diff --git a/0019-add-g_oci_image_module_data-in-oci-image-module.patch b/0019-add-g_oci_image_module_data-in-oci-image-module.patch new file mode 100644 index 0000000..33d260c --- /dev/null +++ b/0019-add-g_oci_image_module_data-in-oci-image-module.patch @@ -0,0 +1,638 @@ +From 0f4d5658caf7e3870b126c3e2314cfc1edc35419 Mon Sep 17 00:00:00 2001 +From: zhangxiaoyu +Date: Tue, 1 Dec 2020 14:39:59 +0800 +Subject: [PATCH] add g_oci_image_module_data in oci image module + +Signed-off-by: zhangxiaoyu +--- + src/daemon/modules/image/CMakeLists.txt | 2 - + src/daemon/modules/image/oci/oci_image.c | 93 ++++++++++++++++++- + src/daemon/modules/image/oci/oci_image.h | 13 +++ + src/daemon/modules/image/oci/oci_load.c | 7 +- + src/daemon/modules/image/oci/oci_login.c | 10 +- + src/daemon/modules/image/oci/oci_pull.c | 13 ++- + .../modules/image/oci/registry/registry.c | 14 ++- + src/daemon/modules/image/oci/utils_images.c | 25 ++--- + src/daemon/modules/image/oci/utils_images.h | 5 +- + test/image/oci/registry/CMakeLists.txt | 2 - + test/image/oci/registry/registry_ut.cc | 56 ++++++----- + test/mocks/oci_image_mock.cc | 8 ++ + test/mocks/oci_image_mock.h | 1 + + 13 files changed, 182 insertions(+), 67 deletions(-) + +diff --git a/src/daemon/modules/image/CMakeLists.txt b/src/daemon/modules/image/CMakeLists.txt +index a92799a0..00a096e3 100644 +--- a/src/daemon/modules/image/CMakeLists.txt ++++ b/src/daemon/modules/image/CMakeLists.txt +@@ -67,8 +67,6 @@ add_library(${LIB_ISULAD_IMG} ${LIBTYPE} + ${CMAKE_SOURCE_DIR}/src/utils/buffer/buffer.c + ${CMAKE_SOURCE_DIR}/src/daemon/common/err_msg.c + ${CMAKE_SOURCE_DIR}/src/daemon/common/selinux_label.c +- ${CMAKE_SOURCE_DIR}/src/daemon/config/isulad_config.c +- ${CMAKE_SOURCE_DIR}/src/daemon/config/daemon_arguments.c + ${CMAKE_SOURCE_DIR}/src/daemon/common/sysinfo.c + ${CMAKE_SOURCE_DIR}/src/utils/tar/isulad_tar.c + ${CMAKE_SOURCE_DIR}/src/utils/tar/util_archive.c +diff --git a/src/daemon/modules/image/oci/oci_image.c b/src/daemon/modules/image/oci/oci_image.c +index f4fa1e88..461fbf10 100644 +--- a/src/daemon/modules/image/oci/oci_image.c ++++ b/src/daemon/modules/image/oci/oci_image.c +@@ -39,6 +39,90 @@ + + #define IMAGE_NOT_KNOWN_ERR "image not known" + ++struct oci_image_module_data g_oci_image_module_data = { 0 }; ++ ++static void free_oci_image_data(void) ++{ ++ free(g_oci_image_module_data.root_dir); ++ g_oci_image_module_data.root_dir = NULL; ++ ++ g_oci_image_module_data.use_decrypted_key = false; ++ g_oci_image_module_data.insecure_skip_verify_enforce = false; ++ ++ util_free_array_by_len(g_oci_image_module_data.registry_mirrors, g_oci_image_module_data.registry_mirrors_len); ++ g_oci_image_module_data.registry_mirrors = NULL; ++ g_oci_image_module_data.registry_mirrors_len = 0; ++ ++ util_free_array_by_len(g_oci_image_module_data.insecure_registries, g_oci_image_module_data.insecure_registries_len); ++ g_oci_image_module_data.insecure_registries = NULL; ++ g_oci_image_module_data.insecure_registries_len = 0; ++} ++ ++static int oci_image_data_init(const isulad_daemon_configs *args) ++{ ++ int nret = 0; ++ size_t i; ++ char *p = NULL; ++ ++ if (args->graph == NULL) { ++ ERROR("args graph NULL"); ++ return -1; ++ } ++ g_oci_image_module_data.root_dir = util_strdup_s(args->graph); ++ ++ g_oci_image_module_data.use_decrypted_key = args->use_decrypted_key; ++ g_oci_image_module_data.insecure_skip_verify_enforce = args->insecure_skip_verify_enforce; ++ ++ if (util_array_len((const char **)args->registry_mirrors) != args->registry_mirrors_len) { ++ ERROR("registry_mirrors_len is not the length of registry_mirrors"); ++ goto free_out; ++ } ++ if (args->registry_mirrors_len != 0) { ++ for (i = 0; i < args->registry_mirrors_len; i++) { ++ p = args->registry_mirrors[i]; ++ if (p == NULL) { ++ break; ++ } ++ nret = util_array_append(&g_oci_image_module_data.registry_mirrors, p); ++ if (nret != 0) { ++ ERROR("Out of memory"); ++ goto free_out; ++ } ++ g_oci_image_module_data.registry_mirrors_len++; ++ } ++ } ++ ++ if (util_array_len((const char **)args->insecure_registries) != args->insecure_registries_len) { ++ ERROR("insecure_registries_len is not the length of insecure_registries"); ++ goto free_out; ++ } ++ if (args->insecure_registries_len != 0) { ++ for (i = 0; i < args->insecure_registries_len; i++) { ++ p = args->insecure_registries[i]; ++ if (p == NULL) { ++ break; ++ } ++ nret = util_array_append(&g_oci_image_module_data.insecure_registries, p); ++ if (nret != 0) { ++ ERROR("Out of memory"); ++ goto free_out; ++ } ++ g_oci_image_module_data.insecure_registries_len++; ++ } ++ } ++ ++ return 0; ++ ++free_out: ++ free_oci_image_data(); ++ return -1; ++} ++ ++struct oci_image_module_data *get_oci_image_data(void) ++{ ++ return &g_oci_image_module_data; ++} ++ + // only use overlay as the driver name if specify overlay2 or overlay + static char *format_driver_name(const char *driver) + { +@@ -155,7 +239,7 @@ static int recreate_image_tmpdir() + char *image_tmp_path = NULL; + int ret = 0; + +- image_tmp_path = oci_get_isulad_tmpdir(); ++ image_tmp_path = oci_get_isulad_tmpdir(g_oci_image_module_data.root_dir); + if (image_tmp_path == NULL) { + ERROR("failed to get image tmp path"); + ret = -1; +@@ -189,6 +273,12 @@ int oci_init(const isulad_daemon_configs *args) + return ret; + } + ++ ret = oci_image_data_init(args); ++ if (ret != 0) { ++ ERROR("Failed to init oci image"); ++ goto out; ++ } ++ + ret = recreate_image_tmpdir(); + if (ret != 0) { + goto out; +@@ -213,6 +303,7 @@ out: + void oci_exit() + { + storage_module_exit(); ++ free_oci_image_data(); + } + + int oci_pull_rf(const im_pull_request *request, im_pull_response *response) +diff --git a/src/daemon/modules/image/oci/oci_image.h b/src/daemon/modules/image/oci/oci_image.h +index a452213d..64a4d8e8 100644 +--- a/src/daemon/modules/image/oci/oci_image.h ++++ b/src/daemon/modules/image/oci/oci_image.h +@@ -27,6 +27,19 @@ + extern "C" { + #endif + ++struct oci_image_module_data { ++ char *root_dir; ++ bool use_decrypted_key; ++ bool insecure_skip_verify_enforce; ++ ++ char **registry_mirrors; ++ size_t registry_mirrors_len; ++ ++ char **insecure_registries; ++ size_t insecure_registries_len; ++}; ++struct oci_image_module_data *get_oci_image_data(void); ++ + int oci_init(const isulad_daemon_configs *args); + void oci_exit(); + +diff --git a/src/daemon/modules/image/oci/oci_load.c b/src/daemon/modules/image/oci/oci_load.c +index 97cff34b..80647253 100644 +--- a/src/daemon/modules/image/oci/oci_load.c ++++ b/src/daemon/modules/image/oci/oci_load.c +@@ -41,6 +41,7 @@ + #include "utils_array.h" + #include "utils_file.h" + #include "utils_verify.h" ++#include "oci_image.h" + + #define MANIFEST_BIG_DATA_KEY "manifest" + #define OCI_SCHEMA_VERSION 2 +@@ -1013,14 +1014,16 @@ static char *oci_load_path_create() + int nret = 0; + char *image_tmp_path = NULL; + char tmp_dir[PATH_MAX] = { 0 }; ++ struct oci_image_module_data *oci_image_data = NULL; + +- ret = makesure_isulad_tmpdir_perm_right(); ++ oci_image_data = get_oci_image_data(); ++ ret = makesure_isulad_tmpdir_perm_right(oci_image_data->root_dir); + if (ret != 0) { + ERROR("failed to make sure permission of image tmp work dir"); + goto out; + } + +- image_tmp_path = oci_get_isulad_tmpdir(); ++ image_tmp_path = oci_get_isulad_tmpdir(oci_image_data->root_dir); + if (image_tmp_path == NULL) { + ERROR("failed to get image tmp work dir"); + ret = -1; +diff --git a/src/daemon/modules/image/oci/oci_login.c b/src/daemon/modules/image/oci/oci_login.c +index b95e00e8..547bfc69 100644 +--- a/src/daemon/modules/image/oci/oci_login.c ++++ b/src/daemon/modules/image/oci/oci_login.c +@@ -23,6 +23,7 @@ + #include "isulad_config.h" + #include "utils_array.h" + #include "utils_string.h" ++#include "oci_image.h" + + static int is_valid_arguments(const char *server, const char *username, const char *password) + { +@@ -47,6 +48,7 @@ int oci_do_login(const char *server, const char *username, const char *password) + char **registry = NULL; + char *host = NULL; + char **parts = NULL; ++ struct oci_image_module_data *oci_image_data = NULL; + + if (is_valid_arguments(server, username, password) != 0) { + ERROR("Invalid arguments"); +@@ -60,8 +62,10 @@ int oci_do_login(const char *server, const char *username, const char *password) + } + host = parts[0]; + +- options.skip_tls_verify = conf_get_skip_insecure_verify_flag(); +- insecure_registries = conf_get_insecure_registry_list(); ++ oci_image_data = get_oci_image_data(); ++ options.skip_tls_verify = oci_image_data->insecure_skip_verify_enforce; ++ ++ insecure_registries = oci_image_data->insecure_registries; + for (registry = insecure_registries; (registry != NULL) && (*registry != NULL); registry++) { + if (!strcmp(*registry, host)) { + options.insecure_registry = true; +@@ -81,8 +85,6 @@ int oci_do_login(const char *server, const char *username, const char *password) + out: + util_free_array(parts); + parts = NULL; +- util_free_array(insecure_registries); +- insecure_registries = NULL; + + return ret; + } +diff --git a/src/daemon/modules/image/oci/oci_pull.c b/src/daemon/modules/image/oci/oci_pull.c +index 9d94b663..71807553 100644 +--- a/src/daemon/modules/image/oci/oci_pull.c ++++ b/src/daemon/modules/image/oci/oci_pull.c +@@ -29,6 +29,7 @@ + #include "utils_array.h" + #include "utils_base64.h" + #include "utils_string.h" ++#include "oci_image.h" + + static int decode_auth(const char *auth, char **username, char **password) + { +@@ -95,6 +96,7 @@ static int pull_image(const im_pull_request *request, char **name) + char **mirror = NULL; + char *host = NULL; + char *with_tag = NULL; ++ struct oci_image_module_data *oci_image_data = NULL; + + options = (registry_pull_options *)util_common_calloc_s(sizeof(registry_pull_options)); + if (options == NULL) { +@@ -113,8 +115,9 @@ static int pull_image(const im_pull_request *request, char **name) + options->auth.password = util_strdup_s(request->password); + } + +- options->skip_tls_verify = conf_get_skip_insecure_verify_flag(); +- insecure_registries = conf_get_insecure_registry_list(); ++ oci_image_data = get_oci_image_data(); ++ options->skip_tls_verify = oci_image_data->insecure_skip_verify_enforce; ++ insecure_registries = oci_image_data->insecure_registries; + + host = oci_get_host(request->image); + if (host != NULL) { +@@ -127,7 +130,7 @@ static int pull_image(const im_pull_request *request, char **name) + goto out; + } + } else { +- registry_mirrors = conf_get_registry_list(); ++ registry_mirrors = oci_image_data->registry_mirrors; + if (registry_mirrors == NULL) { + ERROR("Invalid image name %s, no host found", request->image); + isulad_try_set_error_message("Invalid image name, no host found"); +@@ -160,10 +163,6 @@ static int pull_image(const im_pull_request *request, char **name) + out: + free(host); + host = NULL; +- util_free_array(registry_mirrors); +- registry_mirrors = NULL; +- util_free_array(insecure_registries); +- insecure_registries = NULL; + free_registry_pull_options(options); + options = NULL; + +diff --git a/src/daemon/modules/image/oci/registry/registry.c b/src/daemon/modules/image/oci/registry/registry.c +index a94d10b1..b280f96b 100644 +--- a/src/daemon/modules/image/oci/registry/registry.c ++++ b/src/daemon/modules/image/oci/registry/registry.c +@@ -52,6 +52,7 @@ + #include "utils_string.h" + #include "utils_timestamp.h" + #include "utils_verify.h" ++#include "oci_image.h" + + #define MANIFEST_BIG_DATA_KEY "manifest" + #define MAX_CONCURRENT_DOWNLOAD_NUM 5 +@@ -1685,6 +1686,7 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio + char blobpath[PATH_MAX] = { 0 }; + char scope[PATH_MAX] = { 0 }; + char *image_tmp_path = NULL; ++ struct oci_image_module_data *oci_image_data = NULL; + + if (desc == NULL || options == NULL) { + ERROR("Invalid NULL param"); +@@ -1718,13 +1720,14 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio + + update_host(desc); + +- ret = makesure_isulad_tmpdir_perm_right(); ++ oci_image_data = get_oci_image_data(); ++ ret = makesure_isulad_tmpdir_perm_right(oci_image_data->root_dir); + if (ret != 0) { + ERROR("failed to make sure permission of image tmp work dir"); + goto out; + } + +- image_tmp_path = oci_get_isulad_tmpdir(); ++ image_tmp_path = oci_get_isulad_tmpdir(oci_image_data->root_dir); + if (image_tmp_path == NULL) { + ERROR("failed to get image tmp work dir"); + ret = -1; +@@ -1755,7 +1758,7 @@ static int prepare_pull_desc(pull_descriptor *desc, registry_pull_options *optio + desc->dest_image_name = util_strdup_s(options->dest_image_name); + desc->scope = util_strdup_s(scope); + desc->blobpath = util_strdup_s(blobpath); +- desc->use_decrypted_key = conf_get_use_decrypted_key_flag(); ++ desc->use_decrypted_key = oci_image_data->use_decrypted_key; + desc->skip_tls_verify = options->skip_tls_verify; + desc->insecure_registry = options->insecure_registry; + desc->cancel = false; +@@ -1928,6 +1931,7 @@ int registry_login(registry_login_options *options) + { + int ret = 0; + pull_descriptor *desc = NULL; ++ struct oci_image_module_data *oci_image_data = NULL; + + if (options == NULL || options->host == NULL || options->auth.username == NULL || options->auth.password == NULL || + strlen(options->auth.username) == 0 || strlen(options->auth.password) == 0) { +@@ -1942,9 +1946,11 @@ int registry_login(registry_login_options *options) + goto out; + } + ++ oci_image_data = get_oci_image_data(); ++ + desc->host = util_strdup_s(options->host); + update_host(desc); +- desc->use_decrypted_key = conf_get_use_decrypted_key_flag(); ++ desc->use_decrypted_key = oci_image_data->use_decrypted_key; + desc->skip_tls_verify = options->skip_tls_verify; + desc->insecure_registry = options->insecure_registry; + desc->username = util_strdup_s(options->auth.username); +diff --git a/src/daemon/modules/image/oci/utils_images.c b/src/daemon/modules/image/oci/utils_images.c +index 7eddd25c..a909b0f3 100644 +--- a/src/daemon/modules/image/oci/utils_images.c ++++ b/src/daemon/modules/image/oci/utils_images.c +@@ -516,16 +516,13 @@ static int makesure_path_is_dir(char *path) + return 0; + } + +-char *oci_get_isulad_tmpdir() ++char *oci_get_isulad_tmpdir(const char *root_dir) + { + char *isulad_tmpdir = NULL; +- char *isulad_root_dir = NULL; + char *env_dir = NULL; +- int ret = 0; + +- isulad_root_dir = conf_get_isulad_rootdir(); +- if (isulad_root_dir == NULL) { +- ERROR("get isulad root dir failed"); ++ if (root_dir == NULL) { ++ ERROR("root dir is NULL"); + return NULL; + } + +@@ -533,31 +530,23 @@ char *oci_get_isulad_tmpdir() + if (util_valid_str(env_dir)) { + isulad_tmpdir = util_path_join(env_dir, "isulad_tmpdir"); + } else { +- isulad_tmpdir = util_path_join(isulad_root_dir, "isulad_tmpdir"); ++ isulad_tmpdir = util_path_join(root_dir, "isulad_tmpdir"); + } + if (isulad_tmpdir == NULL) { + ERROR("join temporary directory failed"); +- ret = -1; +- goto out; +- } +- +-out: +- free(isulad_root_dir); +- if (ret != 0) { +- free(isulad_tmpdir); +- isulad_tmpdir = NULL; ++ return NULL; + } + + return isulad_tmpdir; + } + +-int makesure_isulad_tmpdir_perm_right() ++int makesure_isulad_tmpdir_perm_right(const char *root_dir) + { + struct stat st = {0}; + char *isulad_tmpdir = NULL; + int ret = 0; + +- isulad_tmpdir = oci_get_isulad_tmpdir(); ++ isulad_tmpdir = oci_get_isulad_tmpdir(root_dir); + if (isulad_tmpdir == NULL) { + return -1; + } +diff --git a/src/daemon/modules/image/oci/utils_images.h b/src/daemon/modules/image/oci/utils_images.h +index cebcc796..4e13c76c 100644 +--- a/src/daemon/modules/image/oci/utils_images.h ++++ b/src/daemon/modules/image/oci/utils_images.h +@@ -39,7 +39,6 @@ extern "C" { + #define REPO_PREFIX_TO_STRIP "library/" + #define MAX_ID_BUF_LEN 256 + +- + char *oci_get_host(const char *name); + char *oci_host_from_mirror(const char *mirror); + char *oci_default_tag(const char *name); +@@ -54,8 +53,8 @@ int add_rootfs_and_history(const layer_blob *layers, size_t layers_len, const re + docker_image_config_v2 *config); + bool oci_valid_time(char *time); + +-char *oci_get_isulad_tmpdir(); +-int makesure_isulad_tmpdir_perm_right(); ++char *oci_get_isulad_tmpdir(const char *root_dir); ++int makesure_isulad_tmpdir_perm_right(const char *root_dir); + + #ifdef __cplusplus + } +diff --git a/test/image/oci/registry/CMakeLists.txt b/test/image/oci/registry/CMakeLists.txt +index 36e7cab8..cfc7da87 100644 +--- a/test/image/oci/registry/CMakeLists.txt ++++ b/test/image/oci/registry/CMakeLists.txt +@@ -19,7 +19,6 @@ add_executable(${EXE} + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_timestamp.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/modules/image/oci/utils_images.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/common/err_msg.c +- ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/daemon/config/daemon_arguments.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/http/parser.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/buffer/buffer.c + ${CMAKE_CURRENT_SOURCE_DIR}/../../../../src/utils/cutils/utils_aes.c +@@ -36,7 +35,6 @@ add_executable(${EXE} + ${CMAKE_CURRENT_SOURCE_DIR}/../../../mocks/storage_mock.cc + ${CMAKE_CURRENT_SOURCE_DIR}/../../../mocks/oci_image_mock.cc + ${CMAKE_CURRENT_SOURCE_DIR}/../../../mocks/http_mock.cc +- ${CMAKE_CURRENT_SOURCE_DIR}/../../../mocks/isulad_config_mock.cc + registry_ut.cc) + + target_include_directories(${EXE} PUBLIC +diff --git a/test/image/oci/registry/registry_ut.cc b/test/image/oci/registry/registry_ut.cc +index 4b264424..f0e35dc0 100644 +--- a/test/image/oci/registry/registry_ut.cc ++++ b/test/image/oci/registry/registry_ut.cc +@@ -73,7 +73,28 @@ std::string get_dir() + return static_cast(abs_path) + "../../../../../test/image/oci/registry"; + } + +-void mockCommonAll(MockStorage *mock, MockOciImage *oci_image_mock, MockIsuladConf *isulad_conf_mock); ++void mockCommonAll(MockStorage *mock, MockOciImage *oci_image_mock); ++ ++static struct oci_image_module_data g_oci_image_registry = { 0 }; ++ ++static void oci_image_registry_init() ++{ ++ g_oci_image_registry.root_dir = util_strdup_s(get_dir().c_str()); ++ g_oci_image_registry.use_decrypted_key = true; ++} ++ ++static struct oci_image_module_data *invokeGetOciImageData() ++{ ++ return &g_oci_image_registry; ++} ++ ++static void oci_image_registry_exit() ++{ ++ free(g_oci_image_registry.root_dir); ++ g_oci_image_registry.root_dir = NULL; ++ ++ g_oci_image_registry.use_decrypted_key = false; ++} + + class RegistryUnitTest : public testing::Test { + protected: +@@ -82,8 +103,8 @@ protected: + MockHttp_SetMock(&m_http_mock); + MockStorage_SetMock(&m_storage_mock); + MockOciImage_SetMock(&m_oci_image_mock); +- MockIsuladConf_SetMock(&m_isulad_conf_mock); +- mockCommonAll(&m_storage_mock, &m_oci_image_mock, &m_isulad_conf_mock); ++ mockCommonAll(&m_storage_mock, &m_oci_image_mock); ++ oci_image_registry_init(); + } + + void TearDown() override +@@ -91,13 +112,12 @@ protected: + MockHttp_SetMock(nullptr); + MockStorage_SetMock(nullptr); + MockOciImage_SetMock(nullptr); +- MockIsuladConf_SetMock(nullptr); ++ oci_image_registry_exit(); + } + + NiceMock m_http_mock; + NiceMock m_storage_mock; + NiceMock m_oci_image_mock; +- NiceMock m_isulad_conf_mock; + }; + + int invokeHttpRequestV1(const char *url, struct http_get_options *options, long *response_code, int recursive_len) +@@ -505,17 +525,7 @@ static int init_log() + return 0; + } + +-static char *invokeConfGetISuladRootDir() +-{ +- return util_strdup_s(get_dir().c_str()); +-} +- +-static bool invokeConfGetUseDecryptedKeyFlag() +-{ +- return true; +-} +- +-void mockCommonAll(MockStorage *mock, MockOciImage *oci_image_mock, MockIsuladConf *isulad_conf_mock) ++void mockCommonAll(MockStorage *mock, MockOciImage *oci_image_mock) + { + EXPECT_CALL(*mock, StorageImgCreate(::testing::_, ::testing::_, ::testing::_, ::testing::_)) + .WillRepeatedly(Invoke(invokeStorageImgCreate)); +@@ -549,10 +559,8 @@ void mockCommonAll(MockStorage *mock, MockOciImage *oci_image_mock, MockIsuladCo + .WillRepeatedly(Invoke(invokeFreeLayer)); + EXPECT_CALL(*oci_image_mock, OciValidTime(::testing::_)) + .WillRepeatedly(Invoke(invokeOciValidTime)); +- EXPECT_CALL(*isulad_conf_mock, ConfGetISuladRootDir()) +- .WillRepeatedly(Invoke(invokeConfGetISuladRootDir)); +- EXPECT_CALL(*isulad_conf_mock, ConfGetUseDecryptedKeyFlag()) +- .WillRepeatedly(Invoke(invokeConfGetUseDecryptedKeyFlag)); ++ EXPECT_CALL(*oci_image_mock, GetOciImageData()) ++ .WillRepeatedly(Invoke(invokeGetOciImageData)); + return; + } + +@@ -610,7 +618,7 @@ TEST_F(RegistryUnitTest, test_pull_v1_image) + + EXPECT_CALL(m_http_mock, HttpRequest(::testing::_, ::testing::_, ::testing::_, ::testing::_)) + .WillRepeatedly(Invoke(invokeHttpRequestV1)); +- mockCommonAll(&m_storage_mock, &m_oci_image_mock, &m_isulad_conf_mock); ++ mockCommonAll(&m_storage_mock, &m_oci_image_mock); + ASSERT_EQ(registry_pull(&options), 0); + + ASSERT_EQ(registry_pull(&options), 0); +@@ -670,7 +678,7 @@ TEST_F(RegistryUnitTest, test_pull_v2_image) + + EXPECT_CALL(m_http_mock, HttpRequest(::testing::_, ::testing::_, ::testing::_, ::testing::_)) + .WillRepeatedly(Invoke(invokeHttpRequestV2)); +- mockCommonAll(&m_storage_mock, &m_oci_image_mock, &m_isulad_conf_mock); ++ mockCommonAll(&m_storage_mock, &m_oci_image_mock); + + // test retry success + ASSERT_EQ(registry_pull(&options), 0); +@@ -704,7 +712,7 @@ TEST_F(RegistryUnitTest, test_pull_oci_image) + options->insecure_registry = false; + EXPECT_CALL(m_http_mock, HttpRequest(::testing::_, ::testing::_, ::testing::_, ::testing::_)) + .WillRepeatedly(Invoke(invokeHttpRequestOCI)); +- mockCommonAll(&m_storage_mock, &m_oci_image_mock, &m_isulad_conf_mock); ++ mockCommonAll(&m_storage_mock, &m_oci_image_mock); + ASSERT_EQ(registry_pull(options), 0); + + free_registry_pull_options(options); +@@ -722,7 +730,7 @@ TEST_F(RegistryUnitTest, test_pull_already_exist) + + EXPECT_CALL(m_http_mock, HttpRequest(::testing::_, ::testing::_, ::testing::_, ::testing::_)) + .WillRepeatedly(Invoke(invokeHttpRequestV2)); +- mockCommonAll(&m_storage_mock, &m_oci_image_mock, &m_isulad_conf_mock); ++ mockCommonAll(&m_storage_mock, &m_oci_image_mock); + EXPECT_CALL(m_storage_mock, StorageLayerGet(::testing::_)) + .WillRepeatedly(Invoke(invokeStorageLayerGet1)); + ASSERT_EQ(registry_pull(&options), 0); +diff --git a/test/mocks/oci_image_mock.cc b/test/mocks/oci_image_mock.cc +index 51987f62..c6451005 100644 +--- a/test/mocks/oci_image_mock.cc ++++ b/test/mocks/oci_image_mock.cc +@@ -31,3 +31,11 @@ bool oci_valid_time(char *time) + } + return false; + } ++ ++struct oci_image_module_data *get_oci_image_data(void) ++{ ++ if (g_oci_image_mock != nullptr) { ++ return g_oci_image_mock->GetOciImageData(); ++ } ++ return { 0 }; ++} +diff --git a/test/mocks/oci_image_mock.h b/test/mocks/oci_image_mock.h +index 16b2a3c5..cd1db1fd 100644 +--- a/test/mocks/oci_image_mock.h ++++ b/test/mocks/oci_image_mock.h +@@ -23,6 +23,7 @@ class MockOciImage { + public: + virtual ~MockOciImage() = default; + MOCK_METHOD1(OciValidTime, bool(char *time)); ++ MOCK_METHOD0(GetOciImageData, struct oci_image_module_data * ()); + }; + + void MockOciImage_SetMock(MockOciImage *mock); +-- +2.25.1 + diff --git a/0020-translate-absolute-path-to-relative-path-when-unpack.patch b/0020-translate-absolute-path-to-relative-path-when-unpack.patch new file mode 100644 index 0000000..34854ba --- /dev/null +++ b/0020-translate-absolute-path-to-relative-path-when-unpack.patch @@ -0,0 +1,31 @@ +From 8dca81df2e93e7b91b53213adfcd469d4fbb84e8 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Mon, 7 Dec 2020 14:49:34 +0800 +Subject: [PATCH] translate absolute path to relative path when unpack + +Signed-off-by: WangFengTu +--- + src/utils/tar/util_archive.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/src/utils/tar/util_archive.c b/src/utils/tar/util_archive.c +index 85f75c7f..581503fd 100644 +--- a/src/utils/tar/util_archive.c ++++ b/src/utils/tar/util_archive.c +@@ -375,6 +375,13 @@ int archive_unpack_handler(const struct io_read_wrapper *content, const char *ds + continue; + } + ++ // if path in archive is absolute, we need to translate it to relative because ++ // libarchive can not support absolute path when unpack ++ pathname = archive_entry_pathname(entry); ++ if (pathname != NULL && pathname[0] == '/') { ++ archive_entry_set_pathname(entry, pathname + 1); ++ } ++ + ret = archive_write_header(ext, entry); + if (ret != ARCHIVE_OK) { + ERROR("Fail to handle tar header: %s", archive_error_string(ext)); +-- +2.25.1 + diff --git a/0021-clean-code-fix-check-error-in-terminal.c-and-volume_.patch b/0021-clean-code-fix-check-error-in-terminal.c-and-volume_.patch new file mode 100644 index 0000000..250beb6 --- /dev/null +++ b/0021-clean-code-fix-check-error-in-terminal.c-and-volume_.patch @@ -0,0 +1,44 @@ +From f28afb0aeea9ff6465400825a64a3d28f83f187a Mon Sep 17 00:00:00 2001 +From: lifeng68 +Date: Mon, 7 Dec 2020 14:48:05 +0800 +Subject: [PATCH] clean code: fix check error in terminal.c and volume_cb.c + +Signed-off-by: lifeng68 +--- + src/cmd/isulad-shim/terminal.c | 5 +++-- + src/daemon/executor/volume_cb/volume_cb.c | 2 +- + 2 files changed, 4 insertions(+), 3 deletions(-) + +diff --git a/src/cmd/isulad-shim/terminal.c b/src/cmd/isulad-shim/terminal.c +index 9b7d55e6..f803b634 100644 +--- a/src/cmd/isulad-shim/terminal.c ++++ b/src/cmd/isulad-shim/terminal.c +@@ -268,9 +268,10 @@ void shim_write_container_log_file(log_terminal *terminal, const char *type, cha + } + + if (buf != NULL && read_count > 0) { +- upto = size + read_count; +- if (upto > BUF_CACHE_SIZE) { ++ if (read_count > (BUF_CACHE_SIZE - size)) { + upto = BUF_CACHE_SIZE; ++ } else { ++ upto = size + read_count; + } + + if (upto > size) { +diff --git a/src/daemon/executor/volume_cb/volume_cb.c b/src/daemon/executor/volume_cb/volume_cb.c +index 8efddad9..13f99517 100644 +--- a/src/daemon/executor/volume_cb/volume_cb.c ++++ b/src/daemon/executor/volume_cb/volume_cb.c +@@ -70,7 +70,7 @@ static int volume_list_cb(const volume_list_volume_request *request, volume_list + goto out; + } + +- (*response)->volumes = util_common_calloc_s(sizeof(volume_volume *) * list->vols_len); ++ (*response)->volumes = util_smart_calloc_s(sizeof(volume_volume *), list->vols_len); + if ((*response)->volumes == NULL) { + ERROR("out of memory"); + cc = ISULAD_ERR_MEMOUT; +-- +2.25.1 + diff --git a/0022-iSulad-bugfix-args-use_decrypted_key-is-a-pointer.patch b/0022-iSulad-bugfix-args-use_decrypted_key-is-a-pointer.patch new file mode 100644 index 0000000..a055523 --- /dev/null +++ b/0022-iSulad-bugfix-args-use_decrypted_key-is-a-pointer.patch @@ -0,0 +1,31 @@ +From e744a909cdb3a88ca4cbbe92385e70bf29c690a0 Mon Sep 17 00:00:00 2001 +From: zhangxiaoyu +Date: Mon, 7 Dec 2020 16:28:19 +0800 +Subject: [PATCH] iSulad: bugfix, args->use_decrypted_key is a pointer + +Signed-off-by: zhangxiaoyu +--- + src/daemon/modules/image/oci/oci_image.c | 7 ++++++- + 1 file changed, 6 insertions(+), 1 deletion(-) + +diff --git a/src/daemon/modules/image/oci/oci_image.c b/src/daemon/modules/image/oci/oci_image.c +index 461fbf10..773803fa 100644 +--- a/src/daemon/modules/image/oci/oci_image.c ++++ b/src/daemon/modules/image/oci/oci_image.c +@@ -70,7 +70,12 @@ static int oci_image_data_init(const isulad_daemon_configs *args) + } + g_oci_image_module_data.root_dir = util_strdup_s(args->graph); + +- g_oci_image_module_data.use_decrypted_key = args->use_decrypted_key; ++ if (args->use_decrypted_key == NULL) { ++ g_oci_image_module_data.use_decrypted_key = true; ++ } else { ++ g_oci_image_module_data.use_decrypted_key = *(args->use_decrypted_key); ++ } ++ + g_oci_image_module_data.insecure_skip_verify_enforce = args->insecure_skip_verify_enforce; + + if (util_array_len((const char **)args->registry_mirrors) != args->registry_mirrors_len) { +-- +2.25.1 + diff --git a/0023-verify-peer-only-if-CA-configed.patch b/0023-verify-peer-only-if-CA-configed.patch new file mode 100644 index 0000000..ec8edc6 --- /dev/null +++ b/0023-verify-peer-only-if-CA-configed.patch @@ -0,0 +1,29 @@ +From b09d3c39641e66160f588b66ac8c3b88cfd726a8 Mon Sep 17 00:00:00 2001 +From: WangFengTu +Date: Mon, 7 Dec 2020 16:26:42 +0800 +Subject: [PATCH] verify peer only if CA configed + +rollback ssl verify check condition because some system +do not have certs configed by default. + +Signed-off-by: WangFengTu +--- + src/daemon/modules/image/oci/registry/http_request.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/daemon/modules/image/oci/registry/http_request.c b/src/daemon/modules/image/oci/registry/http_request.c +index fb44a7b6..60644ed5 100644 +--- a/src/daemon/modules/image/oci/registry/http_request.c ++++ b/src/daemon/modules/image/oci/registry/http_request.c +@@ -118,7 +118,7 @@ static int setup_ssl_config(pull_descriptor *desc, struct http_get_options *opti + } + } + +- if (!desc->insecure_registry) { ++ if (options->ca_file != NULL) { + options->ssl_verify_peer = true; + } + +-- +2.25.1 + diff --git a/iSulad.spec b/iSulad.spec index 0c798e3..72e1e76 100644 --- a/iSulad.spec +++ b/iSulad.spec @@ -1,5 +1,5 @@ %global _version 2.0.7 -%global _release 20201205.145752.gita461cc51 +%global _release 20201207.151847.gita1fce123 %global is_systemd 1 Name: iSulad @@ -30,6 +30,11 @@ Patch0015: 0015-ignore-get-ip-error-for-mutlnetwork.patch Patch0016: 0016-support-default-container-log-options.patch Patch0017: 0017-add-testcase-for-default-container-log-configs.patch Patch0018: 0018-clean-code-ignore-list-containers-error.patch +Patch0019: 0019-add-g_oci_image_module_data-in-oci-image-module.patch +Patch0020: 0020-translate-absolute-path-to-relative-path-when-unpack.patch +Patch0021: 0021-clean-code-fix-check-error-in-terminal.c-and-volume_.patch +Patch0022: 0022-iSulad-bugfix-args-use_decrypted_key-is-a-pointer.patch +Patch0023: 0023-verify-peer-only-if-CA-configed.patch %ifarch x86_64 aarch64 Provides: libhttpclient.so()(64bit) @@ -232,6 +237,12 @@ fi %endif %changelog +* Mon Dec 7 2020 zhangxiaoyu - 2.0.7-20201207.151847.gita1fce123 +- Type: update +- ID: NA +- SUG: NA +- DESC: update from master + * Sat Dec 5 2020 lifeng - 2.0.7-20201205.145752.gita461cc51 - Type: bugfix - ID:NA