From af092b315ec77b0a4bd3dde41ed20abcec4ff8d0 Mon Sep 17 00:00:00 2001
From: ChengyuZhu6 <chengyu.zhu@intel.com>
Date: Fri, 22 Dec 2023 22:26:09 +0800
Subject: [PATCH] image-rs: Redefine the construction of ImageClient

ImageClient is a client for image management. It has an associated field ImageConfig
that could specify the image work directory. Previously, we created an ImageClient instance with default(),
which used the `CC_IMAGE_WORK_DIR` environment variable to set the image work directory.
This approach was not flexible or reliable for different scenarios. Now, we offer a new() method
that accepts the image work directory as a parameter, and returns an ImageClient instance
with an ImageConfig that uses that directory. This way, users can customize the image work directory as they wish.

Fixes #415

Signed-off-by: ChengyuZhu6 <chengyu.zhu@intel.com>
---
 image-rs/src/image.rs                    | 40 +++++++++++++++++-------
 image-rs/tests/credential.rs             |  3 +-
 image-rs/tests/image_decryption.rs       |  3 +-
 image-rs/tests/signature_verification.rs |  3 +-
 4 files changed, 31 insertions(+), 18 deletions(-)

diff --git a/image-rs/src/image.rs b/image-rs/src/image.rs
index 809ac8184..1229369ad 100644
--- a/image-rs/src/image.rs
+++ b/image-rs/src/image.rs
@@ -11,7 +11,7 @@ use oci_spec::image::{ImageConfiguration, Os};
 use serde::Deserialize;
 use std::collections::{BTreeSet, HashMap};
 use std::convert::TryFrom;
-use std::path::Path;
+use std::path::{Path, PathBuf};
 use std::sync::Arc;
 
 use tokio::sync::Mutex;
@@ -99,8 +99,22 @@ impl Default for ImageClient {
     fn default() -> ImageClient {
         let config = ImageConfig::try_from(Path::new(CONFIGURATION_FILE_PATH)).unwrap_or_default();
         let meta_store = MetaStore::try_from(Path::new(METAFILE)).unwrap_or_default();
+        let snapshots = Self::init_snapshots(&config, &meta_store);
 
-        #[allow(unused_mut)]
+        ImageClient {
+            config,
+            meta_store: Arc::new(Mutex::new(meta_store)),
+            snapshots,
+        }
+    }
+}
+
+impl ImageClient {
+    ///Initialize metadata database and supported snapshots.
+    pub fn init_snapshots(
+        config: &ImageConfig,
+        meta_store: &MetaStore,
+    ) -> HashMap<SnapshotType, Box<dyn Snapshotter>> {
         let mut snapshots = HashMap::new();
 
         #[cfg(feature = "snapshot-overlayfs")]
@@ -119,7 +133,6 @@ impl Default for ImageClient {
                 Box::new(overlayfs) as Box<dyn Snapshotter>,
             );
         }
-
         #[cfg(feature = "snapshot-unionfs")]
         {
             let occlum_unionfs_index = meta_store
@@ -137,16 +150,22 @@ impl Default for ImageClient {
                 Box::new(occlum_unionfs) as Box<dyn Snapshotter>,
             );
         }
+        snapshots
+    }
 
-        ImageClient {
+    /// Create an ImageClient instance with specific work directory.
+    pub fn new(image_work_dir: PathBuf) -> Self {
+        let config = ImageConfig::new(image_work_dir);
+        let meta_store = MetaStore::try_from(Path::new(METAFILE)).unwrap_or_default();
+        let snapshots = Self::init_snapshots(&config, &meta_store);
+
+        Self {
             config,
             meta_store: Arc::new(Mutex::new(meta_store)),
             snapshots,
         }
     }
-}
 
-impl ImageClient {
     /// pull_image pulls an image with optional auth info and decrypt config
     /// and store the pulled data under user defined work_dir/layers.
     /// It will return the image ID with prepeared bundle: a rootfs directory,
@@ -512,7 +531,6 @@ mod tests {
     #[tokio::test]
     async fn test_pull_image() {
         let work_dir = tempfile::tempdir().unwrap();
-        std::env::set_var("CC_IMAGE_WORK_DIR", work_dir.path());
 
         // TODO test with more OCI image registries and fix broken registries.
         let oci_images = [
@@ -533,7 +551,7 @@ mod tests {
             // "releases-docker.jfrog.io/reg2/busybox:1.33.1"
         ];
 
-        let mut image_client = ImageClient::default();
+        let mut image_client = ImageClient::new(work_dir.path().to_path_buf());
         for image in oci_images.iter() {
             let bundle_dir = tempfile::tempdir().unwrap();
 
@@ -559,7 +577,6 @@ mod tests {
     #[tokio::test]
     async fn test_nydus_image() {
         let work_dir = tempfile::tempdir().unwrap();
-        std::env::set_var("CC_IMAGE_WORK_DIR", work_dir.path());
 
         let nydus_images = [
             "eci-nydus-registry.cn-hangzhou.cr.aliyuncs.com/v6/java:latest-test_nydus",
@@ -567,7 +584,7 @@ mod tests {
             //"eci-nydus-registry.cn-hangzhou.cr.aliyuncs.com/test/python:latest_nydus",
         ];
 
-        let mut image_client = ImageClient::default();
+        let mut image_client = ImageClient::new(work_dir.path().to_path_buf());
 
         for image in nydus_images.iter() {
             let bundle_dir = tempfile::tempdir().unwrap();
@@ -593,11 +610,10 @@ mod tests {
     #[tokio::test]
     async fn test_image_reuse() {
         let work_dir = tempfile::tempdir().unwrap();
-        std::env::set_var("CC_IMAGE_WORK_DIR", work_dir.path());
 
         let image = "mcr.microsoft.com/hello-world";
 
-        let mut image_client = ImageClient::default();
+        let mut image_client = ImageClient::new(work_dir.path().to_path_buf());
 
         let bundle1_dir = tempfile::tempdir().unwrap();
         if let Err(e) = image_client
diff --git a/image-rs/tests/credential.rs b/image-rs/tests/credential.rs
index e82ca6ee7..55360ceb5 100644
--- a/image-rs/tests/credential.rs
+++ b/image-rs/tests/credential.rs
@@ -36,11 +36,10 @@ async fn test_use_credential(#[case] image_ref: &str, #[case] auth_file_uri: &st
         .expect("Delete configs failed.");
 
     let work_dir = tempfile::tempdir().unwrap();
-    std::env::set_var("CC_IMAGE_WORK_DIR", work_dir.path());
 
     // a new client for every pulling, avoid effection
     // of cache of old client.
-    let mut image_client = ImageClient::default();
+    let mut image_client = ImageClient::new(work_dir.path().to_path_buf());
 
     // enable container auth
     image_client.config.auth = true;
diff --git a/image-rs/tests/image_decryption.rs b/image-rs/tests/image_decryption.rs
index 51c8c1613..3c59d1a8d 100644
--- a/image-rs/tests/image_decryption.rs
+++ b/image-rs/tests/image_decryption.rs
@@ -43,7 +43,6 @@ async fn test_decrypt_layers(#[case] image: &str) {
     std::env::set_var("OCICRYPT_KEYPROVIDER_CONFIG", keyprovider_config);
 
     let work_dir = tempfile::tempdir().unwrap();
-    std::env::set_var("CC_IMAGE_WORK_DIR", work_dir.path());
     let bundle_dir = tempfile::tempdir().unwrap();
 
     // clean former test files, which is needed to prevent
@@ -51,7 +50,7 @@ async fn test_decrypt_layers(#[case] image: &str) {
     common::clean_configs()
         .await
         .expect("Delete configs failed.");
-    let mut image_client = ImageClient::default();
+    let mut image_client = ImageClient::new(work_dir.path().to_path_buf());
     if cfg!(feature = "snapshot-overlayfs") {
         image_client
             .pull_image(image, bundle_dir.path(), &None, &Some(common::AA_PARAMETER))
diff --git a/image-rs/tests/signature_verification.rs b/image-rs/tests/signature_verification.rs
index 2aea36572..223c6bc51 100644
--- a/image-rs/tests/signature_verification.rs
+++ b/image-rs/tests/signature_verification.rs
@@ -172,11 +172,10 @@ async fn do_signature_verification_tests(
 
         // Init tempdirs
         let work_dir = tempfile::tempdir().unwrap();
-        std::env::set_var("CC_IMAGE_WORK_DIR", work_dir.path());
 
         // a new client for every pulling, avoid effection
         // of cache of old client.
-        let mut image_client = ImageClient::default();
+        let mut image_client = ImageClient::new(work_dir.path().to_path_buf());
 
         // enable signature verification
         image_client.config.security_validate = true;