opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-05-20 16:47:39 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
podman/libpod/runtime_img.go
Valentin Rothberg 7f97896c59 image removal: refactor part 2 
Continue the refactoring of image removal.  I didn't manage to break all
the following changes into smaller and easier to digest commits due to
time constraints:

 * Return an error slice instead of a single error. Use multierror only
   in the client/frontend.  Reflect that in the types.

 * Use the batch image removal in the client while preserving the more
   rest-idiomatic single-image removal endpoint.

 * Add a new handler for the single-image removal endpoint to make it
   share the same code as the batch endpoint.

 * Expose bindings for the single and batch endpoints, so we can
   properly test them.

 * Add several convenience functions for error handling to
   pkg/errorhandling.

 * Set the correct error type in libpod to set the exit code to 2 when
   one or more containers are using an image.

 * Massage the bindings tests a bit and tackle compilation errors.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2020-05-04 16:01:45 +02:00

294 lines
8.6 KiB
Go
Raw Blame History

package libpod
import (
"context"
"fmt"
"io"
"io/ioutil"
"net/http"
"net/url"
"os"
"github.com/containers/buildah/imagebuildah"
"github.com/containers/image/v5/docker/reference"
"github.com/containers/libpod/libpod/define"
"github.com/containers/libpod/libpod/image"
"github.com/containers/libpod/pkg/util"
"github.com/containers/storage"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/containers/image/v5/directory"
dockerarchive "github.com/containers/image/v5/docker/archive"
ociarchive "github.com/containers/image/v5/oci/archive"
v1 "github.com/opencontainers/image-spec/specs-go/v1"
)
// Runtime API
// RemoveImage deletes an image from local storage
// Images being used by running containers can only be removed if force=true
func (r *Runtime) RemoveImage(ctx context.Context, img *image.Image, force bool) (*image.ImageDeleteResponse, error) {
response := image.ImageDeleteResponse{}
r.lock.Lock()
defer r.lock.Unlock()
if !r.valid {
return nil, define.ErrRuntimeStopped
}
// Get all containers, filter to only those using the image, and remove those containers
ctrs, err := r.state.AllContainers()
if err != nil {
return nil, err
}
imageCtrs := []*Container{}
for _, ctr := range ctrs {
if ctr.config.RootfsImageID == img.ID() {
imageCtrs = append(imageCtrs, ctr)
}
}
if len(imageCtrs) > 0 && len(img.Names()) <= 1 {
if force {
for _, ctr := range imageCtrs {
if err := r.removeContainer(ctx, ctr, true, false, false); err != nil {
return nil, errors.Wrapf(err, "error removing image %s: container %s using image could not be removed", img.ID(), ctr.ID())
}
}
} else {
return nil, errors.Wrapf(define.ErrImageInUse, "could not remove image %s as it is being used by %d containers", img.ID(), len(imageCtrs))
}
}
hasChildren, err := img.IsParent(ctx)
if err != nil {
return nil, err
}
if (len(img.Names()) > 1 && !img.InputIsID()) || hasChildren {
// If the image has multiple reponames, we do not technically delete
// the image. we figure out which repotag the user is trying to refer
// to and untag it.
repoName, err := img.MatchRepoTag(img.InputName)
if hasChildren && errors.Cause(err) == image.ErrRepoTagNotFound {
return nil, errors.Wrapf(define.ErrImageInUse,
"unable to delete %q (cannot be forced) - image has dependent child images", img.ID())
}
if err != nil {
return nil, err
}
if err := img.UntagImage(repoName); err != nil {
return nil, err
}
response.Untagged = append(response.Untagged, repoName)
return &response, nil
} else if len(img.Names()) > 1 && img.InputIsID() && !force {
// If the user requests to delete an image by ID and the image has multiple
// reponames and no force is applied, we error out.
return nil, errors.Wrapf(define.ErrImageInUse,
"unable to delete %s (must force) - image is referred to in multiple tags", img.ID())
}
err = img.Remove(ctx, force)
if err != nil && errors.Cause(err) == storage.ErrImageUsedByContainer {
if errStorage := r.rmStorageContainers(force, img); errStorage == nil {
// Containers associated with the image should be deleted now,
// let's try removing the image again.
err = img.Remove(ctx, force)
} else {
err = errStorage
}
}
response.Untagged = append(response.Untagged, img.Names()...)
response.Deleted = img.ID()
return &response, err
}
// Remove containers that are in storage rather than Podman.
func (r *Runtime) rmStorageContainers(force bool, image *image.Image) error {
ctrIDs, err := storageContainers(image.ID(), r.store)
if err != nil {
return errors.Wrapf(err, "error getting containers for image %q", image.ID())
}
if len(ctrIDs) > 0 && !force {
return storage.ErrImageUsedByContainer
}
if len(ctrIDs) > 0 && force {
if err = removeStorageContainers(ctrIDs, r.store); err != nil {
return errors.Wrapf(err, "error removing containers %v for image %q", ctrIDs, image.ID())
}
}
return nil
}
// Returns a list of storage containers associated with the given ImageReference
func storageContainers(imageID string, store storage.Store) ([]string, error) {
ctrIDs := []string{}
containers, err := store.Containers()
if err != nil {
return nil, err
}
for _, ctr := range containers {
if ctr.ImageID == imageID {
ctrIDs = append(ctrIDs, ctr.ID)
}
}
return ctrIDs, nil
}
// Removes the containers passed in the array.
func removeStorageContainers(ctrIDs []string, store storage.Store) error {
for _, ctrID := range ctrIDs {
if err := store.DeleteContainer(ctrID); err != nil {
return errors.Wrapf(err, "could not remove container %q", ctrID)
}
}
return nil
}
// Build adds the runtime to the imagebuildah call
func (r *Runtime) Build(ctx context.Context, options imagebuildah.BuildOptions, dockerfiles ...string) (string, reference.Canonical, error) {
id, ref, err := imagebuildah.BuildDockerfiles(ctx, r.store, options, dockerfiles...)
return id, ref, err
}
// Import is called as an intermediary to the image library Import
func (r *Runtime) Import(ctx context.Context, source string, reference string, changes []string, history string, quiet bool) (string, error) {
var (
writer io.Writer
err error
)
ic := v1.ImageConfig{}
if len(changes) > 0 {
config, err := util.GetImageConfig(changes)
if err != nil {
return "", errors.Wrapf(err, "error adding config changes to image %q", source)
}
ic = config.ImageConfig
}
hist := []v1.History{
{Comment: history},
}
config := v1.Image{
Config: ic,
History: hist,
}
writer = nil
if !quiet {
writer = os.Stderr
}
// if source is a url, download it and save to a temp file
u, err := url.ParseRequestURI(source)
if err == nil && u.Scheme != "" {
file, err := downloadFromURL(source)
if err != nil {
return "", err
}
defer os.Remove(file)
source = file
}
// if it's stdin, buffer it, too
if source == "-" {
file, err := DownloadFromFile(os.Stdin)
if err != nil {
return "", err
}
defer os.Remove(file)
source = file
}
newImage, err := r.imageRuntime.Import(ctx, source, reference, writer, image.SigningOptions{}, config)
if err != nil {
return "", err
}
return newImage.ID(), nil
}
// donwloadFromURL downloads an image in the format "https:/example.com/myimage.tar"
// and temporarily saves in it $TMPDIR/importxyz, which is deleted after the image is imported
func downloadFromURL(source string) (string, error) {
fmt.Printf("Downloading from %q\n", source)
outFile, err := ioutil.TempFile(util.Tmpdir(), "import")
if err != nil {
return "", errors.Wrap(err, "error creating file")
}
defer outFile.Close()
response, err := http.Get(source)
if err != nil {
return "", errors.Wrapf(err, "error downloading %q", source)
}
defer response.Body.Close()
_, err = io.Copy(outFile, response.Body)
if err != nil {
return "", errors.Wrapf(err, "error saving %s to %s", source, outFile.Name())
}
return outFile.Name(), nil
}
// DownloadFromFile reads all of the content from the reader and temporarily
// saves in it $TMPDIR/importxyz, which is deleted after the image is imported
func DownloadFromFile(reader *os.File) (string, error) {
outFile, err := ioutil.TempFile(util.Tmpdir(), "import")
if err != nil {
return "", errors.Wrap(err, "error creating file")
}
defer outFile.Close()
logrus.Debugf("saving %s to %s", reader.Name(), outFile.Name())
_, err = io.Copy(outFile, reader)
if err != nil {
return "", errors.Wrapf(err, "error saving %s to %s", reader.Name(), outFile.Name())
}
return outFile.Name(), nil
}
// LoadImage loads a container image into local storage
func (r *Runtime) LoadImage(ctx context.Context, name, inputFile string, writer io.Writer, signaturePolicy string) (string, error) {
var newImages []*image.Image
src, err := dockerarchive.ParseReference(inputFile) // FIXME? We should add dockerarchive.NewReference()
if err == nil {
newImages, err = r.ImageRuntime().LoadFromArchiveReference(ctx, src, signaturePolicy, writer)
}
if err != nil {
// generate full src name with specified image:tag
src, err := ociarchive.NewReference(inputFile, name) // imageName may be ""
if err == nil {
newImages, err = r.ImageRuntime().LoadFromArchiveReference(ctx, src, signaturePolicy, writer)
}
if err != nil {
src, err := directory.NewReference(inputFile)
if err == nil {
newImages, err = r.ImageRuntime().LoadFromArchiveReference(ctx, src, signaturePolicy, writer)
}
if err != nil {
return "", errors.Wrapf(err, "error pulling %q", name)
}
}
}
return getImageNames(newImages), nil
}
func getImageNames(images []*image.Image) string {
var names string
for i := range images {
if i == 0 {
names = images[i].InputName
} else {
names += ", " + images[i].InputName
}
}
return names
}
Reference in New Issue View Git Blame Copy Permalink