kairos/luet
1
0
Fork 0
mirror of https://github.com/mudler/luet.git synced 2025-09-10 11:39:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

Support priv/unpriv image extraction

Browse Source 
Optionally add back privileged extraction which can be enabled with
LUET_PRIVILEGED_EXTRACT=true

Signed-off-by: Ettore Di Giacinto <mudler@sabayon.org>
This commit is contained in:
Ettore Di Giacinto
2021-06-16 23:29:23 +02:00
parent 8780e4f16f
commit 92e18d5782
663 changed files with 157764 additions and 203 deletions
Download Patch File Download Diff File Expand all files Collapse all files

81
vendor/github.com/moby/buildkit/util/contentutil/copy.go generated vendored Normal file
View File

@@ -0,0 +1,81 @@
package contentutil
import (
"context"
"io"
"sync"
"github.com/containerd/containerd/content"
"github.com/containerd/containerd/images"
"github.com/containerd/containerd/remotes"
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
)
func Copy(ctx context.Context, ingester content.Ingester, provider content.Provider, desc ocispec.Descriptor) error {
if _, err := remotes.FetchHandler(ingester, &localFetcher{provider})(ctx, desc); err != nil {
return err
}
return nil
}
type localFetcher struct {
content.Provider
}
func (f *localFetcher) Fetch(ctx context.Context, desc ocispec.Descriptor) (io.ReadCloser, error) {
r, err := f.Provider.ReaderAt(ctx, desc)
if err != nil {
return nil, err
}
return &rc{ReaderAt: r}, nil
}
type rc struct {
content.ReaderAt
offset int
}
func (r *rc) Read(b []byte) (int, error) {
n, err := r.ReadAt(b, int64(r.offset))
r.offset += n
if n > 0 && err == io.EOF {
err = nil
}
return n, err
}
func CopyChain(ctx context.Context, ingester content.Ingester, provider content.Provider, desc ocispec.Descriptor) error {
var m sync.Mutex
manifestStack := []ocispec.Descriptor{}
filterHandler := images.HandlerFunc(func(ctx context.Context, desc ocispec.Descriptor) ([]ocispec.Descriptor, error) {
switch desc.MediaType {
case images.MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest,
images.MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex:
m.Lock()
manifestStack = append(manifestStack, desc)
m.Unlock()
return nil, images.ErrStopHandler
default:
return nil, nil
}
})
handlers := []images.Handler{
images.ChildrenHandler(provider),
filterHandler,
remotes.FetchHandler(ingester, &localFetcher{provider}),
}
if err := images.Dispatch(ctx, images.Handlers(handlers...), nil, desc); err != nil {
return errors.WithStack(err)
}
for i := len(manifestStack) - 1; i >= 0; i-- {
if err := Copy(ctx, ingester, provider, manifestStack[i]); err != nil {
return errors.WithStack(err)
}
}
return nil
}