Add SOCI CLI root flag

This change adds --root flag for the soci command and refactors common
code with the snapshotter grpc for similar logic.

Signed-off-by: Austin Vazquez <[email protected]>

Author: austinvazquez

cmd/soci-snapshotter-grpc/main.go

@@ -55,6 +55,7 @@ import (
 	"github.com/awslabs/soci-snapshotter/service"
 	"github.com/awslabs/soci-snapshotter/service/keychain/cri/v1"
 	crialpha "github.com/awslabs/soci-snapshotter/service/keychain/cri/v1alpha"
+	"github.com/awslabs/soci-snapshotter/soci"
 
 	"github.com/awslabs/soci-snapshotter/service/keychain/dockerconfig"
 	"github.com/awslabs/soci-snapshotter/service/keychain/kubeconfig"
@@ -84,7 +85,6 @@ const (
 	defaultAddress    = "/run/soci-snapshotter-grpc/soci-snapshotter-grpc.sock"
 	defaultConfigPath = "/etc/soci-snapshotter-grpc/config.toml"
 	defaultLogLevel   = logrus.InfoLevel
-	defaultRootDir    = "/var/lib/soci-snapshotter-grpc"
 )
 
 // logLevel of Debug or Trace may emit sensitive information
@@ -93,7 +93,7 @@ var (
 	address      = flag.String("address", defaultAddress, "address for the snapshotter's GRPC server")
 	configPath   = flag.String("config", defaultConfigPath, "path to the configuration file")
 	logLevel     = flag.String("log-level", defaultLogLevel.String(), "set the logging level [trace, debug, info, warn, error, fatal, panic]")
-	rootDir      = flag.String("root", defaultRootDir, "path to the root directory for this snapshotter")
+	rootDir      = flag.String("root", config.DefaultSociSnapshotterRootPath, "path to the root directory for this snapshotter")
 	printVersion = flag.Bool("version", false, "print the version")
 )
 
@@ -361,7 +361,7 @@ func listen(ctx context.Context, address string) (net.Listener, error) {
 
 func listenUnix(addr string) (net.Listener, error) {
 	// Prepare the directory for the socket
-	if err := os.MkdirAll(filepath.Dir(addr), 0700); err != nil {
+	if err := soci.EnsureSnapshotterRootPath(filepath.Dir(addr)); err != nil {
 		return nil, fmt.Errorf("failed to create directory %q: %w", filepath.Dir(addr), err)
 	}
 

cmd/soci/commands/convert.go

@@ -19,11 +19,9 @@ package commands
 import (
 	"errors"
 	"fmt"
-	"os"
 	"strings"
 
 	"github.com/awslabs/soci-snapshotter/cmd/soci/commands/internal"
-	"github.com/awslabs/soci-snapshotter/config"
 	"github.com/awslabs/soci-snapshotter/soci"
 	"github.com/awslabs/soci-snapshotter/soci/store"
 	"github.com/containerd/containerd/errdefs"
@@ -118,23 +116,13 @@ var ConvertCommand = cli.Command{
 		}
 		spanSize := cliContext.Int64(spanSizeFlag)
 		minLayerSize := cliContext.Int64(minLayerSizeFlag)
-		// Creating the snapshotter's root path first if it does not exist, since this ensures, that
-		// it has the limited permission set as drwx--x--x.
-		// The subsequent oci.New creates a root path dir with too broad permission set.
-		if _, err := os.Stat(config.SociSnapshotterRootPath); os.IsNotExist(err) {
-			if err = os.Mkdir(config.SociSnapshotterRootPath, 0711); err != nil {
-				return err
-			}
-		} else if err != nil {
-			return err
-		}
 
 		blobStore, err := store.NewContentStore(internal.ContentStoreOptions(cliContext)...)
 		if err != nil {
 			return err
 		}
 
-		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath())
+		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}

cmd/soci/commands/create.go

@@ -19,10 +19,8 @@ package commands
 import (
 	"errors"
 	"fmt"
-	"os"
 
 	"github.com/awslabs/soci-snapshotter/cmd/soci/commands/internal"
-	"github.com/awslabs/soci-snapshotter/config"
 	"github.com/awslabs/soci-snapshotter/soci"
 	"github.com/awslabs/soci-snapshotter/soci/store"
 	"github.com/urfave/cli"
@@ -92,16 +90,6 @@ var CreateCommand = cli.Command{
 		}
 		spanSize := cliContext.Int64(spanSizeFlag)
 		minLayerSize := cliContext.Int64(minLayerSizeFlag)
-		// Creating the snapshotter's root path first if it does not exist, since this ensures, that
-		// it has the limited permission set as drwx--x--x.
-		// The subsequent oci.New creates a root path dir with too broad permission set.
-		if _, err := os.Stat(config.SociSnapshotterRootPath); os.IsNotExist(err) {
-			if err = os.Mkdir(config.SociSnapshotterRootPath, 0711); err != nil {
-				return err
-			}
-		} else if err != nil {
-			return err
-		}
 
 		blobStore, err := store.NewContentStore(internal.ContentStoreOptions(cliContext)...)
 		if err != nil {
@@ -113,7 +101,7 @@ var CreateCommand = cli.Command{
 			return err
 		}
 
-		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath())
+		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}
@@ -127,7 +115,6 @@ var CreateCommand = cli.Command{
 		}
 
 		builder, err := soci.NewIndexBuilder(cs, blobStore, builderOpts...)
-
 		if err != nil {
 			return err
 		}

cmd/soci/commands/index/info.go

@@ -44,7 +44,7 @@ var infoCommand = cli.Command{
 		if err != nil {
 			return err
 		}
-		db, err := soci.NewDB(soci.ArtifactsDbPath())
+		db, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}

cmd/soci/commands/index/list.go

@@ -132,7 +132,7 @@ var listCommand = cli.Command{
 			f = anyMatch(filters)
 		}
 
-		db, err := soci.NewDB(soci.ArtifactsDbPath())
+		db, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}

cmd/soci/commands/index/rm.go

@@ -51,7 +51,7 @@ var rmCommand = cli.Command{
 			return fmt.Errorf("cannot create local content store: %w", err)
 		}
 
-		db, err := soci.NewDB(soci.ArtifactsDbPath())
+		db, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}

cmd/soci/commands/push.go

@@ -99,7 +99,7 @@ if they are available in the snapshotter's local content store.
 			return err
 		}
 
-		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath())
+		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}

cmd/soci/commands/rebuild_db.go

@@ -41,7 +41,7 @@ var RebuildDBCommand = cli.Command{
 		}
 		defer cancel()
 		containerdContentStore := client.ContentStore()
-		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath())
+		artifactsDb, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}

cmd/soci/commands/ztoc/get-file.go

@@ -65,7 +65,12 @@ var getFileCommand = cli.Command{
 			return err
 		}
 
-		layerReader, err := getLayer(ctx, ztocDigest, client.ContentStore())
+		artifactsDB, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
+		if err != nil {
+			return err
+		}
+
+		layerReader, err := getLayer(ctx, artifactsDB, ztocDigest, client.ContentStore())
 		if err != nil {
 			return err
 		}
@@ -101,11 +106,7 @@ func getZtoc(ctx context.Context, cliContext *cli.Context, d digest.Digest) (*zt
 	return ztoc.Unmarshal(reader)
 }
 
-func getLayer(ctx context.Context, ztocDigest digest.Digest, cs content.Store) (content.ReaderAt, error) {
-	metadata, err := soci.NewDB(soci.ArtifactsDbPath())
-	if err != nil {
-		return nil, err
-	}
+func getLayer(ctx context.Context, metadata *soci.ArtifactsDb, ztocDigest digest.Digest, cs content.Store) (content.ReaderAt, error) {
 	artifact, err := metadata.GetArtifactEntry(ztocDigest.String())
 	if err != nil {
 		return nil, err

cmd/soci/commands/ztoc/info.go

@@ -59,7 +59,7 @@ var infoCommand = cli.Command{
 		if err != nil {
 			return err
 		}
-		db, err := soci.NewDB(soci.ArtifactsDbPath())
+		db, err := soci.NewDB(soci.ArtifactsDbPath(cliContext.GlobalString("root")))
 		if err != nil {
 			return err
 		}