diff --git a/cmd/stacker/build.go b/cmd/stacker/build.go index a46ea050..ea649e52 100644 --- a/cmd/stacker/build.go +++ b/cmd/stacker/build.go @@ -4,7 +4,7 @@ import ( "fmt" cli "github.com/urfave/cli/v2" - "machinerun.io/atomfs/squashfs" + "machinerun.io/atomfs/pkg/verity" "stackerbuild.io/stacker/pkg/stacker" "stackerbuild.io/stacker/pkg/types" ) @@ -52,12 +52,12 @@ func initCommonBuildFlags() []cli.Flag { }, &cli.StringSliceFlag{ Name: "layer-type", - Usage: "set the output layer type (supported values: tar, squashfs); can be supplied multiple times", + Usage: "set the output layer type (supported values: tar, squashfs, erofs); can be supplied multiple times", Value: cli.NewStringSlice("tar"), }, &cli.BoolFlag{ - Name: "no-squashfs-verity", - Usage: "do not append dm-verity data to squashfs archives", + Name: "no-verity", + Usage: "do not append dm-verity data to fs archives", }, &cli.BoolFlag{ Name: "require-hash", @@ -103,7 +103,7 @@ func newBuildArgs(ctx *cli.Context) (stacker.BuildArgs, error) { AnnotationsNamespace: ctx.String("annotations-namespace"), } var err error - verity := squashfs.VerityMetadata(!ctx.Bool("no-squashfs-verity")) + verity := verity.VerityMetadata(!ctx.Bool("no-verity")) args.LayerTypes, err = types.NewLayerTypes(ctx.StringSlice("layer-type"), verity) return args, err } diff --git a/cmd/stacker/inspect.go b/cmd/stacker/inspect.go index 43aeaee9..554de4b1 100644 --- a/cmd/stacker/inspect.go +++ b/cmd/stacker/inspect.go @@ -11,7 +11,7 @@ import ( "github.com/opencontainers/umoci/oci/casext" "github.com/pkg/errors" cli "github.com/urfave/cli/v2" - stackeroci "machinerun.io/atomfs/oci" + stackeroci "machinerun.io/atomfs/pkg/oci" ) var inspectCmd = cli.Command{ diff --git a/cmd/stacker/internal_go.go b/cmd/stacker/internal_go.go index 2e8fd992..28dca1b0 100644 --- a/cmd/stacker/internal_go.go +++ b/cmd/stacker/internal_go.go @@ -10,7 +10,7 @@ import ( "github.com/pkg/errors" cli "github.com/urfave/cli/v2" "golang.org/x/sys/unix" - "machinerun.io/atomfs" + "machinerun.io/atomfs/pkg/molecule" "stackerbuild.io/stacker/pkg/lib" "stackerbuild.io/stacker/pkg/log" "stackerbuild.io/stacker/pkg/overlay" @@ -182,15 +182,17 @@ func doAtomfsMount(ctx *cli.Context) error { return errors.WithStack(err) } - opts := atomfs.MountOCIOpts{ + opts := molecule.MountOCIOpts{ OCIDir: config.OCIDir, - MetadataPath: path.Join(wd, "atomfs-metadata"), Tag: tag, Target: mountpoint, + AddWriteableOverlay: false, + WriteableOverlayPath: "", AllowMissingVerityData: true, + MetadataDir: path.Join(wd, "atomfs-metadata"), } - mol, err := atomfs.BuildMoleculeFromOCI(opts) + mol, err := molecule.BuildMoleculeFromOCI(opts) if err != nil { return err } @@ -206,5 +208,5 @@ func doAtomfsUmount(ctx *cli.Context) error { } mountpoint := ctx.Args().Get(0) - return atomfs.Umount(mountpoint) + return molecule.Umount(mountpoint) } diff --git a/cmd/stacker/publish.go b/cmd/stacker/publish.go index 3eff0bb3..86ce6e64 100644 --- a/cmd/stacker/publish.go +++ b/cmd/stacker/publish.go @@ -3,7 +3,7 @@ package main import ( "github.com/pkg/errors" cli "github.com/urfave/cli/v2" - "machinerun.io/atomfs/squashfs" + "machinerun.io/atomfs/pkg/verity" "stackerbuild.io/stacker/pkg/lib" "stackerbuild.io/stacker/pkg/stacker" "stackerbuild.io/stacker/pkg/types" @@ -69,7 +69,7 @@ var publishCmd = cli.Command{ }, &cli.StringSliceFlag{ Name: "layer-type", - Usage: "set the output layer type (supported values: tar, squashfs); can be supplied multiple times", + Usage: "set the output layer type (supported values: tar, squashfs, erofs); can be supplied multiple times", Value: cli.NewStringSlice("tar"), }, &cli.StringSliceFlag{ @@ -108,7 +108,7 @@ func beforePublish(ctx *cli.Context) error { } func doPublish(ctx *cli.Context) error { - verity := squashfs.VerityMetadata(!ctx.Bool("no-squashfs-verity")) + verity := verity.VerityMetadata(!ctx.Bool("no-verity")) layerTypes, err := types.NewLayerTypes(ctx.StringSlice("layer-type"), verity) if err != nil { return err diff --git a/cmd/stacker/validate.go b/cmd/stacker/validate.go index 87a4033c..37dec461 100644 --- a/cmd/stacker/validate.go +++ b/cmd/stacker/validate.go @@ -50,6 +50,8 @@ func validateLayerTypeFlags(ctx *cli.Context) error { break case "squashfs": break + case "erofs": + break default: return errors.Errorf("unknown layer type: %s", layerType) } diff --git a/go.mod b/go.mod index 07d78cc2..b49a2313 100644 --- a/go.mod +++ b/go.mod @@ -289,5 +289,6 @@ require ( replace ( github.com/opencontainers/umoci => github.com/project-stacker/umoci v0.0.0-20240906174318-e9397ba4ced0 + machinerun.io/atomfs => github.com/rchincha/atomfs v0.0.0-20241116230626-640dbd304980 stackerbuild.io/stacker-bom => github.com/project-stacker/stacker-bom v0.0.0-20240509203427-4d685e046780 ) diff --git a/go.sum b/go.sum index 67559557..5437c2db 100644 --- a/go.sum +++ b/go.sum @@ -818,6 +818,8 @@ github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+Gx github.com/prometheus/procfs v0.6.0/go.mod h1:cz+aTbrPOrUb4q7XlbU9ygM+/jj0fzG6c1xBZuNvfVA= github.com/prometheus/procfs v0.12.0 h1:jluTpSng7V9hY0O2R9DzzJHYb2xULk9VTR1V1R/k6Bo= github.com/prometheus/procfs v0.12.0/go.mod h1:pcuDEFsWDnvcgNzo4EEweacyhjeA9Zk3cnaOZAZEfOo= +github.com/rchincha/atomfs v0.0.0-20241116230626-640dbd304980 h1:Bn62cwX4SrmuodHMd3HXAOB/D20tNkdo6BcNHh9se2E= +github.com/rchincha/atomfs v0.0.0-20241116230626-640dbd304980/go.mod h1:cidyEmsNeeo+9f7OiHl/nA+8KS7Vj5XOslR87VkIebM= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE= github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo= github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc= @@ -1592,8 +1594,6 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg= honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k= -machinerun.io/atomfs v1.1.1 h1:EprTiYMzAlKL+3S7woe9DsCJGwO2dkHTlvmjlVNO8pY= -machinerun.io/atomfs v1.1.1/go.mod h1:cidyEmsNeeo+9f7OiHl/nA+8KS7Vj5XOslR87VkIebM= modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw= modernc.org/libc v1.37.6/go.mod h1:YAXkAZ8ktnkCKaN9sw/UDeUVkGYJ/YquGO4FTi5nmHE= modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4= diff --git a/pkg/lib/image_test.go b/pkg/lib/image_test.go index db532a03..c387fa49 100644 --- a/pkg/lib/image_test.go +++ b/pkg/lib/image_test.go @@ -13,7 +13,8 @@ import ( "github.com/opencontainers/umoci/mutate" "github.com/opencontainers/umoci/oci/casext" "github.com/stretchr/testify/assert" - "machinerun.io/atomfs/squashfs" + "machinerun.io/atomfs/pkg/squashfs" + "machinerun.io/atomfs/pkg/verity" ) func createImage(dir string, tag string) error { @@ -48,7 +49,7 @@ func createImage(dir string, tag string) error { // need *something* in the layer, why not just recursively include the // OCI image for maximum confusion :) - layer, mediaType, _, err := squashfs.MakeSquashfs(dir, path.Join(dir, "oci"), nil, squashfs.VerityMetadataMissing) + layer, mediaType, _, err := squashfs.MakeSquashfs(dir, path.Join(dir, "oci"), nil, verity.VerityMetadataMissing) if err != nil { return err } diff --git a/pkg/overlay/metadata.go b/pkg/overlay/metadata.go index 27f4daa6..5901b9e3 100644 --- a/pkg/overlay/metadata.go +++ b/pkg/overlay/metadata.go @@ -10,7 +10,7 @@ import ( ispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/opencontainers/umoci/oci/casext" "github.com/pkg/errors" - stackeroci "machinerun.io/atomfs/oci" + stackeroci "machinerun.io/atomfs/pkg/oci" "stackerbuild.io/stacker/pkg/log" "stackerbuild.io/stacker/pkg/types" ) diff --git a/pkg/overlay/pack.go b/pkg/overlay/pack.go index 1053e306..e79973cd 100644 --- a/pkg/overlay/pack.go +++ b/pkg/overlay/pack.go @@ -22,8 +22,9 @@ import ( "github.com/opencontainers/umoci/oci/layer" "github.com/pkg/errors" "github.com/pkg/xattr" - stackeroci "machinerun.io/atomfs/oci" - "machinerun.io/atomfs/squashfs" + stackerfs "machinerun.io/atomfs/pkg/fs" + stackeroci "machinerun.io/atomfs/pkg/oci" + "machinerun.io/atomfs/pkg/verity" "stackerbuild.io/stacker/pkg/lib" "stackerbuild.io/stacker/pkg/log" "stackerbuild.io/stacker/pkg/storage" @@ -280,7 +281,8 @@ func generateBlob(layerType types.LayerType, contents string, ociDir string, low blob = layer.GenerateInsertLayer(contents, "/", false, &packOptions) mediaType = ispec.MediaTypeImageLayer } else { - blob, mediaType, rootHash, err = squashfs.MakeSquashfs(ociDir, contents, nil, layerType.Verity) + fsi := stackerfs.New(stackerfs.FilesystemType(layerType.Type)) + blob, mediaType, rootHash, err = fsi.Make(ociDir, contents, nil, layerType.Verity) if err != nil { return nil, "", "", err } @@ -303,7 +305,7 @@ func ociPutBlob(blob io.ReadCloser, config types.StackerConfig, layerMediaType s annotations := map[string]string{} if rootHash != "" { - annotations[squashfs.VerityRootHashAnnotation] = rootHash + annotations[verity.VerityRootHashAnnotation] = rootHash } desc := ispec.Descriptor{ @@ -443,7 +445,7 @@ func generateLayer(config types.StackerConfig, _ casext.Engine, mutators []*muta } else { annotations := map[string]string{} if rootHash != "" { - annotations[squashfs.VerityRootHashAnnotation] = rootHash + annotations[verity.VerityRootHashAnnotation] = rootHash } desc, err = mutator.Add(context.Background(), mediaType, blob, history, mutate.NoopCompressor, annotations) if err != nil { @@ -693,10 +695,11 @@ func unpackOne(l ispec.Descriptor, ociDir string, extractDir string) error { return nil } - if squashfs.IsSquashfsMediaType(l.MediaType) { - return squashfs.ExtractSingleSquash( + if fsi := stackerfs.NewFromMediaType(l.MediaType); fsi != nil { + return fsi.ExtractSingle( path.Join(ociDir, "blobs", "sha256", l.Digest.Encoded()), extractDir) } + switch l.MediaType { case ispec.MediaTypeImageLayer, ispec.MediaTypeImageLayerGzip: tarEx.Lock() diff --git a/pkg/types/layer_type.go b/pkg/types/layer_type.go index 8430a404..354b3475 100644 --- a/pkg/types/layer_type.go +++ b/pkg/types/layer_type.go @@ -7,14 +7,16 @@ import ( ispec "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" - "machinerun.io/atomfs/squashfs" + "machinerun.io/atomfs/pkg/erofs" + "machinerun.io/atomfs/pkg/squashfs" + "machinerun.io/atomfs/pkg/verity" ) var ErrEmptyLayers = errors.New("empty layers") type LayerType struct { Type string - Verity squashfs.VerityMetadata + Verity verity.VerityMetadata } func (lt LayerType) String() string { @@ -44,15 +46,17 @@ func (lt *LayerType) UnmarshalText(text []byte) error { return errors.Wrapf(err, "bad verity bool: %s", fields[1]) } - lt.Verity = squashfs.VerityMetadata(result) + lt.Verity = verity.VerityMetadata(result) return nil } -func NewLayerType(lt string, verity squashfs.VerityMetadata) (LayerType, error) { +func NewLayerType(lt string, verity verity.VerityMetadata) (LayerType, error) { switch lt { case "squashfs": return LayerType{Type: lt, Verity: verity}, nil + case "erofs": + return LayerType{Type: lt, Verity: verity}, nil case "tar": return LayerType{Type: lt}, nil default: @@ -62,31 +66,38 @@ func NewLayerType(lt string, verity squashfs.VerityMetadata) (LayerType, error) func NewLayerTypeManifest(manifest ispec.Manifest) (LayerType, error) { if len(manifest.Layers) == 0 { - return NewLayerType("tar", squashfs.VerityMetadataMissing) + return NewLayerType("tar", verity.VerityMetadataMissing) } switch manifest.Layers[0].MediaType { case squashfs.BaseMediaTypeLayerSquashfs: // older stackers generated media types without compression information fallthrough - case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, squashfs.VerityMetadataMissing): + case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, verity.VerityMetadataMissing): + fallthrough + case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, verity.VerityMetadataMissing): + return NewLayerType("squashfs", verity.VerityMetadataMissing) + case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, verity.VerityMetadataPresent): fallthrough - case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, squashfs.VerityMetadataMissing): - return NewLayerType("squashfs", squashfs.VerityMetadataMissing) - case squashfs.GenerateSquashfsMediaType(squashfs.GzipCompression, squashfs.VerityMetadataPresent): + case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, verity.VerityMetadataPresent): + return NewLayerType("squashfs", verity.VerityMetadataPresent) + case erofs.BaseMediaTypeLayerErofs: + // older stackers generated media types without compression information fallthrough - case squashfs.GenerateSquashfsMediaType(squashfs.ZstdCompression, squashfs.VerityMetadataPresent): - return NewLayerType("squashfs", squashfs.VerityMetadataPresent) + case erofs.GenerateErofsMediaType(erofs.LZ4HCCompression, verity.VerityMetadataMissing): + return NewLayerType("erofs", verity.VerityMetadataMissing) + case erofs.GenerateErofsMediaType(erofs.LZ4HCCompression, verity.VerityMetadataPresent): + return NewLayerType("erofs", verity.VerityMetadataPresent) case ispec.MediaTypeImageLayerGzip: fallthrough case ispec.MediaTypeImageLayer: - return NewLayerType("tar", squashfs.VerityMetadataMissing) + return NewLayerType("tar", verity.VerityMetadataMissing) default: return LayerType{}, errors.Errorf("invalid layer type %s", manifest.Layers[0].MediaType) } } -func NewLayerTypes(lts []string, verity squashfs.VerityMetadata) ([]LayerType, error) { +func NewLayerTypes(lts []string, verity verity.VerityMetadata) ([]LayerType, error) { ret := []LayerType{} for _, lt := range lts { hoisted, err := NewLayerType(lt, verity)