Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix Docker Engine RPC buffer overflows.
Fixes #812, #778, #573. In issue [#573](#573), users would sometimes report the image push fails with an error "the image does not exist locally with the tag". This is likely due to Docker Engine RPCs overflowing the default `bufio.Scanner` maximum buffer size of 64k. Replacing the scanner with a `json.Decoder` enables us to handle large responses. When the image build fails, users should now see a warning or error before the provider pushes the built image. In issue [#812](#812), users would see the update operation on the Image resource succeed, but the output `repoDigest` would not change. In this PR, if for any reason the image fails to build, or update the Docker Engine's image store, push, or we detect inconsistency between the image ID returned by the `ImageBuild` RPC and what we expected, we fail the resource operation with an error. In issue [#778](#778), a repo digest would be chosen that doesn't match the name (sans tag) of the image pushed. As part of the additional checks, we fix this and ensure the normalized name of the repo digest matches the returned repo digest. Additionally, in case there is a data race between `ImageBuild` and `ImagePush`, we extract the expected image IDs and repo digests from those operations and compare to the image store. As this is a net-new check and we could not reproduce a repo digest mismatch, this is a warning. In a follow-up (#846) we may consider removing some of the defensive programming in this change.
- Loading branch information