2017-07-10 20:03:38 +00:00
|
|
|
package containerimage
|
|
|
|
|
|
|
|
import (
|
2018-01-16 22:30:10 +00:00
|
|
|
"context"
|
2019-03-28 09:26:34 +00:00
|
|
|
"fmt"
|
2018-05-08 05:54:16 +00:00
|
|
|
"strconv"
|
2018-08-07 07:59:47 +00:00
|
|
|
"strings"
|
2017-07-11 00:56:04 +00:00
|
|
|
"time"
|
2017-07-10 20:03:38 +00:00
|
|
|
|
2019-03-28 09:26:34 +00:00
|
|
|
"github.com/containerd/containerd/content"
|
2017-07-13 06:15:12 +00:00
|
|
|
"github.com/containerd/containerd/errdefs"
|
2017-07-10 20:03:38 +00:00
|
|
|
"github.com/containerd/containerd/images"
|
2019-07-12 18:50:50 +00:00
|
|
|
"github.com/containerd/containerd/leases"
|
2019-03-28 09:26:34 +00:00
|
|
|
"github.com/containerd/containerd/platforms"
|
2020-03-05 19:10:21 +00:00
|
|
|
"github.com/containerd/containerd/remotes/docker"
|
2019-03-28 09:26:34 +00:00
|
|
|
"github.com/containerd/containerd/rootfs"
|
2019-11-30 11:46:11 +00:00
|
|
|
"github.com/moby/buildkit/cache/blobs"
|
2017-07-10 20:03:38 +00:00
|
|
|
"github.com/moby/buildkit/exporter"
|
2017-10-15 06:49:55 +00:00
|
|
|
"github.com/moby/buildkit/session"
|
2019-03-28 09:26:34 +00:00
|
|
|
"github.com/moby/buildkit/snapshot"
|
2019-07-12 18:50:50 +00:00
|
|
|
"github.com/moby/buildkit/util/leaseutil"
|
2017-10-13 17:08:47 +00:00
|
|
|
"github.com/moby/buildkit/util/push"
|
2019-03-28 09:26:34 +00:00
|
|
|
digest "github.com/opencontainers/go-digest"
|
|
|
|
"github.com/opencontainers/image-spec/identity"
|
|
|
|
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
|
2018-05-08 05:54:16 +00:00
|
|
|
"github.com/pkg/errors"
|
2017-07-10 20:03:38 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
2019-11-30 11:46:11 +00:00
|
|
|
keyImageName = "name"
|
|
|
|
keyPush = "push"
|
|
|
|
keyPushByDigest = "push-by-digest"
|
|
|
|
keyInsecure = "registry.insecure"
|
|
|
|
keyUnpack = "unpack"
|
|
|
|
keyDanglingPrefix = "dangling-name-prefix"
|
|
|
|
keyNameCanonical = "name-canonical"
|
|
|
|
keyLayerCompression = "compression"
|
|
|
|
ociTypes = "oci-mediatypes"
|
2017-07-10 20:03:38 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
type Opt struct {
|
2017-10-15 06:49:55 +00:00
|
|
|
SessionManager *session.Manager
|
2017-12-13 00:58:48 +00:00
|
|
|
ImageWriter *ImageWriter
|
2017-10-15 06:49:55 +00:00
|
|
|
Images images.Store
|
2020-03-05 19:10:21 +00:00
|
|
|
RegistryHosts docker.RegistryHosts
|
2019-07-12 18:50:50 +00:00
|
|
|
LeaseManager leases.Manager
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
type imageExporter struct {
|
2017-10-12 18:24:15 +00:00
|
|
|
opt Opt
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
|
|
|
|
2018-05-03 00:35:07 +00:00
|
|
|
// New returns a new containerimage exporter instance that supports exporting
|
|
|
|
// to an image store and pushing the image to registry.
|
|
|
|
// This exporter supports following values in returned kv map:
|
|
|
|
// - containerimage.digest - The digest of the root manifest for the image.
|
2017-07-10 20:03:38 +00:00
|
|
|
func New(opt Opt) (exporter.Exporter, error) {
|
2017-10-12 18:24:15 +00:00
|
|
|
im := &imageExporter{opt: opt}
|
2017-07-10 20:03:38 +00:00
|
|
|
return im, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *imageExporter) Resolve(ctx context.Context, opt map[string]string) (exporter.ExporterInstance, error) {
|
2019-11-30 11:46:11 +00:00
|
|
|
i := &imageExporterInstance{
|
|
|
|
imageExporter: e,
|
|
|
|
layerCompression: blobs.DefaultCompression,
|
|
|
|
}
|
|
|
|
|
2017-07-10 20:03:38 +00:00
|
|
|
for k, v := range opt {
|
|
|
|
switch k {
|
|
|
|
case keyImageName:
|
|
|
|
i.targetName = v
|
2017-10-13 17:08:47 +00:00
|
|
|
case keyPush:
|
2018-05-08 05:54:16 +00:00
|
|
|
if v == "" {
|
|
|
|
i.push = true
|
2018-05-08 12:45:38 +00:00
|
|
|
continue
|
2018-05-08 05:54:16 +00:00
|
|
|
}
|
|
|
|
b, err := strconv.ParseBool(v)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "non-bool value specified for %s", k)
|
|
|
|
}
|
|
|
|
i.push = b
|
2019-03-18 23:00:48 +00:00
|
|
|
case keyPushByDigest:
|
|
|
|
if v == "" {
|
|
|
|
i.pushByDigest = true
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
b, err := strconv.ParseBool(v)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "non-bool value specified for %s", k)
|
|
|
|
}
|
|
|
|
i.pushByDigest = b
|
2017-11-03 00:48:03 +00:00
|
|
|
case keyInsecure:
|
2018-05-08 05:54:16 +00:00
|
|
|
if v == "" {
|
|
|
|
i.insecure = true
|
2018-05-08 12:45:38 +00:00
|
|
|
continue
|
2018-05-08 05:54:16 +00:00
|
|
|
}
|
|
|
|
b, err := strconv.ParseBool(v)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "non-bool value specified for %s", k)
|
|
|
|
}
|
|
|
|
i.insecure = b
|
2019-03-28 09:26:34 +00:00
|
|
|
case keyUnpack:
|
|
|
|
if v == "" {
|
|
|
|
i.unpack = true
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
b, err := strconv.ParseBool(v)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "non-bool value specified for %s", k)
|
|
|
|
}
|
|
|
|
i.unpack = b
|
2018-06-26 22:24:33 +00:00
|
|
|
case ociTypes:
|
|
|
|
if v == "" {
|
|
|
|
i.ociTypes = true
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
b, err := strconv.ParseBool(v)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "non-bool value specified for %s", k)
|
|
|
|
}
|
|
|
|
i.ociTypes = b
|
2019-11-06 21:21:17 +00:00
|
|
|
case keyDanglingPrefix:
|
|
|
|
i.danglingPrefix = v
|
|
|
|
case keyNameCanonical:
|
|
|
|
if v == "" {
|
|
|
|
i.nameCanonical = true
|
|
|
|
continue
|
|
|
|
}
|
|
|
|
b, err := strconv.ParseBool(v)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrapf(err, "non-bool value specified for %s", k)
|
|
|
|
}
|
|
|
|
i.nameCanonical = b
|
2019-11-30 11:46:11 +00:00
|
|
|
case keyLayerCompression:
|
|
|
|
switch v {
|
|
|
|
case "gzip":
|
|
|
|
i.layerCompression = blobs.Gzip
|
|
|
|
case "uncompressed":
|
|
|
|
i.layerCompression = blobs.Uncompressed
|
|
|
|
default:
|
|
|
|
return nil, errors.Errorf("unsupported layer compression type: %v", v)
|
|
|
|
}
|
2017-07-10 20:03:38 +00:00
|
|
|
default:
|
2018-07-13 18:28:36 +00:00
|
|
|
if i.meta == nil {
|
|
|
|
i.meta = make(map[string][]byte)
|
|
|
|
}
|
2018-08-06 09:23:46 +00:00
|
|
|
i.meta[k] = []byte(v)
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return i, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type imageExporterInstance struct {
|
|
|
|
*imageExporter
|
2019-11-30 11:46:11 +00:00
|
|
|
targetName string
|
|
|
|
push bool
|
|
|
|
pushByDigest bool
|
|
|
|
unpack bool
|
|
|
|
insecure bool
|
|
|
|
ociTypes bool
|
|
|
|
nameCanonical bool
|
|
|
|
danglingPrefix string
|
|
|
|
layerCompression blobs.CompressionType
|
|
|
|
meta map[string][]byte
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
|
|
|
|
2017-07-11 00:56:04 +00:00
|
|
|
func (e *imageExporterInstance) Name() string {
|
|
|
|
return "exporting to image"
|
|
|
|
}
|
|
|
|
|
2020-06-30 01:06:02 +00:00
|
|
|
func (e *imageExporterInstance) Export(ctx context.Context, src exporter.Source, sessionID string) (map[string]string, error) {
|
2018-08-06 08:52:21 +00:00
|
|
|
if src.Metadata == nil {
|
|
|
|
src.Metadata = make(map[string][]byte)
|
|
|
|
}
|
2018-07-13 18:28:36 +00:00
|
|
|
for k, v := range e.meta {
|
|
|
|
src.Metadata[k] = v
|
2017-12-13 00:59:06 +00:00
|
|
|
}
|
2019-07-12 18:50:50 +00:00
|
|
|
|
2019-10-03 21:11:54 +00:00
|
|
|
ctx, done, err := leaseutil.WithLease(ctx, e.opt.LeaseManager, leaseutil.MakeTemporary)
|
2019-07-12 18:50:50 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
defer done(context.TODO())
|
|
|
|
|
2019-11-30 11:46:11 +00:00
|
|
|
desc, err := e.opt.ImageWriter.Commit(ctx, src, e.ociTypes, e.layerCompression)
|
2017-12-08 18:53:17 +00:00
|
|
|
if err != nil {
|
2018-05-03 00:35:07 +00:00
|
|
|
return nil, err
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
|
|
|
|
2017-12-28 19:56:04 +00:00
|
|
|
defer func() {
|
|
|
|
e.opt.ImageWriter.ContentStore().Delete(context.TODO(), desc.Digest)
|
|
|
|
}()
|
|
|
|
|
2018-08-31 09:54:41 +00:00
|
|
|
resp := make(map[string]string)
|
|
|
|
|
2018-08-31 16:34:49 +00:00
|
|
|
if n, ok := src.Metadata["image.name"]; e.targetName == "*" && ok {
|
2018-08-15 15:11:37 +00:00
|
|
|
e.targetName = string(n)
|
|
|
|
}
|
|
|
|
|
2019-11-06 21:21:17 +00:00
|
|
|
nameCanonical := e.nameCanonical
|
|
|
|
if e.targetName == "" && e.danglingPrefix != "" {
|
|
|
|
e.targetName = e.danglingPrefix + "@" + desc.Digest.String()
|
|
|
|
nameCanonical = false
|
|
|
|
}
|
|
|
|
|
2017-10-13 17:08:47 +00:00
|
|
|
if e.targetName != "" {
|
2018-08-07 07:59:47 +00:00
|
|
|
targetNames := strings.Split(e.targetName, ",")
|
|
|
|
for _, targetName := range targetNames {
|
|
|
|
if e.opt.Images != nil {
|
|
|
|
tagDone := oneOffProgress(ctx, "naming to "+targetName)
|
|
|
|
img := images.Image{
|
|
|
|
Target: *desc,
|
|
|
|
CreatedAt: time.Now(),
|
2017-10-13 17:08:47 +00:00
|
|
|
}
|
2019-11-06 21:21:17 +00:00
|
|
|
sfx := []string{""}
|
|
|
|
if nameCanonical {
|
|
|
|
sfx = append(sfx, "@"+desc.Digest.String())
|
|
|
|
}
|
|
|
|
for _, sfx := range sfx {
|
|
|
|
img.Name = targetName + sfx
|
|
|
|
if _, err := e.opt.Images.Update(ctx, img); err != nil {
|
2020-04-19 05:17:47 +00:00
|
|
|
if !errors.Is(err, errdefs.ErrNotFound) {
|
2019-11-06 21:21:17 +00:00
|
|
|
return nil, tagDone(err)
|
|
|
|
}
|
|
|
|
|
|
|
|
if _, err := e.opt.Images.Create(ctx, img); err != nil {
|
|
|
|
return nil, tagDone(err)
|
|
|
|
}
|
2018-08-07 07:59:47 +00:00
|
|
|
}
|
2017-10-13 17:08:47 +00:00
|
|
|
}
|
2018-08-07 07:59:47 +00:00
|
|
|
tagDone(nil)
|
2019-03-28 09:26:34 +00:00
|
|
|
|
|
|
|
if e.unpack {
|
|
|
|
if err := e.unpackImage(ctx, img); err != nil {
|
|
|
|
return nil, err
|
|
|
|
}
|
|
|
|
}
|
2017-07-13 06:15:12 +00:00
|
|
|
}
|
2018-08-07 07:59:47 +00:00
|
|
|
if e.push {
|
2020-06-30 01:06:02 +00:00
|
|
|
if err := push.Push(ctx, e.opt.SessionManager, sessionID, e.opt.ImageWriter.ContentStore(), desc.Digest, targetName, e.insecure, e.opt.RegistryHosts, e.pushByDigest); err != nil {
|
2018-08-07 07:59:47 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2018-05-03 00:35:07 +00:00
|
|
|
}
|
2017-07-11 00:56:04 +00:00
|
|
|
}
|
2018-08-31 09:54:41 +00:00
|
|
|
resp["image.name"] = e.targetName
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
|
|
|
|
2018-08-31 09:54:41 +00:00
|
|
|
resp["containerimage.digest"] = desc.Digest.String()
|
|
|
|
return resp, nil
|
2017-07-10 20:03:38 +00:00
|
|
|
}
|
2019-03-28 09:26:34 +00:00
|
|
|
|
|
|
|
func (e *imageExporterInstance) unpackImage(ctx context.Context, img images.Image) (err0 error) {
|
|
|
|
unpackDone := oneOffProgress(ctx, "unpacking to "+img.Name)
|
|
|
|
defer func() {
|
|
|
|
unpackDone(err0)
|
|
|
|
}()
|
|
|
|
|
|
|
|
var (
|
|
|
|
contentStore = e.opt.ImageWriter.ContentStore()
|
|
|
|
applier = e.opt.ImageWriter.Applier()
|
|
|
|
snapshotter = e.opt.ImageWriter.Snapshotter()
|
|
|
|
)
|
|
|
|
|
|
|
|
// fetch manifest by default platform
|
|
|
|
manifest, err := images.Manifest(ctx, contentStore, img.Target, platforms.Default())
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
layers, err := getLayers(ctx, contentStore, manifest)
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
// get containerd snapshotter
|
|
|
|
ctrdSnapshotter, release := snapshot.NewContainerdSnapshotter(snapshotter)
|
|
|
|
defer release()
|
|
|
|
|
|
|
|
var chain []digest.Digest
|
|
|
|
for _, layer := range layers {
|
|
|
|
if _, err := rootfs.ApplyLayer(ctx, layer, chain, ctrdSnapshotter, applier); err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
chain = append(chain, layer.Diff.Digest)
|
|
|
|
}
|
|
|
|
|
|
|
|
var (
|
|
|
|
keyGCLabel = fmt.Sprintf("containerd.io/gc.ref.snapshot.%s", snapshotter.Name())
|
|
|
|
valueGCLabel = identity.ChainID(chain).String()
|
|
|
|
)
|
|
|
|
|
|
|
|
cinfo := content.Info{
|
|
|
|
Digest: manifest.Config.Digest,
|
|
|
|
Labels: map[string]string{keyGCLabel: valueGCLabel},
|
|
|
|
}
|
|
|
|
_, err = contentStore.Update(ctx, cinfo, fmt.Sprintf("labels.%s", keyGCLabel))
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
|
|
|
func getLayers(ctx context.Context, contentStore content.Store, manifest ocispec.Manifest) ([]rootfs.Layer, error) {
|
|
|
|
diffIDs, err := images.RootFS(ctx, contentStore, manifest.Config)
|
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, "failed to resolve rootfs")
|
|
|
|
}
|
|
|
|
|
|
|
|
if len(diffIDs) != len(manifest.Layers) {
|
|
|
|
return nil, errors.Errorf("mismatched image rootfs and manifest layers")
|
|
|
|
}
|
|
|
|
|
|
|
|
layers := make([]rootfs.Layer, len(diffIDs))
|
|
|
|
for i := range diffIDs {
|
|
|
|
layers[i].Diff = ocispec.Descriptor{
|
|
|
|
MediaType: ocispec.MediaTypeImageLayer,
|
|
|
|
Digest: diffIDs[i],
|
|
|
|
}
|
|
|
|
layers[i].Blob = manifest.Layers[i]
|
|
|
|
}
|
|
|
|
return layers, nil
|
|
|
|
}
|