Fix: adds support for slightly nonstandard mediaType string in docker image layers by zhill · Pull Request #487 · anchore/stereoscope

zhill · 2025-12-11T16:57:31Z

Adds support (allowlisting) for application/vnd.docker.image.rootfs.diff.tar.zstd layer mediaType.

Fixes #486

…td layer mediaType Signed-off-by: Zach Hill <zach@anchore.com>

github-actions · 2025-12-11T17:00:19Z

Benchmark Test Results

Benchmark results from the latest changes vs base branch

make .tool/task
make[1]: Entering directory '/home/runner/work/stereoscope/stereoscope'
make[1]: Leaving directory '/home/runner/work/stereoscope/stereoscope'
.tool/task show-benchstat
?   	github.com/anchore/stereoscope	[no test files]
?   	github.com/anchore/stereoscope/examples	[no test files]
PASS
ok  	github.com/anchore/stereoscope/internal	0.003s
?   	github.com/anchore/stereoscope/internal/bus	[no test files]
PASS
ok  	github.com/anchore/stereoscope/internal/containerd	0.007s
PASS
ok  	github.com/anchore/stereoscope/internal/docker	0.004s
?   	github.com/anchore/stereoscope/internal/log	[no test files]
PASS
ok  	github.com/anchore/stereoscope/internal/podman	0.005s
?   	github.com/anchore/stereoscope/pkg/event	[no test files]
?   	github.com/anchore/stereoscope/pkg/event/parsers	[no test files]
goos: linux
goarch: amd64
pkg: github.com/anchore/stereoscope/pkg/file
cpu: AMD EPYC 7763 64-Core Processor                
BenchmarkTarIndex-4   	   34910	     34638 ns/op	    5701 B/op	      93 allocs/op
BenchmarkTarIndex-4   	   35110	     33877 ns/op	    5702 B/op	      93 allocs/op
BenchmarkTarIndex-4   	   35125	     33847 ns/op	    5702 B/op	      93 allocs/op
BenchmarkTarIndex-4   	   35350	     33729 ns/op	    5701 B/op	      93 allocs/op
BenchmarkTarIndex-4   	   35270	     33811 ns/op	    5702 B/op	      93 allocs/op
BenchmarkTarIndex-4   	   35467	     33866 ns/op	    5701 B/op	      93 allocs/op
BenchmarkTarIndex-4   	   35212	     33746 ns/op	    5700 B/op	      93 allocs/op
PASS
ok  	github.com/anchore/stereoscope/pkg/file	10.792s
PASS
ok  	github.com/anchore/stereoscope/pkg/filetree	0.005s
?   	github.com/anchore/stereoscope/pkg/filetree/filenode	[no test files]
PASS
ok  	github.com/anchore/stereoscope/pkg/image	0.005s
PASS
ok  	github.com/anchore/stereoscope/pkg/image/containerd	0.007s
PASS
ok  	github.com/anchore/stereoscope/pkg/image/docker	0.005s
PASS
ok  	github.com/anchore/stereoscope/pkg/image/oci	0.005s
PASS
ok  	github.com/anchore/stereoscope/pkg/image/oci/credhelpers	0.005s
?   	github.com/anchore/stereoscope/pkg/image/podman	[no test files]
PASS
ok  	github.com/anchore/stereoscope/pkg/image/sif	0.004s
?   	github.com/anchore/stereoscope/pkg/imagetest	[no test files]
PASS
ok  	github.com/anchore/stereoscope/pkg/tree	0.003s
PASS
ok  	github.com/anchore/stereoscope/pkg/tree/node	0.004s
goos: linux
goarch: amd64
pkg: github.com/anchore/stereoscope/test/integration
cpu: AMD EPYC 7763 64-Core Processor                
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1078	   1135173 ns/op	  280369 B/op	    2388 allocs/op
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1022	   1146161 ns/op	  280128 B/op	    2387 allocs/op
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1050	   1128566 ns/op	  280107 B/op	    2387 allocs/op
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1038	   1149062 ns/op	  279947 B/op	    2387 allocs/op
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1034	   1128389 ns/op	  279915 B/op	    2387 allocs/op
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1046	   1195254 ns/op	  279660 B/op	    2386 allocs/op
BenchmarkSimpleImage_GetImage/docker-archive-4 	    1044	   1237713 ns/op	  279765 B/op	    2386 allocs/op
--- FAIL: BenchmarkSimpleImage_GetImage/podman
    fixture_image_simple_test.go:175: could not get fixture image: unable to detect input for 'stereoscope-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7', errs: podman not available: no host address
#0 building with "default" instance using docker driver

#1 [internal] load build definition from Dockerfile
#1 transferring dockerfile: 345B done
#1 DONE 0.0s

#2 [internal] load .dockerignore
#2 transferring context: 2B done
#2 DONE 0.0s

#3 [internal] load build context
#3 transferring context: 209B done
#3 DONE 0.0s

#4 [1/3] ADD file-1.txt /somefile-1.txt
#4 CACHED

#5 [2/3] ADD file-2.txt /somefile-2.txt
#5 CACHED

#6 [3/3] ADD target /
#6 CACHED

#7 exporting to image
#7 exporting layers done
#7 writing image sha256:43fe603c1b2ded53e4c2f81d7222fefc4cf0b4a1828f513f0c648c513463a6ec done
#7 naming to docker.io/library/stereoscope-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7 done
#7 naming to docker.io/library/stereoscope-fixture-image-simple:latest done
#7 DONE 0.0s
time="2025-12-11T17:18:05Z" level=warning msg="Failed to check deprecations" error="connection error: desc = \"transport: Error while dialing: dial unix /run/containerd/containerd.sock: connect: permission denied\""
ctr: connection error: desc = "transport: Error while dialing: dial unix /run/containerd/containerd.sock: connect: permission denied"
--- FAIL: BenchmarkSimpleImage_GetImage
    image_fixtures.go:193: using existing image tar: 'test-fixtures/cache/stereoscope-fixture-image-simple-04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7.tar' (size: 22528, modified: 2025-12-11 17:17:16.044512182 +0000 UTC, mode: -rw-r--r--)
    image_fixtures.go:241: Build docker image: name="stereoscope-fixture-image-simple" tag="04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7"
    image_fixtures.go:291: saveImage running: docker image save stereoscope-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7
    image_fixtures.go:286: 
        	Error Trace:	/home/runner/work/stereoscope/stereoscope/pkg/imagetest/image_fixtures.go:286
        	            				/home/runner/work/stereoscope/stereoscope/pkg/imagetest/image_fixtures.go:162
        	            				/home/runner/work/stereoscope/stereoscope/pkg/imagetest/image_fixtures.go:152
        	            				/home/runner/work/stereoscope/stereoscope/pkg/imagetest/image_fixtures.go:33
        	            				/home/runner/work/stereoscope/stereoscope/test/integration/fixture_image_simple_test.go:163
        	            				/opt/hostedtoolcache/go/1.25.5/x64/src/testing/benchmark.go:245
        	            				/opt/hostedtoolcache/go/1.25.5/x64/src/runtime/asm_amd64.s:1693
        	Error:      	Received unexpected error:
        	            	exit status 1
        	Test:       	BenchmarkSimpleImage_GetImage
        	Messages:   	could not import docker image to containerd (shell out)
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   58473	     20533 ns/op	    2616 B/op	      18 allocs/op
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   60404	     19703 ns/op	    2616 B/op	      18 allocs/op
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   60422	     19829 ns/op	    2616 B/op	      18 allocs/op
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   60920	     20017 ns/op	    2616 B/op	      18 allocs/op
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   60982	     19649 ns/op	    2616 B/op	      18 allocs/op
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   60475	     19614 ns/op	    2616 B/op	      18 allocs/op
BenchmarkSimpleImage_FetchSquashedContents/docker-archive-4         	   60573	     19649 ns/op	    2616 B/op	      18 allocs/op
--- FAIL: BenchmarkSimpleImage_FetchSquashedContents
    image_fixtures.go:193: using existing image tar: 'test-fixtures/cache/stereoscope-fixture-image-simple-04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7.tar' (size: 22528, modified: 2025-12-11 17:17:16.044512182 +0000 UTC, mode: -rw-r--r--)
    image_fixtures.go:75: error getting fixture image: 'podman' 'image-simple' with request 'podman:stereoscope-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7': unable to detect input for 'stereoscope-fixture-image-simple:04e16e44161c8888a1a963720fd0443cbf7eef8101434c431de8725cd98cc9f7', errs: podman not available: no host address
FAIL
exit status 1
FAIL	github.com/anchore/stereoscope/test/integration	19.730s
?   	github.com/anchore/stereoscope/test/integration/test-fixtures/registry	[no test files]
FAIL
goos: linux
goarch: amd64
pkg: github.com/anchore/stereoscope/pkg/file
cpu: AMD EPYC 7763 64-Core Processor                
ctr: 
           │ .tmp/benchmark-c02b596.txt │
           │           sec/op           │
TarIndex-4                  33.85µ ± 2%

           │ .tmp/benchmark-c02b596.txt │
           │            B/op            │
TarIndex-4                 5.567Ki ± 0%

           │ .tmp/benchmark-c02b596.txt │
           │         allocs/op          │
TarIndex-4                   93.00 ± 0%

pkg: github.com/anchore/stereoscope/test/integration
                                      │ .tmp/benchmark-c02b596.txt │
                                      │           sec/op           │
SimpleImage_GetImage/docker-archive-4                  1.146m ± 8%

                                      │ .tmp/benchmark-c02b596.txt │
                                      │            B/op            │
SimpleImage_GetImage/docker-archive-4                 273.4Ki ± 0%

                                      │ .tmp/benchmark-c02b596.txt │
                                      │         allocs/op          │
SimpleImage_GetImage/docker-archive-4                  2.387k ± 0%

ctr: connection error: desc = "transport: Error while dialing: dial unix /run/containerd/containerd.sock: connect: permission denied"
                                                   │ .tmp/benchmark-c02b596.txt │
                                                   │           sec/op           │
SimpleImage_FetchSquashedContents/docker-archive-4                  19.70µ ± 4%

                                                   │ .tmp/benchmark-c02b596.txt │
                                                   │            B/op            │
SimpleImage_FetchSquashedContents/docker-archive-4                 2.555Ki ± 0%

                                                   │ .tmp/benchmark-c02b596.txt │
                                                   │         allocs/op          │
SimpleImage_FetchSquashedContents/docker-archive-4                   18.00 ± 0%
goos: linux
goarch: amd64
pkg: github.com/anchore/stereoscope/pkg/file
cpu: AMD EPYC 7763 64-Core Processor                
ctr: 
           │ .tmp/benchmark-c02b596.txt │
           │           sec/op           │
TarIndex-4                  33.85µ ± 2%

           │ .tmp/benchmark-c02b596.txt │
           │            B/op            │
TarIndex-4                 5.567Ki ± 0%

           │ .tmp/benchmark-c02b596.txt │
           │         allocs/op          │
TarIndex-4                   93.00 ± 0%

pkg: github.com/anchore/stereoscope/test/integration
                                      │ .tmp/benchmark-c02b596.txt │
                                      │           sec/op           │
SimpleImage_GetImage/docker-archive-4                  1.146m ± 8%

                                      │ .tmp/benchmark-c02b596.txt │
                                      │            B/op            │
SimpleImage_GetImage/docker-archive-4                 273.4Ki ± 0%

                                      │ .tmp/benchmark-c02b596.txt │
                                      │         allocs/op          │
SimpleImage_GetImage/docker-archive-4                  2.387k ± 0%

ctr: connection error: desc = "transport: Error while dialing: dial unix /run/containerd/containerd.sock: connect: permission denied"
                                                   │ .tmp/benchmark-c02b596.txt │
                                                   │           sec/op           │
SimpleImage_FetchSquashedContents/docker-archive-4                  19.70µ ± 4%

                                                   │ .tmp/benchmark-c02b596.txt │
                                                   │            B/op            │
SimpleImage_FetchSquashedContents/docker-archive-4                 2.555Ki ± 0%

                                                   │ .tmp/benchmark-c02b596.txt │
                                                   │         allocs/op          │
SimpleImage_FetchSquashedContents/docker-archive-4                   18.00 ± 0%

westonsteimel · 2025-12-11T17:08:11Z

This is interesting, I wonder how crane is doing it when it seems like the various PRs to google container registry have never been merged?

Add support for zstd layer upload google/go-containerregistry#1827

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

fix: adds support for application/vnd.docker.image.rootfs.diff.tar.zs…

15cf383

…td layer mediaType Signed-off-by: Zach Hill <zach@anchore.com>

add tests

fd7fa4e

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>

wagoodman enabled auto-merge (squash) December 11, 2025 17:17

wagoodman added the bug Something isn't working label Dec 11, 2025

wagoodman approved these changes Dec 11, 2025

View reviewed changes

wagoodman merged commit 2753a5a into main Dec 11, 2025
7 checks passed

wagoodman deleted the zhill/issue-486 branch December 11, 2025 17:21

wagoodman mentioned this pull request Dec 11, 2025

Future proof tar zstd variant mediatype #488

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix: adds support for slightly nonstandard mediaType string in docker image layers#487

Fix: adds support for slightly nonstandard mediaType string in docker image layers#487
wagoodman merged 2 commits intomainfrom
zhill/issue-486

zhill commented Dec 11, 2025

Uh oh!

github-actions bot commented Dec 11, 2025 •

edited

Loading

Uh oh!

westonsteimel commented Dec 11, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Conversation

zhill commented Dec 11, 2025

Uh oh!

github-actions bot commented Dec 11, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Benchmark Test Results

Uh oh!

westonsteimel commented Dec 11, 2025

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

github-actions bot commented Dec 11, 2025 •

edited

Loading