docker/reference: add IsFullIdentifier #1476
Conversation
There was a problem hiding this comment.
I realize I’m probably being a pest, still… what’s the full story here?
(Conceptually, I’d expect a “parse input of $syntax” function that is the ~authoritative implementation of $syntax; not an API of “try parsing the input as $syntax1; if it failed, try $syntax2; if it failed, try $syntax3”. This new function could well be a part of the first “authoritative parser” implementation, it just raises my suspicion :) )
Specifically WRT containers/podman#12761 , compare
image/storage/storage_transport.go
Line 145 in 6ab45a6
image/storage/storage_transport.go
Line 160 in 6ab45a6
minimumTruncatedIDLength (OTOH the contents check is fairly weak, and using a stricter regex might be valuable). That’s, AFAICT, not the case in lookupImageInLocalStorage, where store.Image() accepts an unambiguous prefix of any length.
I’m also not sure how detecting a full identifier changes handling of short identifiers, perhaps that’s only tangentially related?
Is this just a locally-scoped change to modify the one
if strings.HasPrefix(name, "sha256:") || (len(name) == 64 && !strings.ContainsAny(name, "/.:@")) {check in Runtime.Pull? Consider ParseAnyReference — that would work fine for the ID syntaxes, OTOH the Named returned would not be usable, so that’s probably not better.
(Completely unrelated; The HasPrefix(name, "sha256:") check seems to be always false.)
Implementation looks OK, of course. From a maintenance POV, I’d prefer adding it to a separate file (regexp-additions.go)? so that the correspondence with distribution/distribution/reference is clear and easier to maintain — OTOH the test is really much better when integrated into the existing one, and placing the test and the function differently is not all that attractive.
mtrmac
changed the title
🤣
I want it for an optimization. containers/podman#12761 happens because we're doing a Here's the PR for c/common that should make my intention clearer: containers/common#939 |
|
There's another issue with tagging that I noticed: |
OK, that’s actually getting us closer to a consistent parser — where the 64-byte hex strings are only ever interpreted one way. Nice. LGTM; consider moving it to a separate file, but that’s quite a weak preference. |
vrothberg
force-pushed
the
full-id-regex
branch
from
e944630
to
7230ec7
Compare
Thanks! Done ✔️ |
|
Looks like CI is frequently broken now… |
I saw this one a number of times this week. |
#1477 , for the record. |
|
green |
|
@vrothberg you may need to rebase |
containers/common/libimage is in need to check whether a given input looks like a full image ID (i.e., a 64-byte hex string). Since compiling regexes has a negative impact on init- and run-time, let's expose a function to check whether a given string matches the already compiled regex in docker/reference. Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
vrothberg
force-pushed
the
full-id-regex
branch
from
7230ec7
to
40befe3
Compare
Mainly to pull in changes from the following PR which I will use in another commit: containers/image#1476 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
Mainly to pull in changes from the following PR which I will use in another commit: containers/image#1476 Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
containers/common/libimage is in need to check whether a given input
looks like a full image ID (i.e., a 64-byte hex string). Since
compiling regexes has a negative impact on init- and run-time, let's
expose a function to check whether a given string matches the already
compiled regex in docker/reference.
Signed-off-by: Valentin Rothberg vrothberg@redhat.com
@mtrmac PTAL
I want it for optimizing the fixes for containers/podman#12761.