Add EnsureNotContainerImage to prevent container images in artifact store#9782
Conversation
|
Note Reviews pausedIt looks like this branch is under active development. To avoid overwhelming you with review comments due to an influx of new commits, CodeRabbit has automatically paused this review. You can configure this behavior by changing the Use the following commands to manage reviews:
Use the checkboxes below for quick actions:
📝 WalkthroughWalkthroughAdds an OCI artifact abstraction ( Changes
Sequence Diagram(s)mermaid Estimated code review effort🎯 4 (Complex) | ⏱️ ~45 minutes Possibly related PRs
Suggested labels
Suggested reviewers
Poem
🚥 Pre-merge checks | ✅ 2 | ❌ 1❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
There was a problem hiding this comment.
Actionable comments posted: 1
🧹 Nitpick comments (3)
internal/ociartifact/impl.go (1)
34-42: Consider wrapping the error returned byGetManifest.
src.GetManifesterrors propagate unwrapped. While the caller currently wraps them, adding a wrap here would provide better context ifGetManifestFromRefis reused elsewhere.Suggested improvement
- return src.GetManifest(ctx, instanceDigest) + manifestBytes, mimeType, err := src.GetManifest(ctx, instanceDigest) + if err != nil { + return nil, "", fmt.Errorf("get manifest: %w", err) + } + return manifestBytes, mimeType, nil🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/impl.go` around lines 34 - 42, The GetManifestFromRef implementation returns src.GetManifest errors unwrapped; update the return to capture the result and error from src.GetManifest(ctx, instanceDigest) and, if err != nil, return nil, "", fmt.Errorf("get manifest from source: %w", err) so callers receive contextualized errors; reference the GetManifestFromRef function and the src.GetManifest call when making the change.internal/ociartifact/store.go (1)
148-152: Swallowing the OCI1 parse error is intentional but loses diagnostic info.When
manifest.OCI1FromManifestfails, the error is discarded andErrIsAnImageis returned directly. This is correct behavior (Docker v2s2 manifests will fail here), but a debug log would help troubleshoot unexpected parse failures without changing the control flow.Suggested improvement
ociManifest, err := manifest.OCI1FromManifest(manifestBytes) // Unable to parse an OCI manifest, assume an image if err != nil { + log.Debugf(ctx, "Cannot parse as OCI manifest, treating as container image: %v", err) return ErrIsAnImage }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/store.go` around lines 148 - 152, When manifest.OCI1FromManifest(manifestBytes) fails we currently return ErrIsAnImage and discard the original error; update the code to log the parse error at debug/trace level before returning ErrIsAnImage so diagnostics are preserved. Locate the call to manifest.OCI1FromManifest in internal/ociartifact/store.go and add a debug log statement that includes the returned error (using the existing logger in scope, e.g., s.logger, logger, or ctx logger) while keeping the control flow intact (still return ErrIsAnImage). Ensure the log message clearly states it was an OCI manifest parse failure and includes the error value.internal/ociartifact/store_test.go (1)
25-44: Consider adding a test case forDockerV2Schema1SignedMediaType.The
imageMimeTypeslist includesDockerV2Schema1SignedMediaType, but there's no test exercising that path. A schema 1 manifest has a different structure and would exercise theOCI1FromManifestfailure →ErrIsAnImagebranch distinctly from the Docker v2s2 test.🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/store_test.go` around lines 25 - 44, Add a new unit test that covers the DockerV2Schema1SignedMediaType path: create a schema1-style manifest bytes (either by extending makeOCIManifest or adding a small helper that emits the schema1 structure), feed those bytes through the same code path that uses imageMimeTypes and the manifest-to-OCI conversion (invoking OCI1FromManifest via the same processing function used by existing tests), and assert the code returns the ErrIsAnImage error (or the same failure branch) rather than succeeding; reference makeOCIManifest, DockerV2Schema1SignedMediaType, imageMimeTypes, OCI1FromManifest, and ErrIsAnImage to locate where to add the test and assertions.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@internal/ociartifact/store.go`:
- Around line 90-164: EnsureNotContainerImage fails to recognize unsigned Docker
v2 schema 1 manifests as images; add the unsigned MIME type to imageMimeTypes.
Update the imageMimeTypes slice in EnsureNotContainerImage to include
manifest.DockerV2Schema1MediaType alongside
manifest.DockerV2Schema1SignedMediaType so both signed and unsigned schema1
variants are treated as container images; verify references to imageMimeTypes
and re-run tests that exercise detection in Store.EnsureNotContainerImage and
manifest handling functions.
---
Nitpick comments:
In `@internal/ociartifact/impl.go`:
- Around line 34-42: The GetManifestFromRef implementation returns
src.GetManifest errors unwrapped; update the return to capture the result and
error from src.GetManifest(ctx, instanceDigest) and, if err != nil, return nil,
"", fmt.Errorf("get manifest from source: %w", err) so callers receive
contextualized errors; reference the GetManifestFromRef function and the
src.GetManifest call when making the change.
In `@internal/ociartifact/store_test.go`:
- Around line 25-44: Add a new unit test that covers the
DockerV2Schema1SignedMediaType path: create a schema1-style manifest bytes
(either by extending makeOCIManifest or adding a small helper that emits the
schema1 structure), feed those bytes through the same code path that uses
imageMimeTypes and the manifest-to-OCI conversion (invoking OCI1FromManifest via
the same processing function used by existing tests), and assert the code
returns the ErrIsAnImage error (or the same failure branch) rather than
succeeding; reference makeOCIManifest, DockerV2Schema1SignedMediaType,
imageMimeTypes, OCI1FromManifest, and ErrIsAnImage to locate where to add the
test and assertions.
In `@internal/ociartifact/store.go`:
- Around line 148-152: When manifest.OCI1FromManifest(manifestBytes) fails we
currently return ErrIsAnImage and discard the original error; update the code to
log the parse error at debug/trace level before returning ErrIsAnImage so
diagnostics are preserved. Locate the call to manifest.OCI1FromManifest in
internal/ociartifact/store.go and add a debug log statement that includes the
returned error (using the existing logger in scope, e.g., s.logger, logger, or
ctx logger) while keeping the control flow intact (still return ErrIsAnImage).
Ensure the log message clearly states it was an OCI manifest parse failure and
includes the error value.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
Makefileinternal/ociartifact/impl.gointernal/ociartifact/libartifact_store.gointernal/ociartifact/store.gointernal/ociartifact/store_test.gointernal/ociartifact/store_test_inject.gotest/mocks/ociartifact/ociartifact.go
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #9782 +/- ##
==========================================
+ Coverage 67.45% 67.57% +0.12%
==========================================
Files 210 212 +2
Lines 29123 29195 +72
==========================================
+ Hits 19644 19728 +84
+ Misses 7790 7782 -8
+ Partials 1689 1685 -4 🚀 New features to boost your workflow:
|
f52ee7b to
0dd1fb3
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
internal/ociartifact/store.go (1)
131-135: Missing unsigned Docker v2 schema 1 media type (DockerV2Schema1MediaType).
imageMimeTypesincludesDockerV2Schema1SignedMediaTypebut notDockerV2Schema1MediaType. If a registry returns the unsigned schema 1 variant (application/vnd.docker.distribution.manifest.v1+json), it will slip through detection and be treated as an artifact. Both legacy variants should be rejected.Proposed fix
imageMimeTypes := []string{ specs.MediaTypeImageManifest, manifest.DockerV2Schema2MediaType, manifest.DockerV2Schema1SignedMediaType, + manifest.DockerV2Schema1MediaType, }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/store.go` around lines 131 - 135, The imageMimeTypes slice in internal/ociartifact/store.go currently lists manifest.DockerV2Schema1SignedMediaType but omits the unsigned variant; update the imageMimeTypes declaration to include manifest.DockerV2Schema1MediaType alongside DockerV2Schema1SignedMediaType (so both legacy schema1 media types are present) to ensure unsigned schema1 manifests are detected and rejected when processing in the relevant code paths that reference imageMimeTypes.
🧹 Nitpick comments (1)
internal/ociartifact/store.go (1)
148-153: Docker v2 schema 2 detection relies on OCI parse failure — consider adding an explicit comment.When
mimeTypeisDockerV2Schema2MediaType, the code enters this branch and callsmanifest.OCI1FromManifest, which will fail because Docker v2 schema 2 is not a valid OCI manifest. The parse error path then correctly returnsErrIsAnImage. While this produces the right result, it's relying on a non-obvious side effect. A brief comment would prevent future maintainers from "fixing" the parse error handling and inadvertently breaking Docker schema 2 detection.Suggested clarifying comment
if slices.Contains(imageMimeTypes, mimeType) && slices.Contains(configMediaTypes, mediaType) { ociManifest, err := manifest.OCI1FromManifest(manifestBytes) - // Unable to parse an OCI manifest, assume an image + // Unable to parse as OCI manifest (e.g. Docker v2 schema 2), assume an image if err != nil { return ErrIsAnImage }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/store.go` around lines 148 - 153, The branch that calls manifest.OCI1FromManifest when mimeType and mediaType match (using imageMimeTypes and configMediaTypes) intentionally treats a parse error as Docker v2 schema 2 detection and returns ErrIsAnImage; add an explicit comment above this block explaining that when mimeType == DockerV2Schema2MediaType OCI1FromManifest is expected to fail for Docker v2 schema 2, that the error path is used intentionally to classify the artifact, and that ErrIsAnImage is the deliberate outcome so future maintainers won't remove or "fix" the parse-failure logic.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@internal/ociartifact/store_test.go`:
- Line 205: Update the two test descriptions that currently read "should fail
when manifest bytes are unparseable" and "should fail when config bytes are
unparseable" to use the correct spelling "unparsable"; locate the It(...) calls
in store_test.go (the test cases containing those exact strings) and replace
"unparseable" with "unparsable" in the description arguments.
---
Duplicate comments:
In `@internal/ociartifact/store.go`:
- Around line 131-135: The imageMimeTypes slice in internal/ociartifact/store.go
currently lists manifest.DockerV2Schema1SignedMediaType but omits the unsigned
variant; update the imageMimeTypes declaration to include
manifest.DockerV2Schema1MediaType alongside DockerV2Schema1SignedMediaType (so
both legacy schema1 media types are present) to ensure unsigned schema1
manifests are detected and rejected when processing in the relevant code paths
that reference imageMimeTypes.
---
Nitpick comments:
In `@internal/ociartifact/store.go`:
- Around line 148-153: The branch that calls manifest.OCI1FromManifest when
mimeType and mediaType match (using imageMimeTypes and configMediaTypes)
intentionally treats a parse error as Docker v2 schema 2 detection and returns
ErrIsAnImage; add an explicit comment above this block explaining that when
mimeType == DockerV2Schema2MediaType OCI1FromManifest is expected to fail for
Docker v2 schema 2, that the error path is used intentionally to classify the
artifact, and that ErrIsAnImage is the deliberate outcome so future maintainers
won't remove or "fix" the parse-failure logic.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
Makefileinternal/ociartifact/impl.gointernal/ociartifact/libartifact_store.gointernal/ociartifact/store.gointernal/ociartifact/store_test.gointernal/ociartifact/store_test_inject.gotest/mocks/ociartifact/ociartifact.go
🚧 Files skipped from review as they are similar to previous changes (1)
- internal/ociartifact/store_test_inject.go
0dd1fb3 to
06b3cd4
Compare
| // ErrIsAnImage when the reference points to a regular container image | ||
| // rather than an OCI artifact. Multi-architecture manifest lists are | ||
| // resolved to the current platform before inspection. | ||
| func (s *Store) EnsureNotContainerImage(ctx context.Context, ref types.ImageReference) error { |
There was a problem hiding this comment.
06b3cd4 to
a20b4f7
Compare
There was a problem hiding this comment.
🧹 Nitpick comments (3)
internal/ociartifact/store.go (2)
149-163: Logic gap:manifest.OCI1FromManifesterror is silently promoted toErrIsAnImage.When
manifest.OCI1FromManifest(manifestBytes)fails for a reason other than "not an OCI manifest" (e.g., malformed JSON, I/O error), the original error is silently discarded andErrIsAnImageis returned. A caller receivingErrIsAnImagehas no way to distinguish a legitimate Docker schema 2 image from a transient parse failure, potentially blocking valid artifact pulls.Consider logging the parse error at debug level before returning
ErrIsAnImageto preserve observability without changing the callers' contract:💡 Proposed improvement
- ociManifest, err := manifest.OCI1FromManifest(manifestBytes) - // Unable to parse as OCI manifest (e.g. Docker v2 schema 2), assume an image - if err != nil { - return ErrIsAnImage - } + ociManifest, ociErr := manifest.OCI1FromManifest(manifestBytes) + // Unable to parse as OCI manifest (e.g. Docker v2 schema 2), assume an image. + if ociErr != nil { + log.Debugf(ctx, "Cannot parse as OCI manifest (assuming container image): %v", ociErr) + return ErrIsAnImage + }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/store.go` around lines 149 - 163, The call to manifest.OCI1FromManifest(manifestBytes) currently swallows all parse errors and returns ErrIsAnImage; update the error path so the original parse error is logged (e.g., via log.Debugf or similar) before returning ErrIsAnImage to preserve observability without changing the function contract—change the block handling err from manifest.OCI1FromManifest to log the error context (including err and maybe manifest MIME/mediatype) then return ErrIsAnImage, referencing manifest.OCI1FromManifest, the err variable, ociManifest, and ErrIsAnImage to locate the code.
63-84: Double manifest fetch on the pull path.
EnsureNotContainerImageopens 1–2ImageSourceconnections to fetch the manifest(s), thenlibartifactStore.Pullinternally opens its own connection and re-fetches the same manifest. For large deployments or slow registries this adds measurable latency on every artifact pull.If the underlying library exposes a way to pass a pre-fetched manifest or if the pull path can be restructured to share the initial fetch, consider doing so. As-is, correctness is unaffected.
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/store.go` around lines 63 - 84, EnsureNotContainerImage currently fetches manifests, then libartifactStore.Pull re-fetches them causing double manifest fetch; modify EnsureNotContainerImage (or add a new variant EnsureNotContainerImageWithManifest) to return the already-fetched manifest or ImageSource/descriptor instead of discarding it, then add/use a matching libartifactStore.Pull variant that accepts the pre-fetched manifest/ImageSource (e.g., s.libartifactStore.PullWithManifest or Pull(ctx, artRef, opts, manifest)) and update the call in the pull path in this file to pass the returned manifest to avoid a second fetch.internal/ociartifact/impl.go (1)
34-42:src.Close()error silently discarded.
defer src.Close()drops the cleanup error. While benign for read-only manifest fetches (the manifest bytes are already copied), it can hide transport-level teardown failures in edge cases. Consider at least logging it at debug level to aid diagnostics.💡 Optional improvement
- defer src.Close() + defer func() { + if closeErr := src.Close(); closeErr != nil { + log.Debugf(ctx, "close image source: %v", closeErr) + } + }()(This requires importing
"github.com/cri-o/cri-o/internal/log"in this file, or you can simply ignore it if the project convention is to drop close errors from read-only sources.)🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/impl.go` around lines 34 - 42, GetManifestFromRef currently defers src.Close() and discards any returned error; change the defer to capture the Close() error and log it at debug level so transport teardown failures aren't silently dropped. Update the defer in GetManifestFromRef to call src.Close(), check its error, and call the project logger (import "github.com/cri-o/cri-o/internal/log") e.g. log.Debugf("closing image source: %v", err) when non-nil; keep the original return behavior for manifest and errors unchanged.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In `@internal/ociartifact/impl.go`:
- Around line 34-42: GetManifestFromRef currently defers src.Close() and
discards any returned error; change the defer to capture the Close() error and
log it at debug level so transport teardown failures aren't silently dropped.
Update the defer in GetManifestFromRef to call src.Close(), check its error, and
call the project logger (import "github.com/cri-o/cri-o/internal/log") e.g.
log.Debugf("closing image source: %v", err) when non-nil; keep the original
return behavior for manifest and errors unchanged.
In `@internal/ociartifact/store.go`:
- Around line 149-163: The call to manifest.OCI1FromManifest(manifestBytes)
currently swallows all parse errors and returns ErrIsAnImage; update the error
path so the original parse error is logged (e.g., via log.Debugf or similar)
before returning ErrIsAnImage to preserve observability without changing the
function contract—change the block handling err from manifest.OCI1FromManifest
to log the error context (including err and maybe manifest MIME/mediatype) then
return ErrIsAnImage, referencing manifest.OCI1FromManifest, the err variable,
ociManifest, and ErrIsAnImage to locate the code.
- Around line 63-84: EnsureNotContainerImage currently fetches manifests, then
libartifactStore.Pull re-fetches them causing double manifest fetch; modify
EnsureNotContainerImage (or add a new variant
EnsureNotContainerImageWithManifest) to return the already-fetched manifest or
ImageSource/descriptor instead of discarding it, then add/use a matching
libartifactStore.Pull variant that accepts the pre-fetched manifest/ImageSource
(e.g., s.libartifactStore.PullWithManifest or Pull(ctx, artRef, opts, manifest))
and update the call in the pull path in this file to pass the returned manifest
to avoid a second fetch.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
Makefileinternal/ociartifact/impl.gointernal/ociartifact/libartifact_store.gointernal/ociartifact/store.gointernal/ociartifact/store_test.gointernal/ociartifact/store_test_inject.gotest/mocks/ociartifact/ociartifact.go
🚧 Files skipped from review as they are similar to previous changes (2)
- internal/ociartifact/libartifact_store.go
- internal/ociartifact/store_test.go
a20b4f7 to
e9a8c3e
Compare
There was a problem hiding this comment.
Actionable comments posted: 1
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Inline comments:
In `@internal/ociartifact/store.go`:
- Around line 151-155: The manifest parsing branch mislabels the failure as a
Docker v2 schema 2 case and drops the actual parse error; update the inline
comment near the call to manifest.OCI1FromManifest(manifestBytes) to state that
a parsing error here indicates genuinely malformed/unparseable manifest bytes
(not that Docker v2 schema 2 was detected), and before returning ErrIsAnImage
capture and log the parse error (include the err value and useful context such
as manifest length or a brief snippet) using the existing logger in this scope
so diagnostic information is preserved; keep the return of ErrIsAnImage after
logging.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
Makefileinternal/ociartifact/impl.gointernal/ociartifact/libartifact_store.gointernal/ociartifact/store.gointernal/ociartifact/store_test.gointernal/ociartifact/store_test_inject.gotest/mocks/ociartifact/ociartifact.go
🚧 Files skipped from review as they are similar to previous changes (3)
- internal/ociartifact/store_test.go
- Makefile
- internal/ociartifact/impl.go
|
/retest @cri-o/cri-o-maintainers PTAL |
| ociManifest, err := manifest.OCI1FromManifest(manifestBytes) | ||
| // Unable to parse as OCI manifest (e.g. Docker v2 schema 2), assume an image | ||
| if err != nil { | ||
| return ErrIsAnImage |
There was a problem hiding this comment.
A log.Debugf before returning ErrIsAnImage here would help with troubleshooting. The parse error is silently discarded, and while that's intentional for Docker v2s2, it could mask unexpected failures.
| func (*defaultImpl) GetManifestFromRef(ctx context.Context, ref types.ImageReference, sys *types.SystemContext, instanceDigest *digest.Digest) (manifestBlob []byte, mimeType string, err error) { | ||
| src, err := ref.NewImageSource(ctx, sys) | ||
| if err != nil { | ||
| return nil, "", fmt.Errorf("create image source: %w", err) |
There was a problem hiding this comment.
nit: the named return values (manifestBlob, mimeType, err) aren't used for naked returns, could simplify to unnamed.
There was a problem hiding this comment.
This is by linter unfortunately.
| }) | ||
|
|
||
| It("should return ErrIsAnImage for Docker v2 schema 2 manifest", func() { | ||
| // Given |
There was a problem hiding this comment.
Worth adding a test case for DockerV2Schema1SignedMediaType as well to exercise the schema 1 → OCI1FromManifest failure → ErrIsAnImage path.
There was a problem hiding this comment.
added by claude, but it lgtm https://docker-docs.uclv.cu/registry/spec/manifest-v2-1/
e9a8c3e to
d49115c
Compare
There was a problem hiding this comment.
🧹 Nitpick comments (1)
internal/ociartifact/impl.go (1)
34-42: Consider wrapping the error fromGetManifestfor consistency.The error from
ref.NewImageSourceis wrapped with context (line 37), butsrc.GetManifesterrors are returned unwrapped. For consistent error tracing across the codebase, consider wrapping this error as well.Also,
src.Close()error is discarded. While this is a common pattern for read-only sources, logging or propagating a close error can help diagnose resource cleanup issues.♻️ Proposed fix
func (*defaultImpl) GetManifestFromRef(ctx context.Context, ref types.ImageReference, sys *types.SystemContext, instanceDigest *digest.Digest) (manifestBlob []byte, mimeType string, err error) { src, err := ref.NewImageSource(ctx, sys) if err != nil { return nil, "", fmt.Errorf("create image source: %w", err) } - defer src.Close() + defer func() { + if closeErr := src.Close(); closeErr != nil && err == nil { + err = fmt.Errorf("close image source: %w", closeErr) + } + }() - return src.GetManifest(ctx, instanceDigest) + manifestBlob, mimeType, err = src.GetManifest(ctx, instanceDigest) + if err != nil { + return nil, "", fmt.Errorf("get manifest: %w", err) + } + return manifestBlob, mimeType, nil }🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed. In `@internal/ociartifact/impl.go` around lines 34 - 42, In GetManifestFromRef on defaultImpl, wrap the error returned by src.GetManifest with context (similar to how ref.NewImageSource is wrapped) so callers get consistent error traces, and handle the deferred src.Close() error instead of discarding it — either log it via the package logger or wrap/append it to the returned error before returning; update references to ref.NewImageSource, src.GetManifest, and src.Close accordingly to implement these changes.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.
Nitpick comments:
In `@internal/ociartifact/impl.go`:
- Around line 34-42: In GetManifestFromRef on defaultImpl, wrap the error
returned by src.GetManifest with context (similar to how ref.NewImageSource is
wrapped) so callers get consistent error traces, and handle the deferred
src.Close() error instead of discarding it — either log it via the package
logger or wrap/append it to the returned error before returning; update
references to ref.NewImageSource, src.GetManifest, and src.Close accordingly to
implement these changes.
ℹ️ Review info
Configuration used: Path: .coderabbit.yaml
Review profile: CHILL
Plan: Pro
📒 Files selected for processing (7)
Makefileinternal/ociartifact/impl.gointernal/ociartifact/libartifact_store.gointernal/ociartifact/store.gointernal/ociartifact/store_test.gointernal/ociartifact/store_test_inject.gotest/mocks/ociartifact/ociartifact.go
🚧 Files skipped from review as they are similar to previous changes (2)
- internal/ociartifact/libartifact_store.go
- Makefile
…tore Fix cases where regular container images could accidentally be pulled into the OCI artifact store by validating manifest and config media types, including multi-arch manifest resolution and artifact type detection. Includes unit tests and updated mocks. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com> Signed-off-by: Ayato Tokubi <atokubi@redhat.com>
d49115c to
7eb2cc1
Compare
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: bitoku, saschagrunert The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
|
/retest |
|
/cherry-pick release-1.35 |
|
@bitoku: once the present PR merges, I will cherry-pick it on top of DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
|
/retest |
|
@bitoku: new pull request created: #9788 DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. |
What type of PR is this?
/kind bug
What this PR does / why we need it:
Fix cases where regular container images could accidentally be pulled into the OCI artifact store by validating manifest and config media types, including multi-arch manifest resolution and artifact type detection. Includes unit tests and updated mocks.
Which issue(s) this PR fixes:
Special notes for your reviewer:
Does this PR introduce a user-facing change?
Summary by CodeRabbit
New Features
Bug Fixes
Tests
Chores