Skip to content

Commit

Permalink
feat: add support for erofs layers
Browse files Browse the repository at this point in the history
atomfs has added support for additional filesystem types such as erofs.

Signed-off-by: Ramkumar Chinchani <[email protected]>
  • Loading branch information
rchincha committed Nov 18, 2024
1 parent ad9a694 commit ea8d893
Show file tree
Hide file tree
Showing 12 changed files with 59 additions and 41 deletions.
10 changes: 5 additions & 5 deletions cmd/stacker/build.go
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import (
"fmt"

cli "github.com/urfave/cli/v2"
"machinerun.io/atomfs/squashfs"
"machinerun.io/atomfs/pkg/verity"
"stackerbuild.io/stacker/pkg/stacker"
"stackerbuild.io/stacker/pkg/types"
)
Expand Down Expand Up @@ -52,12 +52,12 @@ func initCommonBuildFlags() []cli.Flag {
},
&cli.StringSliceFlag{
Name: "layer-type",
Usage: "set the output layer type (supported values: tar, squashfs); can be supplied multiple times",
Usage: "set the output layer type (supported values: tar, squashfs, erofs); can be supplied multiple times",
Value: cli.NewStringSlice("tar"),
},
&cli.BoolFlag{
Name: "no-squashfs-verity",
Usage: "do not append dm-verity data to squashfs archives",
Name: "no-verity",
Usage: "do not append dm-verity data to fs archives",
},
&cli.BoolFlag{
Name: "require-hash",
Expand Down Expand Up @@ -103,7 +103,7 @@ func newBuildArgs(ctx *cli.Context) (stacker.BuildArgs, error) {
AnnotationsNamespace: ctx.String("annotations-namespace"),
}
var err error
verity := squashfs.VerityMetadata(!ctx.Bool("no-squashfs-verity"))
verity := verity.VerityMetadata(!ctx.Bool("no-verity"))

Check warning on line 106 in cmd/stacker/build.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/build.go#L106

Added line #L106 was not covered by tests
args.LayerTypes, err = types.NewLayerTypes(ctx.StringSlice("layer-type"), verity)
return args, err
}
Expand Down
2 changes: 1 addition & 1 deletion cmd/stacker/inspect.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ import (
"github.com/opencontainers/umoci/oci/casext"
"github.com/pkg/errors"
cli "github.com/urfave/cli/v2"
stackeroci "machinerun.io/atomfs/oci"
stackeroci "machinerun.io/atomfs/pkg/oci"
)

var inspectCmd = cli.Command{
Expand Down
10 changes: 5 additions & 5 deletions cmd/stacker/internal_go.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
"github.com/pkg/errors"
cli "github.com/urfave/cli/v2"
"golang.org/x/sys/unix"
"machinerun.io/atomfs"
"machinerun.io/atomfs/pkg/molecule"
"stackerbuild.io/stacker/pkg/lib"
"stackerbuild.io/stacker/pkg/log"
"stackerbuild.io/stacker/pkg/overlay"
Expand Down Expand Up @@ -182,15 +182,15 @@ func doAtomfsMount(ctx *cli.Context) error {
return errors.WithStack(err)
}

opts := atomfs.MountOCIOpts{
opts := molecule.MountOCIOpts{

Check warning on line 185 in cmd/stacker/internal_go.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/internal_go.go#L185

Added line #L185 was not covered by tests
OCIDir: config.OCIDir,
MetadataPath: path.Join(wd, "atomfs-metadata"),
MetadataDir: path.Join(wd, "atomfs-metadata"),

Check warning on line 187 in cmd/stacker/internal_go.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/internal_go.go#L187

Added line #L187 was not covered by tests
Tag: tag,
Target: mountpoint,
AllowMissingVerityData: true,
}

mol, err := atomfs.BuildMoleculeFromOCI(opts)
mol, err := molecule.BuildMoleculeFromOCI(opts)

Check warning on line 193 in cmd/stacker/internal_go.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/internal_go.go#L193

Added line #L193 was not covered by tests
if err != nil {
return err
}
Expand All @@ -206,5 +206,5 @@ func doAtomfsUmount(ctx *cli.Context) error {
}

mountpoint := ctx.Args().Get(0)
return atomfs.Umount(mountpoint)
return molecule.Umount(mountpoint)

Check warning on line 209 in cmd/stacker/internal_go.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/internal_go.go#L209

Added line #L209 was not covered by tests
}
6 changes: 3 additions & 3 deletions cmd/stacker/publish.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ package main
import (
"github.com/pkg/errors"
cli "github.com/urfave/cli/v2"
"machinerun.io/atomfs/squashfs"
"machinerun.io/atomfs/pkg/verity"
"stackerbuild.io/stacker/pkg/lib"
"stackerbuild.io/stacker/pkg/stacker"
"stackerbuild.io/stacker/pkg/types"
Expand Down Expand Up @@ -69,7 +69,7 @@ var publishCmd = cli.Command{
},
&cli.StringSliceFlag{
Name: "layer-type",
Usage: "set the output layer type (supported values: tar, squashfs); can be supplied multiple times",
Usage: "set the output layer type (supported values: tar, squashfs, erofs); can be supplied multiple times",
Value: cli.NewStringSlice("tar"),
},
&cli.StringSliceFlag{
Expand Down Expand Up @@ -108,7 +108,7 @@ func beforePublish(ctx *cli.Context) error {
}

func doPublish(ctx *cli.Context) error {
verity := squashfs.VerityMetadata(!ctx.Bool("no-squashfs-verity"))
verity := verity.VerityMetadata(!ctx.Bool("no-verity"))

Check warning on line 111 in cmd/stacker/publish.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/publish.go#L111

Added line #L111 was not covered by tests
layerTypes, err := types.NewLayerTypes(ctx.StringSlice("layer-type"), verity)
if err != nil {
return err
Expand Down
2 changes: 2 additions & 0 deletions cmd/stacker/validate.go
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,8 @@ func validateLayerTypeFlags(ctx *cli.Context) error {
break
case "squashfs":
break
case "erofs":
break

Check warning on line 54 in cmd/stacker/validate.go

View check run for this annotation

Codecov / codecov/patch

cmd/stacker/validate.go#L53-L54

Added lines #L53 - L54 were not covered by tests
default:
return errors.Errorf("unknown layer type: %s", layerType)
}
Expand Down
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -289,5 +289,6 @@ require (

replace (
github.com/opencontainers/umoci => github.com/project-stacker/umoci v0.0.0-20240906174318-e9397ba4ced0
machinerun.io/atomfs => github.com/rchincha/atomfs v0.0.0-20241116230626-640dbd304980
stackerbuild.io/stacker-bom => github.com/project-stacker/stacker-bom v0.0.0-20240509203427-4d685e046780
)
4 changes: 2 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -818,6 +818,8 @@ github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+Gx
github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA=
github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo=
github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo=
github.com/rchincha/atomfs v0.0.0-20241116230626-640dbd304980 h1:Bn62cwX4SrmuodHMd3HXAOB/D20tNkdo6BcNHh9se2E=
github.com/rchincha/atomfs v0.0.0-20241116230626-640dbd304980/go.mod h1:cidyEmsNeeo+9f7OiHl/nA+8KS7Vj5XOslR87VkIebM=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
Expand Down Expand Up @@ -1592,8 +1594,6 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
machinerun.io/atomfs v1.1.1 h1:EprTiYMzAlKL+3S7woe9DsCJGwO2dkHTlvmjlVNO8pY=
machinerun.io/atomfs v1.1.1/go.mod h1:cidyEmsNeeo+9f7OiHl/nA+8KS7Vj5XOslR87VkIebM=
modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw=
modernc.org/libc v1.37.6/go.mod h1:YAXkAZ8ktnkCKaN9sw/UDeUVkGYJ/YquGO4FTi5nmHE=
modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
Expand Down
5 changes: 3 additions & 2 deletions pkg/lib/image_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@ import (
"github.com/opencontainers/umoci/mutate"
"github.com/opencontainers/umoci/oci/casext"
"github.com/stretchr/testify/assert"
"machinerun.io/atomfs/squashfs"
"machinerun.io/atomfs/pkg/squashfs"
"machinerun.io/atomfs/pkg/verity"
)

func createImage(dir string, tag string) error {
Expand Down Expand Up @@ -48,7 +49,7 @@ func createImage(dir string, tag string) error {

// need *something* in the layer, why not just recursively include the
// OCI image for maximum confusion :)
layer, mediaType, _, err := squashfs.MakeSquashfs(dir, path.Join(dir, "oci"), nil, squashfs.VerityMetadataMissing)
layer, mediaType, _, err := squashfs.MakeSquashfs(dir, path.Join(dir, "oci"), nil, verity.VerityMetadataMissing)
if err != nil {
return err
}
Expand Down
2 changes: 1 addition & 1 deletion pkg/overlay/metadata.go
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ import (
ispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/opencontainers/umoci/oci/casext"
"github.com/pkg/errors"
stackeroci "machinerun.io/atomfs/oci"
stackeroci "machinerun.io/atomfs/pkg/oci"
"stackerbuild.io/stacker/pkg/log"
"stackerbuild.io/stacker/pkg/types"
)
Expand Down
17 changes: 10 additions & 7 deletions pkg/overlay/pack.go
Original file line number Diff line number Diff line change
Expand Up @@ -22,8 +22,9 @@ import (
"github.com/opencontainers/umoci/oci/layer"
"github.com/pkg/errors"
"github.com/pkg/xattr"
stackeroci "machinerun.io/atomfs/oci"
"machinerun.io/atomfs/squashfs"
stackerfs "machinerun.io/atomfs/pkg/fs"
stackeroci "machinerun.io/atomfs/pkg/oci"
"machinerun.io/atomfs/pkg/verity"
"stackerbuild.io/stacker/pkg/lib"
"stackerbuild.io/stacker/pkg/log"
"stackerbuild.io/stacker/pkg/storage"
Expand Down Expand Up @@ -280,7 +281,8 @@ func generateBlob(layerType types.LayerType, contents string, ociDir string, low
blob = layer.GenerateInsertLayer(contents, "/", false, &packOptions)
mediaType = ispec.MediaTypeImageLayer
} else {
blob, mediaType, rootHash, err = squashfs.MakeSquashfs(ociDir, contents, nil, layerType.Verity)
fsi := stackerfs.New(stackerfs.FilesystemType(layerType.Type))
blob, mediaType, rootHash, err = fsi.Make(ociDir, contents, nil, layerType.Verity)

Check warning on line 285 in pkg/overlay/pack.go

View check run for this annotation

Codecov / codecov/patch

pkg/overlay/pack.go#L284-L285

Added lines #L284 - L285 were not covered by tests
if err != nil {
return nil, "", "", err
}
Expand All @@ -303,7 +305,7 @@ func ociPutBlob(blob io.ReadCloser, config types.StackerConfig, layerMediaType s

annotations := map[string]string{}
if rootHash != "" {
annotations[squashfs.VerityRootHashAnnotation] = rootHash
annotations[verity.VerityRootHashAnnotation] = rootHash

Check warning on line 308 in pkg/overlay/pack.go

View check run for this annotation

Codecov / codecov/patch

pkg/overlay/pack.go#L308

Added line #L308 was not covered by tests
}

desc := ispec.Descriptor{
Expand Down Expand Up @@ -443,7 +445,7 @@ func generateLayer(config types.StackerConfig, _ casext.Engine, mutators []*muta
} else {
annotations := map[string]string{}
if rootHash != "" {
annotations[squashfs.VerityRootHashAnnotation] = rootHash
annotations[verity.VerityRootHashAnnotation] = rootHash

Check warning on line 448 in pkg/overlay/pack.go

View check run for this annotation

Codecov / codecov/patch

pkg/overlay/pack.go#L448

Added line #L448 was not covered by tests
}
desc, err = mutator.Add(context.Background(), mediaType, blob, history, mutate.NoopCompressor, annotations)
if err != nil {
Expand Down Expand Up @@ -693,10 +695,11 @@ func unpackOne(l ispec.Descriptor, ociDir string, extractDir string) error {
return nil
}

if squashfs.IsSquashfsMediaType(l.MediaType) {
return squashfs.ExtractSingleSquash(
if fsi := stackerfs.NewFromMediaType(l.MediaType); fsi != nil {
return fsi.ExtractSingle(

Check warning on line 699 in pkg/overlay/pack.go

View check run for this annotation

Codecov / codecov/patch

pkg/overlay/pack.go#L698-L699

Added lines #L698 - L699 were not covered by tests
path.Join(ociDir, "blobs", "sha256", l.Digest.Encoded()), extractDir)
}

switch l.MediaType {
case ispec.MediaTypeImageLayer, ispec.MediaTypeImageLayerGzip:
tarEx.Lock()
Expand Down
37 changes: 24 additions & 13 deletions pkg/types/layer_type.go
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,16 @@ import (

ispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"machinerun.io/atomfs/squashfs"
"machinerun.io/atomfs/pkg/erofs"
"machinerun.io/atomfs/pkg/squashfs"
"machinerun.io/atomfs/pkg/verity"
)

var ErrEmptyLayers = errors.New("empty layers")

type LayerType struct {
Type string
Verity squashfs.VerityMetadata
Verity verity.VerityMetadata
}

func (lt LayerType) String() string {
Expand Down Expand Up @@ -44,15 +46,17 @@ func (lt *LayerType) UnmarshalText(text []byte) error {
return errors.Wrapf(err, "bad verity bool: %s", fields[1])
}

lt.Verity = squashfs.VerityMetadata(result)
lt.Verity = verity.VerityMetadata(result)

Check warning on line 49 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L49

Added line #L49 was not covered by tests

return nil
}

func NewLayerType(lt string, verity squashfs.VerityMetadata) (LayerType, error) {
func NewLayerType(lt string, verity verity.VerityMetadata) (LayerType, error) {

Check warning on line 54 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L54

Added line #L54 was not covered by tests
switch lt {
case "squashfs":
return LayerType{Type: lt, Verity: verity}, nil
case "erofs":
return LayerType{Type: lt, Verity: verity}, nil

Check warning on line 59 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L58-L59

Added lines #L58 - L59 were not covered by tests
case "tar":
return LayerType{Type: lt}, nil
default:
Expand All @@ -62,31 +66,38 @@ func NewLayerType(lt string, verity squashfs.VerityMetadata) (LayerType, error)

func NewLayerTypeManifest(manifest ispec.Manifest) (LayerType, error) {
if len(manifest.Layers) == 0 {
return NewLayerType("tar", squashfs.VerityMetadataMissing)
return NewLayerType("tar", verity.VerityMetadataMissing)

Check warning on line 69 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L69

Added line #L69 was not covered by tests
}

switch manifest.Layers[0].MediaType {
case squashfs.BaseMediaTypeLayerSquashfs:
// older stackers generated media types without compression information
fallthrough
case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, squashfs.VerityMetadataMissing):
case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, verity.VerityMetadataMissing):
fallthrough
case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, verity.VerityMetadataMissing):
return NewLayerType("squashfs", verity.VerityMetadataMissing)
case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, verity.VerityMetadataPresent):

Check warning on line 80 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L76-L80

Added lines #L76 - L80 were not covered by tests
fallthrough
case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, squashfs.VerityMetadataMissing):
return NewLayerType("squashfs", squashfs.VerityMetadataMissing)
case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, squashfs.VerityMetadataPresent):
case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, verity.VerityMetadataPresent):
return NewLayerType("squashfs", verity.VerityMetadataPresent)
case erofs.BaseMediaTypeLayerErofs:
// older stackers generated media types without compression information

Check warning on line 85 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L82-L85

Added lines #L82 - L85 were not covered by tests
fallthrough
case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, squashfs.VerityMetadataPresent):
return NewLayerType("squashfs", squashfs.VerityMetadataPresent)
case erofs.GenerateErofsMediaType(erofs.LZ4HCCompression, verity.VerityMetadataMissing):
return NewLayerType("erofs", verity.VerityMetadataMissing)
case erofs.GenerateErofsMediaType(erofs.LZ4HCCompression, verity.VerityMetadataPresent):
return NewLayerType("erofs", verity.VerityMetadataPresent)

Check warning on line 90 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L87-L90

Added lines #L87 - L90 were not covered by tests
case ispec.MediaTypeImageLayerGzip:
fallthrough
case ispec.MediaTypeImageLayer:
return NewLayerType("tar", squashfs.VerityMetadataMissing)
return NewLayerType("tar", verity.VerityMetadataMissing)

Check warning on line 94 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L94

Added line #L94 was not covered by tests
default:
return LayerType{}, errors.Errorf("invalid layer type %s", manifest.Layers[0].MediaType)
}
}

func NewLayerTypes(lts []string, verity squashfs.VerityMetadata) ([]LayerType, error) {
func NewLayerTypes(lts []string, verity verity.VerityMetadata) ([]LayerType, error) {

Check warning on line 100 in pkg/types/layer_type.go

View check run for this annotation

Codecov / codecov/patch

pkg/types/layer_type.go#L100

Added line #L100 was not covered by tests
ret := []LayerType{}
for _, lt := range lts {
hoisted, err := NewLayerType(lt, verity)
Expand Down
4 changes: 2 additions & 2 deletions test/atomfs.bats
Original file line number Diff line number Diff line change
Expand Up @@ -45,8 +45,8 @@ EOF
stacker internal-go atomfs umount mountpoint
}

@test "--no-squashfs-verity works" {
basic_test --no-squashfs-verity
@test "--no-verity works" {
basic_test --no-verity
verity_checkusedloops
}

Expand Down

0 comments on commit ea8d893

Please sign in to comment.