CFE-977: Implementation of a blob gatherer for images in the local cache

[sherine-k]

Description

This PR is part of a larger user story CFE-977 - Generate smaller archives

In this PR, we focus on identifying those blobs (both layers, config and manifests of various formats (docker-v2 or oci), both single arch and multi arch) that form a container image that is saved to oc-mirror's local cache.

The implementation relies on interacting directly with the local cache registry using containers/image/v5 api.

This PR replaces #730

For the moment, the use of BlobGatherer is not fully integrated with the MirrorToDisk workflow. Following PRs will be in charge of that.

Fixes # CFE-979

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

Expected Outcome

Please describe the outcome expected from the tests

[openshift-ci-robot]

@sherine-k: This pull request references CFE-977 which is a valid jira issue.

In response to this:

Description

This PR is part of a larger user story CFE-977 - Generate smaller archives

In this PR, we focus on identifying those blobs (both layers, config and manifests of various formats (docker-v2 or oci), both single arch and multi arch) that form a container image that is saved to oc-mirror's local cache.

The implementation relies on interacting directly with the local cache registry using containers/image/v5 api.

This PR replaces #730

For the moment, the use of BlobGatherer is not fully integrated with the MirrorToDisk workflow. Following PRs will be in charge of that.

Fixes # CFE-979

Type of change

Please delete options that are not relevant.

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

Expected Outcome

Please describe the outcome expected from the tests

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: sherine-k

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [sherine-k]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[lmzuccarelli]

@sherine-k - some minor changes, other than that great work, lets take the WIP off once you have updated and then we can merge

[lmzuccarelli]

Are we going to ignore signature verification ?

[sherine-k]

I'm not sure it is important to verify signatures when collecting the blobs for images that we are mirroring.
That said, I think you bring up a good point for the signatures: do signatures need to be transported in the archives? I have no idea.
WDYT?

[lmzuccarelli]

Should we do a len check here - just to avoid ugly panics ?

[sherine-k]

This is fenced behind the strings.Contains. Do you think we should add another if ?

[lmzuccarelli]

+1

[lmzuccarelli]

+1

[lmzuccarelli]

Are we sure this is going to to have index 1 , ie should we check len

[aguidirh]

Hi @sherine-k,

Everything is working fine. I compared the output of the main branch with the one from this PR and both are identical. My image set config was the one below:

kind: ImageSetConfiguration
apiVersion: mirror.openshift.io/v1alpha2
mirror:
  platform:
    channels:
    - name: stable-4.13
      minVersion: 4.13.10
      maxVersion: 4.13.10
    graph: true
  operators:
    - catalog: registry.redhat.io/redhat/redhat-operator-index:v4.12
      packages:
       - name: aws-load-balancer-operator
  additionalImages: 
   - name: registry.redhat.io/ubi8/ubi:latest
   - name: registry.redhat.io/ubi9/ubi@sha256:20f695d2a91352d4eaa25107535126727b5945bff38ed36a3e59590f495046f0

After doing mirrorToDisk and diskToMirror I got the following output in my destination registry:

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/_catalog | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   329  100   329    0     0  84035      0 --:--:-- --:--:-- --:--:--  107k
{
  "repositories": [
    "albo/aws-load-balancer-controller-rhel8",
    "albo/aws-load-balancer-operator-bundle",
    "albo/aws-load-balancer-rhel8-operator",
    "openshift/graph-image",
    "openshift-release-dev/ocp-release",
    "openshift-release-dev/ocp-v4.0-art-dev",
    "openshift4/ose-kube-rbac-proxy",
    "redhat/redhat-operator-index",
    "ubi8/ubi",
    "ubi9/ubi"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/albo/aws-load-balancer-controller-rhel8/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   120  100   120    0     0  39267      0 --:--:-- --:--:-- --:--:-- 40000
{
  "name": "albo/aws-load-balancer-controller-rhel8",
  "tags": [
    "d7bc36451217",
    "cfd210a2cb70",
    "cad8f6380b4d",
    "537fc6c0219e"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/albo/aws-load-balancer-operator-bundle/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   119  100   119    0     0  41564      0 --:--:-- --:--:-- --:--:-- 59500
{
  "name": "albo/aws-load-balancer-operator-bundle",
  "tags": [
    "50b9402635dd",
    "3939323bc858",
    "d4d65d0d7c24",
    "e4799ae4d44a"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/albo/aws-load-balancer-rhel8-operator/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   118  100   118    0     0  20622      0 --:--:-- --:--:-- --:--:-- 23600
{
  "name": "albo/aws-load-balancer-rhel8-operator",
  "tags": [
    "95c45fae0ca9",
    "ab38b37c14f7",
    "cbb31de2108b",
    "b13db5fb28d1"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/openshift/graph-image/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    51  100    51    0     0  13253      0 --:--:-- --:--:-- --:--:-- 17000
{
  "name": "openshift/graph-image",
  "tags": [
    "latest"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/openshift-release-dev/ocp-release/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    71  100    71    0     0  12491      0 --:--:-- --:--:-- --:--:-- 14200
{
  "name": "openshift-release-dev/ocp-release",
  "tags": [
    "4.13.10-x86_64"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/openshift4/ose-kube-rbac-proxy/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   111  100   111    0     0  53468      0 --:--:-- --:--:-- --:--:-- 55500
{
  "name": "openshift4/ose-kube-rbac-proxy",
  "tags": [
    "3658954f1990",
    "e3dad360d035",
    "422e4fbe1ed8",
    "1dddb0988d16"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/redhat/redhat-operator-index/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    57  100    57    0     0  25076      0 --:--:-- --:--:-- --:--:-- 28500
{
  "name": "redhat/redhat-operator-index",
  "tags": [
    "v4.12"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/ubi8/ubi/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    38  100    38    0     0  13581      0 --:--:-- --:--:-- --:--:-- 19000
{
  "name": "ubi8/ubi",
  "tags": [
    "latest"
  ]
}

[aguidi@fedora oc-mirror]$ curl http://localhost:7000/v2/ubi9/ubi/tags/list | jq
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100    44  100    44    0     0  15094      0 --:--:-- --:--:-- --:--:-- 22000
{
  "name": "ubi9/ubi",
  "tags": [
    "20f695d2a913"
  ]
}

[openshift-ci]

@sherine-k: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. I understand the commands that are listed here.

[aguidirh]

/label acknowledge-critical-fixes-only

[lmzuccarelli]

/lgtm

[openshift-bot]

[ART PR BUILD NOTIFIER]

This PR has been included in build oc-mirror-plugin-container-v4.15.0-202311201709.p0.gd1fa811.assembly.stream for distgit oc-mirror-plugin.
All builds following this will include this PR.