From a07e8d9c2642798506c28bd43bb7094680fcba82 Mon Sep 17 00:00:00 2001 From: Matt Moore Date: Thu, 15 Aug 2019 00:22:05 +0000 Subject: [PATCH 1/2] Add support for recursively resolving directory symlinks. This adds support for properly resolving directory symlinks within kodata. I verified that with this I can symlink `.git/refs` into `kodata/` and (with changes) resolve the `.git/HEAD` symlink to read the appropriate `ref: refs/heads/...` files with the commit SHA. --- pkg/build/gobuild.go | 54 ++++++++++++++++++++++++++++---------------- 1 file changed, 34 insertions(+), 20 deletions(-) diff --git a/pkg/build/gobuild.go b/pkg/build/gobuild.go index f6b11fbbee..e46d2e5549 100644 --- a/pkg/build/gobuild.go +++ b/pkg/build/gobuild.go @@ -276,28 +276,12 @@ func (g *gobuild) kodataPath(s string) (string, error) { // Where kodata lives in the image. const kodataRoot = "/var/run/ko" -func (g *gobuild) tarKoData(importpath string) (*bytes.Buffer, error) { - buf := bytes.NewBuffer(nil) - // Compress this before calling tarball.LayerFromOpener, since it eagerly - // calculates digests and diffids. This prevents us from double compressing - // the layer when we have to actually upload the blob. - // - // https://github.com/google/go-containerregistry/issues/413 - gw, _ := gzip.NewWriterLevel(buf, gzip.BestSpeed) - defer gw.Close() - tw := tar.NewWriter(gw) - defer tw.Close() - - root, err := g.kodataPath(importpath) - if err != nil { - return nil, err - } - - err = filepath.Walk(root, func(path string, info os.FileInfo, err error) error { +func walkRecursive(tw *tar.Writer, root, chroot string) error { + return filepath.Walk(root, func(path string, info os.FileInfo, err error) error { if path == root { // Add an entry for /var/run/ko return tw.WriteHeader(&tar.Header{ - Name: kodataRoot, + Name: chroot, Typeflag: tar.TypeDir, // Use a fixed Mode, so that this isn't sensitive to the directory and umask // under which it was created. Additionally, windows can only set 0222, @@ -318,6 +302,17 @@ func (g *gobuild) tarKoData(importpath string) (*bytes.Buffer, error) { if err != nil { return err } + newPath := filepath.Join(chroot, path[len(root):]) + + path, err = filepath.EvalSymlinks(path) + if err != nil { + return err + } + + // Skip other directories. + if info.Mode().IsDir() { + return walkRecursive(tw, path, newPath) + } // Open the file to copy it into the tarball. file, err := os.Open(path) @@ -327,7 +322,6 @@ func (g *gobuild) tarKoData(importpath string) (*bytes.Buffer, error) { defer file.Close() // Copy the file into the image tarball. - newPath := filepath.Join(kodataRoot, path[len(root):]) if err := tw.WriteHeader(&tar.Header{ Name: newPath, Size: info.Size(), @@ -342,6 +336,26 @@ func (g *gobuild) tarKoData(importpath string) (*bytes.Buffer, error) { _, err = io.Copy(tw, file) return err }) +} + +func (g *gobuild) tarKoData(importpath string) (*bytes.Buffer, error) { + buf := bytes.NewBuffer(nil) + // Compress this before calling tarball.LayerFromOpener, since it eagerly + // calculates digests and diffids. This prevents us from double compressing + // the layer when we have to actually upload the blob. + // + // https://github.com/google/go-containerregistry/issues/413 + gw, _ := gzip.NewWriterLevel(buf, gzip.BestSpeed) + defer gw.Close() + tw := tar.NewWriter(gw) + defer tw.Close() + + root, err := g.kodataPath(importpath) + if err != nil { + return nil, err + } + + err = walkRecursive(tw, root, kodataRoot) if err != nil { return nil, err } From 92e707733b68af8b30b7a9eaed2b3926a92cc3b4 Mon Sep 17 00:00:00 2001 From: Matt Moore Date: Thu, 15 Aug 2019 22:06:45 +0000 Subject: [PATCH 2/2] Incorporate code review feedback --- cmd/ko/test/kodata/HEAD | 1 + cmd/ko/test/kodata/refs | 1 + cmd/ko/test/main.go | 7 +++++++ cmd/ko/test/test.yaml | 2 +- pkg/build/gobuild.go | 21 +++++++++------------ pkg/build/gobuild_test.go | 14 +++++--------- 6 files changed, 24 insertions(+), 22 deletions(-) create mode 120000 cmd/ko/test/kodata/HEAD create mode 120000 cmd/ko/test/kodata/refs diff --git a/cmd/ko/test/kodata/HEAD b/cmd/ko/test/kodata/HEAD new file mode 120000 index 0000000000..481bd4eff4 --- /dev/null +++ b/cmd/ko/test/kodata/HEAD @@ -0,0 +1 @@ +../../../../.git/HEAD \ No newline at end of file diff --git a/cmd/ko/test/kodata/refs b/cmd/ko/test/kodata/refs new file mode 120000 index 0000000000..fe164fe40f --- /dev/null +++ b/cmd/ko/test/kodata/refs @@ -0,0 +1 @@ +../../../../.git/refs \ No newline at end of file diff --git a/cmd/ko/test/main.go b/cmd/ko/test/main.go index 797a42ab62..2a74cd5275 100644 --- a/cmd/ko/test/main.go +++ b/cmd/ko/test/main.go @@ -29,4 +29,11 @@ func main() { log.Fatalf("Error reading %q: %v", file, err) } log.Printf(string(bytes)) + + file = filepath.Join(dp, "refs/heads/master") + bytes, err = ioutil.ReadFile(file) + if err != nil { + log.Fatalf("Error reading %q: %v", file, err) + } + log.Printf(string(bytes)) } diff --git a/cmd/ko/test/test.yaml b/cmd/ko/test/test.yaml index 8a0b0cfe42..2ce60f6b94 100644 --- a/cmd/ko/test/test.yaml +++ b/cmd/ko/test/test.yaml @@ -20,5 +20,5 @@ metadata: spec: containers: - name: obiwan - image: github.com/google/ko/cmd/test + image: github.com/google/ko/cmd/ko/test restartPolicy: Never diff --git a/pkg/build/gobuild.go b/pkg/build/gobuild.go index e46d2e5549..c140cf1055 100644 --- a/pkg/build/gobuild.go +++ b/pkg/build/gobuild.go @@ -276,10 +276,13 @@ func (g *gobuild) kodataPath(s string) (string, error) { // Where kodata lives in the image. const kodataRoot = "/var/run/ko" +// walkRecursive performs a filepath.Walk of the given root directory adding it +// to the provided tar.Writer with root -> chroot. All symlinks are dereferenced, +// which is what leads to recursion when we encounter a directory symlink. func walkRecursive(tw *tar.Writer, root, chroot string) error { return filepath.Walk(root, func(path string, info os.FileInfo, err error) error { if path == root { - // Add an entry for /var/run/ko + // Add an entry for the root directory of our walk. return tw.WriteHeader(&tar.Header{ Name: chroot, Typeflag: tar.TypeDir, @@ -296,19 +299,18 @@ func walkRecursive(tw *tar.Writer, root, chroot string) error { if info.Mode().IsDir() { return nil } + newPath := filepath.Join(chroot, path[len(root):]) - // Chase symlinks. - info, err = os.Stat(path) + path, err = filepath.EvalSymlinks(path) if err != nil { return err } - newPath := filepath.Join(chroot, path[len(root):]) - path, err = filepath.EvalSymlinks(path) + // Chase symlinks. + info, err = os.Stat(path) if err != nil { return err } - // Skip other directories. if info.Mode().IsDir() { return walkRecursive(tw, path, newPath) @@ -355,12 +357,7 @@ func (g *gobuild) tarKoData(importpath string) (*bytes.Buffer, error) { return nil, err } - err = walkRecursive(tw, root, kodataRoot) - if err != nil { - return nil, err - } - - return buf, nil + return buf, walkRecursive(tw, root, kodataRoot) } // Build implements build.Interface diff --git a/pkg/build/gobuild_test.go b/pkg/build/gobuild_test.go index a80d927917..56dc00bfd5 100644 --- a/pkg/build/gobuild_test.go +++ b/pkg/build/gobuild_test.go @@ -253,19 +253,15 @@ func TestGoBuild(t *testing.T) { }) t.Run("check app layer contents", func(t *testing.T) { - expectedHash := v1.Hash{ - Algorithm: "sha256", - Hex: "4379f30a6c6f66221c3c54dddd378fcfa5a7304a6655ff783b102069c0f943ab", - } - appLayer := ls[baseLayers] + dataLayer := ls[baseLayers] - if got, err := appLayer.Digest(); err != nil { + if _, err := dataLayer.Digest(); err != nil { t.Errorf("Digest() = %v", err) - } else if got != expectedHash { - t.Errorf("Digest() = %v, want %v", got, expectedHash) } + // We don't check the data layer here because it includes a symlink of refs and + // will produce a distinct hash each time we commit something. - r, err := appLayer.Uncompressed() + r, err := dataLayer.Uncompressed() if err != nil { t.Errorf("Uncompressed() = %v", err) }