feat(server): add internal --path-prefix flag for client/server mode (#7321)

Signed-off-by: knqyf263 <knqyf263@gmail.com>
2025-12-12 15:50:15 -08:00 · 2024-08-21 09:26:11 +04:00
parent 3f0e7ebe0d
commit 24a4563686
11 changed files with 130 additions and 77 deletions
--- a/integration/client_server_test.go
+++ b/integration/client_server_test.go
@@ -32,6 +32,7 @@ type csArgs struct {
 	Input             string
 	ClientToken       string
 	ClientTokenHeader string
+	PathPrefix        string
 	ListAllPackages   bool
 	Target            string
 	secretConfig      string
@@ -443,7 +444,11 @@ func TestClientServerWithCycloneDX(t *testing.T) {
 	}
 }

-func TestClientServerWithToken(t *testing.T) {
+func TestClientServerWithCustomOptions(t *testing.T) {
+	token := "token"
+	tokenHeader := "Trivy-Token"
+	pathPrefix := "prefix"
+
 	tests := []struct {
 		name    string
 		args    csArgs
@@ -451,11 +456,12 @@ func TestClientServerWithToken(t *testing.T) {
 		wantErr string
 	}{
 		{
-			name: "alpine 3.9 with token",
+			name: "alpine 3.9 with token and prefix",
 			args: csArgs{
 				Input:             "testdata/fixtures/images/alpine-39.tar.gz",
-				ClientToken:       "token",
-				ClientTokenHeader: "Trivy-Token",
+				ClientToken:       token,
+				ClientTokenHeader: tokenHeader,
+				PathPrefix:        pathPrefix,
 			},
 			golden: "testdata/alpine-39.json.golden",
 		},
@@ -464,7 +470,8 @@ func TestClientServerWithToken(t *testing.T) {
 			args: csArgs{
 				Input:             "testdata/fixtures/images/distroless-base.tar.gz",
 				ClientToken:       "invalidtoken",
-				ClientTokenHeader: "Trivy-Token",
+				ClientTokenHeader: tokenHeader,
+				PathPrefix:        pathPrefix,
 			},
 			wantErr: "twirp error unauthenticated: invalid token",
 		},
@@ -472,18 +479,28 @@ func TestClientServerWithToken(t *testing.T) {
 			name: "invalid token header",
 			args: csArgs{
 				Input:             "testdata/fixtures/images/distroless-base.tar.gz",
-				ClientToken:       "token",
+				ClientToken:       token,
 				ClientTokenHeader: "Unknown-Header",
+				PathPrefix:        pathPrefix,
 			},
 			wantErr: "twirp error unauthenticated: invalid token",
 		},
+		{
+			name: "wrong path prefix",
+			args: csArgs{
+				Input:             "testdata/fixtures/images/distroless-base.tar.gz",
+				ClientToken:       token,
+				ClientTokenHeader: tokenHeader,
+				PathPrefix:        "wrong",
+			},
+			wantErr: "HTTP status code 404",
+		},
 	}

-	serverToken := "token"
-	serverTokenHeader := "Trivy-Token"
 	addr, cacheDir := setup(t, setupOptions{
-		token:       serverToken,
-		tokenHeader: serverTokenHeader,
+		token:       token,
+		tokenHeader: tokenHeader,
+		pathPrefix:  pathPrefix,
 	})

 	for _, tt := range tests {
@@ -539,6 +556,7 @@ func TestClientServerWithRedis(t *testing.T) {
 type setupOptions struct {
 	token        string
 	tokenHeader  string
+	pathPrefix   string
 	cacheBackend string
 }

@@ -556,7 +574,7 @@ func setup(t *testing.T, options setupOptions) (string, string) {
 	addr := fmt.Sprintf("localhost:%d", port)

 	go func() {
-		osArgs := setupServer(addr, options.token, options.tokenHeader, cacheDir, options.cacheBackend)
+		osArgs := setupServer(addr, options.token, options.tokenHeader, options.pathPrefix, cacheDir, options.cacheBackend)

 		// Run Trivy server
 		require.NoError(t, execute(osArgs))
@@ -569,22 +587,20 @@ func setup(t *testing.T, options setupOptions) (string, string) {
 	return addr, cacheDir
 }

-func setupServer(addr, token, tokenHeader, cacheDir, cacheBackend string) []string {
+func setupServer(addr, token, tokenHeader, pathPrefix, cacheDir, cacheBackend string) []string {
 	osArgs := []string{
 		"--cache-dir",
 		cacheDir,
 		"server",
-		"--skip-update",
+		"--skip-db-update",
 		"--listen",
 		addr,
 	}
 	if token != "" {
-		osArgs = append(osArgs, []string{
-			"--token",
-			token,
-			"--token-header",
-			tokenHeader,
-		}...)
+		osArgs = append(osArgs, "--token", token, "--token-header", tokenHeader)
+	}
+	if pathPrefix != "" {
+		osArgs = append(osArgs, "--path-prefix", pathPrefix)
 	}
 	if cacheBackend != "" {
 		osArgs = append(osArgs, "--cache-backend", cacheBackend)
@@ -593,13 +609,13 @@ func setupServer(addr, token, tokenHeader, cacheDir, cacheBackend string) []stri
 }

 func setupClient(t *testing.T, c csArgs, addr string, cacheDir string) []string {
+	t.Helper()
 	if c.Command == "" {
 		c.Command = "image"
 	}
 	if c.RemoteAddrOption == "" {
 		c.RemoteAddrOption = "--server"
 	}
-	t.Helper()
 	osArgs := []string{
 		"--cache-dir",
 		cacheDir,
@@ -639,6 +655,9 @@ func setupClient(t *testing.T, c csArgs, addr string, cacheDir string) []string
 	if c.ClientToken != "" {
 		osArgs = append(osArgs, "--token", c.ClientToken, "--token-header", c.ClientTokenHeader)
 	}
+	if c.PathPrefix != "" {
+		osArgs = append(osArgs, "--path-prefix", c.PathPrefix)
+	}
 	if c.Input != "" {
 		osArgs = append(osArgs, "--input", c.Input)
 	}