Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ports not correctly handled when configuring indexer.airgap #1689

Closed
klr8 opened this issue Feb 14, 2023 · 0 comments · Fixed by #1691
Closed

Ports not correctly handled when configuring indexer.airgap #1689

klr8 opened this issue Feb 14, 2023 · 0 comments · Fixed by #1691

Comments

@klr8
Copy link

klr8 commented Feb 14, 2023

Description of Problem / Feature Request

If you set indexer.airgap to true in your Clair config.yaml file Clair will plug the ctlLocalOnly function into its HTTP client:

clair/internal/httputil/client.go

Line 29 in 577a55d

dialer.Control = ctlLocalOnly

The ctlLocalOnly function does not strip ports from the address before calling net.ParseIP, leading to errors like this:

{"code":"internal-error","message":"failed to start scan: failed to fetch layers: encountered error while fetching a layer: error realizing layer sha256:866c50b3abaa03e209df883a53810e63a99a003fe97d9f4432ecbb003db0d7dd: fetcher: request failed: Get \"[https://my.server.com/v2/foo/bar/blobs/sha256:866c50b3abaa03e209df883a53810e63a99a003fe97d9f4432ecbb003db0d7dd\":](https://my.server.com/v2/foo/bar/blobs/sha256:866c50b3abaa03e209df883a53810e63a99a003fe97d9f4432ecbb003db0d7dd/%22:) dial tcp 10.4.145.17:443: address tcp4!10.4.145.17:443: martian address"}

Expected Outcome

Airgapping works as expected.

Actual Outcome

Airgapping fails Clair scans.

Environment

  • Clair version/image: 4.6.0
hdonnay added a commit to hdonnay/clair that referenced this issue Feb 14, 2023
@hdonnay
httputil: fix ParseIP usage
94c4304 
The string fed into the ParseIP function needs to not have a port.
This does that and adds a test to check the desired behavior.

Closes: quay#1689
Signed-off-by: Hank Donnay <hdonnay@redhat.com>
@hdonnay hdonnay mentioned this issue Feb 14, 2023
Merged
hdonnay added a commit that referenced this issue Apr 5, 2023
@hdonnay
httputil: fix ParseIP usage
9e8eacf 
The string fed into the ParseIP function needs to not have a port.
This does that and adds a test to check the desired behavior.

Closes: #1689
Signed-off-by: Hank Donnay <hdonnay@redhat.com>
(cherry picked from commit b18f989)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

httputil: fix ParseIP usage hdonnay/clair
1 participant
@klr8