diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index dad1e5c..357d53f 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -33,7 +33,7 @@ jobs: publish-server: env: - IMAGE_NAME: drogue-ajour + IMAGE_NAME: drogue-ajour-update-server if: ${{github.head_ref == ''}} # only for non-PRs needs: - build diff --git a/Cargo.lock b/Cargo.lock index b545826..e387fb7 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -62,7 +62,7 @@ dependencies = [ "language-tags", "local-channel", "mime", - "percent-encoding 2.1.0", + "percent-encoding", "pin-project-lite", "rand", "sha1", @@ -181,7 +181,7 @@ dependencies = [ "smallvec", "socket2", "time 0.3.12", - "url 2.2.2", + "url", ] [[package]] @@ -225,7 +225,7 @@ checksum = "fcb51a0695d8f838b1ee009b3fbf66bda078cd64590202a864a8f3e8c4315c47" dependencies = [ "getrandom", "once_cell", - "version_check 0.9.4", + "version_check", ] [[package]] @@ -415,15 +415,6 @@ dependencies = [ "wyz", ] -[[package]] -name = "block-buffer" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] - [[package]] name = "block-buffer" version = "0.10.2" @@ -570,7 +561,7 @@ dependencies = [ "serde", "serde_json", "snafu", - "url 2.2.2", + "url", "uuid", "web-sys", ] @@ -605,9 +596,9 @@ version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "94d4706de1b0fa5b132270cddffa8585166037822e260a944fe161acd137ca05" dependencies = [ - "percent-encoding 2.1.0", + "percent-encoding", "time 0.3.12", - "version_check 0.9.4", + "version_check", ] [[package]] @@ -698,16 +689,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "crypto-mac" -version = "0.11.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b1d1a86f49236c215f271d40892d5fc950490551400b02ef360692c29815c714" -dependencies = [ - "generic-array", - "subtle", -] - [[package]] name = "darling" version = "0.14.1" @@ -784,23 +765,15 @@ dependencies = [ "syn", ] -[[package]] -name = "digest" -version = "0.9.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" -dependencies = [ - "generic-array", -] - [[package]] name = "digest" version = "0.10.3" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "f2fb860ca6fafa5552fb6d0e816a69c8e49f0908bf524e30a90d97c85892d506" dependencies = [ - "block-buffer 0.10.2", + "block-buffer", "crypto-common", + "subtle", ] [[package]] @@ -831,8 +804,29 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" [[package]] -name = "drogue-ajour" +name = "drogue-ajour-api" version = "0.1.0" +dependencies = [ + "actix-cors", + "actix-web", + "actix-web-httpauth", + "ajour-schema", + "anyhow", + "chrono", + "clap", + "drogue-client", + "env_logger", + "k8s-openapi", + "kube", + "log", + "reqwest", + "serde", + "serde_json", +] + +[[package]] +name = "drogue-ajour-update-server" +version = "0.2.0" dependencies = [ "ajour-schema", "anyhow", @@ -861,27 +855,6 @@ dependencies = [ "tokio", ] -[[package]] -name = "drogue-ajour-api" -version = "0.1.0" -dependencies = [ - "actix-cors", - "actix-web", - "actix-web-httpauth", - "ajour-schema", - "anyhow", - "chrono", - "clap", - "drogue-client", - "env_logger", - "k8s-openapi", - "kube", - "log", - "reqwest", - "serde", - "serde_json", -] - [[package]] name = "drogue-client" version = "0.10.1" @@ -907,7 +880,7 @@ dependencies = [ "thiserror", "tokio", "tracing", - "url 2.2.2", + "url", ] [[package]] @@ -1035,7 +1008,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "5fc25a87fa4fd2094bffb06925852034d90a17f0d1e05197d4956d3555752191" dependencies = [ "matches", - "percent-encoding 2.1.0", + "percent-encoding", ] [[package]] @@ -1146,7 +1119,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9" dependencies = [ "typenum", - "version_check 0.9.4", + "version_check", ] [[package]] @@ -1241,12 +1214,11 @@ checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" [[package]] name = "hmac" -version = "0.11.0" +version = "0.12.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" +checksum = "6c49c37c09c17a53d937dfbb742eb3a961d65a994e6bcdcf37e7399d0cc8ab5e" dependencies = [ - "crypto-mac", - "digest 0.9.0", + "digest", ] [[package]] @@ -1271,6 +1243,15 @@ dependencies = [ "itoa", ] +[[package]] +name = "http-auth" +version = "0.1.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "c0b40b39d66c28829a0cf4d09f7e139ff8201f7500a5083732848ed3b4b4d850" +dependencies = [ + "memchr", +] + [[package]] name = "http-body" version = "0.4.5" @@ -1383,39 +1364,12 @@ dependencies = [ "tokio-native-tls", ] -[[package]] -name = "hyperx" -version = "1.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "5617e92fc2f2501c3e2bc6ce547cad841adba2bae5b921c7e52510beca6d084c" -dependencies = [ - "base64 0.13.0", - "bytes", - "http", - "httpdate", - "language-tags", - "mime", - "percent-encoding 2.1.0", - "unicase 2.6.0", -] - [[package]] name = "ident_case" version = "1.0.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "b9e0384b61958566e926dc50660321d12159025e767c18e043daf26b70104c39" -[[package]] -name = "idna" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38f09e0f0b1fb55fdee1f17470ad800da77af5186a1a76c026b679358b7e844e" -dependencies = [ - "matches", - "unicode-bidi", - "unicode-normalization", -] - [[package]] name = "idna" version = "0.2.3" @@ -1507,13 +1461,13 @@ dependencies = [ [[package]] name = "jwt" -version = "0.15.0" +version = "0.16.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "98328bb4f360e6b2ceb1f95645602c7014000ef0c3809963df8ad3a3a09f8d99" +checksum = "6204285f77fe7d9784db3fdc449ecce1a0114927a51d5a41c4c7a292011c015f" dependencies = [ "base64 0.13.0", - "crypto-mac", - "digest 0.9.0", + "crypto-common", + "digest", "hmac", "serde", "serde_json", @@ -1530,11 +1484,11 @@ dependencies = [ "bytes", "chrono", "http", - "percent-encoding 2.1.0", + "percent-encoding", "serde", "serde-value", "serde_json", - "url 2.2.2", + "url", ] [[package]] @@ -1820,7 +1774,7 @@ dependencies = [ "funty", "lexical-core", "memchr", - "version_check 0.9.4", + "version_check", ] [[package]] @@ -1920,38 +1874,43 @@ dependencies = [ [[package]] name = "oci-distribution" -version = "0.8.1" +version = "0.9.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cb3c580ad67504493981fff06d790929ece7ce149f344f4d8e411808e5a50f62" +checksum = "d8fa0963c4a3870267e3455c7f15340f3c5d7d1080d417696e86d5d260bee0a7" dependencies = [ - "anyhow", "futures-util", - "hyperx", + "http", + "http-auth", "jwt", "lazy_static", + "olpc-cjson", "regex", "reqwest", "serde", "serde_json", "sha2", + "thiserror", "tokio", "tracing", - "unicase 1.4.2", - "url 1.7.2", - "www-authenticate", + "unicase", ] [[package]] -name = "once_cell" -version = "1.13.0" +name = "olpc-cjson" +version = "0.1.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "18a6dbe30758c9f83eb00cbea4ac95966305f5a7772f3f42ebfc7fc7eddbd8e1" +checksum = "87dc75cf72208cd853671c1abccc5d5d1e43b1e378dde67340ef933219a8c13c" +dependencies = [ + "serde", + "serde_json", + "unicode-normalization", +] [[package]] -name = "opaque-debug" -version = "0.3.0" +name = "once_cell" +version = "1.13.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" +checksum = "18a6dbe30758c9f83eb00cbea4ac95966305f5a7772f3f42ebfc7fc7eddbd8e1" [[package]] name = "openid" @@ -1967,7 +1926,7 @@ dependencies = [ "serde", "serde_json", "thiserror", - "url 2.2.2", + "url", "validator", ] @@ -2029,7 +1988,7 @@ dependencies = [ "futures-util", "js-sys", "lazy_static", - "percent-encoding 2.1.0", + "percent-encoding", "pin-project", "rand", "thiserror", @@ -2126,12 +2085,6 @@ dependencies = [ "base64 0.13.0", ] -[[package]] -name = "percent-encoding" -version = "1.0.1" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "31010dd2e1ac33d5b46a5b413495239882813e0369f8ed8a5e266f173602f831" - [[package]] name = "percent-encoding" version = "2.1.0" @@ -2192,7 +2145,7 @@ dependencies = [ "proc-macro2", "quote", "syn", - "version_check 0.9.4", + "version_check", ] [[package]] @@ -2203,7 +2156,7 @@ checksum = "a1be40180e52ecc98ad80b184934baf3d0d29f979574e439af5a55274b35f869" dependencies = [ "proc-macro2", "quote", - "version_check 0.9.4", + "version_check", ] [[package]] @@ -2328,7 +2281,7 @@ dependencies = [ "log", "mime", "native-tls", - "percent-encoding 2.1.0", + "percent-encoding", "pin-project-lite", "serde", "serde_json", @@ -2337,7 +2290,7 @@ dependencies = [ "tokio-native-tls", "tokio-util", "tower-service", - "url 2.2.2", + "url", "wasm-bindgen", "wasm-bindgen-futures", "web-sys", @@ -2560,9 +2513,9 @@ dependencies = [ [[package]] name = "serde_json" -version = "1.0.83" +version = "1.0.87" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "38dd04e3c8279e75b31ef29dbdceebfe5ad89f4d0937213c53f7d49d01b3d5a7" +checksum = "6ce777b7b150d76b9cf60d28b55f5847135a003f7d7350c6be7a773508ce7d45" dependencies = [ "indexmap", "itoa", @@ -2602,20 +2555,18 @@ checksum = "c77f4e7f65455545c2153c1253d25056825e77ee2533f0e41deb65a93a34852f" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.3", + "digest", ] [[package]] name = "sha2" -version = "0.9.9" +version = "0.10.5" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" +checksum = "cf9db03534dff993187064c4e0c05a5708d2a9728ace9a8959b77bedf415dac5" dependencies = [ - "block-buffer 0.9.0", "cfg-if", "cpufeatures", - "digest 0.9.0", - "opaque-debug", + "digest", ] [[package]] @@ -2836,9 +2787,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.20.1" +version = "1.21.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7a8325f63a7d4774dd041e363b2409ed1c5cbbd0f867795e661df066b2b0a581" +checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" dependencies = [ "autocfg", "bytes", @@ -2846,7 +2797,6 @@ dependencies = [ "memchr", "mio", "num_cpus", - "once_cell", "parking_lot", "pin-project-lite", "signal-hook-registry", @@ -3016,22 +2966,13 @@ version = "1.15.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987" -[[package]] -name = "unicase" -version = "1.4.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7f4765f83163b74f957c797ad9253caf97f103fb064d3999aea9568d09fc8a33" -dependencies = [ - "version_check 0.1.5", -] - [[package]] name = "unicase" version = "2.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "50f37be617794602aabbeee0be4f259dc1778fabe05e2d67ee8f79326d5cb4f6" dependencies = [ - "version_check 0.9.4", + "version_check", ] [[package]] @@ -3061,17 +3002,6 @@ version = "0.7.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a156c684c91ea7d62626509bce3cb4e1d9ed5c4d978f7b4352658f96a4c26b4a" -[[package]] -name = "url" -version = "1.7.2" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "dd4e7c0d531266369519a4aa4f399d748bd37043b00bde1e4ff1f60a120b355a" -dependencies = [ - "idna 0.1.5", - "matches", - "percent-encoding 1.0.1", -] - [[package]] name = "url" version = "2.2.2" @@ -3079,9 +3009,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "a507c383b2d33b5fc35d1861e77e6b383d158b2da5e14fe51b83dfedf6fd578c" dependencies = [ "form_urlencoded", - "idna 0.2.3", + "idna", "matches", - "percent-encoding 2.1.0", + "percent-encoding", "serde", ] @@ -3100,13 +3030,13 @@ version = "0.12.0" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "841d6937c33ec6039d8071bcf72933146b5bbe378d645d8fa59bdadabfc2a249" dependencies = [ - "idna 0.2.3", + "idna", "lazy_static", "regex", "serde", "serde_derive", "serde_json", - "url 2.2.2", + "url", "validator_derive", "validator_types", ] @@ -3145,12 +3075,6 @@ version = "0.2.15" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "accd4ea62f7bb7a82fe23066fb0957d48ef677f6eeb8215f372f52e48bb32426" -[[package]] -name = "version_check" -version = "0.1.5" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "914b1a6776c4c929a602fafd8bc742e06365d4bcbe48c30f9cca5824f70dc9dd" - [[package]] name = "version_check" version = "0.9.4" @@ -3353,17 +3277,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "www-authenticate" -version = "0.4.0" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "02fd1970505d8d9842104b229ba0c6b6331c0897677d0fc0517ea657e77428d0" -dependencies = [ - "hyperx", - "unicase 1.4.2", - "url 1.7.2", -] - [[package]] name = "wyz" version = "0.2.0" diff --git a/deploy/pipeline/pipeline.yaml b/deploy/pipeline/pipeline.yaml index b68fe2b..821b41d 100644 --- a/deploy/pipeline/pipeline.yaml +++ b/deploy/pipeline/pipeline.yaml @@ -67,37 +67,19 @@ spec: workspaces: - name: input workspace: build - - name: firmware-bundle - params: - - name: PROJECT_PATH - value: $(params.PROJECT_PATH) - - name: BUNDLER_IMAGE - value: $(params.BUNDLER_IMAGE) - - name: ARTIFACT_PATH - value: $(params.ARTIFACT_PATH) - runAfter: - - firmware-build - taskRef: - kind: Task - name: firmware-bundle - workspaces: - - name: input - workspace: build - name: firmware-publish params: - name: IMAGE value: $(params.REGISTRY)/$(params.IMAGE) - - name: DOCKERFILE - value: $(workspaces.source.path)/$(params.PROJECT_PATH)/Dockerfile + - name: ARTIFACT_PATH + value: $(params.ARTIFACT_PATH) - name: CONTEXT value: $(workspaces.source.path)/$(params.PROJECT_PATH) - - name: BUILD_EXTRA_ARGS - value: --label io.drogue.metadata="`cat $(workspaces.source.path)/$(params.PROJECT_PATH)/firmware.json`" runAfter: - - firmware-bundle + - firmware-build taskRef: - kind: ClusterTask - name: buildah + kind: Task + name: oras-push workspaces: - name: source workspace: build diff --git a/deploy/pipeline/publish-task.yaml b/deploy/pipeline/publish-task.yaml new file mode 100644 index 0000000..bdb173a --- /dev/null +++ b/deploy/pipeline/publish-task.yaml @@ -0,0 +1,46 @@ +apiVersion: tekton.dev/v1beta1 +kind: Task +metadata: + name: oras-push +spec: + description: >- + ORAS (https://oras.land) task to push artifacts to a OCI registry. + params: + - description: Reference of the image oras will produce. + name: IMAGE + type: string + - default: >- + ghcr.io/oras-project/oras:v0.15.1 + description: The location of the ORAS builder image. + name: BUILDER_IMAGE + type: string + - default: 'true' + description: >- + Verify the TLS on the registry endpoint (for push/pull to a non-TLS + registry) + name: TLSVERIFY + type: string + - default: '' + description: Extra parameters passed for the build command when building images. + name: BUILD_EXTRA_ARGS + type: string + - default: '' + description: Extra parameters passed for the push command when pushing images. + name: PUSH_EXTRA_ARGS + type: string + - description: Path to artifact to push. + name: ARTIFACT_PATH + type: string + - default: . + description: Path to the directory to use as context. + name: CONTEXT + type: string + steps: + - image: $(params.BUILDER_IMAGE) + name: push + resources: {} + script: | + cd $(params.CONTEXT) && oras push $(params.PUSH_EXTRA_ARGS) $(params.IMAGE) $(params.ARTIFACT_PATH):application/octet-stream + workingDir: $(workspaces.source.path) + workspaces: + - name: source diff --git a/deploy/server/deployment.yaml b/deploy/server/deployment.yaml index 5cf8f9a..05f83e1 100644 --- a/deploy/server/deployment.yaml +++ b/deploy/server/deployment.yaml @@ -1,33 +1,33 @@ apiVersion: apps/v1 kind: Deployment metadata: - name: server + name: update-server labels: app.kubernetes.io/name: drogue-ajour app.kubernetes.io/instance: ajour - app.kubernetes.io/component: server + app.kubernetes.io/component: update-server spec: replicas: 1 selector: matchLabels: app.kubernetes.io/name: drogue-ajour app.kubernetes.io/instance: ajour - app.kubernetes.io/component: server + app.kubernetes.io/component: update-server template: metadata: labels: app.kubernetes.io/name: drogue-ajour app.kubernetes.io/instance: ajour - app.kubernetes.io/component: server + app.kubernetes.io/component: update-server spec: serviceAccountName: builder containers: - - name: server - image: ghcr.io/drogue-iot/drogue-ajour:latest + - name: update-server + image: ghcr.io/drogue-iot/drogue-ajour-update-server:latest imagePullPolicy: Always env: - name: RUST_LOG - value: drogue_ajour=debug + value: drogue_ajour_update_server=debug - name: OCI_REGISTRY_PREFIX valueFrom: secretKeyRef: diff --git a/server/Cargo.toml b/server/Cargo.toml index f6f79df..18b3351 100644 --- a/server/Cargo.toml +++ b/server/Cargo.toml @@ -1,6 +1,6 @@ [package] -name = "drogue-ajour" -version = "0.1.0" +name = "drogue-ajour-update-server" +version = "0.2.0" edition = "2021" description = "A firmware management service" @@ -14,7 +14,7 @@ paho-mqtt = { version = "0.10", features = ["ssl"] } serde_cbor = "0.11" serde_json = "1" hex = "0.4" -oci-distribution = "0.8" +oci-distribution = "0.9" anyhow = "1" log = "0.4" env_logger = "0.9" diff --git a/server/Dockerfile b/server/Dockerfile index 9dbdb94..156920d 100644 --- a/server/Dockerfile +++ b/server/Dockerfile @@ -10,7 +10,7 @@ FROM registry.access.redhat.com/ubi8-minimal LABEL org.opencontainers.image.source="https://github.com/drogue-iot/drogue-ajour" -COPY --from=builder /build/target/release/drogue-ajour / +COPY --from=builder /build/target/release/drogue-ajour-update-server / COPY --from=builder /build/server/scripts/start.sh / ENTRYPOINT [ "/start.sh" ] diff --git a/server/scripts/start.sh b/server/scripts/start.sh index 4f7ccfa..1f29f66 100755 --- a/server/scripts/start.sh +++ b/server/scripts/start.sh @@ -42,4 +42,4 @@ if [ "${HAWKBIT_GATEWAY_TOKEN}" != "" ]; then fi -/drogue-ajour ${ARGS} +/drogue-ajour-update-server ${ARGS} diff --git a/server/src/main.rs b/server/src/main.rs index 75a0f6b..c639d0e 100644 --- a/server/src/main.rs +++ b/server/src/main.rs @@ -126,6 +126,7 @@ async fn main() -> anyhow::Result<()> { log::info!("Enabling Container Registry"); Some(oci::OciClient::new( oci::ClientConfig { + platform_resolver: None, protocol: if args.oci_registry_tls { oci::ClientProtocol::Https } else { diff --git a/server/src/oci.rs b/server/src/oci.rs index 841f272..26e2f61 100644 --- a/server/src/oci.rs +++ b/server/src/oci.rs @@ -4,8 +4,7 @@ use ajour_schema::*; use anyhow::anyhow; pub use client::{ClientConfig, ClientProtocol}; use lru::LruCache; -use oci_distribution::{client, secrets::RegistryAuth}; -use serde_json::Value; +use oci_distribution::{client, secrets::RegistryAuth, Reference}; use std::io::Read; use tokio::time::{Duration, Instant}; @@ -66,23 +65,28 @@ impl OciClient { } } } - let manifest = self - .client - .pull_manifest_and_config(&format!("{}{}", self.prefix, image).parse()?, &self.auth) - .await; + let imageref = format!("{}{}", self.prefix, image).parse()?; + let manifest = self.client.pull_image_manifest(&imageref, &self.auth).await; match manifest { - Ok((_, _, config)) => { - let val: Value = serde_json::from_str(&config)?; - if let Some(annotation) = val["config"]["Labels"]["io.drogue.metadata"].as_str() { - let metadata: Metadata = serde_json::from_str(&annotation)?; - self.metadata_cache - .put(image.to_string(), (Instant::now(), metadata.clone())); - Ok(Some(metadata)) - } else { - Err(anyhow!("Unable to locate metadata in image config")) + Ok((manifest, _)) => { + for layer in manifest.layers.iter() { + if layer.media_type == "application/octet-stream" { + let metadata: Metadata = Metadata { + version: imageref.tag().unwrap_or("").as_bytes().to_vec(), + checksum: layer.digest.clone(), + size: layer.size as u32, + }; + self.metadata_cache + .put(image.to_string(), (Instant::now(), metadata.clone())); + return Ok(Some(metadata)); + } } + Err(anyhow!("Unable to locate metadata in image config")) + } + Err(e) => { + log::info!("Error pulling manifest: {:?}", e); + Err(e.into()) } - Err(e) => Err(e), } } @@ -99,43 +103,19 @@ impl OciClient { } } + let imageref: Reference = format!("{}{}", self.prefix, image).parse()?; + let mut payload = Vec::new(); let manifest = self .client - .pull( - &format!("{}{}", self.prefix, image).parse()?, - &self.auth, - vec!["application/vnd.oci.image.layer.v1.tar+gzip"], - ) + .pull_blob(&imageref, &metadata.checksum, &mut payload) .await; match manifest { - Ok(image) => { - let layer = &image.layers[0]; - let mut decompressed = Vec::new(); - let mut d = flate2::read::GzDecoder::new(&layer.data[..]); - d.read_to_end(&mut decompressed)?; - - let mut archive = tar::Archive::new(&decompressed[..]); - let mut entries = archive.entries()?; - loop { - if let Some(entry) = entries.next() { - let mut entry = entry?; - let path = entry.path()?; - if let Some(p) = path.to_str() { - if p == "firmware" { - let mut payload = Vec::new(); - entry.read_to_end(&mut payload)?; - self.firmware_cache - .put(metadata.checksum.clone(), payload.clone()); - return Ok(payload); - } - } - } else { - break; - } - } - Err(anyhow!("Error locating firmware")) + Ok(()) => { + self.firmware_cache + .put(metadata.checksum.clone(), payload.clone()); + return Ok(payload); } - Err(e) => Err(e), + Err(e) => Err(e.into()), } } } diff --git a/server/src/updater.rs b/server/src/updater.rs index 333f890..fdbd939 100644 --- a/server/src/updater.rs +++ b/server/src/updater.rs @@ -173,10 +173,11 @@ impl Updater { ) .try_into()?) } else { - let data = hex::decode(&metadata.checksum).map_err(|e| { - log::warn!("Error decoding hex: {:?}", e); - e - })?; + let data = hex::decode(&metadata.checksum.trim_start_matches("sha256:")) + .map_err(|e| { + log::warn!("Error decoding hex: {:?}", e); + e + })?; log::info!("Sending swap instruction back to device!"); Ok( Command::new_swap(&metadata.version, &data, status.correlation_id)