forked from moby/buildkit
/
checker.go
154 lines (131 loc) · 3.41 KB
/
checker.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
package imagerefchecker
import (
"context"
"encoding/json"
"strings"
"sync"
"github.com/containerd/containerd/content"
"github.com/containerd/containerd/images"
"github.com/moby/buildkit/cache"
"github.com/moby/buildkit/snapshot"
digest "github.com/opencontainers/go-digest"
specs "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
)
const (
emptyGZLayer = digest.Digest("sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1")
)
type Opt struct {
Snapshotter snapshot.Snapshotter
ImageStore images.Store
ContentStore content.Provider
}
// New creates new image reference checker that can be used to see if a reference
// is being used by any of the images in the image store
func New(opt Opt) cache.ExternalRefCheckerFunc {
return func() (cache.ExternalRefChecker, error) {
return &checker{opt: opt}, nil
}
}
type checker struct {
opt Opt
once sync.Once
images map[string]struct{}
cache map[string]bool
}
func (c *checker) Exists(key string) bool {
if c.opt.ImageStore == nil {
return false
}
c.once.Do(c.init)
if b, ok := c.cache[key]; ok {
return b
}
l, err := c.getLayers(key)
if err != nil {
c.cache[key] = false
return false
}
_, ok := c.images[layerKey(l)]
c.cache[key] = ok
return ok
}
func (c *checker) getLayers(key string) ([]specs.Descriptor, error) {
_, blob, err := c.opt.Snapshotter.GetBlob(context.TODO(), key)
if err != nil {
return nil, err
}
stat, err := c.opt.Snapshotter.Stat(context.TODO(), key)
if err != nil {
return nil, err
}
var layers []specs.Descriptor
if parent := stat.Parent; parent != "" {
layers, err = c.getLayers(parent)
if err != nil {
return nil, err
}
}
return append(layers, specs.Descriptor{Digest: blob}), nil
}
func (c *checker) init() {
c.images = map[string]struct{}{}
c.cache = map[string]bool{}
imgs, err := c.opt.ImageStore.List(context.TODO())
if err != nil {
return
}
var mu sync.Mutex
for _, img := range imgs {
if err := images.Dispatch(context.TODO(), images.Handlers(layersHandler(c.opt.ContentStore, func(layers []specs.Descriptor) {
mu.Lock()
c.registerLayers(layers)
mu.Unlock()
})), img.Target); err != nil {
return
}
}
}
func (c *checker) registerLayers(l []specs.Descriptor) {
if k := layerKey(l); k != "" {
c.images[k] = struct{}{}
}
}
func layerKey(layers []specs.Descriptor) string {
b := &strings.Builder{}
for _, l := range layers {
if l.Digest != emptyGZLayer {
b.Write([]byte(l.Digest))
}
}
return b.String()
}
func layersHandler(provider content.Provider, f func([]specs.Descriptor)) images.HandlerFunc {
return func(ctx context.Context, desc specs.Descriptor) ([]specs.Descriptor, error) {
switch desc.MediaType {
case images.MediaTypeDockerSchema2Manifest, specs.MediaTypeImageManifest:
p, err := content.ReadBlob(ctx, provider, desc)
if err != nil {
return nil, nil
}
var manifest specs.Manifest
if err := json.Unmarshal(p, &manifest); err != nil {
return nil, err
}
f(manifest.Layers)
return nil, nil
case images.MediaTypeDockerSchema2ManifestList, specs.MediaTypeImageIndex:
p, err := content.ReadBlob(ctx, provider, desc)
if err != nil {
return nil, nil
}
var index specs.Index
if err := json.Unmarshal(p, &index); err != nil {
return nil, err
}
return index.Manifests, nil
default:
return nil, errors.Errorf("encountered unknown type %v", desc.MediaType)
}
}
}