-
Notifications
You must be signed in to change notification settings - Fork 79
Package subfolders #249
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
Merged
Package subfolders #249
Changes from all commits
Commits
Show all changes
17 commits
Select commit
Hold shift + click to select a range
94d5fe1
feat(builder): add support for directory tar archives in artifact cre…
ilopezluna 5041450
feat(packaging): add tests for directory tar archive creation and unp…
ilopezluna 7df30ba
feat(package): add support for packaging directories as tar archives
ilopezluna 91ca308
feat(packaging): implement CreateDirectoryTarArchive function for cre…
ilopezluna 2867491
refactor(unpack): streamline tar extraction by removing temporary fil…
ilopezluna f39c0e6
feat(packaging): skip symlinks during tar archive creation for securi…
ilopezluna 0d8e66a
make docs
ilopezluna 38faf8c
refactor(package): consolidate cleanup of temporary tar files
ilopezluna eea47c1
Update pkg/distribution/packaging/dirtar.go
ilopezluna f9cdf1c
Update pkg/distribution/packaging/dirtar.go
ilopezluna f5eb167
Update pkg/distribution/internal/bundle/unpack.go
ilopezluna 03a367f
refactor(package): remove temporary file cleanup from tar archive cre…
ilopezluna 8117b06
Merge remote-tracking branch 'origin/package-subfolders' into package…
ilopezluna 66cbf1c
refactor(unpack): change error logging to warning for media type retr…
ilopezluna bfa9860
remove unnecessary blank line before file copy operation
ilopezluna 5923794
add validation for relative dir-tar paths to prevent directory traversal
ilopezluna 59bb314
Update pkg/distribution/packaging/dirtar.go
ilopezluna File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Some comments aren't visible on the classic Files Changed page.
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -106,6 +106,18 @@ func newPackagedCmd() *cobra.Command { | |||||
| } | ||||||
| opts.licensePaths[i] = filepath.Clean(l) | ||||||
| } | ||||||
|
|
||||||
| // Validate dir-tar paths are relative (not absolute) | ||||||
| for _, dirPath := range opts.dirTarPaths { | ||||||
| if filepath.IsAbs(dirPath) { | ||||||
| return fmt.Errorf( | ||||||
| "dir-tar path must be relative, got absolute path: %s\n\n"+ | ||||||
| "See 'docker model package --help' for more information", | ||||||
| dirPath, | ||||||
| ) | ||||||
| } | ||||||
| } | ||||||
|
|
||||||
| return nil | ||||||
| }, | ||||||
| RunE: func(cmd *cobra.Command, args []string) error { | ||||||
|
|
@@ -123,6 +135,7 @@ func newPackagedCmd() *cobra.Command { | |||||
| c.Flags().StringVar(&opts.safetensorsDir, "safetensors-dir", "", "absolute path to directory containing safetensors files and config") | ||||||
| c.Flags().StringVar(&opts.chatTemplatePath, "chat-template", "", "absolute path to chat template file (must be Jinja format)") | ||||||
| c.Flags().StringArrayVarP(&opts.licensePaths, "license", "l", nil, "absolute path to a license file") | ||||||
| c.Flags().StringArrayVar(&opts.dirTarPaths, "dir-tar", nil, "relative path to directory to package as tar (can be specified multiple times)") | ||||||
ilopezluna marked this conversation as resolved.
Show resolved
Hide resolved
|
||||||
| c.Flags().StringArrayVar(&opts.dirTarPaths, "dir-tar", nil, "relative path to directory to package as tar (can be specified multiple times)") | |
| c.Flags().StringArrayVar(&opts.dirTarPaths, "dir-tar", nil, "relative path (from --safetensors-dir, or from the GGUF file's directory) to a directory to package as a tar archive; can be specified multiple times") |
Comment on lines
+249
to
+253
Copilot
AI
Oct 17, 2025
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[nitpick] This re-enforces the absolute-path check already performed in PreRunE. To reduce duplication, either rely on the earlier validation or extract a shared helper used by both call sites.
Comment on lines
+260
to
+266
Copilot
AI
Oct 17, 2025
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[nitpick] The manual prefix check for '..' is a bit brittle to read. Consider using strings.HasPrefix(relPath, ".."+string(filepath.Separator)) or extracting a small helper for clarity and consistency with similar validations.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -28,6 +28,17 @@ options: | |||||
| experimentalcli: false | ||||||
| kubernetes: false | ||||||
| swarm: false | ||||||
| - option: dir-tar | ||||||
| value_type: stringArray | ||||||
| default_value: '[]' | ||||||
| description: | | ||||||
| relative path to directory to package as tar (can be specified multiple times) | ||||||
|
||||||
| relative path to directory to package as tar (can be specified multiple times) | |
| relative path (from --safetensors-dir, or from the GGUF file's directory) to a directory to package as a tar archive; can be specified multiple times |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
|
|
@@ -11,6 +11,7 @@ When packaging a Safetensors model, --safetensors-dir should point to a director | |||||
| |:--------------------|:--------------|:--------|:---------------------------------------------------------------------------------------| | ||||||
| | `--chat-template` | `string` | | absolute path to chat template file (must be Jinja format) | | ||||||
| | `--context-size` | `uint64` | `0` | context size in tokens | | ||||||
| | `--dir-tar` | `stringArray` | | relative path to directory to package as tar (can be specified multiple times) | | ||||||
|
||||||
| | `--dir-tar` | `stringArray` | | relative path to directory to package as tar (can be specified multiple times) | | |
| | `--dir-tar` | `stringArray` | | relative (to --safetensors-dir, or to the directory containing --gguf) path to a directory to package as a tar archive; can be specified multiple times | |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -102,6 +102,18 @@ func (b *Builder) WithConfigArchive(path string) (*Builder, error) { | |
| }, nil | ||
| } | ||
|
|
||
| // WithDirTar adds a directory tar archive to the artifact. | ||
| // Multiple directory tar archives can be added by calling this method multiple times. | ||
| func (b *Builder) WithDirTar(path string) (*Builder, error) { | ||
| dirTarLayer, err := partial.NewLayer(path, types.MediaTypeDirTar) | ||
| if err != nil { | ||
| return nil, fmt.Errorf("dir tar layer from %q: %w", path, err) | ||
| } | ||
| return &Builder{ | ||
| model: mutate.AppendLayers(b.model, dirTarLayer), | ||
| }, nil | ||
| } | ||
|
|
||
|
Comment on lines
+105
to
+116
|
||
| // Target represents a build target | ||
| type Target interface { | ||
| Write(context.Context, types.ModelArtifact, io.Writer) error | ||
|
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,116 @@ | ||
| package packaging | ||
|
|
||
| import ( | ||
| "archive/tar" | ||
| "fmt" | ||
| "io" | ||
| "os" | ||
| "path/filepath" | ||
| ) | ||
|
|
||
| // CreateDirectoryTarArchive creates a temporary tar archive containing the specified directory | ||
| // with its structure preserved. Symlinks encountered in the directory are skipped and will not be included | ||
| // in the archive. It returns the path to the temporary tar file and any error encountered. | ||
| // The caller is responsible for removing the temporary file when done. | ||
| func CreateDirectoryTarArchive(dirPath string) (string, error) { | ||
| // Verify directory exists | ||
| info, err := os.Stat(dirPath) | ||
| if err != nil { | ||
| return "", fmt.Errorf("stat directory: %w", err) | ||
| } | ||
| if !info.IsDir() { | ||
| return "", fmt.Errorf("path is not a directory: %s", dirPath) | ||
| } | ||
|
|
||
| // Create temp file | ||
| tmpFile, err := os.CreateTemp("", "dir-tar-*.tar") | ||
| if err != nil { | ||
| return "", fmt.Errorf("create temp file: %w", err) | ||
| } | ||
| tmpPath := tmpFile.Name() | ||
|
|
||
| // Track success to determine if we should clean up the temp file | ||
| shouldKeepTempFile := false | ||
| defer func() { | ||
| if !shouldKeepTempFile { | ||
| os.Remove(tmpPath) | ||
| } | ||
| }() | ||
|
|
||
| // Create tar writer | ||
| tw := tar.NewWriter(tmpFile) | ||
|
|
||
| // Walk the directory tree | ||
| err = filepath.Walk(dirPath, func(path string, info os.FileInfo, err error) error { | ||
ilopezluna marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| if err != nil { | ||
| return err | ||
| } | ||
| if info == nil { | ||
| return fmt.Errorf("nil FileInfo for path: %s", path) | ||
| } | ||
| // Skip symlinks - they're not needed for model distribution and are | ||
| // skipped during extraction for security reasons | ||
| if info.Mode()&os.ModeSymlink != 0 { | ||
| return nil | ||
| } | ||
|
|
||
| // Create tar header | ||
| header, err := tar.FileInfoHeader(info, "") | ||
| if err != nil { | ||
| return fmt.Errorf("create tar header for %s: %w", path, err) | ||
| } | ||
|
|
||
| // Compute relative path from the parent of dirPath | ||
| relPath, err := filepath.Rel(filepath.Dir(dirPath), path) | ||
| if err != nil { | ||
| return fmt.Errorf("compute relative path: %w", err) | ||
| } | ||
|
|
||
| // Use forward slashes for tar archive paths | ||
| header.Name = filepath.ToSlash(relPath) | ||
|
|
||
| // Write header | ||
| if err := tw.WriteHeader(header); err != nil { | ||
| return fmt.Errorf("write tar header: %w", err) | ||
| } | ||
|
|
||
| // If it's a file, write its contents | ||
| if !info.IsDir() { | ||
| file, err := os.Open(path) | ||
sourcery-ai[bot] marked this conversation as resolved.
Show resolved
Hide resolved
|
||
| if err != nil { | ||
| return fmt.Errorf("open file %s: %w", path, err) | ||
| } | ||
|
|
||
| // Copy file contents | ||
| if _, err := io.Copy(tw, file); err != nil { | ||
| file.Close() | ||
| return fmt.Errorf("write tar content for %s: %w", path, err) | ||
| } | ||
| if err := file.Close(); err != nil { | ||
| return fmt.Errorf("close file %s: %w", path, err) | ||
| } | ||
| } | ||
|
|
||
| return nil | ||
| }) | ||
|
|
||
| if err != nil { | ||
| tw.Close() | ||
| tmpFile.Close() | ||
| return "", fmt.Errorf("walk directory: %w", err) | ||
| } | ||
|
|
||
| // Close tar writer | ||
| if err := tw.Close(); err != nil { | ||
| tmpFile.Close() | ||
| return "", fmt.Errorf("close tar writer: %w", err) | ||
| } | ||
|
|
||
| // Close temp file | ||
| if err := tmpFile.Close(); err != nil { | ||
| return "", fmt.Errorf("close temp file: %w", err) | ||
| } | ||
|
|
||
| shouldKeepTempFile = true | ||
| return tmpPath, nil | ||
| } | ||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[nitpick] Absolute-path validation for --dir-tar is duplicated here and again during processing. Consider centralizing this check (e.g., in PreRunE only or a small helper) to avoid drift and keep validation in one place.