clairctl: warn when range requests are not honored

freedge · crozzy · commit 2a2ba37f6404 · 2024-04-29T13:36:55.000-07:00
As discussed in #2029 the manifest generation is efficient only when HTTP "Range: bytes=0-0" header is well supported by the server. If not, the server might return the full layer, making the manifest generation very expensive. We warn the user in case their HTTP server does not support HTTP range requests. Signed-off-by: François Rigault <frigo@amadeus.com>
diff --git a/cmd/clairctl/manifest.go b/cmd/clairctl/manifest.go
@@ -141,12 +141,22 @@ func Inspect(ctx context.Context, r string) (*claircore.Manifest, error) {
 		if err != nil {
 			return nil, err
 		}
+		// The request is needed to follow any redirection chain that the server sends to a client,
+		// but the actual body is not needed when generating a manifest.
+		// The Range HTTP header allows us to send the request and get a response mostly for free.
 		req.Header.Add("Range", "bytes=0-0")
 		res, err := c.Do(req)
 		if err != nil {
 			return nil, err
 		}
 		res.Body.Close()
+		if res.StatusCode != http.StatusPartialContent {
+			zlog.Warn(ctx).
+				Int("statuscode", res.StatusCode).
+				Int("len", int(res.ContentLength)).
+				Str("url", u.String()).
+				Msg("server might not support requests with Range HTTP header")
+		}
 
 		res.Request.Header.Del("User-Agent")
 		res.Request.Header.Del("Range")
