feat: support for real docker image downloads & test

Implemented:

* A Registry interface with default DockerHubRegistry
* The `Pull` function to fetch manifests and layers using the `Registry` interface
* `run` will use new `Pull`

Unit tests for `FetchManifest` and `FetchLayer` methods using HTTP server (mock)

Author: j143

image.go

@@ -1,8 +1,10 @@
 package main
 
 import (
+	"encoding/json"
 	"fmt"
 	"io"
+	"net/http"
 	"os"
 	"os/exec"
 	"path/filepath"
@@ -44,6 +46,55 @@ type Registry interface {
 	FetchLayer(repo, digest string) (io.ReadCloser, error)
 }
 
+// DockerHubRegistry is a default implementation of the Registry interface for Docker Hub.
+type DockerHubRegistry struct {
+	BaseURL string
+}
+
+// NewDockerHubRegistry creates a new instance of DockerHubRegistry.
+func NewDockerHubRegistry() *DockerHubRegistry {
+	return &DockerHubRegistry{
+		BaseURL: "https://registry-1.docker.io/v2/",
+	}
+}
+
+// FetchManifest fetches the manifest for a given repository and tag.
+func (r *DockerHubRegistry) FetchManifest(repo, tag string) (*Manifest, error) {
+	url := fmt.Sprintf("%s%s/manifests/%s", r.BaseURL, repo, tag)
+	resp, err := http.Get(url)
+	if err != nil {
+		return nil, fmt.Errorf("failed to fetch manifest: %w", err)
+	}
+	defer resp.Body.Close()
+
+	if resp.StatusCode != http.StatusOK {
+		return nil, fmt.Errorf("unexpected status code: %d", resp.StatusCode)
+	}
+
+	var manifest Manifest
+	if err := json.NewDecoder(resp.Body).Decode(&manifest); err != nil {
+		return nil, fmt.Errorf("failed to decode manifest: %w", err)
+	}
+
+	return &manifest, nil
+}
+
+// FetchLayer fetches a specific layer by its digest.
+func (r *DockerHubRegistry) FetchLayer(repo, digest string) (io.ReadCloser, error) {
+	url := fmt.Sprintf("%s%s/blobs/%s", r.BaseURL, repo, digest)
+	resp, err := http.Get(url)
+	if err != nil {
+		return nil, fmt.Errorf("failed to fetch layer: %w", err)
+	}
+
+	if resp.StatusCode != http.StatusOK {
+		resp.Body.Close()
+		return nil, fmt.Errorf("unexpected status code: %d", resp.StatusCode)
+	}
+
+	return resp.Body, nil
+}
+
 // Manifest represents the structure of an image manifest
 type Manifest struct {
 	Config struct {

image_test.go

@@ -5,6 +5,9 @@ import (
 	"path/filepath"
 	"strings"
 	"testing"
+	"net/http"
+	"net/http/httptest"
+	"io/ioutil"
 )
 
 // Test Scenarios Documentation
@@ -13,8 +16,16 @@ import (
 // - Verifies that the ListImages function correctly lists available images.
 // - Setup: Creates a temporary directory and a mock image directory.
 // - Expected Outcome: The output of ListImages should include the mock image name.
-
-// Additional test scenarios can be documented here as new tests are added.
+//
+// TestDockerHubRegistry_FetchManifest:
+// - Verifies the FetchManifest method of DockerHubRegistry using a mock HTTP server.
+// - Setup: Creates a mock server to simulate Docker Hub API responses.
+// - Expected Outcome: The manifest returned by FetchManifest should match the mock data.
+//
+// TestDockerHubRegistry_FetchLayer:
+// - Verifies the FetchLayer method of DockerHubRegistry using a mock HTTP server.
+// - Setup: Creates a mock server to simulate Docker Hub API responses.
+// - Expected Outcome: The layer content returned by FetchLayer should match the mock data.
 
 func TestListImages(t *testing.T) {
 	baseDir := filepath.Join(os.TempDir(), "basic-docker")
@@ -60,4 +71,79 @@ func captureOutput(f func()) string {
 
 func contains(output, substring string) bool {
 	return strings.Contains(output, substring)
+}
+
+// TestDockerHubRegistry_FetchManifest tests the FetchManifest method of DockerHubRegistry
+func TestDockerHubRegistry_FetchManifest(t *testing.T) {
+	// Mock server to simulate Docker Hub API
+	handler := http.NewServeMux()
+	handler.HandleFunc("/v2/library/busybox/manifests/latest", func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set("Content-Type", "application/json")
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte(`{
+			"config": {"digest": "sha256:configdigest"},
+			"layers": [
+				{"digest": "sha256:layer1digest"},
+				{"digest": "sha256:layer2digest"}
+			]
+		}`))
+	})
+
+	server := httptest.NewServer(handler)
+	defer server.Close()
+
+	// Create a DockerHubRegistry instance with the mock server URL
+	registry := &DockerHubRegistry{BaseURL: server.URL + "/v2/"}
+
+	// Call FetchManifest
+	manifest, err := registry.FetchManifest("library/busybox", "latest")
+	if err != nil {
+		t.Fatalf("FetchManifest failed: %v", err)
+	}
+
+	// Verify the manifest content
+	if manifest.Config.Digest != "sha256:configdigest" {
+		t.Errorf("Expected config digest 'sha256:configdigest', got '%s'", manifest.Config.Digest)
+	}
+	if len(manifest.Layers) != 2 {
+		t.Errorf("Expected 2 layers, got %d", len(manifest.Layers))
+	}
+	if manifest.Layers[0].Digest != "sha256:layer1digest" {
+		t.Errorf("Expected first layer digest 'sha256:layer1digest', got '%s'", manifest.Layers[0].Digest)
+	}
+	if manifest.Layers[1].Digest != "sha256:layer2digest" {
+		t.Errorf("Expected second layer digest 'sha256:layer2digest', got '%s'", manifest.Layers[1].Digest)
+	}
+}
+
+// TestDockerHubRegistry_FetchLayer tests the FetchLayer method of DockerHubRegistry
+func TestDockerHubRegistry_FetchLayer(t *testing.T) {
+	// Mock server to simulate Docker Hub API
+	handler := http.NewServeMux()
+	handler.HandleFunc("/v2/library/busybox/blobs/sha256:layer1digest", func(w http.ResponseWriter, r *http.Request) {
+		w.WriteHeader(http.StatusOK)
+		w.Write([]byte("layer1content"))
+	})
+
+	server := httptest.NewServer(handler)
+	defer server.Close()
+
+	// Create a DockerHubRegistry instance with the mock server URL
+	registry := &DockerHubRegistry{BaseURL: server.URL + "/v2/"}
+
+	// Call FetchLayer
+	reader, err := registry.FetchLayer("library/busybox", "sha256:layer1digest")
+	if err != nil {
+		t.Fatalf("FetchLayer failed: %v", err)
+	}
+	defer reader.Close()
+
+	// Verify the layer content
+	content, err := ioutil.ReadAll(reader)
+	if err != nil {
+		t.Fatalf("Failed to read layer content: %v", err)
+	}
+	if string(content) != "layer1content" {
+		t.Errorf("Expected layer content 'layer1content', got '%s'", string(content))
+	}
 }

main.go

@@ -306,119 +306,49 @@ func printSystemInfo() {
 	fmt.Printf("  - Filesystem isolation: true\n")
 }
 
+// Update the run function to use the new Pull logic
 func run() {
-	// Adjust the path to include the mock image directory during testing
-	if os.Getenv("TEST_ENV") == "true" {
-		os.Setenv("PATH", os.Getenv("PATH")+":"+imagesDir)
+	if len(os.Args) < 3 {
+		fmt.Println("Error: Image name required for run")
+		os.Exit(1)
 	}
 
-	// Generate a container ID
-	containerID := fmt.Sprintf("container-%d", time.Now().Unix())
-	fmt.Printf("Starting container %s\n", containerID)
-
-	// Check if the image exists before proceeding
 	imageName := os.Args[2]
-	imagePath := filepath.Join(imagesDir, imageName)
-	if _, err := os.Stat(imagePath); os.IsNotExist(err) {
-		fmt.Printf("Image '%s' not found. Fetching the image...\n", imageName)
-		if err := fetchImage(imageName); err != nil {
-			fmt.Printf("Error: Failed to fetch image '%s': %v\n", imageName, err)
-			os.Exit(1)
-		}
-		fmt.Printf("Image '%s' fetched successfully.\n", imageName)
+	registry := NewDockerHubRegistry()
+
+	fmt.Printf("Fetching image '%s'...\n", imageName)
+	image, err := Pull(registry, imageName)
+	if err != nil {
+		fmt.Printf("Error: Failed to fetch image '%s': %v\n", imageName, err)
+		os.Exit(1)
 	}
+	fmt.Printf("Image '%s' fetched successfully.\n", imageName)
 
 	// Create rootfs for this container
+	containerID := fmt.Sprintf("container-%d", time.Now().Unix())
 	rootfs := filepath.Join(baseDir, "containers", containerID, "rootfs")
 
-	// Instead of calling createMinimalRootfs directly:
-	// 1. Create a base layer if it doesn't exist
-	baseLayerID := "base-layer"
-	baseLayerPath := filepath.Join(baseDir, "layers", baseLayerID)
-
-	if _, err := os.Stat(baseLayerPath); os.IsNotExist(err) {
-		// Create the base layer
-		if err := os.MkdirAll(baseLayerPath, 0755); err != nil {
-			fmt.Printf("Error creating base layer directory: %v\n", err)
-			os.Exit(1)
-		}
-
-		// Initialize the base layer with minimal rootfs content
-		must(initializeBaseLayer(baseLayerPath))
-
-		// Save layer metadata
-		layer := ImageLayer{
-			ID:            baseLayerID,
-			Created:       time.Now(),
-			BaseLayerPath: baseLayerPath,
-		}
-
-		if err := saveLayerMetadata(layer); err != nil {
-			fmt.Printf("Warning: Failed to save layer metadata: %v\n", err)
-		}
-	}
-
-	// Fix permission issue by ensuring correct ownership and permissions for the base layer
-	if err := os.Chmod(baseLayerPath, 0755); err != nil {
-		fmt.Printf("Error setting permissions for base layer: %v\n", err)
+	if err := os.MkdirAll(rootfs, 0755); err != nil {
+		fmt.Printf("Error: Failed to create rootfs for container '%s': %v\n", containerID, err)
 		os.Exit(1)
 	}
 
-	// 2. Create an app layer for this specific container (optional)
-	appLayerID := "app-layer-" + containerID
-	appLayerPath := filepath.Join(baseDir, "layers", appLayerID)
-
-	// Use the appLayerID variable to log its creation
-	fmt.Printf("App layer created with ID: %s\n", appLayerID)
-
-	// You could add container-specific files to the app layer here
-	// For now, we'll just use the base layer
-
-	// Save layer metadata including app layer path
-	layer := ImageLayer{
-		ID:            appLayerID,
-		Created:       time.Now(),
-		BaseLayerPath: baseLayerPath,
-		AppLayerPath:  appLayerPath,
-	}
-
-	if err := saveLayerMetadata(layer); err != nil {
-		fmt.Printf("Warning: Failed to save layer metadata: %v\n", err)
-	}
-
-	// 3. Mount the layers to create the container rootfs
-	layers := []string{baseLayerID} // Add appLayerID if you created one
-	must(mountLayeredFilesystem(layers, rootfs))
-
-	// Write the PID of the current process to a file
-	pidFile := filepath.Join(baseDir, "containers", containerID, "pid")
-	fmt.Printf("Debug: Writing PID file for container %s at %s\n", containerID, pidFile)
-	fmt.Printf("Debug: Current process PID is %d\n", os.Getpid())
-	if err := os.WriteFile(pidFile, []byte(fmt.Sprintf("%d", os.Getpid())), 0644); err != nil {
-		fmt.Printf("Error: Failed to write PID file for container %s: %v\n", containerID, err)
+	if err := copyDir(image.RootFS, rootfs); err != nil {
+		fmt.Printf("Error: Failed to copy rootfs for container '%s': %v\n", containerID, err)
 		os.Exit(1)
 	}
 
-	// Fix deadlock by adding a timeout mechanism
-	if len(os.Args) < 4 {
-		fmt.Println("No command provided. Keeping the container process alive with a timeout.")
-		timeout := time.After(10 * time.Minute) // Set a timeout of 10 minutes
-		select {
-		case <-timeout:
-			fmt.Println("Timeout reached. Exiting container process.")
-			os.Exit(0)
-		}
-	}
+	fmt.Printf("Starting container %s\n", containerID)
 
-	// Update the fallback logic to avoid using unshare entirely in limited isolation
-	if hasNamespacePrivileges && !inContainer {
-		// Full isolation approach for pure Linux environments
-		runWithNamespaces(containerID, rootfs, os.Args[2], os.Args[3:])
-	} else {
-		runWithoutNamespaces(containerID, rootfs, os.Args[2], os.Args[3:])
+	// Execute the command in the container
+	if len(os.Args) < 4 {
+		fmt.Println("Error: Command required for run")
+		os.Exit(1)
 	}
 
-	fmt.Printf("Container %s exited\n", containerID)
+	command := os.Args[3]
+	args := os.Args[4:]
+	runWithoutNamespaces(containerID, rootfs, command, args)
 }
 
 func initializeBaseLayer(baseLayerPath string) error {