mirror of
https://github.com/containers/podman.git
synced 2025-09-28 09:15:26 +08:00
0f7d54b026
Migrate the Podman code base over to `common/libimage` which replaces `libpod/image` and a lot of glue code entirely. Note that I tried to leave bread crumbs for changed tests. Miscellaneous changes: * Some errors yield different messages which required to alter some tests. * I fixed some pre-existing issues in the code. Others were marked as `//TODO`s to prevent the PR from exploding. * The `NamesHistory` of an image is returned as is from the storage. Previously, we did some filtering which I think is undesirable. Instead we should return the data as stored in the storage. * Touched handlers use the ABI interfaces where possible. * Local image resolution: previously Podman would match "foo" on "myfoo". This behaviour has been changed and Podman will now only match on repository boundaries such that "foo" would match "my/foo" but not "myfoo". I consider the old behaviour to be a bug, at the very least an exotic corner case. * Futhermore, "foo:none" does *not* resolve to a local image "foo" without tag anymore. It's a hill I am (almost) willing to die on. * `image prune` prints the IDs of pruned images. Previously, in some cases, the names were printed instead. The API clearly states ID, so we should stick to it. * Compat endpoint image removal with _force_ deletes the entire not only the specified tag. Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
97 lines
3.6 KiB
Go
97 lines
3.6 KiB
Go
package buildah
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"time"
|
|
|
|
"github.com/containers/buildah/define"
|
|
"github.com/containers/buildah/pkg/blobcache"
|
|
"github.com/containers/common/libimage"
|
|
"github.com/containers/common/pkg/config"
|
|
"github.com/containers/image/v5/types"
|
|
encconfig "github.com/containers/ocicrypt/config"
|
|
"github.com/containers/storage"
|
|
"github.com/pkg/errors"
|
|
)
|
|
|
|
// PullOptions can be used to alter how an image is copied in from somewhere.
|
|
type PullOptions struct {
|
|
// SignaturePolicyPath specifies an override location for the signature
|
|
// policy which should be used for verifying the new image as it is
|
|
// being written. Except in specific circumstances, no value should be
|
|
// specified, indicating that the shared, system-wide default policy
|
|
// should be used.
|
|
SignaturePolicyPath string
|
|
// ReportWriter is an io.Writer which will be used to log the writing
|
|
// of the new image.
|
|
ReportWriter io.Writer
|
|
// Store is the local storage store which holds the source image.
|
|
Store storage.Store
|
|
// github.com/containers/image/types SystemContext to hold credentials
|
|
// and other authentication/authorization information.
|
|
SystemContext *types.SystemContext
|
|
// BlobDirectory is the name of a directory in which we'll attempt to
|
|
// store copies of layer blobs that we pull down, if any. It should
|
|
// already exist.
|
|
BlobDirectory string
|
|
// AllTags is a boolean value that determines if all tagged images
|
|
// will be downloaded from the repository. The default is false.
|
|
AllTags bool
|
|
// RemoveSignatures causes any existing signatures for the image to be
|
|
// discarded when pulling it.
|
|
RemoveSignatures bool
|
|
// MaxRetries is the maximum number of attempts we'll make to pull any
|
|
// one image from the external registry if the first attempt fails.
|
|
MaxRetries int
|
|
// RetryDelay is how long to wait before retrying a pull attempt.
|
|
RetryDelay time.Duration
|
|
// OciDecryptConfig contains the config that can be used to decrypt an image if it is
|
|
// encrypted if non-nil. If nil, it does not attempt to decrypt an image.
|
|
OciDecryptConfig *encconfig.DecryptConfig
|
|
// PullPolicy takes the value PullIfMissing, PullAlways, PullIfNewer, or PullNever.
|
|
PullPolicy define.PullPolicy
|
|
}
|
|
|
|
// Pull copies the contents of the image from somewhere else to local storage. Returns the
|
|
// ID of the local image or an error.
|
|
func Pull(ctx context.Context, imageName string, options PullOptions) (imageID string, err error) {
|
|
libimageOptions := &libimage.PullOptions{}
|
|
libimageOptions.SignaturePolicyPath = options.SignaturePolicyPath
|
|
libimageOptions.Writer = options.ReportWriter
|
|
libimageOptions.RemoveSignatures = options.RemoveSignatures
|
|
libimageOptions.OciDecryptConfig = options.OciDecryptConfig
|
|
libimageOptions.AllTags = options.AllTags
|
|
libimageOptions.RetryDelay = &options.RetryDelay
|
|
|
|
if options.MaxRetries > 0 {
|
|
retries := uint(options.MaxRetries)
|
|
libimageOptions.MaxRetries = &retries
|
|
}
|
|
|
|
if options.BlobDirectory != "" {
|
|
libimageOptions.DestinationLookupReferenceFunc = blobcache.CacheLookupReferenceFunc(options.BlobDirectory, types.PreserveOriginal)
|
|
}
|
|
|
|
pullPolicy, err := config.ParsePullPolicy(options.PullPolicy.String())
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
runtime, err := libimage.RuntimeFromStore(options.Store, &libimage.RuntimeOptions{SystemContext: options.SystemContext})
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
pulledImages, err := runtime.Pull(context.Background(), imageName, pullPolicy, libimageOptions)
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
|
|
if len(pulledImages) == 0 {
|
|
return "", errors.Errorf("internal error pulling %s: no image pulled and no error", imageName)
|
|
}
|
|
|
|
return pulledImages[0].ID(), nil
|
|
}
|