Merge pull request containers#9115 from rhatdan/pull

Switch podman image push handlers to use abi
baude · Jan 28, 2021 · a4c255a · a4c255a
2 parents fb653c4 + 84f7bdc
commit a4c255a
Show file tree

Hide file tree

Showing 12 changed files with 89 additions and 209 deletions.
diff --git a/cmd/podman/images/push.go b/cmd/podman/images/push.go
@@ -114,7 +114,11 @@ func pushFlags(cmd *cobra.Command) {
 	if registry.IsRemote() {
 		_ = flags.MarkHidden("cert-dir")
 		_ = flags.MarkHidden("compress")
+		_ = flags.MarkHidden("digestfile")
+		_ = flags.MarkHidden("format")
 		_ = flags.MarkHidden("quiet")
+		_ = flags.MarkHidden("remove-signatures")
+		_ = flags.MarkHidden("sign-by")
 	}
 	_ = flags.MarkHidden("signature-policy")
 }

diff --git a/docs/source/markdown/podman-push.1.md b/docs/source/markdown/podman-push.1.md
@@ -91,19 +91,19 @@ solely for scripting compatibility.
 #### **--format**, **-f**=*format*
 
 Manifest Type (oci, v2s1, or v2s2) to use when pushing an image to a directory using the 'dir:' transport (default is manifest type of source)
-Note: This flag can only be set when using the **dir** transport
+Note: This flag can only be set when using the **dir** transport. (Not available for remote commands)
 
 #### **--quiet**, **-q**
 
 When writing the output image, suppress progress output
 
 #### **--remove-signatures**
 
-Discard any pre-existing signatures in the image
+Discard any pre-existing signatures in the image. (Not available for remote commands)
 
 #### **--sign-by**=*key*
 
-Add a signature at the destination using the specified key
+Add a signature at the destination using the specified key. (Not available for remote commands)
 
 #### **--tls-verify**=*true|false*
 

diff --git a/pkg/api/handlers/compat/images_push.go b/pkg/api/handlers/compat/images_push.go
@@ -3,13 +3,14 @@ package compat
 import (
 	"context"
 	"net/http"
-	"os"
 	"strings"
 
 	"github.com/containers/podman/v2/libpod"
-	"github.com/containers/podman/v2/libpod/image"
 	"github.com/containers/podman/v2/pkg/api/handlers/utils"
 	"github.com/containers/podman/v2/pkg/auth"
+	"github.com/containers/podman/v2/pkg/domain/entities"
+	"github.com/containers/podman/v2/pkg/domain/infra/abi"
+	"github.com/containers/storage"
 	"github.com/gorilla/schema"
 	"github.com/pkg/errors"
 )
@@ -18,11 +19,19 @@ import (
 func PushImage(w http.ResponseWriter, r *http.Request) {
 	decoder := r.Context().Value("decoder").(*schema.Decoder)
 	runtime := r.Context().Value("runtime").(*libpod.Runtime)
+	// Now use the ABI implementation to prevent us from having duplicate
+	// code.
+	imageEngine := abi.ImageEngine{Libpod: runtime}
 
 	query := struct {
-		Tag string `schema:"tag"`
+		All         bool   `schema:"all"`
+		Compress    bool   `schema:"compress"`
+		Destination string `schema:"destination"`
+		Tag         string `schema:"tag"`
+		TLSVerify   bool   `schema:"tlsVerify"`
 	}{
 		// This is where you can override the golang default value for one of fields
+		TLSVerify: true,
 	}
 
 	if err := decoder.Decode(&query, r.URL.Query()); err != nil {
@@ -43,39 +52,30 @@ func PushImage(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 
-	newImage, err := runtime.ImageRuntime().NewFromLocal(imageName)
-	if err != nil {
-		utils.ImageNotFound(w, imageName, errors.Wrapf(err, "failed to find image %s", imageName))
-		return
-	}
-
-	authConf, authfile, key, err := auth.GetCredentials(r)
+	authconf, authfile, key, err := auth.GetCredentials(r)
 	if err != nil {
 		utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "failed to parse %q header for %s", key, r.URL.String()))
 		return
 	}
 	defer auth.RemoveAuthfile(authfile)
-
-	dockerRegistryOptions := &image.DockerRegistryOptions{DockerRegistryCreds: authConf}
-	if sys := runtime.SystemContext(); sys != nil {
-		dockerRegistryOptions.DockerCertPath = sys.DockerCertPath
-		dockerRegistryOptions.RegistriesConfPath = sys.SystemRegistriesConfPath
+	var username, password string
+	if authconf != nil {
+		username = authconf.Username
+		password = authconf.Password
+	}
+	options := entities.ImagePushOptions{
+		All:      query.All,
+		Authfile: authfile,
+		Compress: query.Compress,
+		Username: username,
+		Password: password,
 	}
+	if err := imageEngine.Push(context.Background(), imageName, query.Destination, options); err != nil {
+		if errors.Cause(err) != storage.ErrImageUnknown {
+			utils.ImageNotFound(w, imageName, errors.Wrapf(err, "failed to find image %s", imageName))
+			return
+		}
 
-	err = newImage.PushImageToHeuristicDestination(
-		context.Background(),
-		imageName,
-		"", // manifest type
-		authfile,
-		"", // digest file
-		"", // signature policy
-		os.Stderr,
-		false, // force compression
-		image.SigningOptions{},
-		dockerRegistryOptions,
-		nil, // additional tags
-	)
-	if err != nil {
 		utils.Error(w, "Something went wrong.", http.StatusBadRequest, errors.Wrapf(err, "error pushing image %q", imageName))
 		return
 	}

diff --git a/pkg/api/handlers/libpod/manifests.go b/pkg/api/handlers/libpod/manifests.go
@@ -147,7 +147,6 @@ func ManifestPush(w http.ResponseWriter, r *http.Request) {
 	query := struct {
 		All         bool   `schema:"all"`
 		Destination string `schema:"destination"`
-		Format      string `schema:"format"`
 		TLSVerify   bool   `schema:"tlsVerify"`
 	}{
 		// Add defaults here once needed.
@@ -163,24 +162,21 @@ func ManifestPush(w http.ResponseWriter, r *http.Request) {
 	}
 
 	source := utils.GetName(r)
-	authConf, authfile, key, err := auth.GetCredentials(r)
+	authconf, authfile, key, err := auth.GetCredentials(r)
 	if err != nil {
 		utils.Error(w, "failed to retrieve repository credentials", http.StatusBadRequest, errors.Wrapf(err, "failed to parse %q header for %s", key, r.URL.String()))
 		return
 	}
 	defer auth.RemoveAuthfile(authfile)
 	var username, password string
-	if authConf != nil {
-		username = authConf.Username
-		password = authConf.Password
-
+	if authconf != nil {
+		username = authconf.Username
+		password = authconf.Password
 	}
-
 	options := entities.ImagePushOptions{
 		Authfile: authfile,
 		Username: username,
 		Password: password,
-		Format:   query.Format,
 		All:      query.All,
 	}
 	if sys := runtime.SystemContext(); sys != nil {

diff --git a/pkg/api/server/register_images.go b/pkg/api/server/register_images.go
@@ -235,6 +235,18 @@ func (s *APIServer) registerImagesHandlers(r *mux.Router) error {
 	//    name: tag
 	//    type: string
 	//    description: The tag to associate with the image on the registry.
+	//  - in: query
+	//    name: all
+	//    type: boolean
+	//    description: All indicates whether to push all images related to the image list
+	//  - in: query
+	//    name: compress
+	//    type: boolean
+	//    description: use compression on image
+	//  - in: query
+	//    name: destination
+	//    type: string
+	//    description: destination name for the image being pushed
 	//  - in: header
 	//    name: X-Registry-Auth
 	//    type: string

diff --git a/pkg/bindings/images/types.go b/pkg/bindings/images/types.go
@@ -104,37 +104,14 @@ type PushOptions struct {
 	// Authfile is the path to the authentication file. Ignored for remote
 	// calls.
 	Authfile *string
-	// CertDir is the path to certificate directories.  Ignored for remote
-	// calls.
-	CertDir *string
-	// Compress tarball image layers when pushing to a directory using the 'dir'
-	// transport. Default is same compression type as source. Ignored for remote
-	// calls.
+	// Compress tarball image layers when pushing to a directory using the 'dir' transport.
 	Compress *bool
-	// Username for authenticating against the registry.
-	Username *string
 	// Password for authenticating against the registry.
 	Password *string
-	// DigestFile, after copying the image, write the digest of the resulting
-	// image to the file.  Ignored for remote calls.
-	DigestFile *string
-	// Format is the Manifest type (oci, v2s1, or v2s2) to use when pushing an
-	// image using the 'dir' transport. Default is manifest type of source.
-	// Ignored for remote calls.
-	Format *string
-	// Quiet can be specified to suppress pull progress when pulling.  Ignored
-	// for remote calls.
-	Quiet *bool
-	// RemoveSignatures, discard any pre-existing signatures in the image.
-	// Ignored for remote calls.
-	RemoveSignatures *bool
-	// SignaturePolicy to use when pulling.  Ignored for remote calls.
-	SignaturePolicy *string
-	// SignBy adds a signature at the destination using the specified key.
-	// Ignored for remote calls.
-	SignBy *string
 	// SkipTLSVerify to skip HTTPS and certificate verification.
 	SkipTLSVerify *bool
+	// Username for authenticating against the registry.
+	Username *string
 }
 
 //go:generate go run ../generator/generator.go SearchOptions

diff --git a/pkg/bindings/images/types_push_options.go b/pkg/bindings/images/types_push_options.go
@@ -119,22 +119,6 @@ func (o *PushOptions) GetAuthfile() string {
 	return *o.Authfile
 }
 
-// WithCertDir
-func (o *PushOptions) WithCertDir(value string) *PushOptions {
-	v := &value
-	o.CertDir = v
-	return o
-}
-
-// GetCertDir
-func (o *PushOptions) GetCertDir() string {
-	var certDir string
-	if o.CertDir == nil {
-		return certDir
-	}
-	return *o.CertDir
-}
-
 // WithCompress
 func (o *PushOptions) WithCompress(value bool) *PushOptions {
 	v := &value
@@ -151,22 +135,6 @@ func (o *PushOptions) GetCompress() bool {
 	return *o.Compress
 }
 
-// WithUsername
-func (o *PushOptions) WithUsername(value string) *PushOptions {
-	v := &value
-	o.Username = v
-	return o
-}
-
-// GetUsername
-func (o *PushOptions) GetUsername() string {
-	var username string
-	if o.Username == nil {
-		return username
-	}
-	return *o.Username
-}
-
 // WithPassword
 func (o *PushOptions) WithPassword(value string) *PushOptions {
 	v := &value
@@ -183,102 +151,6 @@ func (o *PushOptions) GetPassword() string {
 	return *o.Password
 }
 
-// WithDigestFile
-func (o *PushOptions) WithDigestFile(value string) *PushOptions {
-	v := &value
-	o.DigestFile = v
-	return o
-}
-
-// GetDigestFile
-func (o *PushOptions) GetDigestFile() string {
-	var digestFile string
-	if o.DigestFile == nil {
-		return digestFile
-	}
-	return *o.DigestFile
-}
-
-// WithFormat
-func (o *PushOptions) WithFormat(value string) *PushOptions {
-	v := &value
-	o.Format = v
-	return o
-}
-
-// GetFormat
-func (o *PushOptions) GetFormat() string {
-	var format string
-	if o.Format == nil {
-		return format
-	}
-	return *o.Format
-}
-
-// WithQuiet
-func (o *PushOptions) WithQuiet(value bool) *PushOptions {
-	v := &value
-	o.Quiet = v
-	return o
-}
-
-// GetQuiet
-func (o *PushOptions) GetQuiet() bool {
-	var quiet bool
-	if o.Quiet == nil {
-		return quiet
-	}
-	return *o.Quiet
-}
-
-// WithRemoveSignatures
-func (o *PushOptions) WithRemoveSignatures(value bool) *PushOptions {
-	v := &value
-	o.RemoveSignatures = v
-	return o
-}
-
-// GetRemoveSignatures
-func (o *PushOptions) GetRemoveSignatures() bool {
-	var removeSignatures bool
-	if o.RemoveSignatures == nil {
-		return removeSignatures
-	}
-	return *o.RemoveSignatures
-}
-
-// WithSignaturePolicy
-func (o *PushOptions) WithSignaturePolicy(value string) *PushOptions {
-	v := &value
-	o.SignaturePolicy = v
-	return o
-}
-
-// GetSignaturePolicy
-func (o *PushOptions) GetSignaturePolicy() string {
-	var signaturePolicy string
-	if o.SignaturePolicy == nil {
-		return signaturePolicy
-	}
-	return *o.SignaturePolicy
-}
-
-// WithSignBy
-func (o *PushOptions) WithSignBy(value string) *PushOptions {
-	v := &value
-	o.SignBy = v
-	return o
-}
-
-// GetSignBy
-func (o *PushOptions) GetSignBy() string {
-	var signBy string
-	if o.SignBy == nil {
-		return signBy
-	}
-	return *o.SignBy
-}
-
 // WithSkipTLSVerify
 func (o *PushOptions) WithSkipTLSVerify(value bool) *PushOptions {
 	v := &value
@@ -294,3 +166,19 @@ func (o *PushOptions) GetSkipTLSVerify() bool {
 	}
 	return *o.SkipTLSVerify
 }
+
+// WithUsername
+func (o *PushOptions) WithUsername(value string) *PushOptions {
+	v := &value
+	o.Username = v
+	return o
+}
+
+// GetUsername
+func (o *PushOptions) GetUsername() string {
+	var username string
+	if o.Username == nil {
+		return username
+	}
+	return *o.Username
+}