docker-squash cannot handle opaque directories

[athos-ribeiro]

When the content of a directory is removed, a .wh..wh.opq file is created in that directory to announce thatits (including subdirs and their contents) should be ignored.

Currently, docker-squash just skips those files. This leads to files introduced in lower layers and removed in a top layer to re-appear in the squashed image.

This can be reproduced with:

#!/bin/bash

docker build -t broken-layers:latest - > /dev/null 2>&1 <<EOF
FROM fedora:30

RUN mkdir -p /d1 && touch /d1/foobar
RUN rm -rf /d1 && mkdir -p /d1 && touch /d1/foo
EOF
docker-squash -t broken-layers:squashed broken-layers:latest > /dev/null 2>&1

# Here we can see the content for the squashed image and the non-squashed image are different
echo 'Running `ls /d1` in non-squashed container'
docker run -it --rm broken-layers:latest ls -R /d1
echo 'Running `ls /d1` in squashed container'
docker run -it --rm broken-layers:squashed ls -R /d1

[goldmann]

Thank you for this report, I'll take a look at this soon!

[twaugh]

Hi, have you had a chance to take a look at this?

[goldmann]

@twaugh No, not yet, sorry :( I'll try to squeeze some investigation today (but I have a packed day), if not, then tomorrow.

[goldmann]

Thanks for the reproducer, I was able to use it to see the bug.

[goldmann]

I have a fix for this coded locally. I want to look at it next week too to see how it can be improved because I don't like the current appraoch that much.

[goldmann]

Guys, I would appreciate if you would take a look at the code to find any obvious mistakes. It would be perfect if you could test this release with some image as well.

See #187.

[goldmann]

Merged, 1.0.8 released and built for Fedora and RHEL.