include image reference as source in every tar file header

Signed-off-by: Avi Deitcher <avi@deitcher.net>

test/cases/000_build/001_tarheaders/tarheaders.py

@@ -0,0 +1,31 @@
+import tarfile
+import sys
+
+def list_pax_headers(archive_path):
+    # Open the tar archive
+    try:
+        with tarfile.open(archive_path, 'r') as tar:
+            # Iterate over each member in the tar archive
+            for member in tar.getmembers():
+                # ignore the root directory, which just exists
+                if member.name == '.':
+                    continue
+                # Check if there are any PAX headers
+                if member.pax_headers:
+                    # Check for the specific PAX header
+                    if 'LINUXKIT.source' not in member.pax_headers:
+                        print(f"File: {member.name} is missing LINUXKIT.source PAX Header.")
+                    if 'LINUXKIT.location' not in member.pax_headers:
+                        print(f"File: {member.name} is missing LINUXKIT.source PAX Header.")
+                else:
+                    print(f"File: {member.name} has No PAX Headers.")
+    except Exception as e:
+        print("Failed to read tar archive:", e)
+        sys.exit(1)
+
+if __name__ == "__main__":
+    if len(sys.argv) != 2:
+        print("Usage: python list_pax_headers.py <archive.tar>")
+        sys.exit(1)
+    archive_filename = sys.argv[1]
+    list_pax_headers(archive_filename)

test/cases/000_build/001_tarheaders/test.sh

@@ -0,0 +1,38 @@
+#!/bin/sh
+# SUMMARY: Check that tar output format build contains proper headers for each file
+# LABELS:
+
+set -e
+
+# Source libraries. Uncomment if needed/defined
+#. "${RT_LIB}"
+. "${RT_PROJECT_ROOT}/_lib/lib.sh"
+
+NAME=tarheaders
+
+clean_up() {
+	rm -f ${NAME}*
+}
+
+trap clean_up EXIT
+
+# do not include the sbom, because the SBoM unique IDs per file/package are *not* deterministic,
+# (currently based upon syft), and thus will make the file non-reproducible
+linuxkit build --no-sbom --format tar --name "${NAME}" ./test.yml
+
+# Check that the tarball contains the expected headers
+# see that python is installed
+PYTHON=
+if which python ; then PYTHON=python ; elif which python3; then PYTHON=python3 ; else
+echo "Failed to find any executable python or python3"
+exit 1
+fi
+FAILED=$(python ./tarheaders.py "${NAME}.tar")
+
+if [ -n "${FAILED}" ]; then
+	echo "Failed to find linuxkit.packagesource headers for the following files:"
+	echo "${FAILED}"
+	exit 1
+fi
+
+exit 0

test/cases/000_build/001_tarheaders/test.yml

@@ -0,0 +1,46 @@
+# NOTE: Images build from this file likely do not run
+kernel:
+  image: linuxkit/kernel:6.6.13
+  cmdline: "console=ttyS0"
+init:
+  - linuxkit/init:45a1ad5919f0b6acf0f0cf730e9434abfae11fe6
+  - linuxkit/runc:6062483d748609d505f2bcde4e52ee64a3329f5f
+  - linuxkit/containerd:e7a92d9f3282039eac5fb1b07cac2b8664cbf0ad
+
+onboot:
+  - name: dhcpcd
+    image: linuxkit/dhcpcd:e9e3580f2de00e73e7b316a007186d22fea056ee
+    command: ["/sbin/dhcpcd", "--nobackground", "-f", "/dhcpcd.conf", "-1"]
+    # Add some random unsorted caps
+    capabilities:
+      - CAP_SETGID
+      - CAP_DAC_OVERRIDE
+
+services:
+  - name: testservice
+    image: linuxkit/ip:bb250017b05de5e16ac436b1eb19a39c87b5a252
+    # Some environments
+    env:
+      - BENV=true
+      - ARANDOMENV=foobar
+    # Some mounts
+    mounts:
+      - type: cgroup
+        options: ["rw","nosuid","noexec","nodev","relatime"]
+      - type: overlay
+        source: overlay
+        destination: writeable-host-etc
+        options: ["rw", "lowerdir=/etc", "upperdir=/run/hostetc/upper", "workdir=/run/hostetc/work"]
+    # Some binds
+    binds:
+      - /var/run:/var/run
+      - /foobar:/foobar
+      - /etc/foobar:/etc/foobar
+      - /etc/aaa:/etc/aaa
+    # And some runtime settings
+    runtime:
+      mkdir: ["/var/lib/docker","/var/lib/aaa"]
+
+files:
+  - path: etc/linuxkit-config
+    metadata: yaml