feat(ecr): Batch 2 — image + layer ops, content-addressed blob storage

[vieiralucas]

Summary

• Batch 2 of 4 in the ECR buildout, building on feat(ecr): add ECR Batch 1 — repository CRUD, tags, policies #717.
• Ships 10 ops: PutImage, BatchGetImage, BatchDeleteImage, BatchCheckLayerAvailability, DescribeImages, ListImages, GetDownloadUrlForLayer, InitiateLayerUpload, UploadLayerPart, CompleteLayerUpload.
• Adds the content-addressed sha256 blob storage that Batch 3's OCI v2 Distribution protocol (the thing that makes real docker push / docker pull work) will expose over HTTP.
• 21/58 ECR operations now implemented, all 21 at 100% variant coverage.
• Baseline bumped: 60,621 / 61,743 variants passing (98.2%). No regressions on the 23 pre-existing services.

Key behaviours

• Layer upload state machine. InitiateLayerUpload returns a UUID + 10 MiB partSize (matching AWS). UploadLayerPart requires contiguous byte ranges and part-size consistency, bumping last_byte_received. CompleteLayerUpload recomputes the sha256 of the received bytes and rejects mismatched digests with LayerDigestMismatchException.
• Tag mutability. PutImage on an IMMUTABLE repo returns ImageAlreadyExistsException when a tag already points at a different digest; MUTABLE repos allow tag reassignment.
• BatchDeleteImage semantics. Deleting by tag removes only the tag when other tags still reference the digest; deleting by digest or removing the last tag removes the underlying image.
• Pagination. DescribeImages / ListImages use AWS's documented default page size of 100, enforce maxResults 1..=1000, and return InvalidContinuationTokenException on garbage nextToken input.
• Persistence. Snapshot schema v1 -> v2, with every new field serde(default) so v1 snapshots load cleanly. All mutating ops trigger a snapshot save.

Test plan

• cargo build --workspace
• cargo fmt --check
• cargo clippy --workspace --all-targets -- -D warnings
• cargo test -p fakecloud-e2e --test ecr --test ecr_persistence --test ecr_images — 13 passing
• cargo test -p fakecloud-conformance --test ecr — 21 passing
• cargo run -p fakecloud-conformance --release -- run --services ecr — 21/58 ops implemented, all 100%
• cargo run -p fakecloud-conformance --release -- check — no regressions on other services

Follow-up

• Batch 3: OCI v2 Distribution HTTP endpoints (/v2/...) + GetAuthorizationToken + Basic-Auth — the differentiator that makes docker push work against localhost:4566.
• Batch 4: lifecycle + scanning + registry + CloudFormation/Lambda integration + website landing + marketing.

---

Summary by cubic

Adds ECR image and layer operations with content‑addressed sha256 blob storage. Enables full image management via the JSON control plane and sets up OCI v2 push/pull next.

• New Features
  • Implemented: PutImage, BatchGetImage, BatchDeleteImage, BatchCheckLayerAvailability, DescribeImages, ListImages, GetDownloadUrlForLayer, InitiateLayerUpload, UploadLayerPart, CompleteLayerUpload.
  • Layer upload state machine: Initiate returns UUID + 10 MiB partSize; UploadLayerPart enforces contiguous ranges; CompleteLayerUpload validates digest before finalizing so mismatches return LayerDigestMismatchException without dropping upload state (retryable).
  • PutImage: computes manifest digest; if a supplied imageDigest mismatches, returns ImageDigestDoesNotMatchException. Tag rules: IMMUTABLE repos block tag reassignment (ImageAlreadyExistsException); MUTABLE repos allow it.
  • Delete behavior: deleting by tag removes only the tag; deleting by digest or the last tag removes the image.
  • Pagination: default 100 items; maxResults 1..=1000; invalid nextToken → InvalidContinuationTokenException.
  • Blob storage: per‑repo, sha256‑addressed layers; GetDownloadUrlForLayer returns /v2/<repo>/blobs/<digest> URL.
  • Persistence: snapshot schema v2 with serde defaults (v1 snapshots still load); all mutating ops save snapshots.
  • Conformance: 21/58 ECR ops at 100% variant coverage; baseline 60,621/61,743 (98.2%); no regressions.

^{Written for commit cc6b6b1. Summary will update on new commits.}

[codecov]

Codecov Report

❌ Patch coverage is 0.17391% with 574 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
crates/fakecloud-ecr/src/service.rs	0.00%	570 Missing ⚠️
crates/fakecloud-ecr/src/state.rs	20.00%	4 Missing ⚠️

📢 Thoughts on this report? Let us know!

[cubic-dev-ai]

2 issues found across 7 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="crates/fakecloud-ecr/src/service.rs">

<violation number="1" location="crates/fakecloud-ecr/src/service.rs:791">
P1: Validate `imageDigest` against the uploaded manifest bytes before accepting the push.</violation>

<violation number="2" location="crates/fakecloud-ecr/src/service.rs:1305">
P1: A digest mismatch currently deletes the in-progress upload state, preventing retry of the same upload.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}