diff options
author | W. Trevor King <wking@tremily.us> | 2019-01-08 21:46:20 -0800 |
---|---|---|
committer | Atomic Bot <atomic-devel@projectatomic.io> | 2019-01-09 22:29:18 +0000 |
commit | 0f6535cf6b4bfac265983c2fdd3482310ab4f39b (patch) | |
tree | 16bc07796a80a1ab567a86d089ebc08f5ea8366c | |
parent | a60090cfba3674c5c1223b270c5f46600e6ee07e (diff) | |
download | podman-0f6535cf6b4bfac265983c2fdd3482310ab4f39b.tar.gz podman-0f6535cf6b4bfac265983c2fdd3482310ab4f39b.tar.bz2 podman-0f6535cf6b4bfac265983c2fdd3482310ab4f39b.zip |
libpod/image: Use ParseNormalizedNamed in RepoDigests
Avoid generating
quay.io/openshift-release-dev/ocp-release@sha256@sha256:239... and
similar when the image name is already digest-based [1]. It's not
clear exactly how we get into this state, but as shown by the unit
tests, the new code handles this case correctly (while the previous
code does not).
[1]: https://github.com/containers/libpod/issues/2086
Signed-off-by: W. Trevor King <wking@tremily.us>
Closes: #2106
Approved by: rhatdan
-rw-r--r-- | cmd/podman/sign.go | 5 | ||||
-rw-r--r-- | libpod/image/image.go | 18 | ||||
-rw-r--r-- | libpod/image/image_test.go | 46 | ||||
-rw-r--r-- | pkg/varlinkapi/images.go | 13 |
4 files changed, 76 insertions, 6 deletions
diff --git a/cmd/podman/sign.go b/cmd/podman/sign.go index 790b6031d..8a31ddb98 100644 --- a/cmd/podman/sign.go +++ b/cmd/podman/sign.go @@ -126,7 +126,10 @@ func signCmd(c *cli.Context) error { sigStoreDir = SignatureStoreDir } - repos := newImage.RepoDigests() + repos, err := newImage.RepoDigests() + if err != nil { + return errors.Wrapf(err, "error calculating repo digests for %s", signimage) + } if len(repos) == 0 { logrus.Errorf("no repodigests associated with the image %s", signimage) continue diff --git a/libpod/image/image.go b/libpod/image/image.go index 3a6d0e305..2e12adb70 100644 --- a/libpod/image/image.go +++ b/libpod/image/image.go @@ -305,12 +305,24 @@ func (i *Image) Names() []string { } // RepoDigests returns a string array of repodigests associated with the image -func (i *Image) RepoDigests() []string { +func (i *Image) RepoDigests() ([]string, error) { var repoDigests []string + digest := i.Digest() + for _, name := range i.Names() { - repoDigests = append(repoDigests, strings.SplitN(name, ":", 2)[0]+"@"+i.Digest().String()) + named, err := reference.ParseNormalizedNamed(name) + if err != nil { + return nil, err + } + + canonical, err := reference.WithDigest(reference.TrimNamed(named), digest) + if err != nil { + return nil, err + } + + repoDigests = append(repoDigests, canonical.String()) } - return repoDigests + return repoDigests, nil } // Created returns the time the image was created diff --git a/libpod/image/image_test.go b/libpod/image/image_test.go index 91bb2411b..2a68fd273 100644 --- a/libpod/image/image_test.go +++ b/libpod/image/image_test.go @@ -9,6 +9,7 @@ import ( "testing" "github.com/containers/storage" + "github.com/opencontainers/go-digest" "github.com/stretchr/testify/assert" ) @@ -192,6 +193,51 @@ func TestImage_MatchRepoTag(t *testing.T) { cleanup(workdir, ir) } +// TestImage_RepoDigests tests RepoDigest generation. +func TestImage_RepoDigests(t *testing.T) { + dgst, err := digest.Parse("sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc") + if err != nil { + t.Fatal(err) + } + + for _, test := range []struct { + name string + names []string + expected []string + }{ + { + name: "empty", + names: []string{}, + expected: nil, + }, + { + name: "tagged", + names: []string{"docker.io/library/busybox:latest"}, + expected: []string{"docker.io/library/busybox@sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc"}, + }, + { + name: "digest", + names: []string{"docker.io/library/busybox@sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc"}, + expected: []string{"docker.io/library/busybox@sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc"}, + }, + } { + t.Run(test.name, func(t *testing.T) { + image := &Image{ + image: &storage.Image{ + Names: test.names, + Digest: dgst, + }, + } + actual, err := image.RepoDigests() + if err != nil { + t.Fatal(err) + } + + assert.Equal(t, test.expected, actual) + }) + } +} + // Test_splitString tests the splitString function in image that // takes input and splits on / and returns the last array item func Test_splitString(t *testing.T) { diff --git a/pkg/varlinkapi/images.go b/pkg/varlinkapi/images.go index 5e4cb4ccb..8f8934025 100644 --- a/pkg/varlinkapi/images.go +++ b/pkg/varlinkapi/images.go @@ -41,13 +41,18 @@ func (i *LibpodAPI) ListImages(call iopodman.VarlinkCall) error { for _, image := range images { labels, _ := image.Labels(getContext()) containers, _ := image.Containers() + repoDigests, err := image.RepoDigests() + if err != nil { + return err + } + size, _ := image.Size(getContext()) i := iopodman.ImageInList{ Id: image.ID(), ParentId: image.Parent, RepoTags: image.Names(), - RepoDigests: image.RepoDigests(), + RepoDigests: repoDigests, Created: image.Created().String(), Size: int64(*size), VirtualSize: image.VirtualSize, @@ -73,6 +78,10 @@ func (i *LibpodAPI) GetImage(call iopodman.VarlinkCall, name string) error { if err != nil { return err } + repoDigests, err := newImage.RepoDigests() + if err != nil { + return err + } size, err := newImage.Size(getContext()) if err != nil { return err @@ -82,7 +91,7 @@ func (i *LibpodAPI) GetImage(call iopodman.VarlinkCall, name string) error { Id: newImage.ID(), ParentId: newImage.Parent, RepoTags: newImage.Names(), - RepoDigests: newImage.RepoDigests(), + RepoDigests: repoDigests, Created: newImage.Created().String(), Size: int64(*size), VirtualSize: newImage.VirtualSize, |