github.com/kaisenlinux/docker.io@v0.0.0-20230510090727-ea55db55fac7/engine/pkg/tarsum/tarsum_test.go (about) 1 package tarsum // import "github.com/docker/docker/pkg/tarsum" 2 3 import ( 4 "archive/tar" 5 "bytes" 6 "compress/gzip" 7 "crypto/md5" // #nosec G501 8 "crypto/rand" 9 "crypto/sha1" // #nosec G505 10 "crypto/sha256" 11 "crypto/sha512" 12 "encoding/hex" 13 "fmt" 14 "io" 15 "os" 16 "strings" 17 "testing" 18 19 "gotest.tools/v3/assert" 20 is "gotest.tools/v3/assert/cmp" 21 ) 22 23 type testLayer struct { 24 filename string 25 options *sizedOptions 26 jsonfile string 27 gzip bool 28 tarsum string 29 version Version 30 hash THash 31 } 32 33 var testLayers = []testLayer{ 34 { 35 filename: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar", 36 jsonfile: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json", 37 version: Version0, 38 tarsum: "tarsum+sha256:4095cc12fa5fdb1ab2760377e1cd0c4ecdd3e61b4f9b82319d96fcea6c9a41c6"}, 39 { 40 filename: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar", 41 jsonfile: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json", 42 version: VersionDev, 43 tarsum: "tarsum.dev+sha256:db56e35eec6ce65ba1588c20ba6b1ea23743b59e81fb6b7f358ccbde5580345c"}, 44 { 45 filename: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar", 46 jsonfile: "testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/json", 47 gzip: true, 48 tarsum: "tarsum+sha256:4095cc12fa5fdb1ab2760377e1cd0c4ecdd3e61b4f9b82319d96fcea6c9a41c6"}, 49 { 50 // Tests existing version of TarSum when xattrs are present 51 filename: "testdata/xattr/layer.tar", 52 jsonfile: "testdata/xattr/json", 53 version: Version0, 54 tarsum: "tarsum+sha256:07e304a8dbcb215b37649fde1a699f8aeea47e60815707f1cdf4d55d25ff6ab4"}, 55 { 56 // Tests next version of TarSum when xattrs are present 57 filename: "testdata/xattr/layer.tar", 58 jsonfile: "testdata/xattr/json", 59 version: VersionDev, 60 tarsum: "tarsum.dev+sha256:6c58917892d77b3b357b0f9ad1e28e1f4ae4de3a8006bd3beb8beda214d8fd16"}, 61 { 62 filename: "testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/layer.tar", 63 jsonfile: "testdata/511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158/json", 64 tarsum: "tarsum+sha256:c66bd5ec9f87b8f4c6135ca37684618f486a3dd1d113b138d0a177bfa39c2571"}, 65 { 66 options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory) 67 tarsum: "tarsum+sha256:75258b2c5dcd9adfe24ce71eeca5fc5019c7e669912f15703ede92b1a60cb11f"}, 68 { 69 // this tar has two files with the same path 70 filename: "testdata/collision/collision-0.tar", 71 tarsum: "tarsum+sha256:7cabb5e9128bb4a93ff867b9464d7c66a644ae51ea2e90e6ef313f3bef93f077"}, 72 { 73 // this tar has the same two files (with the same path), but reversed order. ensuring is has different hash than above 74 filename: "testdata/collision/collision-1.tar", 75 tarsum: "tarsum+sha256:805fd393cfd58900b10c5636cf9bab48b2406d9b66523122f2352620c85dc7f9"}, 76 { 77 // this tar has newer of collider-0.tar, ensuring is has different hash 78 filename: "testdata/collision/collision-2.tar", 79 tarsum: "tarsum+sha256:85d2b8389f077659d78aca898f9e632ed9161f553f144aef100648eac540147b"}, 80 { 81 // this tar has newer of collider-1.tar, ensuring is has different hash 82 filename: "testdata/collision/collision-3.tar", 83 tarsum: "tarsum+sha256:cbe4dee79fe979d69c16c2bccd032e3205716a562f4a3c1ca1cbeed7b256eb19"}, 84 { 85 options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory) 86 tarsum: "tarsum+md5:3a6cdb475d90459ac0d3280703d17be2", 87 hash: md5THash, 88 }, 89 { 90 options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory) 91 tarsum: "tarsum+sha1:14b5e0d12a0c50a4281e86e92153fa06d55d00c6", 92 hash: sha1Hash, 93 }, 94 { 95 options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory) 96 tarsum: "tarsum+sha224:dd8925b7a4c71b13f3a68a0f9428a757c76b93752c398f272a9062d5", 97 hash: sha224Hash, 98 }, 99 { 100 options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory) 101 tarsum: "tarsum+sha384:e39e82f40005134bed13fb632d1a5f2aa4675c9ddb4a136fbcec202797e68d2f635e1200dee2e3a8d7f69d54d3f2fd27", 102 hash: sha384Hash, 103 }, 104 { 105 options: &sizedOptions{1, 1024 * 1024, false, false}, // a 1mb file (in memory) 106 tarsum: "tarsum+sha512:7c56de40b2d1ed3863ff25d83b59cdc8f53e67d1c01c3ee8f201f8e4dec3107da976d0c0ec9109c962a152b32699fe329b2dab13966020e400c32878a0761a7e", 107 hash: sha512Hash, 108 }, 109 } 110 111 type sizedOptions struct { 112 num int64 113 size int64 114 isRand bool 115 realFile bool 116 } 117 118 // make a tar: 119 // * num is the number of files the tar should have 120 // * size is the bytes per file 121 // * isRand is whether the contents of the files should be a random chunk (otherwise it's all zeros) 122 // * realFile will write to a TempFile, instead of an in memory buffer 123 func sizedTar(opts sizedOptions) io.Reader { 124 var ( 125 fh io.ReadWriter 126 err error 127 ) 128 if opts.realFile { 129 fh, err = os.CreateTemp("", "tarsum") 130 if err != nil { 131 return nil 132 } 133 } else { 134 fh = bytes.NewBuffer([]byte{}) 135 } 136 tarW := tar.NewWriter(fh) 137 defer tarW.Close() 138 for i := int64(0); i < opts.num; i++ { 139 err := tarW.WriteHeader(&tar.Header{ 140 Name: fmt.Sprintf("/testdata%d", i), 141 Mode: 0755, 142 Uid: 0, 143 Gid: 0, 144 Size: opts.size, 145 Typeflag: tar.TypeReg, 146 }) 147 if err != nil { 148 return nil 149 } 150 var rBuf []byte 151 if opts.isRand { 152 rBuf = make([]byte, 8) 153 _, err = rand.Read(rBuf) 154 if err != nil { 155 return nil 156 } 157 } else { 158 rBuf = []byte{0, 0, 0, 0, 0, 0, 0, 0} 159 } 160 161 for i := int64(0); i < opts.size/int64(8); i++ { 162 tarW.Write(rBuf) 163 } 164 } 165 return fh 166 } 167 168 func emptyTarSum(gzip bool) (TarSum, error) { 169 reader, writer := io.Pipe() 170 tarWriter := tar.NewWriter(writer) 171 172 // Immediately close tarWriter and write-end of the 173 // Pipe in a separate goroutine so we don't block. 174 go func() { 175 tarWriter.Close() 176 writer.Close() 177 }() 178 179 return NewTarSum(reader, !gzip, Version0) 180 } 181 182 // Test errors on NewTarsumForLabel 183 func TestNewTarSumForLabelInvalid(t *testing.T) { 184 reader := strings.NewReader("") 185 186 if _, err := NewTarSumForLabel(reader, true, "invalidlabel"); err == nil { 187 t.Fatalf("Expected an error, got nothing.") 188 } 189 190 if _, err := NewTarSumForLabel(reader, true, "invalid+sha256"); err == nil { 191 t.Fatalf("Expected an error, got nothing.") 192 } 193 if _, err := NewTarSumForLabel(reader, true, "tarsum.v1+invalid"); err == nil { 194 t.Fatalf("Expected an error, got nothing.") 195 } 196 } 197 198 func TestNewTarSumForLabel(t *testing.T) { 199 200 layer := testLayers[0] 201 202 reader, err := os.Open(layer.filename) 203 if err != nil { 204 t.Fatal(err) 205 } 206 defer reader.Close() 207 208 label := strings.Split(layer.tarsum, ":")[0] 209 ts, err := NewTarSumForLabel(reader, false, label) 210 if err != nil { 211 t.Fatal(err) 212 } 213 214 // Make sure it actually worked by reading a little bit of it 215 nbByteToRead := 8 * 1024 216 dBuf := make([]byte, nbByteToRead) 217 _, err = ts.Read(dBuf) 218 if err != nil { 219 t.Errorf("failed to read %vKB from %s: %s", nbByteToRead, layer.filename, err) 220 } 221 } 222 223 // TestEmptyTar tests that tarsum does not fail to read an empty tar 224 // and correctly returns the hex digest of an empty hash. 225 func TestEmptyTar(t *testing.T) { 226 // Test without gzip. 227 ts, err := emptyTarSum(false) 228 assert.NilError(t, err) 229 230 zeroBlock := make([]byte, 1024) 231 buf := new(bytes.Buffer) 232 233 n, err := io.Copy(buf, ts) 234 assert.NilError(t, err) 235 236 if n != int64(len(zeroBlock)) || !bytes.Equal(buf.Bytes(), zeroBlock) { 237 t.Fatalf("tarSum did not write the correct number of zeroed bytes: %d", n) 238 } 239 240 expectedSum := ts.Version().String() + "+sha256:" + hex.EncodeToString(sha256.New().Sum(nil)) 241 resultSum := ts.Sum(nil) 242 243 if resultSum != expectedSum { 244 t.Fatalf("expected [%s] but got [%s]", expectedSum, resultSum) 245 } 246 247 // Test with gzip. 248 ts, err = emptyTarSum(true) 249 assert.NilError(t, err) 250 buf.Reset() 251 252 _, err = io.Copy(buf, ts) 253 assert.NilError(t, err) 254 255 bufgz := new(bytes.Buffer) 256 gz := gzip.NewWriter(bufgz) 257 n, err = io.Copy(gz, bytes.NewBuffer(zeroBlock)) 258 assert.NilError(t, err) 259 gz.Close() 260 gzBytes := bufgz.Bytes() 261 262 if n != int64(len(zeroBlock)) || !bytes.Equal(buf.Bytes(), gzBytes) { 263 t.Fatalf("tarSum did not write the correct number of gzipped-zeroed bytes: %d", n) 264 } 265 266 resultSum = ts.Sum(nil) 267 268 if resultSum != expectedSum { 269 t.Fatalf("expected [%s] but got [%s]", expectedSum, resultSum) 270 } 271 272 // Test without ever actually writing anything. 273 if ts, err = NewTarSum(bytes.NewReader([]byte{}), true, Version0); err != nil { 274 t.Fatal(err) 275 } 276 277 resultSum = ts.Sum(nil) 278 assert.Check(t, is.Equal(expectedSum, resultSum)) 279 } 280 281 var ( 282 md5THash = NewTHash("md5", md5.New) 283 sha1Hash = NewTHash("sha1", sha1.New) 284 sha224Hash = NewTHash("sha224", sha256.New224) 285 sha384Hash = NewTHash("sha384", sha512.New384) 286 sha512Hash = NewTHash("sha512", sha512.New) 287 ) 288 289 // Test all the build-in read size : buf8K, buf16K, buf32K and more 290 func TestTarSumsReadSize(t *testing.T) { 291 // Test always on the same layer (that is big enough) 292 layer := testLayers[0] 293 294 for i := 0; i < 5; i++ { 295 296 reader, err := os.Open(layer.filename) 297 if err != nil { 298 t.Fatal(err) 299 } 300 defer reader.Close() 301 302 ts, err := NewTarSum(reader, false, layer.version) 303 if err != nil { 304 t.Fatal(err) 305 } 306 307 // Read and discard bytes so that it populates sums 308 nbByteToRead := (i + 1) * 8 * 1024 309 dBuf := make([]byte, nbByteToRead) 310 _, err = ts.Read(dBuf) 311 if err != nil { 312 t.Errorf("failed to read %vKB from %s: %s", nbByteToRead, layer.filename, err) 313 continue 314 } 315 } 316 } 317 318 func TestTarSums(t *testing.T) { 319 for _, layer := range testLayers { 320 var ( 321 fh io.Reader 322 err error 323 ) 324 if len(layer.filename) > 0 { 325 fh, err = os.Open(layer.filename) 326 if err != nil { 327 t.Errorf("failed to open %s: %s", layer.filename, err) 328 continue 329 } 330 } else if layer.options != nil { 331 fh = sizedTar(*layer.options) 332 } else { 333 // What else is there to test? 334 t.Errorf("what to do with %#v", layer) 335 continue 336 } 337 if file, ok := fh.(*os.File); ok { 338 defer file.Close() 339 } 340 341 var ts TarSum 342 if layer.hash == nil { 343 // double negatives! 344 ts, err = NewTarSum(fh, !layer.gzip, layer.version) 345 } else { 346 ts, err = NewTarSumHash(fh, !layer.gzip, layer.version, layer.hash) 347 } 348 if err != nil { 349 t.Errorf("%q :: %q", err, layer.filename) 350 continue 351 } 352 353 // Read variable number of bytes to test dynamic buffer 354 dBuf := make([]byte, 1) 355 _, err = ts.Read(dBuf) 356 if err != nil { 357 t.Errorf("failed to read 1B from %s: %s", layer.filename, err) 358 continue 359 } 360 dBuf = make([]byte, 16*1024) 361 _, err = ts.Read(dBuf) 362 if err != nil { 363 t.Errorf("failed to read 16KB from %s: %s", layer.filename, err) 364 continue 365 } 366 367 // Read and discard remaining bytes 368 _, err = io.Copy(io.Discard, ts) 369 if err != nil { 370 t.Errorf("failed to copy from %s: %s", layer.filename, err) 371 continue 372 } 373 var gotSum string 374 if len(layer.jsonfile) > 0 { 375 jfh, err := os.Open(layer.jsonfile) 376 if err != nil { 377 t.Errorf("failed to open %s: %s", layer.jsonfile, err) 378 continue 379 } 380 defer jfh.Close() 381 382 buf, err := io.ReadAll(jfh) 383 if err != nil { 384 t.Errorf("failed to readAll %s: %s", layer.jsonfile, err) 385 continue 386 } 387 gotSum = ts.Sum(buf) 388 } else { 389 gotSum = ts.Sum(nil) 390 } 391 392 if layer.tarsum != gotSum { 393 t.Errorf("expecting [%s], but got [%s]", layer.tarsum, gotSum) 394 } 395 var expectedHashName string 396 if layer.hash != nil { 397 expectedHashName = layer.hash.Name() 398 } else { 399 expectedHashName = DefaultTHash.Name() 400 } 401 if expectedHashName != ts.Hash().Name() { 402 t.Errorf("expecting hash [%v], but got [%s]", expectedHashName, ts.Hash().Name()) 403 } 404 } 405 } 406 407 func TestIteration(t *testing.T) { 408 headerTests := []struct { 409 expectedSum string // TODO(vbatts) it would be nice to get individual sums of each 410 version Version 411 hdr *tar.Header 412 data []byte 413 }{ 414 { 415 "tarsum+sha256:626c4a2e9a467d65c33ae81f7f3dedd4de8ccaee72af73223c4bc4718cbc7bbd", 416 Version0, 417 &tar.Header{ 418 Name: "file.txt", 419 Size: 0, 420 Typeflag: tar.TypeReg, 421 Devminor: 0, 422 Devmajor: 0, 423 }, 424 []byte(""), 425 }, 426 { 427 "tarsum.dev+sha256:6ffd43a1573a9913325b4918e124ee982a99c0f3cba90fc032a65f5e20bdd465", 428 VersionDev, 429 &tar.Header{ 430 Name: "file.txt", 431 Size: 0, 432 Typeflag: tar.TypeReg, 433 Devminor: 0, 434 Devmajor: 0, 435 }, 436 []byte(""), 437 }, 438 { 439 "tarsum.dev+sha256:862964db95e0fa7e42836ae4caab3576ab1df8d275720a45bdd01a5a3730cc63", 440 VersionDev, 441 &tar.Header{ 442 Name: "another.txt", 443 Uid: 1000, 444 Gid: 1000, 445 Uname: "slartibartfast", 446 Gname: "users", 447 Size: 4, 448 Typeflag: tar.TypeReg, 449 Devminor: 0, 450 Devmajor: 0, 451 }, 452 []byte("test"), 453 }, 454 { 455 "tarsum.dev+sha256:4b1ba03544b49d96a32bacc77f8113220bd2f6a77e7e6d1e7b33cd87117d88e7", 456 VersionDev, 457 &tar.Header{ 458 Name: "xattrs.txt", 459 Uid: 1000, 460 Gid: 1000, 461 Uname: "slartibartfast", 462 Gname: "users", 463 Size: 4, 464 Typeflag: tar.TypeReg, 465 Xattrs: map[string]string{ 466 "user.key1": "value1", 467 "user.key2": "value2", 468 }, 469 }, 470 []byte("test"), 471 }, 472 { 473 "tarsum.dev+sha256:410b602c898bd4e82e800050f89848fc2cf20fd52aa59c1ce29df76b878b84a6", 474 VersionDev, 475 &tar.Header{ 476 Name: "xattrs.txt", 477 Uid: 1000, 478 Gid: 1000, 479 Uname: "slartibartfast", 480 Gname: "users", 481 Size: 4, 482 Typeflag: tar.TypeReg, 483 Xattrs: map[string]string{ 484 "user.KEY1": "value1", // adding different case to ensure different sum 485 "user.key2": "value2", 486 }, 487 }, 488 []byte("test"), 489 }, 490 { 491 "tarsum+sha256:b1f97eab73abd7593c245e51070f9fbdb1824c6b00a0b7a3d7f0015cd05e9e86", 492 Version0, 493 &tar.Header{ 494 Name: "xattrs.txt", 495 Uid: 1000, 496 Gid: 1000, 497 Uname: "slartibartfast", 498 Gname: "users", 499 Size: 4, 500 Typeflag: tar.TypeReg, 501 Xattrs: map[string]string{ 502 "user.NOT": "CALCULATED", 503 }, 504 }, 505 []byte("test"), 506 }, 507 } 508 for _, htest := range headerTests { 509 s, err := renderSumForHeader(htest.version, htest.hdr, htest.data) 510 if err != nil { 511 t.Fatal(err) 512 } 513 514 if s != htest.expectedSum { 515 t.Errorf("expected sum: %q, got: %q", htest.expectedSum, s) 516 } 517 } 518 519 } 520 521 func renderSumForHeader(v Version, h *tar.Header, data []byte) (string, error) { 522 buf := bytes.NewBuffer(nil) 523 // first build our test tar 524 tw := tar.NewWriter(buf) 525 if err := tw.WriteHeader(h); err != nil { 526 return "", err 527 } 528 if _, err := tw.Write(data); err != nil { 529 return "", err 530 } 531 tw.Close() 532 533 ts, err := NewTarSum(buf, true, v) 534 if err != nil { 535 return "", err 536 } 537 tr := tar.NewReader(ts) 538 for { 539 hdr, err := tr.Next() 540 if hdr == nil || err == io.EOF { 541 // Signals the end of the archive. 542 break 543 } 544 if err != nil { 545 return "", err 546 } 547 if _, err = io.Copy(io.Discard, tr); err != nil { 548 return "", err 549 } 550 } 551 return ts.Sum(nil), nil 552 } 553 554 func Benchmark9kTar(b *testing.B) { 555 buf := bytes.NewBuffer([]byte{}) 556 fh, err := os.Open("testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar") 557 if err != nil { 558 b.Error(err) 559 return 560 } 561 defer fh.Close() 562 563 n, err := io.Copy(buf, fh) 564 if err != nil { 565 b.Error(err) 566 return 567 } 568 569 reader := bytes.NewReader(buf.Bytes()) 570 571 b.SetBytes(n) 572 b.ResetTimer() 573 for i := 0; i < b.N; i++ { 574 reader.Seek(0, 0) 575 ts, err := NewTarSum(reader, true, Version0) 576 if err != nil { 577 b.Error(err) 578 return 579 } 580 io.Copy(io.Discard, ts) 581 ts.Sum(nil) 582 } 583 } 584 585 func Benchmark9kTarGzip(b *testing.B) { 586 buf := bytes.NewBuffer([]byte{}) 587 fh, err := os.Open("testdata/46af0962ab5afeb5ce6740d4d91652e69206fc991fd5328c1a94d364ad00e457/layer.tar") 588 if err != nil { 589 b.Error(err) 590 return 591 } 592 defer fh.Close() 593 594 n, err := io.Copy(buf, fh) 595 if err != nil { 596 b.Error(err) 597 return 598 } 599 600 reader := bytes.NewReader(buf.Bytes()) 601 602 b.SetBytes(n) 603 b.ResetTimer() 604 for i := 0; i < b.N; i++ { 605 reader.Seek(0, 0) 606 ts, err := NewTarSum(reader, false, Version0) 607 if err != nil { 608 b.Error(err) 609 return 610 } 611 io.Copy(io.Discard, ts) 612 ts.Sum(nil) 613 } 614 } 615 616 // this is a single big file in the tar archive 617 func Benchmark1mbSingleFileTar(b *testing.B) { 618 benchmarkTar(b, sizedOptions{1, 1024 * 1024, true, true}, false) 619 } 620 621 // this is a single big file in the tar archive 622 func Benchmark1mbSingleFileTarGzip(b *testing.B) { 623 benchmarkTar(b, sizedOptions{1, 1024 * 1024, true, true}, true) 624 } 625 626 // this is 1024 1k files in the tar archive 627 func Benchmark1kFilesTar(b *testing.B) { 628 benchmarkTar(b, sizedOptions{1024, 1024, true, true}, false) 629 } 630 631 // this is 1024 1k files in the tar archive 632 func Benchmark1kFilesTarGzip(b *testing.B) { 633 benchmarkTar(b, sizedOptions{1024, 1024, true, true}, true) 634 } 635 636 func benchmarkTar(b *testing.B, opts sizedOptions, isGzip bool) { 637 var fh *os.File 638 tarReader := sizedTar(opts) 639 if br, ok := tarReader.(*os.File); ok { 640 fh = br 641 } 642 defer os.Remove(fh.Name()) 643 defer fh.Close() 644 645 b.SetBytes(opts.size * opts.num) 646 b.ResetTimer() 647 for i := 0; i < b.N; i++ { 648 ts, err := NewTarSum(fh, !isGzip, Version0) 649 if err != nil { 650 b.Error(err) 651 return 652 } 653 io.Copy(io.Discard, ts) 654 ts.Sum(nil) 655 fh.Seek(0, 0) 656 } 657 }