Skip to content

Bump to newer ocidir and containers-image-proxy #1377

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
cgwalters merged 1 commit into from
Jun 17, 2025
Merged

Bump to newer ocidir and containers-image-proxy #1377

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
162 changes: 114 additions & 48 deletions Cargo.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

8 changes: 2 additions & 6 deletions ostree-ext/Cargo.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,10 +9,7 @@ repository = "https://github.com/ostreedev/ostree-rs-ext"
version = "0.15.3"

[dependencies]
# Note that we re-export the oci-spec types
# that are exported by this crate, so when bumping
# semver here you must also bump our semver.
containers-image-proxy = "0.7.0"
containers-image-proxy = "0.8.0"
# We re-export this library too.
ostree = { features = ["v2025_2"], version = "0.20" }

Expand All @@ -22,7 +19,6 @@ bootc-utils = { path = "../utils" }
camino = { workspace = true, features = ["serde1"] }
composefs = { git = "https://github.com/containers/composefs-rs", rev = "821eeae93e48f1ee381c49b8cd4d22fda92d27a2" }
chrono = { workspace = true }
olpc-cjson = "0.1.1"
clap = { workspace = true, features = ["derive","cargo"] }
clap_mangen = { workspace = true, optional = true }
comfy-table = "7.1.1"
Expand All @@ -37,7 +33,7 @@ indicatif = { workspace = true }
libc = { workspace = true }
libsystemd = "0.7.0"
openssl = { workspace = true }
ocidir = "0.3.0"
ocidir = "0.4.0"
pin-project = "1.0"
regex = "1.5.4"
rustix = { workspace = true, features = ["fs", "process"] }
Expand Down
6 changes: 3 additions & 3 deletions ostree-ext/src/container/encapsulate.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -236,7 +236,7 @@ fn build_oci(
&mut labels,
)?;

let mut manifest = ocidir::new_empty_manifest().build().unwrap();
let mut manifest = writer.new_empty_manifest()?.build().unwrap();
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Consider handling the error case where new_empty_manifest fails. Currently, it's unwrapped, which could lead to unexpected program termination.

Suggested change
let mut manifest = writer.new_empty_manifest()?.build().unwrap();
let mut manifest = writer.new_empty_manifest()?;


let chunking = opts
.contentmeta
Expand Down Expand Up @@ -355,15 +355,15 @@ async fn build_impl(
}
let ocidir = Dir::open_ambient_dir(path, cap_std::ambient_authority())
.with_context(|| format!("Opening {path}"))?;
let mut ocidir = OciDir::ensure(&ocidir).context("Opening OCI")?;
let mut ocidir = OciDir::ensure(ocidir).context("Opening OCI")?;
build_oci(repo, ostree_ref, &mut ocidir, tag, config, opts)?;
None
} else {
let tempdir = {
let vartmp = Dir::open_ambient_dir("/var/tmp", cap_std::ambient_authority())?;
cap_std_ext::cap_tempfile::tempdir_in(&vartmp)?
};
let mut ocidir = OciDir::ensure(&tempdir)?;
let mut ocidir = OciDir::ensure(tempdir.try_clone()?)?;

// Minor TODO: refactor to avoid clone
let authfile = opts.authfile.clone();
Expand Down
2 changes: 1 addition & 1 deletion ostree-ext/src/container/store.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1435,7 +1435,7 @@ pub(crate) fn export_to_oci(
new_config.history_mut().clear();
new_config.rootfs_mut().diff_ids_mut().clear();

let mut dest_oci = ocidir::OciDir::ensure(dest_oci)?;
let mut dest_oci = ocidir::OciDir::ensure(dest_oci.try_clone()?)?;

let opts = ExportOpts {
skip_compression: opts.skip_compression,
Expand Down
6 changes: 2 additions & 4 deletions ostree-ext/src/container/update_detachedmeta.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,12 +41,10 @@ pub async fn update_detached_metadata(
// Open the temporary OCI directory.
let tempsrc = Dir::open_ambient_dir(tempsrc_ref_path, cap_std::ambient_authority())
.context("Opening src")?;
let tempsrc = ocidir::OciDir::open(&tempsrc)?;
let tempsrc = ocidir::OciDir::open(tempsrc)?;

// Load the manifest, platform, and config
let idx = tempsrc
.read_index()?
.ok_or(anyhow!("Reading image index from source"))?;
let idx = tempsrc.read_index()?;
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Consider handling the error case where read_index fails. Currently, the error is not handled, which could lead to unexpected program termination.

Suggested change
let idx = tempsrc.read_index()?;
let idx = tempsrc.read_index()?;

Copy link
Collaborator Author

@cgwalters cgwalters Jun 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Gemini is apparently just confused by us dropping a ?, clearly the error is still handled

let manifest_descriptor = idx
.manifests()
.first()
Expand Down
6 changes: 3 additions & 3 deletions ostree-ext/src/fixture.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -973,7 +973,7 @@ impl NonOstreeFixture {
// Create the src/ directory
dir.create_dir_all(Self::SRCOCI)?;
let src_oci = dir.open_dir(Self::SRCOCI)?;
let src_oci = ocidir::OciDir::ensure(&src_oci)?;
let src_oci = ocidir::OciDir::ensure(src_oci)?;

dir.create_dir("dest")?;
let destrepo = ostree::Repo::create_at_dir(
Expand Down Expand Up @@ -1004,7 +1004,7 @@ impl NonOstreeFixture {
};

let mut config = ImageConfigurationBuilder::default().build().unwrap();
let mut manifest = ocidir::new_empty_manifest().build().unwrap();
let mut manifest = self.src_oci.new_empty_manifest()?.build().unwrap();
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Consider handling the error case where new_empty_manifest fails. Currently, it's unwrapped, which could lead to unexpected program termination.

Suggested change
let mut manifest = self.src_oci.new_empty_manifest()?.build().unwrap();
let mut manifest = self.src_oci.new_empty_manifest()?;


let bw = self.src_oci.create_gzip_layer(None)?;
let mut bw = tar::Builder::new(bw);
Expand Down Expand Up @@ -1034,7 +1034,7 @@ impl NonOstreeFixture {
manifest.set_config(config);
self.src_oci
.replace_with_single_manifest(manifest, oci_image::Platform::default())?;
let idx = self.src_oci.read_index()?.unwrap();
let idx = self.src_oci.read_index()?;
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot Jun 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Consider handling the error case where read_index fails. Currently, the error is not handled, which could lead to unexpected program termination.

Suggested change
let idx = self.src_oci.read_index()?;
let idx = self.src_oci.read_index()?;

let descriptor = idx.manifests().first().unwrap();

Ok((imgref, descriptor.digest().to_owned()))
Expand Down
Loading