github.com/sealerio/sealer@v0.11.1-0.20240507115618-f4f89c5853ae/pkg/imageengine/buildah/common.go (about)

     1  // Copyright © 2022 Alibaba Group Holding Ltd.
     2  //
     3  // Licensed under the Apache License, Version 2.0 (the "License");
     4  // you may not use this file except in compliance with the License.
     5  // You may obtain a copy of the License at
     6  //
     7  //     http://www.apache.org/licenses/LICENSE-2.0
     8  //
     9  // Unless required by applicable law or agreed to in writing, software
    10  // distributed under the License is distributed on an "AS IS" BASIS,
    11  // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    12  // See the License for the specific language governing permissions and
    13  // limitations under the License.
    14  
    15  package buildah
    16  
    17  import (
    18  	"context"
    19  
    20  	"github.com/sealerio/sealer/pkg/define/options"
    21  
    22  	"github.com/containers/buildah"
    23  
    24  	"os"
    25  	"time"
    26  
    27  	"github.com/containers/buildah/define"
    28  	"github.com/containers/buildah/pkg/parse"
    29  	"github.com/containers/common/pkg/umask"
    30  	is "github.com/containers/image/v5/storage"
    31  	"github.com/containers/image/v5/types"
    32  	"github.com/containers/storage"
    33  	"github.com/containers/storage/pkg/unshare"
    34  	"github.com/pkg/errors"
    35  )
    36  
    37  const (
    38  	maxPullPushRetries = 3
    39  	pullPushRetryDelay = 2 * time.Second
    40  )
    41  
    42  // TODO find a package to place these flags
    43  const (
    44  	OCIManifestDir  = "oci-dir"
    45  	OCIArchive      = "oci-archive"
    46  	V2s2ManifestDir = "docker-dir"
    47  	V2s2Archive     = "docker-archive"
    48  )
    49  
    50  func getStore(configurations *options.EngineGlobalConfigurations) (storage.Store, error) {
    51  	options, err := storage.DefaultStoreOptions(unshare.IsRootless(), unshare.GetRootlessUID())
    52  	if err != nil {
    53  		return nil, err
    54  	}
    55  
    56  	if configurations != nil {
    57  		if len(configurations.GraphRoot) > 0 {
    58  			options.GraphRoot = configurations.GraphRoot
    59  		}
    60  		if len(configurations.RunRoot) > 0 {
    61  			options.RunRoot = configurations.RunRoot
    62  		}
    63  	}
    64  
    65  	// Do not allow to mount a graphdriver that is not vfs if we are creating the userns as part
    66  	// of the mount command.
    67  	// Differently, allow the mount if we are already in a userns, as the mount point will still
    68  	// be accessible once "buildah mount" exits.
    69  	if os.Geteuid() != 0 && options.GraphDriverName != "vfs" {
    70  		return nil, errors.Errorf("cannot mount using driver %s in rootless mode. You need to run it in a `buildah unshare` session", options.GraphDriverName)
    71  	}
    72  
    73  	umask.Check()
    74  
    75  	store, err := storage.GetStore(options)
    76  	if store != nil {
    77  		is.Transport.SetStore(store)
    78  	}
    79  	return store, err
    80  }
    81  
    82  func OpenBuilder(ctx context.Context, store storage.Store, name string) (builder *buildah.Builder, err error) {
    83  	if name != "" {
    84  		builder, err = buildah.OpenBuilder(store, name)
    85  		if os.IsNotExist(errors.Cause(err)) {
    86  			options := buildah.ImportOptions{
    87  				Container: name,
    88  			}
    89  			builder, err = buildah.ImportBuilder(ctx, store, options)
    90  		}
    91  	}
    92  	if err != nil {
    93  		return nil, err
    94  	}
    95  	if builder == nil {
    96  		return nil, errors.Errorf("error finding build container")
    97  	}
    98  	return builder, nil
    99  }
   100  
   101  func openImage(ctx context.Context, sc *types.SystemContext, store storage.Store, name string) (builder *buildah.Builder, err error) {
   102  	options := buildah.ImportFromImageOptions{
   103  		Image:         name,
   104  		SystemContext: sc,
   105  	}
   106  	builder, err = buildah.ImportBuilderFromImage(ctx, store, options)
   107  	if err != nil {
   108  		return nil, err
   109  	}
   110  	if builder == nil {
   111  		return nil, errors.Errorf("error mocking up build configuration")
   112  	}
   113  	return builder, nil
   114  }
   115  
   116  // getContext returns a context.TODO
   117  func getContext() context.Context {
   118  	return context.TODO()
   119  }
   120  
   121  func getImageType(format string) (string, error) {
   122  	switch format {
   123  	case define.OCI:
   124  		return define.OCIv1ImageManifest, nil
   125  	case define.DOCKER:
   126  		return define.Dockerv2ImageManifest, nil
   127  	default:
   128  		return "", errors.Errorf("unrecognized image type %q", format)
   129  	}
   130  }
   131  
   132  func defaultIsolationOption() (define.Isolation, error) {
   133  	return parse.IsolationOption("")
   134  }
   135  
   136  func defaultNamespaceOptions() (namespaceOptions define.NamespaceOptions, networkPolicy define.NetworkConfigurationPolicy) {
   137  	options := make(define.NamespaceOptions, 0, 7)
   138  	policy := define.NetworkEnabled
   139  	options.AddOrReplace(define.NamespaceOption{
   140  		Name: "network",
   141  		Host: true,
   142  	})
   143  
   144  	return options, policy
   145  }