From 4cf0fe460670b816141c5884068abd4653a33ed6 Mon Sep 17 00:00:00 2001 From: Colin Walters Date: Tue, 7 Jun 2022 16:07:31 -0400 Subject: [PATCH] push-container: Also inject `baseos-container` into `meta.json` While I am trying to actively sever the dependence of the base container image build on `meta.json`, there's no reason not to inject it into `meta.json` in this flow too because the build system already requires it. --- src/cmd-push-container | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/src/cmd-push-container b/src/cmd-push-container index 013a6925bb..cbe7209ecb 100755 --- a/src/cmd-push-container +++ b/src/cmd-push-container @@ -7,6 +7,8 @@ import argparse import json import os +import tempfile +import shutil import subprocess import sys @@ -44,11 +46,23 @@ if args.authfile is not None: skopeoargs.extend(['--authfile', args.authfile]) if args.format is not None: skopeoargs.extend(['--format', args.format]) -container_name = args.name -if ":" not in container_name: - container_name = f"{container_name}:{latest_build}-{arch}" +container_name = container_name_and_tag = args.name if args.base_image_name: container_name = f"{container_name}-base-image" -skopeoargs.extend([f"oci-archive:{ociarchive}", f"docker://{container_name}"]) -print(subprocess.list2cmdline(skopeoargs)) -os.execvp('skopeo', skopeoargs) +if ":" not in container_name_and_tag: + container_name_and_tag = f"{container_name}:{latest_build}-{arch}" +if ":" in container_name: + container_name = container_name.rsplit(':')[0] +with tempfile.NamedTemporaryFile(dir='tmp', prefix='push-container-digestfile') as df: + skopeoargs.append(f"--digestfile={df.name}") + skopeoargs.extend([f"oci-archive:{ociarchive}", f"docker://{container_name}"]) + print(subprocess.list2cmdline(skopeoargs)) + subprocess.check_call(skopeoargs) + df.seek(0) + digest = df.read().decode('utf-8').strip() + # Inject the oscontainer with SHA256 into the build metadata + meta['baseos-container'] = {'image': f"{container_name}@{digest}" } + metapath_new = f"{metapath}.new" + with open(metapath_new, 'w') as f: + json.dump(meta, f, sort_keys=True) + shutil.move(metapath_new, metapath)