layer

package
v0.6.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 15, 2025 License: Apache-2.0 Imports: 36 Imported by: 19

README

umoci/oci/layer

This is my own implementation of the currently under development oci-create-layer functions. The reason for implementing this myself is that we use mtree specifications which are not the same method that oci-create-layer uses. While the two implementations could be combined (since this implementation is more general), in order to speed things up I just decided to implement it myself.

This also implements oci-create-runtime-bundle, since it's under layer management. The real difference is that we've split up the API (and based it on CAS) so we have more control when generating the bundle.

I'm hoping that this will be merged upstream, but since it's just a whiteout tar archive generator there isn't a huge requirement that this is kept up to date. Though, it should be noted that the whiteout format may change in the future.

Documentation

Overview

Package layer implements the creation and extraction of OCI specification layers. At the moment, only plain tar extractions into a single directory (with mtree manifests for diff generation) and overlayfs-style extractions are supported.

Index

Constants

View Source 
const RootfsName = "rootfs"

RootfsName is the name of the rootfs directory inside the bundle path when generated.

Variables

This section is empty.

Functions

func CleanPath 

func CleanPath(path string) string

CleanPath makes a path safe for use with filepath.Join. This is done by not only cleaning the path, but also (if the path is relative) adding a leading '/' and cleaning it (then removing the leading '/'). This ensures that a path resulting from prepending another path will always resolve to lexically be a subdirectory of the prefixed path. This is all done lexically, so paths that include symlinks won't be safe as a result of using CleanPath.

This function comes from runC (libcontainer/utils/utils.go).

func GenerateInsertLayer added in v0.4.1 

func GenerateInsertLayer(root, target string, opaque bool, opt *RepackOptions) io.ReadCloser

GenerateInsertLayer generates a completely new layer from root to be inserted into the image at target. If root is an empty string then the target will be removed via a whiteout. If opaque is true then the target directory will also have an opaque whiteout applied (clearing any files inside the directory), followed by the contents of the root.

func GenerateLayer 

func GenerateLayer(path string, deltas []mtree.InodeDelta, opt *RepackOptions) (io.ReadCloser, error)

GenerateLayer creates a new OCI diff layer based on the mtree diff provided. All of the mtree.Modified and mtree.Extra blobs are read relative to the provided path (which should be the rootfs of the layer that was diffed). The returned reader is for the *raw* tar data, it is the caller's responsibility to gzip it.

func UnpackLayer 

func UnpackLayer(root string, layer io.Reader, opt *UnpackOptions) error

UnpackLayer unpacks the tar stream representing an OCI layer at the given root. It ensures that the state of the root is as close as possible to the state used to create the layer. If an error is returned, the state of root is undefined (unpacking is not guaranteed to be atomic).

func UnpackManifest 

func UnpackManifest(ctx context.Context, engine cas.Engine, bundle string, manifest ispec.Manifest, opt *UnpackOptions) (Err error)

UnpackManifest extracts all of the layers in the given manifest, as well as generating a runtime bundle and configuration. The rootfs is extracted to <bundle>/<layer.RootfsName>.

FIXME: This interface is ugly.

func UnpackRootfs added in v0.4.1 

func UnpackRootfs(ctx context.Context, engine cas.Engine, rootfsPath string, manifest ispec.Manifest, opt *UnpackOptions) (Err error)

UnpackRootfs extracts all of the layers in the given manifest. Some verification is done during image extraction.

func UnpackRuntimeJSON added in v0.2.0 

func UnpackRuntimeJSON(ctx context.Context, engine cas.Engine, configFile io.Writer, rootfs string, manifest ispec.Manifest, opt *MapOptions) (Err error)

UnpackRuntimeJSON converts a given manifest's configuration to a runtime configuration and writes it to the given writer. If rootfs is specified, it is sourced during the configuration generation (for conversion of Config.User and other similar jobs -- which will error out if the user could not be parsed). If rootfs is not specified (is an empty string) then all conversions that require sourcing the rootfs will be set to their default values.

XXX: I don't like this API. It has way too many arguments.

Types

type AfterLayerUnpackCallback added in v0.4.6 

type AfterLayerUnpackCallback func(manifest ispec.Manifest, desc ispec.Descriptor) error

AfterLayerUnpackCallback is called after each layer is unpacked.

type DirRootfs added in v0.5.0 

type DirRootfs struct {
	// MapOptions represent the userns mappings that should be applied ot this
	// rootfs.
	MapOptions MapOptions
}

DirRootfs is the default OnDiskFormat used by umoci, and is designed to be used to extract a filesystem into a single directory on a regular unix filesystem. In order to generate a new diff layer, it is necessary to use mtree manifests to track changes.

func (DirRootfs) Map added in v0.5.0 

func (fs DirRootfs) Map() MapOptions

Map returns the format-agnostic information about userns mapping.

type MapOptions 

type MapOptions struct {
	// UIDMappings and GIDMappings are the UID and GID mappings to apply when
	// packing and unpacking image rootfs layers.
	UIDMappings []rspec.LinuxIDMapping `json:"uid_mappings"`
	GIDMappings []rspec.LinuxIDMapping `json:"gid_mappings"`

	// Rootless specifies whether any to error out if chown fails.
	Rootless bool `json:"rootless"`
}

MapOptions specifies the UID and GID mappings used when unpacking and repacking images, and whether the mapping is being done as a rootless user.

type OnDiskFormat added in v0.5.0 

type OnDiskFormat interface {

	// Map returns the format-agnostic information about userns mapping.
	Map() MapOptions
	// contains filtered or unexported methods
}

OnDiskFormat represents the on-disk file format that is used when extracting and assumed when repacking a rootfs.

DirRootfs is the default format used by umoci, and is designed to be used to extract a filesystem into a single directory on a regular unix filesystem. In order to generate a new diff layer, it is necessary to use mtree manifests to track changes.

OverlayfsRootfs is an alternative format that is intended to be used with overlayfs to avoid the need for mtree manifests. This means that layers are intended to be extracted into separate directories and merged together with overlayfs, which also means that OCI whiteouts are converted to and from overlayfs's format.

NOTE: At the moment OverlayfsRootfs cannot be used with the command-line version of umoci nor the top-level umoci helpers, and most of the umoci API still includes dependencies on mtree manifests (but you can pass a nil manifest if using OverlayfsRootfs).

type OverlayfsRootfs added in v0.5.0 

type OverlayfsRootfs struct {
	// MapOptions represent the userns mappings that should be applied ot this
	// rootfs.
	MapOptions MapOptions

	// UserXattr indicates whether this overlayfs rootfs is going to be mounted
	// using the "userxattr" mount option for overlayfs. If set, then rather
	// than using the "trusted.overlay.*" xattr namespace (the default),
	// "user.overlay.*" will be used instead.
	UserXattr bool
}

OverlayfsRootfs is an alternative OnDiskFormat to the default DirRootfs format that is intended to be used with overlayfs to avoid the need for mtree manifests. This means that layers are intended to be extracted into separate directories and merged together with overlayfs, which also means that OCI whiteouts are converted to and from overlayfs's format.

NOTE: At the moment OverlayfsRootfs cannot be used with the command-line version of umoci nor the top-level umoci helpers, and most of the umoci API still includes dependencies on mtree manifests (but you can pass a nil manifest if using OverlayfsRootfs).

func (OverlayfsRootfs) Map added in v0.5.0 

func (fs OverlayfsRootfs) Map() MapOptions

Map returns the format-agnostic information about userns mapping.

type RepackOptions added in v0.4.7 

type RepackOptions struct {
	// OnDiskFormat is what on-disk format the rootfs we are generating a layer
	// from uses. [OverlayfsRootfs] will cause overlayfs format whiteouts to be
	// converted to OCI whiteouts in the layer.
	OnDiskFormat OnDiskFormat

	// SourceDateEpoch, if set, specifies the timestamp to use for clamping
	// layer content timestamps. If not set, layer content timestamps are
	// preserved as-is.
	SourceDateEpoch *time.Time
}

RepackOptions describes the behavior of the various GenerateLayer operations.

func (RepackOptions) MapOptions added in v0.4.7 

func (opt RepackOptions) MapOptions() MapOptions

MapOptions is shorthand for opt.OnDiskFormat.MapOptions(), except if OnDiskFormat is nil then it will return the default MapOptions.

type TarExtractor added in v0.4.2 

type TarExtractor struct {
	// contains filtered or unexported fields
}

TarExtractor represents a tar file to be extracted.

func NewTarExtractor added in v0.4.2 

func NewTarExtractor(opt *UnpackOptions) *TarExtractor

NewTarExtractor creates a new TarExtractor.

func (*TarExtractor) UnpackEntry added in v0.4.2 

func (te *TarExtractor) UnpackEntry(root string, hdr *tar.Header, r io.Reader) (Err error)

UnpackEntry extracts the given tar.Header to the provided root, ensuring that the layer state is consistent with the layer state that produced the tar archive being iterated over. This does handle whiteouts, so a tar.Header that represents a whiteout will result in the path being removed.

type UnpackOptions added in v0.4.7 

type UnpackOptions struct {
	// OnDiskFormat is what extraction format is used when writing to the
	// filesystem. [OverlayfsRootfs] will cause whiteouts to be represented as
	// whiteout inodes in the overlayfs format.
	OnDiskFormat OnDiskFormat

	// KeepDirlinks is essentially the same as rsync's --keep-dirlinks option.
	// If, on extraction, a directory would be created where a symlink to a
	// directory previously existed, KeepDirlinks doesn't create that
	// directory, but instead just uses the existing symlink.
	KeepDirlinks bool

	// AfterLayerUnpack is a function that's called after every layer is
	// unpacked.
	AfterLayerUnpack AfterLayerUnpackCallback

	// StartFrom is the descriptor in the manifest to start unpacking from.
	StartFrom ispec.Descriptor
}

UnpackOptions describes the behavior of the various unpack operations.

func (UnpackOptions) MapOptions added in v0.4.7 

func (opt UnpackOptions) MapOptions() MapOptions

MapOptions is shorthand for opt.OnDiskFormat.MapOptions(), except if OnDiskFormat is nil then it will return the default MapOptions.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.