YunoHost/yunohost
1
0
Fork 0
mirror of https://github.com/YunoHost/yunohost.git synced 2024-09-03 20:06:10 +02:00
Code Issues Projects Releases Packages Wiki Activity

Merge pull request #1733 from Thovi98/dev

Browse source 
Update docker-image-extract
This commit is contained in:
Alexandre Aubin 2023-10-30 12:47:07 +01:00 committed by GitHub
commit 4eef918e40
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 53 additions and 29 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
helpers/vendor/docker-image-extract/LICENSE vendored
View file

@ -1,21 +1,19 @@
MIT License Copyright (c) 2020-2023, Jeremy Lin
Copyright (c) 2021 Emmanuel Frecon Permission is hereby granted, free of charge, to any person obtaining a
copy of this software and associated documentation files (the "Software"),
to deal in the Software without restriction, including without limitation
the rights to use, copy, modify, merge, publish, distribute, sublicense,
and/or sell copies of the Software, and to permit persons to whom the
Software is furnished to do so, subject to the following conditions:
Permission is hereby granted, free of charge, to any person obtaining a copy The above copyright notice and this permission notice shall be included in
of this software and associated documentation files (the "Software"), to deal all copies or substantial portions of the Software.
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
SOFTWARE. DEALINGS IN THE SOFTWARE.

2
helpers/vendor/docker-image-extract/README.md vendored
View file

@ -1 +1 @@
This is taken from https://github.com/efrecon/docker-image-extract This is taken from https://github.com/jjlin/docker-image-extract, under MIT license.

54
helpers/vendor/docker-image-extract/docker-image-extract vendored
View file

@ -2,7 +2,7 @@
# #
# This script pulls and extracts all files from an image in Docker Hub. # This script pulls and extracts all files from an image in Docker Hub.
# #
# Copyright (c) 2020-2022, Jeremy Lin # Copyright (c) 2020-2023, Jeremy Lin
# #
# Permission is hereby granted, free of charge, to any person obtaining a # Permission is hereby granted, free of charge, to any person obtaining a
# copy of this software and associated documentation files (the "Software"), # copy of this software and associated documentation files (the "Software"),
@ -103,6 +103,17 @@ if [ $# -eq 0 ]; then
exit 1 exit 1
fi fi
if [ -e "${OUT_DIR}" ]; then
if [ -d "${OUT_DIR}" ]; then
echo "WARNING: Output dir already exists. If it contains a previous extracted image,"
echo "there may be errors when trying to overwrite files with read-only permissions."
echo
else
echo "ERROR: Output dir already exists, but is not a directory."
exit 1
fi
fi
have_curl() { have_curl() {
command -v curl >/dev/null command -v curl >/dev/null
} }
@ -173,16 +184,20 @@ fetch() {
# https://docs.docker.com/docker-hub/api/latest/#tag/repositories # https://docs.docker.com/docker-hub/api/latest/#tag/repositories
manifest_list_url="https://hub.docker.com/v2/repositories/${image}/tags/${ref}" manifest_list_url="https://hub.docker.com/v2/repositories/${image}/tags/${ref}"
# If we're pulling the image for the default platform, or the ref is already # If the ref is already a SHA-256 image digest, then we don't need to look up anything.
# a SHA-256 image digest, then we don't need to look up anything. if [ -z "${ref##sha256:*}" ]; then
if [ "${PLATFORM}" = "${PLATFORM_DEFAULT}" ] || [ -z "${ref##sha256:*}" ]; then
digest="${ref}" digest="${ref}"
else else
echo "Getting multi-arch manifest list..." echo "Getting multi-arch manifest list..."
NL='
'
digest=$(fetch "${manifest_list_url}" | digest=$(fetch "${manifest_list_url}" |
# Break up the single-line JSON output into separate lines by adding # Break up the single-line JSON output into separate lines by adding
# newlines before and after the chars '[', ']', '{', and '}'. # newlines before and after the chars '[', ']', '{', and '}'.
sed -e 's/\([][{}]\)/\n\1\n/g' | # This uses the \${NL} syntax because some BSD variants of sed don't
# support \n syntax in the replacement string, but instead require
# a literal newline preceded by a backslash.
sed -e 's/\([][{}]\)/\'"${NL}"'\1\'"${NL}"'/g' |
# Extract the "images":[...] list. # Extract the "images":[...] list.
sed -n '/"images":/,/]/ p' | sed -n '/"images":/,/]/ p' |
# Each image's details are now on a separate line, e.g. # Each image's details are now on a separate line, e.g.
@ -205,13 +220,13 @@ else
break break
fi fi
done) done)
fi
if [ -n "${digest}" ]; then if [ -n "${digest}" ]; then
echo "Platform ${PLATFORM} resolved to '${digest}'..." echo "Platform ${PLATFORM} resolved to '${digest}'..."
else else
echo "No image digest found. Verify that the image, ref, and platform are valid." echo "No image digest found. Verify that the image, ref, and platform are valid."
exit 1 exit 1
fi
fi fi
# https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate # https://docs.docker.com/registry/spec/auth/token/#how-to-authenticate
@ -226,10 +241,21 @@ blobs_base_url="https://registry-1.docker.io/v2/${image}/blobs"
echo "Getting API token..." echo "Getting API token..."
token=$(fetch "${api_token_url}" | extract 'token') token=$(fetch "${api_token_url}" | extract 'token')
auth_header="Authorization: Bearer $token" auth_header="Authorization: Bearer $token"
v2_header="Accept: application/vnd.docker.distribution.manifest.v2+json"
# https://github.com/distribution/distribution/blob/main/docs/spec/manifest-v2-2.md
docker_manifest_v2="application/vnd.docker.distribution.manifest.v2+json"
# https://github.com/opencontainers/image-spec/blob/main/manifest.md
oci_manifest_v1="application/vnd.oci.image.manifest.v1+json"
# Docker Hub can return either type of manifest format. Most images seem to
# use the Docker format for now, but the OCI format will likely become more
# common as features that require that format become enabled by default
# (e.g., https://github.com/docker/build-push-action/releases/tag/v3.3.0).
accept_header="Accept: ${docker_manifest_v2},${oci_manifest_v1}"
echo "Getting image manifest for $image:$ref..." echo "Getting image manifest for $image:$ref..."
layers=$(fetch "${manifest_url}" "${auth_header}" "${v2_header}" | layers=$(fetch "${manifest_url}" "${auth_header}" "${accept_header}" |
# Extract `digest` values only after the `layers` section appears. # Extract `digest` values only after the `layers` section appears.
sed -n '/"layers":/,$ p' | sed -n '/"layers":/,$ p' |
extract 'digest') extract 'digest')
@ -259,4 +285,4 @@ for layer in $layers; do
IFS="${OLD_IFS}" IFS="${OLD_IFS}"
done done
echo "Image contents extracted into ${OUT_DIR}." echo "Image contents extracted into ${OUT_DIR}."