From 8dcfd9b1beaaaedf60d658302753b4d126c31226 Mon Sep 17 00:00:00 2001 From: Achilleas Koutsou Date: Thu, 2 Mar 2023 22:50:11 +0100 Subject: [PATCH] sources/skopeo: support specifying format Change the local storage format for containers to the `dir` format. The `dir` format will be used to retain signatures and manifests. The remove-signatures option is removed since the storage format now supports them. The final move (os.rename()) at the end of the fetch_one() method now creates the checksum directory if it doesn't exist and moves the child archive into it, adding to any existing archives that might exist in other formats (from a previous version downloading a `docker-archive`). Dropped the .tar suffix from the symlink in the skopeo stage since it's not necessary and the target of the link might be a directory now. --- sources/org.osbuild.skopeo | 22 ++++++++-------------- stages/org.osbuild.skopeo | 2 +- 2 files changed, 9 insertions(+), 15 deletions(-) diff --git a/sources/org.osbuild.skopeo b/sources/org.osbuild.skopeo index 9e424b86fa..e474181006 100755 --- a/sources/org.osbuild.skopeo +++ b/sources/org.osbuild.skopeo @@ -79,22 +79,15 @@ class SkopeoSource(sources.SourceService): archive_dir = os.path.join(tmpdir, "container-archive") os.makedirs(archive_dir) os.chmod(archive_dir, 0o755) - archive_path = os.path.join(archive_dir, "container-image.tar") source = f"docker://{imagename}@{digest}" - # We use the docker format, not oci, because that is the - # default return image type of real world registries, - # allowing the image to get the same image id as if you - # did "podman pull" (rather than converting the image to - # oci format, changing the id) - destination = f"docker-archive:{archive_path}" + # We use the dir format because it is the most powerful in terms of feature support and is the closest to a + # direct serialisation of the registry data. + dir_name = "container-dir" + destination = f"dir:{archive_dir}/{dir_name}" extra_args = [] - - # The archive format can't store signatures, but we still verify them during download - extra_args.append("--remove-signatures") - if not tls_verify: extra_args.append("--src-tls-verify=false") @@ -111,12 +104,13 @@ class SkopeoSource(sources.SourceService): raise RuntimeError( f"Downloaded image {imagename}@{digest} has a id of {downloaded_id}, but expected {image_id}") - # Atomically move download dir into place on successful download + # Atomically move download archive into place on successful download with ctx.suppress_oserror(errno.ENOTEMPTY, errno.EEXIST): - os.rename(archive_dir, f"{self.cache}/{image_id}") + os.makedirs(f"{self.cache}/{image_id}", exist_ok=True) + os.rename(f"{archive_dir}/{dir_name}", f"{self.cache}/{image_id}/{dir_name}") def exists(self, checksum, desc): - return os.path.isfile(f"{self.cache}/{checksum}/container-image.tar") + return os.path.exists(f"{self.cache}/{checksum}/container-dir") def main(): diff --git a/stages/org.osbuild.skopeo b/stages/org.osbuild.skopeo index 33233715c4..08c9292b86 100755 --- a/stages/org.osbuild.skopeo +++ b/stages/org.osbuild.skopeo @@ -82,7 +82,7 @@ def main(inputs, output, options): # treats them special, like e.g. /some/path:tag, so we make a symlink to the real name # and pass the symlink name to skopeo to make it work with anything with tempfile.TemporaryDirectory() as tmpdir: - linkname = os.path.join(tmpdir, "image.tar") + linkname = os.path.join(tmpdir, "image") os.symlink(source, linkname) if container_format == "dir":