Skip to content

Commit

Permalink
fix compat image resolution
Browse files Browse the repository at this point in the history
Fix a bug in the resolution of images in the Docker compat API.
When looking up an image by a short name, the name may match
an image that does not live on Docker Hub.  The resolved name
should be used for normalization instead of the input name to
make sure that `busybox` can resolve to `registry.com/busybox`
if present in the local storage.

Fixes: containers#14291
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
  • Loading branch information
vrothberg authored and openshift-cherrypick-robot committed May 24, 2022
1 parent d537cf1 commit 1021afb
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 14 deletions.
13 changes: 9 additions & 4 deletions pkg/api/handlers/utils/images.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,21 +26,26 @@ func NormalizeToDockerHub(r *http.Request, nameOrID string) (string, error) {
return nameOrID, nil
}

// Try to lookup the input to figure out if it was an ID or not.
runtime := r.Context().Value(api.RuntimeKey).(*libpod.Runtime)
img, _, err := runtime.LibimageRuntime().LookupImage(nameOrID, nil)

// The candidate may resolve to a local non-Docker Hub image, such as
// 'busybox' -> 'registry.com/busybox'.
img, candidate, err := runtime.LibimageRuntime().LookupImage(nameOrID, nil)
if err != nil {
if errors.Cause(err) != storage.ErrImageUnknown {
return "", fmt.Errorf("normalizing name for compat API: %v", err)
}
// If the image could not be resolved locally, set the
// candidate back to the input.
candidate = nameOrID
} else if strings.HasPrefix(img.ID(), strings.TrimPrefix(nameOrID, "sha256:")) {
return img.ID(), nil
}

// No ID, so we can normalize.
named, err := reference.ParseNormalizedNamed(nameOrID)
named, err := reference.ParseNormalizedNamed(candidate)
if err != nil {
return "", fmt.Errorf("normalizing name for compat API: %v", err)
return "", fmt.Errorf("normalizing name %q (orig: %q) for compat API: %v", candidate, nameOrID, err)
}

return named.String(), nil
Expand Down
21 changes: 11 additions & 10 deletions test/apiv2/70-short-names.at
Original file line number Diff line number Diff line change
Expand Up @@ -6,11 +6,16 @@
# Pull the libpod/quay image which is used in all tests below.
t POST "images/create?fromImage=quay.io/libpod/alpine:latest" 200 .error~null .status~".*Download complete.*"

# 14291 - let a short-name resolve to a *local* non Docker-Hub image.
t POST containers/create Image=alpine 201 .Id~[0-9a-f]\\{64\\}
cid=$(jq -r '.Id' <<<"$output")
t GET containers/$cid/json 200 .Image="quay.io/libpod/alpine:latest"
podman rm -f $cid

########## TAG

t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
t DELETE "images/foo" 200
t DELETE "images/docker.io/library/foo" 200


########## BUILD
Expand Down Expand Up @@ -52,9 +57,6 @@ t DELETE "images/foo" 200

########## TAG

# Looking up 'alpine' will fail as it gets normalized to docker.io.
t POST "images/alpine/tag?repo=foo" 404 .cause="image not known"

# The libpod endpoint will resolve to it without issues.
t GET "libpod/images/alpine/exists" 204

Expand All @@ -67,22 +69,21 @@ t GET "libpod/images/docker.io/library/foo/exists" 204

########## REMOVE

t DELETE "images/alpine" 404 .cause="image not known" # fails since docker.io/library/alpine does not exist
t DELETE "images/foo" 200 # removes the previously tagged image


########## GET

# Same procedure as above but with the /get endpoint.
t GET "images/alpine/get" 404 .cause="image not known"
t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
t GET "images/foo/get" 200 '[POSIX tar archive]'
t DELETE "images/foo" 200
t GET "images/alpine/get" 200


########## HISTORY

t GET "images/alpine/history" 404 .cause="image not known"
t GET "images/alpine/history" 200
t GET "images/quay.io/libpod/alpine/history" 200
t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
t GET "libpod/images/foo/history" 200
Expand All @@ -91,7 +92,7 @@ t DELETE "images/foo" 200

########## PUSH

t POST "images/alpine/push?destination=localhost:9999/do/not:exist" 404 .cause="image not known"
t POST "images/alpine/push?destination=localhost:9999/do:exist" 200
t POST "images/quay.io/libpod/alpine/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response
t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
t POST "images/foo/push?destination=localhost:9999/do/not:exist" 200 # Error is in the response
Expand All @@ -100,7 +101,7 @@ t DELETE "images/foo"

########## CREATE A CONTAINER

t POST "containers/create" Image=alpine 404 .cause="image not known"
t POST "containers/create" Image=alpine 201
t POST "containers/create" Image=quay.io/libpod/alpine:latest 201
cid=$(jq -r '.Id' <<<"$output")
t POST "images/quay.io/libpod/alpine/tag?repo=foo" 201
Expand All @@ -113,7 +114,7 @@ t DELETE "containers/$cid"

t POST "containers/create" Image=quay.io/libpod/alpine:latest 201
cid=$(jq -r '.Id' <<<"$output")
t GET "images/alpine/get" 404 .cause="image not known"
t GET "images/alpine/get" 200
t POST "commit?container=$cid&repo=foo&tag=tag" 201
t GET "images/foo/get" 404 .cause="image not known"
t GET "images/foo:tag/get" 200
Expand Down

0 comments on commit 1021afb

Please sign in to comment.