buildpacks · natalieparellano · Mar 28, 2023 · Feb 13, 2023 · Feb 14, 2023 · Feb 14, 2023
@@ -8,5 +8,6 @@
 .vscode
 acceptance/testdata/*/**/container/cnb/lifecycle/*
 acceptance/testdata/*/**/container/docker-config/*
+acceptance/testdata/restorer/container/layers/*analyzed.toml
 acceptance/testdata/exporter/container/layers/*analyzed.toml
 acceptance/testdata/exporter/container/other_layers/*analyzed.toml
@@ -371,29 +371,38 @@ func assertImageOSAndArchAndCreatedAt(t *testing.T, imageName string, phaseTest
 }
 
 func updateAnalyzedTOMLFixturesWithRegRepoName(t *testing.T, phaseTest *PhaseTest) {
-	placeHolderPath := filepath.Join("testdata", "exporter", "container", "layers", "analyzed.toml.placeholder")
-	analyzedMD := assertAnalyzedMetadata(t, placeHolderPath)
-	analyzedMD.RunImage = &platform.RunImage{Reference: phaseTest.targetRegistry.fixtures.ReadOnlyRunImage}
-	encoding.WriteTOML(strings.TrimSuffix(placeHolderPath, ".placeholder"), analyzedMD)
-
-	placeHolderPath = filepath.Join("testdata", "exporter", "container", "layers", "some-analyzed.toml.placeholder")
-	analyzedMD = assertAnalyzedMetadata(t, placeHolderPath)
-	analyzedMD.PreviousImage = &platform.ImageIdentifier{Reference: phaseTest.targetRegistry.fixtures.SomeAppImage}
-	analyzedMD.RunImage = &platform.RunImage{Reference: phaseTest.targetRegistry.fixtures.ReadOnlyRunImage}
-	encoding.WriteTOML(strings.TrimSuffix(placeHolderPath, ".placeholder"), analyzedMD)
-
-	placeHolderPath = filepath.Join("testdata", "exporter", "container", "other_layers", "analyzed.toml.placeholder")
-	analyzedMD = assertAnalyzedMetadata(t, placeHolderPath)
-	analyzedMD.RunImage = &platform.RunImage{Reference: phaseTest.targetRegistry.fixtures.ReadOnlyRunImage}
-	encoding.WriteTOML(strings.TrimSuffix(placeHolderPath, ".placeholder"), analyzedMD)
-
-	placeHolderPath = filepath.Join("testdata", "exporter", "container", "layers", "layout-analyzed.toml.placeholder")
-	analyzedMD = assertAnalyzedMetadata(t, placeHolderPath)
-	// Values from image acceptance/testdata/exporter/container/layout-repo in OCI layout format
-	analyzedMD.RunImage = &platform.RunImage{
-		Reference: "/layout-repo/index.docker.io/library/busybox/latest@sha256:445c45cc89fdeb64b915b77f042e74ab580559b8d0d5ef6950be1c0265834c33",
+	regPlaceholders := []string{
+		filepath.Join(phaseTest.testImageDockerContext, "container", "layers", "analyzed.toml.placeholder"),
+		filepath.Join(phaseTest.testImageDockerContext, "container", "layers", "some-analyzed.toml.placeholder"),
+		filepath.Join(phaseTest.testImageDockerContext, "container", "layers", "some-extend-false-analyzed.toml.placeholder"),
+		filepath.Join(phaseTest.testImageDockerContext, "container", "layers", "some-extend-true-analyzed.toml.placeholder"),
+		filepath.Join(phaseTest.testImageDockerContext, "container", "other_layers", "analyzed.toml.placeholder"),
+	}
+	layoutPlaceholders := []string{
+		filepath.Join(phaseTest.testImageDockerContext, "container", "layers", "layout-analyzed.toml.placeholder"),
+	}
+
+	for _, pPath := range regPlaceholders {
+		if _, err := os.Stat(pPath); os.IsNotExist(err) {
+			continue
+		}
+		analyzedMD := assertAnalyzedMetadata(t, pPath)
+		if analyzedMD.RunImage != nil {
+			analyzedMD.RunImage.Reference = phaseTest.targetRegistry.fixtures.ReadOnlyRunImage // don't override extend
+		}
+		encoding.WriteTOML(strings.TrimSuffix(pPath, ".placeholder"), analyzedMD)
+	}
+	for _, pPath := range layoutPlaceholders {
+		if _, err := os.Stat(pPath); os.IsNotExist(err) {
+			continue
+		}
+		analyzedMD := assertAnalyzedMetadata(t, pPath)
+		if analyzedMD.RunImage != nil {
+			// Values from image acceptance/testdata/exporter/container/layout-repo in OCI layout format
+			analyzedMD.RunImage = &platform.RunImage{Reference: "/layout-repo/index.docker.io/library/busybox/latest@sha256:445c45cc89fdeb64b915b77f042e74ab580559b8d0d5ef6950be1c0265834c33"}
+		}
+		encoding.WriteTOML(strings.TrimSuffix(pPath, ".placeholder"), analyzedMD)
 	}
-	encoding.WriteTOML(strings.TrimSuffix(placeHolderPath, ".placeholder"), analyzedMD)
 }
 
 func calculateEmptyLayerSha(t *testing.T) string {

@@ -12,11 +12,13 @@ import (
 	"testing"
 	"time"
 
+	"github.com/google/go-containerregistry/pkg/name"
 	"github.com/sclevine/spec"
 	"github.com/sclevine/spec/report"
 
 	"github.com/buildpacks/lifecycle"
 	"github.com/buildpacks/lifecycle/api"
+	"github.com/buildpacks/lifecycle/cmd"
 	h "github.com/buildpacks/lifecycle/testhelpers"
 )
 
@@ -38,7 +40,7 @@ func TestRestorer(t *testing.T) {
 
 	testImageDockerContext := filepath.Join("testdata", "restorer")
 	restoreTest = NewPhaseTest(t, "restorer", testImageDockerContext)
-	restoreTest.Start(t)
+	restoreTest.Start(t, updateAnalyzedTOMLFixturesWithRegRepoName)
 	defer restoreTest.Stop(t)
 
 	restoreImage = restoreTest.testImageRef
@@ -80,7 +82,7 @@ func testRestorerFunc(platformAPI string) func(t *testing.T, when spec.G, it spe
 			})
 		})
 
-		when("called with -analyzed", func() {
+		when("called with -analyzed (on older platforms)", func() {
 			it("errors", func() {
 				h.SkipIf(t, api.MustParse(platformAPI).AtLeast("0.7"), "Platform API >= 0.7 supports -analyzed flag")
 				command := exec.Command("docker", "run", "--rm", restoreImage, "-analyzed some-file-location")
@@ -91,7 +93,7 @@ func testRestorerFunc(platformAPI string) func(t *testing.T, when spec.G, it spe
 			})
 		})
 
-		when("called with -skip-layers", func() {
+		when("called with -skip-layers (on older platforms)", func() {
 			it("errors", func() {
 				h.SkipIf(t, api.MustParse(platformAPI).AtLeast("0.7"), "Platform API >= 0.7 supports -skip-layers flag")
 				command := exec.Command("docker", "run", "--rm", restoreImage, "-skip-layers true")
@@ -188,9 +190,9 @@ func testRestorerFunc(platformAPI string) func(t *testing.T, when spec.G, it spe
 			})
 		})
 
-		when("using kaniko cache", func() {
-			it("accepts -build-image", func() {
-				h.SkipIf(t, api.MustParse(platformAPI).LessThan("0.10"), "Platform API < 0.10 does not use kaniko")
+		when("restoring builder image metadata", func() {
+			it("accepts -build-image and saves the metadata to /kaniko/cache", func() {
+				h.SkipIf(t, api.MustParse(platformAPI).LessThan("0.10"), "Platform API < 0.10 does not restore builder image metadata")
 				h.DockerRunAndCopy(t,
 					containerName,
 					copyDir,
@@ -204,14 +206,79 @@ func testRestorerFunc(platformAPI string) func(t *testing.T, when spec.G, it spe
 					h.WithArgs("-build-image", restoreRegFixtures.SomeCacheImage), // some-cache-image simulates a builder image in a registry
 				)
 				t.Log("records builder image digest in analyzed.toml")
-				analyzedMD, err := lifecycle.Config.ReadAnalyzed(filepath.Join(copyDir, "layers", "analyzed.toml"), nil)
+				analyzedMD, err := lifecycle.Config.ReadAnalyzed(filepath.Join(copyDir, "layers", "analyzed.toml"), cmd.DefaultLogger)
 				h.AssertNil(t, err)
 				h.AssertStringContains(t, analyzedMD.BuildImage.Reference, restoreRegFixtures.SomeCacheImage+"@sha256:")
 				t.Log("writes builder manifest and config to the kaniko cache")
+				ref, err := name.ParseReference(analyzedMD.BuildImage.Reference)
+				h.AssertNil(t, err)
 				fis, err := os.ReadDir(filepath.Join(copyDir, "kaniko", "cache", "base"))
 				h.AssertNil(t, err)
 				h.AssertEq(t, len(fis), 1)
-				h.AssertPathExists(t, filepath.Join(copyDir, "kaniko", "cache", "base", fis[0].Name(), "oci-layout"))
+				h.AssertPathExists(t, filepath.Join(copyDir, "kaniko", "cache", "base", ref.Identifier(), "oci-layout"))
+			})
+		})
+
+		when("restoring run image metadata", func() {
+			it("saves metadata to /kaniko/cache", func() {
+				h.SkipIf(t, api.MustParse(platformAPI).LessThan("0.12"), "Platform API < 0.12 does not restore run image metadata")
+				h.DockerRunAndCopy(t,
+					containerName,
+					copyDir,
+					"/",
+					restoreImage,
+					h.WithFlags(
+						"--env", "CNB_PLATFORM_API="+platformAPI,
+						"--env", "DOCKER_CONFIG=/docker-config",
+						"--network", restoreRegNetwork,
+					),
+					h.WithArgs(
+						"-analyzed", "/layers/some-extend-true-analyzed.toml",
+						"-log-level", "debug",
+					),
+				)
+				t.Log("updates run image reference in analyzed.toml to include digest and target data")
+				analyzedMD, err := lifecycle.Config.ReadAnalyzed(filepath.Join(copyDir, "layers", "some-extend-true-analyzed.toml"), cmd.DefaultLogger)
+				h.AssertNil(t, err)
+				h.AssertStringContains(t, analyzedMD.RunImage.Reference, restoreRegFixtures.ReadOnlyRunImage+"@sha256:")
+				h.AssertEq(t, analyzedMD.RunImage.TargetMetadata.OS, "linux")
+				t.Log("writes run image manifest and config to the kaniko cache")
+				ref, err := name.ParseReference(analyzedMD.RunImage.Reference)
+				h.AssertNil(t, err)
+				fis, err := os.ReadDir(filepath.Join(copyDir, "kaniko", "cache", "base"))
+				h.AssertNil(t, err)
+				h.AssertEq(t, len(fis), 1)
+				h.AssertPathExists(t, filepath.Join(copyDir, "kaniko", "cache", "base", ref.Identifier(), "oci-layout"))
+			})
+
+			when("only target data needs updating", func() {
+				it("updates run image reference in analyzed.toml to include digest and target data", func() {
+					h.SkipIf(t, api.MustParse(platformAPI).LessThan("0.12"), "Platform API < 0.12 does not restore run image metadata")
+					h.DockerRunAndCopy(t,
+						containerName,
+						copyDir,
+						"/",
+						restoreImage,
+						h.WithFlags(
+							"--env", "CNB_PLATFORM_API="+platformAPI,
+							"--env", "DOCKER_CONFIG=/docker-config",
+							"--network", restoreRegNetwork,
+						),
+						h.WithArgs(
+							"-analyzed", "/layers/some-extend-false-analyzed.toml",
+							"-log-level", "debug",
+						),
+					)
+					t.Log("updates run image reference in analyzed.toml to include digest and target data")
+					analyzedMD, err := lifecycle.Config.ReadAnalyzed(filepath.Join(copyDir, "layers", "some-extend-false-analyzed.toml"), cmd.DefaultLogger)
+					h.AssertNil(t, err)
+					h.AssertStringContains(t, analyzedMD.RunImage.Reference, restoreRegFixtures.ReadOnlyRunImage+"@sha256:")
+					h.AssertEq(t, analyzedMD.RunImage.TargetMetadata.OS, "linux")
+					t.Log("does not write run image manifest and config to the kaniko cache")
+					fis, err := os.ReadDir(filepath.Join(copyDir, "kaniko"))
+					h.AssertNil(t, err)
+					h.AssertEq(t, len(fis), 1) // .gitkeep
+				})
 			})
 		})
 	}

@@ -0,0 +1,5 @@
+[run-image]
+  reference = "REPLACE"
+
+[run-image.target]
+  id = "some-target-id"
@@ -0,0 +1,3 @@
+[run-image]
+  reference = "REPLACE"
+  extend = true
@@ -31,10 +31,10 @@ type TargetPartial struct {
 
 type TargetMetadata struct {
 	TargetPartial
-	Distributions []DistributionMetadata `json:"distributions" toml:"distributions"`
+	Distributions []OSDistribution `json:"distributions" toml:"distributions"`
 }
 
-type DistributionMetadata struct {
+type OSDistribution struct {
 	Name    string `json:"name" toml:"name"`
 	Version string `json:"version" toml:"version"`
 }
@@ -66,7 +66,7 @@ func ReadBpDescriptor(path string) (*BpDescriptor, error) {
 	if len(descriptor.Targets) == 0 {
 		for _, stack := range descriptor.Stacks {
 			if stack.ID == "io.buildpacks.stacks.bionic" {
-				descriptor.Targets = append(descriptor.Targets, TargetMetadata{TargetPartial: TargetPartial{OS: "linux", Arch: "amd64"}, Distributions: []DistributionMetadata{{Name: "ubuntu", Version: "18.04"}}})
+				descriptor.Targets = append(descriptor.Targets, TargetMetadata{TargetPartial: TargetPartial{OS: "linux", Arch: "amd64"}, Distributions: []OSDistribution{{Name: "ubuntu", Version: "18.04"}}})
 			}
 		}
 	}

@@ -41,8 +41,7 @@ func testDockerfile(t *testing.T, when spec.G, it spec.S) {
 	})
 
 	when("verifying dockerfiles", func() {
-		validCases := []string{
-			`
+		validCases := []string{`
 ARG base_image=0
 FROM ${base_image}
 
@@ -132,23 +131,23 @@ RUN echo "this statement is never cached"
 						h.AssertEq(t, len(logHandler.Entries), 0)
 					}
 				})
-			})
 
-			when("valid, but violates SHOULD directives in spec", func() {
-				it("succeeds with warning", func() {
-					preamble := `
+				when("violates SHOULD directives in spec", func() {
+					it("succeeds with warning", func() {
+						preamble := `
 ARG base_image=0
 FROM ${base_image}
 `
-					for i, tc := range warnCases {
-						dockerfilePath := filepath.Join(tmpDir, fmt.Sprintf("Dockerfile%d", i))
-						h.AssertNil(t, os.WriteFile(dockerfilePath, []byte(preamble+tc.dockerfileContent), 0600))
-						logHandler = memory.New()
-						logger = &log.Logger{Handler: logHandler}
-						err := buildpack.VerifyBuildDockerfile(dockerfilePath, logger)
-						h.AssertNil(t, err)
-						assertLogEntry(t, logHandler, "build.Dockerfile "+tc.expectedWarning)
-					}
+						for i, tc := range warnCases {
+							dockerfilePath := filepath.Join(tmpDir, fmt.Sprintf("Dockerfile%d", i))
+							h.AssertNil(t, os.WriteFile(dockerfilePath, []byte(preamble+tc.dockerfileContent), 0600))
+							logHandler = memory.New()
+							logger = &log.Logger{Handler: logHandler}
+							err := buildpack.VerifyBuildDockerfile(dockerfilePath, logger)
+							h.AssertNil(t, err)
+							assertLogEntry(t, logHandler, "build.Dockerfile "+tc.expectedWarning)
+						}
+					})
 				})
 			})
 

@@ -142,14 +142,14 @@ func findDockerfileFor(d ExtDescriptor, extOutputDir string, kind string, logger
 		return DockerfileInfo{}, false, nil
 	}
 
-	newBase, err := verifyDockerfileFor(d, dockerfilePath, kind, logger)
+	newBase, err := verifyDockerfileFor(dockerfilePath, kind, logger)
 	if err != nil {
 		return DockerfileInfo{}, true, fmt.Errorf("failed to parse %s.Dockerfile for extension %s: %w", kind, d.Extension.ID, err)
 	}
 	return DockerfileInfo{ExtensionID: d.Extension.ID, Kind: kind, Path: dockerfilePath, NewBase: newBase}, true, nil
 }
 
-func verifyDockerfileFor(d ExtDescriptor, path string, kind string, logger log.Logger) (string, error) {
+func verifyDockerfileFor(path string, kind string, logger log.Logger) (string, error) {
 	switch kind {
 	case DockerfileKindBuild:
 		return "", VerifyBuildDockerfile(path, logger)