// prepareAppImage renders and verifies the tree cache of the app image that
// corresponds to the given app name.
// When useOverlay is false, it attempts to render and expand the app image
func prepareAppImage(cfg PrepareConfig, appName types.ACName, img types.Hash, cdir string, useOverlay bool) error {
log.Println("Loading image", img.String())
am, err := cfg.Store.GetImageManifest(img.String())
if err != nil {
return fmt.Errorf("error getting the manifest: %v", err)
}
if _, hasOS := am.Labels.Get("os"); !hasOS {
return fmt.Errorf("missing os label in the image manifest")
}
if _, hasArch := am.Labels.Get("arch"); !hasArch {
return fmt.Errorf("missing arch label in the image manifest")
}
if err := types.IsValidOSArch(am.Labels.ToMap(), ValidOSArch); err != nil {
return err
}
appInfoDir := common.AppInfoPath(cdir, appName)
if err := os.MkdirAll(appInfoDir, 0755); err != nil {
return fmt.Errorf("error creating apps info directory: %v", err)
}
if useOverlay {
if cfg.PrivateUsers.Shift > 0 {
return fmt.Errorf("cannot use both overlay and user namespace: not implemented yet. (Try --no-overlay)")
}
treeStoreID, err := cfg.Store.RenderTreeStore(img.String(), false)
if err != nil {
return fmt.Errorf("error rendering tree image: %v", err)
}
if err := cfg.Store.CheckTreeStore(treeStoreID); err != nil {
log.Printf("Warning: tree cache is in a bad state: %v. Rebuilding...", err)
var err error
if treeStoreID, err = cfg.Store.RenderTreeStore(img.String(), true); err != nil {
return fmt.Errorf("error rendering tree image: %v", err)
}
}
if err := ioutil.WriteFile(common.AppTreeStoreIDPath(cdir, appName), []byte(treeStoreID), 0700); err != nil {
return fmt.Errorf("error writing app treeStoreID: %v", err)
}
} else {
ad := common.AppPath(cdir, appName)
err := os.MkdirAll(ad, 0755)
if err != nil {
return fmt.Errorf("error creating image directory: %v", err)
}
if err := aci.RenderACIWithImageID(img, ad, cfg.Store, cfg.PrivateUsers); err != nil {
return fmt.Errorf("error rendering ACI: %v", err)
}
}
if err := writeManifest(cfg.CommonConfig, img, appInfoDir); err != nil {
return err
}
return nil
}
// fetchSingleImage will take an image as either a URL or a name string and
// import it into the store if found. If asc is not "", it must exist as a
// local file and will be used as the signature file for verification, unless
// verification is disabled.
func (f *fetcher) fetchSingleImage(img string, asc string) (string, error) {
var (
ascFile *os.File
err error
)
if asc != "" && f.ks != nil {
ascFile, err = os.Open(asc)
if err != nil {
return "", fmt.Errorf("unable to open signature file: %v", err)
}
defer ascFile.Close()
}
u, err := url.Parse(img)
if err != nil {
return "", fmt.Errorf("not a valid image reference (%s)", img)
}
// if img refers to a local file, ensure the scheme is file:// and make the url path absolute
_, err = os.Stat(u.Path)
if err == nil {
u.Path, err = filepath.Abs(u.Path)
if err != nil {
return "", fmt.Errorf("unable to get abs path: %v", err)
}
u.Scheme = "file"
} else if !os.IsNotExist(err) {
return "", fmt.Errorf("unable to access %q: %v", img, err)
}
switch u.Scheme {
case "":
// check if os and arch are valid early
if app := newDiscoveryApp(img); app != nil {
if err := types.IsValidOSArch(app.Labels, stage0.ValidOSArch); err != nil {
return "", err
}
}
return f.fetchImageByName(img, ascFile)
case "http", "https", "file", "docker":
return f.fetchImageByURL(u, ascFile)
}
return "", fmt.Errorf("rkt only supports fetching for image name and http, https, docker or file URLs (%s)", img)
}
func newAppBundle(name string) (*appBundle, error) {
app, err := discovery.NewAppFromString(name)
if err != nil {
return nil, fmt.Errorf("invalid image name %q: %v", name, err)
}
if _, ok := app.Labels["arch"]; !ok {
app.Labels["arch"] = runtime.GOARCH
}
if _, ok := app.Labels["os"]; !ok {
app.Labels["os"] = runtime.GOOS
}
if err := types.IsValidOSArch(app.Labels, stage0.ValidOSArch); err != nil {
return nil, fmt.Errorf("invalid image name %q: %v", name, err)
}
bundle := &appBundle{
App: app,
Str: name,
}
return bundle, nil
}
// prepareAppImage renders and verifies the tree cache of the app image that
// corresponds to the given app name.
// When useOverlay is false, it attempts to render and expand the app image
func prepareAppImage(cfg PrepareConfig, appName types.ACName, img types.Hash, cdir string, useOverlay bool) error {
debug("Loading image %s", img.String())
am, err := cfg.Store.GetImageManifest(img.String())
if err != nil {
return fmt.Errorf("error getting the manifest: %v", err)
}
if _, hasOS := am.Labels.Get("os"); !hasOS {
return fmt.Errorf("missing os label in the image manifest")
}
if _, hasArch := am.Labels.Get("arch"); !hasArch {
return fmt.Errorf("missing arch label in the image manifest")
}
if err := types.IsValidOSArch(am.Labels.ToMap(), ValidOSArch); err != nil {
return err
}
appInfoDir := common.AppInfoPath(cdir, appName)
if err := os.MkdirAll(appInfoDir, defaultRegularDirPerm); err != nil {
return fmt.Errorf("error creating apps info directory: %v", err)
}
if useOverlay {
if cfg.PrivateUsers.Shift > 0 {
return fmt.Errorf("cannot use both overlay and user namespace: not implemented yet. (Try --no-overlay)")
}
treeStoreID, _, err := cfg.Store.RenderTreeStore(img.String(), false)
if err != nil {
return fmt.Errorf("error rendering tree image: %v", err)
}
if !cfg.SkipTreeStoreCheck {
hash, err := cfg.Store.CheckTreeStore(treeStoreID)
if err != nil {
log.Printf("Warning: tree cache is in a bad state: %v. Rebuilding...", err)
var err error
treeStoreID, hash, err = cfg.Store.RenderTreeStore(img.String(), true)
if err != nil {
return fmt.Errorf("error rendering tree image: %v", err)
}
}
cfg.CommonConfig.RootHash = hash
}
if err := ioutil.WriteFile(common.AppTreeStoreIDPath(cdir, appName), []byte(treeStoreID), defaultRegularFilePerm); err != nil {
return fmt.Errorf("error writing app treeStoreID: %v", err)
}
} else {
ad := common.AppPath(cdir, appName)
err := os.MkdirAll(ad, defaultRegularDirPerm)
if err != nil {
return fmt.Errorf("error creating image directory: %v", err)
}
shiftedUid, shiftedGid, err := cfg.PrivateUsers.ShiftRange(uint32(os.Getuid()), uint32(os.Getgid()))
if err != nil {
return fmt.Errorf("error getting uid, gid: %v", err)
}
if err := os.Chown(ad, int(shiftedUid), int(shiftedGid)); err != nil {
return fmt.Errorf("error shifting app %q's stage2 dir: %v", appName, err)
}
if err := aci.RenderACIWithImageID(img, ad, cfg.Store, cfg.PrivateUsers); err != nil {
return fmt.Errorf("error rendering ACI: %v", err)
}
}
if err := writeManifest(*cfg.CommonConfig, img, appInfoDir); err != nil {
return err
}
return nil
}
