Skip to content

Add get_blob_stream (prefer GetRawBlob)#114

Merged
cgwalters merged 3 commits into
bootc-dev:mainfrom
0verflowme:get-raw-blob-stream
Jun 26, 2026
Merged

Add get_blob_stream (prefer GetRawBlob)#114
cgwalters merged 3 commits into
bootc-dev:mainfrom
0verflowme:get-raw-blob-stream

Conversation

@0verflowme

@0verflowme 0verflowme commented Dec 19, 2025

Copy link
Copy Markdown
Contributor

This adds a higher-level blob streaming API that prefers the newer GetRawBlob method (when supported by the negotiated proxy protocol version) and otherwise falls back to GetBlob.

Motivation: bootc-dev/bootc#1424

gemini-code-assist[bot]
gemini-code-assist Bot reviewed Dec 19, 2025
View reviewed changes

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces a new get_blob_stream API that intelligently prefers the GetRawBlob method when supported by the proxy protocol, falling back to GetBlob otherwise. A significant addition is the VerifiedBlobReader and associated hashing logic, which enables on-the-fly digest and size verification for streamed blobs, enhancing data integrity. The changes also include necessary dependency updates (hex, sha2), new error types, and protocol version checks. The ProxyTooOld error message has been corrected for clarity. Overall, this is a well-implemented feature that improves the robustness and security of blob fetching.

Comment thread src/imageproxy.rs Outdated
@0verflowme

0verflowme commented Dec 19, 2025
edited
Loading

Copy link
Copy Markdown
Contributor Author

Question on fallback robustness:
Right now get_blob_stream() decides between GetRawBlob and GetBlob purely based on the negotiated protocol version (no string-matching on errors). Can we confirm the protocol contract that Initialize returning >= 0.2.8 guarantees GetRawBlob is implemented?
If that guarantee doesn’t hold, we probably need a machine-readable capability signal so that fallback remains reliable.

cc: @cgwalters

cgwalters
cgwalters reviewed Dec 19, 2025
View reviewed changes

@cgwalters cgwalters left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for working on this! Just as a first pass I think what would help build confidence here is ensuring in CI we're always testing both the old and new code.

One suggestion: A CI run that tests in quay.io/almalinuxorg/almalinux-bootc:10.0 as that uses skopeo version 1.18.1 which predates https://github.com/containers/skopeo/releases/tag/v1.19.0 when this feature appeared.

@0verflowme

0verflowme commented Dec 22, 2025

Copy link
Copy Markdown
Contributor Author

@cgwalters I've updated the PR Can you please check?

@0verflowme 0verflowme marked this pull request as ready for review December 22, 2025 09:39
@cgwalters cgwalters mentioned this pull request Jan 21, 2026
Merged
cgwalters
cgwalters reviewed Jan 22, 2026
View reviewed changes

@cgwalters cgwalters left a comment
edited
Loading

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for working on this! A second pass review

Comment thread src/imageproxy.rs Outdated
Comment thread .github/workflows/ci.yaml Outdated
Comment thread src/imageproxy.rs Outdated
Comment thread src/imageproxy.rs Outdated
Comment thread src/imageproxy.rs Outdated
Comment thread src/imageproxy.rs Outdated
Comment thread src/imageproxy.rs Outdated
Comment thread src/imageproxy.rs
Comment thread src/imageproxy.rs
Comment thread src/imageproxy.rs Outdated
@cgwalters cgwalters self-assigned this Jan 22, 2026
@cgwalters cgwalters mentioned this pull request May 18, 2026
Open
@0verflowme
Add get_blob_stream (prefer GetRawBlob)
31dbb99 
Signed-off-by: Priyanshu Kumar <priyanshu.kumar@broadcom.com>
@0verflowme
ci: test get_blob_stream against old/new skopeo
ad9dafa 
Run tests in containers with skopeo 1.18 and >=1.19 to exercise both GetBlob fallback and GetRawBlob paths.

Signed-off-by: Priyanshu Kumar <priyanshu.kumar@broadcom.com>
@0verflowme 0verflowme force-pushed the get-raw-blob-stream branch 2 times, most recently from e92cf7a to 36efedf Compare June 18, 2026 09:47
cgwalters
cgwalters previously approved these changes Jun 25, 2026
View reviewed changes

@cgwalters cgwalters left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@cgwalters cgwalters force-pushed the get-raw-blob-stream branch from 36efedf to 89fad2a Compare June 25, 2026 23:13
@0verflowme @cgwalters
Address blob stream review feedback
7ed1a8d 
Assisted-by: Codex (GPT-5)
Signed-off-by: Priyanshu Kumar <priyanshu.kumar@broadcom.com>
Signed-off-by: Colin Walters <walters@verbum.org>
@cgwalters cgwalters force-pushed the get-raw-blob-stream branch from 89fad2a to 7ed1a8d Compare June 25, 2026 23:48
@cgwalters cgwalters enabled auto-merge (squash) June 25, 2026 23:54
@cgwalters cgwalters merged commit 69be608 into bootc-dev:main Jun 26, 2026
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cgwalters cgwalters cgwalters approved these changes
+1 more reviewer
@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments
Reviewers whose approvals may not affect merge requirements

Assignees

@cgwalters cgwalters

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@0verflowme @cgwalters