cuenv-cas 0.40.6

Content-addressed store and action cache for cuenv, modelled on the Bazel Remote Execution API
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236

//! Merkle-tree construction over a directory.
//!
//! [`build_input_tree`] walks a directory, inserts every file into a [`Cas`]
//! and builds the corresponding [`Directory`] messages bottom-up. The root
//! digest identifies the entire input tree and is what an
//! [`Action`](crate::message::Action) references as its `input_root_digest`.

use crate::cas::Cas;
use crate::digest::{Digest, digest_of};
use crate::error::{Error, Result};
use crate::message::{Directory, DirectoryNode, FileNode};
use std::collections::BTreeMap;
use std::fs;
use std::path::{Path, PathBuf};

/// Build a Merkle tree from `root` and insert every node into `cas`.
///
/// Returns the digest of the root [`Directory`]. Symlinks and special files
/// are skipped for now; this is the input tree for hermetic task execution,
/// so only regular files and directories matter.
///
/// # Errors
///
/// Returns an error if any filesystem operation fails, if a child blob
/// cannot be stored in `cas`, or if a [`Directory`] message cannot be
/// serialized.
pub fn build_input_tree(root: &Path, cas: &dyn Cas) -> Result<Digest> {
    let tree = build_directory(root, cas)?;
    let bytes = serde_json::to_vec(&tree)
        .map_err(|e| Error::serialization(format!("encode Directory: {e}")))?;
    cas.put_bytes(&bytes)
}

/// Materialize a previously-built input tree to `destination`. The destination
/// directory is created if it does not exist.
///
/// # Errors
///
/// Returns an error if any blob is missing from `cas`, if a [`Directory`]
/// message cannot be decoded, or if any filesystem operation fails.
pub fn materialize_input_tree(
    cas: &dyn Cas,
    root_digest: &Digest,
    destination: &Path,
) -> Result<()> {
    let bytes = cas.get(root_digest)?;
    let dir: Directory = serde_json::from_slice(&bytes)
        .map_err(|e| Error::serialization(format!("decode Directory: {e}")))?;
    fs::create_dir_all(destination).map_err(|e| Error::io(e, destination, "create_dir_all"))?;
    materialize_directory(cas, &dir, destination)
}

fn build_directory(dir: &Path, cas: &dyn Cas) -> Result<Directory> {
    // Collect children first so we can sort deterministically.
    let mut files: BTreeMap<String, (PathBuf, bool)> = BTreeMap::new();
    let mut subdirs: BTreeMap<String, PathBuf> = BTreeMap::new();

    let entries = fs::read_dir(dir).map_err(|e| Error::io(e, dir, "read_dir"))?;
    for entry in entries {
        let entry = entry.map_err(|e| Error::io(e, dir, "read_dir_entry"))?;
        let name = entry.file_name().to_string_lossy().into_owned();
        let path = entry.path();
        let ft = entry
            .file_type()
            .map_err(|e| Error::io(e, &path, "file_type"))?;
        if ft.is_dir() {
            subdirs.insert(name, path);
        } else if ft.is_file() {
            let is_executable = is_executable(&path)?;
            files.insert(name, (path, is_executable));
        }
        // Symlinks and other kinds are intentionally dropped.
    }

    let mut file_nodes: Vec<FileNode> = Vec::with_capacity(files.len());
    for (name, (path, is_executable)) in files {
        let digest = cas.put_file(&path)?;
        file_nodes.push(FileNode {
            name,
            digest,
            is_executable,
        });
    }

    let mut dir_nodes: Vec<DirectoryNode> = Vec::with_capacity(subdirs.len());
    for (name, path) in subdirs {
        let child = build_directory(&path, cas)?;
        let bytes = serde_json::to_vec(&child)
            .map_err(|e| Error::serialization(format!("encode Directory: {e}")))?;
        let digest = cas.put_bytes(&bytes)?;
        dir_nodes.push(DirectoryNode { name, digest });
    }

    Ok(Directory {
        files: file_nodes,
        directories: dir_nodes,
        symlinks: Vec::new(),
    })
}

fn materialize_directory(cas: &dyn Cas, dir: &Directory, destination: &Path) -> Result<()> {
    for file in &dir.files {
        let dst = destination.join(&file.name);
        cas.get_to_file(&file.digest, &dst)?;
        #[cfg(unix)]
        if file.is_executable {
            use std::os::unix::fs::PermissionsExt;
            let mut perm = fs::metadata(&dst)
                .map_err(|e| Error::io(e, &dst, "metadata"))?
                .permissions();
            perm.set_mode(perm.mode() | 0o111);
            fs::set_permissions(&dst, perm).map_err(|e| Error::io(e, &dst, "set_permissions"))?;
        }
    }
    for child in &dir.directories {
        let dst = destination.join(&child.name);
        fs::create_dir_all(&dst).map_err(|e| Error::io(e, &dst, "create_dir_all"))?;
        let bytes = cas.get(&child.digest)?;
        let sub: Directory = serde_json::from_slice(&bytes)
            .map_err(|e| Error::serialization(format!("decode Directory: {e}")))?;
        materialize_directory(cas, &sub, &dst)?;
    }
    Ok(())
}

#[cfg(unix)]
fn is_executable(path: &Path) -> Result<bool> {
    use std::os::unix::fs::PermissionsExt;
    let meta = fs::metadata(path).map_err(|e| Error::io(e, path, "metadata"))?;
    Ok(meta.permissions().mode() & 0o111 != 0)
}

#[cfg(not(unix))]
fn is_executable(_path: &Path) -> Result<bool> {
    Ok(false)
}

/// Convenience: compute the digest of a [`Directory`] without inserting it.
///
/// Useful for tests and for callers that want to compare digests before
/// committing anything to the CAS.
///
/// # Errors
///
/// Returns an error if the [`Directory`] cannot be canonically encoded.
pub fn directory_digest(dir: &Directory) -> Result<Digest> {
    digest_of(dir)
}

#[cfg(test)]
mod tests {
    use super::*;
    use crate::cas::LocalCas;
    use tempfile::TempDir;

    fn write(path: &Path, bytes: &[u8]) {
        if let Some(parent) = path.parent() {
            fs::create_dir_all(parent).unwrap();
        }
        fs::write(path, bytes).unwrap();
    }

    #[test]
    fn build_flat_directory() {
        let tmp = TempDir::new().unwrap();
        let src = tmp.path().join("src");
        write(&src.join("a.txt"), b"A");
        write(&src.join("b.txt"), b"B");

        let cas_root = TempDir::new().unwrap();
        let cas = LocalCas::open(cas_root.path()).unwrap();
        let root_digest = build_input_tree(&src, &cas).unwrap();

        // Materialize into a fresh directory and assert content matches.
        let out = TempDir::new().unwrap();
        materialize_input_tree(&cas, &root_digest, out.path()).unwrap();
        assert_eq!(fs::read(out.path().join("a.txt")).unwrap(), b"A");
        assert_eq!(fs::read(out.path().join("b.txt")).unwrap(), b"B");
    }

    #[test]
    fn build_nested_directory() {
        let tmp = TempDir::new().unwrap();
        let src = tmp.path().join("src");
        write(&src.join("top.txt"), b"top");
        write(&src.join("sub/one.txt"), b"one");
        write(&src.join("sub/nested/two.txt"), b"two");

        let cas_root = TempDir::new().unwrap();
        let cas = LocalCas::open(cas_root.path()).unwrap();
        let root_digest = build_input_tree(&src, &cas).unwrap();

        let out = TempDir::new().unwrap();
        materialize_input_tree(&cas, &root_digest, out.path()).unwrap();
        assert_eq!(fs::read(out.path().join("top.txt")).unwrap(), b"top");
        assert_eq!(fs::read(out.path().join("sub/one.txt")).unwrap(), b"one");
        assert_eq!(
            fs::read(out.path().join("sub/nested/two.txt")).unwrap(),
            b"two"
        );
    }

    #[test]
    fn same_content_yields_same_root_digest() {
        let mk = || {
            let tmp = TempDir::new().unwrap();
            let src = tmp.path().join("src");
            write(&src.join("a.txt"), b"A");
            write(&src.join("sub/b.txt"), b"B");
            (tmp, src)
        };
        let (_tmp1, src1) = mk();
        let (_tmp2, src2) = mk();

        let cas_root = TempDir::new().unwrap();
        let cas = LocalCas::open(cas_root.path()).unwrap();
        let d1 = build_input_tree(&src1, &cas).unwrap();
        let d2 = build_input_tree(&src2, &cas).unwrap();
        assert_eq!(d1, d2, "identical trees must hash the same");
    }

    #[test]
    fn differing_content_yields_different_root_digest() {
        let tmp = TempDir::new().unwrap();
        let a = tmp.path().join("a");
        let b = tmp.path().join("b");
        write(&a.join("x.txt"), b"one");
        write(&b.join("x.txt"), b"two");

        let cas_root = TempDir::new().unwrap();
        let cas = LocalCas::open(cas_root.path()).unwrap();
        let da = build_input_tree(&a, &cas).unwrap();
        let db = build_input_tree(&b, &cas).unwrap();
        assert_ne!(da, db);
    }
}