Skip to content

Force OCI format for inner images when publishing tarballs or to local docker instances #47398

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -304,10 +304,16 @@
<!--We don't want to skip publishing individual images in case of local daemon podman because podman loads multi-arch tarball differently - only individual image for the current platform.-->
<_SkipContainerPublishing>false</_SkipContainerPublishing>
<_SkipContainerPublishing Condition="$(ContainerArchiveOutputPath) != '' or ( $(ContainerRegistry) == '' and ( $(LocalRegistry) == '' or $(LocalRegistry) == 'Docker' ) )">true</_SkipContainerPublishing>

<!--We want to skip CreateImageIndex task in case of local daemon podman because it is not supported.-->
<_SkipCreateImageIndex>false</_SkipCreateImageIndex>
<_SkipCreateImageIndex Condition="$(ContainerArchiveOutputPath) == '' and $(ContainerRegistry) == '' and $(LocalRegistry) == 'Podman'">true</_SkipCreateImageIndex>

<!-- Figure out what format the inner images should be coerced to -->
<!-- If a user had an opinion, use that -->
<_SingleImageContainerFormat Condition="'$(ContainerImageFormat)' != ''">$(ContainerImageFormat)</_SingleImageContainerFormat>
<!-- If we are publishing to local tarball or to local Docker, force OCI to prevent mismatches between inner images and the outer manifest -->
<_SingleImageContainerFormat Condition="$(_SkipContainerPublishing) == 'true' ">OCI</_SingleImageContainerFormat>
</PropertyGroup>

<ItemGroup>
Expand Down Expand Up @@ -337,7 +343,8 @@
ContainerUser=$(ContainerUser);
ContainerGenerateLabels=$(ContainerGenerateLabels);
ContainerGenerateLabelsImageBaseDigest=$(ContainerGenerateLabelsImageBaseDigest);
_SkipContainerPublishing=$(_SkipContainerPublishing)
_SkipContainerPublishing=$(_SkipContainerPublishing);
ContainerImageFormat=$(_SingleImageContainerFormat)
"/>
<_rids Remove ="$(_rids)" />
</ItemGroup>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -1012,7 +1012,7 @@ public void EndToEndMultiArch_RemoteRegistry()
.And.HaveStdOutContaining($"Pushed image '{imageX64}' to registry '{registry}'.")
.And.HaveStdOutContaining($"Pushed image '{imageArm64}' to registry '{registry}'.")
.And.HaveStdOutContaining($"Pushed image index '{imageIndex}' to registry '{registry}'.");

// Check that the containers can be run
// First pull the image from the registry for each platform
ContainerCli.PullCommand(
Expand All @@ -1029,7 +1029,7 @@ public void EndToEndMultiArch_RemoteRegistry()
imageFromRegistry)
.Execute()
.Should().Pass();

// Run the containers
ContainerCli.RunCommand(
_testOutput,
Expand Down Expand Up @@ -1351,4 +1351,45 @@ static string[] DecideEntrypoint(string rid, string appName, string workingDir)
return new[] { $"{workingDir}/{binary}" };
}
}

[DockerAvailableFact(checkContainerdStoreAvailability: true)]
public void EnforcesOciSchemaForMultiRIDTarballOutput()
{
string imageName = NewImageName();
string tag = "1.0";

// Create new console app
DirectoryInfo newProjectDir = CreateNewProject("webapp");

// Run PublishContainer for multi-arch with ContainerGenerateLabels
var publishResult = new DotnetCommand(
_testOutput,
"publish",
"/t:PublishContainer",
"/p:RuntimeIdentifiers=\"linux-x64;linux-arm64\"",
$"/p:ContainerBaseImage={DockerRegistryManager.FullyQualifiedBaseImageAspNet}",
$"/p:ContainerRepository={imageName}",
$"/p:ContainerImageTag={tag}",
"/p:EnableSdkContainerSupport=true",
"/p:ContainerArchiveOutputPath=archive.tar.gz",
"-getProperty:GeneratedImageIndex",
"-getItem:GeneratedContainers",
"/bl")
.WithWorkingDirectory(newProjectDir.FullName)
.Execute();

publishResult.Should().Pass();
var jsonDump = JsonDocument.Parse(publishResult.StdOut);
var index = JsonDocument.Parse(jsonDump.RootElement.GetProperty("Properties").GetProperty("GeneratedImageIndex").ToString());
var containers = jsonDump.RootElement.GetProperty("Items").GetProperty("GeneratedContainers").EnumerateArray().ToArray();

index.RootElement.GetProperty("mediaType").GetString().Should().Be("application/vnd.oci.image.index.v1+json");
containers.Should().HaveCount(2);
foreach (var container in containers)
{
container.GetProperty("ManifestMediaType").GetString().Should().Be("application/vnd.oci.image.manifest.v1+json");
}
// Cleanup
newProjectDir.Delete(true);
}
}
Loading