-
Notifications
You must be signed in to change notification settings - Fork 9
/
exportregistry.go
121 lines (99 loc) · 3.2 KB
/
exportregistry.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
// Copyright 2022 Namespace Labs Inc; All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
package buildkit
import (
"context"
"fmt"
"github.com/google/go-containerregistry/pkg/name"
"github.com/google/go-containerregistry/pkg/v1/remote"
"github.com/moby/buildkit/client"
"github.com/moby/buildkit/exporter/containerimage/exptypes"
"namespacelabs.dev/foundation/internal/artifacts/oci"
"namespacelabs.dev/foundation/internal/compute"
"namespacelabs.dev/foundation/internal/fnerrors"
"namespacelabs.dev/foundation/std/tasks"
)
func exportToRegistry(parent any, original ExportToRegistryRequest, rewritten *ExportToRegistryRequest, registryAccess oci.RegistryAccess) exporter[oci.Image] {
if rewritten == nil {
rewritten = &original
}
return &exportRegistry{parent: parent, requested: original, target: *rewritten, registryAccess: registryAccess}
}
type exportRegistry struct {
parent any
requested ExportToRegistryRequest
target ExportToRegistryRequest
registryAccess oci.RegistryAccess
parsed name.Repository
}
func (e *exportRegistry) Kind() string { return "registry" }
func (e *exportRegistry) Prepare(ctx context.Context) error {
p, err := name.NewRepository(e.requested.Name, e.nameOpts()...)
if err != nil {
return err
}
e.parsed = p
return nil
}
func (e *exportRegistry) nameOpts() []name.Option {
if e.requested.Insecure {
return []name.Option{name.Insecure}
}
return nil
}
func (e *exportRegistry) Exports() []client.ExportEntry {
return []client.ExportEntry{{
Type: client.ExporterImage,
Attrs: MaybeForceEstargz(map[string]string{
"push": "true",
"name": e.target.Name,
"push-by-digest": "true",
"registry.insecure": fmt.Sprintf("%v", e.target.Insecure),
"buildinfo": "false", // Remove build info to keep reproducibility.
KeySourceDateEpoch: "0",
}),
}}
}
func (e *exportRegistry) Provide(ctx context.Context, res *client.SolveResponse, opts builtkitOpts) (oci.Image, error) {
digest, ok := res.ExporterResponse[exptypes.ExporterImageDigestKey]
if !ok {
return nil, fnerrors.New("digest is missing from result")
}
p, err := name.NewDigest(e.parsed.Name()+"@"+digest, e.nameOpts()...)
if err != nil {
return nil, err
}
img, err := compute.WithGraphLifecycle(ctx, func(ctx context.Context) (oci.Image, error) {
options, err := oci.RemoteOptsWithAuth(ctx, e.registryAccess, false)
if err != nil {
return nil, err
}
return remote.Image(p, options...)
})
if err != nil {
return nil, err
}
if opts.SupportsCanonicalBuilds {
return img, nil
}
return canonical(ctx, img)
}
func canonical(ctx context.Context, original oci.Image) (oci.Image, error) {
img, err := tasks.Return(ctx, tasks.Action("buildkit.make-canonical"), func(ctx context.Context) (oci.Image, error) {
return oci.WithCanonicalManifest(ctx, original)
})
if err != nil {
return nil, err
}
digest, err := img.Digest()
if err != nil {
return nil, err
}
cfgName, err := img.ConfigName()
if err != nil {
return nil, err
}
tasks.Attachments(ctx).AddResult("digest", digest).AddResult("config", cfgName)
return img, nil
}