Clear cache on startup, use tempDir for unpacking

Signed-off-by: Per Goncalves da Silva <pegoncal@redhat.com>

Author: oceanc80

catalogd/cmd/catalogd/main.go

@@ -263,6 +263,10 @@ func main() {
 	}
 
 	unpackCacheBasePath := filepath.Join(cacheDir, source.UnpackCacheDir)
+	if err := os.RemoveAll(unpackCacheBasePath); err != nil {
+		setupLog.Error(err, "unable to clear cache directory for unpacking on startup")
+		os.Exit(1)
+	}
 	if err := os.MkdirAll(unpackCacheBasePath, 0770); err != nil {
 		setupLog.Error(err, "unable to create cache directory for unpacking")
 		os.Exit(1)

catalogd/internal/source/containers_image.go

@@ -6,6 +6,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"io/fs"
 	"os"
 	"path"
 	"path/filepath"
@@ -296,11 +297,17 @@ func (i *ContainersImageRegistry) unpackImage(ctx context.Context, unpackPath st
 		return wrapTerminal(fmt.Errorf("catalog image is missing the required label %q", ConfigDirLabel), specIsCanonical)
 	}
 
-	if err := os.MkdirAll(unpackPath, 0700); err != nil {
-		return fmt.Errorf("error creating unpack directory: %w", err)
-	}
 	l := log.FromContext(ctx)
-	l.Info("unpacking image", "path", unpackPath)
+	tempUnpackPath, err := os.MkdirTemp("", "unpack-*")
+	if err != nil {
+		return fmt.Errorf("error creating temporary unpack directory: %w", err)
+	}
+	defer func() {
+		if err := os.RemoveAll(tempUnpackPath); err != nil {
+			l.Error(err, "error removing temporary unpack directory")
+		}
+	}()
+	l.Info("unpacking image", "path", unpackPath, "temp path", tempUnpackPath)
 	for i, layerInfo := range img.LayerInfos() {
 		if err := func() error {
 			layerReader, _, err := layoutSrc.GetBlob(ctx, layerInfo, none.NoCache)
@@ -309,21 +316,66 @@ func (i *ContainersImageRegistry) unpackImage(ctx context.Context, unpackPath st
 			}
 			defer layerReader.Close()
 
-			if err := applyLayer(ctx, unpackPath, dirToUnpack, layerReader); err != nil {
+			if err := applyLayer(ctx, tempUnpackPath, dirToUnpack, layerReader); err != nil {
 				return fmt.Errorf("error applying layer[%d]: %w", i, err)
 			}
 			l.Info("applied layer", "layer", i)
 			return nil
 		}(); err != nil {
-			return errors.Join(err, deleteRecursive(unpackPath))
+			return errors.Join(err, deleteRecursive(tempUnpackPath))
 		}
 	}
+
+	// ensure unpack path is empty
+	if err := os.RemoveAll(unpackPath); err != nil {
+		return fmt.Errorf("error removing unpack path: %w", err)
+	}
+	if err := copyRecursively(tempUnpackPath, unpackPath, 0700); err != nil {
+		return fmt.Errorf("error moving temporary unpack directory to final unpack directory: %w", err)
+	}
 	if err := setReadOnlyRecursive(unpackPath); err != nil {
 		return fmt.Errorf("error making unpack directory read-only: %w", err)
 	}
 	return nil
 }
 
+func copyRecursively(srcPath string, destPath string, perm os.FileMode) error {
+	// ensure destination path not exist
+	if stat, err := os.Stat(destPath); stat != nil && !os.IsNotExist(err) {
+		return fmt.Errorf("destination path %q already exists: %w", destPath, err)
+	}
+	return filepath.WalkDir(srcPath, func(path string, d fs.DirEntry, err error) error {
+		if err != nil {
+			return err
+		}
+		relPath, err := filepath.Rel(srcPath, path)
+		if err != nil {
+			return err
+		}
+		if d.IsDir() {
+			return os.MkdirAll(filepath.Join(destPath, relPath), perm)
+		}
+		return copyFile(path, filepath.Join(destPath, relPath))
+	})
+}
+
+func copyFile(src, dest string) error {
+	in, err := os.Open(src)
+	if err != nil {
+		return err
+	}
+	defer in.Close()
+
+	out, err := os.Create(dest)
+	if err != nil {
+		return err
+	}
+	defer out.Close()
+
+	_, err = io.Copy(out, in)
+	return err
+}
+
 func applyLayer(ctx context.Context, destPath string, srcPath string, layer io.ReadCloser) error {
 	decompressed, _, err := compression.AutoDecompress(layer)
 	if err != nil {