diff options
author | Matthias Schiffer <mschiffer@universe-factory.net> | 2021-06-20 12:58:43 +0200 |
---|---|---|
committer | Matthias Schiffer <mschiffer@universe-factory.net> | 2021-06-20 12:58:43 +0200 |
commit | 3a51c2ce4abedcc2c8e1670b6c2c6ad1243a303a (patch) | |
tree | a9d3511a2051856e7febc4226a90307050faa975 | |
parent | 6371cb848bb953a4792a26ea967b17f1402c7d0f (diff) | |
download | rebel-3a51c2ce4abedcc2c8e1670b6c2c6ad1243a303a.tar rebel-3a51c2ce4abedcc2c8e1670b6c2c6ad1243a303a.zip |
runc: add output hashing
-rw-r--r-- | Cargo.lock | 78 | ||||
-rw-r--r-- | Cargo.toml | 2 | ||||
-rw-r--r-- | src/runner/runc.rs | 3 | ||||
-rw-r--r-- | src/runner/runc/run.rs | 16 |
4 files changed, 96 insertions, 3 deletions
@@ -1,5 +1,7 @@ # This file is automatically @generated by Cargo. # It is not intended for manual editing. +version = 3 + [[package]] name = "autocfg" version = "1.0.1" @@ -22,6 +24,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "cf1de2fe8c75bc145a2f577add951f8134889b4795d47466a54a5c846d691693" [[package]] +name = "block-buffer" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" +dependencies = [ + "generic-array", +] + +[[package]] name = "cc" version = "1.0.68" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -40,6 +51,15 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd" [[package]] +name = "cpufeatures" +version = "0.1.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "ed00c67cb5d0a7d64a44f6ad2668db7e7530311dd53ea79bcd4fb022c64911c8" +dependencies = [ + "libc", +] + +[[package]] name = "crossbeam-channel" version = "0.4.4" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -61,6 +81,15 @@ dependencies = [ ] [[package]] +name = "digest" +version = "0.9.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" +dependencies = [ + "generic-array", +] + +[[package]] name = "dtoa" version = "0.4.8" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -101,6 +130,16 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "3dcaa9ae7725d12cdb85b3ad99a434db70b468c09ded17e012d86b5c1010f7a7" [[package]] +name = "generic-array" +version = "0.14.4" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "501466ecc8a30d1d3b7fc9229b122b2ce8ed6e9d9223f1138d4babb253e51817" +dependencies = [ + "typenum", + "version_check", +] + +[[package]] name = "getrandom" version = "0.1.16" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -274,6 +313,12 @@ dependencies = [ ] [[package]] +name = "opaque-debug" +version = "0.3.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" + +[[package]] name = "ppv-lite86" version = "0.2.10" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -389,7 +434,9 @@ dependencies = [ "serde", "serde_json", "serde_yaml", + "sha2", "tar", + "tee_readwrite", "users", "walkdir", ] @@ -471,6 +518,19 @@ dependencies = [ ] [[package]] +name = "sha2" +version = "0.9.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "b362ae5752fd2137731f9fa25fd4d9058af34666ca1966fb969119cc35719f12" +dependencies = [ + "block-buffer", + "cfg-if 1.0.0", + "cpufeatures", + "digest", + "opaque-debug", +] + +[[package]] name = "slab" version = "0.4.3" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -499,6 +559,12 @@ dependencies = [ ] [[package]] +name = "tee_readwrite" +version = "0.1.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0642ac8a287350e5bd14ac50e7a137d49432ae625a1ae83668323ef3ca466af8" + +[[package]] name = "tempfile" version = "3.2.0" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -513,6 +579,12 @@ dependencies = [ ] [[package]] +name = "typenum" +version = "1.13.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "879f6906492a7cd215bfa4cf595b600146ccfac0c79bcbd1f3000162af5e8b06" + +[[package]] name = "unicode-xid" version = "0.2.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -538,6 +610,12 @@ dependencies = [ ] [[package]] +name = "version_check" +version = "0.9.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "5fecdca9a5291cc2b8dcf7dc02453fee791a280f3743cb0905f8822ae463b3fe" + +[[package]] name = "walkdir" version = "2.3.2" source = "registry+https://github.com/rust-lang/crates.io-index" @@ -15,6 +15,8 @@ oci-spec = "0.2.8" serde = { version = "1", features = ["derive"] } serde_json = "1.0.62" serde_yaml = "0.8" +sha2 = "0.9.5" tar = "0.4.32" +tee_readwrite = "0.1.0" users = "0.11.0" walkdir = "2" diff --git a/src/runner/runc.rs b/src/runner/runc.rs index ded73fa..0964ee9 100644 --- a/src/runner/runc.rs +++ b/src/runner/runc.rs @@ -7,11 +7,14 @@ use std::{io, process}; use ipc_channel::ipc; use nix::{sys::signal, unistd}; use serde::{Deserialize, Serialize}; +use sha2::Sha256; use crate::types::*; use crate::unshare; use crate::util::ipc::CheckDisconnect; +pub type OutputHash = Sha256; + #[derive(Debug, Deserialize, Serialize)] struct Request(TaskRef, Task, ipc::IpcSender<run::Error>); diff --git a/src/runner/runc/run.rs b/src/runner/runc/run.rs index 3fe51e1..14149d2 100644 --- a/src/runner/runc/run.rs +++ b/src/runner/runc/run.rs @@ -11,6 +11,8 @@ use nix::{ unistd, }; use serde::{Deserialize, Serialize}; +use sha2::{digest, Digest}; +use tee_readwrite::TeeWriter; use crate::{ types::*, @@ -18,7 +20,7 @@ use crate::{ util::{self, ToIOResult}, }; -use super::spec; +use super::{spec, OutputHash}; #[derive(Debug, Deserialize, Serialize)] pub enum Error { @@ -67,13 +69,21 @@ fn output_filename(task: TaskRef) -> PathBuf { Path::new("build/state").join(format!("{}.tar", task)) } -fn collect_output(task: TaskRef, task_def: Task) -> Result<(), io::Error> { +fn collect_output(task: TaskRef, task_def: Task) -> Result<digest::Output<OutputHash>, io::Error> { let file = util::unix::create_as( output_filename(task), Some(unshare::BUILD_UID), Some(unshare::BUILD_GID), )?; - util::tar::pack(file, "build/tmp/runc/workdir", task_def.output.iter())?.sync_all() + let hasher = OutputHash::default(); + let writer = TeeWriter::new(file, hasher); + + let writer = util::tar::pack(writer, "build/tmp/runc/workdir", task_def.output.iter())?; + let (file, hasher) = writer.into_inner(); + + file.sync_all()?; + + Ok(hasher.finalize()) } pub fn handle_task(task: TaskRef, task_def: Task) -> Result<(), Error> { |