-
Notifications
You must be signed in to change notification settings - Fork 1.1k
/
checker.go
135 lines (113 loc) · 2.98 KB
/
checker.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
package imagerefchecker
import (
"context"
"encoding/json"
"strings"
"sync"
"github.com/containerd/containerd/content"
"github.com/containerd/containerd/images"
"github.com/moby/buildkit/cache"
digest "github.com/opencontainers/go-digest"
specs "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
)
const (
emptyGZLayer = digest.Digest("sha256:4f4fb700ef54461cfa02571ae0db9a0dc1e0cdb5577484a6d75e68dc38e8acc1")
)
type Opt struct {
ImageStore images.Store
ContentStore content.Store
}
// New creates new image reference checker that can be used to see if a reference
// is being used by any of the images in the image store
func New(opt Opt) cache.ExternalRefCheckerFunc {
return func() (cache.ExternalRefChecker, error) {
return &Checker{opt: opt}, nil
}
}
type Checker struct {
opt Opt
once sync.Once
images map[string]struct{}
cache map[string]bool
}
func (c *Checker) Exists(key string, blobs []digest.Digest) bool {
if c.opt.ImageStore == nil {
return false
}
c.once.Do(c.init)
if b, ok := c.cache[key]; ok {
return b
}
_, ok := c.images[layerKey(blobs)]
c.cache[key] = ok
return ok
}
func (c *Checker) init() {
c.images = map[string]struct{}{}
c.cache = map[string]bool{}
imgs, err := c.opt.ImageStore.List(context.TODO())
if err != nil {
return
}
var mu sync.Mutex
for _, img := range imgs {
if err := images.Dispatch(context.TODO(), images.Handlers(layersHandler(c.opt.ContentStore, func(layers []specs.Descriptor) {
mu.Lock()
c.registerLayers(layers)
mu.Unlock()
})), nil, img.Target); err != nil {
return
}
}
}
func (c *Checker) registerLayers(l []specs.Descriptor) {
if k := layerKey(toDigests(l)); k != "" {
c.images[k] = struct{}{}
}
}
func toDigests(layers []specs.Descriptor) []digest.Digest {
digests := make([]digest.Digest, len(layers))
for i, l := range layers {
digests[i] = l.Digest
}
return digests
}
func layerKey(layers []digest.Digest) string {
b := &strings.Builder{}
for _, l := range layers {
if l != emptyGZLayer {
b.Write([]byte(l))
}
}
return b.String()
}
func layersHandler(provider content.Provider, f func([]specs.Descriptor)) images.HandlerFunc {
return func(ctx context.Context, desc specs.Descriptor) ([]specs.Descriptor, error) {
switch desc.MediaType {
case images.MediaTypeDockerSchema2Manifest, specs.MediaTypeImageManifest:
p, err := content.ReadBlob(ctx, provider, desc)
if err != nil {
return nil, nil
}
var manifest specs.Manifest
if err := json.Unmarshal(p, &manifest); err != nil {
return nil, err
}
f(manifest.Layers)
return nil, nil
case images.MediaTypeDockerSchema2ManifestList, specs.MediaTypeImageIndex:
p, err := content.ReadBlob(ctx, provider, desc)
if err != nil {
return nil, nil
}
var index specs.Index
if err := json.Unmarshal(p, &index); err != nil {
return nil, err
}
return index.Manifests, nil
default:
return nil, errors.Errorf("encountered unknown type %v", desc.MediaType)
}
}
}