sascha
/
gitea
mirror of https://github.com/go-gitea/gitea.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Refactor container and UI (#34736)

pull/34728/head^2
wxiaoguang 2025-06-16 16:27:01 +07:00 committed by GitHub
parent bbee652e29
commit 6b8b580218
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
10 changed files with 153 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
models/packages/container/const.go
Unescape Escape View File

@ -4,6 +4,8 @@
package container package container
const ( const (
ContentTypeDockerDistributionManifestV2 = "application/vnd.docker.distribution.manifest.v2+json"
ManifestFilename = "manifest.json" ManifestFilename = "manifest.json"
UploadVersion = "_upload" UploadVersion = "_upload"
) )

8
models/packages/container/search.go
Unescape Escape View File

@ -25,6 +25,7 @@ type BlobSearchOptions struct {
Digest string Digest string
Tag string Tag string
IsManifest bool IsManifest bool
OnlyLead bool
Repository string Repository string
} }
@ -45,6 +46,9 @@ func (opts *BlobSearchOptions) toConds() builder.Cond {
if opts.IsManifest { if opts.IsManifest {
cond = cond.And(builder.Eq{"package_file.lower_name": ManifestFilename}) cond = cond.And(builder.Eq{"package_file.lower_name": ManifestFilename})
} }
if opts.OnlyLead {
cond = cond.And(builder.Eq{"package_file.is_lead": true})
}
if opts.Digest != "" { if opts.Digest != "" {
var propsCond builder.Cond = builder.Eq{ var propsCond builder.Cond = builder.Eq{
"package_property.ref_type": packages.PropertyTypeFile, "package_property.ref_type": packages.PropertyTypeFile,
@ -73,11 +77,9 @@ func GetContainerBlob(ctx context.Context, opts *BlobSearchOptions) (*packages.P
pfds, err := getContainerBlobsLimit(ctx, opts, 1) pfds, err := getContainerBlobsLimit(ctx, opts, 1)
if err != nil { if err != nil {
return nil, err return nil, err
} } else if len(pfds) == 0 {
if len(pfds) != 1 {
return nil, ErrContainerBlobNotExist return nil, ErrContainerBlobNotExist
} }
return pfds[0], nil return pfds[0], nil
} }

5
models/packages/package_file.go
Unescape Escape View File

@ -115,6 +115,11 @@ func DeleteFileByID(ctx context.Context, fileID int64) error {
return err return err
} }
func UpdateFile(ctx context.Context, pf *PackageFile, cols []string) error {
_, err := db.GetEngine(ctx).ID(pf.ID).Cols(cols...).Update(pf)
return err
}
// PackageFileSearchOptions are options for SearchXXX methods // PackageFileSearchOptions are options for SearchXXX methods
type PackageFileSearchOptions struct { type PackageFileSearchOptions struct {
OwnerID int64 OwnerID int64

14
models/packages/package_property.go
Unescape Escape View File

@ -66,6 +66,20 @@ func UpdateProperty(ctx context.Context, pp *PackageProperty) error {
return err return err
} }
func InsertOrUpdateProperty(ctx context.Context, refType PropertyType, refID int64, name, value string) error {
pp := PackageProperty{RefType: refType, RefID: refID, Name: name}
ok, err := db.GetEngine(ctx).Get(&pp)
if err != nil {
return err
}
if ok {
_, err = db.GetEngine(ctx).Where("ref_type=? AND ref_id=? AND name=?", refType, refID, name).Cols("value").Update(&PackageProperty{Value: value})
return err
}
_, err = InsertProperty(ctx, refType, refID, name, value)
return err
}
// DeleteAllProperties deletes all properties of a ref // DeleteAllProperties deletes all properties of a ref
func DeleteAllProperties(ctx context.Context, refType PropertyType, refID int64) error { func DeleteAllProperties(ctx context.Context, refType PropertyType, refID int64) error {
_, err := db.GetEngine(ctx).Where("ref_type = ? AND ref_id = ?", refType, refID).Delete(&PackageProperty{}) _, err := db.GetEngine(ctx).Where("ref_type = ? AND ref_id = ?", refType, refID).Delete(&PackageProperty{})

14
routers/api/packages/api.go
Unescape Escape View File

@ -701,18 +701,18 @@ func ContainerRoutes() *web.Router {
r.Get("/_catalog", container.ReqContainerAccess, container.GetRepositoryList) r.Get("/_catalog", container.ReqContainerAccess, container.GetRepositoryList)
r.Group("/{username}", func() { r.Group("/{username}", func() {
r.PathGroup("/*", func(g *web.RouterPathGroup) { r.PathGroup("/*", func(g *web.RouterPathGroup) {
g.MatchPath("POST", "/<image:*>/blobs/uploads", reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, container.InitiateUploadBlob) g.MatchPath("POST", "/<image:*>/blobs/uploads", reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, container.PostBlobsUploads)
g.MatchPath("GET", "/<image:*>/tags/list", container.VerifyImageName, container.GetTagList) g.MatchPath("GET", "/<image:*>/tags/list", container.VerifyImageName, container.GetTagsList)
g.MatchPath("GET,PATCH,PUT,DELETE", `/<image:*>/blobs/uploads/<uuid:[-.=\w]+>`, reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, func(ctx *context.Context) { g.MatchPath("GET,PATCH,PUT,DELETE", `/<image:*>/blobs/uploads/<uuid:[-.=\w]+>`, reqPackageAccess(perm.AccessModeWrite), container.VerifyImageName, func(ctx *context.Context) {
switch ctx.Req.Method { switch ctx.Req.Method {
case http.MethodGet: case http.MethodGet:
container.GetUploadBlob(ctx) container.GetBlobsUpload(ctx)
case http.MethodPatch: case http.MethodPatch:
container.UploadBlob(ctx) container.PatchBlobsUpload(ctx)
case http.MethodPut: case http.MethodPut:
container.EndUploadBlob(ctx) container.PutBlobsUpload(ctx)
default: /* DELETE */ default: /* DELETE */
container.CancelUploadBlob(ctx) container.DeleteBlobsUpload(ctx)
} }
}) })
g.MatchPath("HEAD", `/<image:*>/blobs/<digest>`, container.VerifyImageName, container.HeadBlob) g.MatchPath("HEAD", `/<image:*>/blobs/<digest>`, container.VerifyImageName, container.HeadBlob)
@ -721,7 +721,7 @@ func ContainerRoutes() *web.Router {
g.MatchPath("HEAD", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.HeadManifest) g.MatchPath("HEAD", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.HeadManifest)
g.MatchPath("GET", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.GetManifest) g.MatchPath("GET", `/<image:*>/manifests/<reference>`, container.VerifyImageName, container.GetManifest)
g.MatchPath("PUT", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.UploadManifest) g.MatchPath("PUT", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.PutManifest)
g.MatchPath("DELETE", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.DeleteManifest) g.MatchPath("DELETE", `/<image:*>/manifests/<reference>`, container.VerifyImageName, reqPackageAccess(perm.AccessModeWrite), container.DeleteManifest)
}) })
}, container.ReqContainerAccess, context.UserAssignmentWeb(), context.PackageAssignment(), reqPackageAccess(perm.AccessModeRead)) }, container.ReqContainerAccess, context.UserAssignmentWeb(), context.PackageAssignment(), reqPackageAccess(perm.AccessModeRead))

6
routers/api/packages/container/blob.go
Unescape Escape View File

@ -20,6 +20,8 @@ import (
container_module "code.gitea.io/gitea/modules/packages/container" container_module "code.gitea.io/gitea/modules/packages/container"
"code.gitea.io/gitea/modules/util" "code.gitea.io/gitea/modules/util"
packages_service "code.gitea.io/gitea/services/packages" packages_service "code.gitea.io/gitea/services/packages"
"github.com/opencontainers/go-digest"
) )
// saveAsPackageBlob creates a package blob from an upload // saveAsPackageBlob creates a package blob from an upload
@ -175,7 +177,7 @@ func createFileForBlob(ctx context.Context, pv *packages_model.PackageVersion, p
return nil return nil
} }
func deleteBlob(ctx context.Context, ownerID int64, image, digest string) error { func deleteBlob(ctx context.Context, ownerID int64, image string, digest digest.Digest) error {
releaser, err := globallock.Lock(ctx, containerPkgName(ownerID, image)) releaser, err := globallock.Lock(ctx, containerPkgName(ownerID, image))
if err != nil { if err != nil {
return err return err
@ -186,7 +188,7 @@ func deleteBlob(ctx context.Context, ownerID int64, image, digest string) error
pfds, err := container_model.GetContainerBlobs(ctx, &container_model.BlobSearchOptions{ pfds, err := container_model.GetContainerBlobs(ctx, &container_model.BlobSearchOptions{
OwnerID: ownerID, OwnerID: ownerID,
Image: image, Image: image,
Digest: digest, Digest: string(digest),
}) })
if err != nil { if err != nil {
return err return err

34
routers/api/packages/container/container.go
Unescape Escape View File

@ -231,7 +231,7 @@ func GetRepositoryList(ctx *context.Context) {
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#mounting-a-blob-from-another-repository // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#mounting-a-blob-from-another-repository
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#single-post // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#single-post
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
func InitiateUploadBlob(ctx *context.Context) { func PostBlobsUploads(ctx *context.Context) {
image := ctx.PathParam("image") image := ctx.PathParam("image")
mount := ctx.FormTrim("mount") mount := ctx.FormTrim("mount")
@ -319,7 +319,7 @@ func InitiateUploadBlob(ctx *context.Context) {
} }
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
func GetUploadBlob(ctx *context.Context) { func GetBlobsUpload(ctx *context.Context) {
uuid := ctx.PathParam("uuid") uuid := ctx.PathParam("uuid")
upload, err := packages_model.GetBlobUploadByID(ctx, uuid) upload, err := packages_model.GetBlobUploadByID(ctx, uuid)
@ -345,7 +345,7 @@ func GetUploadBlob(ctx *context.Context) {
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#single-post // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#single-post
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
func UploadBlob(ctx *context.Context) { func PatchBlobsUpload(ctx *context.Context) {
image := ctx.PathParam("image") image := ctx.PathParam("image")
uploader, err := container_service.NewBlobUploader(ctx, ctx.PathParam("uuid")) uploader, err := container_service.NewBlobUploader(ctx, ctx.PathParam("uuid"))
@ -393,7 +393,7 @@ func UploadBlob(ctx *context.Context) {
} }
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-a-blob-in-chunks
func EndUploadBlob(ctx *context.Context) { func PutBlobsUpload(ctx *context.Context) {
image := ctx.PathParam("image") image := ctx.PathParam("image")
digest := ctx.FormTrim("digest") digest := ctx.FormTrim("digest")
@ -462,7 +462,7 @@ func EndUploadBlob(ctx *context.Context) {
} }
// https://docs.docker.com/registry/spec/api/#delete-blob-upload // https://docs.docker.com/registry/spec/api/#delete-blob-upload
func CancelUploadBlob(ctx *context.Context) { func DeleteBlobsUpload(ctx *context.Context) {
uuid := ctx.PathParam("uuid") uuid := ctx.PathParam("uuid")
_, err := packages_model.GetBlobUploadByID(ctx, uuid) _, err := packages_model.GetBlobUploadByID(ctx, uuid)
@ -486,16 +486,15 @@ func CancelUploadBlob(ctx *context.Context) {
} }
func getBlobFromContext(ctx *context.Context) (*packages_model.PackageFileDescriptor, error) { func getBlobFromContext(ctx *context.Context) (*packages_model.PackageFileDescriptor, error) {
d := ctx.PathParam("digest") d := digest.Digest(ctx.PathParam("digest"))
if d.Validate() != nil {
if digest.Digest(d).Validate() != nil {
return nil, container_model.ErrContainerBlobNotExist return nil, container_model.ErrContainerBlobNotExist
} }
return workaroundGetContainerBlob(ctx, &container_model.BlobSearchOptions{ return workaroundGetContainerBlob(ctx, &container_model.BlobSearchOptions{
OwnerID: ctx.Package.Owner.ID, OwnerID: ctx.Package.Owner.ID,
Image: ctx.PathParam("image"), Image: ctx.PathParam("image"),
Digest: d, Digest: string(d),
}) })
} }
@ -535,9 +534,8 @@ func GetBlob(ctx *context.Context) {
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#deleting-blobs // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#deleting-blobs
func DeleteBlob(ctx *context.Context) { func DeleteBlob(ctx *context.Context) {
d := ctx.PathParam("digest") d := digest.Digest(ctx.PathParam("digest"))
if d.Validate() != nil {
if digest.Digest(d).Validate() != nil {
apiErrorDefined(ctx, errBlobUnknown) apiErrorDefined(ctx, errBlobUnknown)
return return
} }
@ -553,7 +551,7 @@ func DeleteBlob(ctx *context.Context) {
} }
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-manifests // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#pushing-manifests
func UploadManifest(ctx *context.Context) { func PutManifest(ctx *context.Context) {
reference := ctx.PathParam("reference") reference := ctx.PathParam("reference")
mci := &manifestCreationInfo{ mci := &manifestCreationInfo{
@ -609,18 +607,18 @@ func UploadManifest(ctx *context.Context) {
} }
func getBlobSearchOptionsFromContext(ctx *context.Context) (*container_model.BlobSearchOptions, error) { func getBlobSearchOptionsFromContext(ctx *context.Context) (*container_model.BlobSearchOptions, error) {
reference := ctx.PathParam("reference")
opts := &container_model.BlobSearchOptions{ opts := &container_model.BlobSearchOptions{
OwnerID: ctx.Package.Owner.ID, OwnerID: ctx.Package.Owner.ID,
Image: ctx.PathParam("image"), Image: ctx.PathParam("image"),
IsManifest: true, IsManifest: true,
} }
if digest.Digest(reference).Validate() == nil { reference := ctx.PathParam("reference")
opts.Digest = reference if d := digest.Digest(reference); d.Validate() == nil {
opts.Digest = string(d)
} else if referencePattern.MatchString(reference) { } else if referencePattern.MatchString(reference) {
opts.Tag = reference opts.Tag = reference
opts.OnlyLead = true
} else { } else {
return nil, container_model.ErrContainerBlobNotExist return nil, container_model.ErrContainerBlobNotExist
} }
@ -737,7 +735,7 @@ func serveBlob(ctx *context.Context, pfd *packages_model.PackageFileDescriptor)
} }
// https://github.com/opencontainers/distribution-spec/blob/main/spec.md#content-discovery // https://github.com/opencontainers/distribution-spec/blob/main/spec.md#content-discovery
func GetTagList(ctx *context.Context) { func GetTagsList(ctx *context.Context) {
image := ctx.PathParam("image") image := ctx.PathParam("image")
if _, err := packages_model.GetPackageByName(ctx, ctx.Package.Owner.ID, packages_model.TypeContainer, image); err != nil { if _, err := packages_model.GetPackageByName(ctx, ctx.Package.Owner.ID, packages_model.TypeContainer, image); err != nil {

102
routers/api/packages/container/manifest.go
Unescape Escape View File

@ -10,6 +10,7 @@ import (
"io" "io"
"os" "os"
"strings" "strings"
"time"
"code.gitea.io/gitea/models/db" "code.gitea.io/gitea/models/db"
packages_model "code.gitea.io/gitea/models/packages" packages_model "code.gitea.io/gitea/models/packages"
@ -23,19 +24,19 @@ import (
notify_service "code.gitea.io/gitea/services/notify" notify_service "code.gitea.io/gitea/services/notify"
packages_service "code.gitea.io/gitea/services/packages" packages_service "code.gitea.io/gitea/services/packages"
digest "github.com/opencontainers/go-digest" "github.com/opencontainers/go-digest"
oci "github.com/opencontainers/image-spec/specs-go/v1" oci "github.com/opencontainers/image-spec/specs-go/v1"
) )
func isValidMediaType(mt string) bool { func isMediaTypeValid(mt string) bool {
return strings.HasPrefix(mt, "application/vnd.docker.") || strings.HasPrefix(mt, "application/vnd.oci.") return strings.HasPrefix(mt, "application/vnd.docker.") || strings.HasPrefix(mt, "application/vnd.oci.")
} }
func isImageManifestMediaType(mt string) bool { func isMediaTypeImageManifest(mt string) bool {
return strings.EqualFold(mt, oci.MediaTypeImageManifest) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.v2+json") return strings.EqualFold(mt, oci.MediaTypeImageManifest) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.v2+json")
} }
func isImageIndexMediaType(mt string) bool { func isMediaTypeImageIndex(mt string) bool {
return strings.EqualFold(mt, oci.MediaTypeImageIndex) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.list.v2+json") return strings.EqualFold(mt, oci.MediaTypeImageIndex) || strings.EqualFold(mt, "application/vnd.docker.distribution.manifest.list.v2+json")
} }
@ -64,22 +65,22 @@ func processManifest(ctx context.Context, mci *manifestCreationInfo, buf *packag
return "", err return "", err
} }
if !isValidMediaType(mci.MediaType) { if !isMediaTypeValid(mci.MediaType) {
mci.MediaType = index.MediaType mci.MediaType = index.MediaType
if !isValidMediaType(mci.MediaType) { if !isMediaTypeValid(mci.MediaType) {
return "", errManifestInvalid.WithMessage("MediaType not recognized") return "", errManifestInvalid.WithMessage("MediaType not recognized")
} }
} }
if isImageManifestMediaType(mci.MediaType) { if isMediaTypeImageManifest(mci.MediaType) {
return processImageManifest(ctx, mci, buf) return processOciImageManifest(ctx, mci, buf)
} else if isImageIndexMediaType(mci.MediaType) { } else if isMediaTypeImageIndex(mci.MediaType) {
return processImageManifestIndex(ctx, mci, buf) return processOciImageIndex(ctx, mci, buf)
} }
return "", errManifestInvalid return "", errManifestInvalid
} }
func processImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (string, error) { func processOciImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (string, error) {
manifestDigest := "" manifestDigest := ""
err := func() error { err := func() error {
@ -156,7 +157,7 @@ func processImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *p
} }
for _, ref := range blobReferences { for _, ref := range blobReferences {
if err := createFileFromBlobReference(ctx, pv, uploadVersion, ref); err != nil { if _, err = createFileFromBlobReference(ctx, pv, uploadVersion, ref); err != nil {
return err return err
} }
} }
@ -196,7 +197,7 @@ func processImageManifest(ctx context.Context, mci *manifestCreationInfo, buf *p
return manifestDigest, nil return manifestDigest, nil
} }
func processImageManifestIndex(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (string, error) { func processOciImageIndex(ctx context.Context, mci *manifestCreationInfo, buf *packages_module.HashedBuffer) (string, error) {
manifestDigest := "" manifestDigest := ""
err := func() error { err := func() error {
@ -221,7 +222,7 @@ func processImageManifestIndex(ctx context.Context, mci *manifestCreationInfo, b
} }
for _, manifest := range index.Manifests { for _, manifest := range index.Manifests {
if !isImageManifestMediaType(manifest.MediaType) { if !isMediaTypeImageManifest(manifest.MediaType) {
return errManifestInvalid return errManifestInvalid
} }
@ -349,26 +350,33 @@ func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, met
LowerVersion: strings.ToLower(mci.Reference), LowerVersion: strings.ToLower(mci.Reference),
MetadataJSON: string(metadataJSON), MetadataJSON: string(metadataJSON),
} }
var pv *packages_model.PackageVersion pv, err := packages_model.GetOrInsertVersion(ctx, _pv)
if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil { if err != nil {
if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) { if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
log.Error("Error inserting package: %v", err) log.Error("Error inserting package: %v", err)
return nil, err return nil, err
} }
if isMediaTypeImageIndex(mci.MediaType) {
if pv.CreatedUnix.AsTime().Before(time.Now().Add(-24 * time.Hour)) {
if err = packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil { if err = packages_service.DeletePackageVersionAndReferences(ctx, pv); err != nil {
return nil, err return nil, err
} }
// keep download count on overwriting
// keep download count on overwrite
_pv.DownloadCount = pv.DownloadCount _pv.DownloadCount = pv.DownloadCount
if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil { if pv, err = packages_model.GetOrInsertVersion(ctx, _pv); err != nil {
if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) { if !errors.Is(err, packages_model.ErrDuplicatePackageVersion) {
log.Error("Error inserting package: %v", err) log.Error("Error inserting package: %v", err)
return nil, err return nil, err
} }
} }
} else {
err = packages_model.UpdateVersion(ctx, &packages_model.PackageVersion{ID: pv.ID, MetadataJSON: _pv.MetadataJSON})
if err != nil {
return nil, err
}
}
}
} }
if err := packages_service.CheckCountQuotaExceeded(ctx, mci.Creator, mci.Owner); err != nil { if err := packages_service.CheckCountQuotaExceeded(ctx, mci.Creator, mci.Owner); err != nil {
@ -376,14 +384,23 @@ func createPackageAndVersion(ctx context.Context, mci *manifestCreationInfo, met
} }
if mci.IsTagged { if mci.IsTagged {
if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestTagged, ""); err != nil { if err = packages_model.InsertOrUpdateProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestTagged, ""); err != nil {
log.Error("Error setting package version property: %v", err)
return nil, err return nil, err
} }
} else {
props, err := packages_model.GetPropertiesByName(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestTagged)
if err != nil {
return nil, err
}
for _, prop := range props {
if err = packages_model.DeletePropertyByID(ctx, prop.ID); err != nil {
return nil, err
}
}
} }
for _, manifest := range metadata.Manifests { for _, manifest := range metadata.Manifests {
if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestReference, manifest.Digest); err != nil { if err = packages_model.InsertOrUpdateProperty(ctx, packages_model.PropertyTypeVersion, pv.ID, container_module.PropertyManifestReference, manifest.Digest); err != nil {
log.Error("Error setting package version property: %v", err)
return nil, err return nil, err
} }
} }
@ -400,9 +417,9 @@ type blobReference struct {
IsLead bool IsLead bool
} }
func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *packages_model.PackageVersion, ref *blobReference) error { func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *packages_model.PackageVersion, ref *blobReference) (*packages_model.PackageFile, error) {
if ref.File.Blob.Size != ref.ExpectedSize { if ref.File.Blob.Size != ref.ExpectedSize {
return errSizeInvalid return nil, errSizeInvalid
} }
if ref.Name == "" { if ref.Name == "" {
@ -414,16 +431,17 @@ func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *package
BlobID: ref.File.Blob.ID, BlobID: ref.File.Blob.ID,
Name: ref.Name, Name: ref.Name,
LowerName: ref.Name, LowerName: ref.Name,
CompositeKey: string(ref.Digest),
IsLead: ref.IsLead, IsLead: ref.IsLead,
} }
var err error var err error
if pf, err = packages_model.TryInsertFile(ctx, pf); err != nil { if pf, err = packages_model.TryInsertFile(ctx, pf); err != nil {
if errors.Is(err, packages_model.ErrDuplicatePackageFile) { if errors.Is(err, packages_model.ErrDuplicatePackageFile) {
// Skip this blob because the manifest contains the same filesystem layer multiple times. // Skip this blob because the manifest contains the same filesystem layer multiple times.
return nil return pf, nil
} }
log.Error("Error inserting package file: %v", err) log.Error("Error inserting package file: %v", err)
return err return nil, err
} }
props := map[string]string{ props := map[string]string{
@ -433,18 +451,18 @@ func createFileFromBlobReference(ctx context.Context, pv, uploadVersion *package
for name, value := range props { for name, value := range props {
if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeFile, pf.ID, name, value); err != nil { if _, err := packages_model.InsertProperty(ctx, packages_model.PropertyTypeFile, pf.ID, name, value); err != nil {
log.Error("Error setting package file property: %v", err) log.Error("Error setting package file property: %v", err)
return err return nil, err
} }
} }
// Remove the file from the blob upload version // Remove the ref file (old file) from the blob upload version
if uploadVersion != nil && ref.File.File != nil && uploadVersion.ID == ref.File.File.VersionID { if uploadVersion != nil && ref.File.File != nil && uploadVersion.ID == ref.File.File.VersionID {
if err := packages_service.DeletePackageFile(ctx, ref.File.File); err != nil { if err := packages_service.DeletePackageFile(ctx, ref.File.File); err != nil {
return err return nil, err
} }
} }
return nil return pf, nil
} }
func createManifestBlob(ctx context.Context, mci *manifestCreationInfo, pv *packages_model.PackageVersion, buf *packages_module.HashedBuffer) (*packages_model.PackageBlob, bool, string, error) { func createManifestBlob(ctx context.Context, mci *manifestCreationInfo, pv *packages_model.PackageVersion, buf *packages_module.HashedBuffer) (*packages_model.PackageBlob, bool, string, error) {
@ -471,7 +489,7 @@ func createManifestBlob(ctx context.Context, mci *manifestCreationInfo, pv *pack
} }
manifestDigest := digestFromHashSummer(buf) manifestDigest := digestFromHashSummer(buf)
err = createFileFromBlobReference(ctx, pv, nil, &blobReference{ pf, err := createFileFromBlobReference(ctx, pv, nil, &blobReference{
Digest: digest.Digest(manifestDigest), Digest: digest.Digest(manifestDigest),
MediaType: mci.MediaType, MediaType: mci.MediaType,
Name: container_model.ManifestFilename, Name: container_model.ManifestFilename,
@ -479,6 +497,26 @@ func createManifestBlob(ctx context.Context, mci *manifestCreationInfo, pv *pack
ExpectedSize: pb.Size, ExpectedSize: pb.Size,
IsLead: true, IsLead: true,
}) })
if err != nil {
return nil, false, "", err
}
oldManifestFiles, _, err := packages_model.SearchFiles(ctx, &packages_model.PackageFileSearchOptions{
OwnerID: mci.Owner.ID,
PackageType: packages_model.TypeContainer,
VersionID: pv.ID,
Query: container_model.ManifestFilename,
})
if err != nil {
return nil, false, "", err
}
for _, oldManifestFile := range oldManifestFiles {
if oldManifestFile.ID != pf.ID && oldManifestFile.IsLead {
err = packages_model.UpdateFile(ctx, &packages_model.PackageFile{ID: oldManifestFile.ID, IsLead: false}, []string{"is_lead"})
if err != nil {
return nil, false, "", err
}
}
}
return pb, !exists, manifestDigest, err return pb, !exists, manifestDigest, err
} }

12
templates/package/content/container.tmpl
Unescape Escape View File

@ -16,7 +16,17 @@
</div> </div>
<div class="field"> <div class="field">
<label>{{svg "octicon-code"}} {{ctx.Locale.Tr "packages.container.digest"}}</label> <label>{{svg "octicon-code"}} {{ctx.Locale.Tr "packages.container.digest"}}</label>
<div class="markup"><pre class="code-block"><code>{{range .PackageDescriptor.Files}}{{if eq .File.LowerName "manifest.json"}}{{.Properties.GetByName "container.digest"}}{{end}}{{end}}</code></pre></div> <div class="markup">
<div class="code-block-container code-overflow-scroll">
<pre class="code-block"><code>
{{- range .PackageDescriptor.Files -}}
{{- if eq .File.LowerName "manifest.json" -}}
{{- .Properties.GetByName "container.digest" -}}{{"\n"}}
{{- end -}}
{{- end -}}
</code></pre>
</div>
</div>
</div> </div>
<div class="field"> <div class="field">
<label>{{ctx.Locale.Tr "packages.registry.documentation" "Container" "https://docs.gitea.com/usage/packages/container/"}}</label> <label>{{ctx.Locale.Tr "packages.registry.documentation" "Container" "https://docs.gitea.com/usage/packages/container/"}}</label>

10
tests/integration/api_packages_container_test.go
Unescape Escape View File

@ -58,7 +58,7 @@ func TestPackageContainer(t *testing.T) {
return values return values
} }
images := []string{"test", "te/st"} images := []string{"test", "sub/name"}
tags := []string{"latest", "main"} tags := []string{"latest", "main"}
multiTag := "multi" multiTag := "multi"
@ -71,7 +71,8 @@ func TestPackageContainer(t *testing.T) {
configContent := `{"architecture":"amd64","config":{"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/true"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"container":"b89fe92a887d55c0961f02bdfbfd8ac3ddf66167db374770d2d9e9fab3311510","container_config":{"Hostname":"b89fe92a887d","Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/true\"]"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"created":"2022-01-01T00:00:00.000000000Z","docker_version":"20.10.12","history":[{"created":"2022-01-01T00:00:00.000000000Z","created_by":"/bin/sh -c #(nop) COPY file:0e7589b0c800daaf6fa460d2677101e4676dd9491980210cb345480e513f3602 in /true "},{"created":"2022-01-01T00:00:00.000000001Z","created_by":"/bin/sh -c #(nop) CMD [\"/true\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:0ff3b91bdf21ecdf2f2f3d4372c2098a14dbe06cd678e8f0a85fd4902d00e2e2"]}}` configContent := `{"architecture":"amd64","config":{"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/true"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"container":"b89fe92a887d55c0961f02bdfbfd8ac3ddf66167db374770d2d9e9fab3311510","container_config":{"Hostname":"b89fe92a887d","Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"],"Cmd":["/bin/sh","-c","#(nop) ","CMD [\"/true\"]"],"ArgsEscaped":true,"Image":"sha256:9bd8b88dc68b80cffe126cc820e4b52c6e558eb3b37680bfee8e5f3ed7b8c257"},"created":"2022-01-01T00:00:00.000000000Z","docker_version":"20.10.12","history":[{"created":"2022-01-01T00:00:00.000000000Z","created_by":"/bin/sh -c #(nop) COPY file:0e7589b0c800daaf6fa460d2677101e4676dd9491980210cb345480e513f3602 in /true "},{"created":"2022-01-01T00:00:00.000000001Z","created_by":"/bin/sh -c #(nop) CMD [\"/true\"]","empty_layer":true}],"os":"linux","rootfs":{"type":"layers","diff_ids":["sha256:0ff3b91bdf21ecdf2f2f3d4372c2098a14dbe06cd678e8f0a85fd4902d00e2e2"]}}`
manifestDigest := "sha256:4f10484d1c1bb13e3956b4de1cd42db8e0f14a75be1617b60f2de3cd59c803c6" manifestDigest := "sha256:4f10484d1c1bb13e3956b4de1cd42db8e0f14a75be1617b60f2de3cd59c803c6"
manifestContent := `{"schemaVersion":2,"mediaType":"application/vnd.docker.distribution.manifest.v2+json","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}` manifestContent := `{"schemaVersion":2,"mediaType":"` + container_model.ContentTypeDockerDistributionManifestV2 + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`
manifestContentType := container_model.ContentTypeDockerDistributionManifestV2
untaggedManifestDigest := "sha256:4305f5f5572b9a426b88909b036e52ee3cf3d7b9c1b01fac840e90747f56623d" untaggedManifestDigest := "sha256:4305f5f5572b9a426b88909b036e52ee3cf3d7b9c1b01fac840e90747f56623d"
untaggedManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}` untaggedManifestContent := `{"schemaVersion":2,"mediaType":"` + oci.MediaTypeImageManifest + `","config":{"mediaType":"application/vnd.docker.container.image.v1+json","digest":"sha256:4607e093bec406eaadb6f3a340f63400c9d3a7038680744c406903766b938f0d","size":1069},"layers":[{"mediaType":"application/vnd.docker.image.rootfs.diff.tar.gzip","digest":"sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4","size":32}]}`
@ -494,7 +495,7 @@ func TestPackageContainer(t *testing.T) {
resp := MakeRequest(t, req, http.StatusOK) resp := MakeRequest(t, req, http.StatusOK)
assert.Equal(t, strconv.Itoa(len(manifestContent)), resp.Header().Get("Content-Length")) assert.Equal(t, strconv.Itoa(len(manifestContent)), resp.Header().Get("Content-Length"))
assert.Equal(t, oci.MediaTypeImageManifest, resp.Header().Get("Content-Type")) assert.Equal(t, manifestContentType, resp.Header().Get("Content-Type"))
assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest")) assert.Equal(t, manifestDigest, resp.Header().Get("Docker-Content-Digest"))
assert.Equal(t, manifestContent, resp.Body.String()) assert.Equal(t, manifestContent, resp.Body.String())
}) })
@ -562,7 +563,8 @@ func TestPackageContainer(t *testing.T) {
assert.ElementsMatch(t, []string{strings.ToLower(user.LowerName + "/" + image)}, getAllByName(pd.PackageProperties, container_module.PropertyRepository)) assert.ElementsMatch(t, []string{strings.ToLower(user.LowerName + "/" + image)}, getAllByName(pd.PackageProperties, container_module.PropertyRepository))
assert.True(t, has(pd.VersionProperties, container_module.PropertyManifestTagged)) assert.True(t, has(pd.VersionProperties, container_module.PropertyManifestTagged))
assert.ElementsMatch(t, []string{manifestDigest, untaggedManifestDigest}, getAllByName(pd.VersionProperties, container_module.PropertyManifestReference)) // only the last manifest digest is associated with the version (OCI builders will push the index manifest digest as the final step)
assert.ElementsMatch(t, []string{untaggedManifestDigest}, getAllByName(pd.VersionProperties, container_module.PropertyManifestReference))
assert.IsType(t, &container_module.Metadata{}, pd.Metadata) assert.IsType(t, &container_module.Metadata{}, pd.Metadata)
metadata := pd.Metadata.(*container_module.Metadata) metadata := pd.Metadata.(*container_module.Metadata)