diff options
Diffstat (limited to 'vendor')
23 files changed, 347 insertions, 88 deletions
diff --git a/vendor/github.com/containers/buildah/.cirrus.yml b/vendor/github.com/containers/buildah/.cirrus.yml index 2c91a6eee..c9629b9a3 100644 --- a/vendor/github.com/containers/buildah/.cirrus.yml +++ b/vendor/github.com/containers/buildah/.cirrus.yml @@ -139,7 +139,7 @@ unit_task: - smoke - vendor - timeout_in: 50m + timeout_in: 1h matrix: - env: @@ -177,7 +177,7 @@ conformance_task: conformance_test_script: '${SCRIPT_BASE}/test.sh conformance |& ${_TIMESTAMP}' -# Confirm cross-compile ALL archetectures on a Mac OS-X VM. +# Confirm cross-compile ALL architectures on a Mac OS-X VM. cross_build_task: name: "Cross Compile" alias: cross_build @@ -186,13 +186,14 @@ cross_build_task: - unit osx_instance: - image: 'catalina-base' + image: 'big-sur-base' script: - brew update - brew install go - brew install go-md2man - brew install gpgme + - go version - make cross CGO_ENABLED=0 binary_artifacts: diff --git a/vendor/github.com/containers/buildah/CHANGELOG.md b/vendor/github.com/containers/buildah/CHANGELOG.md index 9dc7a3d72..1864a4564 100644 --- a/vendor/github.com/containers/buildah/CHANGELOG.md +++ b/vendor/github.com/containers/buildah/CHANGELOG.md @@ -2,6 +2,64 @@ # Changelog +## v1.23.0 (2021-09-13) + + Vendor in containers/common v0.44.0 + build(deps): bump github.com/containers/storage from 1.35.0 to 1.36.0 + Update 05-openshift-rootless-build.md + build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5 + .cirrus.yml: run cross_build_task on Big Sur + Makefile: update cross targets + Add support for rootless overlay mounts + Cirrus: Increase unit-test timeout + Docs: Clarify rmi w/ manifest/index use + build: mirror --authfile to filesystem if pointing to FD instead of file + Fix build with .git url with branch + manifest: rm should remove only manifests not referenced images. + vendor: bump c/common to v0.43.3-0.20210902095222-a7acc160fb25 + Avoid rehashing and noop compression writer + corrected man page section; .conf file to mention its man page + copy: add --max-parallel-downloads to tune that copy option + copier.Get(): try to avoid descending into directories + tag: Support tagging manifest list instead of resolving to images + Install new manpages to correct sections + conformance: tighten up exception specifications + Add support for libsubid + Add epoch time field to buildah images + Fix ownership of /home/build/.local/share/containers + build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.0 + Rename bud to build, while keeping an alias for to bud. + Replace golang.org/x/crypto/ssh/terminal with golang.org/x/term + build(deps): bump github.com/opencontainers/runc from 1.0.1 to 1.0.2 + build(deps): bump github.com/onsi/gomega from 1.15.0 to 1.16.0 + build(deps): bump github.com/fsouza/go-dockerclient from 1.7.3 to 1.7.4 + build(deps): bump github.com/containers/common from 0.43.1 to 0.43.2 + Move DiscoverContainerfile to pkg/util directory + build(deps): bump github.com/containers/image/v5 from 5.15.1 to 5.15.2 + Remove some references to Docker + build(deps): bump github.com/containers/image/v5 from 5.15.0 to 5.15.1 + imagebuildah: handle --manifest directly + build(deps): bump github.com/containers/common from 0.42.1 to 0.43.1 + build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4 + executor: make sure imageMap is updated with terminatedStage + tests/serve/serve.go: use a kernel-assigned port + Bump go for vendor-in-container from 1.13 to 1.16 + imagebuildah: move multiple-platform building internal + Adds GenerateStructure helper function to support rootfs-overlay. + Run codespell to fix spelling + Implement SSH RUN mount + build(deps): bump github.com/onsi/gomega from 1.14.0 to 1.15.0 + Fix resolv.conf content with run --net=private + run: fix nil deref using the option's logger + build(deps): bump github.com/containerd/containerd from 1.5.1 to 1.5.5 + make vendor-in-container + bud: teach --platform to take a list + set base-image annotations + build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3 + [CI:DOCS] Fix CHANGELOG.md + Bump to v1.23.0-dev [NO TESTS NEEDED] + Accept repositories on login/logout + ## v1.22.0 (2021-08-02) c/image, c/storage, c/common vendor before Podman 3.3 release WIP: tests: new assert() diff --git a/vendor/github.com/containers/buildah/Makefile b/vendor/github.com/containers/buildah/Makefile index b21e9deb8..27e4ade6d 100644 --- a/vendor/github.com/containers/buildah/Makefile +++ b/vendor/github.com/containers/buildah/Makefile @@ -1,7 +1,7 @@ export GOPROXY=https://proxy.golang.org APPARMORTAG := $(shell hack/apparmor_tag.sh) -STORAGETAGS := $(shell ./btrfs_tag.sh) $(shell ./btrfs_installed_tag.sh) $(shell ./libdm_tag.sh) +STORAGETAGS := $(shell ./btrfs_tag.sh) $(shell ./btrfs_installed_tag.sh) $(shell ./libdm_tag.sh) $(shell ./hack/libsubid_tag.sh) SECURITYTAGS ?= seccomp $(APPARMORTAG) TAGS ?= $(SECURITYTAGS) $(STORAGETAGS) BUILDTAGS += $(TAGS) @@ -70,8 +70,11 @@ bin/buildah: $(SOURCES) cmd/buildah/*.go .PHONY: buildah buildah: bin/buildah +LINUX_CROSS_TARGETS = $(addprefix bin/buildah.,$(subst /,.,$(shell $(GO) tool dist list | grep ^linux/))) +DARWIN_CROSS_TARGETS = $(addprefix bin/buildah.,$(subst /,.,$(shell $(GO) tool dist list | grep ^darwin/))) +WINDOWS_CROSS_TARGETS = $(addsuffix .exe,$(addprefix bin/buildah.,$(subst /,.,$(shell $(GO) tool dist list | grep ^windows/)))) .PHONY: cross -cross: bin/buildah.darwin.amd64 bin/buildah.linux.386 bin/buildah.linux.amd64 bin/buildah.linux.arm64 bin/buildah.linux.arm bin/buildah.linux.mips64 bin/buildah.linux.mips64le bin/buildah.linux.mips bin/buildah.linux.mipsle bin/buildah.linux.ppc64 bin/buildah.linux.ppc64le bin/buildah.linux.riscv64 bin/buildah.linux.s390x bin/buildah.windows.amd64.exe +cross: $(LINUX_CROSS_TARGETS) $(DARWIN_CROSS_TARGETS) $(WINDOWS_CROSS_TARGETS) bin/buildah.%: mkdir -p ./bin diff --git a/vendor/github.com/containers/buildah/README.md b/vendor/github.com/containers/buildah/README.md index 0c275e4a9..95c8a9a7b 100644 --- a/vendor/github.com/containers/buildah/README.md +++ b/vendor/github.com/containers/buildah/README.md @@ -104,7 +104,7 @@ $ sudo ./lighttpd.sh | Command | Description | | ---------------------------------------------------- | ---------------------------------------------------------------------------------------------------- | | [buildah-add(1)](/docs/buildah-add.md) | Add the contents of a file, URL, or a directory to the container. | -| [buildah-bud(1)](/docs/buildah-bud.md) | Build an image using instructions from Dockerfiles. | +| [buildah-build(1)](/docs/buildah-build.md) | Build an image using instructions from Containerfiles or Dockerfiles. | | [buildah-commit(1)](/docs/buildah-commit.md) | Create an image from a working container. | | [buildah-config(1)](/docs/buildah-config.md) | Update image configuration settings. | | [buildah-containers(1)](/docs/buildah-containers.md) | List the working containers and their base images. | diff --git a/vendor/github.com/containers/buildah/buildah.go b/vendor/github.com/containers/buildah/buildah.go index ae10cdae0..f760d2527 100644 --- a/vendor/github.com/containers/buildah/buildah.go +++ b/vendor/github.com/containers/buildah/buildah.go @@ -245,7 +245,7 @@ func GetBuildInfo(b *Builder) BuilderInfo { } } -// CommonBuildOptions are resources that can be defined by flags for both buildah from and build-using-dockerfile +// CommonBuildOptions are resources that can be defined by flags for both buildah from and build type CommonBuildOptions = define.CommonBuildOptions // BuilderOptions are used to initialize a new Builder. diff --git a/vendor/github.com/containers/buildah/changelog.txt b/vendor/github.com/containers/buildah/changelog.txt index 6755535b1..24a101016 100644 --- a/vendor/github.com/containers/buildah/changelog.txt +++ b/vendor/github.com/containers/buildah/changelog.txt @@ -1,3 +1,60 @@ +- Changelog for v1.23.0 (2021-09-13) + * Vendor in containers/common v0.44.0 + * build(deps): bump github.com/containers/storage from 1.35.0 to 1.36.0 + * Update 05-openshift-rootless-build.md + * build(deps): bump github.com/opencontainers/selinux from 1.8.4 to 1.8.5 + * .cirrus.yml: run cross_build_task on Big Sur + * Makefile: update cross targets + * Add support for rootless overlay mounts + * Cirrus: Increase unit-test timeout + * Docs: Clarify rmi w/ manifest/index use + * build: mirror --authfile to filesystem if pointing to FD instead of file + * Fix build with .git url with branch + * manifest: rm should remove only manifests not referenced images. + * vendor: bump c/common to v0.43.3-0.20210902095222-a7acc160fb25 + * Avoid rehashing and noop compression writer + * corrected man page section; .conf file to mention its man page + * copy: add --max-parallel-downloads to tune that copy option + * copier.Get(): try to avoid descending into directories + * tag: Support tagging manifest list instead of resolving to images + * Install new manpages to correct sections + * conformance: tighten up exception specifications + * Add support for libsubid + * Add epoch time field to buildah images + * Fix ownership of /home/build/.local/share/containers + * build(deps): bump github.com/containers/image/v5 from 5.15.2 to 5.16.0 + * Rename bud to build, while keeping an alias for to bud. + * Replace golang.org/x/crypto/ssh/terminal with golang.org/x/term + * build(deps): bump github.com/opencontainers/runc from 1.0.1 to 1.0.2 + * build(deps): bump github.com/onsi/gomega from 1.15.0 to 1.16.0 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.3 to 1.7.4 + * build(deps): bump github.com/containers/common from 0.43.1 to 0.43.2 + * Move DiscoverContainerfile to pkg/util directory + * build(deps): bump github.com/containers/image/v5 from 5.15.1 to 5.15.2 + * Remove some references to Docker + * build(deps): bump github.com/containers/image/v5 from 5.15.0 to 5.15.1 + * imagebuildah: handle --manifest directly + * build(deps): bump github.com/containers/common from 0.42.1 to 0.43.1 + * build(deps): bump github.com/opencontainers/selinux from 1.8.3 to 1.8.4 + * executor: make sure imageMap is updated with terminatedStage + * tests/serve/serve.go: use a kernel-assigned port + * Bump go for vendor-in-container from 1.13 to 1.16 + * imagebuildah: move multiple-platform building internal + * Adds GenerateStructure helper function to support rootfs-overlay. + * Run codespell to fix spelling + * Implement SSH RUN mount + * build(deps): bump github.com/onsi/gomega from 1.14.0 to 1.15.0 + * Fix resolv.conf content with run --net=private + * run: fix nil deref using the option's logger + * build(deps): bump github.com/containerd/containerd from 1.5.1 to 1.5.5 + * make vendor-in-container + * bud: teach --platform to take a list + * set base-image annotations + * build(deps): bump github.com/opencontainers/selinux from 1.8.2 to 1.8.3 + * [CI:DOCS] Fix CHANGELOG.md + * Bump to v1.23.0-dev [NO TESTS NEEDED] + * Accept repositories on login/logout + - Changelog for v1.22.0 (2021-08-02) * c/image, c/storage, c/common vendor before Podman 3.3 release * WIP: tests: new assert() diff --git a/vendor/github.com/containers/buildah/chroot/run.go b/vendor/github.com/containers/buildah/chroot/run.go index 591003568..e6f28e81a 100644 --- a/vendor/github.com/containers/buildah/chroot/run.go +++ b/vendor/github.com/containers/buildah/chroot/run.go @@ -31,8 +31,8 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/syndtr/gocapability/capability" - "golang.org/x/crypto/ssh/terminal" "golang.org/x/sys/unix" + "golang.org/x/term" ) const ( @@ -138,13 +138,13 @@ func RunUsingChroot(spec *specs.Spec, bundlePath, homeDir string, stdin io.Reade // Set our terminal's mode to raw, to pass handling of special // terminal input to the terminal in the container. - if spec.Process.Terminal && terminal.IsTerminal(unix.Stdin) { - state, err := terminal.MakeRaw(unix.Stdin) + if spec.Process.Terminal && term.IsTerminal(unix.Stdin) { + state, err := term.MakeRaw(unix.Stdin) if err != nil { logrus.Warnf("error setting terminal state: %v", err) } else { defer func() { - if err = terminal.Restore(unix.Stdin, state); err != nil { + if err = term.Restore(unix.Stdin, state); err != nil { logrus.Errorf("unable to restore terminal state: %v", err) } }() @@ -275,7 +275,7 @@ func runUsingChrootMain() { winsize.Row = uint16(options.Spec.Process.ConsoleSize.Height) winsize.Col = uint16(options.Spec.Process.ConsoleSize.Width) } else { - if terminal.IsTerminal(unix.Stdin) { + if term.IsTerminal(unix.Stdin) { // Use the size of our terminal. winsize, err = unix.IoctlGetWinsize(unix.Stdin, unix.TIOCGWINSZ) if err != nil { diff --git a/vendor/github.com/containers/buildah/copier/copier.go b/vendor/github.com/containers/buildah/copier/copier.go index a2cc6c97c..1823e5238 100644 --- a/vendor/github.com/containers/buildah/copier/copier.go +++ b/vendor/github.com/containers/buildah/copier/copier.go @@ -1211,13 +1211,42 @@ func copierHandlerGet(bulkWriter io.Writer, req request, pm *fileutils.PatternMa // skip the "." entry return nil } - _, skip, err := pathIsExcluded(req.Root, path, pm) + skippedPath, skip, err := pathIsExcluded(req.Root, path, pm) if err != nil { return err } if skip { - // don't use filepath.SkipDir - // here, since a more specific + if info.IsDir() { + // if there are no "include + // this anyway" patterns at + // all, we don't need to + // descend into this particular + // directory if it's a directory + if !pm.Exclusions() { + return filepath.SkipDir + } + // if there are exclusion + // patterns for which this + // path is a prefix, we + // need to keep descending + for _, pattern := range pm.Patterns() { + if !pattern.Exclusion() { + continue + } + spec := strings.Trim(pattern.String(), string(os.PathSeparator)) + trimmedPath := strings.Trim(skippedPath, string(os.PathSeparator)) + if strings.HasPrefix(spec+string(os.PathSeparator), trimmedPath) { + // we can't just skip over + // this directory + return nil + } + } + // there are exclusions, but + // none of them apply here + return filepath.SkipDir + } + // skip this item, but if we're + // a directory, a more specific // but-include-this for // something under it might // also be in the excludes list diff --git a/vendor/github.com/containers/buildah/define/build.go b/vendor/github.com/containers/buildah/define/build.go index 1fdad2e0e..cff9a3d83 100644 --- a/vendor/github.com/containers/buildah/define/build.go +++ b/vendor/github.com/containers/buildah/define/build.go @@ -10,7 +10,7 @@ import ( "golang.org/x/sync/semaphore" ) -// CommonBuildOptions are resources that can be defined by flags for both buildah from and build-using-dockerfile +// CommonBuildOptions are resources that can be defined by flags for both buildah from and build type CommonBuildOptions struct { // AddHost is the list of hostnames to add to the build container's /etc/hosts. AddHost []string diff --git a/vendor/github.com/containers/buildah/define/types.go b/vendor/github.com/containers/buildah/define/types.go index c180c327f..fc56aeef8 100644 --- a/vendor/github.com/containers/buildah/define/types.go +++ b/vendor/github.com/containers/buildah/define/types.go @@ -6,6 +6,7 @@ import ( "fmt" "io/ioutil" "net/http" + urlpkg "net/url" "os" "os/exec" "path" @@ -28,7 +29,7 @@ const ( Package = "buildah" // Version for the Package. Bump version in contrib/rpm/buildah.spec // too. - Version = "1.23.0-dev" + Version = "1.23.0" // DefaultRuntime if containers.conf fails. DefaultRuntime = "runc" @@ -111,7 +112,11 @@ func TempDirForURL(dir, prefix, url string) (name string, subdir string, err err if err != nil { return "", "", errors.Wrapf(err, "error creating temporary directory for %q", url) } - if strings.HasPrefix(url, "git://") || strings.HasSuffix(url, ".git") { + urlParsed, err := urlpkg.Parse(url) + if err != nil { + return "", "", errors.Wrapf(err, "error parsing url %q", url) + } + if strings.HasPrefix(url, "git://") || strings.HasSuffix(urlParsed.Path, ".git") { err = cloneToDirectory(url, name) if err != nil { if err2 := os.RemoveAll(name); err2 != nil { @@ -156,9 +161,6 @@ func TempDirForURL(dir, prefix, url string) (name string, subdir string, err err } func cloneToDirectory(url, dir string) error { - if !strings.HasPrefix(url, "git://") && !strings.HasSuffix(url, ".git") { - url = "git://" + url - } gitBranch := strings.Split(url, "#") var cmd *exec.Cmd if len(gitBranch) < 2 { diff --git a/vendor/github.com/containers/buildah/developmentplan.md b/vendor/github.com/containers/buildah/developmentplan.md index 72e667ac3..7d82c2e6d 100644 --- a/vendor/github.com/containers/buildah/developmentplan.md +++ b/vendor/github.com/containers/buildah/developmentplan.md @@ -6,8 +6,8 @@ * Integration into Kubernetes and potentially other tools. The biggest requirement for this is to be able run Buildah within a standard linux container without SYS_ADMIN privileges. This would allow Buildah to run non-privileged containers inside of Kubernetes, so you could distribute your container workloads. - * Integration with User Namespace, Podman has this already and the goal is to get `buildah bud` and `buildah run` to be able to run its containers in a usernamespace to give the builder better security isolation from the host. + * Integration with User Namespace, Podman has this already and the goal is to get `buildah build` and `buildah run` to be able to run its containers in a usernamespace to give the builder better security isolation from the host. - * Buildah `buildah bud` command's goal is to have feature parity with other OCI image and container build systems. + * Buildah `buildah build` command's goal is to have feature parity with other OCI image and container build systems. * Addressing issues from the community as reported in the [Issues](https://github.com/containers/buildah/issues) page. diff --git a/vendor/github.com/containers/buildah/go.mod b/vendor/github.com/containers/buildah/go.mod index e9f5e4d8a..c641a11a6 100644 --- a/vendor/github.com/containers/buildah/go.mod +++ b/vendor/github.com/containers/buildah/go.mod @@ -5,10 +5,10 @@ go 1.13 require ( github.com/containerd/containerd v1.5.5 github.com/containernetworking/cni v0.8.1 - github.com/containers/common v0.43.2 - github.com/containers/image/v5 v5.15.2 + github.com/containers/common v0.44.0 + github.com/containers/image/v5 v5.16.0 github.com/containers/ocicrypt v1.1.2 - github.com/containers/storage v1.34.1 + github.com/containers/storage v1.36.0 github.com/docker/distribution v2.7.1+incompatible github.com/docker/go-units v0.4.0 github.com/docker/libnetwork v0.8.0-dev.2.0.20190625141545-5a177b73e316 @@ -21,11 +21,11 @@ require ( github.com/onsi/ginkgo v1.16.4 github.com/onsi/gomega v1.16.0 github.com/opencontainers/go-digest v1.0.0 - github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 + github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 github.com/opencontainers/runc v1.0.2 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 github.com/opencontainers/runtime-tools v0.9.0 - github.com/opencontainers/selinux v1.8.4 + github.com/opencontainers/selinux v1.8.5 github.com/openshift/imagebuilder v1.2.2-0.20210415181909-87f3e48c2656 github.com/pkg/errors v0.9.1 github.com/seccomp/libseccomp-golang v0.9.2-0.20200616122406-847368b35ebf @@ -37,7 +37,8 @@ require ( go.etcd.io/bbolt v1.3.6 golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97 golang.org/x/sync v0.0.0-20210220032951-036812b2e83c - golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 + golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 + golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b k8s.io/klog v1.0.0 // indirect ) diff --git a/vendor/github.com/containers/buildah/go.sum b/vendor/github.com/containers/buildah/go.sum index 37dc8ce32..1733a00cb 100644 --- a/vendor/github.com/containers/buildah/go.sum +++ b/vendor/github.com/containers/buildah/go.sum @@ -76,8 +76,9 @@ github.com/Microsoft/hcsshim v0.8.14/go.mod h1:NtVKoYxQuTLx6gEq0L96c9Ju4JbRJ4nY2 github.com/Microsoft/hcsshim v0.8.15/go.mod h1:x38A4YbHbdxJtc0sF6oIz+RG0npwSCAvn69iY6URG00= github.com/Microsoft/hcsshim v0.8.16/go.mod h1:o5/SZqmR7x9JNKsW3pu+nqHm0MF8vbA+VxGOoXdC600= github.com/Microsoft/hcsshim v0.8.18/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= -github.com/Microsoft/hcsshim v0.8.20 h1:ZTwcx3NS8n07kPf/JZ1qwU6vnjhVPMUWlXBF8r9UxrE= github.com/Microsoft/hcsshim v0.8.20/go.mod h1:+w2gRZ5ReXQhFOrvSQeNfhrYB/dg3oDwTOcER2fw4I4= +github.com/Microsoft/hcsshim v0.8.22 h1:CulZ3GW8sNJExknToo+RWD+U+6ZM5kkNfuxywSDPd08= +github.com/Microsoft/hcsshim v0.8.22/go.mod h1:91uVCVzvX2QD16sMCenoxxXo6L1wJnLMX2PSufFMtF0= github.com/Microsoft/hcsshim/test v0.0.0-20201218223536-d3e5debf77da/go.mod h1:5hlzMzRKMLyo42nCZ9oml8AdTlq/0cvIaBv6tK1RehU= github.com/Microsoft/hcsshim/test v0.0.0-20210227013316-43a75bb4edd3/go.mod h1:mw7qgWloBUl75W/gVH3cQszUg1+gUITj7D6NY7ywVnY= github.com/NYTimes/gziphandler v0.0.0-20170623195520-56545f4a5d46/go.mod h1:3wb06e3pkSAbeQ52E9H9iFoQsEEwGN64994WTCIhntQ= @@ -171,6 +172,7 @@ github.com/containerd/containerd v1.3.2/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMX github.com/containerd/containerd v1.4.0-beta.2.0.20200729163537-40b22ef07410/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.1/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.4.3/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.4.9/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/containerd v1.5.0-beta.1/go.mod h1:5HfvG1V2FsKesEGQ17k5/T7V960Tmcumvqn8Mc+pCYQ= github.com/containerd/containerd v1.5.0-beta.3/go.mod h1:/wr9AVtEM7x9c+n0+stptlo/uBBoBORwEx6ardVcmKU= github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09ZvgqEq8EfBp/m3lcVZIvPHhI= @@ -206,6 +208,8 @@ github.com/containerd/imgcrypt v1.1.1/go.mod h1:xpLnwiQmEUJPvQoAapeb2SNCxz7Xr6PJ github.com/containerd/nri v0.0.0-20201007170849-eb1350a75164/go.mod h1:+2wGSDGFYfE5+So4M5syatU0N0f0LbWpuqyMi4/BE8c= github.com/containerd/nri v0.0.0-20210316161719-dbaa18c31c14/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= github.com/containerd/nri v0.1.0/go.mod h1:lmxnXF6oMkbqs39FiCt1s0R2HSMhcLel9vNL3m4AaeY= +github.com/containerd/stargz-snapshotter/estargz v0.8.0 h1:oA1wx8kTFfImfsT5bScbrZd8gK+WtQnn15q82Djvm0Y= +github.com/containerd/stargz-snapshotter/estargz v0.8.0/go.mod h1:mwIwuwb+D8FX2t45Trwi0hmWmZm5VW7zPP/rekwhWQU= github.com/containerd/ttrpc v0.0.0-20190828154514-0e0f228740de/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/ttrpc v0.0.0-20191028202541-4f1b8fe65a5c/go.mod h1:LPm1u0xBw8r8NOKoOdNMeVHSawSsltak+Ihv+etqsE8= @@ -226,11 +230,10 @@ github.com/containernetworking/cni v0.8.1 h1:7zpDnQ3T3s4ucOuJ/ZCLrYBxzkg0AELFfII github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHVlzhJpcY6TQxn/fUyDDM= github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= -github.com/containers/common v0.43.2 h1:oSP5d5sDrq7OkoqLPVrLpi1LZOAwpTwOZXgPDHfmD0E= -github.com/containers/common v0.43.2/go.mod h1:BAoVyRYlxKZKAYpHcFMdrXlIZyzbJp9NwKTgadTd/Dg= -github.com/containers/image/v5 v5.15.0/go.mod h1:gzdBcooi6AFdiqfzirUqv90hUyHyI0MMdaqKzACKr2s= -github.com/containers/image/v5 v5.15.2 h1:DKicmVr0h1HGkzs9muoErX+fVbV9sV9W5TyMy5perLE= -github.com/containers/image/v5 v5.15.2/go.mod h1:8jejVSzTDfyPwr/HXp9rri34n/vbdavYk6IzTiB3TBw= +github.com/containers/common v0.44.0 h1:YpjfOxmWrnVyxugYgiWV1Vo/Xg8JUfe32QZz3SAMfUk= +github.com/containers/common v0.44.0/go.mod h1:7sdP4vmI5Bm6FPFxb3lvAh1Iktb6tiO1MzjUzhxdoGo= +github.com/containers/image/v5 v5.16.0 h1:WQcNSzb7+ngS2cfynx0vUwhk+scpgiKlldVcsF8GPbI= +github.com/containers/image/v5 v5.16.0/go.mod h1:XgTpfAPLRGOd1XYyCU5cISFr777bLmOerCSpt/v7+Q4= github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b h1:Q8ePgVfHDplZ7U33NwHZkrVELsZP5fYj9pM5WBZB2GE= github.com/containers/libtrust v0.0.0-20190913040956-14b96171aa3b/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= @@ -238,10 +241,9 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/containers/ocicrypt v1.1.2 h1:Ez+GAMP/4GLix5Ywo/fL7O0nY771gsBIigiqUm1aXz0= github.com/containers/ocicrypt v1.1.2/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= -github.com/containers/storage v1.33.0/go.mod h1:FUZPF4nJijX8ixdhByZJXf02cvbyLi6dyDwXdIe8QVY= -github.com/containers/storage v1.34.0/go.mod h1:t6I+hTgPU0/tVxQ75vw406wDi/TXwYBqZp4QZV9N7b8= -github.com/containers/storage v1.34.1 h1:PsBGMH7hwuQ3MOr7qTgPznFrE8ebfIbwQbg2gKvg0lE= -github.com/containers/storage v1.34.1/go.mod h1:FY2TcbfgCLMU4lYoKnlZeZXeH353TOTbpDEA+sAcqAY= +github.com/containers/storage v1.35.0/go.mod h1:qzYhasQP2/V9D9XdO+vRwkHBhsBO0oznMLzzRDQ8s20= +github.com/containers/storage v1.36.0 h1:OelxllCW19tnNngYuZw2ty/zLabVMG5rSs3KSwO1Lzc= +github.com/containers/storage v1.36.0/go.mod h1:vbd3SKVQNHdmU5qQI6hTEcKPxnZkGqydG4f6uwrI5a8= github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= @@ -285,7 +287,6 @@ github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TT github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.7.1+incompatible h1:a5mlkVzth6W5A4fOsS3D2EO5BUmsJpcB+cRlLU7cSug= github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= -github.com/docker/docker v1.4.2-0.20191219165747-a9416c67da9f/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker v20.10.8+incompatible h1:RVqD337BgQicVCzYrrlhLDWhq6OAD2PJDUg2LsEUvKM= github.com/docker/docker v20.10.8+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk= github.com/docker/docker-credential-helpers v0.6.4 h1:axCks+yV+2MR3/kZhAmy07yC56WZ2Pwu/fKWtKuZB0o= @@ -398,7 +399,6 @@ github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaS github.com/golang/protobuf v1.5.1/go.mod h1:DopwsBzvsk0Fs44TXzsVbJyPhcCPeIwnvohx4u74HPM= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= -github.com/golang/snappy v0.0.3 h1:fHPg5GQYlCeLIPB9BZqMVR5nR9A+IM5zcgeTdjMYmLA= github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q= github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ= @@ -519,10 +519,9 @@ github.com/kisielk/errcheck v1.5.0/go.mod h1:pFxgyoBC7bSaBwPgfKdkLd5X25qrDl4LWUI github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck= github.com/klauspost/compress v1.11.3/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdYsUV+/s2qKfXs= -github.com/klauspost/compress v1.13.1/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.3/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= -github.com/klauspost/compress v1.13.4 h1:0zhec2I8zGnjWcKyLl6i3gPqKANCCn5e9xmviEEeX6s= github.com/klauspost/compress v1.13.4/go.mod h1:8dP1Hq4DHOhN9w426knH3Rhby4rFm6D8eO+e+Dq5Gzg= +github.com/klauspost/compress v1.13.5 h1:9O69jUPDcsT9fEm74W92rZL9FQY7rCdaXVneq+yyzl4= +github.com/klauspost/compress v1.13.5/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= github.com/klauspost/pgzip v1.2.5 h1:qnWYvvKqedOF2ulHpMG72XQol4ILEJ8k2wwRl/Km8oE= github.com/klauspost/pgzip v1.2.5/go.mod h1:Ch1tH69qFZu15pkjo5kYi6mth2Zzwzt50oCQKQE9RUs= github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= @@ -625,7 +624,6 @@ github.com/onsi/gomega v1.7.0/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1Cpa github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc= -github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+tEHG0= github.com/onsi/gomega v1.16.0 h1:6gjqkI8iiRHMvdccRJM8rVKjCWk6ZIm6FTm3ddIe4/c= github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY= github.com/opencontainers/go-digest v0.0.0-20170106003457-a6d0ee40d420/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= @@ -636,9 +634,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8 github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.0/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20190823105129-775207bd45b6/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7 h1:axgApq2XShTLwQii2zAnIkMPlhGVHbAXHUcHezu5G/k= -github.com/opencontainers/image-spec v1.0.2-0.20210730191737-8e42a01fb1b7/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 h1:TVzvdjOalkJBNkbpPVMAr4KV9QRf2IjfxdyxwAK78Gs= +github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v0.0.0-20190115041553-12f6a991201f/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v0.1.1/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runc v1.0.0-rc8.0.20190926000215-3e425f80a8c9/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= @@ -660,9 +657,9 @@ github.com/opencontainers/runtime-tools v0.9.0/go.mod h1:r3f7wjNzSs2extwzU3Y+6pK github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= github.com/opencontainers/selinux v1.8.0/go.mod h1:RScLhm78qiWa2gbVCcGkC7tCGdgk3ogry1nUQF8Evvo= github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xAPP8dBsCoU0KuF8= -github.com/opencontainers/selinux v1.8.3/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= -github.com/opencontainers/selinux v1.8.4 h1:krlgQ6/j9CkCXT5oW0yVXdQFOME3NjKuuAZXuR6O7P4= github.com/opencontainers/selinux v1.8.4/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= +github.com/opencontainers/selinux v1.8.5 h1:OkT6bMHOQ1JQQO4ihjQ49sj0+wciDcjziSVTRn8VeTA= +github.com/opencontainers/selinux v1.8.5/go.mod h1:HTvjPFoGMbpQsG886e3lQwnsRWtE4TC1OF3OUvG9FAo= github.com/openshift/imagebuilder v1.2.2-0.20210415181909-87f3e48c2656 h1:WaxyNFpmIDu4i6so9r6LVFIbSaXqsj8oitMitt86ae4= github.com/openshift/imagebuilder v1.2.2-0.20210415181909-87f3e48c2656/go.mod h1:9aJRczxCH0mvT6XQ+5STAQaPWz7OsWcU5/mRkt8IWeo= github.com/ostreedev/ostree-go v0.0.0-20190702140239-759a8c1ac913 h1:TnbXhKzrTOyuvWrjI8W6pcoI9XPbLHFXCdN2dtUw7Rw= @@ -787,10 +784,11 @@ github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5/go.mod h1:70zkFmudgCuE/ github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA= github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= -github.com/vbatts/tar-split v0.11.1 h1:0Odu65rhcZ3JZaPHxl7tCI3V/C/Q9Zf82UFravl02dE= -github.com/vbatts/tar-split v0.11.1/go.mod h1:LEuURwDEiWjRjwu46yU3KVGuUdVv/dcnpcEPSzR8z6g= -github.com/vbauerster/mpb/v7 v7.0.3 h1:NfX0pHWhlDTev15M/C3qmSTM1EiIjcS+/d6qS6H4FnI= -github.com/vbauerster/mpb/v7 v7.0.3/go.mod h1:NXGsfPGx6G2JssqvEcULtDqUrxuuYs4llpv8W6ZUpzk= +github.com/urfave/cli v1.22.4/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0= +github.com/vbatts/tar-split v0.11.2 h1:Via6XqJr0hceW4wff3QRzD5gAk/tatMw/4ZA7cTlIME= +github.com/vbatts/tar-split v0.11.2/go.mod h1:vV3ZuO2yWSVsz+pfFzDG/upWH1JhjOiEaWq6kXyQ3VI= +github.com/vbauerster/mpb/v7 v7.1.3 h1:VJkiLuuBs/re5SCHLVkYOPYAs+1jagk5QIDHgAXLVVA= +github.com/vbauerster/mpb/v7 v7.1.3/go.mod h1:X5GlohZw2fIpypMXWaKart+HGSAjpz49skxkDk+ZL7c= github.com/vishvananda/netlink v0.0.0-20181108222139-023a6dafdcdf/go.mod h1:+SR5DhBJrl6ZM7CoCKvpw5BKroDKQ+PJqOg65H/2ktk= github.com/vishvananda/netlink v1.1.0/go.mod h1:cTgwzPIzzgDAYoQrMm0EdrjRUBkTqKYppBueQtXaqoE= github.com/vishvananda/netlink v1.1.1-0.20201029203352-d40f9887b852 h1:cPXZWzzG0NllBLdjWoD1nDfaqu98YMv+OneaKc8sPOA= @@ -1053,8 +1051,10 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210616094352-59db8d763f22 h1:RqytpXGR1iVNX7psjB3ff8y7sNFinVFvkx1c8SjBkio= golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55 h1:rw6UNGRMfarCepjI8qOepea/SXwIBVfTKjztZ5gBbq4= +golang.org/x/sys v0.0.0-20210820121016-41cdb8703e55/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b h1:9zKuko04nR4gjZ4+DNjHqRlAJqbJETHwiNKDqTfOjfE= golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= diff --git a/vendor/github.com/containers/buildah/image.go b/vendor/github.com/containers/buildah/image.go index a3050ce10..ef05f37d2 100644 --- a/vendor/github.com/containers/buildah/image.go +++ b/vendor/github.com/containers/buildah/image.go @@ -393,9 +393,18 @@ func (i *containerImageRef) NewImageSource(ctx context.Context, sc *types.System rc.Close() return nil, errors.Wrapf(err, "error opening file for %s", what) } - destHasher := digest.Canonical.Digester() + counter := ioutils.NewWriteCounter(layerFile) - multiWriter := io.MultiWriter(counter, destHasher.Hash()) + var destHasher digest.Digester + var multiWriter io.Writer + // Avoid rehashing when we do not compress. + if i.compression != archive.Uncompressed { + destHasher = digest.Canonical.Digester() + multiWriter = io.MultiWriter(counter, destHasher.Hash()) + } else { + destHasher = srcHasher + multiWriter = counter + } // Compress the layer, if we're recompressing it. writeCloser, err := archive.CompressStream(multiWriter, i.compression) if err != nil { diff --git a/vendor/github.com/containers/buildah/install.md b/vendor/github.com/containers/buildah/install.md index 30ec26cc3..2a09821f3 100644 --- a/vendor/github.com/containers/buildah/install.md +++ b/vendor/github.com/containers/buildah/install.md @@ -157,7 +157,7 @@ On other Linux distributions Buildah requires a kernel version that supports the ### runc Requirement -Buildah uses `runc` to run commands when `buildah run` is used, or when `buildah build-using-dockerfile` +Buildah uses `runc` to run commands when `buildah run` is used, or when `buildah build` encounters a `RUN` instruction, so you'll also need to build and install a compatible version of [runc](https://github.com/opencontainers/runc) for Buildah to call for those cases. If Buildah is installed via a package manager such as yum, dnf or apt-get, runc will be installed as part of that process. @@ -396,7 +396,7 @@ registries = [] `/usr/share/containers/mounts.conf` and optionally `/etc/containers/mounts.conf` -The mounts.conf files specify volume mount files or directories that are automatically mounted inside containers when executing the `buildah run` or `buildah build-using-dockerfile` commands. Container processes can then use this content. The volume mount content does not get committed to the final image. This file is usually provided by the containers-common package. +The mounts.conf files specify volume mount files or directories that are automatically mounted inside containers when executing the `buildah run` or `buildah build` commands. Container processes can then use this content. The volume mount content does not get committed to the final image. This file is usually provided by the containers-common package. Usually these directories are used for passing secrets or credentials required by the package software to access remote package repositories. diff --git a/vendor/github.com/containers/buildah/pkg/cli/common.go b/vendor/github.com/containers/buildah/pkg/cli/common.go index b54344d11..aaf48d49f 100644 --- a/vendor/github.com/containers/buildah/pkg/cli/common.go +++ b/vendor/github.com/containers/buildah/pkg/cli/common.go @@ -46,7 +46,7 @@ type NameSpaceResults struct { UTS string } -// BudResults represents the results for Bud flags +// BudResults represents the results for Build flags type BudResults struct { Annotation []string Authfile string @@ -89,7 +89,7 @@ type BudResults struct { } // FromAndBugResults represents the results for common flags -// in bud and from +// in build and from type FromAndBudResults struct { AddHost []string BlobCache string @@ -172,7 +172,7 @@ func GetLayerFlags(flags *LayerResults) pflag.FlagSet { // Note: GetLayerFlagsCompletion is not needed since GetLayerFlags only contains bool flags -// GetBudFlags returns common bud flags +// GetBudFlags returns common build flags func GetBudFlags(flags *BudResults) pflag.FlagSet { fs := pflag.FlagSet{} fs.String("arch", runtime.GOARCH, "set the ARCH of the image to the provided value instead of the architecture of the host") @@ -213,7 +213,7 @@ func GetBudFlags(flags *BudResults) pflag.FlagSet { fs.BoolVar(&flags.PullNever, "pull-never", false, "do not pull the image, use the image present in store if available") fs.BoolVarP(&flags.Quiet, "quiet", "q", false, "refrain from announcing build instructions and image read/write progress") fs.BoolVar(&flags.Rm, "rm", true, "Remove intermediate containers after a successful build") - // "runtime" definition moved to avoid name collision in podman build. Defined in cmd/buildah/bud.go. + // "runtime" definition moved to avoid name collision in podman build. Defined in cmd/buildah/build.go. fs.StringSliceVar(&flags.RuntimeFlags, "runtime-flag", []string{}, "add global flags for the container runtime") fs.StringArrayVar(&flags.Secrets, "secret", []string{}, "secret file to expose to the build") fs.StringVar(&flags.SignBy, "sign-by", "", "sign the image using a GPG key with the specified `FINGERPRINT`") @@ -232,7 +232,7 @@ func GetBudFlags(flags *BudResults) pflag.FlagSet { return fs } -// GetBudFlagsCompletions returns the FlagCompletions for the common bud flags +// GetBudFlagsCompletions returns the FlagCompletions for the common build flags func GetBudFlagsCompletions() commonComp.FlagCompletions { flagCompletion := commonComp.FlagCompletions{} flagCompletion["arch"] = commonComp.AutocompleteNone @@ -264,7 +264,7 @@ func GetBudFlagsCompletions() commonComp.FlagCompletions { return flagCompletion } -// GetFromAndBudFlags returns from and bud flags +// GetFromAndBudFlags returns from and build flags func GetFromAndBudFlags(flags *FromAndBudResults, usernsResults *UserNSResults, namespaceResults *NameSpaceResults) (pflag.FlagSet, error) { fs := pflag.FlagSet{} defaultContainerConfig, err := config.Default() @@ -312,7 +312,7 @@ func GetFromAndBudFlags(flags *FromAndBudResults, usernsResults *UserNSResults, return fs, nil } -// GetFromAndBudFlagsCompletions returns the FlagCompletions for the from and bud flags +// GetFromAndBudFlagsCompletions returns the FlagCompletions for the from and build flags func GetFromAndBudFlagsCompletions() commonComp.FlagCompletions { flagCompletion := commonComp.FlagCompletions{} flagCompletion["arch"] = commonComp.AutocompleteNone diff --git a/vendor/github.com/containers/buildah/pkg/overlay/overlay.go b/vendor/github.com/containers/buildah/pkg/overlay/overlay.go index 84b0e12b8..8ee4ab6d1 100644 --- a/vendor/github.com/containers/buildah/pkg/overlay/overlay.go +++ b/vendor/github.com/containers/buildah/pkg/overlay/overlay.go @@ -144,6 +144,7 @@ func mountHelper(contentDir, source, dest string, _, _ int, graphOptions []strin return mount, nil } /* If a mount_program is not specified, fallback to try mount native overlay. */ + overlayOptions = fmt.Sprintf("%s,userxattr", overlayOptions) } mount.Source = mergeDir diff --git a/vendor/github.com/containers/buildah/pkg/parse/parse.go b/vendor/github.com/containers/buildah/pkg/parse/parse.go index de3cbcaae..685d63d31 100644 --- a/vendor/github.com/containers/buildah/pkg/parse/parse.go +++ b/vendor/github.com/containers/buildah/pkg/parse/parse.go @@ -25,7 +25,7 @@ import ( "github.com/pkg/errors" "github.com/sirupsen/logrus" "github.com/spf13/cobra" - "golang.org/x/crypto/ssh/terminal" + "golang.org/x/term" ) const ( @@ -716,7 +716,7 @@ func AuthConfig(creds string) (*types.DockerAuthConfig, error) { } if password == "" { fmt.Print("Password: ") - termPassword, err := terminal.ReadPassword(0) + termPassword, err := term.ReadPassword(0) if err != nil { return nil, errors.Wrapf(err, "could not read password from terminal") } diff --git a/vendor/github.com/containers/buildah/pkg/util/util.go b/vendor/github.com/containers/buildah/pkg/util/util.go new file mode 100644 index 000000000..209ad9544 --- /dev/null +++ b/vendor/github.com/containers/buildah/pkg/util/util.go @@ -0,0 +1,81 @@ +package util + +import ( + "io/ioutil" + "os" + "path/filepath" + "strings" + + "github.com/pkg/errors" +) + +// Mirrors path to a tmpfile if path points to a +// file descriptor instead of actual file on filesystem +// reason: operations with file descriptors are can lead +// to edge cases where content on FD is not in a consumable +// state after first consumption. +// returns path as string and bool to confirm if temp file +// was created and needs to be cleaned up. +func MirrorToTempFileIfPathIsDescriptor(file string) (string, bool) { + // one use-case is discussed here + // https://github.com/containers/buildah/issues/3070 + if !strings.HasPrefix(file, "/dev/fd") { + return file, false + } + b, err := ioutil.ReadFile(file) + if err != nil { + // if anything goes wrong return original path + return file, false + } + tmpfile, err := ioutil.TempFile(os.TempDir(), "buildah-temp-file") + if err != nil { + return file, false + } + if _, err := tmpfile.Write(b); err != nil { + // if anything goes wrong return original path + return file, false + } + + return tmpfile.Name(), true +} + +// DiscoverContainerfile tries to find a Containerfile or a Dockerfile within the provided `path`. +func DiscoverContainerfile(path string) (foundCtrFile string, err error) { + // Test for existence of the file + target, err := os.Stat(path) + if err != nil { + return "", errors.Wrap(err, "discovering Containerfile") + } + + switch mode := target.Mode(); { + case mode.IsDir(): + // If the path is a real directory, we assume a Containerfile or a Dockerfile within it + ctrfile := filepath.Join(path, "Containerfile") + + // Test for existence of the Containerfile file + file, err := os.Stat(ctrfile) + if err != nil { + // See if we have a Dockerfile within it + ctrfile = filepath.Join(path, "Dockerfile") + + // Test for existence of the Dockerfile file + file, err = os.Stat(ctrfile) + if err != nil { + return "", errors.Wrap(err, "cannot find Containerfile or Dockerfile in context directory") + } + } + + // The file exists, now verify the correct mode + if mode := file.Mode(); mode.IsRegular() { + foundCtrFile = ctrfile + } else { + return "", errors.Errorf("assumed Containerfile %q is not a file", ctrfile) + } + + case mode.IsRegular(): + // If the context dir is a file, we assume this as Containerfile + foundCtrFile = path + } + + return foundCtrFile, nil +} diff --git a/vendor/github.com/containers/buildah/release.sh b/vendor/github.com/containers/buildah/release.sh index ef1c248c7..007f238d8 100644 --- a/vendor/github.com/containers/buildah/release.sh +++ b/vendor/github.com/containers/buildah/release.sh @@ -56,6 +56,13 @@ write_changelog() echo >>.changelog.txt && cat changelog.txt >>.changelog.txt && mv -f .changelog.txt changelog.txt + + echo " +## v${VERSION} (${DATE}) +" >.CHANGELOG.md && + git log --no-merges --format=' %s' "${LAST_TAG}..HEAD" >>.CHANGELOG.md && + sed -i -e '/# Changelog/r .CHANGELOG.md' CHANGELOG.md && + rm -f .CHANGELOG.md } release_commit() @@ -64,7 +71,10 @@ release_commit() write_spec_version "${VERSION}" && write_spec_changelog "${VERSION}" && write_changelog && - git commit -asm "Bump to v${VERSION}" + git commit -asm "Bump to v${VERSION} + +[NO TESTS NEEDED] +" } dev_version_commit() @@ -72,18 +82,24 @@ dev_version_commit() write_go_version "${NEXT_VERSION}-dev" && write_spec_version "${NEXT_VERSION}-dev" && write_spec_changelog "${NEXT_VERSION}-dev" && - git commit -asm "Bump to v${NEXT_VERSION}-dev" + git commit -asm "Bump to v${NEXT_VERSION}-dev + +[NO TESTS NEEDED] +" } epoch_commit() { LOCAL_EPOCH="$1" write_makefile_epoch "${LOCAL_EPOCH}" && - git commit -asm 'Bump gitvalidation epoch' + git commit -asm 'Bump gitvalidation epoch + + [NO TESTS NEEDED] +' } git fetch origin && -git checkout -b "bump-${VERSION}" origin/master && +git checkout -b "bump-${VERSION}" origin/main && EPOCH=$(git rev-parse HEAD) && release_commit && git tag -s -m "version ${VERSION}" "v${VERSION}" && diff --git a/vendor/github.com/containers/buildah/run_linux.go b/vendor/github.com/containers/buildah/run_linux.go index c1919d6b5..113c83ef9 100644 --- a/vendor/github.com/containers/buildah/run_linux.go +++ b/vendor/github.com/containers/buildah/run_linux.go @@ -48,8 +48,8 @@ import ( "github.com/opencontainers/selinux/go-selinux/label" "github.com/pkg/errors" "github.com/sirupsen/logrus" - "golang.org/x/crypto/ssh/terminal" "golang.org/x/sys/unix" + "golang.org/x/term" ) // ContainerDevices is an alias for a slice of github.com/opencontainers/runc/libcontainer/configs.Device structures. @@ -719,7 +719,7 @@ func (b *Builder) generateHosts(rdir, hostname string, addHosts []string, chownO func setupTerminal(g *generate.Generator, terminalPolicy TerminalPolicy, terminalSize *specs.Box) { switch terminalPolicy { case DefaultTerminal: - onTerminal := terminal.IsTerminal(unix.Stdin) && terminal.IsTerminal(unix.Stdout) && terminal.IsTerminal(unix.Stderr) + onTerminal := term.IsTerminal(unix.Stdin) && term.IsTerminal(unix.Stdout) && term.IsTerminal(unix.Stderr) if onTerminal { logrus.Debugf("stdio is a terminal, defaulting to using a terminal") } else { @@ -1276,12 +1276,12 @@ func runCopyStdio(logger *logrus.Logger, stdio *sync.WaitGroup, copyPipes bool, writeDesc[unix.Stdout] = "output" // Set our terminal's mode to raw, to pass handling of special // terminal input to the terminal in the container. - if terminal.IsTerminal(unix.Stdin) { - if state, err := terminal.MakeRaw(unix.Stdin); err != nil { + if term.IsTerminal(unix.Stdin) { + if state, err := term.MakeRaw(unix.Stdin); err != nil { logger.Warnf("error setting terminal state: %v", err) } else { defer func() { - if err = terminal.Restore(unix.Stdin, state); err != nil { + if err = term.Restore(unix.Stdin, state); err != nil { logger.Errorf("unable to restore terminal state: %v", err) } }() @@ -1504,7 +1504,7 @@ func runAcceptTerminal(logger *logrus.Logger, consoleListener *net.UnixListener, winsize.Row = uint16(terminalSize.Height) winsize.Col = uint16(terminalSize.Width) } else { - if terminal.IsTerminal(unix.Stdin) { + if term.IsTerminal(unix.Stdin) { // Use the size of our terminal. if winsize, err = unix.IoctlGetWinsize(unix.Stdin, unix.TIOCGWINSZ); err != nil { logger.Warnf("error reading size of controlling terminal: %v", err) diff --git a/vendor/github.com/containers/buildah/troubleshooting.md b/vendor/github.com/containers/buildah/troubleshooting.md index 2d8b99c6b..1299b354f 100644 --- a/vendor/github.com/containers/buildah/troubleshooting.md +++ b/vendor/github.com/containers/buildah/troubleshooting.md @@ -7,7 +7,7 @@ --- ### 1) No such image -When doing a `buildah pull` or `buildah bud` command and a "common" image can not be pulled, +When doing a `buildah pull` or `buildah build` command and a "common" image can not be pulled, it is likely that the `/etc/containers/registries.conf` file is either not installed or possibly misconfigured. This issue might also indicate that other required files as listed in the [Configuration Files](https://github.com/containers/buildah/blob/main/install.md#configuration-files) @@ -15,7 +15,7 @@ section of the Installation Instructions are also not installed. #### Symptom ```console -$ sudo buildah bud -f Dockerfile . +$ sudo buildah build -f Dockerfile . STEP 1: FROM alpine error creating build container: 2 errors occurred: @@ -35,7 +35,7 @@ error building: error creating build container: no such image "alpine" in regist --- ### 2) http: server gave HTTP response to HTTPS client -When doing a Buildah command such as `bud`, `commit`, `from`, or `push` to a registry, +When doing a Buildah command such as `build`, `commit`, `from`, or `push` to a registry, tls verification is turned on by default. If authentication is not used with those commands, this error can occur. @@ -50,7 +50,7 @@ Get https://localhost:5000/v2/: http: server gave HTTP response to HTTPS client By default tls verification is turned on when communicating to registries from Buildah. If the registry does not require authentication the Buildah commands -such as `bud`, `commit`, `from` and `pull` will fail unless tls verification is turned +such as `build`, `commit`, `from` and `pull` will fail unless tls verification is turned off using the `--tls-verify` option. **NOTE:** It is not at all recommended to communicate with a registry and not use tls verification. @@ -110,13 +110,13 @@ lstat /home/myusername/~: no such file or directory --- -### 5) Rootless buildah bud fails EPERM on NFS: +### 5) Rootless buildah build fails EPERM on NFS: NFS enforces file creation on different UIDs on the server side and does not understand user namespace, which rootless Podman requires. When a container root process like YUM attempts to create a file owned by a different UID, NFS Server denies the creation. NFS is also a problem for the file locks when the storage is on it. Other distributed file systems (for example: Lustre, Spectrum Scale, the General Parallel File System (GPFS)) are also not supported when running in rootless mode as these file systems do not understand user namespace. #### Symptom ```console -$ buildah bud . +$ buildah build . ERRO[0014] Error while applying layer: ApplyLayer exit status 1 stdout: stderr: open /root/.bash_logout: permission denied error creating build container: Error committing the finished image: error adding layer with blob "sha256:a02a4930cb5d36f3290eb84f4bfa30668ef2e9fe3a1fb73ec015fc58b9958b17": ApplyLayer exit status 1 stdout: stderr: open /root/.bash_logout: permission denied ``` @@ -126,14 +126,14 @@ Choose one of the following: * Setup containers/storage in a different directory, not on an NFS share. * Otherwise just run buildah as root, via `sudo buildah` --- -### 6) Rootless buildah bud fails when using OverlayFS: +### 6) Rootless buildah build fails when using OverlayFS: The Overlay file system (OverlayFS) requires the ability to call the `mknod` command when creating whiteout files when extracting an image. However, a rootless user does not have the privileges to use `mknod` in this capacity. #### Symptom ```console -buildah bud --storage-driver overlay . +buildah build --storage-driver overlay . STEP 1: FROM docker.io/ubuntu:xenial Getting image source signatures Copying blob edf72af6d627 done @@ -144,7 +144,7 @@ Copying config 5e13f8dd4c done Writing manifest to image destination Storing signatures Error: error creating build container: Error committing the finished image: error adding layer with blob "sha256:8d3eac894db4dc4154377ad28643dfe6625ff0e54bcfa63e0d04921f1a8ef7f8": Error processing tar file(exit status 1): operation not permitted -$ buildah bud . +$ buildah build . ERRO[0014] Error while applying layer: ApplyLayer exit status 1 stdout: stderr: open /root/.bash_logout: permission denied error creating build container: Error committing the finished image: error adding layer with blob "sha256:a02a4930cb5d36f3290eb84f4bfa30668ef2e9fe3a1fb73ec015fc58b9958b17": ApplyLayer exit status 1 stdout: stderr: open /root/.bash_logout: permission denied ``` diff --git a/vendor/modules.txt b/vendor/modules.txt index f9bd7b465..925ecca22 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -81,7 +81,7 @@ github.com/containernetworking/plugins/pkg/utils/hwaddr github.com/containernetworking/plugins/pkg/utils/sysctl github.com/containernetworking/plugins/plugins/ipam/host-local/backend github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator -# github.com/containers/buildah v1.22.1-0.20210824095355-fc1e256f5051 +# github.com/containers/buildah v1.23.0 github.com/containers/buildah github.com/containers/buildah/bind github.com/containers/buildah/chroot @@ -97,6 +97,7 @@ github.com/containers/buildah/pkg/overlay github.com/containers/buildah/pkg/parse github.com/containers/buildah/pkg/rusage github.com/containers/buildah/pkg/sshagent +github.com/containers/buildah/pkg/util github.com/containers/buildah/util # github.com/containers/common v0.44.0 github.com/containers/common/libimage |