Add NoSameOwner option when unpacking tars

When unpacking a TAR archive, containerd preserves file's owner: https://github.com/containerd/containerd/blob/main/archive/tar.go#L384 In some cases this behavior is not desired. In current implementation we avoid `Lchown` on Windows. Another case when this should be skipped is when using native snapshotter on darwin and running as non-root user. This PR extracts a generic option - `WithNoSameOwner` (same as `tar --no-same-owner`) to skip `Lchown` when its not required. Signed-off-by: Maksym Pavlenko <pavlenko.maksym@gmail.com>
2022-09-09 15:46:18 -07:00
parent f4a905109b
commit 0f51aa874d
6 changed files with 42 additions and 12 deletions
--- a/diff/windows/windows.go
+++ b/diff/windows/windows.go
@@ -27,7 +27,7 @@ import (
 	"io"
 	"time"

-	winio "github.com/Microsoft/go-winio"
+	"github.com/Microsoft/go-winio"
 	"github.com/containerd/containerd/archive"
 	"github.com/containerd/containerd/archive/compression"
 	"github.com/containerd/containerd/content"
@@ -38,7 +38,7 @@ import (
 	"github.com/containerd/containerd/mount"
 	"github.com/containerd/containerd/platforms"
 	"github.com/containerd/containerd/plugin"
-	digest "github.com/opencontainers/go-digest"
+	"github.com/opencontainers/go-digest"
 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/sirupsen/logrus"
 )
@@ -144,7 +144,13 @@ func (s windowsDiff) Apply(ctx context.Context, desc ocispec.Descriptor, mounts
 		return emptyDesc, err
 	}

-	if _, err := archive.Apply(ctx, layer, rc, archive.WithParents(parentLayerPaths), archive.AsWindowsContainerLayer()); err != nil {
+	archiveOpts := []archive.ApplyOpt{
+		archive.WithParents(parentLayerPaths),
+		archive.AsWindowsContainerLayer(),
+		archive.WithNoSameOwner(), // Lchown is not supported on Windows
+	}
+
+	if _, err := archive.Apply(ctx, layer, rc, archiveOpts...); err != nil {
 		return emptyDesc, err
 	}