diff options
author | Valentin Rothberg <vrothberg@redhat.com> | 2022-05-19 14:59:19 +0200 |
---|---|---|
committer | openshift-cherrypick-robot <> | 2022-05-24 07:42:37 +0000 |
commit | 1021afb6b0a06701e0cc778a4f5d0c88b9042a9b (patch) | |
tree | 1f61ba0605393d653714e9a9db0a9979ea194704 | |
parent | d537cf1de3d457823754ea68d4983944f8140837 (diff) | |
download | podman-1021afb6b0a06701e0cc778a4f5d0c88b9042a9b.tar.gz podman-1021afb6b0a06701e0cc778a4f5d0c88b9042a9b.tar.bz2 podman-1021afb6b0a06701e0cc778a4f5d0c88b9042a9b.zip |
fix compat image resolution
Fix a bug in the resolution of images in the Docker compat API.
When looking up an image by a short name, the name may match
an image that does not live on Docker Hub. The resolved name
should be used for normalization instead of the input name to
make sure that `busybox` can resolve to `registry.com/busybox`
if present in the local storage.
Fixes: #14291
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
-rw-r--r-- | pkg/api/handlers/utils/images.go | 13 | ||||
-rw-r--r-- | test/apiv2/70-short-names.at | 21 |
2 files changed, 20 insertions, 14 deletions
diff --git a/pkg/api/handlers/utils/images.go b/pkg/api/handlers/utils/images.go index 7154f5616..433231f59 100644 --- a/pkg/api/handlers/utils/images.go +++ b/pkg/api/handlers/utils/images.go @@ -26,21 +26,26 @@ func NormalizeToDockerHub(r *http.Request, nameOrID string) (string, error) { return nameOrID, nil } - // Try to lookup the input to figure out if it was an ID or not. runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime) - img, _, err := runtime.LibimageRuntime().LookupImage(nameOrID, nil) + + // The candidate may resolve to a local non-Docker Hub image, such as + // 'busybox' -> 'registry.com/busybox'. + img, candidate, err := runtime.LibimageRuntime().LookupImage(nameOrID, nil) if err != nil { if errors.Cause(err) != storage.ErrImageUnknown { return "", fmt.Errorf("normalizing name for compat API: %v", err) } + // If the image could not be resolved locally, set the + // candidate back to the input. + candidate = nameOrID } else if strings.HasPrefix(img.ID(), strings.TrimPrefix(nameOrID, "sha256:")) { return img.ID(), nil } // No ID, so we can normalize. - named, err := reference.ParseNormalizedNamed(nameOrID) + named, err := reference.ParseNormalizedNamed(candidate) if err != nil { - return "", fmt.Errorf("normalizing name for compat API: %v", err) + return "", fmt.Errorf("normalizing name %q (orig: %q) for compat API: %v", candidate, nameOrID, err) } return named.String(), nil diff --git a/test/apiv2/70-short-names.at b/test/apiv2/70-short-names.at index a5087c115..dbf816f55 100644 --- a/test/apiv2/70-short-names.at +++ b/test/apiv2/70-short-names.at @@ -6,11 +6,16 @@ # Pull the libpod/quay image which is used in all tests below. t POST "images/create?fromImage=quay.io/libpod/alpine:latest" 200 .error~null .status~".*Download complete.*" +# 14291 - let a short-name resolve to a *local* non Docker-Hub image. +t POST containers/create Image=alpine 201 .Id~[0-9a-f]\\{64\\} +cid=$(jq -r '.Id' <<<"$output") +t GET containers/$cid/json 200 .Image="quay.io/libpod/alpine:latest" +podman rm -f $cid ########## TAG t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 -t DELETE "images/foo" 200 +t DELETE "images/docker.io/library/foo" 200 ########## BUILD @@ -52,9 +57,6 @@ t DELETE "images/foo" 200 ########## TAG -# Looking up 'alpine' will fail as it gets normalized to docker.io. -t POST "images/alpine/tag?repo=foo" 404 .cause="image not known" - # The libpod endpoint will resolve to it without issues. t GET "libpod/images/alpine/exists" 204 @@ -67,22 +69,21 @@ t GET "libpod/images/docker.io/library/foo/exists" 204 ########## REMOVE -t DELETE "images/alpine" 404 .cause="image not known" # fails since docker.io/library/alpine does not exist t DELETE "images/foo" 200 # removes the previously tagged image ########## GET # Same procedure as above but with the /get endpoint. -t GET "images/alpine/get" 404 .cause="image not known" t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 t GET "images/foo/get" 200 '[POSIX tar archive]' t DELETE "images/foo" 200 +t GET "images/alpine/get" 200 ########## HISTORY -t GET "images/alpine/history" 404 .cause="image not known" +t GET "images/alpine/history" 200 t GET "images/quay.io/libpod/alpine/history" 200 t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 t GET "libpod/images/foo/history" 200 @@ -91,7 +92,7 @@ t DELETE "images/foo" 200 ########## PUSH -t POST "images/alpine/push?destination=localhost:9999/do/not:exist" 404 .cause="image not known" +t POST "images/alpine/push?destination=localhost:9999/do:exist" 200 t POST "images/quay.io/libpod/alpine/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 t POST "images/foo/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response @@ -100,7 +101,7 @@ t DELETE "images/foo" ########## CREATE A CONTAINER -t POST "containers/create" Image=alpine 404 .cause="image not known" +t POST "containers/create" Image=alpine 201 t POST "containers/create" Image=quay.io/libpod/alpine:latest 201 cid=$(jq -r '.Id' <<<"$output") t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201 @@ -113,7 +114,7 @@ t DELETE "containers/$cid" t POST "containers/create" Image=quay.io/libpod/alpine:latest 201 cid=$(jq -r '.Id' <<<"$output") -t GET "images/alpine/get" 404 .cause="image not known" +t GET "images/alpine/get" 200 t POST "commit?container=$cid&repo=foo&tag=tag" 201 t GET "images/foo/get" 404 .cause="image not known" t GET "images/foo:tag/get" 200 |