Skip to content

Commit

Permalink
Make buildah push support pushing manifests lists and digests
Browse files Browse the repository at this point in the history
Currently manifests just look like images in container storage.
It is surprising to the user when they go to push the images
that they end up failing, and have to use the buildah manifest push.

This patch causes buildah push to failover to buildah manifest push
if the image is a manifest.

Signed-off-by: Daniel J Walsh <[email protected]>
  • Loading branch information
rhatdan committed Jan 7, 2021
1 parent f01ddd6 commit 88ec9f9
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 16 deletions.
19 changes: 10 additions & 9 deletions cmd/buildah/manifest.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,8 @@ import (
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/transports"
"github.com/containers/image/v5/transports/alltransports"
"github.com/containers/image/v5/types"
"github.com/containers/storage"
digest "github.com/opencontainers/go-digest"
imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
Expand All @@ -39,10 +41,6 @@ type manifestAnnotateOpts = struct {
features, osFeatures, annotations []string
}
type manifestInspectOpts = struct{}
type manifestPushOpts = struct {
purge, quiet, all, tlsVerify, removeSignatures bool
authfile, certDir, creds, digestfile, format, signaturePolicy, signBy string
}

func init() {
var (
Expand All @@ -58,7 +56,7 @@ func init() {
manifestRemoveOpts manifestRemoveOpts
manifestAnnotateOpts manifestAnnotateOpts
manifestInspectOpts manifestInspectOpts
manifestPushOpts manifestPushOpts
manifestPushOpts pushOptions
)
manifestCommand := &cobra.Command{
Use: "manifest",
Expand Down Expand Up @@ -188,7 +186,7 @@ func init() {
}
manifestPushCommand.SetUsageTemplate(UsageTemplate())
flags = manifestPushCommand.Flags()
flags.BoolVar(&manifestPushOpts.purge, "purge", false, "remove the manifest list if push succeeds")
flags.BoolVar(&manifestPushOpts.rm, "rm", false, "remove the manifest list if push succeeds")
flags.BoolVar(&manifestPushOpts.all, "all", false, "also push the images in the list")
flags.StringVar(&manifestPushOpts.authfile, "authfile", auth.GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
flags.StringVar(&manifestPushOpts.certDir, "cert-dir", "", "use certificates at the specified path to access the registry")
Expand Down Expand Up @@ -630,7 +628,7 @@ func manifestInspectCmd(c *cobra.Command, args []string, opts manifestInspectOpt
return nil
}

func manifestPushCmd(c *cobra.Command, args []string, opts manifestPushOpts) error {
func manifestPushCmd(c *cobra.Command, args []string, opts pushOptions) error {
if err := auth.CheckAuthFile(opts.authfile); err != nil {
return err
}
Expand Down Expand Up @@ -659,12 +657,15 @@ func manifestPushCmd(c *cobra.Command, args []string, opts manifestPushOpts) err
if err != nil {
return err
}

systemContext, err := parse.SystemContextFromOptions(c)
if err != nil {
return errors.Wrapf(err, "error building system context")
}

return manifestPush(systemContext, store, listImageSpec, destSpec, opts)
}

func manifestPush(systemContext *types.SystemContext, store storage.Store, listImageSpec, destSpec string, opts pushOptions) error {
_, listImage, err := util.FindImage(store, "", systemContext, listImageSpec)
if err != nil {
return err
Expand Down Expand Up @@ -712,7 +713,7 @@ func manifestPushCmd(c *cobra.Command, args []string, opts manifestPushOpts) err

_, digest, err := list.Push(ctx, dest, options)

if err == nil && opts.purge {
if err == nil && opts.rm {
_, err = store.DeleteImage(listImage.ID, true)
}

Expand Down
11 changes: 11 additions & 0 deletions cmd/buildah/push.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,20 +15,23 @@ import (
"github.com/containers/image/v5/manifest"
"github.com/containers/image/v5/transports"
"github.com/containers/image/v5/transports/alltransports"
"github.com/containers/storage"
imgspecv1 "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
"github.com/spf13/cobra"
)

type pushOptions struct {
all bool
authfile string
blobCache string
certDir string
creds string
digestfile string
disableCompression bool
format string
rm bool
quiet bool
removeSignatures bool
signaturePolicy string
Expand Down Expand Up @@ -68,6 +71,7 @@ func init() {

flags := pushCommand.Flags()
flags.SetInterspersed(false)
flags.BoolVar(&opts.all, "all", false, "push all of the images referenced by the manifest list")
flags.StringVar(&opts.authfile, "authfile", auth.GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override")
flags.StringVar(&opts.blobCache, "blob-cache", "", "assume image blobs in the specified directory will be available for pushing")
flags.StringVar(&opts.certDir, "cert-dir", "", "use certificates at the specified path to access the registry")
Expand All @@ -76,6 +80,7 @@ func init() {
flags.BoolVarP(&opts.disableCompression, "disable-compression", "D", false, "don't compress layers")
flags.StringVarP(&opts.format, "format", "f", "", "manifest type (oci, v2s1, or v2s2) to use when saving image using the 'dir:' transport (default is manifest type of source)")
flags.BoolVarP(&opts.quiet, "quiet", "q", false, "don't output progress information when pushing images")
flags.BoolVar(&opts.rm, "rm", false, "remove the manifest list if push succeeds")
flags.BoolVarP(&opts.removeSignatures, "remove-signatures", "", false, "don't copy signatures when pushing image")
flags.StringVar(&opts.signBy, "sign-by", "", "sign the image using a GPG key with the specified `FINGERPRINT`")
flags.StringVar(&opts.signaturePolicy, "signature-policy", "", "`pathname` of signature policy file (not usually used)")
Expand Down Expand Up @@ -195,6 +200,12 @@ func pushCmd(c *cobra.Command, args []string, iopts pushOptions) error {

ref, digest, err := buildah.Push(getContext(), src, dest, options)
if err != nil {
if errors.Cause(err) != storage.ErrImageUnknown {
// Image might be a manifest so attempt a manifest push
if manifestsErr := manifestPush(systemContext, store, src, destSpec, iopts); manifestsErr == nil {
return nil
}
}
return util.GetFailureCause(err, errors.Wrapf(err, "error pushing image %q to %q", src, destSpec))
}
if ref != nil {
Expand Down
4 changes: 3 additions & 1 deletion contrib/completions/bash/buildah
Original file line number Diff line number Diff line change
Expand Up @@ -632,12 +632,14 @@ return 1

_buildah_push() {
local boolean_options="
--all
--help
-h
--disable-compression
-D
--quiet
-q
--rm
--tls-verify
--remove-signatures
"
Expand Down Expand Up @@ -868,7 +870,7 @@ return 1
--digestfile
--format
-f
--purge
--rm
--sign-by
"

Expand Down
8 changes: 4 additions & 4 deletions docs/buildah-manifest-push.md
Original file line number Diff line number Diff line change
Expand Up @@ -47,10 +47,6 @@ After copying the image, write the digest of the resulting image to the file.

Manifest list type (oci or v2s2) to use when pushing the list (default is oci).

**--purge**

Delete the manifest list or image index from local storage if pushing succeeds.

**--quiet**, **-q**

Don't output progress information when pushing lists.
Expand All @@ -59,6 +55,10 @@ Don't output progress information when pushing lists.

Don't copy signatures when pushing images.

**--rm**

Delete the manifest list or image index from local storage if pushing succeeds.

**--sign-by** *fingerprint*

Sign the pushed images using the GPG key that matches the specified fingerprint.
Expand Down
13 changes: 11 additions & 2 deletions docs/buildah-push.md
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
# buildah-push "1" "June 2017" "buildah"

## NAME
buildah\-push - Push an image from local storage to elsewhere.
buildah\-push - Push an image, manifest list or image index from local storage to elsewhere.

## SYNOPSIS
**buildah push** [*options*] *image* [*destination*]
Expand Down Expand Up @@ -42,6 +42,11 @@ If the transport part of DESTINATION is omitted, "docker://" is assumed.

## OPTIONS

**--all**

If specified image is a manifest list or image index, push the images in addition to
the list or index itself.

**--authfile** *path*

Path of the authentication file. Default is ${XDG\_RUNTIME\_DIR}/containers/auth.json, which is set using `buildah login`.
Expand Down Expand Up @@ -86,6 +91,10 @@ When writing the output image, suppress progress output.

Don't copy signatures when pushing images.

**--rm**

When pushing a the manifest list or image index, delete them from local storage if pushing succeeds.

**--sign-by** *fingerprint*

Sign the pushed image using the GPG key that matches the specified fingerprint.
Expand Down Expand Up @@ -164,4 +173,4 @@ registries.conf is the configuration file which specifies which container regist
Signature policy file. This defines the trust policy for container images. Controls which container registries can be used for image, and whether or not the tool should trust the images.

## SEE ALSO
buildah(1), buildah-login(1), containers-policy.json(5), docker-login(1), containers-registries.conf(5)
buildah(1), buildah-login(1), containers-policy.json(5), docker-login(1), containers-registries.conf(5), buildah-manifest(1)
2 changes: 2 additions & 0 deletions pkg/cli/common.go
Original file line number Diff line number Diff line change
Expand Up @@ -400,6 +400,8 @@ func AliasFlags(f *pflag.FlagSet, name string) pflag.NormalizedName {
name = "arch"
case "override-os":
name = "os"
case "purge":
name = "rm"
}
return pflag.NormalizedName(name)
}

0 comments on commit 88ec9f9

Please sign in to comment.