Skip to content

[release/2.1] Fix erofs filesystem UUID for tar-converted layers #12058

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dmcgowan merged 1 commit into from
Jul 3, 2025
Merged

[release/2.1] Fix erofs filesystem UUID for tar-converted layers #12058

dmcgowan merged 1 commit into from
Jul 3, 2025

Conversation

@k8s-infra-cherrypick-robot
Copy link

@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot commented Jul 3, 2025

This is an automated cherry-pick of #12046

/assign hsiangkao

@hsiangkao
erofs-differ: fix filesystem UUID for tar-converted layers
583133e 
Derive filesystem UUIDs (`lsblk -o +UUID`) from the OCI layer digests
(although diffIDs are better in principle, but they're unavailable by
differs in advance) rather than generating a random one.  This allows
EROFS to uniquely identify each layer using the content-addressable
filesystem UUID.

It can also be used for reproducible builds. To achieve this, configure
`mkfs_options` with `-T0 --mkfs-time` (However, `--mkfs-time` requires
erofs-utils 1.8+; Otherwise, all inode timestamps will be reset w/o it):

``` toml
  [plugins."io.containerd.differ.v1.erofs"]
    mkfs_options = ["-T0 --mkfs-time"]
```

Fixes: c73c8e5 ("Introduce EROFS differ")
Signed-off-by: Gao Xiang <hsiangkao@linux.alibaba.com>
@github-project-automation github-project-automation bot moved this to Needs Triage in Pull Request Review Jul 3, 2025
@k8s-infra-cherrypick-robot k8s-infra-cherrypick-robot mentioned this pull request Jul 3, 2025
Merged
@k8s-ci-robot
Copy link

k8s-ci-robot commented Jul 3, 2025

@k8s-infra-cherrypick-robot: GitHub didn't allow me to assign the following users: hsiangkao.

Note that only containerd members with read permissions, repo collaborators and people who have commented on this issue/PR can be assigned. Additionally, issues/PRs can only have 10 assignees at the same time.
For more information please see the contributor guide

Details

In response to this:

This is an automated cherry-pick of #12046

/assign hsiangkao

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@k8s-ci-robot
Copy link

k8s-ci-robot commented Jul 3, 2025

Hi @k8s-infra-cherrypick-robot. Thanks for your PR.

I'm waiting for a containerd member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@hsiangkao
Copy link
Member

hsiangkao commented Jul 3, 2025
edited
Loading

/cc @cpuguy83 @AkihiroSuda @dmcgowan @fuweid @djdongjin
I do believe this fix should be applied to 2.1 since it can make filesystem UUID determinate instead of complete random ones, it also makes converted blob reproducable...

@dosubot dosubot bot added the area/distribution Image Distribution label Jul 3, 2025
@hsiangkao
Copy link
Member

hsiangkao commented Jul 3, 2025

Hi @AkihiroSuda ,sorry I Cced you just now, it seems that @k8s-ci-robot resets your review status, could you review this again?

@github-project-automation github-project-automation bot moved this from Needs Triage to Review In Progress in Pull Request Review Jul 3, 2025
@dmcgowan dmcgowan merged commit a4771a8 into containerd:release/2.1 Jul 3, 2025
98 of 102 checks passed
@github-project-automation github-project-automation bot moved this from Review In Progress to Done in Pull Request Review Jul 3, 2025
@dmcgowan dmcgowan changed the title [release/2.1] erofs-differ: fix filesystem UUID for tar-converted layers [release/2.1] Fix erofs filesystem UUID for tar-converted layers Jul 30, 2025
@dmcgowan dmcgowan added area/storage Image Storage impact/changelog and removed area/distribution Image Distribution labels Jul 30, 2025
@dmcgowan dmcgowan mentioned this pull request Jul 30, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dmcgowan dmcgowan dmcgowan approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

@cpuguy83 cpuguy83 Awaiting requested review from cpuguy83

@djdongjin djdongjin Awaiting requested review from djdongjin

@fuweid fuweid Awaiting requested review from fuweid

Assignees

No one assigned

Labels

area/storage Image Storage impact/changelog needs-ok-to-test size/S

Projects

Pull Request Review
Archived in project

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@k8s-infra-cherrypick-robot @k8s-ci-robot @hsiangkao @dmcgowan @AkihiroSuda