feat: oci compliance work (#85)

* chore: rework oci crate to be more composable * feat: image pull is now internally explicit * feat: utilize vfs for assembling oci images * feat: rework oci to preserve permissions via a vfs
2025-08-03 21:21:32 +00:00 · 2024-04-15 10:24:14 -07:00
parent 24c71e9725
commit 89055ef77c
33 changed files with 1500 additions and 1164 deletions
--- a/crates/krata/proto/krata/v1/common.proto
+++ b/crates/krata/proto/krata/v1/common.proto
@ -29,8 +29,15 @@ message GuestImageSpec {
    }
 }

+enum GuestOciImageFormat {
+    GUEST_OCI_IMAGE_FORMAT_UNKNOWN = 0;
+    GUEST_OCI_IMAGE_FORMAT_SQUASHFS = 1;
+    GUEST_OCI_IMAGE_FORMAT_EROFS = 2;
+}
+
 message GuestOciImageSpec {
-    string image = 1;
+    string digest = 1;
+    GuestOciImageFormat format = 2;
 }

 message GuestTaskSpec {
--- a/crates/krata/proto/krata/v1/control.proto
+++ b/crates/krata/proto/krata/v1/control.proto
@ -14,11 +14,14 @@ service ControlService {
    rpc DestroyGuest(DestroyGuestRequest) returns (DestroyGuestReply);
    rpc ResolveGuest(ResolveGuestRequest) returns (ResolveGuestReply);
    rpc ListGuests(ListGuestsRequest) returns (ListGuestsReply);
+
    rpc ConsoleData(stream ConsoleDataRequest) returns (stream ConsoleDataReply);
+    rpc ReadGuestMetrics(ReadGuestMetricsRequest) returns (ReadGuestMetricsReply);
+    
+    rpc SnoopIdm(SnoopIdmRequest) returns (stream SnoopIdmReply);
    rpc WatchEvents(WatchEventsRequest) returns (stream WatchEventsReply);

-    rpc ReadGuestMetrics(ReadGuestMetricsRequest) returns (ReadGuestMetricsReply);
-    rpc SnoopIdm(SnoopIdmRequest) returns (stream SnoopIdmReply);
+    rpc PullImage(PullImageRequest) returns (stream PullImageReply);
 }

 message CreateGuestRequest {
@ -63,7 +66,6 @@ message WatchEventsRequest {}
 message WatchEventsReply {
    oneof event {
        GuestChangedEvent guest_changed = 1;
-        OciProgressEvent oci_progress = 2;
    }
 }

@ -71,40 +73,6 @@ message GuestChangedEvent {
    krata.v1.common.Guest guest = 1;
 }

-enum OciProgressEventLayerPhase {
-    OCI_PROGRESS_EVENT_LAYER_PHASE_UNKNOWN = 0;
-    OCI_PROGRESS_EVENT_LAYER_PHASE_WAITING = 1;
-    OCI_PROGRESS_EVENT_LAYER_PHASE_DOWNLOADING = 2;
-    OCI_PROGRESS_EVENT_LAYER_PHASE_DOWNLOADED = 3;
-    OCI_PROGRESS_EVENT_LAYER_PHASE_EXTRACTING = 4;
-    OCI_PROGRESS_EVENT_LAYER_PHASE_EXTRACTED = 5;
-}
-
-message OciProgressEventLayer {
-    string id = 1;
-    OciProgressEventLayerPhase phase = 2;
-    uint64 value = 3;
-    uint64 total = 4;
-}
-
-enum OciProgressEventPhase {
-    OCI_PROGRESS_EVENT_PHASE_UNKNOWN = 0;
-    OCI_PROGRESS_EVENT_PHASE_RESOLVING = 1;
-    OCI_PROGRESS_EVENT_PHASE_RESOLVED = 2;
-    OCI_PROGRESS_EVENT_PHASE_CONFIG_ACQUIRE = 3;
-    OCI_PROGRESS_EVENT_PHASE_LAYER_ACQUIRE = 4;
-    OCI_PROGRESS_EVENT_PHASE_PACKING = 5;
-    OCI_PROGRESS_EVENT_PHASE_COMPLETE = 6;
-}
-
-message OciProgressEvent {
-    string guest_id = 1;
-    OciProgressEventPhase phase = 2;
-    repeated OciProgressEventLayer layers = 3;
-    uint64 value = 4;
-    uint64 total = 5;
-}
-
 message ReadGuestMetricsRequest {
    string guest_id = 1;
 }
@ -120,3 +88,47 @@ message SnoopIdmReply {
    uint32 to = 2;
    krata.bus.idm.IdmPacket packet = 3;
 }
+
+enum PullImageProgressLayerPhase {
+    PULL_IMAGE_PROGRESS_LAYER_PHASE_UNKNOWN = 0;
+    PULL_IMAGE_PROGRESS_LAYER_PHASE_WAITING = 1;
+    PULL_IMAGE_PROGRESS_LAYER_PHASE_DOWNLOADING = 2;
+    PULL_IMAGE_PROGRESS_LAYER_PHASE_DOWNLOADED = 3;
+    PULL_IMAGE_PROGRESS_LAYER_PHASE_EXTRACTING = 4;
+    PULL_IMAGE_PROGRESS_LAYER_PHASE_EXTRACTED = 5;
+}
+
+message PullImageProgressLayer {
+    string id = 1;
+    PullImageProgressLayerPhase phase = 2;
+    uint64 value = 3;
+    uint64 total = 4;
+}
+
+enum PullImageProgressPhase {
+    PULL_IMAGE_PROGRESS_PHASE_UNKNOWN = 0;
+    PULL_IMAGE_PROGRESS_PHASE_RESOLVING = 1;
+    PULL_IMAGE_PROGRESS_PHASE_RESOLVED = 2;
+    PULL_IMAGE_PROGRESS_PHASE_CONFIG_ACQUIRE = 3;
+    PULL_IMAGE_PROGRESS_PHASE_LAYER_ACQUIRE = 4;
+    PULL_IMAGE_PROGRESS_PHASE_PACKING = 5;
+    PULL_IMAGE_PROGRESS_PHASE_COMPLETE = 6;
+}
+
+message PullImageProgress {
+    PullImageProgressPhase phase = 1;
+    repeated PullImageProgressLayer layers = 2;
+    uint64 value = 3;
+    uint64 total = 4;
+}
+
+message PullImageRequest {
+    string image = 1;
+    krata.v1.common.GuestOciImageFormat format = 2;
+}
+
+message PullImageReply {
+    PullImageProgress progress = 1;
+    string digest = 2;
+    krata.v1.common.GuestOciImageFormat format = 3;
+}