1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
|
package artifact
import (
"errors"
"fmt"
"io"
"net/http"
"net/url"
"path"
"regexp"
"strconv"
"strings"
"time"
"gitlab.com/gitlab-org/labkit/errortracking"
"gitlab.com/gitlab-org/gitlab-pages/internal/httperrors"
"gitlab.com/gitlab-org/gitlab-pages/internal/httptransport"
"gitlab.com/gitlab-org/gitlab-pages/internal/logging"
)
const (
// Format a non-/-suffixed URL, an escaped project full_path, a job ID and
// a /-prefixed file path into an URL string
apiURLTemplate = "%s/projects/%s/jobs/%s/artifacts%s"
minStatusCode = 200
maxStatusCode = 299
)
var (
// Captures subgroup + project, job ID and artifacts path
pathExtractor = regexp.MustCompile(`(?i)\A/-/(.*)/-/jobs/(\d+)/artifacts(/[^?]*)\z`)
errCreateArtifactRequest = errors.New("Failed to create the artifact request")
errArtifactRequest = errors.New("Failed to request the artifact")
errArtifactResponse = errors.New("Artifact request response was not successful")
)
// Artifact proxies requests for artifact files to the GitLab artifacts API
type Artifact struct {
server string
suffix string
client *http.Client
}
// New when provided the arguments defined herein, returns a pointer to an
// Artifact that is used to proxy requests.
func New(server string, timeoutSeconds int, pagesDomain string) *Artifact {
return &Artifact{
server: strings.TrimRight(server, "/"),
suffix: "." + strings.ToLower(pagesDomain),
client: &http.Client{
Timeout: time.Second * time.Duration(timeoutSeconds),
Transport: httptransport.Transport,
},
}
}
// TryMakeRequest will attempt to proxy a request and write it to the argument
// http.ResponseWriter, ultimately returning a bool that indicates if the
// http.ResponseWriter has been written to in any capacity. Additional handler func
// may be given which should return true if it did handle the response.
func (a *Artifact) TryMakeRequest(host string, w http.ResponseWriter, r *http.Request, token string, additionalHandler func(*http.Response) bool) bool {
if a == nil || a.server == "" || host == "" {
return false
}
reqURL, ok := a.BuildURL(host, r.URL.Path)
if !ok {
return false
}
a.makeRequest(w, r, reqURL, token, additionalHandler)
return true
}
func (a *Artifact) makeRequest(w http.ResponseWriter, r *http.Request, reqURL *url.URL, token string, additionalHandler func(*http.Response) bool) {
req, err := http.NewRequest("GET", reqURL.String(), nil)
if err != nil {
logging.LogRequest(r).WithError(err).Error(errCreateArtifactRequest)
errortracking.Capture(err, errortracking.WithRequest(r))
httperrors.Serve500(w)
return
}
if token != "" {
req.Header.Add("Authorization", "Bearer "+token)
}
resp, err := a.client.Do(req)
if err != nil {
logging.LogRequest(r).WithError(err).Error(errArtifactRequest)
errortracking.Capture(err, errortracking.WithRequest(r))
httperrors.Serve502(w)
return
}
if additionalHandler(resp) {
return
}
if resp.StatusCode == http.StatusNotFound {
httperrors.Serve404(w)
return
}
if resp.StatusCode == http.StatusInternalServerError {
logging.LogRequest(r).Error(errArtifactResponse)
errortracking.Capture(errArtifactResponse, errortracking.WithRequest(r))
httperrors.Serve500(w)
return
}
// we only cache responses within the 2xx series response codes and that were not private
if token == "" {
addCacheHeader(w, resp)
}
w.Header().Set("Content-Type", resp.Header.Get("Content-Type"))
w.Header().Set("Content-Length", strconv.FormatInt(resp.ContentLength, 10))
w.WriteHeader(resp.StatusCode)
io.Copy(w, resp.Body)
return
}
func addCacheHeader(w http.ResponseWriter, resp *http.Response) {
if (resp.StatusCode >= minStatusCode) && (resp.StatusCode <= maxStatusCode) {
w.Header().Set("Cache-Control", "max-age=3600")
}
}
// BuildURL returns a pointer to a url.URL for where the request should be
// proxied to. The returned bool will indicate if there is some sort of issue
// with the url while it is being generated.
//
// The URL is generated from the host (which contains the top-level group and
// ends with the pagesDomain) and the path (which contains any subgroups, the
// project, a job ID and a path
// for the artifact file we want to download)
func (a *Artifact) BuildURL(host, requestPath string) (*url.URL, bool) {
if !strings.HasSuffix(strings.ToLower(host), a.suffix) {
return nil, false
}
topGroup := host[0 : len(host)-len(a.suffix)]
parts := pathExtractor.FindAllStringSubmatch(requestPath, 1)
if len(parts) != 1 || len(parts[0]) != 4 {
return nil, false
}
restOfPath := strings.TrimLeft(strings.TrimRight(parts[0][1], "/"), "/")
if len(restOfPath) == 0 {
return nil, false
}
jobID := parts[0][2]
artifactPath := parts[0][3]
projectID := url.PathEscape(path.Join(topGroup, restOfPath))
generated := fmt.Sprintf(apiURLTemplate, a.server, projectID, jobID, artifactPath)
u, err := url.Parse(generated)
if err != nil {
return nil, false
}
return u, true
}
|
