Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

manifest, push: implement --add-compression to push with compressed variants. #4912

Merged
merged 4 commits into from
Jul 31, 2023

Conversation

flouthoc
Copy link
Collaborator

@flouthoc flouthoc commented Jul 6, 2023

This is a feature PR for c/image's EnsureCompressionVariantExists feature merged in below PR:

#### Proof of concept to demonstrate the new API which are recently added in c/image and some which still needs to be merged.

Adds a new flag --add-compression <compression> to manifest push, which when added will push existing manifest on host while replicating the instances with required compression.

Example usage

./buildah manifest create localhost:5000/list:latest
./buildah build -t test .
./buildah manifest add localhost:5000/list:latest test
# Push with replication for `zstd`
./buildah manifest push --tls-verify=false --all --add-compression zstd localhost:5000/list:latest

Expected pushed manifest list

{
  "schemaVersion": 2,
  "mediaType": "application/vnd.oci.image.index.v1+json",
  "manifests": [
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:d814812aea8237398f0a5c36ee6fabc0dbaa4c1b55453b3b9f87e5a4ac2bd4f1",
      "size": 759,
      "platform": {
        "architecture": "amd64",
        "os": "linux"
      }
    },
    {
      "mediaType": "application/vnd.oci.image.manifest.v1+json",
      "digest": "sha256:de950651c5648b48d8b41fda88245c8fa1060f55125f0387c8b0c2e878733e01",
      "size": 759,
      "annotations": {
        "io.github.containers.compression.zstd": "true"
      },
      "platform": {
        "architecture": "amd64",
        "os": "linux"
      }
    }
  ]
}

What type of PR is this?

/kind api-change
/kind bug
/kind cleanup
/kind deprecation
/kind design
/kind documentation
/kind failing-test
/kind feature
/kind flake
/kind other

What this PR does / why we need it:

How to verify it

Which issue(s) this PR fixes:

Special notes for your reviewer:

Does this PR introduce a user-facing change?

manifest, push: implement --add-compression to push with compressed

Copy link
Contributor

@mtrmac mtrmac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(Just a quick skim to see how the c/image feature is planned to be used.)

  • Eventually this should include man pages.
  • So a simple buildah bud && buildah push will not, with this PR, be able to do this. That’s fine, this PR is valuable as is — it just seems like an enhancement worth tracking.

cmd/buildah/manifest.go Outdated Show resolved Hide resolved
@flouthoc
Copy link
Collaborator Author

So a simple buildah bud && buildah push will not, with this PR, be able to do this

@mtrmac I think a simple buildah bud and then buildah push --compression-format <> --compression-level <> can still do it right for a single image, we support that on upstream as of now.

@mtrmac
Copy link
Contributor

mtrmac commented Jul 14, 2023

That creates a zstd-only image, not a dual image compatible with gzip consumers but allowing use of zstd.

@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 24, 2023
@openshift-merge-robot
Copy link
Collaborator

PR needs rebase.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@rhatdan
Copy link
Member

rhatdan commented Jul 24, 2023

@flouthoc needs rebase

@flouthoc
Copy link
Collaborator Author

@rhatdan Will rebase after this: containers/image#1987

@flouthoc flouthoc changed the title [POC] manifest, push: implement --replicate with compression while pushing manifest, push: implement --add-compression with compression while pushing Jul 27, 2023
@flouthoc flouthoc marked this pull request as ready for review July 27, 2023 18:31
@flouthoc flouthoc requested a review from mtrmac July 27, 2023 18:32
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Jul 27, 2023
@flouthoc
Copy link
Collaborator Author

flouthoc commented Jul 27, 2023

@flouthoc flouthoc changed the title manifest, push: implement --add-compression with compression while pushing manifest, push: implement --add-compression to push with compressed variants. Jul 27, 2023
Copy link
Contributor

@mtrmac mtrmac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code LGTM.

cmd/buildah/manifest.go Show resolved Hide resolved
docs/buildah-manifest-push.1.md Outdated Show resolved Hide resolved
@flouthoc
Copy link
Collaborator Author

@vrothberg @giuseppe PTAL

Copy link
Member

@vrothberg vrothberg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code and test LGTM

@edsantiago can you take a look at the test?

docs/buildah-manifest-inspect.1.md Show resolved Hide resolved
docs/buildah-manifest-inspect.1.md Show resolved Hide resolved

**--tls-verify** *bool-value*

Require HTTPS and verification of certificates when talking to container registries (defaults to true). TLS verification cannot be used when talking to an insecure registry.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: the new flags are not tested in the commit adding them but the one after.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was not planning to add these flags but they were needed for the --add-compression test, I can add independent tests for these but they will be just clone of --add-compression test without the --add-compression flag, I decided not to add because of duplication since these two flags are already getting tested in the test added for --add-compression. But I could be wrong 😅

@@ -18,6 +18,11 @@ The list image's ID and the digest of the image's manifest.

## OPTIONS

**--add-compression** *compression*

If specified while pushing option makes sure that requested compression variant exists for each platform in the manifest list.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This sentence is a bit hard to brain parse. I'd drop while pushing since we're already in the buildah-push man page.

We should also elaborate how in interacts with --compression and that the ones specified here are in addition to the default or --compression one.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you check if it looks any better now.

@flouthoc flouthoc force-pushed the replicate-zstd branch 2 times, most recently from c7b2e11 to 46ac671 Compare July 28, 2023 07:33
tests/bud.bats Outdated Show resolved Hide resolved
Copy link
Member

@edsantiago edsantiago left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm going to assume that "testing for gzip" == "null annotation". I think that should be clearer in the comments.

There's a lot of unnecessary duplication in the test, it could maybe be refactored into a table. And, when possible, it's better to do exact matches instead of substring.

This is just a quick glance, sorry, gotta head out.

@openshift-ci
Copy link
Contributor

openshift-ci bot commented Jul 31, 2023

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: edsantiago, flouthoc

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@flouthoc
Copy link
Collaborator Author

@containers/buildah-maintainers PTAL

@@ -696,6 +702,9 @@ func manifestAnnotateCmd(c *cobra.Command, args []string, opts manifestAnnotateO
}

func manifestInspectCmd(c *cobra.Command, args []string, opts manifestInspectOpts) error {
if err := auth.CheckAuthFile(opts.authfile); err != nil {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you wrap this in a check to see if the user modified it?

@rhatdan
Copy link
Member

rhatdan commented Jul 31, 2023

LGTM other the check to make sure user set the authfile.

Add flags for `manifest inspect` i.e `--tls-verify` and `--authfile`

Signed-off-by: Aditya R <[email protected]>
Adds support for `--add-compression` which accepts multiple compression
formats and when used it will add all instances in a manifest list with
requested compression formats.

Signed-off-by: Aditya R <[email protected]>
@rhatdan
Copy link
Member

rhatdan commented Jul 31, 2023

/lgtm
/hold

@flouthoc
Copy link
Collaborator Author

/hold cancel

@flouthoc
Copy link
Collaborator Author

@lsm5 Some rpm-builds are failing, just informing.

@rhatdan rhatdan merged commit 8af2dc4 into containers:main Jul 31, 2023
31 of 33 checks passed
@lsm5
Copy link
Member

lsm5 commented Jul 31, 2023

@flouthoc yup, there was a second issue on c9s. I've filed bz and I have a temp fix for podman. I'll create one for buildah too.

@rhatdan
Copy link
Member

rhatdan commented Aug 1, 2023

If I want to push zstd:chunked only, now what do I do? Can I set this up in containers.conf to do this all the time?

@flouthoc
Copy link
Collaborator Author

flouthoc commented Aug 2, 2023

Can I set this up in containers.conf to do this all the time

Not as of now but I think we can create a field in container.conf for default value of --add-compression WDYT ? ( created a PR: containers/common#1593 )

If I want to push zstd:chunked only

I think zstd:chunked is still waiting for this : containers/image#1980 and if only zstd:chunked is needed then you can use simple --compression flag.

flouthoc added a commit to flouthoc/common that referenced this pull request Aug 2, 2023
Allows users to set default value of `AddCompression` to Engine table so
users can use containers/buildah#4912 by
default.

Closes: containers/buildah#4912 (comment)

Signed-off-by: Aditya R <[email protected]>
@rhatdan
Copy link
Member

rhatdan commented Aug 2, 2023

No. In Fedora 39, the default for pushing to registries has to be "gzip,zstd:chunked" Then Podman can take advantage of zstd. And old docker will continue to work.
In Fedora 40 we ship to just zstd:chunked. But this setting has to be set in containers.conf so distributions can override it.

@mtrmac
Copy link
Contributor

mtrmac commented Aug 2, 2023

the default for pushing to registries

I mean, we are not at that point at all yet. This is manifest push, with an explicit sequence of commands.

A simple podman push / buildah push (optionally!) creating a multi-instance image definitely makes sense, but just doesn’t exist right now. That path is also different in that the source is always uncompressed, so the difference between --compression and --add-compression is not as pronounced.

@rhatdan
Copy link
Member

rhatdan commented Aug 3, 2023

Ok as long as I get my eventual goal, I am fine with this.

flouthoc added a commit to flouthoc/common that referenced this pull request Aug 24, 2023
Allows users to set default value of `AddCompression` to Engine table so
users can use containers/buildah#4912 by
default.

Closes: containers/buildah#4912 (comment)

Signed-off-by: Aditya R <[email protected]>
flouthoc added a commit to flouthoc/common that referenced this pull request Aug 24, 2023
Allows users to set default value of `AddCompression` to Engine table so
users can use containers/buildah#4912 by
default.

Closes: containers/buildah#4912 (comment)

Signed-off-by: Aditya R <[email protected]>
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Nov 2, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants