Add dry-run flag to allow configuration validation

and obtain the final list of labels that'll be synced as well as tags that
are in the target repo and are not updated based on the current configuration

README.md

@@ -92,7 +92,7 @@ When syncing via a *Docker* relay, do not use the same *Docker* daemon for build
 
 ### Image Matching <sup>*&#946; feature*</sup>
 
-The `mappings` section of a task can employ *Go* regular expressions for describing what images to sync, and how to change the destination path and name of an image. Details about how this works and examples can be found in this [design document](doc/design-image-matching.md). Also keep in mind that regular expressions can be surprising at times, so it would be a good idea to try them out first in a *Go* playground. You may otherwise potentially sync large numbers of images, clogging your target registry, or running into rate limits. Feedback about this feature is encouraged! 
+The `mappings` section of a task can employ *Go* regular expressions for describing what images to sync, and how to change the destination path and name of an image. Details about how this works and examples can be found in this [design document](doc/design-image-matching.md). Also keep in mind that regular expressions can be surprising at times, so it would be a good idea to try them out first in a *Go* playground. You may otherwise potentially sync large numbers of images, clogging your target registry, or running into rate limits. Feedback about this feature is encouraged!
 
 
 ### Tag Filtering <sup>*&#946; feature*</sup>
@@ -206,6 +206,24 @@ dregsy -config={path to config file} [-run={task name regexp}]
 
 If there are any periodic sync tasks defined (see *Configuration* above), *dregsy* remains running indefinitely. Otherwise, it will return once all one-off tasks have been processed. With the `-run` argument you can filter tasks. Only those tasks for which the task name matches the given regular expression will be run. Note that the regular expression performs a line match, so you don't need to place the expression in `^...$` to get an exact match. For example, `-run=task-a` will only select `task-a`, but not `task-abc`.
 
+If `--dry-run` is used no actions will be performed on the source and target registries but authenticate and obtain the list of docker image/tags available for the configured entries to be synced to show the actual differences between configuration,source and target registries / tags.
+
+When executing the `--dry-run` flag, a set of files will be generated, 1 per task and per mapping, you can easily combine them using [`jq`](https://github.com/stedolan/jq) for example using:
+
+```bash
+jq -s '.' dregsy-*-dry-run-report.json
+```
+
+to then perform validation / filtering on a array level.
+
+Example, get all the tags available on target that migth require to be cleaned:
+
+```bash
+jq -sc '.[]|{"candidateToBeCleaned":.["tags available on target that are not synced"], "repo": .["target reference"]}' dregsy-*-dry-run-report.json
+# if you prefer a single output as array you can use
+jq -s '[.[]|{"candidateToBeCleaned":.["tags available on target that are not synced"], "repo": .["target reference"]}]' dregsy-*-dry-run-report.json
+```
+
 ### Logging
 Logging behavior can be changed with these environment variables:
 

cmd/dregsy/main.go

@@ -82,6 +82,7 @@ func main() {
 	fs := flag.NewFlagSet("dregsy", flag.ContinueOnError)
 	configFile := fs.String("config", "", "path to config file")
 	taskFilter := fs.String("run", "", "task filter regex")
+	dryRun := fs.Bool("dry-run", false, "perform a validation of the execution")
 
 	if testRound {
 		if len(testArgs) > 0 {
@@ -96,16 +97,19 @@ func main() {
 	if len(*configFile) == 0 {
 		version()
 		fmt.Println(
-			"synopsis: dregsy -config={config file} [-run {task name regex}]")
+			"synopsis: dregsy -config={config file} [-run {task name regex}] [--dry-run]")
 		exit(1)
 	}
+	if *dryRun {
+		log.Debug("It's going to be a dry run, no real sync will happen")
+	}
 
 	version()
 
 	conf, err := sync.LoadConfig(*configFile)
 	failOnError(err)
 
-	s, err := sync.New(conf)
+	s, err := sync.New(conf, *dryRun)
 	failOnError(err)
 
 	if testRound {

internal/pkg/relays/docker/dockerrelay.go

@@ -52,12 +52,13 @@ func (s *Support) Platform(p string) error {
 //
 type DockerRelay struct {
 	client *dockerClient
+	dryRun bool
 }
 
 //
-func NewDockerRelay(conf *RelayConfig, out io.Writer) (*DockerRelay, error) {
+func NewDockerRelay(conf *RelayConfig, out io.Writer, dry bool) (*DockerRelay, error) {
 
-	relay := &DockerRelay{}
+	relay := &DockerRelay{dryRun: dry}
 
 	dockerHost := client.DefaultDockerHost
 	apiVersion := "1.41"
@@ -112,7 +113,7 @@ func (r *DockerRelay) Sync(opt *relays.SyncOptions) error {
 		return fmt.Errorf("'Platform: all' sync option not supported")
 	}
 
-	var tags []string
+	var tags, trgtTags []string
 	var err error
 
 	// When no tags are specified, a simple docker pull without a tag will get
@@ -134,6 +135,44 @@ func (r *DockerRelay) Sync(opt *relays.SyncOptions) error {
 		}
 	}
 
+	// obtain the tags for the target to calculate the diff (dry-run only)
+	if r.dryRun {
+		log.Debug("[dry-run] will not pull any image/tag because dry-run is enabled")
+
+		log.Tracef("[dry-run] obtained list of tags from source: %v", tags)
+		trgtCertDir := ""
+		repo, _, _ := util.SplitRef(opt.TrgtRef)
+		log.Debugf("[dry-run] obtaining tags from %s repository, determined from reference %s", repo, opt.TrgtRef)
+		if repo != "" {
+			trgtCertDir = skopeo.CertsDirForRepo(repo)
+		}
+		trgtTags, err = skopeo.ListAllTags(
+			opt.TrgtRef, util.DecodeJSONAuth(opt.TrgtAuth),
+			trgtCertDir, opt.TrgtSkipTLSVerify)
+
+		if err != nil {
+			return fmt.Errorf("[dry-run] error expanding tags from target [%s]: %v", opt.TrgtRef, err)
+		}
+		log.Tracef("[dry-run] obtained list of tags from target [%s]: %v", opt.TrgtRef, trgtTags)
+
+		util.DumpMapAsJson(map[string]interface{}{
+			"task name":                                    opt.Task,
+			"task index":                                   opt.Index,
+			"source reference":                             opt.SrcRef,
+			"target reference":                             opt.TrgtRef,
+			"tags to sync from source":                     tags,
+			"amount of tags to be sync from source":        len(tags),
+			"tags available on target":                     trgtTags,
+			"tags available to be synced not synced yet":   util.DiffBetweenLists(tags, trgtTags),
+			"amount of tags available on target":           len(trgtTags),
+			"tags available on target that are not synced": util.DiffBetweenLists(trgtTags, tags),
+		}, fmt.Sprintf("dregsy-%s-%d-dry-run-report.json", opt.Task, opt.Index))
+
+		// stop here otherwise the amount of if/else would explode as every following action
+		// will need to be skip
+		return nil
+	}
+
 	if len(tags) == 0 {
 		if err = r.pull(opt.SrcRef, opt.Platform, opt.SrcAuth,
 			true, opt.Verbose); err != nil {
@@ -202,7 +241,8 @@ func (r *DockerRelay) pull(ref, platform, auth string, allTags, verbose bool) er
 	return r.client.pullImage(ref, allTags, platform, auth, verbose)
 }
 
-//
+// Function `list` only obtains the list of images and tags from
+// the local docker client, it does not fetch remote's images or tags
 func (r *DockerRelay) list(ref string) ([]*image, error) {
 	return r.client.listImages(ref)
 }

internal/pkg/relays/skopeo/skopeorelay.go

@@ -20,6 +20,7 @@ import (
 	"bytes"
 	"fmt"
 	"io"
+	"strings"
 
 	log "github.com/sirupsen/logrus"
 
@@ -45,13 +46,14 @@ func (s *Support) Platform(p string) error {
 
 //
 type SkopeoRelay struct {
-	wrOut io.Writer
+	wrOut  io.Writer
+	dryRun bool
 }
 
 //
-func NewSkopeoRelay(conf *RelayConfig, out io.Writer) *SkopeoRelay {
+func NewSkopeoRelay(conf *RelayConfig, out io.Writer, dry bool) *SkopeoRelay {
 
-	relay := &SkopeoRelay{}
+	relay := &SkopeoRelay{dryRun: dry}
 
 	if out != nil {
 		relay.wrOut = out
@@ -134,6 +136,45 @@ func (r *SkopeoRelay) Sync(opt *relays.SyncOptions) error {
 
 	errs := false
 
+	if r.dryRun {
+		desCertDir := ""
+		repo, _, _ := util.SplitRef(opt.TrgtRef)
+		if repo != "" {
+			desCertDir = CertsDirForRepo(repo)
+		}
+		trgtTags, err := ListAllTags(
+			opt.TrgtRef, destCreds, desCertDir, opt.TrgtSkipTLSVerify)
+
+		if err != nil {
+			// Not so sure parsing the error is the best solution but
+			// alt could be pre-check with an http request to `/v2/_catalog`
+			// and check if the repository is in the list
+			if strings.Contains(err.Error(), "registry 404 (Not Found)") {
+				log.Warnf("[dry-run] Target repository not found. setting the target list as empty list.")
+				trgtTags = []string{}
+			} else {
+				log.Errorf("[dry-run] unknon error trying to expand tags from target [%s]: %v", opt.TrgtRef, err)
+			}
+		}
+		// not yet dumping the information into a file, will do later
+		util.DumpMapAsJson(map[string]interface{}{
+			"task name":                                    opt.Task,
+			"task index":                                   opt.Index,
+			"source reference":                             opt.SrcRef,
+			"target reference":                             opt.TrgtRef,
+			"tags to sync from source":                     tags,
+			"amount of tags to be sync from source":        len(tags),
+			"tags available on target":                     trgtTags,
+			"tags available to be synced not synced yet":   util.DiffBetweenLists(tags, trgtTags),
+			"amount of tags available on target":           len(trgtTags),
+			"tags available on target that are not synced": util.DiffBetweenLists(trgtTags, tags),
+		}, fmt.Sprintf("dregsy-%s-%d-dry-run-report.json", opt.Task, opt.Index))
+
+		// stop here otherwise the amount of if/else would explode as every following action
+		// will need to be skip
+		return nil
+	}
+
 	for _, t := range tags {
 
 		log.WithFields(

internal/pkg/relays/types.go

@@ -22,6 +22,9 @@ import (
 
 //
 type SyncOptions struct {
+	//
+	Task  string
+	Index int
 	//
 	SrcRef           string
 	SrcAuth          string

internal/pkg/sync/sync.go

@@ -43,10 +43,11 @@ type Sync struct {
 	relay    Relay
 	shutdown chan bool
 	ticks    chan bool
+	dryRun   bool
 }
 
 //
-func New(conf *SyncConfig) (*Sync, error) {
+func New(conf *SyncConfig, dryRun bool) (*Sync, error) {
 
 	sync := &Sync{}
 
@@ -58,13 +59,13 @@ func New(conf *SyncConfig) (*Sync, error) {
 	case docker.RelayID:
 		if err = conf.ValidateSupport(&docker.Support{}); err == nil {
 			relay, err = docker.NewDockerRelay(
-				conf.Docker, log.StandardLogger().WriterLevel(log.DebugLevel))
+				conf.Docker, log.StandardLogger().WriterLevel(log.DebugLevel), dryRun)
 		}
 
 	case skopeo.RelayID:
 		if err = conf.ValidateSupport(&skopeo.Support{}); err == nil {
 			relay = skopeo.NewSkopeoRelay(
-				conf.Skopeo, log.StandardLogger().WriterLevel(log.DebugLevel))
+				conf.Skopeo, log.StandardLogger().WriterLevel(log.DebugLevel), dryRun)
 		}
 
 	default:
@@ -78,6 +79,7 @@ func New(conf *SyncConfig) (*Sync, error) {
 	sync.relay = relay
 	sync.shutdown = make(chan bool)
 	sync.ticks = make(chan bool, 1)
+	sync.dryRun = dryRun
 
 	return sync, nil
 }
@@ -122,19 +124,19 @@ func (s *Sync) SyncFromConfig(conf *SyncConfig, taskFilter string) error {
 		return err
 	}
 
-	// one-off tasks
+	// one-off tasks or dry-run
 	for _, t := range conf.Tasks {
-		if t.Interval == 0 && tf.Matches(t.Name) {
+		if s.dryRun || (t.Interval == 0 && tf.Matches(t.Name)) {
 			s.syncTask(t)
 		}
 	}
 
-	// periodic tasks
+	// periodic tasks when not dry-run
 	c := make(chan *Task)
 	ticking := false
 
 	for _, t := range conf.Tasks {
-		if t.Interval > 0 && tf.Matches(t.Name) {
+		if t.Interval > 0 && tf.Matches(t.Name) && !s.dryRun {
 			t.startTicking(c)
 			ticking = true
 		}
@@ -189,7 +191,7 @@ func (s *Sync) syncTask(t *Task) {
 		"target": t.Target.Registry}).Info("syncing task")
 	t.failed = false
 
-	for _, m := range t.Mappings {
+	for idx, m := range t.Mappings {
 
 		log.WithFields(log.Fields{"from": m.From, "to": m.To}).Info("mapping")
 
@@ -216,13 +218,17 @@ func (s *Sync) syncTask(t *Task) {
 			src := ref[0]
 			trgt := ref[1]
 
-			if err := t.ensureTargetExists(trgt); err != nil {
-				log.Error(err)
-				t.fail(true)
-				break
+			if !s.dryRun {
+				if err := t.ensureTargetExists(trgt); err != nil {
+					log.Error(err)
+					t.fail(true)
+					break
+				}
 			}
 
 			if err := s.relay.Sync(&relays.SyncOptions{
+				Task:              t.Name,
+				Index:             idx,
 				SrcRef:            src,
 				SrcAuth:           t.Source.GetAuth(),
 				SrcSkipTLSVerify:  t.Source.SkipTLSVerify,

internal/pkg/util/util.go

@@ -20,6 +20,7 @@ import (
 	"encoding/base64"
 	"encoding/json"
 	"fmt"
+	"io/ioutil"
 	"strings"
 
 	log "github.com/sirupsen/logrus"
@@ -98,3 +99,43 @@ func DecodeJSONAuth(authBase64 string) string {
 
 	return fmt.Sprintf("%s:%s", ret.Username, ret.Password)
 }
+
+//
+func DiffBetweenLists(a, b []string) []string {
+	mb := make(map[string]struct{}, len(b))
+	for _, x := range b {
+		mb[x] = struct{}{}
+	}
+	diff := []string{}
+	for _, x := range a {
+		if _, found := mb[x]; !found {
+			diff = append(diff, x)
+		}
+	}
+	return diff
+}
+
+//
+func DumpMapAsJson(data map[string]interface{}, location string) (success bool, err error) {
+	success = false
+	err = nil
+
+	jsonBytes, err := json.MarshalIndent(data, "", "   ")
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	log.Tracef("json object generated:\n%s", string(jsonBytes))
+	file, err := json.MarshalIndent(data, "", " ")
+	if err != nil {
+		log.Errorf("There was a problem marshalling the object %v", err)
+	}
+	err = ioutil.WriteFile(location, file, 0644)
+	if err != nil {
+		log.Errorf("There was a problem writing the object %v", err)
+	}
+
+	// fmt.Println(string(jsonBytes))
+
+	return
+}