This commit is contained in:
Cat /dev/Nulo 2023-06-19 19:00:20 -03:00
parent 6d483c3e8b
commit e8658c6201
2 changed files with 1 additions and 33 deletions

View file

@ -4,11 +4,9 @@ import { join } from "node:path";
import { promisify } from "node:util"; import { promisify } from "node:util";
import { tar2squashfs } from "./tar2squashfs.js"; import { tar2squashfs } from "./tar2squashfs.js";
import { subtle } from "node:crypto"; import { subtle } from "node:crypto";
const execFile = promisify(_execFile);
type RegistryName = string; type RegistryName = string;
type RegistrySecret = string; type RegistrySecret = string;
// const downloadBlob = memoizeDownloader(_downloadBlob);
const getToken = memoizeDownloader(_getToken); const getToken = memoizeDownloader(_getToken);
let squashfsDownloads = new Map<string, Promise<string>>(); let squashfsDownloads = new Map<string, Promise<string>>();
@ -181,14 +179,6 @@ async function jsonBlob<T>(image: string, digest: string): Promise<T> {
return (await res.json()) as T; return (await res.json()) as T;
} }
// // We can't just trust the digest as some evil image or registry can lie with
// // their own digests, using one of another image but inserting malware in it.
// // If we just cache according to the digest without verifying digests, this
// // attack is possible.
// function blobKey(image: string, digest: string): string {
// return `${image.replaceAll("/", "%")}#${digest}`;
// }
function memoizeDownloader<T>( function memoizeDownloader<T>(
downloader: (id: string) => Promise<T> downloader: (id: string) => Promise<T>
): (id: string) => Promise<T> { ): (id: string) => Promise<T> {
@ -204,27 +194,6 @@ function memoizeDownloader<T>(
}; };
} }
// async function _downloadBlob(key: string) {
// let [image, digest] = key.split("#");
// image = image.replaceAll("%", "/");
// const path = join(tmpDir, key);
// const res = await getBlob(image, digest);
// try {
// await access(path);
// // cacheado, actualizar mtime y devolver
// utimes(path, new Date(), new Date());
// return path;
// } catch (error) {}
// const tempKey = `.${key}.downloading.${nanoid()}`;
// const tempFile = await open(join(tmpDir, tempKey), "wx");
// await res.body!.pipeTo(Writable.toWeb(tempFile.createWriteStream()));
// await tempFile.close();
// await rename(tempKey, path);
// return path;
// }
// https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md#properties // https://github.com/opencontainers/image-spec/blob/v1.0.1/descriptor.md#properties
type Descriptor = { type Descriptor = {
digest: string; digest: string;

View file

@ -5,8 +5,7 @@
import gunzip from "gunzip-maybe"; import gunzip from "gunzip-maybe";
import { spawn } from "node:child_process"; import { spawn } from "node:child_process";
import { Duplex, Readable, Writable } from "node:stream"; import { Duplex, Writable } from "node:stream";
import { pipeline } from "node:stream/promises";
import { ReadableStream } from "node:stream/web"; import { ReadableStream } from "node:stream/web";
import { extract, pack } from "tar-stream"; import { extract, pack } from "tar-stream";