From 22a8d828401a3d6fe5d9f89b52a34db0c5d2bfc8 Mon Sep 17 00:00:00 2001
From: Michael McCracken <mikmccra@cisco.com>
Date: Wed, 18 Dec 2024 16:52:57 -0800
Subject: [PATCH] feat: move to atomfs v1.1.3 with new API

atomfs 1.1.3 has a new API for mounting that changes it to store metadata
about the mounted molecules in a known location. It also cleans up the
unmount code path and added a lot of tests to atomfs.

This moves to the new atomfs version and removes an obsolete mount
option.

It also fixes a typo in the atomfs test suite - this test case is also
now run in the atomfs repo itself and the typos were fixed there, but we
leave it here for extra coverage.

Signed-off-by: Michael McCracken <mikmccra@cisco.com>
---
 cmd/stacker/internal_go.go | 7 -------
 go.mod                     | 2 +-
 go.sum                     | 4 ++--
 test/atomfs.bats           | 6 +++---
 4 files changed, 6 insertions(+), 13 deletions(-)

diff --git a/cmd/stacker/internal_go.go b/cmd/stacker/internal_go.go
index 2e8fd992..c161c895 100644
--- a/cmd/stacker/internal_go.go
+++ b/cmd/stacker/internal_go.go
@@ -3,7 +3,6 @@ package main
 import (
 	"fmt"
 	"os"
-	"path"
 	"runtime"
 	"strings"
 
@@ -177,14 +176,8 @@ func doAtomfsMount(ctx *cli.Context) error {
 	tag := ctx.Args().Get(0)
 	mountpoint := ctx.Args().Get(1)
 
-	wd, err := os.Getwd()
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
 	opts := atomfs.MountOCIOpts{
 		OCIDir:                 config.OCIDir,
-		MetadataPath:           path.Join(wd, "atomfs-metadata"),
 		Tag:                    tag,
 		Target:                 mountpoint,
 		AllowMissingVerityData: true,
diff --git a/go.mod b/go.mod
index 07d78cc2..84405b90 100644
--- a/go.mod
+++ b/go.mod
@@ -277,7 +277,7 @@ require (
 	gopkg.in/square/go-jose.v2 v2.6.0 // indirect
 	gopkg.in/warnings.v0 v0.1.2 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
-	machinerun.io/atomfs v1.1.1
+	machinerun.io/atomfs v1.1.3
 	modernc.org/libc v1.37.6 // indirect
 	modernc.org/mathutil v1.6.0 // indirect
 	modernc.org/memory v1.7.2 // indirect
diff --git a/go.sum b/go.sum
index 67559557..6264c9a6 100644
--- a/go.sum
+++ b/go.sum
@@ -1592,8 +1592,8 @@ honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWh
 honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
 honnef.co/go/tools v0.0.1-2020.1.3/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
 honnef.co/go/tools v0.0.1-2020.1.4/go.mod h1:X/FiERA/W4tHapMX5mGpAtMSVEeEUOyHaw9vFzvIQ3k=
-machinerun.io/atomfs v1.1.1 h1:EprTiYMzAlKL+3S7woe9DsCJGwO2dkHTlvmjlVNO8pY=
-machinerun.io/atomfs v1.1.1/go.mod h1:cidyEmsNeeo+9f7OiHl/nA+8KS7Vj5XOslR87VkIebM=
+machinerun.io/atomfs v1.1.3 h1:oV1SH7VI2MqAks7FlirhLLKvyVcJkMB0NFevXF8EJaU=
+machinerun.io/atomfs v1.1.3/go.mod h1:qXz4epm3/7vEpEyf9YaTCafp3CwbUeDa1XrYyx7qbPc=
 modernc.org/libc v1.37.6 h1:orZH3c5wmhIQFTXF+Nt+eeauyd+ZIt2BX6ARe+kD+aw=
 modernc.org/libc v1.37.6/go.mod h1:YAXkAZ8ktnkCKaN9sw/UDeUVkGYJ/YquGO4FTi5nmHE=
 modernc.org/mathutil v1.6.0 h1:fRe9+AmYlaej+64JsEEhoWuAYBkOtQiMEU7n/XgfYi4=
diff --git a/test/atomfs.bats b/test/atomfs.bats
index 47210361..5857cb89 100644
--- a/test/atomfs.bats
+++ b/test/atomfs.bats
@@ -103,7 +103,7 @@ EOF
     # first layer should still exist since a is still mounted
     manifest=$(cat oci/index.json | jq -r .manifests[0].digest | cut -f2 -d:)
     first_layer_hash=$(cat oci/blobs/sha256/$manifest | jq -r .layers[0].digest | cut -f2 -d:)
-    [ ! -b "/dev/mapper/$last_layer_hash-verity" ]
+    [ -b "/dev/mapper/$first_layer_hash-verity" ]
 
     mkdir c
     stacker internal-go atomfs mount c-squashfs c
@@ -120,7 +120,7 @@ EOF
     # first layer should still exist since c is still mounted
     manifest=$(cat oci/index.json | jq -r .manifests[0].digest | cut -f2 -d:)
     first_layer_hash=$(cat oci/blobs/sha256/$manifest | jq -r .layers[0].digest | cut -f2 -d:)
-    [ ! -b "/dev/mapper/$last_layer_hash-verity" ]
+    [ -b "/dev/mapper/$first_layer_hash-verity" ]
 
     # c should still be ok
     [ -f c/c ]
@@ -130,7 +130,7 @@ EOF
     # c's last layer shouldn't exist any more, since it is unique
     manifest=$(cat oci/index.json | jq -r .manifests[0].digest | cut -f2 -d:)
     last_layer_num=$(($(cat oci/blobs/sha256/$manifest | jq -r '.layers | length')-1))
-    last_layer_hash=$(cat oci/blobs/sha256/$manifest | jq -r .layers[$last_layer].digest | cut -f2 -d:)
+    last_layer_hash=$(cat oci/blobs/sha256/$manifest | jq -r .layers[$last_layer_num].digest | cut -f2 -d:)
     [ ! -b "/dev/mapper/$last_layer_hash-verity" ]
     verity_checkusedloops
 }