github.com/docker/engine@v22.0.0-20211208180946-d456264580cf+incompatible/image/tarexport/save.go (about) 1 package tarexport // import "github.com/docker/docker/image/tarexport" 2 3 import ( 4 "encoding/json" 5 "fmt" 6 "io" 7 "os" 8 "path" 9 "path/filepath" 10 "runtime" 11 "time" 12 13 "github.com/docker/distribution" 14 "github.com/docker/distribution/reference" 15 "github.com/docker/docker/image" 16 v1 "github.com/docker/docker/image/v1" 17 "github.com/docker/docker/layer" 18 "github.com/docker/docker/pkg/archive" 19 "github.com/docker/docker/pkg/system" 20 digest "github.com/opencontainers/go-digest" 21 "github.com/pkg/errors" 22 ) 23 24 type imageDescriptor struct { 25 refs []reference.NamedTagged 26 layers []string 27 image *image.Image 28 layerRef layer.Layer 29 } 30 31 type saveSession struct { 32 *tarexporter 33 outDir string 34 images map[image.ID]*imageDescriptor 35 savedLayers map[string]struct{} 36 diffIDPaths map[layer.DiffID]string // cache every diffID blob to avoid duplicates 37 } 38 39 func (l *tarexporter) Save(names []string, outStream io.Writer) error { 40 images, err := l.parseNames(names) 41 if err != nil { 42 return err 43 } 44 45 // Release all the image top layer references 46 defer l.releaseLayerReferences(images) 47 return (&saveSession{tarexporter: l, images: images}).save(outStream) 48 } 49 50 // parseNames will parse the image names to a map which contains image.ID to *imageDescriptor. 51 // Each imageDescriptor holds an image top layer reference named 'layerRef'. It is taken here, should be released later. 52 func (l *tarexporter) parseNames(names []string) (desc map[image.ID]*imageDescriptor, rErr error) { 53 imgDescr := make(map[image.ID]*imageDescriptor) 54 defer func() { 55 if rErr != nil { 56 l.releaseLayerReferences(imgDescr) 57 } 58 }() 59 60 addAssoc := func(id image.ID, ref reference.Named) error { 61 if _, ok := imgDescr[id]; !ok { 62 descr := &imageDescriptor{} 63 if err := l.takeLayerReference(id, descr); err != nil { 64 return err 65 } 66 imgDescr[id] = descr 67 } 68 69 if ref != nil { 70 if _, ok := ref.(reference.Canonical); ok { 71 return nil 72 } 73 tagged, ok := reference.TagNameOnly(ref).(reference.NamedTagged) 74 if !ok { 75 return nil 76 } 77 78 for _, t := range imgDescr[id].refs { 79 if tagged.String() == t.String() { 80 return nil 81 } 82 } 83 imgDescr[id].refs = append(imgDescr[id].refs, tagged) 84 } 85 return nil 86 } 87 88 for _, name := range names { 89 ref, err := reference.ParseAnyReference(name) 90 if err != nil { 91 return nil, err 92 } 93 namedRef, ok := ref.(reference.Named) 94 if !ok { 95 // Check if digest ID reference 96 if digested, ok := ref.(reference.Digested); ok { 97 id := image.IDFromDigest(digested.Digest()) 98 if err := addAssoc(id, nil); err != nil { 99 return nil, err 100 } 101 continue 102 } 103 return nil, errors.Errorf("invalid reference: %v", name) 104 } 105 106 if reference.FamiliarName(namedRef) == string(digest.Canonical) { 107 imgID, err := l.is.Search(name) 108 if err != nil { 109 return nil, err 110 } 111 if err := addAssoc(imgID, nil); err != nil { 112 return nil, err 113 } 114 continue 115 } 116 if reference.IsNameOnly(namedRef) { 117 assocs := l.rs.ReferencesByName(namedRef) 118 for _, assoc := range assocs { 119 if err := addAssoc(image.IDFromDigest(assoc.ID), assoc.Ref); err != nil { 120 return nil, err 121 } 122 } 123 if len(assocs) == 0 { 124 imgID, err := l.is.Search(name) 125 if err != nil { 126 return nil, err 127 } 128 if err := addAssoc(imgID, nil); err != nil { 129 return nil, err 130 } 131 } 132 continue 133 } 134 id, err := l.rs.Get(namedRef) 135 if err != nil { 136 return nil, err 137 } 138 if err := addAssoc(image.IDFromDigest(id), namedRef); err != nil { 139 return nil, err 140 } 141 142 } 143 return imgDescr, nil 144 } 145 146 // takeLayerReference will take/Get the image top layer reference 147 func (l *tarexporter) takeLayerReference(id image.ID, imgDescr *imageDescriptor) error { 148 img, err := l.is.Get(id) 149 if err != nil { 150 return err 151 } 152 imgDescr.image = img 153 topLayerID := img.RootFS.ChainID() 154 if topLayerID == "" { 155 return nil 156 } 157 os := img.OS 158 if os == "" { 159 os = runtime.GOOS 160 } 161 if !system.IsOSSupported(os) { 162 return fmt.Errorf("os %q is not supported", os) 163 } 164 layer, err := l.lss.Get(topLayerID) 165 if err != nil { 166 return err 167 } 168 imgDescr.layerRef = layer 169 return nil 170 } 171 172 // releaseLayerReferences will release all the image top layer references 173 func (l *tarexporter) releaseLayerReferences(imgDescr map[image.ID]*imageDescriptor) error { 174 for _, descr := range imgDescr { 175 if descr.layerRef != nil { 176 l.lss.Release(descr.layerRef) 177 } 178 } 179 return nil 180 } 181 182 func (s *saveSession) save(outStream io.Writer) error { 183 s.savedLayers = make(map[string]struct{}) 184 s.diffIDPaths = make(map[layer.DiffID]string) 185 186 // get image json 187 tempDir, err := os.MkdirTemp("", "docker-export-") 188 if err != nil { 189 return err 190 } 191 defer os.RemoveAll(tempDir) 192 193 s.outDir = tempDir 194 reposLegacy := make(map[string]map[string]string) 195 196 var manifest []manifestItem 197 var parentLinks []parentLink 198 199 for id, imageDescr := range s.images { 200 foreignSrcs, err := s.saveImage(id) 201 if err != nil { 202 return err 203 } 204 205 var repoTags []string 206 var layers []string 207 208 for _, ref := range imageDescr.refs { 209 familiarName := reference.FamiliarName(ref) 210 if _, ok := reposLegacy[familiarName]; !ok { 211 reposLegacy[familiarName] = make(map[string]string) 212 } 213 reposLegacy[familiarName][ref.Tag()] = imageDescr.layers[len(imageDescr.layers)-1] 214 repoTags = append(repoTags, reference.FamiliarString(ref)) 215 } 216 217 for _, l := range imageDescr.layers { 218 // IMPORTANT: We use path, not filepath here to ensure the layers 219 // in the manifest use Unix-style forward-slashes. 220 layers = append(layers, path.Join(l, legacyLayerFileName)) 221 } 222 223 manifest = append(manifest, manifestItem{ 224 Config: id.Digest().Hex() + ".json", 225 RepoTags: repoTags, 226 Layers: layers, 227 LayerSources: foreignSrcs, 228 }) 229 230 parentID, _ := s.is.GetParent(id) 231 parentLinks = append(parentLinks, parentLink{id, parentID}) 232 s.tarexporter.loggerImgEvent.LogImageEvent(id.String(), id.String(), "save") 233 } 234 235 for i, p := range validatedParentLinks(parentLinks) { 236 if p.parentID != "" { 237 manifest[i].Parent = p.parentID 238 } 239 } 240 241 if len(reposLegacy) > 0 { 242 reposFile := filepath.Join(tempDir, legacyRepositoriesFileName) 243 rf, err := os.OpenFile(reposFile, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644) 244 if err != nil { 245 return err 246 } 247 248 if err := json.NewEncoder(rf).Encode(reposLegacy); err != nil { 249 rf.Close() 250 return err 251 } 252 253 rf.Close() 254 255 if err := system.Chtimes(reposFile, time.Unix(0, 0), time.Unix(0, 0)); err != nil { 256 return err 257 } 258 } 259 260 manifestFileName := filepath.Join(tempDir, manifestFileName) 261 f, err := os.OpenFile(manifestFileName, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0644) 262 if err != nil { 263 return err 264 } 265 266 if err := json.NewEncoder(f).Encode(manifest); err != nil { 267 f.Close() 268 return err 269 } 270 271 f.Close() 272 273 if err := system.Chtimes(manifestFileName, time.Unix(0, 0), time.Unix(0, 0)); err != nil { 274 return err 275 } 276 277 fs, err := archive.Tar(tempDir, archive.Uncompressed) 278 if err != nil { 279 return err 280 } 281 defer fs.Close() 282 283 _, err = io.Copy(outStream, fs) 284 return err 285 } 286 287 func (s *saveSession) saveImage(id image.ID) (map[layer.DiffID]distribution.Descriptor, error) { 288 img := s.images[id].image 289 if len(img.RootFS.DiffIDs) == 0 { 290 return nil, fmt.Errorf("empty export - not implemented") 291 } 292 293 var parent digest.Digest 294 var layers []string 295 var foreignSrcs map[layer.DiffID]distribution.Descriptor 296 for i := range img.RootFS.DiffIDs { 297 v1Img := image.V1Image{ 298 // This is for backward compatibility used for 299 // pre v1.9 docker. 300 Created: time.Unix(0, 0), 301 } 302 if i == len(img.RootFS.DiffIDs)-1 { 303 v1Img = img.V1Image 304 } 305 rootFS := *img.RootFS 306 rootFS.DiffIDs = rootFS.DiffIDs[:i+1] 307 v1ID, err := v1.CreateID(v1Img, rootFS.ChainID(), parent) 308 if err != nil { 309 return nil, err 310 } 311 312 v1Img.ID = v1ID.Hex() 313 if parent != "" { 314 v1Img.Parent = parent.Hex() 315 } 316 317 v1Img.OS = img.OS 318 src, err := s.saveLayer(rootFS.ChainID(), v1Img, img.Created) 319 if err != nil { 320 return nil, err 321 } 322 layers = append(layers, v1Img.ID) 323 parent = v1ID 324 if src.Digest != "" { 325 if foreignSrcs == nil { 326 foreignSrcs = make(map[layer.DiffID]distribution.Descriptor) 327 } 328 foreignSrcs[img.RootFS.DiffIDs[i]] = src 329 } 330 } 331 332 configFile := filepath.Join(s.outDir, id.Digest().Hex()+".json") 333 if err := os.WriteFile(configFile, img.RawJSON(), 0644); err != nil { 334 return nil, err 335 } 336 if err := system.Chtimes(configFile, img.Created, img.Created); err != nil { 337 return nil, err 338 } 339 340 s.images[id].layers = layers 341 return foreignSrcs, nil 342 } 343 344 func (s *saveSession) saveLayer(id layer.ChainID, legacyImg image.V1Image, createdTime time.Time) (distribution.Descriptor, error) { 345 if _, exists := s.savedLayers[legacyImg.ID]; exists { 346 return distribution.Descriptor{}, nil 347 } 348 349 outDir := filepath.Join(s.outDir, legacyImg.ID) 350 if err := os.Mkdir(outDir, 0755); err != nil { 351 return distribution.Descriptor{}, err 352 } 353 354 // todo: why is this version file here? 355 if err := os.WriteFile(filepath.Join(outDir, legacyVersionFileName), []byte("1.0"), 0644); err != nil { 356 return distribution.Descriptor{}, err 357 } 358 359 imageConfig, err := json.Marshal(legacyImg) 360 if err != nil { 361 return distribution.Descriptor{}, err 362 } 363 364 if err := os.WriteFile(filepath.Join(outDir, legacyConfigFileName), imageConfig, 0644); err != nil { 365 return distribution.Descriptor{}, err 366 } 367 368 // serialize filesystem 369 layerPath := filepath.Join(outDir, legacyLayerFileName) 370 l, err := s.lss.Get(id) 371 if err != nil { 372 return distribution.Descriptor{}, err 373 } 374 defer layer.ReleaseAndLog(s.lss, l) 375 376 if oldPath, exists := s.diffIDPaths[l.DiffID()]; exists { 377 relPath, err := filepath.Rel(outDir, oldPath) 378 if err != nil { 379 return distribution.Descriptor{}, err 380 } 381 if err := os.Symlink(relPath, layerPath); err != nil { 382 return distribution.Descriptor{}, errors.Wrap(err, "error creating symlink while saving layer") 383 } 384 } else { 385 // Use system.CreateSequential rather than os.Create. This ensures sequential 386 // file access on Windows to avoid eating into MM standby list. 387 // On Linux, this equates to a regular os.Create. 388 tarFile, err := system.CreateSequential(layerPath) 389 if err != nil { 390 return distribution.Descriptor{}, err 391 } 392 defer tarFile.Close() 393 394 arch, err := l.TarStream() 395 if err != nil { 396 return distribution.Descriptor{}, err 397 } 398 defer arch.Close() 399 400 if _, err := io.Copy(tarFile, arch); err != nil { 401 return distribution.Descriptor{}, err 402 } 403 404 for _, fname := range []string{"", legacyVersionFileName, legacyConfigFileName, legacyLayerFileName} { 405 // todo: maybe save layer created timestamp? 406 if err := system.Chtimes(filepath.Join(outDir, fname), createdTime, createdTime); err != nil { 407 return distribution.Descriptor{}, err 408 } 409 } 410 411 s.diffIDPaths[l.DiffID()] = layerPath 412 } 413 s.savedLayers[legacyImg.ID] = struct{}{} 414 415 var src distribution.Descriptor 416 if fs, ok := l.(distribution.Describable); ok { 417 src = fs.Descriptor() 418 } 419 return src, nil 420 }