Extend Applier's Apply() method with an optional options parameter#3123
Conversation
@stevvooe I took you by the word and this patch here adds an optional options field to the Apply() method. |
stefanberger
force-pushed
the
extend_apply_call_with_options_parameter
branch
from
ffd8e3d to
488f2bd
Compare
Codecov Report
@@ Coverage Diff @@
## master #3123 +/- ##
==========================================
- Coverage 43.58% 40.48% -3.11%
==========================================
Files 104 74 -30
Lines 11154 9893 -1261
==========================================
- Hits 4862 4005 -857
+ Misses 5553 5322 -231
+ Partials 739 566 -173
Continue to review full report at Codecov.
|
Codecov Report
@@ Coverage Diff @@
## master #3123 +/- ##
=========================================
- Coverage 42.38% 40.48% -1.9%
=========================================
Files 115 74 -41
Lines 12751 9893 -2858
=========================================
- Hits 5404 4005 -1399
+ Misses 6513 5322 -1191
+ Partials 834 566 -268
Continue to review full report at Codecov.
|
stefanberger
force-pushed
the
extend_apply_call_with_options_parameter
branch
2 times, most recently
from
73297b6 to
895d6e1
Compare
|
@dmcgowan This is our latest proposal for passing the decryption parameters to the applier's Apply() method. |
stefanberger
force-pushed
the
extend_apply_call_with_options_parameter
branch
from
895d6e1 to
8b7d8a9
Compare
Extend the Applier interface's Apply method with an optional
options parameter.
For the container image encryption we intend to use the options
parameter to pass image decryption parameters ('dcparameters'),
which are primarily (privatte) keys, in form of a JSON document
under the map key '_dcparameters', and pass them to the Applier's
Apply() method. This helps us to access decryption keys and start
the pipeline with the layer decryption before the layer data are
unzipped and untarred.
Signed-off-by: Stefan Berger <[email protected]>
Signed-off-by: Harshal Patil <[email protected]>
stefanberger
force-pushed
the
extend_apply_call_with_options_parameter
branch
from
8b7d8a9 to
baf3403
Compare
|
@dmcgowan Is this ok now? |
| } | ||
|
|
||
| // ApplyConfig is used to hold parameters needed for a apply operation | ||
| type ApplyConfig struct { |
There was a problem hiding this comment.
What's going to go in this? Right now this is all a no-op
There was a problem hiding this comment.
We want to use the options for encrypted container image support patches for passing decryption parameters (keys) to the Applier.
There was a problem hiding this comment.
Just trying to imagine how flexible this will be
There was a problem hiding this comment.
This is here is our work-in-progress tree: https://github.com/stefanberger/containerd/commits/image-encryption.v5
This patch appears there under the name "Extend Applier's Apply() method with an optional options parameter". On top of it are two more patches where the 1st one is called 'Prepare Apply call to carry dcparameters using the ApplyOpts' and the 2nd one converts the existing code to use this way of passing the parameters ('Pass the dcparameters via the ApplyOpts now and remove old code').
|
LGTM |
4 participants
Extend the Applier interface's Apply method with an optional
options map[string]string.
Signed-off-by: Stefan Berger [email protected]