WIP

BuildSourceImage.sh

@@ -39,7 +39,7 @@ _init() {
     set -o pipefail
 
     # check for tools we depend on
-    for cmd in jq skopeo dnf file find tar stat date ; do
+    for cmd in jq dnf file find tar stat date ; do
         if [ -z "$(command -v ${cmd})" ] ; then
             # TODO: maybe this could be individual checks so it can report
             # where to find the tools
@@ -209,7 +209,7 @@ parse_img_tag() {
 
 #
 # an inline prefixer for containers/image tools
-#
+# XXX redo this to only validate for 'oci:...', otherwise bail
 ref_prefix() {
     local ref="${1}"
     local pfxs
@@ -243,68 +243,6 @@ ref_src_img_tag() {
     echo -n "$(parse_img_tag "${ref}")""${source_image_suffix}"
 }
 
-#
-# call out to registry for the image reference's digest checksum
-#
-fetch_img_digest() {
-    local ref="${1}"
-    local dgst
-    local ret
-
-    ## TODO: check for authfile, creds, and whether it's an insecure registry
-    dgst=$(skopeo inspect "$(ref_prefix "${ref}")" | jq .Digest | tr -d \")
-    ret=$?
-    if [ $ret -ne 0 ] ; then
-        echo "ERROR: check the image reference: ${ref}" >&2
-        return $ret
-    fi
-
-    echo -n "${dgst}"
-}
-
-#
-# pull down the image to an OCI layout
-# arguments: image ref
-# returns: path:tag to the OCI layout
-#
-# any commands should only output to stderr, so that the caller can receive the
-# path reference to the OCI layout.
-#
-fetch_img() {
-    local ref="${1}"
-    local dst="${2}"
-    local base
-    local tag
-    local dgst
-    local from
-    local ret
-
-    _mkdir_p "${dst}"
-
-    base="$(parse_img_base "${ref}")"
-    tag="$(parse_img_tag "${ref}")"
-    dgst="$(parse_img_digest "${ref}")"
-    from=""
-    # skopeo currently only support _either_ tag _or_ digest, so we'll be specific.
-    if [ -n "${dgst}" ] ; then
-        from="$(ref_prefix "${base}")@${dgst}"
-    else
-        from="$(ref_prefix "${base}"):${tag}"
-    fi
-
-    ## TODO: check for authfile, creds, and whether it's an insecure registry
-    ## destination name must have the image tag included (umoci expects it)
-    skopeo \
-        copy \
-        "${from}" \
-        "oci:${dst}:${tag}" >&2
-    ret=$?
-    if [ ${ret} -ne 0 ] ; then
-        return ${ret}
-    fi
-    echo -n "${dst}:${tag}"
-}
-
 #
 # upack_img <oci layout path> <unpack path>
 #
@@ -427,21 +365,6 @@ unpack_img_umoci() {
     return $ret
 }
 
-#
-# copy an image from one location to another
-#
-push_img() {
-    local src="${1}"
-    local dst="${2}"
-
-    _debug "pushing image ${src} to ${dst}"
-    ## TODO: check for authfile, creds, and whether it's an insecure registry
-    skopeo copy --dest-tls-verify=false "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" # XXX for demo only
-    #skopeo copy "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")"
-    ret=$?
-    return $ret
-}
-
 #
 # sets up a basic new OCI layout, for an image with the provided (or default 'latest') tag
 #
@@ -1258,7 +1181,6 @@ main() {
     # TODO maybe look to a directory like /usr/libexec/BuildSourceImage/drivers/ for drop-ins to run
 
     _info "succesfully packed 'oci:${src_img_dir}:${src_img_tag}'"
-    _debug "$(skopeo inspect oci:"${src_img_dir}":"${src_img_tag}")"
 
     ## if an output directory is provided then save a copy to it
     if [ -n "${output_dir}" ] ; then

relocate.sh

@@ -0,0 +1,108 @@
+#!/bin/bash
+
+## depracted code for moving containers (what skopeo does)
+
+#
+# copy an image from one location to another
+#
+push_img() {
+    local src="${1}"
+    local dst="${2}"
+
+    _debug "pushing image ${src} to ${dst}"
+    ## TODO: check for authfile, creds, and whether it's an insecure registry
+    skopeo copy --dest-tls-verify=false "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")" # XXX for demo only
+    #skopeo copy "$(ref_prefix "${src}")" "$(ref_prefix "${dst}")"
+    ret=$?
+    return $ret
+}
+
+
+#
+# call out to registry for the image reference's digest checksum
+#
+fetch_img_digest() {
+    local ref="${1}"
+    local dgst
+    local ret
+
+    ## TODO: check for authfile, creds, and whether it's an insecure registry
+    dgst=$(skopeo inspect "$(ref_prefix "${ref}")" | jq .Digest | tr -d \")
+    ret=$?
+    if [ $ret -ne 0 ] ; then
+        echo "ERROR: check the image reference: ${ref}" >&2
+        return $ret
+    fi
+
+    echo -n "${dgst}"
+}
+
+
+#
+# an inline prefixer for containers/image tools
+#
+ref_prefix() {
+    local ref="${1}"
+    local pfxs
+    local ret
+
+    # get the supported prefixes of the current version of skopeo
+    mapfile -t pfxs < <(skopeo copy --help | grep -A1 "Supported transports:" | grep -v "Supported transports" | sed 's/, /\n/g')
+    ret=$?
+    if [ ${ret} -ne 0 ] ; then
+        return ${ret}
+    fi
+
+    for pfx in "${pfxs[@]}" ; do
+        if echo "${ref}" | grep -q "^${pfx}:" ; then
+            # break if we match a known prefix
+            echo "${ref}"
+            return 0
+        fi
+    done
+    # else default
+    echo "docker://${ref}"
+}
+
+#
+# pull down the image to an OCI layout
+# arguments: image ref
+# returns: path:tag to the OCI layout
+#
+# any commands should only output to stderr, so that the caller can receive the
+# path reference to the OCI layout.
+#
+fetch_img() {
+    local ref="${1}"
+    local dst="${2}"
+    local base
+    local tag
+    local dgst
+    local from
+    local ret
+
+    _mkdir_p "${dst}"
+
+    base="$(parse_img_base "${ref}")"
+    tag="$(parse_img_tag "${ref}")"
+    dgst="$(parse_img_digest "${ref}")"
+    from=""
+    # skopeo currently only support _either_ tag _or_ digest, so we'll be specific.
+    if [ -n "${dgst}" ] ; then
+        from="$(ref_prefix "${base}")@${dgst}"
+    else
+        from="$(ref_prefix "${base}"):${tag}"
+    fi
+
+    ## TODO: check for authfile, creds, and whether it's an insecure registry
+    ## destination name must have the image tag included (umoci expects it)
+    skopeo \
+        copy \
+        "${from}" \
+        "oci:${dst}:${tag}" >&2
+    ret=$?
+    if [ ${ret} -ne 0 ] ; then
+        return ${ret}
+    fi
+    echo -n "${dst}:${tag}"
+}