containers
/
automation-tests
mirror of https://github.com/containers/automation-tests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

libimage: pull: platform checks for non-local platform 

After containers/podman/issues/10682, we decided to always re-pull
images of non-local platforms and match *any* local image. Over time, we
refined this logic to not *always* pull the image but only if there is a
*newer* one. This has slightly changed the semantics and requires to
perform platform checks when looking up a local image. Otherwise, bogus
values would match a local image and mistakenly return it.

Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
This commit is contained in:
Valentin Rothberg 2022-01-12 10:04:51 +01:00
parent 9f39bbbece
commit 8ba7e55c56
2 changed files with 20 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
common/libimage/pull.go
View File

@ -4,6 +4,7 @@ import (
"context"
"fmt"
"io"
"runtime"
"strings"
"time"
@ -446,12 +447,18 @@ func (r *Runtime) copySingleImageFromRegistry(ctx context.Context, imageName str
// If there's already a local image "localhost/foo", then we should
// attempt pulling that instead of doing the full short-name dance.
//
// NOTE: we must ignore the platform of a local image when doing
// lookups here, even if arch/os/variant is set. Some images set an
// incorrect or even invalid platform (see containers/podman/issues/10682).
// Doing the lookup while ignoring the platform checks prevents
// redundantly downloading the same image.
localImage, resolvedImageName, err = r.LookupImage(imageName, nil)
// NOTE that we only do platform checks if the specified values differ
// from the local platform. Unfortunately, there are many images used
// in the wild which don't set the correct value(s) in the config
// causing various issues such as containers/podman/issues/10682.
lookupImageOptions := &LookupImageOptions{Variant: options.Variant}
if options.Architecture != runtime.GOARCH {
lookupImageOptions.Architecture = options.Architecture
}
if options.OS != runtime.GOOS {
lookupImageOptions.OS = options.OS
}
localImage, resolvedImageName, err = r.LookupImage(imageName, lookupImageOptions)
if err != nil && errors.Cause(err) != storage.ErrImageUnknown {
logrus.Errorf("Looking up %s in local storage: %v", imageName, err)
}

7
common/libimage/pull_test.go
View File

@ -94,6 +94,13 @@ func TestPullPlatforms(t *testing.T) {
require.NoError(t, err, "pull busybox")
require.Len(t, pulledImages, 1)
// Repulling with a bogus architecture should yield an error and not
// choose the local image.
pullOptions.Architecture = "bogus"
_, err = runtime.Pull(ctx, withTag, config.PullPolicyNewer, pullOptions)
require.Error(t, err, "pulling with a bogus architecture must fail even if there is a local image of another architecture")
require.Contains(t, err.Error(), "no image found in manifest list for architecture bogus")
image, _, err := runtime.LookupImage(withTag, nil)
require.NoError(t, err, "lookup busybox")
require.NotNil(t, image, "lookup busybox")