55
,
0x66
,
0x6e
,
0xbd
,
0xcc
,
0x36
,
0xc1
,
0xc5
,
0x71
,
0xac
,
0xcd
,
0x5a
,
0x0b
,
0xd5
,
0xb1
,
0x68
,
0x22
,
0x79
,
0x4a
,
0xb4
,
0x31
,
0xba
,
0x89
,
0xe4
,
0xa9
,
0x4a
,
0xfb
,
0x86
,
0xbd
,
0xd2
,
0x38
,
0x1c
,
0x40
,
0x37
,
0xc6
,
0x33
,
0xc2
,
0x5f
,
0x12
,
0x21
,
0xaa
,
0x0a
,
0x98
,
0xc3
,
0x82
,
0x3f
,
0x1c
,
0xf8
,
0xff
,
0x77
,
0x04
,
0xc7
,
0xf2
,
0xe2
,
0xe8
,
0x82
,
0x4c
,
0x2e
,
0x4b
,
0xdd
,
0x11
,
0x74
,
0x84
,
0xae
,
0x4e
,
0xad
,
0xb5
,
0xb1
,
0xff
,
0x60
,
0x31
,
0xfb
,
0x4b
,
0x94
,
0x86
,
0xa7
,
0x6a
,
0x06
,
0xa4
,
0x91
,
0x29
,
0x6b
,
0x73
,
0x41
,
0xf0
,
0x15
,
0xf4
,
0xe6
,
0x18
,
0xc8
,
0x83
,
0xd5
,
0x1f
,
0xc7
,
0xcf
,
0xc7
,
0x27
,
0x3f
,
0x8d
,
0x37
,
0xff
,
0xa7
,
0x88
,
0xd3
,
0x27
,
0xe1
,
0xab
,
0xd1
,
0xf8
,
0xd9
,
0xa6
,
0x83
,
0x6e
,
0x80
,
0x37
,
0x3e
,
0x39
,
0x7b
,
0x6d
,
0x81
,
0x56
,
0x90
,
0x41
,
0xf7
,
0x05
,
0x8b
,
0x68
,
0x6a
,
0xc3
,
0xb4
,
0x05
,
0x1d
,
0x35
,
0x68
,
0x08
,
0x37
,
0xce
,
0x18
,
0x4a
,
0xb5
,
0xa0
,
0x5c
,
0x10
,
0x9e
,
0xaa
,
0x0f
,
0x51
,
0x24
,
0xb0
,
0xa4
,
0x15
,
0x2f
,
0xc3
,
0x42
,
0xbc
,
0x65
,
0xdc
,
0xd6
,
0x53
,
0x49
,
0xab
,
0xe0
,
0x5e
,
0x92
,
0x99
,
0xc9
,
0x9b
,
0x3a
,
0xaa
,
0x1f
,
0x6c
,
0x5e
,
0xfc
,
0xe0
,
0xaf
,
0x7c
,
0xa4
,
0x45
,
0x59
,
0x2e
,
0x3f
,
0x64
,
0x5d
,
0x23
,
0x85
,
0xc1
,
0x00
,
0x36
,
0xac
,
0xaa
,
0x79
,
0x66
,
0x0b
,
0x3a
,
0x9c
,
0x88
,
0x3c
,
0xb6
,
0xaf
,
0x18
,
0x2a
,
0xf8
,
0x18
,
0xbc
,
0x17
,
0x0c
,
0x97
,
0x03
,
0x0f
,
0x41
,
0x3b
,
0xc3
,
0xf2
,
0xc2
,
0x08
,
0xe9
,
0x73
,
0xb0
,
0xa3
,
0x82
,
0x84
,
0xa7
,
0xef
,
0x69
,
0x8f
,
0x27
,
0xe0
,
0x9d
,
0xe2
,
0xaa
,
0xd8
,
0x96
,
0xf7
,
0x04
,
0x7b
,
0x75
,
0xab
,
0xba
,
0x5a
,
0x7b
,
0x84
,
0xaf
,
0x54
,
0x55
,
0xba
,
0xc6
,
0x23
,
0x4d
,
0x05
,
0x0f
,
0xa1
,
0x5b
,
0x5c
,
0x68
,
0x9e
,
0xb4
,
0xbd
,
0xd0
,
0xa9
,
0x7a
,
0xa1
,
0x35
,
0xa3
,
0x55
,
0x99
,
0x31
,
0x83
,
0xd5
,
0x97
,
0x24
,
0x39
,
0x56
,
0xcc
,
0x3e
,
0xac
,
0x25
,
0x24
,
0x39
,
0x63
,
0x12
,
0xc7
,
0x5a
,
0xc9
,
0x0d
,
0x4b
,
0x5a
,
0x45
,
0x3c
,
0x21
,
0xc9
,
0x53
,
0x4e
,
0x8a
,
0x5c
,
0xba
,
0xa1
,
0x25
,
0xd5
,
0x67
,
0x13
,
0x6f
,
0x71
,
0x56
,
0xa8
,
0xb9
,
0x9a
,
0x57
,
0x01
,
0xea
,
0x4e
,
0x45
,
0x68
,
0xc5
,
0x76
,
0x71
,
0xa7
,
0xa5
,
0x83
,
0xd7
,
0xe0
,
0x9d
,
0x4a
,
0xc6
,
0x71
,
0x44
,
0xf4
,
0xf3
,
0xf7
,
0xa0
,
0x27
,
0x0c
,
0xc9
,
0x69
,
0x95
,
0xb0
,
0x79
,
0x10
,
0xdd
,
0x87
,
0x4d
,
0x03
,
0x1c
,
0xe2
,
0xc9
,
0x25
,
0x4d
,
0xa3
,
0xa7
,
0xc2
,
0xb8
,
0xd3
,
0xc0
,
0x83
,
0xdf
,
0x1c
,
0xe8
,
0x86
,
0x24
,
0xa2
,
0x42
,
0xf2
,
0x99
,
0x7e
,
0xe2
,
0x3e
,
0x6c
,
0xf2
,
0x82
,
0xa6
,
0x44
,
0x9c
,
0x12
,
0xac
,
0x9a
,
0x40
,
0xf1
,
0xb5
,
0x1b
,
0x38
,
0x1a
,
0x02
,
0xaa
,
0xb0
,
0x51
,
0x2a
,
0xc8
,
0x24
,
0xe7
,
0xca
,
0x79
,
0x25
,
0xbd
,
0x84
,
0x83
,
0x06
,
0x70
,
0xa3
,
0x42
,
0x0f
,
0x63
,
0x36
,
0xb9
,
0xf4
,
0x5d
,
0x2d
,
0xbc
,
0x08
,
0x07
,
0xff
,
0xb4
,
0xa0
,
0xab
,
0xdb
,
0xb2
,
0xcd
,
0xd4
,
0x03
,
0x1d
,
0x5c
,
0x05
,
0x99
,
0xc1
,
0xf8
,
0xd1
,
0xe2
,
0xcf
,
0x36
,
0x29
,
0x0a
,
0xad
,
0x9c
,
0x5a
,
0x42
,
0x8c
,
0xbb
,
0x5a
,
0xad
,
0xb5
,
0x7c
,
0x09
,
0xa9
,
0x85
,
0x37
,
0xac
,
0xcb
,
0xa3
,
0x6f
,
0xa1
,
0x6b
,
0xac
,
0x9a
,
0x69
,
0x7d
,
0x57
,
0xeb
,
0x6f
,
0x2f
,
0xea
,
0xd7
,
0x83
,
0x17
,
0xce
,
0x69
,
0xa8
,
0xc4
,
0xaa
,
0x8a
,
0x0a
,
0x19
,
0xb3
,
0xab
,
0x58
,
0x49
,
0xab
,
0x62
,
0xe1
,
0x79
,
0xaa
,
0x59
,
0x45
,
0x8b
,
0xb5
,
0xa4
,
0x9a
,
0x39
,
0x27
,
0x47
,
0xa3
,
0x30
,
0x4f
,
0xd5
,
0x16
,
0xe9
,
0x77
,
0x8a
,
0x99
,
0x53
,
0x21
,
0x8a
,
0xaf
,
0x1f
,
0x27
,
0x7c
,
0x9c
,
0x27
,
0x7a
,
0x21
,
0x73
,
0xc3
,
0x1a
,
0xa2
,
0xf8
,
0x11
,
0x0b
,
0x59
,
0x2e
,
0x69
,
0x4a
,
0x84
,
0x5e
,
0xcc
,
0xdc
,
0xb0
,
0x86
,
0xec
,
0xff
,
0xbe
,
0x0a
,
0xab
,
0x47
,
0xc5
,
0xb2
,
0x8b
,
0x9e
,
0xc2
,
0x8a
,
0x5e
,
0x1b
,
0xd0
,
0xf6
,
0xd2
,
0xdd
,
0xcc
,
0x7c
,
0xbc
,
0xfe
,
0xed
,
0x6b
,
0xb8
,
0x45
,
0x6e
,
0xf6
,
0x1c
,
0xd5
,
0x76
,
0x4d
,
0x93
,
0xbc
,
0xdd
,
0x8c
,
0x6f
,
0x6d
,
0xaf
,
0xe8
,
0xdf
,
0xb9
,
0x8e
,
0x5d
,
0x5e
,
0x75
,
0x00
,
0x6d
,
0xbd
,
0x9d
,
0xdd
,
0x5a
,
0x3e
,
0xb7
,
0x8b
,
0x6b
,
0xb6
,
0xdf
,
0x37
,
0xd4
,
0xd1
,
0x21
,
0xac
,
0xda
,
0x21
,
0xb8
,
0xd5
,
0x58
,
0x9f
,
0x9e
,
0xa8
,
0xc5
,
0xbd
,
0x7f
,
0x77
,
0xf1
,
0x82
,
0xc5
,
0xa9
,
0x3b
,
0x82
,
0x4e
,
0x31
,
0x96
,
0x9a
,
0x1e
,
0xcd
,
0x4d
,
0xc0
,
0xa6
,
0x47
,
0xf3
,
0xd3
,
0x6c
,
0xcf
,
0x41
,
0xdf
,
0x83
,
0x57
,
0x9b
,
0x3a
,
0xd7
,
0x9a
,
0xf4
,
0xc9
,
0x7f
,
0x18
,
0x55
,
0xe8
,
0x18
,
0x56
,
0x74
,
0x9b
,
0x6f
,
0x26
,
0xac
,
0x3e
,
0x6f
,
0x9a
,
0x09
,
0x9b
,
0x9f
,
0x0d
,
0xcf
,
0xa0
,
0x53
,
0xb4
,
0x71
,
0xb4
,
0x4c
,
0xb0
,
0x9a
,
0x0c
,
0x4d
,
0xe7
,
0x16
,
0xba
,
0xff
,
0x11
,
0xb4
,
0x55
,
0x0b
,
0x5f
,
0x92
,
0xac
,
0xaa
,
0xf7
,
0x2f
,
0x49
,
0x56
,
0xad
,
0xeb
,
0xef
,
0x39
,
0xe8
,
0x39
,
0x74
,
0x8a
,
0x45
,
0xb9
,
0x69
,
0xcd
,
0xdc
,
0x0e
,
0xde
,
0xb4
,
0x66
,
0x7e
,
0xbf
,
0x1e
,
0x38
,
0x7b
,
0x0e
,
0x7a
,
0x04
,
0xae
,
0xda
,
0xfd
,
0xfb
,
0x8b
,
0xa2
,
0xd5
,
0x6a
,
0xd9
,
0xbf
,
0x26
,
0x01
,
0xca
,
0x19
,
0x35
,
0x1c
,
0x9a
,
0xce
,
0xd4
,
0x66
,
0x50
,
0xd3
,
0x99
,
0xfa
,
0x3c
,
0xd9
,
0x73
,
0xd0
,
0xd7
,
0xd0
,
0xd6
,
0x7f
,
0xff
,
0xba
,
0x2c
,
0x37
,
0xf4
,
0xeb
,
0x5d
,
0xee
,
0x4d
,
0x47
,
0x4b
,
0x7f
,
0xf1
,
0x6f
,
0x00
,
0x00
,
0x00
,
0xff
,
0xff
,
0x35
,
0x26
,
0x1e
,
0xed
,
0x9b
,
0x0e
,
0x00
,
0x00
,
// 1394 bytes of a gzipped FileDescriptorProto
0x1f
,
0x8b
,
0x08
,
0x00
,
0x00
,
0x00
,
0x00
,
0x00
,
0x02
,
0xff
,
0x8c
,
0x56
,
0x5f
,
0x73
,
0xdb
,
0x44
,
0x10
,
0x47
,
0x96
,
0xe3
,
0x24
,
0x2b
,
0x27
,
0xcd
,
0x1c
,
0x9d
,
0xa0
,
0x71
,
0xd3
,
0xd6
,
0x88
,
0x0e
,
0x63
,
0xca
,
0x8c
,
0x93
,
0x86
,
0x3e
,
0x50
,
0x86
,
0x32
,
0xe4
,
0x4f
,
0x5b
,
0x4c
,
0x5b
,
0x67
,
0x50
,
0x42
,
0x79
,
0xa3
,
0x73
,
0xb5
,
0x2f
,
0xca
,
0x4d
,
0x25
,
0x9d
,
0xb8
,
0x3b
,
0xa5
,
0x35
,
0x7c
,
0x08
,
0x5e
,
0x78
,
0x61
,
0x06
,
0x3e
,
0x11
,
0x5f
,
0x80
,
0x8f
,
0xc3
,
0xdc
,
0xe9
,
0x4e
,
0x92
,
0x2d
,
0xa7
,
0xe5
,
0xed
,
0xf6
,
0xb7
,
0x7f
,
0x6e
,
0x6f
,
0x77
,
0x6f
,
0x77
,
0xa1
,
0x87
,
0x33
,
0xba
,
0x2b
,
0x08
,
0xbf
,
0xa4
,
0x13
,
0x22
,
0x76
,
0x27
,
0x2c
,
0x95
,
0x9c
,
0xc5
,
0xc3
,
0x8c
,
0x33
,
0xc9
,
0xd0
,
0x26
,
0x15
,
0x79
,
0x8c
,
0x87
,
0xaf
,
0x72
,
0x1a
,
0x4f
,
0x87
,
0x97
,
0xf7
,
0x7a
,
0x37
,
0x22
,
0xc6
,
0xa2
,
0x98
,
0xec
,
0x6a
,
0xee
,
0xab
,
0xfc
,
0x7c
,
0x97
,
0x24
,
0x99
,
0x9c
,
0x15
,
0xc2
,
0xbd
,
0xdb
,
0x8b
,
0x4c
,
0x49
,
0x13
,
0x22
,
0x24
,
0x4e
,
0xb2
,
0x42
,
0x20
,
0xf8
,
0xdd
,
0x85
,
0xee
,
0xa1
,
0x32
,
0x15
,
0x92
,
0x5f
,
0x72
,
0x22
,
0x24
,
0xda
,
0x81
,
0x75
,
0x6d
,
0xfa
,
0x6c
,
0x96
,
0x11
,
0xdf
,
0xe9
,
0x3b
,
0x83
,
0xf5
,
0xb0
,
0x02
,
0x90
,
0x0f
,
0xab
,
0x9a
,
0x18
,
0x1d
,
0xfb
,
0x2d
,
0xcd
,
0xb3
,
0x24
,
0xba
,
0x05
,
0xa0
,
0xfc
,
0x24
,
0x6f
,
0xe5
,
0x31
,
0xe5
,
0xbe
,
0xab
,
0x99
,
0x35
,
0x04
,
0xf5
,
0xc1
,
0x3b
,
0xa7
,
0x31
,
0x39
,
0x52
,
0x48
,
0x2a
,
0xfd
,
0xb6
,
0x16
,
0xa8
,
0x43
,
0x68
,
0x1b
,
0x3a
,
0x2c
,
0x97
,
0x59
,
0x2e
,
0xfd
,
0x15
,
0xcd
,
0x34
,
0x54
,
0xe9
,
0xd1
,
0x01
,
0x8f
,
0x84
,
0xdf
,
0xe9
,
0xbb
,
0xa5
,
0x47
,
0x0a
,
0x40
,
0xd7
,
0x61
,
0x25
,
0xe3
,
0xec
,
0xed
,
0xcc
,
0x5f
,
0xed
,
0x3b
,
0x83
,
0xb5
,
0xb0
,
0x20
,
0x94
,
0x9f
,
0x94
,
0x4e
,
0x95
,
0x75
,
0x7f
,
0xad
,
0xf0
,
0xd3
,
0x90
,
0xe8
,
0x21
,
0x78
,
0x5a
,
0xf9
,
0x54
,
0x62
,
0x49
,
0x27
,
0xfe
,
0x7a
,
0xdf
,
0x19
,
0x78
,
0xfb
,
0x37
,
0x86
,
0xf3
,
0x41
,
0x1d
,
0x1e
,
0x56
,
0x22
,
0x61
,
0x5d
,
0x1e
,
0xdd
,
0x81
,
0x0d
,
0x3c
,
0x9d
,
0x52
,
0x49
,
0x59
,
0x8a
,
0xe3
,
0x33
,
0x1c
,
0xf9
,
0xa0
,
0xcd
,
0xcf
,
0x83
,
0x3a
,
0x18
,
0x38
,
0x3b
,
0x98
,
0x4e
,
0x9f
,
0x51
,
0x21
,
0x7d
,
0x4f
,
0xfb
,
0x5c
,
0x43
,
0x50
,
0x0f
,
0xd6
,
0x48
,
0x2a
,
0xa9
,
0x9c
,
0x8d
,
0x8e
,
0xfd
,
0xae
,
0x36
,
0x50
,
0xd2
,
0xc1
,
0x01
,
0x6c
,
0x8c
,
0x92
,
0x8c
,
0x71
,
0x59
,
0xcb
,
0x08
,
0x27
,
0xe7
,
0x84
,
0x93
,
0x74
,
0x52
,
0x66
,
0xa4
,
0x04
,
0x10
,
0x82
,
0xf6
,
0x14
,
0x4b
,
0xac
,
0xd3
,
0xd1
,
0x0d
,
0xf5
,
0x39
,
0x08
,
0x60
,
0xd3
,
0x9a
,
0x10
,
0x19
,
0x4b
,
0x05
,
0x41
,
0x5b
,
0xe0
,
0xc6
,
0x2c
,
0x32
,
0xda
,
0xea
,
0x18
,
0x3c
,
0x01
,
0xaf
,
0xf6
,
0x48
,
0xf4
,
0xa5
,
0x4d
,
0x3b
,
0x4d
,
0x8a
,
0x4b
,
0xbc
,
0xfd
,
0xde
,
0xb0
,
0x28
,
0x9e
,
0xa1
,
0x2d
,
0x9e
,
0xe1
,
0x99
,
0x2d
,
0x9e
,
0xb0
,
0x12
,
0x0e
,
0x1e
,
0xc2
,
0x86
,
0x29
,
0x20
,
0x73
,
0x97
,
0x8a
,
0x7d
,
0x82
,
0x23
,
0x32
,
0x3a
,
0x36
,
0xf7
,
0x59
,
0x72
,
0xa9
,
0xaf
,
0x9f
,
0xc1
,
0x86
,
0x72
,
0x21
,
0x17
,
0xf6
,
0xb9
,
0xb5
,
0x12
,
0x73
,
0xe6
,
0x4a
,
0x2c
,
0xb8
,
0x0b
,
0x9b
,
0x56
,
0xb4
,
0xba
,
0x6a
,
0x62
,
0x0a
,
0xca
,
0xc8
,
0x1a
,
0x32
,
0xf8
,
0x1c
,
0x3c
,
0x15
,
0xe9
,
0x5a
,
0x0c
,
0xb5
,
0x13
,
0x63
,
0x9c
,
0x94
,
0x31
,
0x2c
,
0x81
,
0xe0
,
0x3e
,
0xc0
,
0x19
,
0x8e
,
0xac
,
0xec
,
0x75
,
0x58
,
0xd1
,
0x2c
,
0x23
,
0x57
,
0x10
,
0x2a
,
0x82
,
0x12
,
0x47
,
0xa6
,
0xea
,
0xd5
,
0x31
,
0xf8
,
0xc7
,
0x81
,
0x6e
,
0x71
,
0x87
,
0xf1
,
0xe6
,
0x1b
,
0xe8
,
0x68
,
0x59
,
0xe1
,
0x3b
,
0x7d
,
0x77
,
0xe0
,
0xed
,
0x7f
,
0xba
,
0x58
,
0x55
,
0x75
,
0xe9
,
0xe1
,
0x48
,
0x07
,
0x25
,
0x3d
,
0x67
,
0xa1
,
0xd1
,
0xea
,
0xfd
,
0x06
,
0xeb
,
0x25
,
0xa8
,
0x4a
,
0x88
,
0x93
,
0x8c
,
0x09
,
0x2a
,
0x19
,
0x9f
,
0x19
,
0x57
,
0x6a
,
0x48
,
0xd3
,
0x1f
,
0xb4
,
0x09
,
0x2d
,
0x3a
,
0x35
,
0x3f
,
0xaf
,
0x45
,
0xa7
,
0x3a
,
0x38
,
0x9c
,
0x60
,
0x49
,
0xa6
,
0xe6
,
0xb7
,
0x59
,
0x52
,
0xe5
,
0x41
,
0xd0
,
0x5f
,
0x89
,
0xf9
,
0x67
,
0xfa
,
0x1c
,
0xfc
,
0xed
,
0xc0
,
0xb5
,
0x17
,
0x84
,
0x0b
,
0xca
,
0xd2
,
0x7a
,
0x78
,
0x2f
,
0x0b
,
0xc8
,
0x86
,
0xd7
,
0x90
,
0x2a
,
0x9e
,
0x11
,
0x33
,
0xe2
,
0xc6
,
0x87
,
0x0a
,
0xd0
,
0x5c
,
0x2a
,
0x8f
,
0x58
,
0x92
,
0x50
,
0x69
,
0x1c
,
0xaa
,
0x80
,
0xaa
,
0xc3
,
0xa8
,
0x52
,
0x6b
,
0xd7
,
0x3b
,
0x0c
,
0x4d
,
0x88
,
0xee
,
0x02
,
0xe2
,
0x80
,
0x4f
,
0x2e
,
0xca
,
0x2e
,
0xa0
,
0xa9
,
0xe0
,
0x07
,
0xd8
,
0x08
,
0x49
,
0xc2
,
0x2e
,
0x49
,
0xad
,
0x4e
,
0xaa
,
0x32
,
0x73
,
0xeb
,
0x65
,
0xb6
,
0x05
,
0x2e
,
0x8e
,
0x63
,
0xed
,
0xd6
,
0x5a
,
0xa8
,
0x8e
,
0x45
,
0x93
,
0xc8
,
0x53
,
0xa2
,
0x9d
,
0xd1
,
0x4d
,
0x22
,
0x4f
,
0x55
,
0xda
,
0x37
,
0xad
,
0x49
,
0xf3
,
0xe0
,
0x00
,
0xba
,
0x31
,
0x9e
,
0x11
,
0xfe
,
0x9c
,
0x08
,
0x51
,
0x55
,
0xc0
,
0x1c
,
0x16
,
0xfc
,
0xe5
,
0xc0
,
0x87
,
0xdf
,
0x11
,
0x1c
,
0xcb
,
0x8b
,
0xa3
,
0x0b
,
0x32
,
0x79
,
0x5d
,
0xea
,
0x8e
,
0xa0
,
0x23
,
0x74
,
0x75
,
0x6a
,
0xad
,
0xcd
,
0xfd
,
0x7b
,
0x8b
,
0xd9
,
0x5f
,
0xa2
,
0x34
,
0x3c
,
0x55
,
0x3d
,
0x3e
,
0x8d
,
0x4c
,
0x59
,
0x1b
,
0x03
,
0xc1
,
0x57
,
0xb0
,
0x31
,
0xc7
,
0x40
,
0x1e
,
0xac
,
0xfe
,
0x38
,
0x7e
,
0x3a
,
0x3e
,
0xf9
,
0x69
,
0xbc
,
0xf5
,
0x81
,
0x22
,
0x4e
,
0x1f
,
0x85
,
0x2f
,
0x46
,
0xe3
,
0x27
,
0x5b
,
0x0e
,
0xba
,
0x06
,
0xde
,
0xf8
,
0xe4
,
0xec
,
0xa5
,
0x05
,
0x5a
,
0xc1
,
0xcf
,
0xd0
,
0x7d
,
0xc6
,
0x22
,
0x9a
,
0xda
,
0x30
,
0x6d
,
0x43
,
0x47
,
0x0d
,
0x12
,
0xc2
,
0xcd
,
0x63
,
0x0c
,
0xa5
,
0x5a
,
0x50
,
0x2e
,
0x08
,
0x4f
,
0xd5
,
0x87
,
0x28
,
0x12
,
0x58
,
0xd2
,
0x8a
,
0x97
,
0x61
,
0x21
,
0xde
,
0x30
,
0x6e
,
0xeb
,
0xa9
,
0xa4
,
0xd5
,
0x7f
,
0x35
,
0xf6
,
0xdf
,
0xfb
,
0x07
,
0x1f
,
0x68
,
0x51
,
0x96
,
0xcb
,
0xf7
,
0xf9
,
0xd2
,
0x48
,
0x58
,
0x30
,
0x80
,
0x4d
,
0xab
,
0x6a
,
0xae
,
0xd9
,
0x86
,
0x0e
,
0x27
,
0x22
,
0x8f
,
0xed
,
0x2d
,
0x86
,
0x0a
,
0x3e
,
0x06
,
0xef
,
0x19
,
0xc3
,
0xe5
,
0xf8
,
0x42
,
0xd0
,
0xce
,
0xb0
,
0xbc
,
0x30
,
0x42
,
0xfa
,
0x1c
,
0xf4
,
0x55
,
0x48
,
0xf0
,
0xf4
,
0x1d
,
0xcd
,
0xf0
,
0x04
,
0xbc
,
0x53
,
0x5c
,
0x95
,
0xd6
,
0xf2
,
0x0e
,
0x60
,
0x4d
,
0xb7
,
0x2a
,
0xd3
,
0xfa
,
0x45
,
0xf8
,
0x52
,
0xd5
,
0xa0
,
0x6b
,
0x5e
,
0xa4
,
0xa9
,
0xe0
,
0x3e
,
0x74
,
0x0b
,
0x83
,
0xe6
,
0x4a
,
0xdb
,
0xf9
,
0x9c
,
0xaa
,
0xf3
,
0x59
,
0x37
,
0x5a
,
0x95
,
0x1b
,
0x33
,
0x58
,
0x7d
,
0x4e
,
0x92
,
0x63
,
0xc5
,
0xec
,
0xc1
,
0x5a
,
0x42
,
0x92
,
0x33
,
0x26
,
0x71
,
0xac
,
0x95
,
0xdc
,
0xb0
,
0xa4
,
0x55
,
0xc4
,
0x13
,
0x92
,
0x3c
,
0xe6
,
0xa4
,
0xc8
,
0x9c
,
0x1b
,
0x5a
,
0x52
,
0x7d
,
0x2d
,
0xf1
,
0x06
,
0x67
,
0x85
,
0x9a
,
0xab
,
0x79
,
0x15
,
0xa0
,
0x6c
,
0x2a
,
0x42
,
0x2b
,
0xb6
,
0x0b
,
0x9b
,
0x96
,
0x0e
,
0x5e
,
0x82
,
0x77
,
0x2a
,
0x19
,
0xc7
,
0x11
,
0xd1
,
0xd7
,
0xdf
,
0x81
,
0x0d
,
0x61
,
0x48
,
0x4e
,
0xab
,
0x84
,
0xcd
,
0x83
,
0xe8
,
0x2e
,
0x6c
,
0x19
,
0xe0
,
0x10
,
0x4f
,
0x5e
,
0xd3
,
0x34
,
0x7a
,
0x2c
,
0xcc
,
0x73
,
0x1a
,
0x78
,
0xf0
,
0x87
,
0x03
,
0xdd
,
0x90
,
0x44
,
0x54
,
0x48
,
0x3e
,
0xd3
,
0x57
,
0xdc
,
0x85
,
0x2d
,
0x5e
,
0xd0
,
0x94
,
0x88
,
0x53
,
0x82
,
0xd5
,
0x97
,
0x2f
,
0x3e
,
0x72
,
0x03
,
0x47
,
0x43
,
0x40
,
0x15
,
0x36
,
0x4a
,
0x05
,
0x99
,
0xe4
,
0x5c
,
0x3d
,
0x5e
,
0x49
,
0x2f
,
0xe1
,
0xa0
,
0x01
,
0x5c
,
0xab
,
0xd0
,
0xc3
,
0x98
,
0x4d
,
0x5e
,
0xfb
,
0xae
,
0x16
,
0x5e
,
0x84
,
0x83
,
0x7f
,
0x5b
,
0xd0
,
0xd5
,
0x4d
,
0xd8
,
0x66
,
0xea
,
0x9e
,
0x0e
,
0xae
,
0x82
,
0xcc
,
0x18
,
0xfc
,
0x68
,
0xf1
,
0x1f
,
0x9b
,
0x14
,
0x85
,
0x56
,
0x4e
,
0xad
,
0x14
,
0xe6
,
0xb9
,
0x5a
,
0xad
,
0xb5
,
0x7c
,
0xa5
,
0xa8
,
0x85
,
0x37
,
0xac
,
0xcb
,
0xa3
,
0x6f
,
0xa1
,
0x6b
,
0xbc
,
0x9a
,
0x69
,
0x7d
,
0x57
,
0xeb
,
0xef
,
0x2c
,
0xea
,
0xd7
,
0x83
,
0x17
,
0xce
,
0x69
,
0xa8
,
0xc4
,
0xaa
,
0x8a
,
0x0a
,
0x19
,
0xb3
,
0x8b
,
0x55
,
0x49
,
0xab
,
0x62
,
0xe1
,
0x79
,
0xaa
,
0x59
,
0x45
,
0x43
,
0xb5
,
0xa4
,
0x9a
,
0x30
,
0x27
,
0x47
,
0xa3
,
0x30
,
0x4f
,
0xd5
,
0x4e
,
0xe8
,
0x77
,
0x8a
,
0x09
,
0x53
,
0x21
,
0x8a
,
0xaf
,
0x2f
,
0x27
,
0x7c
,
0x9c
,
0x27
,
0x7a
,
0xbd
,
0x72
,
0xc3
,
0x1a
,
0xa2
,
0xf8
,
0x11
,
0x0b
,
0x59
,
0x2e
,
0x69
,
0x4a
,
0x84
,
0x5e
,
0xb3
,
0xdc
,
0xb0
,
0x86
,
0xec
,
0xff
,
0xb9
,
0x0a
,
0xab
,
0x47
,
0xc5
,
0xea
,
0x8a
,
0x1e
,
0xc3
,
0x8a
,
0x5e
,
0x12
,
0xd0
,
0xce
,
0xd2
,
0x4d
,
0xcb
,
0x7c
,
0xbc
,
0xde
,
0xcd
,
0x2b
,
0xb8
,
0x45
,
0x6e
,
0xf6
,
0x1c
,
0xd5
,
0x64
,
0x4d
,
0x4b
,
0xbc
,
0xd9
,
0x8c
,
0x6f
,
0x6d
,
0x8b
,
0xe8
,
0xdd
,
0xba
,
0x8a
,
0x5d
,
0x9a
,
0x3a
,
0x80
,
0xb6
,
0xde
,
0xc5
,
0x6e
,
0x2c
,
0x9f
,
0xd2
,
0x85
,
0x99
,
0x9d
,
0x77
,
0x8d
,
0x70
,
0x74
,
0x08
,
0xab
,
0x76
,
0xe4
,
0x6d
,
0x37
,
0x96
,
0xa5
,
0x47
,
0x6a
,
0x0d
,
0xef
,
0xdd
,
0x5e
,
0x34
,
0xb0
,
0x38
,
0x63
,
0x47
,
0xd0
,
0x29
,
0x86
,
0x50
,
0xf3
,
0x45
,
0x73
,
0xf3
,
0xae
,
0xf9
,
0xa2
,
0xf9
,
0xd9
,
0xb5
,
0xe7
,
0xa0
,
0xef
,
0xc1
,
0xab
,
0xcd
,
0x98
,
0x2b
,
0x5d
,
0xfa
,
0xe4
,
0x7f
,
0x0c
,
0x26
,
0x74
,
0x0c
,
0x2b
,
0xba
,
0xcd
,
0x37
,
0x13
,
0x56
,
0x9f
,
0x2e
,
0xcd
,
0x84
,
0xcd
,
0xcf
,
0x86
,
0x27
,
0xd0
,
0x29
,
0xda
,
0x38
,
0x5a
,
0x26
,
0x58
,
0x4d
,
0x86
,
0xe6
,
0xe3
,
0x16
,
0xba
,
0xff
,
0x11
,
0xb4
,
0x55
,
0x0b
,
0x5f
,
0x92
,
0xac
,
0xaa
,
0xf7
,
0x2f
,
0x49
,
0x56
,
0xad
,
0xeb
,
0xef
,
0x39
,
0xe8
,
0x29
,
0x74
,
0x8a
,
0xb5
,
0xb8
,
0xe9
,
0xcd
,
0xdc
,
0xc6
,
0xdd
,
0xf4
,
0x66
,
0x7e
,
0x9b
,
0x1e
,
0x38
,
0x7b
,
0x0e
,
0x7a
,
0x00
,
0xae
,
0xda
,
0xf4
,
0x7b
,
0x8b
,
0xa2
,
0xd5
,
0x22
,
0xd9
,
0xbb
,
0x22
,
0x01
,
0xea
,
0x31
,
0x6a
,
0x38
,
0x34
,
0x1f
,
0x53
,
0x9b
,
0x41
,
0xcd
,
0xc7
,
0xd4
,
0xe7
,
0xc9
,
0x9e
,
0x83
,
0xbe
,
0x86
,
0xb6
,
0xfe
,
0xfb
,
0x57
,
0x65
,
0xb9
,
0xa1
,
0x5f
,
0xef
,
0x72
,
0xaf
,
0x3a
,
0x5a
,
0xfa
,
0x8b
,
0xff
,
0x02
,
0x00
,
0x00
,
0xff
,
0xff
,
0xfa
,
0x0a
,
0xc5
,
0xff
,
0x69
,
0x0e
,
0x00
,
0x00
,
}
// Reference imports to suppress errors if they are not otherwise used.
...
...
api/services/control.proto
浏览文件 @
35bd7f6e
...
...
@@ -65,14 +65,12 @@ message BuildRequest {
string
iidfile
=
8
;
// buildStatic is used to hold the options for static build
BuildStatic
buildStatic
=
9
;
// encryptKey is key to encrypt items in buildArgs
string
encryptKey
=
10
;
// additionalTag is the tag applied to the built image
string
additionalTag
=
1
1
;
string
additionalTag
=
1
0
;
// capAddList indicates Linux capabilities for RUN command
repeated
string
capAddList
=
1
2
;
repeated
string
capAddList
=
1
1
;
// entityID is an id to descript a physic building
string
entityID
=
1
3
;
string
entityID
=
1
2
;
}
message
ImportRequest
{
...
...
@@ -177,8 +175,6 @@ message LoginRequest {
string
username
=
2
;
// password is password to login
string
password
=
3
;
// key is aes key used for encrypt and decrypt password
string
key
=
4
;
}
message
LoginResponse
{
...
...
@@ -271,3 +267,4 @@ message InfoResponse {
// goRoutines is number of go routines
int64
goRoutines
=
8
;
}
builder/builder.go
浏览文件 @
35bd7f6e
...
...
@@ -16,6 +16,7 @@ package builder
import
(
"context"
"crypto/rsa"
"github.com/pkg/errors"
...
...
@@ -36,10 +37,10 @@ type Builder interface {
}
// NewBuilder init a builder
func
NewBuilder
(
ctx
context
.
Context
,
store
store
.
Store
,
req
*
pb
.
BuildRequest
,
runtimePath
,
buildDir
,
runDir
string
)
(
Builder
,
error
)
{
func
NewBuilder
(
ctx
context
.
Context
,
store
store
.
Store
,
req
*
pb
.
BuildRequest
,
runtimePath
,
buildDir
,
runDir
string
,
key
*
rsa
.
PrivateKey
)
(
Builder
,
error
)
{
switch
req
.
GetBuildType
()
{
case
constant
.
BuildContainerImageType
:
return
dockerfile
.
NewBuilder
(
ctx
,
store
,
req
,
runtimePath
,
buildDir
,
runDir
)
return
dockerfile
.
NewBuilder
(
ctx
,
store
,
req
,
runtimePath
,
buildDir
,
runDir
,
key
)
default
:
return
nil
,
errors
.
Errorf
(
"the build type %q is not supported"
,
req
.
GetBuildType
())
}
...
...
builder/builder_test.go
浏览文件 @
35bd7f6e
...
...
@@ -18,17 +18,21 @@ import (
"reflect"
"testing"
"gotest.tools/assert"
"gotest.tools/fs"
constant
"isula.org/isula-build"
pb
"isula.org/isula-build/api/services"
"isula.org/isula-build/builder/dockerfile"
"isula.org/isula-build/store"
"isula.org/isula-build/util"
)
func
TestNewBuilder
(
t
*
testing
.
T
)
{
tmpDir
:=
fs
.
NewDir
(
t
,
t
.
Name
())
defer
tmpDir
.
Remove
()
key
,
err
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
type
args
struct
{
ctx
context
.
Context
...
...
@@ -67,9 +71,10 @@ func TestNewBuilder(t *testing.T) {
wantErr
:
true
,
},
}
for
_
,
tt
:=
range
tests
{
t
.
Run
(
tt
.
name
,
func
(
t
*
testing
.
T
)
{
got
,
err
:=
NewBuilder
(
tt
.
args
.
ctx
,
tt
.
args
.
store
,
tt
.
args
.
req
,
tt
.
args
.
runtimePath
,
tt
.
args
.
buildDir
,
tt
.
args
.
runDir
)
got
,
err
:=
NewBuilder
(
tt
.
args
.
ctx
,
tt
.
args
.
store
,
tt
.
args
.
req
,
tt
.
args
.
runtimePath
,
tt
.
args
.
buildDir
,
tt
.
args
.
runDir
,
key
)
if
(
err
!=
nil
)
!=
tt
.
wantErr
{
t
.
Errorf
(
"NewBuilder() error = %v, wantErr %v"
,
err
,
tt
.
wantErr
)
return
...
...
builder/dockerfile/builder.go
浏览文件 @
35bd7f6e
...
...
@@ -16,6 +16,8 @@ package dockerfile
import
(
"bytes"
"context"
"crypto"
"crypto/rsa"
"fmt"
"io"
"io/ioutil"
...
...
@@ -78,10 +80,11 @@ type Builder struct {
// stageAliasMap hold the stage index which has been renamed
// e.g. FROM foo AS bar -> map[string]int{"bar":1}
stageAliasMap
map
[
string
]
int
rsaKey
*
rsa
.
PrivateKey
}
// NewBuilder init a builder
func
NewBuilder
(
ctx
context
.
Context
,
store
store
.
Store
,
req
*
pb
.
BuildRequest
,
runtimePath
,
buildDir
,
runDir
string
)
(
*
Builder
,
error
)
{
func
NewBuilder
(
ctx
context
.
Context
,
store
store
.
Store
,
req
*
pb
.
BuildRequest
,
runtimePath
,
buildDir
,
runDir
string
,
key
*
rsa
.
PrivateKey
)
(
*
Builder
,
error
)
{
b
:=
&
Builder
{
ctx
:
ctx
,
buildID
:
req
.
BuildID
,
...
...
@@ -94,9 +97,10 @@ func NewBuilder(ctx context.Context, store store.Store, req *pb.BuildRequest, ru
runtimePath
:
runtimePath
,
dataDir
:
buildDir
,
runDir
:
runDir
,
rsaKey
:
key
,
}
args
,
err
:=
b
.
parseBuildArgs
(
req
.
GetBuildArgs
()
,
req
.
GetEncryptKey
()
)
args
,
err
:=
b
.
parseBuildArgs
(
req
.
GetBuildArgs
())
if
err
!=
nil
{
return
nil
,
errors
.
Wrap
(
err
,
"parse build-arg failed"
)
}
...
...
@@ -189,11 +193,12 @@ func (b *Builder) Logger() *logrus.Entry {
return
logrus
.
WithField
(
util
.
LogKeySessionID
,
b
.
ctx
.
Value
(
util
.
LogFieldKey
(
util
.
LogKeySessionID
)))
}
func
(
b
*
Builder
)
parseBuildArgs
(
buildArgs
[]
string
,
key
string
)
(
map
[
string
]
string
,
error
)
{
func
(
b
*
Builder
)
parseBuildArgs
(
buildArgs
[]
string
)
(
map
[
string
]
string
,
error
)
{
args
:=
make
(
map
[
string
]
string
,
len
(
buildArgs
))
errKey
:=
b
.
rsaKey
.
Validate
()
for
_
,
arg
:=
range
buildArgs
{
if
len
(
key
)
!=
0
{
v
,
err
:=
util
.
Decrypt
AES
(
arg
,
key
)
if
errKey
==
nil
{
v
,
err
:=
util
.
Decrypt
RSA
(
arg
,
b
.
rsaKey
,
crypto
.
SHA512
)
if
err
!=
nil
{
return
nil
,
err
}
...
...
builder/dockerfile/builder_test.go
浏览文件 @
35bd7f6e
...
...
@@ -15,7 +15,8 @@ package dockerfile
import
(
"context"
"crypto/sha256"
"crypto/rsa"
"crypto/sha512"
"io/ioutil"
"os"
"path/filepath"
...
...
@@ -1214,6 +1215,7 @@ func TestParseRequestBuildArgs(t *testing.T) {
}
b
:=
getBuilder
()
rsaKey
:=
b
.
rsaKey
for
_
,
tt
:=
range
tests
{
t
.
Run
(
tt
.
name
,
func
(
t
*
testing
.
T
)
{
var
(
...
...
@@ -1221,19 +1223,26 @@ func TestParseRequestBuildArgs(t *testing.T) {
err
error
)
if
tt
.
decrypt
{
oriKey
,
_
:=
util
.
GenerateCryptoKey
(
util
.
CryptoKeyLen
)
key
,
_
:=
util
.
PBKDF2
(
oriKey
,
util
.
CryptoKeyLen
,
sha256
.
New
)
b
.
rsaKey
=
rsaKey
tmpDir
:=
fs
.
NewDir
(
t
,
t
.
Name
())
defer
tmpDir
.
Remove
()
keyPath
:=
filepath
.
Join
(
tmpDir
.
Path
(),
"isula-build.pub"
)
assert
.
NilError
(
t
,
err
)
err
=
util
.
GenRSAPublicKeyFile
(
b
.
rsaKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
pubKey
,
err
:=
util
.
ReadPublicKey
(
keyPath
)
assert
.
NilError
(
t
,
err
)
var
args
=
make
([]
string
,
0
,
10
)
for
_
,
v
:=
range
tt
.
buildArgs
{
encryptedArg
,
encErr
:=
util
.
Encrypt
AES
(
v
,
key
)
encryptedArg
,
encErr
:=
util
.
Encrypt
RSA
(
v
,
pubKey
,
sha512
.
New
()
)
assert
.
NilError
(
t
,
encErr
)
args
=
append
(
args
,
encryptedArg
)
}
argsParsed
,
err
=
b
.
parseBuildArgs
(
args
,
key
)
argsParsed
,
err
=
b
.
parseBuildArgs
(
args
)
b
.
buildOpts
.
BuildArgs
=
argsParsed
}
else
{
argsParsed
,
err
=
b
.
parseBuildArgs
(
tt
.
buildArgs
,
""
)
b
.
rsaKey
=
&
rsa
.
PrivateKey
{}
argsParsed
,
err
=
b
.
parseBuildArgs
(
tt
.
buildArgs
)
b
.
buildOpts
.
BuildArgs
=
argsParsed
}
...
...
@@ -1328,6 +1337,12 @@ func TestNewBuilder(t *testing.T) {
}
defer
testutil
.
Immutable
(
immutablePath
,
false
)
keyPath
:=
filepath
.
Join
(
tmpDir
,
"isula-build.pub"
)
privateKey
,
err
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
err
=
util
.
GenRSAPublicKeyFile
(
privateKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
type
args
struct
{
ctx
context
.
Context
store
store
.
Store
...
...
@@ -1335,6 +1350,7 @@ func TestNewBuilder(t *testing.T) {
runtimePath
string
buildDir
string
runDir
string
key
*
rsa
.
PrivateKey
}
tests
:=
[]
struct
{
name
string
...
...
@@ -1342,21 +1358,6 @@ func TestNewBuilder(t *testing.T) {
want
*
Builder
wantErr
bool
}{
{
name
:
"NewBuilder - decrypts fail - wrong key"
,
args
:
args
{
ctx
:
context
.
Background
(),
store
:
store
.
Store
{},
req
:
&
pb
.
BuildRequest
{
BuildArgs
:
[]
string
{
"foo=bar"
,
"http_proxy=test"
},
EncryptKey
:
"1"
,
},
buildDir
:
tmpDir
,
runDir
:
tmpDir
,
},
want
:
nil
,
wantErr
:
true
,
},
{
name
:
"NewBuilder - wrong rundir"
,
args
:
args
{
...
...
@@ -1365,6 +1366,7 @@ func TestNewBuilder(t *testing.T) {
req
:
&
pb
.
BuildRequest
{},
buildDir
:
tmpDir
,
runDir
:
""
,
key
:
privateKey
,
},
want
:
nil
,
wantErr
:
true
,
...
...
@@ -1379,6 +1381,7 @@ func TestNewBuilder(t *testing.T) {
},
buildDir
:
tmpDir
,
runDir
:
immutablePath
,
key
:
privateKey
,
},
want
:
nil
,
wantErr
:
true
,
...
...
@@ -1386,7 +1389,7 @@ func TestNewBuilder(t *testing.T) {
}
for
_
,
tt
:=
range
tests
{
t
.
Run
(
tt
.
name
,
func
(
t
*
testing
.
T
)
{
got
,
err
:=
NewBuilder
(
tt
.
args
.
ctx
,
tt
.
args
.
store
,
tt
.
args
.
req
,
tt
.
args
.
runtimePath
,
tt
.
args
.
buildDir
,
tt
.
args
.
runDir
)
got
,
err
:=
NewBuilder
(
tt
.
args
.
ctx
,
tt
.
args
.
store
,
tt
.
args
.
req
,
tt
.
args
.
runtimePath
,
tt
.
args
.
buildDir
,
tt
.
args
.
runDir
,
tt
.
args
.
key
)
if
(
err
!=
nil
)
!=
tt
.
wantErr
{
t
.
Errorf
(
"NewBuilder() error = %v, wantErr %v"
,
err
,
tt
.
wantErr
)
return
...
...
builder/dockerfile/stage_builder_test.go
浏览文件 @
35bd7f6e
...
...
@@ -37,6 +37,7 @@ import (
"isula.org/isula-build/pkg/parser"
"isula.org/isula-build/store"
testUtil
"isula.org/isula-build/tests/util"
"isula.org/isula-build/util"
)
var
(
...
...
@@ -108,6 +109,8 @@ func getImageID(t *testing.T, s *store.Store) string {
}
func
getBuilder
()
*
Builder
{
privateKey
,
_
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
return
&
Builder
{
ctx
:
context
.
Background
(),
buildID
:
""
,
...
...
@@ -120,6 +123,7 @@ func getBuilder() *Builder {
reservedArgs
:
make
(
map
[
string
]
string
),
unusedArgs
:
make
(
map
[
string
]
string
),
stageBuilders
:
nil
,
rsaKey
:
privateKey
,
}
}
...
...
cmd/cli/build.go
浏览文件 @
35bd7f6e
...
...
@@ -15,7 +15,7 @@ package main
import
(
"context"
"crypto/sha
256
"
"crypto/sha
512
"
"fmt"
"io"
"io/ioutil"
...
...
@@ -287,8 +287,7 @@ func runBuild(ctx context.Context, cli Cli) (string, error) {
if
content
,
digest
,
err
=
readDockerfile
();
err
!=
nil
{
return
""
,
err
}
if
err
=
encryptBuildArgs
();
err
!=
nil
{
if
err
=
encryptBuildArgs
(
util
.
DefaultRSAKeyPath
);
err
!=
nil
{
return
""
,
errors
.
Wrap
(
err
,
"encrypt --build-arg failed"
)
}
imageIDFilePath
,
err
=
getAbsPath
(
buildOpts
.
imageIDFile
)
...
...
@@ -309,7 +308,6 @@ func runBuild(ctx context.Context, cli Cli) (string, error) {
EntityID
:
entityID
,
BuildArgs
:
buildOpts
.
buildArgs
,
CapAddList
:
buildOpts
.
capAddList
,
EncryptKey
:
buildOpts
.
encryptKey
,
ContextDir
:
buildOpts
.
contextDir
,
FileContent
:
content
,
Output
:
buildOpts
.
output
,
...
...
@@ -360,7 +358,7 @@ func runBuild(ctx context.Context, cli Cli) (string, error) {
}
// encrypts those sensitive args before transporting via GRPC
func
encryptBuildArgs
()
error
{
func
encryptBuildArgs
(
path
string
)
error
{
var
hasSensiArg
bool
for
_
,
v
:=
range
buildOpts
.
buildArgs
{
const
kvNums
=
2
...
...
@@ -375,11 +373,7 @@ func encryptBuildArgs() error {
return
nil
}
oriKey
,
err
:=
util
.
GenerateCryptoKey
(
util
.
CryptoKeyLen
)
if
err
!=
nil
{
return
err
}
key
,
err
:=
util
.
PBKDF2
(
oriKey
,
util
.
CryptoKeyLen
,
sha256
.
New
)
key
,
err
:=
util
.
ReadPublicKey
(
path
)
if
err
!=
nil
{
return
err
}
...
...
@@ -387,7 +381,7 @@ func encryptBuildArgs() error {
const
possibleArgCaps
=
10
var
args
=
make
([]
string
,
0
,
possibleArgCaps
)
for
_
,
v
:=
range
buildOpts
.
buildArgs
{
encryptedArg
,
encErr
:=
util
.
Encrypt
AES
(
v
,
key
)
encryptedArg
,
encErr
:=
util
.
Encrypt
RSA
(
v
,
key
,
sha512
.
New
()
)
if
encErr
!=
nil
{
return
encErr
}
...
...
@@ -395,7 +389,6 @@ func encryptBuildArgs() error {
}
buildOpts
.
buildArgs
=
args
buildOpts
.
encryptKey
=
key
return
nil
}
...
...
cmd/cli/build_test.go
浏览文件 @
35bd7f6e
...
...
@@ -15,6 +15,7 @@ package main
import
(
"context"
"crypto"
"io/ioutil"
"os"
"path/filepath"
...
...
@@ -498,17 +499,24 @@ func TestEncryptBuildArgs(t *testing.T) {
},
}
tmpDir
:=
fs
.
NewDir
(
t
,
t
.
Name
())
defer
tmpDir
.
Remove
()
keyPath
:=
filepath
.
Join
(
tmpDir
.
Path
(),
"isula-build.pub"
)
privateKey
,
err
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
err
=
util
.
GenRSAPublicKeyFile
(
privateKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
for
_
,
tt
:=
range
tests
{
t
.
Run
(
tt
.
name
,
func
(
t
*
testing
.
T
)
{
buildOpts
.
buildArgs
=
tt
.
args
buildOpts
.
encryptKey
=
""
if
err
:=
encryptBuildArgs
();
(
err
==
nil
)
!=
(
!
tt
.
err
)
{
if
err
:=
encryptBuildArgs
(
keyPath
);
(
err
==
nil
)
!=
(
!
tt
.
err
)
{
t
.
FailNow
()
}
if
tt
.
encrypt
{
for
i
:=
0
;
i
<
len
(
tt
.
args
);
i
++
{
arg
,
err
:=
util
.
Decrypt
AES
(
buildOpts
.
buildArgs
[
i
],
buildOpts
.
encryptKey
)
arg
,
err
:=
util
.
Decrypt
RSA
(
buildOpts
.
buildArgs
[
i
],
privateKey
,
crypto
.
SHA512
)
assert
.
NilError
(
t
,
err
)
assert
.
Equal
(
t
,
tt
.
args
[
i
],
arg
)
}
...
...
cmd/cli/login.go
浏览文件 @
35bd7f6e
...
...
@@ -16,7 +16,7 @@ package main
import
(
"bufio"
"context"
"crypto/sha
256
"
"crypto/sha
512
"
"fmt"
"io"
"os"
...
...
@@ -51,9 +51,9 @@ var (
type
loginOptions
struct
{
server
string
key
string
username
string
password
string
keyPath
string
stdinPass
bool
}
...
...
@@ -85,6 +85,7 @@ func loginCommand(c *cobra.Command, args []string) error {
if
err
:=
getRegistry
(
args
);
err
!=
nil
{
return
err
}
loginOpts
.
keyPath
=
util
.
DefaultRSAKeyPath
ctx
,
cancel
:=
context
.
WithCancel
(
context
.
Background
())
defer
cancel
()
...
...
@@ -93,6 +94,7 @@ func loginCommand(c *cobra.Command, args []string) error {
if
err
!=
nil
{
return
err
}
msg
,
err
:=
runLogin
(
ctx
,
cli
,
c
)
fmt
.
Println
(
msg
)
if
err
!=
nil
{
...
...
@@ -149,7 +151,6 @@ func genLoginReq(c *cobra.Command, shouldGetAuthInfo bool) (*pb.LoginRequest, er
Server
:
loginOpts
.
server
,
Username
:
""
,
Password
:
""
,
Key
:
""
,
},
nil
}
...
...
@@ -160,16 +161,15 @@ func genLoginReq(c *cobra.Command, shouldGetAuthInfo bool) (*pb.LoginRequest, er
return
nil
,
err
}
}
if
err
:=
encryptOpts
();
err
!=
nil
{
if
err
:=
encryptOpts
(
loginOpts
.
keyPath
);
err
!=
nil
{
return
nil
,
err
}
return
&
pb
.
LoginRequest
{
Server
:
loginOpts
.
server
,
Username
:
loginOpts
.
username
,
Password
:
loginOpts
.
password
,
Key
:
loginOpts
.
key
,
},
nil
}
func
getRegistry
(
args
[]
string
)
error
{
...
...
@@ -269,24 +269,17 @@ func getPassFromStdin(r io.Reader) error {
return
nil
}
func
encryptOpts
()
error
{
oriKey
,
err
:=
util
.
GenerateCryptoKey
(
util
.
CryptoKeyLen
)
func
encryptOpts
(
path
string
)
error
{
key
,
err
:=
util
.
ReadPublicKey
(
path
)
if
err
!=
nil
{
loginOpts
.
password
=
""
return
err
}
key
,
pbkErr
:=
util
.
PBKDF2
(
oriKey
,
util
.
CryptoKeyLen
,
sha256
.
New
)
if
pbkErr
!=
nil
{
loginOpts
.
password
=
""
return
pbkErr
}
encryptedPass
,
enErr
:=
util
.
EncryptAES
(
loginOpts
.
password
,
key
)
encryptedPass
,
enErr
:=
util
.
EncryptRSA
(
loginOpts
.
password
,
key
,
sha512
.
New
())
if
enErr
!=
nil
{
loginOpts
.
password
=
""
return
enErr
}
loginOpts
.
password
=
encryptedPass
loginOpts
.
key
=
key
return
nil
}
cmd/cli/login_test.go
浏览文件 @
35bd7f6e
...
...
@@ -18,10 +18,14 @@ import (
"context"
"errors"
"io"
"path/filepath"
"strings"
"testing"
"gotest.tools/assert"
"gotest.tools/fs"
"isula.org/isula-build/util"
)
func
TestNewLoginCmd
(
t
*
testing
.
T
)
{
...
...
@@ -110,7 +114,14 @@ func TestGetPassFromStdin(t *testing.T) {
}
func
TestEncryptOpts
(
t
*
testing
.
T
)
{
err
:=
encryptOpts
()
tmpDir
:=
fs
.
NewDir
(
t
,
t
.
Name
())
defer
tmpDir
.
Remove
()
keyPath
:=
filepath
.
Join
(
tmpDir
.
Path
(),
"isula-build.pub"
)
privateKey
,
err
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
err
=
util
.
GenRSAPublicKeyFile
(
privateKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
err
=
encryptOpts
(
keyPath
)
assert
.
NilError
(
t
,
err
)
}
...
...
@@ -145,6 +156,14 @@ func TestRunLogin(t *testing.T) {
wantErr
:
true
,
},
}
tmpDir
:=
fs
.
NewDir
(
t
,
t
.
Name
())
defer
tmpDir
.
Remove
()
keyPath
:=
filepath
.
Join
(
tmpDir
.
Path
(),
"isula-build.pub"
)
privateKey
,
err
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
err
=
util
.
GenRSAPublicKeyFile
(
privateKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
for
_
,
tc
:=
range
testcases
{
ctx
:=
context
.
Background
()
mockD
:=
newMockDaemon
()
...
...
@@ -155,6 +174,7 @@ func TestRunLogin(t *testing.T) {
server
:
tc
.
server
,
username
:
tc
.
username
,
password
:
tc
.
password
,
keyPath
:
keyPath
,
}
_
,
err
:=
runLogin
(
ctx
,
&
cli
,
c
)
...
...
cmd/daemon/main.go
浏览文件 @
35bd7f6e
...
...
@@ -36,6 +36,8 @@ import (
"isula.org/isula-build/util"
)
const
lockFileName
=
"isula-builder.lock"
var
daemonOpts
daemon
.
Options
func
newDaemonCommand
()
*
cobra
.
Command
{
...
...
@@ -87,8 +89,23 @@ func runDaemon(cmd *cobra.Command, args []string) error {
}
// cleanup the residual container store if it exists
store
.
CleanContainerStore
()
d
:=
daemon
.
NewDaemon
(
daemonOpts
,
store
)
// Ensure we have only one daemon running at the same time
lock
,
err
:=
util
.
SetDaemonLock
(
daemonOpts
.
RunRoot
,
lockFileName
)
if
err
!=
nil
{
return
err
}
defer
func
()
{
if
uerr
:=
lock
.
Unlock
();
uerr
!=
nil
{
logrus
.
Errorf
(
"Unlock file %s failed: %v"
,
lock
.
Path
(),
uerr
)
}
else
if
rerr
:=
os
.
RemoveAll
(
lock
.
Path
());
rerr
!=
nil
{
logrus
.
Errorf
(
"Remove lock file %s failed: %v"
,
lock
.
Path
(),
rerr
)
}
}()
d
,
err
:=
daemon
.
NewDaemon
(
daemonOpts
,
store
)
if
err
!=
nil
{
return
err
}
defer
func
()
{
if
cerr
:=
d
.
Cleanup
();
cerr
!=
nil
{
if
err
==
nil
{
...
...
constant.go
浏览文件 @
35bd7f6e
...
...
@@ -45,6 +45,8 @@ const (
DefaultRootFileMode
=
0600
// DefaultRootDirMode is the default root dir mode
DefaultRootDirMode
=
0700
// DefaultReadOnlyFileMode is the default root read only file mode
DefaultReadOnlyFileMode
=
0400
// DefaultUmask is the working umask in isula-builder
DefaultUmask
=
0027
// CliLogBufferLen is log channel buffer size
...
...
daemon/daemon.go
浏览文件 @
35bd7f6e
...
...
@@ -16,13 +16,13 @@ package daemon
import
(
"context"
"crypto/rsa"
"os"
"path/filepath"
"sync"
"time"
"github.com/containerd/containerd/sys/reaper"
"github.com/gofrs/flock"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
...
...
@@ -36,7 +36,6 @@ import (
"isula.org/isula-build/util"
)
const
lockFileName
=
"isula-builder.lock"
// Options carries the options configured to daemon
type
Options
struct
{
...
...
@@ -58,20 +57,30 @@ type Daemon struct {
backend
*
Backend
grpc
*
GrpcServer
localStore
store
.
Store
key
*
rsa
.
PrivateKey
}
// NewDaemon new a daemon instance
func
NewDaemon
(
opts
Options
,
store
store
.
Store
)
*
Daemon
{
func
NewDaemon
(
opts
Options
,
store
store
.
Store
)
(
*
Daemon
,
error
)
{
rsaKey
,
err
:=
util
.
GenerateRSAKey
(
util
.
DefaultRSAKeySize
)
if
err
!=
nil
{
return
nil
,
err
}
if
err
:=
util
.
GenRSAPublicKeyFile
(
rsaKey
,
util
.
DefaultRSAKeyPath
);
err
!=
nil
{
return
nil
,
err
}
return
&
Daemon
{
opts
:
&
opts
,
builders
:
make
(
map
[
string
]
builder
.
Builder
),
entities
:
make
(
map
[
string
]
string
),
localStore
:
store
,
}
key
:
rsaKey
,
},
nil
}
// Run runs the daemon process
func
(
d
*
Daemon
)
Run
()
error
{
func
(
d
*
Daemon
)
Run
()
(
err
error
)
{
ctx
,
cancel
:=
context
.
WithCancel
(
context
.
Background
())
defer
cancel
()
gc
:=
gc
.
NewGC
()
...
...
@@ -83,19 +92,6 @@ func (d *Daemon) Run() error {
logrus
.
Debugf
(
"Daemon start with option %#v"
,
d
.
opts
)
// Ensure we have only one daemon running at the same time
lock
,
err
:=
setDaemonLock
(
d
.
opts
.
RunRoot
,
lockFileName
)
if
err
!=
nil
{
return
err
}
defer
func
()
{
if
uerr
:=
lock
.
Unlock
();
uerr
!=
nil
{
logrus
.
Errorf
(
"Unlock file %s failed: %v"
,
lock
.
Path
(),
uerr
)
}
else
if
rerr
:=
os
.
RemoveAll
(
lock
.
Path
());
rerr
!=
nil
{
logrus
.
Errorf
(
"Remove lock file %s failed: %v"
,
lock
.
Path
(),
rerr
)
}
}()
stack
.
Setup
(
d
.
opts
.
RunRoot
)
d
.
NewBackend
()
...
...
@@ -140,7 +136,7 @@ func (d *Daemon) NewBuilder(ctx context.Context, req *pb.BuildRequest) (b builde
// this key with BuildDir will be used by exporter to save blob temporary
// NOTE: keep it be updated before NewBuilder. ctx will be taken by Builder
ctx
=
context
.
WithValue
(
ctx
,
util
.
BuildDirKey
(
util
.
BuildDir
),
buildDir
)
b
,
err
=
builder
.
NewBuilder
(
ctx
,
d
.
localStore
,
req
,
d
.
opts
.
RuntimePath
,
buildDir
,
runDir
)
b
,
err
=
builder
.
NewBuilder
(
ctx
,
d
.
localStore
,
req
,
d
.
opts
.
RuntimePath
,
buildDir
,
runDir
,
d
.
key
)
if
err
!=
nil
{
return
nil
,
errors
.
Wrap
(
err
,
"failed to new builder"
)
}
...
...
@@ -189,6 +185,9 @@ func (d *Daemon) Cleanup() error {
if
d
.
backend
!=
nil
{
d
.
backend
.
deleteAllStatus
()
}
if
err
:=
os
.
Remove
(
util
.
DefaultRSAKeyPath
);
err
!=
nil
{
logrus
.
Info
(
"Delete key failed"
)
}
d
.
deleteAllBuilders
()
d
.
localStore
.
CleanContainerStore
()
_
,
err
:=
d
.
localStore
.
Shutdown
(
false
)
...
...
@@ -227,16 +226,3 @@ func (d *Daemon) registerSubReaper(g *gc.GarbageCollector) error {
return
g
.
RegisterGC
(
opt
)
}
// setDaemonLock will check if there is another daemon running and return error if any
func
setDaemonLock
(
root
,
fileName
string
)
(
*
flock
.
Flock
,
error
)
{
lockPath
:=
filepath
.
Join
(
root
,
fileName
)
lock
:=
flock
.
New
(
lockPath
)
locked
,
err
:=
lock
.
TryLock
()
if
err
!=
nil
{
return
nil
,
errors
.
Wrapf
(
err
,
"could not lock %s"
,
lockPath
)
}
if
!
locked
{
return
nil
,
errors
.
Errorf
(
"lock %s failed, check if there is another daemon running"
,
lockPath
)
}
return
lock
,
nil
}
daemon/daemon_test.go
已删除
100644 → 0
浏览文件 @
268009b0
// Copyright (c) Huawei Technologies Co., Ltd. 2020. All rights reserved.
// isula-build licensed under the Mulan PSL v2.
// You can use this software according to the terms and conditions of the Mulan PSL v2.
// You may obtain a copy of Mulan PSL v2 at:
// http://license.coscl.org.cn/MulanPSL2
// THIS SOFTWARE IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OF ANY KIND, EITHER EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO NON-INFRINGEMENT, MERCHANTABILITY OR FIT FOR A PARTICULAR
// PURPOSE.
// See the Mulan PSL v2 for more details.
// Author: iSula Team
// Create: 2020-01-20
// Description: This is test file for daemon
package
daemon
import
(
"os"
"path/filepath"
"testing"
"gotest.tools/assert"
constant
"isula.org/isula-build"
)
func
TestSetDaemonLock
(
t
*
testing
.
T
)
{
root
:=
"/tmp/this_is_a_test_folder"
name
:=
"test.lock"
lockPath
:=
filepath
.
Join
(
root
,
name
)
// when folder is not exist, daemon lock is not supposed to be set
_
,
err
:=
setDaemonLock
(
root
,
name
)
assert
.
ErrorContains
(
t
,
err
,
"no such file or directory"
)
// create lockfile
err
=
os
.
Mkdir
(
root
,
constant
.
DefaultRootDirMode
)
defer
os
.
RemoveAll
(
root
)
assert
.
NilError
(
t
,
err
)
f
,
err
:=
os
.
Create
(
lockPath
)
assert
.
NilError
(
t
,
err
)
defer
f
.
Close
()
// set daemon lock successful
_
,
err
=
setDaemonLock
(
root
,
name
)
assert
.
NilError
(
t
,
err
)
// set daemon lock twice will fail
_
,
err
=
setDaemonLock
(
root
,
name
)
assert
.
ErrorContains
(
t
,
err
,
"check if there is another daemon running"
)
}
daemon/login.go
浏览文件 @
35bd7f6e
...
...
@@ -15,6 +15,7 @@ package daemon
import
(
"context"
"crypto"
"path/filepath"
"github.com/containers/image/v5/docker"
...
...
@@ -76,7 +77,7 @@ func (b *Backend) Login(ctx context.Context, req *pb.LoginRequest) (*pb.LoginRes
}
// use username and password from client to access
password
,
err
:=
util
.
Decrypt
AES
(
req
.
Password
,
req
.
Key
)
password
,
err
:=
util
.
Decrypt
RSA
(
req
.
Password
,
b
.
daemon
.
key
,
crypto
.
SHA512
)
if
err
!=
nil
{
return
&
pb
.
LoginResponse
{
Content
:
err
.
Error
()},
err
}
...
...
@@ -112,9 +113,6 @@ func validLoginOpts(req *pb.LoginRequest) error {
if
req
.
Password
==
""
&&
req
.
Username
==
""
&&
req
.
Server
!=
""
{
return
nil
}
if
req
.
Key
==
""
{
return
errors
.
New
(
emptyKey
)
}
if
req
.
Server
==
""
{
return
errors
.
New
(
emptyServer
)
}
...
...
util/
aes
.go
→
util/
cipher
.go
浏览文件 @
35bd7f6e
...
...
@@ -14,15 +14,24 @@
package
util
import
(
"crypto"
"crypto/aes"
"crypto/cipher"
"crypto/rand"
"crypto/rsa"
"crypto/x509"
"encoding/hex"
"encoding/pem"
"hash"
"io"
"io/ioutil"
"os"
"path/filepath"
"github.com/pkg/errors"
"golang.org/x/crypto/pbkdf2"
constant
"isula.org/isula-build"
)
const
(
...
...
@@ -32,6 +41,10 @@ const (
iteration
=
409600
aesKeyLenUpperBound
=
32
aesKeyLenLowerBound
=
16
// DefaultRSAKeySize is secure key length for RSA
DefaultRSAKeySize
=
2048
// DefaultRSAKeyPath is the default directory to store rsa public key
DefaultRSAKeyPath
=
"/etc/isula-build/isula-build.pub"
)
var
(
...
...
@@ -126,3 +139,93 @@ func DecryptAES(data string, aeskey string) (string, error) {
return
string
(
decryptData
),
nil
}
// GenerateRSAKey generates a RAS key pair with key size s
// the recommend key size is 4096 and which will be use when
// key size is less than it
func
GenerateRSAKey
(
keySize
int
)
(
*
rsa
.
PrivateKey
,
error
)
{
if
keySize
<=
DefaultRSAKeySize
{
keySize
=
DefaultRSAKeySize
}
privateKey
,
err
:=
rsa
.
GenerateKey
(
rand
.
Reader
,
keySize
)
if
err
!=
nil
{
return
nil
,
errors
.
Errorf
(
"generate rsa key pair failed: %v"
,
err
)
}
return
privateKey
,
nil
}
// EncryptRSA encrypts text with RSA public key
// the hash function(ordinary one) need to be same level with decrypt end
func
EncryptRSA
(
data
string
,
key
rsa
.
PublicKey
,
h
hash
.
Hash
)
(
string
,
error
)
{
cipherText
,
err
:=
rsa
.
EncryptOAEP
(
h
,
rand
.
Reader
,
&
key
,
[]
byte
(
data
),
nil
)
if
err
!=
nil
{
return
""
,
errors
.
Errorf
(
"encryption failed: %v"
,
err
)
}
return
hex
.
EncodeToString
(
cipherText
),
nil
}
// DecryptRSA decrypts cipher text with RSA private key
// the hash function(crypto one) need to be same level with encrypt end
func
DecryptRSA
(
data
string
,
key
*
rsa
.
PrivateKey
,
h
crypto
.
Hash
)
(
string
,
error
)
{
msg
,
err
:=
hex
.
DecodeString
(
data
)
if
err
!=
nil
{
return
""
,
err
}
plainText
,
errDec
:=
key
.
Decrypt
(
nil
,
msg
,
&
rsa
.
OAEPOptions
{
Hash
:
h
,
Label
:
nil
})
if
errDec
!=
nil
{
return
""
,
errors
.
Errorf
(
"decryption failed: %v"
,
err
)
}
return
string
(
plainText
),
nil
}
// GenRSAPublicKeyFile store public key from rsa key pair into local file
func
GenRSAPublicKeyFile
(
key
*
rsa
.
PrivateKey
,
path
string
)
error
{
if
IsExist
(
path
)
{
if
err
:=
os
.
Remove
(
path
);
err
!=
nil
{
return
errors
.
Errorf
(
"failed to delete the residual key file: %v"
,
err
)
}
}
publicKey
:=
&
key
.
PublicKey
stream
,
err
:=
x509
.
MarshalPKIXPublicKey
(
publicKey
)
if
err
!=
nil
{
return
err
}
block
:=
&
pem
.
Block
{
Type
:
"RSA PUBLIC KEY"
,
Bytes
:
stream
,
}
file
,
err
:=
os
.
Create
(
path
)
if
err
!=
nil
{
return
err
}
if
err
:=
os
.
Chmod
(
path
,
constant
.
DefaultReadOnlyFileMode
);
err
!=
nil
{
return
err
}
if
err
:=
pem
.
Encode
(
file
,
block
);
err
!=
nil
{
return
err
}
return
nil
}
// ReadPublicKey gets public key from key file
func
ReadPublicKey
(
path
string
)
(
rsa
.
PublicKey
,
error
)
{
keyFile
,
err
:=
ioutil
.
ReadFile
(
filepath
.
Clean
(
path
))
if
err
!=
nil
{
return
rsa
.
PublicKey
{},
err
}
block
,
_
:=
pem
.
Decode
(
keyFile
)
if
block
==
nil
{
return
rsa
.
PublicKey
{},
errors
.
New
(
"decoding public key failed"
)
}
pubInterface
,
err
:=
x509
.
ParsePKIXPublicKey
(
block
.
Bytes
)
if
err
!=
nil
{
return
rsa
.
PublicKey
{},
err
}
key
:=
pubInterface
.
(
*
rsa
.
PublicKey
)
return
*
key
,
nil
}
util/
aes
_test.go
→
util/
cipher
_test.go
浏览文件 @
35bd7f6e
...
...
@@ -14,13 +14,21 @@
package
util
import
(
"crypto"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"hash"
"path/filepath"
"strings"
"testing"
"gotest.tools/assert"
"gotest.tools/fs"
)
const
(
maxRepeatTime
=
1000000
)
func
TestAES
(
t
*
testing
.
T
)
{
...
...
@@ -97,3 +105,114 @@ func TestAES(t *testing.T) {
})
}
}
func
TestRSA
(
t
*
testing
.
T
)
{
type
args
struct
{
data
string
he
hash
.
Hash
hd
crypto
.
Hash
}
tests
:=
[]
struct
{
name
string
args
args
wantEnErr
bool
wantDeErr
bool
}{
{
name
:
"TC1 - normal case with sha512"
,
args
:
args
{
data
:
"This is a plain text"
,
he
:
sha512
.
New
(),
hd
:
crypto
.
SHA512
,
},
},
{
name
:
"TC2 - normal case with sha256"
,
args
:
args
{
data
:
"This is a plain text"
,
he
:
sha256
.
New
(),
hd
:
crypto
.
SHA256
,
},
},
{
name
:
"TC3 - normal case with sha1"
,
args
:
args
{
data
:
"This is a plain text"
,
he
:
sha1
.
New
(),
hd
:
crypto
.
SHA1
,
},
},
{
name
:
"TC4 - normal case with empty data to encrypt"
,
args
:
args
{
data
:
""
,
he
:
sha512
.
New
(),
hd
:
crypto
.
SHA512
,
},
},
{
name
:
"TC5 - abnormal case with different hash function between encryption and decryption"
,
args
:
args
{
data
:
"This is plain text"
,
he
:
sha512
.
New
(),
hd
:
crypto
.
SHA256
,
},
wantDeErr
:
true
,
},
{
name
:
"TC6 - abnormal case with too long plain text"
,
args
:
args
{
data
:
strings
.
Repeat
(
"a"
,
maxRepeatTime
),
he
:
sha512
.
New
(),
hd
:
crypto
.
SHA512
,
},
wantEnErr
:
true
,
wantDeErr
:
true
,
},
}
for
_
,
tt
:=
range
tests
{
t
.
Run
(
tt
.
name
,
func
(
t
*
testing
.
T
)
{
key
,
err
:=
GenerateRSAKey
(
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
cipherText
,
err
:=
EncryptRSA
(
tt
.
args
.
data
,
key
.
PublicKey
,
tt
.
args
.
he
)
if
(
err
!=
nil
)
!=
tt
.
wantEnErr
{
t
.
Errorf
(
"EncryptRSA() error = %v, wantErr %v"
,
err
,
tt
.
wantEnErr
)
return
}
plainText
,
err
:=
DecryptRSA
(
cipherText
,
key
,
tt
.
args
.
hd
)
if
(
err
!=
nil
)
!=
tt
.
wantDeErr
{
t
.
Errorf
(
"DecryptRSA() error = %v, wantErr %v"
,
err
,
tt
.
wantDeErr
)
return
}
if
err
==
nil
{
if
plainText
!=
tt
.
args
.
data
{
t
.
Errorf
(
"EncryptRSA() got = %v, want %v"
,
plainText
,
tt
.
args
.
data
)
}
}
})
}
}
func
TestGenRSAPubKey
(
t
*
testing
.
T
)
{
tmpDir
:=
fs
.
NewDir
(
t
,
t
.
Name
())
defer
tmpDir
.
Remove
()
keyPath
:=
filepath
.
Join
(
tmpDir
.
Path
(),
"isula-build.pub"
)
rsaKey
,
err
:=
GenerateRSAKey
(
DefaultRSAKeySize
)
assert
.
NilError
(
t
,
err
)
err
=
GenRSAPublicKeyFile
(
rsaKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
// when there already has key
err
=
GenRSAPublicKeyFile
(
rsaKey
,
keyPath
)
assert
.
NilError
(
t
,
err
)
}
func
benchmarkGenerateRSAKey
(
scale
int
,
b
*
testing
.
B
)
{
b
.
ReportAllocs
()
for
n
:=
0
;
n
<
b
.
N
;
n
++
{
GenerateRSAKey
(
scale
)
}
}
func
BenchmarkGenerateRSAKey2048
(
b
*
testing
.
B
)
{
benchmarkGenerateRSAKey
(
2048
,
b
)
}
func
BenchmarkGenerateRSAKey3072
(
b
*
testing
.
B
)
{
benchmarkGenerateRSAKey
(
3072
,
b
)
}
func
BenchmarkGenerateRSAKey4096
(
b
*
testing
.
B
)
{
benchmarkGenerateRSAKey
(
4096
,
b
)
}
util/util.go
浏览文件 @
35bd7f6e
...
...
@@ -32,6 +32,7 @@ import (
"github.com/containers/storage/pkg/idtools"
"github.com/containers/storage/pkg/system"
"github.com/docker/docker/pkg/signal"
"github.com/gofrs/flock"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"golang.org/x/sys/unix"
...
...
@@ -304,3 +305,17 @@ func CopyXattrs(src, dest string) error {
return
nil
}
// SetDaemonLock will check if there is another daemon running and return error if any
func
SetDaemonLock
(
root
,
fileName
string
)
(
*
flock
.
Flock
,
error
)
{
lockPath
:=
filepath
.
Join
(
root
,
fileName
)
lock
:=
flock
.
New
(
lockPath
)
locked
,
err
:=
lock
.
TryLock
()
if
err
!=
nil
{
return
nil
,
errors
.
Wrapf
(
err
,
"could not lock %s"
,
lockPath
)
}
if
!
locked
{
return
nil
,
errors
.
Errorf
(
"lock %s failed, check if there is another daemon running"
,
lockPath
)
}
return
lock
,
nil
}
util/util_test.go
浏览文件 @
35bd7f6e
...
...
@@ -20,6 +20,7 @@ import (
"math/rand"
"net/http"
"os"
"path/filepath"
"syscall"
"testing"
"time"
...
...
@@ -27,6 +28,8 @@ import (
"github.com/containers/storage/pkg/idtools"
"github.com/containers/storage/pkg/system"
"gotest.tools/assert"
constant
"isula.org/isula-build"
)
func
TestGetIgnorePatternMatcher
(
t
*
testing
.
T
)
{
...
...
@@ -288,3 +291,27 @@ func TestValidateSignal(t *testing.T) {
})
}
}
func
TestSetDaemonLock
(
t
*
testing
.
T
)
{
root
:=
"/tmp/this_is_a_test_folder"
name
:=
"test.lock"
lockPath
:=
filepath
.
Join
(
root
,
name
)
// when folder is not exist, daemon lock is not supposed to be set
_
,
err
:=
SetDaemonLock
(
root
,
name
)
assert
.
ErrorContains
(
t
,
err
,
"no such file or directory"
)
// create lockfile
err
=
os
.
Mkdir
(
root
,
constant
.
DefaultRootDirMode
)
defer
os
.
RemoveAll
(
root
)
assert
.
NilError
(
t
,
err
)
f
,
err
:=
os
.
Create
(
lockPath
)
assert
.
NilError
(
t
,
err
)
defer
f
.
Close
()
// set daemon lock successful
_
,
err
=
SetDaemonLock
(
root
,
name
)
assert
.
NilError
(
t
,
err
)
// set daemon lock twice will fail
_
,
err
=
SetDaemonLock
(
root
,
name
)
assert
.
ErrorContains
(
t
,
err
,
"check if there is another daemon running"
)
}
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录