tvl-depot/tools/nixery/server/manifest/manifest.go

// Package image implements logic for creating the image metadata
// (such as the image manifest and configuration).
package manifest

import (
	"crypto/sha256"
	"encoding/json"
	"fmt"
)

const (
	// manifest constants
	schemaVersion = 2

	// media types
	manifestType = "application/vnd.docker.distribution.manifest.v2+json"
	layerType    = "application/vnd.docker.image.rootfs.diff.tar"
	configType   = "application/vnd.docker.container.image.v1+json"

	// image config constants
	arch   = "amd64"
	os     = "linux"
	fsType = "layers"
)

type Entry struct {
	MediaType string `json:"mediaType,omitempty"`
	Size      int64  `json:"size"`
	Digest    string `json:"digest"`
}

type manifest struct {
	SchemaVersion int     `json:"schemaVersion"`
	MediaType     string  `json:"mediaType"`
	Config        Entry   `json:"config"`
	Layers        []Entry `json:"layers"`
}

type imageConfig struct {
	Architecture string `json:"architecture"`
	OS           string `json:"os"`

	RootFS struct {
		FSType  string   `json:"type"`
		DiffIDs []string `json:"diff_ids"`
	} `json:"rootfs"`

	// sic! empty struct (rather than `null`) is required by the
	// image metadata deserialiser in Kubernetes
	Config struct{} `json:"config"`
}

// ConfigLayer represents the configuration layer to be included in
// the manifest, containing its JSON-serialised content and SHA256
// hash.
type ConfigLayer struct {
	Config []byte
	SHA256 string
}

// imageConfig creates an image configuration with the values set to
// the constant defaults.
//
// Outside of this module the image configuration is treated as an
// opaque blob and it is thus returned as an already serialised byte
// array and its SHA256-hash.
func configLayer(hashes []string) ConfigLayer {
	c := imageConfig{}
	c.Architecture = arch
	c.OS = os
	c.RootFS.FSType = fsType
	c.RootFS.DiffIDs = hashes

	j, _ := json.Marshal(c)

	return ConfigLayer{
		Config: j,
		SHA256: fmt.Sprintf("%x", sha256.Sum256(j)),
	}
}

// Manifest creates an image manifest from the specified layer entries
// and returns its JSON-serialised form as well as the configuration
// layer.
//
// Callers do not need to set the media type for the layer entries.
func Manifest(layers []Entry) (json.RawMessage, ConfigLayer) {
	hashes := make([]string, len(layers))
	for i, l := range layers {
		l.MediaType = "application/vnd.docker.image.rootfs.diff.tar"
		layers[i] = l
		hashes[i] = l.Digest
	}

	c := configLayer(hashes)

	m := manifest{
		SchemaVersion: schemaVersion,
		MediaType:     manifestType,
		Config: Entry{
			MediaType: configType,
			Size:      int64(len(c.Config)),
			Digest:    "sha256:" + c.SHA256,
		},
		Layers: layers,
	}

	j, _ := json.Marshal(m)

	return json.RawMessage(j), c
}
feat(server): Implement package for creating image manifests The new manifest package creates image manifests and their configuration. This previously happened in Nix, but is now part of the server's workload. This relates to #50. 2019-10-02 00:24:55 +02:00			`// Package image implements logic for creating the image metadata`
			`// (such as the image manifest and configuration).`
			`package manifest`

			`import (`
			`"crypto/sha256"`
			`"encoding/json"`
			`"fmt"`
			`)`

			`const (`
			`// manifest constants`
			`schemaVersion = 2`

			`// media types`
			`manifestType = "application/vnd.docker.distribution.manifest.v2+json"`
			`layerType = "application/vnd.docker.image.rootfs.diff.tar"`
			`configType = "application/vnd.docker.container.image.v1+json"`

			`// image config constants`
			`arch = "amd64"`
			`os = "linux"`
			`fsType = "layers"`
			`)`

			`type Entry struct {`
refactor(server): Cache manifest entries for layer builds MD5 hash checking is no longer performed by Nixery (it does not seem to be necessary), hence the layer cache now only keeps the SHA256 hash and size in the form of the manifest entry. This makes it possible to restructure the builder code to perform cache-fetching and cache-populating for layers in the same place. 2019-10-03 13:09:24 +02:00			MediaType string `json:"mediaType,omitempty"`
feat(server): Implement package for creating image manifests The new manifest package creates image manifests and their configuration. This previously happened in Nix, but is now part of the server's workload. This relates to #50. 2019-10-02 00:24:55 +02:00			Size int64 `json:"size"`
			Digest string `json:"digest"`
			`}`

			`type manifest struct {`
			SchemaVersion int `json:"schemaVersion"`
			MediaType string `json:"mediaType"`
			Config Entry `json:"config"`
			Layers []Entry `json:"layers"`
			`}`

			`type imageConfig struct {`
			Architecture string `json:"architecture"`
			OS string `json:"os"`

			`RootFS struct {`
			FSType string `json:"type"`
			DiffIDs []string `json:"diff_ids"`
			} `json:"rootfs"`

			// sic! empty struct (rather than `null`) is required by the
			`// image metadata deserialiser in Kubernetes`
			Config struct{} `json:"config"`
			`}`

			`// ConfigLayer represents the configuration layer to be included in`
refactor: Remove remaining MD5-hash mentions and computations 2019-10-03 13:11:46 +02:00			`// the manifest, containing its JSON-serialised content and SHA256`
			`// hash.`
feat(server): Implement package for creating image manifests The new manifest package creates image manifests and their configuration. This previously happened in Nix, but is now part of the server's workload. This relates to #50. 2019-10-02 00:24:55 +02:00			`type ConfigLayer struct {`
			`Config []byte`
			`SHA256 string`
			`}`

			`// imageConfig creates an image configuration with the values set to`
			`// the constant defaults.`
			`//`
			`// Outside of this module the image configuration is treated as an`
			`// opaque blob and it is thus returned as an already serialised byte`
			`// array and its SHA256-hash.`
			`func configLayer(hashes []string) ConfigLayer {`
			`c := imageConfig{}`
			`c.Architecture = arch`
			`c.OS = os`
			`c.RootFS.FSType = fsType`
			`c.RootFS.DiffIDs = hashes`

			`j, _ := json.Marshal(c)`

			`return ConfigLayer{`
			`Config: j,`
			`SHA256: fmt.Sprintf("%x", sha256.Sum256(j)),`
			`}`
			`}`

			`// Manifest creates an image manifest from the specified layer entries`
			`// and returns its JSON-serialised form as well as the configuration`
			`// layer.`
			`//`
			`// Callers do not need to set the media type for the layer entries.`
			`func Manifest(layers []Entry) (json.RawMessage, ConfigLayer) {`
			`hashes := make([]string, len(layers))`
			`for i, l := range layers {`
			`l.MediaType = "application/vnd.docker.image.rootfs.diff.tar"`
			`layers[i] = l`
			`hashes[i] = l.Digest`
			`}`

			`c := configLayer(hashes)`

			`m := manifest{`
			`SchemaVersion: schemaVersion,`
			`MediaType: manifestType,`
			`Config: Entry{`
			`MediaType: configType,`
			`Size: int64(len(c.Config)),`
			`Digest: "sha256:" + c.SHA256,`
			`},`
			`Layers: layers,`
			`}`

			`j, _ := json.Marshal(m)`

			`return json.RawMessage(j), c`
			`}`