fork distribution client v2 #48805

thaJeztah · 2024-10-31T11:28:32Z

addresses replace uses of distributions registry-client because it's deprecated and removed #46940

This is just a straight fork with some minor changes;

replaced distribution's uuid package for github.com/google/uuid in tests
removed uses of distribution's "context" package for a regular context (only used in tests)
fix some linting issues

I will do some follow-ups;

remove uses of libtrust in tests (we can probably remove the schema v1 tests altogether
backport Make Descriptor an alias for oci.Descriptor distribution/distribution#3888 (and related)
backport some fixes that were made in the (now internal) v3 client

Note that this client should be replaced with something better altogether, but having a local fork allows us to make some granular changes ahead of that.

fork distribution client v2

This forks the distribution's registry client (v2) at v2.8.3;
distribution/distribution@4772604

This is the result of the following steps:

# install filter-repo (https://github.com/newren/git-filter-repo/blob/main/INSTALL.md)
brew install git-filter-repo

# create a temporary clone of docker
cd ~/Projects
git clone https://github.com/distribution/distribution.git distribution_temp
cd distribution_temp

# switch to v2.8.3 (git-filter doesn't like multiple branches, so reset)
git reset --hard v2.8.3

# commit taken from
git rev-parse --verify HEAD
4772604ae973031ab32dd9805a4bccf61d94909f

git filter-repo --analyze

# remove all code, except for 'registry/client', 'registry/storage/cache',
# and 'testutil', and rename to 'internal/registryclient', 'internal/registryclient/cache'
# and 'internal/registryclient/testutil'
git filter-repo \
  --force \
  --path 'registry/client' \
  --path 'registry/storage/cache/cache.go' \
  --path 'registry/storage/cache/cachedblobdescriptorstore.go' \
  --path 'registry/storage/cache/cachecheck/suite.go' \
  --path 'registry/storage/cache/memory' \
  --path 'testutil/handler.go' \
  --path-rename registry/client:internal/registryclient \
  --path-rename registry/storage/cache:internal/registryclient/cache \
  --path-rename internal/registryclient/cache/cachecheck/suite.go:internal/registryclient/cache/memory/memory_utils_test.go \
  --path-rename testutil:internal/registryclient/testutil

# go to the target github.com/docker/docker repository
cd ~/go/src/github.com/docker/docker

# create a branch to work with
git checkout -b fork_registryclient_v2

# add the temporary repository as an upstream and make sure it's up-to-date
git remote add distribution_temp ~/Projects/distribution_temp
git fetch distribution_temp

# merge the upstream code
git merge --allow-unrelated-histories --signoff -S distribution_temp/main

- Description for the changelog

- A picture of a cute animal (not mandatory but encouraged)

Signed-off-by: Stephen J Day <stephen.day@docker.com>

After all of the perl refactoring, some import orderings were left asunder. This commit corrects that. Signed-off-by: Stephen J Day <stephen.day@docker.com>

Signed-off-by: Stephen J Day <stephen.day@docker.com>

This changeset defines the interface for layer info caches. Layer info caches speed up access to layer meta data accessed in storage driver backends. The two main operations are tests for repository membership and resolving path and size information for backend blobs. Two implementations are available. The main implementation leverages redis to store layer info. An alternative implementation simply caches layer info in maps, which should speed up resolution for less sophisticated implementations. Signed-off-by: Stephen J Day <stephen.day@docker.com>

This PR refactors the blob service API to be oriented around blob descriptors. Identified by digests, blobs become an abstract entity that can be read and written using a descriptor as a handle. This allows blobs to take many forms, such as a ReadSeekCloser or a simple byte buffer, allowing blob oriented operations to better integrate with blob agnostic APIs (such as the `io` package). The error definitions are now better organized to reflect conditions that can only be seen when interacting with the blob API. The main benefit of this is to separate the much smaller metadata from large file storage. Many benefits also follow from this. Reading and writing has been separated into discrete services. Backend implementation is also simplified, by reducing the amount of metadata that needs to be picked up to simply serve a read. This also improves cacheability. "Opening" a blob simply consists of an access check (Stat) and a path calculation. Caching is greatly simplified and we've made the mapping of provisional to canonical hashes a first-class concept. BlobDescriptorService and BlobProvider can be combined in different ways to achieve varying effects. Recommend Review Approach ------------------------- This is a very large patch. While apologies are in order, we are getting a considerable amount of refactoring. Most changes follow from the changes to the root package (distribution), so start there. From there, the main changes are in storage. Looking at (*repository).Blobs will help to understand the how the linkedBlobStore is wired. One can explore the internals within and also branch out into understanding the changes to the caching layer. Following the descriptions below will also help to guide you. To reduce the chances for regressions, it was critical that major changes to unit tests were avoided. Where possible, they are left untouched and where not, the spirit is hopefully captured. Pay particular attention to where behavior may have changed. Storage ------- The primary changes to the `storage` package, other than the interface updates, were to merge the layerstore and blobstore. Blob access is now layered even further. The first layer, blobStore, exposes a global `BlobStatter` and `BlobProvider`. Operations here provide a fast path for most read operations that don't take access control into account. The `linkedBlobStore` layers on top of the `blobStore`, providing repository- scoped blob link management in the backend. The `linkedBlobStore` implements the full `BlobStore` suite, providing access-controlled, repository-local blob writers. The abstraction between the two is slightly broken in that `linkedBlobStore` is the only channel under which one can write into the global blob store. The `linkedBlobStore` also provides flexibility in that it can act over different link sets depending on configuration. This allows us to use the same code for signature links, manifest links and blob links. Eventually, we will fully consolidate this storage. The improved cache flow comes from the `linkedBlobStatter` component of `linkedBlobStore`. Using a `cachedBlobStatter`, these combine together to provide a simple cache hierarchy that should streamline access checks on read and write operations, or at least provide a single path to optimize. The metrics have been changed in a slightly incompatible way since the former operations, Fetch and Exists, are no longer relevant. The fileWriter and fileReader have been slightly modified to support the rest of the changes. The most interesting is the removal of the `Stat` call from `newFileReader`. This was the source of unnecessary round trips that were only present to look up the size of the resulting reader. Now, one must simply pass in the size, requiring the caller to decide whether or not the `Stat` call is appropriate. In several cases, it turned out the caller already had the size already. The `WriterAt` implementation has been removed from `fileWriter`, since it is no longer required for `BlobWriter`, reducing the number of paths which writes may take. Cache ----- Unfortunately, the `cache` package required a near full rewrite. It was pretty mechanical in that the cache is oriented around the `BlobDescriptorService` slightly modified to include the ability to set the values for individual digests. While the implementation is oriented towards caching, it can act as a primary store. Provisions are in place to have repository local metadata, in addition to global metadata. Fallback is implemented as a part of the storage package to maintain this flexibility. One unfortunate side-effect is that caching is now repository-scoped, rather than global. This should have little effect on performance but may increase memory usage. Handlers -------- The `handlers` package has been updated to leverage the new API. For the most part, the changes are superficial or mechanical based on the API changes. This did expose a bug in the handling of provisional vs canonical digests that was fixed in the unit tests. Configuration ------------- One user-facing change has been made to the configuration and is updated in the associated documentation. The `layerinfo` cache parameter has been deprecated by the `blobdescriptor` cache parameter. Both are equivalent and configuration files should be backward compatible. Notifications ------------- Changes the `notification` package are simply to support the interface changes. Context ------- A small change has been made to the tracing log-level. Traces have been moved from "info" to "debug" level to reduce output when not needed. Signed-off-by: Stephen J Day <stephen.day@docker.com>

Refactor Blob Service API

Adds functionality to create a Repository client which connects to a remote endpoint. Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)