From 4ddac3882c1aed1ab562a4fa10d587ff464fcc1e Mon Sep 17 00:00:00 2001 From: Mikko Ylinen Date: Tue, 19 Dec 2023 08:27:27 +0200 Subject: [PATCH] chore(deps): update sigstore-rs to 0.8.0 and oci-distribution to 0.10.0 The second round of updates that allow image-rs to move to released versions of the crates Signed-off-by: Mikko Ylinen --- Cargo.lock | 293 +++++++++++++++++++++++++++++++++---------- Cargo.toml | 3 - image-rs/Cargo.toml | 5 +- image-rs/src/pull.rs | 8 +- 4 files changed, 235 insertions(+), 74 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index bfb42427f..baab4771f 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -592,7 +592,17 @@ checksum = "ed2f2e73fffe9455141e170fb9c1feb0ac521ec7e7dcd47a7cab72a658490fb8" dependencies = [ "chrono", "serde", - "serde_with", + "serde_with 1.14.0", +] + +[[package]] +name = "bstr" +version = "1.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "542f33a8835a0884b006a0c3df3dadd99c0c3f296ed26c2fdc8028e01ad6230c" +dependencies = [ + "memchr", + "serde", ] [[package]] @@ -1246,6 +1256,16 @@ dependencies = [ "darling_macro 0.14.4", ] +[[package]] +name = "darling" +version = "0.20.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "0209d94da627ab5605dcccf08bb18afa5009cfbef48d8a8b7d7bdbc79be25c5e" +dependencies = [ + "darling_core 0.20.3", + "darling_macro 0.20.3", +] + [[package]] name = "darling_core" version = "0.13.4" @@ -1274,6 +1294,20 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "darling_core" +version = "0.20.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "177e3443818124b357d8e76f53be906d60937f0d3a90773a664fa63fa253e621" +dependencies = [ + "fnv", + "ident_case", + "proc-macro2", + "quote", + "strsim 0.10.0", + "syn 2.0.41", +] + [[package]] name = "darling_macro" version = "0.13.4" @@ -1296,6 +1330,17 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "darling_macro" +version = "0.20.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "836a9bbc7ad63342d6d6e7b815ccab164bc77a2d95d84bc3117a8c0d5c98e2d5" +dependencies = [ + "darling_core 0.20.3", + "quote", + "syn 2.0.41", +] + [[package]] name = "dashmap" version = "5.5.3" @@ -1522,6 +1567,12 @@ dependencies = [ "winapi", ] +[[package]] +name = "doc-comment" +version = "0.3.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "fea41bba32d969b513997752735605054bc0dfa92b4c56bf1189f2e174be7a10" + [[package]] name = "dsa" version = "0.6.2" @@ -2079,6 +2130,19 @@ version = "0.3.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "d2fabcfbdc87f4758337ca535fb41a6d701b65693ce38287d856d1674551ec9b" +[[package]] +name = "globset" +version = "0.4.14" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "57da3b9b5b85bd66f31093f8c408b90a74431672542466497dcbdfdc02034be1" +dependencies = [ + "aho-corasick", + "bstr", + "log", + "regex-automata", + "regex-syntax 0.8.2", +] + [[package]] name = "group" version = "0.13.0" @@ -2476,6 +2540,7 @@ dependencies = [ "tempfile", "test-utils", "tokio", + "tokio-util", "tonic", "tonic-build", "ttrpc", @@ -2493,6 +2558,7 @@ checksum = "bd070e393353796e801d209ad339e89596eb4c8d430d18ede6a1cced8fafbd99" dependencies = [ "autocfg", "hashbrown 0.12.3", + "serde", ] [[package]] @@ -2777,15 +2843,6 @@ dependencies = [ "zeroize", ] -[[package]] -name = "keccak" -version = "0.1.4" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8f6d5ed8676d904364de097082f4e7d240b571b67989ced0240f08b7f966f940" -dependencies = [ - "cpufeatures", -] - [[package]] name = "kms" version = "0.1.0" @@ -3205,7 +3262,6 @@ dependencies = [ "num-iter", "num-traits", "rand 0.8.5", - "serde", "smallvec", "zeroize", ] @@ -3411,11 +3467,12 @@ dependencies = [ [[package]] name = "oci-distribution" -version = "0.9.4" -source = "git+https://github.com/krustlet/oci-distribution.git?rev=f44124c#f44124c3c0875821d0b84a6632bf70b6d6eaf9ef" +version = "0.10.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "2a635cabf7a6eb4e5f13e9e82bd9503b7c2461bf277132e38638a935ebd684b4" dependencies = [ + "bytes", "chrono", - "futures", "futures-util", "http", "http-auth", @@ -3429,7 +3486,6 @@ dependencies = [ "sha2 0.10.8", "thiserror", "tokio", - "tokio-util", "tracing", "unicase", ] @@ -3646,6 +3702,24 @@ dependencies = [ "subtle", ] +[[package]] +name = "path-absolutize" +version = "3.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4af381fe79fa195b4909485d99f73a80792331df0625188e707854f0b3383f5" +dependencies = [ + "path-dedot", +] + +[[package]] +name = "path-dedot" +version = "3.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "07ba0ad7e047712414213ff67533e6dd477af0a4e1d14fb52343e53d30ea9397" +dependencies = [ + "once_cell", +] + [[package]] name = "pbkdf2" version = "0.11.0" @@ -3673,9 +3747,18 @@ checksum = "19b17cddbe7ec3f8bc800887bab5e717348c95ea2ca0b1bf0837fb964dc67099" [[package]] name = "pem" -version = "2.0.1" +version = "1.1.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "a8835c273a76a90455d7344889b0964598e3316e2a79ede8e36f16bdcf2228b8" +dependencies = [ + "base64 0.13.1", +] + +[[package]] +name = "pem" +version = "3.0.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6b13fe415cdf3c8e44518e18a7c95a13431d9bdf6d15367d82b23c377fdd441a" +checksum = "1b8fcc794035347fb64beda2d3b462595dd2753e3f268d89c5aae77e8cf2c310" dependencies = [ "base64 0.21.5", "serde", @@ -3745,34 +3828,6 @@ dependencies = [ "siphasher", ] -[[package]] -name = "picky" -version = "7.0.0-rc.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "52cccdaffd2f361b4b4eb70b4249bd71d89bb66cb84b7f76483ecd1640c543ce" -dependencies = [ - "base64 0.21.5", - "digest 0.10.7", - "ed25519-dalek", - "md-5", - "num-bigint-dig", - "p256", - "p384", - "picky-asn1", - "picky-asn1-der", - "picky-asn1-x509", - "rand 0.8.5", - "rand_core 0.6.4", - "rsa 0.9.6", - "serde", - "sha1", - "sha2 0.10.8", - "sha3", - "thiserror", - "x25519-dalek", - "zeroize", -] - [[package]] name = "picky-asn1" version = "0.8.0" @@ -3782,7 +3837,6 @@ dependencies = [ "oid", "serde", "serde_bytes", - "zeroize", ] [[package]] @@ -3803,12 +3857,10 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "2c5f20f71a68499ff32310f418a6fad8816eac1a2859ed3f0c5c741389dd6208" dependencies = [ "base64 0.21.5", - "num-bigint-dig", "oid", "picky-asn1", "picky-asn1-der", "serde", - "zeroize", ] [[package]] @@ -4661,7 +4713,7 @@ checksum = "f9d5a6813c0759e4609cd494e8e725babae6a2ca7b62a5536a13daaec6fcb7ba" dependencies = [ "log", "ring 0.17.7", - "rustls-webpki", + "rustls-webpki 0.101.7", "sct", ] @@ -4674,6 +4726,12 @@ dependencies = [ "base64 0.21.5", ] +[[package]] +name = "rustls-pki-types" +version = "1.0.1" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e7673e0aa20ee4937c6aacfc12bb8341cfbf054cdd21df6bec5fd0629fe9339b" + [[package]] name = "rustls-webpki" version = "0.101.7" @@ -4684,6 +4742,17 @@ dependencies = [ "untrusted 0.9.0", ] +[[package]] +name = "rustls-webpki" +version = "0.102.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "de2635c8bc2b88d367767c5de8ea1d8db9af3f6219eba28442242d9ab81d1b89" +dependencies = [ + "ring 0.17.7", + "rustls-pki-types", + "untrusted 0.9.0", +] + [[package]] name = "rustversion" version = "1.0.14" @@ -4956,6 +5025,26 @@ dependencies = [ "serde", ] +[[package]] +name = "serde_plain" +version = "1.0.2" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "9ce1fc6db65a611022b23a0dec6975d63fb80a302cb3388835ff02c097258d50" +dependencies = [ + "serde", +] + +[[package]] +name = "serde_repr" +version = "0.1.17" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3081f5ffbb02284dda55132aa26daecedd7372a42417bbbab6f14ab7d6bb9145" +dependencies = [ + "proc-macro2", + "quote", + "syn 2.0.41", +] + [[package]] name = "serde_spanned" version = "0.6.4" @@ -4984,7 +5073,24 @@ source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "678b5a069e50bf00ecd22d0cd8ddf7c236f68581b03db652061ed5eb13a312ff" dependencies = [ "serde", - "serde_with_macros", + "serde_with_macros 1.5.2", +] + +[[package]] +name = "serde_with" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "64cd236ccc1b7a29e7e2739f27c0b2dd199804abc4290e32f59f3b68d6405c23" +dependencies = [ + "base64 0.21.5", + "chrono", + "hex", + "indexmap 1.9.3", + "indexmap 2.1.0", + "serde", + "serde_json", + "serde_with_macros 3.4.0", + "time", ] [[package]] @@ -4999,6 +5105,18 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "serde_with_macros" +version = "3.4.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "93634eb5f75a2323b16de4748022ac4297f9e76b6dced2be287a099f41b5e788" +dependencies = [ + "darling 0.20.3", + "proc-macro2", + "quote", + "syn 2.0.41", +] + [[package]] name = "serde_yaml" version = "0.9.27" @@ -5142,16 +5260,6 @@ dependencies = [ "digest 0.10.7", ] -[[package]] -name = "sha3" -version = "0.10.8" -source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "75872d278a8f37ef87fa0ddbda7802605cb18344497949862c0d4dcb291eba60" -dependencies = [ - "digest 0.10.7", - "keccak", -] - [[package]] name = "shadow-rs" version = "0.23.0" @@ -5202,8 +5310,9 @@ dependencies = [ [[package]] name = "sigstore" -version = "0.7.2" -source = "git+https://github.com/sigstore/sigstore-rs.git?tag=v0.7.2#4111411119510ebbb09831485c99214225f14353" +version = "0.8.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "62e263c1b57dfbba5efe772af0cbc5acd1da1900c24401c2a34f407980282d43" dependencies = [ "async-trait", "base64 0.21.5", @@ -5222,19 +5331,24 @@ dependencies = [ "olpc-cjson", "p256", "p384", - "pem", - "picky", + "pem 3.0.3", "pkcs1 0.7.5", "pkcs8 0.10.2", "rand 0.8.5", + "regex", "rsa 0.9.6", + "rustls-pki-types", + "rustls-webpki 0.102.0", "scrypt 0.11.0", "serde", "serde_json", + "serde_repr", + "serde_with 3.4.0", "sha2 0.10.8", "signature 2.2.0", "thiserror", "tokio", + "tough", "tracing", "url", "webbrowser", @@ -5263,6 +5377,28 @@ version = "1.11.2" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "4dccd0940a2dcdf68d092b8cbab7dc0ad8fa938bf95787e1b916b0e3d0e8e970" +[[package]] +name = "snafu" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "e4de37ad025c587a29e8f3f5605c00f70b98715ef90b9061a815b9e59e9042d6" +dependencies = [ + "doc-comment", + "snafu-derive", +] + +[[package]] +name = "snafu-derive" +version = "0.7.5" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "990079665f075b699031e9c08fd3ab99be5029b96f3b78dc0709e8f77e4efebf" +dependencies = [ + "heck 0.4.1", + "proc-macro2", + "quote", + "syn 1.0.109", +] + [[package]] name = "socket2" version = "0.4.10" @@ -5717,7 +5853,6 @@ checksum = "5419f34732d9eb6ee4c3578b7989078579b7f039cbbb9ca2c4da015749371e15" dependencies = [ "bytes", "futures-core", - "futures-io", "futures-sink", "pin-project-lite", "tokio", @@ -5821,6 +5956,33 @@ dependencies = [ "syn 1.0.109", ] +[[package]] +name = "tough" +version = "0.14.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "eda3efa9005cf9c1966984c3b9a44c3f37b7ed2c95ba338d6ad51bba70e989a0" +dependencies = [ + "chrono", + "dyn-clone", + "globset", + "hex", + "log", + "olpc-cjson", + "path-absolutize", + "pem 1.1.1", + "percent-encoding", + "reqwest", + "ring 0.16.20", + "serde", + "serde_json", + "serde_plain", + "snafu", + "tempfile", + "untrusted 0.7.1", + "url", + "walkdir", +] + [[package]] name = "tower" version = "0.4.13" @@ -6615,7 +6777,6 @@ checksum = "fb66477291e7e8d2b0ff1bcb900bf29489a9692816d79874bea351e7a8b6de96" dependencies = [ "curve25519-dalek", "rand_core 0.6.4", - "serde", "zeroize", ] diff --git a/Cargo.toml b/Cargo.toml index fdaec7a53..2b6a788a5 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -68,6 +68,3 @@ ttrpc-codegen = "0.4.2" url = "2.3.1" uuid = "1" zeroize = "1.5.7" - -[patch.crates-io] -oci-distribution = { git = "https://github.com/krustlet/oci-distribution.git", rev = "f44124c" } diff --git a/image-rs/Cargo.toml b/image-rs/Cargo.toml index 7e06aef7e..a22fce6d8 100644 --- a/image-rs/Cargo.toml +++ b/image-rs/Cargo.toml @@ -27,7 +27,7 @@ libc = "0.2" log = "0.4.14" loopdev = { git = "https://github.com/mdaffin/loopdev", rev = "c9f91e8f0326ce8a3364ac911e81eb32328a5f27"} nix = { version = "0.26", optional = true } -oci-distribution = { git = "https://github.com/krustlet/oci-distribution.git", rev = "f44124c", default-features = false, optional = true } +oci-distribution = { version = "0.10.0", default-features = false, optional = true } oci-spec = "0.6.2" ocicrypt-rs = { path = "../ocicrypt-rs", default-features = false, features = ["async-io"], optional = true } prost = { workspace = true, optional = true } @@ -38,11 +38,12 @@ serde = { workspace = true, features = ["serde_derive", "rc"] } serde_json.workspace = true serde_yaml = { version = "0.9", optional = true } sha2.workspace = true -sigstore = { git = "https://github.com/sigstore/sigstore-rs.git", tag = "v0.7.2", default-features = false, optional = true} +sigstore = { version = "0.8.0", default-features = false, optional = true, features = ["tuf"] } strum.workspace = true strum_macros = "0.25" tar = "0.4.37" tokio.workspace = true +tokio-util = "0.7.10" tonic = { workspace = true, optional = true } ttrpc = { workspace = true, features = [ "async" ], optional = true } url = "2.2.2" diff --git a/image-rs/src/pull.rs b/image-rs/src/pull.rs index a26319c63..5bbb91329 100644 --- a/image-rs/src/pull.rs +++ b/image-rs/src/pull.rs @@ -11,6 +11,7 @@ use std::convert::TryFrom; use std::path::{Path, PathBuf}; use std::sync::Arc; use tokio::sync::Mutex; +use tokio_util::io::StreamReader; use crate::decoder::Compression; use crate::decrypt::Decryptor; @@ -97,11 +98,12 @@ impl<'a> PullClient<'a> { let layer_metas: Vec<(usize, LayerMeta)> = stream::iter(layer_descs) .enumerate() .map(|(i, layer)| async move { - let layer_reader = self + let layer_stream = self .client - .async_pull_blob(&self.reference, &layer.digest) + .pull_blob_stream(&self.reference, &layer.digest) .await - .map_err(|e| anyhow!("failed to async pull blob {}", e.to_string()))?; + .map_err(|e| anyhow!("failed to async pull blob stream {}", e.to_string()))?; + let layer_reader = StreamReader::new(layer_stream); self.async_handle_layer( layer, diff_ids[i].clone(),