serve the status of image acquiring

pkg/api/types.go

@@ -93,6 +93,8 @@ var (
 
 // InspectorMetadata is the metadata type with information about image-inspector's operation
 type InspectorMetadata struct {
+	ImageAcquireError string // error from aquiring the image
+
 	docker.Image // Metadata about the inspected image
 
 	// OpenSCAP describes the state of the OpenSCAP scan

pkg/imageserver/webdav.go

@@ -65,18 +65,21 @@ func (s *webdavImageServer) GetHandler(meta *iiapi.InspectorMetadata,
 ) (http.Handler, error) {
 	mux := http.NewServeMux()
 	servePath := ImageServeURL
-	if s.opts.Chroot {
-		if err := syscall.Chroot(ImageServeURL); err != nil {
-			return nil, fmt.Errorf("Unable to chroot into %s: %v\n", ImageServeURL, err)
-		}
-		if err := syscall.Chdir("/"); err != nil {
-			return nil, fmt.Errorf("Unable to change directory into new root: %v\n", err)
+
+	if len(servePath) > 0 && len(meta.ImageAcquireError) == 0 {
+		if s.opts.Chroot {
+			if err := syscall.Chroot(ImageServeURL); err != nil {
+				return nil, fmt.Errorf("unable to chroot into %s: %v\n", ImageServeURL, err)
+			}
+			if err := syscall.Chdir("/"); err != nil {
+				return nil, fmt.Errorf("unable to change directory into new root: %v\n", err)
+			}
+			servePath = chrootServePath
+		} else {
+			log.Printf("!!!WARNING!!! It is insecure to serve the image content without changing")
+			log.Printf("root (--chroot). Absolute-path symlinks in the image can lead to disclose")
+			log.Printf("information of the hosting system.")
 		}
-		servePath = chrootServePath
-	} else {
-		log.Printf("!!!WARNING!!! It is insecure to serve the image content without changing")
-		log.Printf("root (--chroot). Absolute-path symlinks in the image can lead to disclose")
-		log.Printf("information of the hosting system.")
 	}
 
 	mux.HandleFunc(s.opts.HealthzURL, func(w http.ResponseWriter, r *http.Request) {