Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

podman save --format oci-archive: loses image ID #7371

Closed
edsantiago opened this issue Aug 19, 2020 · 5 comments
Closed

podman save --format oci-archive: loses image ID #7371

edsantiago opened this issue Aug 19, 2020 · 5 comments
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.

Comments

@edsantiago
Copy link
Member

This may not be a bug, but I think it is, because podman save without --format oci-archive preserves image ID.

$ cat >oci-check.sh <<EOF
#!/bin/bash

image=${1?Usage: $0 FQIN}

OCI_FORMAT="--format oci-archive"

./bin/podman rm  -a >/dev/null
./bin/podman rmi -a >/dev/null
./bin/podman pull -q "$image" >/dev/null
./bin/podman images --noheading
rm -f /tmp/foo.tar
./bin/podman save $OCI_FORMAT -o /tmp/foo.tar "$image"
./bin/podman rmi -a >/dev/null
./bin/podman load -q -i /tmp/foo.tar   >/dev/null
./bin/podman images --noheading
EOF
$ chmod 755 ./oci-check.sh

!! basically just "podman pull", "podman save", and "podman load". Note differing image IDs.
$ for i in docker.io/library/busybox docker.io/library/alpine:latest quay.io/libpod/alpine_labels:latest;do ./oci-check.sh $i;echo;done
docker.io/library/busybox  latest  018c9d7b792b  3 weeks ago  1.45 MB
docker.io/library/busybox  latest  c71b90eb5b17  3 weeks ago  1.44 MB

docker.io/library/alpine  latest  a24bb4013296  2 months ago  5.85 MB
docker.io/library/alpine  latest  0f5f445df8cc  2 months ago  5.85 MB

quay.io/libpod/alpine_labels  latest  4fab981df737  21 months ago  4.69 MB
quay.io/libpod/alpine_labels  latest  dd8b0a90b986  21 months ago  4.68 MB

Commenting out OCI_FORMAT= makes all the IIDs agree.

master @ 7e2a1b3
@edsantiago edsantiago mentioned this issue Aug 19, 2020
Merged
@mheon mheon added the kind/bug Categorizes issue or PR as related to a bug. label Aug 19, 2020
@vrothberg
Copy link
Member

@mtrmac, do you think it's a bug or feature request/enhancement?

@mtrmac
Copy link
Collaborator

mtrmac commented Sep 8, 2020

In general, neither. The change ultimately happens in https://github.com/containers/image/blob/1c313b2d23e039a81a64bbced1b2b427d60429e1/image/docker_schema2.go#L78 , and as the comment says, the conversion from v2s2 to OCI is lossy (IIRC OCI does not have health checks).

So, workflows that convert from v2s2 to OCI should be prepared for the config digest == image ID changing. (If the missing fields are the only difference between the formats, we could check that nothing of substance has changed when doing the conversion, and in that case use the original raw bytes to preserve the ID. I don’t think that’s desirable: it’s extra code to preserve an illusion of a property that does not hold in general.)

@rhatdan
Copy link
Member

rhatdan commented Sep 8, 2020

@edsantiago Does this answer your question?

@edsantiago
Copy link
Member Author

Yes, it does. Thanks @mtrmac.

@vrothberg
Copy link
Member

I entirely oversaw the conversion, thanks for clarifying @mtrmac!

edsantiago added a commit to edsantiago/libpod that referenced this issue Sep 10, 2020
@edsantiago
system tests: cleanup
1cb7bdc 
- run tests: better "skip" message for docker-archive test;
  remove FIXME, document that podman-remote doesn't support it

- run tests: instrument the --conmon-pidfile test in hopes
  of tracking down flake containers#7580: cross-check pidfile against
  output of 'podman inspect', and add some debug messages
  that will only be seen on test failure.

- load tests: the pipe test: save and load a temporary tag,
  not $IMAGE. Primary reason is because of containers#7371, in which
  'podman load' assigns a new image ID (instead of preserving
  the saved one). This messes with our image management, and
  it turns out to be nonfixable.

Signed-off-by: Ed Santiago <[email protected]>
@edsantiago edsantiago mentioned this issue Sep 10, 2020
Merged
@github-actions github-actions bot added the locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments. label Sep 22, 2023
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 22, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
kind/bug Categorizes issue or PR as related to a bug. locked - please file new issue/PR Assist humans wanting to comment on an old issue or PR with locked comments.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@edsantiago @rhatdan @mtrmac @mheon @vrothberg