New tool for working with bundle images

[Daniel Sover]

Hello all,

I’d like to share a project we put together recently that makes it easy to copy content out of a container filesystem. In the OLM registry+v1 bundle format manifests get stored inside container images —this tool makes it easy to see what’s inside a particular image. It works with both docker and podman. 

https://github.com/exdx/dcp

Check it out!

Dan

[Frederic Giloux]

Hi Daniel

Thank you for sharing. I have had a very quick look but did not get what it offers that cannot be done with podman image mount, e,g.:
$ podman unshare
[root@fgiloux tmp]# podman image mount quay.io/fgiloux/memcached-bundle:v1.1
/home/fgiloux/.local/share/containers/storage/overlay/e567ab30a19534c081d9f9b9424072bcde5e08e36883e4ce8f59bb020e49af8c/merged
[root@fgiloux tmp]# ls /home/fgiloux/.local/share/containers/storage/overlay/e567ab30a19534c081d9f9b9424072bcde5e08e36883e4ce8f59bb020e49af8c/merged
manifests  metadata  tests
[root@fgiloux tmp]# ls /home/fgiloux/.local/share/containers/storage/overlay/e567ab30a19534c081d9f9b9424072bcde5e08e36883e4ce8f59bb020e49af8c/merged/manifests/
cache.example.com_memcacheds.yaml                                                                   memcached-operator-manager-config_v1_configmap.yaml
memcached-operator.clusterserviceversion.yaml                                                       memcached-operator-metrics-reader_rbac.authorization.k8s.io_v1_clusterrole.yaml
memcached-operator-controller-manager-metrics-monitor_monitoring.coreos.com_v1_servicemonitor.yaml  memcached-operator-webhook-service_v1_service.yaml
memcached-operator-controller-manager-metrics-service_v1_service.yaml                               vpa.yaml
[root@fgiloux tmp]# ls /home/fgiloux/.local/share/containers/storage/overlay/e567ab30a19534c081d9f9b9424072bcde5e08e36883e4ce8f59bb020e49af8c/merged/metadata
annotations.yaml  properties.yaml

Regards,

Frédéric

--
You received this message because you are subscribed to the Google Groups "operator-framework-olm-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to operator-framework-...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/operator-framework-olm-dev/492D3078-EB3A-4070-8D9A-5476F3AF5A9A%40redhat.com.

--

Frédéric Giloux

OpenShift Engineering
Red Hat Germany

fgi...@redhat.com     M: +49-174-172-4661

redhat.com | TRIED. TESTED. TRUSTED. | redhat.com/trusted

________________________________________________________________________

Red Hat GmbH, Registered seat: Werner von Siemens Ring 14, D-85630 Grasbrunn, Germany
Commercial register: Amtsgericht Muenchen/Munich, HRB 153243,
Managing Directors: Ryan Barnhart, Charles Cachera, Michael O'Neill, Amy Ross 

[Daniel Sover]

Hi all,

Camila — sure I’d be happy to present dcp at the OF Office Hours this Thursday — I put it as an agenda item. 

Yes, you’re right, the tool is useful for extracting a particular directory from a container filesystem, for example the manifests directory from a registry+v1 bundle image, or the configs from an FBC image. There is some overlap with opm, but since opm is moving into the direction of being more container agnostic, and simply provide methods to manipulate an FBC, it felt like the wrong place to provide this functionality. This tool is useful independently of opm, as it can work on any container image, not just those related to operators. I don’t think there are any plans to move this tool into opm. It’s also written in Rust, versus Go, so porting it would not be that easy. 

Frederic — I’m not familiar with podman image mount, but it does look like a good command to use. dcp provides the same UX across both docker and podman — I’m not sure a similar command exists for docker. Also, a dedicated tool offers the ability to add custom functionality. For example, one thing we’re working on is writing the contents of the container filesystem to stdout instead of to disk. This would be an interesting feature not available in podman image mount. 

Best,

Dan

[Frederic Giloux]

Hi Dan,

Thanks a lot for the additional information.

Regards,

Frédéric

[Brett Tofel]

dcp is very handy if you're using podman on a non-Linux system as the commands like "unshare" and "image mount" will error out, noting that you are using the "remote client" version of podman.