From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from firstgate.proxmox.com (firstgate.proxmox.com [IPv6:2a01:7e0:0:424::9]) by lore.proxmox.com (Postfix) with ESMTPS id 1F3701FF183 for ; Wed, 8 Oct 2025 19:13:53 +0200 (CEST) Received: from firstgate.proxmox.com (localhost [127.0.0.1]) by firstgate.proxmox.com (Proxmox) with ESMTP id 9B982E91D; Wed, 8 Oct 2025 19:13:58 +0200 (CEST) From: Filip Schauer To: pve-devel@lists.proxmox.com Date: Wed, 8 Oct 2025 19:10:19 +0200 Message-ID: <20251008171028.196998-14-f.schauer@proxmox.com> X-Mailer: git-send-email 2.47.3 In-Reply-To: <20251008171028.196998-1-f.schauer@proxmox.com> References: <20251008171028.196998-1-f.schauer@proxmox.com> MIME-Version: 1.0 X-Bm-Milter-Handled: 55990f41-d878-4baa-be0a-ee34c49e34d2 X-Bm-Transport-Timestamp: 1759943604571 X-SPAM-LEVEL: Spam detection results: 0 AWL -0.007 Adjusted score from AWL reputation of From: address BAYES_00 -1.9 Bayes spam probability is 0 to 1% DMARC_MISSING 0.1 Missing DMARC policy KAM_DMARC_STATUS 0.01 Test Rule for DKIM or SPF Failure with Strict Alignment SPF_HELO_NONE 0.001 SPF: HELO does not publish an SPF Record SPF_PASS -0.001 SPF: sender matches SPF record Subject: [pve-devel] [PATCH storage v5 13/17] api: add storage/{storage}/oci-registry-pull method X-BeenThere: pve-devel@lists.proxmox.com X-Mailman-Version: 2.1.29 Precedence: list List-Id: Proxmox VE development discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: Proxmox VE development discussion Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: pve-devel-bounces@lists.proxmox.com Sender: "pve-devel" Add a storage API method to pull an OCI image from a registry using skopeo. Signed-off-by: Filip Schauer --- Introduced in v5. debian/control | 1 + src/PVE/API2/Storage/Status.pm | 70 ++++++++++++++++++++++++++++++++++ 2 files changed, 71 insertions(+) diff --git a/debian/control b/debian/control index 5341317..6bd55a2 100644 --- a/debian/control +++ b/debian/control @@ -54,6 +54,7 @@ Depends: bzip2, ${misc:Depends}, ${perl:Depends}, Recommends: pve-esxi-import-tools (>= 0.6.0), + skopeo, zfs-zed, Description: Proxmox VE storage management library This package contains the storage management library used by Proxmox VE. diff --git a/src/PVE/API2/Storage/Status.pm b/src/PVE/API2/Storage/Status.pm index 7bde4ec..12b7341 100644 --- a/src/PVE/API2/Storage/Status.pm +++ b/src/PVE/API2/Storage/Status.pm @@ -265,6 +265,7 @@ __PACKAGE__->register_method({ { subdir => 'download-url' }, { subdir => 'file-restore' }, { subdir => 'import-metadata' }, + { subdir => 'oci-registry-pull' }, { subdir => 'prunebackups' }, { subdir => 'rrd' }, { subdir => 'rrddata' }, @@ -864,6 +865,75 @@ __PACKAGE__->register_method({ }, }); +__PACKAGE__->register_method({ + name => 'oci_registry_pull', + path => '{storage}/oci-registry-pull', + method => 'POST', + description => "Pull an OCI image from a registry.", + proxyto => 'node', + permissions => { + check => [ + 'and', + ['perm', '/storage/{storage}', ['Datastore.AllocateTemplate']], + ['perm', '/nodes/{node}', ['Sys.AccessNetwork']], + ], + }, + protected => 1, + parameters => { + additionalProperties => 0, + properties => { + node => get_standard_option('pve-node'), + storage => get_standard_option('pve-storage-id'), + reference => { + description => "The reference to the OCI image to download.", + type => 'string', + pattern => + '^(?:(?:[a-zA-Z\d]|[a-zA-Z\d][a-zA-Z\d-]*[a-zA-Z\d])' + . '(?:\.(?:[a-zA-Z\d]|[a-zA-Z\d][a-zA-Z\d-]*[a-zA-Z\d]))*(?::\d+)?/)?[a-z\d]+' + . '(?:/[a-z\d]+(?:(?:(?:[._]|__|[-]*)[a-z\d]+)+)?)*:\w[\w.-]{0,127}$', + }, + }, + }, + returns => { + type => "string", + }, + code => sub { + my ($param) = @_; + + die "Install 'skopeo' to pull OCI images from registries.\n" if (!-f '/usr/bin/skopeo'); + + my $rpcenv = PVE::RPCEnvironment::get(); + my $user = $rpcenv->get_user(); + + my $cfg = PVE::Storage::config(); + + my ($node, $storage) = $param->@{qw(node storage)}; + my $scfg = PVE::Storage::storage_check_enabled($cfg, $storage, $node); + + die "can't upload to storage type '$scfg->{type}', not a file based storage!\n" + if !defined($scfg->{path}); + + my $reference = $param->{reference}; + + die "storage '$storage' is not configured for content-type 'vztmpl'\n" + if !$scfg->{content}->{vztmpl}; + + my $filename = PVE::Storage::normalize_content_filename($reference); + my $path = PVE::Storage::get_vztmpl_dir($cfg, $storage); + PVE::Storage::activate_storage($cfg, $storage); + + my $worker = sub { + PVE::Tools::run_command( + ["skopeo", "copy", "docker://$reference", "oci-archive:$path/$filename.tar"], + ); + }; + + my $worker_id = PVE::Tools::encode_text($filename); # must not pass : or the like as w-ID + + return $rpcenv->fork_worker('ociregistrypull', $worker_id, $user, $worker); + }, +}); + __PACKAGE__->register_method({ name => 'get_import_metadata', path => '{storage}/import-metadata', -- 2.47.3 _______________________________________________ pve-devel mailing list pve-devel@lists.proxmox.com https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel