2018-02-05 21:05:59 +00:00
|
|
|
package image // import "github.com/docker/docker/image"
|
2015-11-18 22:18:07 +00:00
|
|
|
|
|
|
|
import (
|
2023-06-23 00:33:17 +00:00
|
|
|
"context"
|
2015-11-18 22:18:07 +00:00
|
|
|
"fmt"
|
|
|
|
"os"
|
|
|
|
"path/filepath"
|
|
|
|
"sync"
|
|
|
|
|
2023-09-13 15:41:45 +00:00
|
|
|
"github.com/containerd/log"
|
2016-04-21 00:08:47 +00:00
|
|
|
"github.com/docker/docker/pkg/ioutils"
|
2022-03-04 13:49:42 +00:00
|
|
|
"github.com/opencontainers/go-digest"
|
2017-03-06 15:36:52 +00:00
|
|
|
"github.com/pkg/errors"
|
2015-11-18 22:18:07 +00:00
|
|
|
)
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
// DigestWalkFunc is function called by StoreBackend.Walk
|
|
|
|
type DigestWalkFunc func(id digest.Digest) error
|
2015-11-18 22:18:07 +00:00
|
|
|
|
|
|
|
// StoreBackend provides interface for image.Store persistence
|
|
|
|
type StoreBackend interface {
|
2016-09-15 23:37:32 +00:00
|
|
|
Walk(f DigestWalkFunc) error
|
|
|
|
Get(id digest.Digest) ([]byte, error)
|
|
|
|
Set(data []byte) (digest.Digest, error)
|
|
|
|
Delete(id digest.Digest) error
|
|
|
|
SetMetadata(id digest.Digest, key string, data []byte) error
|
|
|
|
GetMetadata(id digest.Digest, key string) ([]byte, error)
|
|
|
|
DeleteMetadata(id digest.Digest, key string) error
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// fs implements StoreBackend using the filesystem.
|
|
|
|
type fs struct {
|
|
|
|
sync.RWMutex
|
|
|
|
root string
|
|
|
|
}
|
|
|
|
|
|
|
|
const (
|
|
|
|
contentDirName = "content"
|
|
|
|
metadataDirName = "metadata"
|
|
|
|
)
|
|
|
|
|
|
|
|
// NewFSStoreBackend returns new filesystem based backend for image.Store
|
|
|
|
func NewFSStoreBackend(root string) (StoreBackend, error) {
|
|
|
|
return newFSStore(root)
|
|
|
|
}
|
|
|
|
|
|
|
|
func newFSStore(root string) (*fs, error) {
|
|
|
|
s := &fs{
|
|
|
|
root: root,
|
|
|
|
}
|
2023-08-24 15:57:22 +00:00
|
|
|
if err := os.MkdirAll(filepath.Join(root, contentDirName, string(digest.Canonical)), 0o700); err != nil {
|
2017-03-06 15:36:52 +00:00
|
|
|
return nil, errors.Wrap(err, "failed to create storage backend")
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
2023-08-24 15:57:22 +00:00
|
|
|
if err := os.MkdirAll(filepath.Join(root, metadataDirName, string(digest.Canonical)), 0o700); err != nil {
|
2017-03-06 15:36:52 +00:00
|
|
|
return nil, errors.Wrap(err, "failed to create storage backend")
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
return s, nil
|
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
func (s *fs) contentFile(dgst digest.Digest) string {
|
2022-11-08 15:42:13 +00:00
|
|
|
return filepath.Join(s.root, contentDirName, string(dgst.Algorithm()), dgst.Encoded())
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
func (s *fs) metadataDir(dgst digest.Digest) string {
|
2022-11-08 15:42:13 +00:00
|
|
|
return filepath.Join(s.root, metadataDirName, string(dgst.Algorithm()), dgst.Encoded())
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// Walk calls the supplied callback for each image ID in the storage backend.
|
2016-09-15 23:37:32 +00:00
|
|
|
func (s *fs) Walk(f DigestWalkFunc) error {
|
2015-11-18 22:18:07 +00:00
|
|
|
// Only Canonical digest (sha256) is currently supported
|
|
|
|
s.RLock()
|
2021-08-24 10:10:50 +00:00
|
|
|
dir, err := os.ReadDir(filepath.Join(s.root, contentDirName, string(digest.Canonical)))
|
2015-11-18 22:18:07 +00:00
|
|
|
s.RUnlock()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
|
|
|
}
|
|
|
|
for _, v := range dir {
|
2022-11-08 15:42:13 +00:00
|
|
|
dgst := digest.NewDigestFromEncoded(digest.Canonical, v.Name())
|
2015-11-18 22:18:07 +00:00
|
|
|
if err := dgst.Validate(); err != nil {
|
2023-06-23 00:33:17 +00:00
|
|
|
log.G(context.TODO()).Debugf("skipping invalid digest %s: %s", dgst, err)
|
2015-11-18 22:18:07 +00:00
|
|
|
continue
|
|
|
|
}
|
2016-09-15 23:37:32 +00:00
|
|
|
if err := f(dgst); err != nil {
|
2015-11-18 22:18:07 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
// Get returns the content stored under a given digest.
|
|
|
|
func (s *fs) Get(dgst digest.Digest) ([]byte, error) {
|
2015-11-18 22:18:07 +00:00
|
|
|
s.RLock()
|
|
|
|
defer s.RUnlock()
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
return s.get(dgst)
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
func (s *fs) get(dgst digest.Digest) ([]byte, error) {
|
2021-08-24 10:10:50 +00:00
|
|
|
content, err := os.ReadFile(s.contentFile(dgst))
|
2015-11-18 22:18:07 +00:00
|
|
|
if err != nil {
|
2017-03-06 15:36:52 +00:00
|
|
|
return nil, errors.Wrapf(err, "failed to get digest %s", dgst)
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// todo: maybe optional
|
2016-09-15 23:37:32 +00:00
|
|
|
if digest.FromBytes(content) != dgst {
|
|
|
|
return nil, fmt.Errorf("failed to verify: %v", dgst)
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return content, nil
|
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
// Set stores content by checksum.
|
|
|
|
func (s *fs) Set(data []byte) (digest.Digest, error) {
|
2015-11-18 22:18:07 +00:00
|
|
|
s.Lock()
|
|
|
|
defer s.Unlock()
|
|
|
|
|
|
|
|
if len(data) == 0 {
|
2016-12-13 14:15:08 +00:00
|
|
|
return "", fmt.Errorf("invalid empty data")
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
dgst := digest.FromBytes(data)
|
2023-08-24 15:57:22 +00:00
|
|
|
if err := ioutils.AtomicWriteFile(s.contentFile(dgst), data, 0o600); err != nil {
|
2017-03-06 15:36:52 +00:00
|
|
|
return "", errors.Wrap(err, "failed to write digest data")
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
return dgst, nil
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
// Delete removes content and metadata files associated with the digest.
|
|
|
|
func (s *fs) Delete(dgst digest.Digest) error {
|
2015-11-18 22:18:07 +00:00
|
|
|
s.Lock()
|
|
|
|
defer s.Unlock()
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
if err := os.RemoveAll(s.metadataDir(dgst)); err != nil {
|
2015-11-18 22:18:07 +00:00
|
|
|
return err
|
|
|
|
}
|
2018-01-14 23:42:25 +00:00
|
|
|
return os.Remove(s.contentFile(dgst))
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
// SetMetadata sets metadata for a given ID. It fails if there's no base file.
|
2016-09-15 23:37:32 +00:00
|
|
|
func (s *fs) SetMetadata(dgst digest.Digest, key string, data []byte) error {
|
2015-11-18 22:18:07 +00:00
|
|
|
s.Lock()
|
|
|
|
defer s.Unlock()
|
2016-09-15 23:37:32 +00:00
|
|
|
if _, err := s.get(dgst); err != nil {
|
2015-11-18 22:18:07 +00:00
|
|
|
return err
|
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
baseDir := filepath.Join(s.metadataDir(dgst))
|
2023-08-24 15:57:22 +00:00
|
|
|
if err := os.MkdirAll(baseDir, 0o700); err != nil {
|
2015-11-18 22:18:07 +00:00
|
|
|
return err
|
|
|
|
}
|
2023-08-24 15:57:22 +00:00
|
|
|
return ioutils.AtomicWriteFile(filepath.Join(s.metadataDir(dgst), key), data, 0o600)
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
// GetMetadata returns metadata for a given digest.
|
|
|
|
func (s *fs) GetMetadata(dgst digest.Digest, key string) ([]byte, error) {
|
2015-11-18 22:18:07 +00:00
|
|
|
s.RLock()
|
|
|
|
defer s.RUnlock()
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
if _, err := s.get(dgst); err != nil {
|
2015-11-18 22:18:07 +00:00
|
|
|
return nil, err
|
|
|
|
}
|
2021-08-24 10:10:50 +00:00
|
|
|
bytes, err := os.ReadFile(filepath.Join(s.metadataDir(dgst), key))
|
2017-03-06 15:36:52 +00:00
|
|
|
if err != nil {
|
|
|
|
return nil, errors.Wrap(err, "failed to read metadata")
|
|
|
|
}
|
|
|
|
return bytes, nil
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
// DeleteMetadata removes the metadata associated with a digest.
|
|
|
|
func (s *fs) DeleteMetadata(dgst digest.Digest, key string) error {
|
2015-11-18 22:18:07 +00:00
|
|
|
s.Lock()
|
|
|
|
defer s.Unlock()
|
|
|
|
|
2016-09-15 23:37:32 +00:00
|
|
|
return os.RemoveAll(filepath.Join(s.metadataDir(dgst), key))
|
2015-11-18 22:18:07 +00:00
|
|
|
}
|