🌱 consolidate image layer handling; move fs utils #1690
Conversation
✅ Deploy Preview for olmv1 ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #1690 +/- ##
==========================================
+ Coverage 67.47% 67.58% +0.10%
==========================================
Files 59 59
Lines 5003 4982 -21
==========================================
- Hits 3376 3367 -9
+ Misses 1380 1371 -9
+ Partials 247 244 -3
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
internal/util/fs/fs.go
Outdated
| OwnerWritableDirMode os.FileMode = 0700 | ||
| OwnerReadOnlyFileMode os.FileMode = 0400 | ||
| OwnerReadOnlyDirMode os.FileMode = 0500 | ||
| ownerWritableFileMode os.FileMode = 0700 |
There was a problem hiding this comment.
I wonder if we should export these and use them in the image utils. Maybe we could even add a comment here to explain why we don't give group perms.
There was a problem hiding this comment.
I didn't see any usage outside of this package, so opted to unexport them. If there's a strong use case that comes up later, we can always export them again. This is all internal, so it doesn't matter either way from a public API standpoint, but it can be nice to keep even internal packages nice and tidy to avoid leaky abstractions.
|
I'm wondering if we should call On every successful run of unpack. E.g. always ensure that the other images previously unpacked are gone, and we don't have some garbage hanging around because the process got killed mid deletion (though I guess the cache clear at pod restart should handle that...) |
|
/hold There's a problem we discovered with EnsureEmptyDirectory, when it tries to delete directories with read-only bits set. Need to fix that first, then rebase this. |
openshift-ci
bot
added
the
do-not-merge/hold
openshift-ci
bot
added
the
do-not-merge/work-in-progress
joelanford
force-pushed
the
consolidate-layer-handling
branch
3 times, most recently
from
257d9d4 to
29dfafc
Compare
openshift-ci
bot
removed
the
do-not-merge/work-in-progress
joelanford
removed
the
do-not-merge/hold
| fsutil "github.com/operator-framework/operator-controller/internal/util/fs" | ||
| ) | ||
|
|
||
| func ForceOwnershipRWX() archive.Filter { |
There was a problem hiding this comment.
Could we doc the funcs ?
There was a problem hiding this comment.
+1 we should add go docs for these functions.
You're thinking to move it up right after we determine the canonical ref, but before we check to see if we already have the canonical ref cached? I think that makes sense to me. Right now this is only called in the case that we actually pull a new image, but not when we return an existing one.
Yes, but it's better to keep packages self-contained and avoid relying on hidden side-effects like that. I feel like that is one of OLMv0's downfalls. |
| return fmt.Errorf("error making unpack directory read-only: %w", err) | ||
| } | ||
| return nil | ||
| } |
There was a problem hiding this comment.
to me all of those wrapper functions above are very specific to the logic required in source and it might be a good idea to defer placing them in an external dedicated util/ package until there is a need to share them, so imho for now it would be better to have them close to where they're being used
There was a problem hiding this comment.
nvm, my bad - I noticed they are actually shared between op-con and catalogd ;)
| @@ -66,6 +66,8 @@ linters-settings: | |||
| alias: ctrl | |||
| - pkg: github.com/blang/semver/v4 | |||
| alias: bsemver | |||
| - pkg: "^github.com/operator-framework/operator-controller/internal/util/([^/]+)$" | |||
| alias: "${1}util" | |||
There was a problem hiding this comment.
It is a good way to enforce import aliasing
| } else if errors.Is(err, fsutil.ErrNotDirectory) { | ||
| if err := fsutil.DeleteReadOnlyRecursive(unpackPath); err != nil { | ||
| return nil, err | ||
| } |
There was a problem hiding this comment.
This seems to be a new code i.e. we are deleting the file if it is not a directory, is that right?
There was a problem hiding this comment.
It was originally in IsDirectoryPresent, but and I both @perdasilva thought that was a terrible idea given the name and location of that helper function. So I renamed that function to GetDirectoryModTime and moved the delete call to the caller side.
|
I'm going to hold off on moving
|
Signed-off-by: Joe Lanford <[email protected]>
joelanford
force-pushed
the
consolidate-layer-handling
branch
from
29dfafc to
557c03f
Compare
|
/lgtm |
bf13d14
Description
Now that we have a monorepo, we can begin consolidating various bits of code that had identical or substantially similar implementations in catalogd and operator-controller.
This PR adds an
imageutility package, for now with common code that handles applying an image to an unpack directory. Of note is that catalogd and operator-controller had separate sets of filters used when applying the image layers. This PR, extracts the separate filter functions into the image utility library, and then updates the (still mostly duplicate) unpacker implementations to use the new shared code.In follow-up PRs, we can further de-dup the containers/image unpacker implementations (and any other duplicate code we find).
NOTE: To avoid an import cycle, I needed to also make a new
fsutility package forinternal/rukpak/source/helpers.go(which are all fs-related helpers). I also took the opportunity to moveinternal/fsutil/* into the newfs` utility package.Fixes #1711
Reviewer Checklist