Return image references from the storage package

The image's canonical reference is a name with a digest of the image's
manifest, so in imageService.ImageStatus() and
imageService.ListImages(), divide the image's name list into tagged and
digested values, and if we have names, add canonical versions.

In Server.ContainerStatus(), return the image name as it was given to us
as the image, and the image digested reference as the image reference.

In Server.ListImages(), be sure to only return tagged names in the
RepoTags field.  In Server.ImageStatus(), also return canonical
references in the RepoDigests field.

In Server.PullImage(), be sure that we consistently return the same
image reference for an image, whether we ended up pulling it or not.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
This commit is contained in:
Nalin Dahyabhai 2017-07-12 12:41:38 -04:00
parent 553979e1fc
commit f3b7065bd8
13 changed files with 265 additions and 126 deletions

View file

@ -103,7 +103,7 @@ cp "$CONMON_BINARY" "$TESTDIR/conmon"
PATH=$PATH:$TESTDIR
# Make sure we have a copy of the redis:latest image.
# Make sure we have a copy of the redis:alpine image.
if ! [ -d "$ARTIFACTS_PATH"/redis-image ]; then
mkdir -p "$ARTIFACTS_PATH"/redis-image
if ! "$COPYIMG_BINARY" --import-from=docker://redis:alpine --export-to=dir:"$ARTIFACTS_PATH"/redis-image --signature-policy="$INTEGRATION_ROOT"/policy.json ; then
@ -113,19 +113,6 @@ if ! [ -d "$ARTIFACTS_PATH"/redis-image ]; then
fi
fi
# TODO: remove the code below for redis digested image id when
# https://github.com/kubernetes-incubator/cri-o/issues/531 is complete
# as the digested reference will be auto-stored when pulling the tag
# above
if ! [ -d "$ARTIFACTS_PATH"/redis-image-digest ]; then
mkdir -p "$ARTIFACTS_PATH"/redis-image-digest
if ! "$COPYIMG_BINARY" --import-from=docker://redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b --export-to=dir:"$ARTIFACTS_PATH"/redis-image-digest --signature-policy="$INTEGRATION_ROOT"/policy.json ; then
echo "Error pulling docker://redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b"
rm -fr "$ARTIFACTS_PATH"/redis-image-digest
exit 1
fi
fi
# Make sure we have a copy of the runcom/stderr-test image.
if ! [ -d "$ARTIFACTS_PATH"/stderr-test ]; then
mkdir -p "$ARTIFACTS_PATH"/stderr-test
@ -226,13 +213,8 @@ function start_crio() {
"$BIN2IMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --source-binary "$PAUSE_BINARY"
fi
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=redis:alpine --import-from=dir:"$ARTIFACTS_PATH"/redis-image --add-name=docker.io/library/redis:alpine --signature-policy="$INTEGRATION_ROOT"/policy.json
# TODO: remove the code below for redis:alpine digested image id when
# https://github.com/kubernetes-incubator/cri-o/issues/531 is complete
# as the digested reference will be auto-stored when pulling the tag
# above
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b --import-from=dir:"$ARTIFACTS_PATH"/redis-image-digest --add-name=docker.io/library/redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=mrunalp/oom --import-from=dir:"$ARTIFACTS_PATH"/oom-image --add-name=docker.io/library/mrunalp/oom --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=mrunalp/image-volume-test --import-from=dir:"$ARTIFACTS_PATH"/image-volume-test-image --add-name=docker.io/library/mrunalp/image-volume-test --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=mrunalp/oom --import-from=dir:"$ARTIFACTS_PATH"/oom-image --add-name=docker.io/mrunalp/oom --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=mrunalp/image-volume-test --import-from=dir:"$ARTIFACTS_PATH"/image-volume-test-image --add-name=docker.io/mrunalp/image-volume-test --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=busybox:latest --import-from=dir:"$ARTIFACTS_PATH"/busybox-image --add-name=docker.io/library/busybox:latest --signature-policy="$INTEGRATION_ROOT"/policy.json
"$COPYIMG_BINARY" --root "$TESTDIR/crio" $STORAGE_OPTIONS --runroot "$TESTDIR/crio-run" --image-name=runcom/stderr-test:latest --import-from=dir:"$ARTIFACTS_PATH"/stderr-test --add-name=docker.io/runcom/stderr-test:latest --signature-policy="$INTEGRATION_ROOT"/policy.json
"$CRIO_BINARY" ${DEFAULT_MOUNTS_OPTS} ${HOOKS_OPTS} --conmon "$CONMON_BINARY" --listen "$CRIO_SOCKET" --cgroup-manager "$CGROUP_MANAGER" --registry "docker.io" --runtime "$RUNTIME_BINARY" --root "$TESTDIR/crio" --runroot "$TESTDIR/crio-run" $STORAGE_OPTIONS --seccomp-profile "$seccomp" --apparmor-profile "$apparmor" --cni-config-dir "$CRIO_CNI_CONFIG" --cni-plugin-dir "$CRIO_CNI_PLUGIN" --signature-policy "$INTEGRATION_ROOT"/policy.json --image-volumes "$IMAGE_VOLUMES" --pids-limit "$PIDS_LIMIT" --enable-shared-pid-namespace=${ENABLE_SHARED_PID_NAMESPACE} --log-size-max "$LOG_SIZE_MAX_LIMIT" --config /dev/null config >$CRIO_CONFIG
@ -252,44 +234,28 @@ function start_crio() {
if [ "$status" -ne 0 ] ; then
crictl pull redis:alpine
fi
REDIS_IMAGEID=$(crictl inspecti redis:alpine | head -1 | sed -e "s/ID: //g")
REDIS_IMAGEID=$(crictl inspecti redis:alpine | grep ^ID: | head -n 1 | sed -e "s/ID: //g")
REDIS_IMAGEREF=$(crictl inspecti redis:alpine | grep ^Digest: | head -n 1 | sed -e "s/Digest: //g")
run crictl inspecti mrunalp/oom
if [ "$status" -ne 0 ] ; then
crictl pull mrunalp/oom
fi
#
#
#
# TODO: remove the code below for redis digested image id when
# https://github.com/kubernetes-incubator/cri-o/issues/531 is complete
# as the digested reference will be auto-stored when pulling the tag
# above
#
#
#
REDIS_IMAGEID_DIGESTED="redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b"
run crictl inspecti $REDIS_IMAGEID_DIGESTED
if [ "$status" -ne 0 ]; then
crictl pull $REDIS_IMAGEID_DIGESTED
fi
#
#
#
run crictl inspecti runcom/stderr-test
OOM_IMAGEID=$(crictl inspecti mrunalp/oom | grep ^ID: | head -n 1 | sed -e "s/ID: //g")
run crioctl image status --id=runcom/stderr-test
if [ "$status" -ne 0 ] ; then
crictl pull runcom/stderr-test:latest
fi
STDERR_IMAGEID=$(crictl inspecti runcom/stderr-test | head -1 | sed -e "s/ID: //g")
STDERR_IMAGEID=$(crictl inspecti runcom/stderr-test | grep ^ID: | head -n 1 | sed -e "s/ID: //g")
run crictl inspecti busybox
if [ "$status" -ne 0 ] ; then
crictl pull busybox:latest
fi
BUSYBOX_IMAGEID=$(crictl inspecti busybox | head -1 | sed -e "s/ID: //g")
BUSYBOX_IMAGEID=$(crictl inspecti busybox | grep ^ID: | head -n 1 | sed -e "s/ID: //g")
run crictl inspecti mrunalp/image-volume-test
if [ "$status" -ne 0 ] ; then
crictl pull mrunalp/image-volume-test:latest
fi
VOLUME_IMAGEID=$(crictl inspecti mrunalp/image-volume-test | head -1 | sed -e "s/ID: //g")
VOLUME_IMAGEID=$(crictl inspecti mrunalp/image-volume-test | grep ^ID: | head -n 1 | sed -e "s/ID: //g")
}
function cleanup_ctrs() {

View file

@ -25,7 +25,7 @@ function teardown() {
stop_crio
}
@test "container status return image:tag if created by image ID" {
@test "container status when created by image ID" {
start_crio
run crictl runs "$TESTDATA"/sandbox_config.json
@ -43,16 +43,15 @@ function teardown() {
run crictl inspect "$ctr_id" --output yaml
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "image: redis:alpine" ]]
[[ "$output" =~ "image: docker.io/library/redis:alpine" ]]
[[ "$output" =~ "imageRef: $REDIS_IMAGEREF" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "container status return image@digest if created by image ID and digest available" {
skip "depends on https://github.com/kubernetes-incubator/cri-o/issues/531"
@test "container status when created by image tagged reference" {
start_crio
run crictl runs "$TESTDATA"/sandbox_config.json
@ -60,9 +59,9 @@ function teardown() {
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s/%VALUE%/$REDIS_IMAGEID_DIGESTED/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageid.json
sed -e "s/%VALUE%/redis:alpine/g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imagetag.json
run crictl create "$pod_id" "$TESTDIR"/ctr_by_imageid.json "$TESTDATA"/sandbox_config.json
run crictl create "$pod_id" "$TESTDIR"/ctr_by_imagetag.json "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
@ -70,22 +69,51 @@ function teardown() {
run crictl inspect "$ctr_id" --output yaml
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "image_ref: redis@sha256:03789f402b2ecfb98184bf128d180f398f81c63364948ff1454583b02442f73b" ]]
[[ "$output" =~ "image: docker.io/library/redis:alpine" ]]
[[ "$output" =~ "imageRef: $REDIS_IMAGEREF" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "image pull" {
@test "container status when created by image canonical reference" {
start_crio
run crictl runs "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
pod_id="$output"
sed -e "s|%VALUE%|$REDIS_IMAGEREF|g" "$TESTDATA"/container_config_by_imageid.json > "$TESTDIR"/ctr_by_imageref.json
run crictl create "$pod_id" "$TESTDIR"/ctr_by_imageref.json "$TESTDATA"/sandbox_config.json
echo "$output"
[ "$status" -eq 0 ]
ctr_id="$output"
run crictl inspect "$ctr_id" --output yaml
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "image: docker.io/library/redis:alpine" ]]
[[ "$output" =~ "imageRef: $REDIS_IMAGEREF" ]]
cleanup_ctrs
cleanup_pods
stop_crio
}
@test "image pull and list" {
start_crio "" "" --no-pause-image
run crictl pull "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
run crictl inspecti "$IMAGE"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "$IMAGE" ]]
cleanup_images
stop_crio
}
@ -108,7 +136,33 @@ function teardown() {
stop_crio
}
@test "image pull and list by digest" {
@test "image pull and list by tag and ID" {
start_crio "" "" --no-pause-image
run crictl pull "$IMAGE:go"
echo "$output"
[ "$status" -eq 0 ]
run crictl images --quiet "$IMAGE:go"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
imageid="$output"
run crictl images --quiet @"$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run crictl images --quiet "$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
cleanup_images
stop_crio
}
@test "image pull and list by digest and ID" {
start_crio "" "" --no-pause-image
run crictl pull nginx@sha256:33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
echo "$output"
@ -118,18 +172,20 @@ function teardown() {
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
imageid="$output"
run crictl images --quiet nginx@33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
imageid="$output"
run crictl images --quiet @33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
run crictl images --quiet @"$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]
run crictl images --quiet 33eb1ed1e802d4f71e52421f56af028cdf12bb3bfff5affeaf5bf0e328ffa1bc
run crictl images --quiet "$imageid"
[ "$status" -eq 0 ]
echo "$output"
[ "$output" != "" ]

View file

@ -30,13 +30,15 @@ function teardown() {
out=`echo -e "GET /containers/$ctr_id HTTP/1.1\r\nHost: crio\r\n" | socat - UNIX-CONNECT:$CRIO_SOCKET`
echo "$out"
[[ "$out" =~ "\"sandbox\":\"$pod_id\"" ]]
[[ "$out" =~ "\"image\":\"redis:alpine\"" ]]
[[ "$out" =~ "\"image\":\"docker.io/library/redis:alpine\"" ]]
[[ "$out" =~ "\"image_ref\":\"$REDIS_IMAGEREF\"" ]]
run crictl inspect --output json "$ctr_id"
echo "$output"
[ "$status" -eq 0 ]
[[ "$output" =~ "\"id\": \"$ctr_id\"" ]]
[[ "$output" =~ "\"image\": \"redis:alpine\"" ]]
[[ "$output" =~ "\"image\": \"docker.io/library/redis:alpine\"" ]]
[[ "$output" =~ "\"imageRef\": \"$REDIS_IMAGEREF\"" ]]
run crictl inspects --output json "$pod_id"
echo "$output"