Skip to content

Commit 79848f7

Browse files
elezarelezar
committed
Load minimal spec to extract container root
Instead of loading the full OCI spec when extracting the container root from the container state, this change ensures that only the Root is unmarshalled. Signed-off-by: Evan Lezar <elezar@nvidia.com>
1 parent 0a0b6a7 commit 79848f7

File tree

1 file changed

+25
-17
lines changed

1 file changed

+25
-17
lines changed

internal/oci/state.go

Lines changed: 25 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -56,26 +56,10 @@ func ReadContainerState(reader io.Reader) (*State, error) {
5656
return &s, nil
5757
}
5858

59-
// LoadSpec loads the OCI spec associated with the container state
60-
func (s *State) LoadSpec() (*specs.Spec, error) {
61-
specFilePath := GetSpecFilePath(s.Bundle)
62-
specFile, err := os.Open(specFilePath)
63-
if err != nil {
64-
return nil, fmt.Errorf("failed to open OCI spec file: %v", err)
65-
}
66-
defer specFile.Close()
67-
68-
spec, err := LoadFrom(specFile)
69-
if err != nil {
70-
return nil, fmt.Errorf("failed to load OCI spec: %v", err)
71-
}
72-
return spec, nil
73-
}
74-
7559
// GetContainerRoot returns the root for the container from the associated spec. If the spec is not yet loaded, it is
7660
// loaded and cached.
7761
func (s *State) GetContainerRoot() (string, error) {
78-
spec, err := s.LoadSpec()
62+
spec, err := s.loadMinimalSpec()
7963
if err != nil {
8064
return "", err
8165
}
@@ -91,3 +75,27 @@ func (s *State) GetContainerRoot() (string, error) {
9175

9276
return filepath.Join(s.Bundle, containerRoot), nil
9377
}
78+
79+
// loadMinimalSpec loads a reduced OCI spec associated with the container state.
80+
func (s *State) loadMinimalSpec() (*minimalSpec, error) {
81+
specFilePath := GetSpecFilePath(s.Bundle)
82+
specFile, err := os.Open(specFilePath)
83+
if err != nil {
84+
return nil, fmt.Errorf("failed to open OCI spec file: %v", err)
85+
}
86+
defer specFile.Close()
87+
88+
ms := &minimalSpec{}
89+
if err := json.NewDecoder(specFile).Decode(ms); err != nil {
90+
return nil, fmt.Errorf("failed to load minimal OCI spec: %v", err)
91+
}
92+
return ms, nil
93+
}
94+
95+
// A minimalSpec is used to return desired properties from the container config.
96+
// We define this here instead of using specs.Spec as is to avoid decoding
97+
// unneeded fields in container lifecycle hooks.
98+
type minimalSpec struct {
99+
// Root configures the container's root filesystem.
100+
Root *specs.Root `json:"root,omitempty"`
101+
}

0 commit comments

Comments
 (0)