From 22b1d10d31dfa31da14171c4eebd599dcd4523fc Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Fri, 23 Oct 2020 08:18:13 +0000 Subject: Bump github.com/containers/buildah from 1.16.4 to 1.16.5 Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.16.4 to 1.16.5. - [Release notes](https://github.com/containers/buildah/releases) - [Changelog](https://github.com/containers/buildah/blob/master/CHANGELOG.md) - [Commits](https://github.com/containers/buildah/compare/v1.16.4...v1.16.5) Signed-off-by: dependabot-preview[bot] Signed-off-by: Daniel J Walsh --- vendor/github.com/containers/buildah/.cirrus.yml | 4 +- vendor/github.com/containers/buildah/CHANGELOG.md | 10 +++++ vendor/github.com/containers/buildah/add.go | 50 +++++++++++++++++++--- vendor/github.com/containers/buildah/buildah.go | 2 +- vendor/github.com/containers/buildah/changelog.txt | 10 +++++ .../github.com/containers/buildah/copier/copier.go | 28 ++++-------- vendor/github.com/containers/buildah/go.mod | 2 +- vendor/github.com/containers/buildah/go.sum | 4 +- vendor/github.com/containers/buildah/run_linux.go | 7 +-- vendor/github.com/openshift/imagebuilder/README.md | 3 +- .../github.com/openshift/imagebuilder/builder.go | 31 ++++++-------- .../openshift/imagebuilder/dispatchers.go | 22 +++------- .../imagebuilder/dockerfile/parser/parser.go | 8 ++-- .../openshift/imagebuilder/imagebuilder.spec | 2 +- .../github.com/openshift/imagebuilder/internals.go | 39 +++++++++-------- .../openshift/imagebuilder/shell_parser.go | 21 ++++++--- vendor/modules.txt | 4 +- 17 files changed, 146 insertions(+), 101 deletions(-) (limited to 'vendor') diff --git a/vendor/github.com/containers/buildah/.cirrus.yml b/vendor/github.com/containers/buildah/.cirrus.yml index b105f589e..4921c7b8a 100644 --- a/vendor/github.com/containers/buildah/.cirrus.yml +++ b/vendor/github.com/containers/buildah/.cirrus.yml @@ -90,11 +90,13 @@ gce_instance: 'cirrus-ci/only_prs/gate_task': + gce_instance: + memory: "12Gb" # see bors.toml skip: $CIRRUS_BRANCH =~ ".*\.tmp" - timeout_in: 30m + timeout_in: 10m setup_script: '${SCRIPT_BASE}/setup.sh |& ${_TIMESTAMP}' build_script: '${SCRIPT_BASE}/build.sh |& ${_TIMESTAMP}' diff --git a/vendor/github.com/containers/buildah/CHANGELOG.md b/vendor/github.com/containers/buildah/CHANGELOG.md index ca6a98889..ecdcb14fe 100644 --- a/vendor/github.com/containers/buildah/CHANGELOG.md +++ b/vendor/github.com/containers/buildah/CHANGELOG.md @@ -2,6 +2,16 @@ # Changelog +## v1.16.5 (2020-10-21) + copier.copierHandlerPut: don't check length when there are errors + CI: run gating tasks with a lot more memory + Run(): ignore containers.conf's environment configuration + bump(github.com/openshift/imagebuilder) to v1.1.8 + ADD and COPY: descend into excluded directories, sometimes + copier: add more context to a couple of error messages + copier: check an error earlier + Set directory ownership when copied with ID mapping + ## v1.16.4 (2020-10-01) ADD: only expand archives at the right time diff --git a/vendor/github.com/containers/buildah/add.go b/vendor/github.com/containers/buildah/add.go index a3f3c7a37..45b5c6a94 100644 --- a/vendor/github.com/containers/buildah/add.go +++ b/vendor/github.com/containers/buildah/add.go @@ -137,6 +137,29 @@ func getURL(src, mountpoint, renameTarget string, writer io.Writer) error { return errors.Wrapf(err, "error writing content from %q to tar stream", src) } +// includeDirectoryAnyway returns true if "path" is a prefix for an exception +// known to "pm". If "path" is a directory that "pm" claims matches its list +// of patterns, but "pm"'s list of exclusions contains a pattern for which +// "path" is a prefix, then IncludeDirectoryAnyway() will return true. +// This is not always correct, because it relies on the directory part of any +// exception paths to be specified without wildcards. +func includeDirectoryAnyway(path string, pm *fileutils.PatternMatcher) bool { + if !pm.Exclusions() { + return false + } + prefix := strings.TrimPrefix(path, string(os.PathSeparator)) + string(os.PathSeparator) + for _, pattern := range pm.Patterns() { + if !pattern.Exclusion() { + continue + } + spec := strings.TrimPrefix(pattern.String(), string(os.PathSeparator)) + if strings.HasPrefix(spec, prefix) { + return true + } + } + return false +} + // Add copies the contents of the specified sources into the container's root // filesystem, optionally extracting contents of local files that look like // non-empty archives. @@ -363,20 +386,32 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption for _, glob := range localSourceStat.Globbed { rel, err := filepath.Rel(contextDir, glob) if err != nil { - return errors.Wrapf(err, "error computing path of %q", glob) + return errors.Wrapf(err, "error computing path of %q relative to %q", glob, contextDir) } if strings.HasPrefix(rel, ".."+string(os.PathSeparator)) { return errors.Errorf("possible escaping context directory error: %q is outside of %q", glob, contextDir) } // Check for dockerignore-style exclusion of this item. if rel != "." { - matches, err := pm.Matches(filepath.ToSlash(rel)) // nolint:staticcheck + excluded, err := pm.Matches(filepath.ToSlash(rel)) // nolint:staticcheck if err != nil { return errors.Wrapf(err, "error checking if %q(%q) is excluded", glob, rel) } - if matches { - continue + if excluded { + // non-directories that are excluded are excluded, no question, but + // directories can only be skipped if we don't have to allow for the + // possibility of finding things to include under them + globInfo := localSourceStat.Results[glob] + if !globInfo.IsDir || !includeDirectoryAnyway(rel, pm) { + continue + } } + } else { + // Make sure we don't trigger a "copied nothing" error for an empty context + // directory if we were told to copy the context directory itself. We won't + // actually copy it, but we need to make sure that we don't produce an error + // due to potentially not having anything in the tarstream that we passed. + itemsCopied++ } st := localSourceStat.Results[glob] pipeReader, pipeWriter := io.Pipe() @@ -391,6 +426,10 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption return false, false, nil }) } + writer = newTarFilterer(writer, func(hdr *tar.Header) (bool, bool, io.Reader) { + itemsCopied++ + return false, false, nil + }) getOptions := copier.GetOptions{ UIDMap: srcUIDMap, GIDMap: srcGIDMap, @@ -462,10 +501,9 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption } return multiErr.Errors[0] } - itemsCopied++ } if itemsCopied == 0 { - return errors.Wrapf(syscall.ENOENT, "no items matching glob %q copied (%d filtered)", localSourceStat.Glob, len(localSourceStat.Globbed)) + return errors.Wrapf(syscall.ENOENT, "no items matching glob %q copied (%d filtered out)", localSourceStat.Glob, len(localSourceStat.Globbed)) } } return nil diff --git a/vendor/github.com/containers/buildah/buildah.go b/vendor/github.com/containers/buildah/buildah.go index 2ac0210bd..d27689d4a 100644 --- a/vendor/github.com/containers/buildah/buildah.go +++ b/vendor/github.com/containers/buildah/buildah.go @@ -28,7 +28,7 @@ const ( Package = "buildah" // Version for the Package. Bump version in contrib/rpm/buildah.spec // too. - Version = "1.16.4" + Version = "1.16.5" // The value we use to identify what type of information, currently a // serialized Builder structure, we are using as per-container state. // This should only be changed when we make incompatible changes to diff --git a/vendor/github.com/containers/buildah/changelog.txt b/vendor/github.com/containers/buildah/changelog.txt index 048dc61c1..50648cb7f 100644 --- a/vendor/github.com/containers/buildah/changelog.txt +++ b/vendor/github.com/containers/buildah/changelog.txt @@ -1,3 +1,13 @@ +- Changelog for v1.16.5 (2020-10-21) + * copier.copierHandlerPut: don't check length when there are errors + * CI: run gating tasks with a lot more memory + * Run(): ignore containers.conf's environment configuration + * bump(github.com/openshift/imagebuilder) to v1.1.8 + * ADD and COPY: descend into excluded directories, sometimes + * copier: add more context to a couple of error messages + * copier: check an error earlier + * Set directory ownership when copied with ID mapping + - Changelog for v1.16.4 (2020-10-01) * ADD: only expand archives at the right time diff --git a/vendor/github.com/containers/buildah/copier/copier.go b/vendor/github.com/containers/buildah/copier/copier.go index 1021aeb6f..42ddd452f 100644 --- a/vendor/github.com/containers/buildah/copier/copier.go +++ b/vendor/github.com/containers/buildah/copier/copier.go @@ -976,20 +976,7 @@ func copierHandlerGet(bulkWriter io.Writer, req request, pm *fileutils.PatternMa return errorResponse("copier: get: glob %q: %v", glob, err) } globMatchedCount += len(globMatched) - filtered := make([]string, 0, len(globMatched)) - for _, globbed := range globMatched { - rel, excluded, err := pathIsExcluded(req.Root, globbed, pm) - if err != nil { - return errorResponse("copier: get: checking if %q is excluded: %v", globbed, err) - } - if rel == "." || !excluded { - filtered = append(filtered, globbed) - } - } - if len(filtered) == 0 { - return errorResponse("copier: get: glob %q matched nothing (%d filtered out of %v): %v", glob, len(globMatched), globMatched, syscall.ENOENT) - } - queue = append(queue, filtered...) + queue = append(queue, globMatched...) } // no matches -> error if len(queue) == 0 { @@ -1042,6 +1029,9 @@ func copierHandlerGet(bulkWriter io.Writer, req request, pm *fileutils.PatternMa options := req.GetOptions options.ExpandArchives = false walkfn := func(path string, info os.FileInfo, err error) error { + if err != nil { + return errors.Wrapf(err, "copier: get: error reading %q", path) + } // compute the path of this item // relative to the top-level directory, // for the tar header @@ -1049,9 +1039,6 @@ func copierHandlerGet(bulkWriter io.Writer, req request, pm *fileutils.PatternMa if relErr != nil { return errors.Wrapf(relErr, "copier: get: error computing path of %q relative to top directory %q", path, item) } - if err != nil { - return errors.Wrapf(err, "copier: get: error reading %q", path) - } // prefix the original item's name if we're keeping it if relNamePrefix != "" { rel = filepath.Join(relNamePrefix, rel) @@ -1108,7 +1095,7 @@ func copierHandlerGet(bulkWriter io.Writer, req request, pm *fileutils.PatternMa } } if itemsCopied == 0 { - return errors.New("copier: get: copied no items") + return errors.Wrapf(syscall.ENOENT, "copier: get: copied no items") } return nil } @@ -1271,6 +1258,7 @@ func copierHandlerPut(bulkReader io.Reader, req request, idMappings *idtools.IDM return errorResponse("copier: put: error mapping container filesystem owner %d:%d to host filesystem owners: %v", dirUID, dirGID, err) } dirUID, dirGID = hostDirPair.UID, hostDirPair.GID + defaultDirUID, defaultDirGID = hostDirPair.UID, hostDirPair.GID if req.PutOptions.ChownFiles != nil { containerFilePair := idtools.IDPair{UID: *fileUID, GID: *fileGID} hostFilePair, err := idMappings.ToHost(containerFilePair) @@ -1399,7 +1387,9 @@ func copierHandlerPut(bulkReader io.Reader, req request, idMappings *idtools.IDM case tar.TypeReg, tar.TypeRegA: var written int64 written, err = createFile(path, tr) - if written != hdr.Size { + // only check the length if there wasn't an error, which we'll + // check along with errors for other types of entries + if err == nil && written != hdr.Size { return errors.Errorf("copier: put: error creating %q: incorrect length (%d != %d)", path, written, hdr.Size) } case tar.TypeLink: diff --git a/vendor/github.com/containers/buildah/go.mod b/vendor/github.com/containers/buildah/go.mod index fac079e45..61663cea2 100644 --- a/vendor/github.com/containers/buildah/go.mod +++ b/vendor/github.com/containers/buildah/go.mod @@ -24,7 +24,7 @@ require ( github.com/opencontainers/runtime-spec v1.0.3-0.20200710190001-3e4195d92445 github.com/opencontainers/runtime-tools v0.9.0 github.com/opencontainers/selinux v1.6.0 - github.com/openshift/imagebuilder v1.1.6 + github.com/openshift/imagebuilder v1.1.8 github.com/pkg/errors v0.9.1 github.com/seccomp/libseccomp-golang v0.9.2-0.20200616122406-847368b35ebf github.com/sirupsen/logrus v1.6.0 diff --git a/vendor/github.com/containers/buildah/go.sum b/vendor/github.com/containers/buildah/go.sum index 463f2bdcc..723cf9c40 100644 --- a/vendor/github.com/containers/buildah/go.sum +++ b/vendor/github.com/containers/buildah/go.sum @@ -264,8 +264,8 @@ github.com/opencontainers/selinux v1.5.2 h1:F6DgIsjgBIcDksLW4D5RG9bXok6oqZ3nvMwj github.com/opencontainers/selinux v1.5.2/go.mod h1:yTcKuYAh6R95iDpefGLQaPaRwJFwyzAJufJyiTt7s0g= github.com/opencontainers/selinux v1.6.0 h1:+bIAS/Za3q5FTwWym4fTB0vObnfCf3G/NC7K6Jx62mY= github.com/opencontainers/selinux v1.6.0/go.mod h1:VVGKuOLlE7v4PJyT6h7mNWvq1rzqiriPsEqVhc+svHE= -github.com/openshift/imagebuilder v1.1.6 h1:1+YzRxIIefY4QqtCImx6rg+75QrKNfBoPAKxgMo/khM= -github.com/openshift/imagebuilder v1.1.6/go.mod h1:9aJRczxCH0mvT6XQ+5STAQaPWz7OsWcU5/mRkt8IWeo= +github.com/openshift/imagebuilder v1.1.8 h1:gjiIl8pbNj0eC4XWvFJHATdDvYm64p9/pLDLQWoLZPA= +github.com/openshift/imagebuilder v1.1.8/go.mod h1:9aJRczxCH0mvT6XQ+5STAQaPWz7OsWcU5/mRkt8IWeo= github.com/ostreedev/ostree-go v0.0.0-20190702140239-759a8c1ac913 h1:TnbXhKzrTOyuvWrjI8W6pcoI9XPbLHFXCdN2dtUw7Rw= github.com/ostreedev/ostree-go v0.0.0-20190702140239-759a8c1ac913/go.mod h1:J6OG6YJVEWopen4avK3VNQSnALmmjvniMmni/YFYAwc= github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic= diff --git a/vendor/github.com/containers/buildah/run_linux.go b/vendor/github.com/containers/buildah/run_linux.go index d83b3a5cc..66a3ba997 100644 --- a/vendor/github.com/containers/buildah/run_linux.go +++ b/vendor/github.com/containers/buildah/run_linux.go @@ -91,11 +91,8 @@ func (b *Builder) Run(command []string, options RunOptions) error { return err } - defaultContainerConfig, err := config.Default() - if err != nil { - return errors.Wrapf(err, "failed to get container config") - } - b.configureEnvironment(g, options, defaultContainerConfig.Containers.Env) + // hardwire the environment to match docker build to avoid subtle and hard-to-debug differences due to containers.conf + b.configureEnvironment(g, options, []string{"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"}) if b.CommonBuildOpts == nil { return errors.Errorf("Invalid format on container you must recreate the container") diff --git a/vendor/github.com/openshift/imagebuilder/README.md b/vendor/github.com/openshift/imagebuilder/README.md index 772747bce..748bff971 100644 --- a/vendor/github.com/openshift/imagebuilder/README.md +++ b/vendor/github.com/openshift/imagebuilder/README.md @@ -102,5 +102,6 @@ Example of usage from OpenShift's experimental `dockerbuild` [command with mount ## Run conformance tests (very slow): ``` -go test ./dockerclient/conformance_test.go -tags conformance +chmod -R go-w ./dockerclient/testdata +go test ./dockerclient/conformance_test.go -tags conformance -timeout 30m ``` diff --git a/vendor/github.com/openshift/imagebuilder/builder.go b/vendor/github.com/openshift/imagebuilder/builder.go index 583c303c0..22dc548b9 100644 --- a/vendor/github.com/openshift/imagebuilder/builder.go +++ b/vendor/github.com/openshift/imagebuilder/builder.go @@ -332,20 +332,10 @@ func ParseFile(path string) (*parser.Node, error) { // Step creates a new step from the current state. func (b *Builder) Step() *Step { - argsMap := make(map[string]string) - for _, argsVal := range b.Arguments() { - val := strings.SplitN(argsVal, "=", 2) - if len(val) > 1 { - argsMap[val[0]] = val[1] - } - } - - userArgs := makeUserArgs(b.Env, argsMap) - dst := make([]string, len(userArgs)+len(b.RunConfig.Env)) - copy(dst, userArgs) - dst = append(dst, b.RunConfig.Env...) - - return &Step{Env: dst} + // Include build arguments in the table of variables that we'll use in + // Resolve(), but override them with values from the actual + // environment in case there's any conflict. + return &Step{Env: mergeEnv(b.Arguments(), mergeEnv(b.Env, b.RunConfig.Env))} } // Run executes a step, transforming the current builder and @@ -473,7 +463,7 @@ func (b *Builder) FromImage(image *docker.Image, node *parser.Node) error { SplitChildren(node, command.From) b.RunConfig = *image.Config - b.Env = append(b.Env, b.RunConfig.Env...) + b.Env = mergeEnv(b.Env, b.RunConfig.Env) b.RunConfig.Env = nil // Check to see if we have a default PATH, note that windows won't @@ -573,14 +563,21 @@ var builtinAllowedBuildArgs = map[string]bool{ } // ParseDockerIgnore returns a list of the excludes in the .dockerignore file. -// extracted from fsouza/go-dockerclient. +// extracted from fsouza/go-dockerclient and modified to drop comments and +// empty lines. func ParseDockerignore(root string) ([]string, error) { var excludes []string ignore, err := ioutil.ReadFile(filepath.Join(root, ".dockerignore")) if err != nil && !os.IsNotExist(err) { return excludes, fmt.Errorf("error reading .dockerignore: '%s'", err) } - return strings.Split(string(ignore), "\n"), nil + for _, e := range strings.Split(string(ignore), "\n") { + if len(e) == 0 || e[0] == '#' { + continue + } + excludes = append(excludes, e) + } + return excludes, nil } // ExportEnv creates an export statement for a shell that contains all of the diff --git a/vendor/github.com/openshift/imagebuilder/dispatchers.go b/vendor/github.com/openshift/imagebuilder/dispatchers.go index 3a350fbee..ea3df04d3 100644 --- a/vendor/github.com/openshift/imagebuilder/dispatchers.go +++ b/vendor/github.com/openshift/imagebuilder/dispatchers.go @@ -83,21 +83,9 @@ func env(b *Builder, args []string, attributes map[string]bool, flagArgs []strin for j := 0; j < len(args); j++ { // name ==> args[j] // value ==> args[j+1] - newVar := args[j] + "=" + args[j+1] + "" - gotOne := false - for i, envVar := range b.RunConfig.Env { - envParts := strings.SplitN(envVar, "=", 2) - if envParts[0] == args[j] { - b.RunConfig.Env[i] = newVar - b.Env = append([]string{newVar}, b.Env...) - gotOne = true - break - } - } - if !gotOne { - b.RunConfig.Env = append(b.RunConfig.Env, newVar) - b.Env = append([]string{newVar}, b.Env...) - } + newVar := []string{args[j] + "=" + args[j+1]} + b.RunConfig.Env = mergeEnv(b.RunConfig.Env, newVar) + b.Env = mergeEnv(b.Env, newVar) j++ } @@ -153,7 +141,7 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin var chown string last := len(args) - 1 dest := makeAbsolute(args[last], b.RunConfig.WorkingDir) - userArgs := makeUserArgs(b.Env, b.Args) + userArgs := mergeEnv(envMapAsSlice(b.Args), b.Env) for _, a := range flagArgs { arg, err := ProcessWord(a, userArgs) if err != nil { @@ -182,7 +170,7 @@ func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArg dest := makeAbsolute(args[last], b.RunConfig.WorkingDir) var chown string var from string - userArgs := makeUserArgs(b.Env, b.Args) + userArgs := mergeEnv(envMapAsSlice(b.Args), b.Env) for _, a := range flagArgs { arg, err := ProcessWord(a, userArgs) if err != nil { diff --git a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go index 0223963e1..b3f4ff4f6 100644 --- a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go +++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go @@ -12,8 +12,8 @@ import ( "strings" "unicode" - "github.com/openshift/imagebuilder/dockerfile/command" "github.com/docker/docker/pkg/system" + "github.com/openshift/imagebuilder/dockerfile/command" "github.com/pkg/errors" ) @@ -37,7 +37,7 @@ type Node struct { Original string // original line used before parsing Flags []string // only top Node should have this set StartLine int // the line in the original dockerfile where the node begins - endLine int // the line in the original dockerfile where the node ends + EndLine int // the line in the original dockerfile where the node ends } // Dump dumps the AST defined by `node` as a list of sexps. @@ -67,7 +67,7 @@ func (node *Node) Dump() string { func (node *Node) lines(start, end int) { node.StartLine = start - node.endLine = end + node.EndLine = end } // AddChild adds a new child node, and updates line information @@ -76,7 +76,7 @@ func (node *Node) AddChild(child *Node, startLine, endLine int) { if node.StartLine < 0 { node.StartLine = startLine } - node.endLine = endLine + node.EndLine = endLine node.Children = append(node.Children, child) } diff --git a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec index b8680bd10..89951fcec 100644 --- a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec +++ b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec @@ -12,7 +12,7 @@ # %global golang_version 1.8.1 -%{!?version: %global version 1.1.6} +%{!?version: %global version 1.1.8} %{!?release: %global release 1} %global package_name imagebuilder %global product_name Container Image Builder diff --git a/vendor/github.com/openshift/imagebuilder/internals.go b/vendor/github.com/openshift/imagebuilder/internals.go index 5dc174bf7..f33dc70bb 100644 --- a/vendor/github.com/openshift/imagebuilder/internals.go +++ b/vendor/github.com/openshift/imagebuilder/internals.go @@ -93,27 +93,28 @@ func parseOptInterval(f *flag.Flag) (time.Duration, error) { return d, nil } -// makeUserArgs - Package the variables from the Dockerfile defined by -// the ENV aand the ARG statements into one slice so the values -// defined by both can later be evaluated when resolving variables -// such as ${MY_USER}. If the variable is defined by both ARG and ENV -// don't include the definition of the ARG variable. -func makeUserArgs(bEnv []string, bArgs map[string]string) (userArgs []string) { - - userArgs = bEnv - envMap := make(map[string]string) - for _, envVal := range bEnv { - val := strings.SplitN(envVal, "=", 2) - if len(val) > 1 { - envMap[val[0]] = val[1] +// mergeEnv merges two lists of environment variables, avoiding duplicates. +func mergeEnv(defaults, overrides []string) []string { + s := make([]string, 0, len(defaults)+len(overrides)) + index := make(map[string]int) + for _, envSpec := range append(defaults, overrides...) { + envVar := strings.SplitN(envSpec, "=", 2) + if i, ok := index[envVar[0]]; ok { + s[i] = envSpec + continue } + s = append(s, envSpec) + index[envVar[0]] = len(s) - 1 } + return s +} - for key, value := range bArgs { - if _, ok := envMap[key]; ok { - continue - } - userArgs = append(userArgs, key+"="+value) +// envMapAsSlice returns the contents of a map[string]string as a slice of keys +// and values joined with "=". +func envMapAsSlice(m map[string]string) []string { + s := make([]string, 0, len(m)) + for k, v := range m { + s = append(s, k+"="+v) } - return userArgs + return s } diff --git a/vendor/github.com/openshift/imagebuilder/shell_parser.go b/vendor/github.com/openshift/imagebuilder/shell_parser.go index 65f1db6dc..5c461a34a 100644 --- a/vendor/github.com/openshift/imagebuilder/shell_parser.go +++ b/vendor/github.com/openshift/imagebuilder/shell_parser.go @@ -7,6 +7,7 @@ package imagebuilder // be added by adding code to the "special ${} format processing" section import ( + "errors" "fmt" "strings" "text/scanner" @@ -119,7 +120,7 @@ func (sw *shellWord) processStopOn(stopChar rune) (string, []string, error) { if stopChar != scanner.EOF && ch == stopChar { sw.scanner.Next() - break + return result, words.getWords(), nil } if fn, ok := charFuncMapping[ch]; ok { // Call special processing func for certain chars @@ -156,6 +157,10 @@ func (sw *shellWord) processStopOn(stopChar rune) (string, []string, error) { } } + if stopChar != scanner.EOF { + return "", []string{}, fmt.Errorf("unexpected end of statement while looking for matching %s", string(stopChar)) + } + return result, words.getWords(), nil } @@ -168,9 +173,12 @@ func (sw *shellWord) processSingleQuote() (string, error) { for { ch := sw.scanner.Next() - if ch == '\'' || ch == scanner.EOF { + if ch == '\'' { break } + if ch == scanner.EOF { + return "", errors.New("unexpected end of statement while looking for matching single-quote") + } result += string(ch) } @@ -184,12 +192,15 @@ func (sw *shellWord) processDoubleQuote() (string, error) { sw.scanner.Next() - for sw.scanner.Peek() != scanner.EOF { + for { ch := sw.scanner.Peek() if ch == '"' { sw.scanner.Next() break } + if ch == scanner.EOF { + return "", errors.New("unexpected end of statement while looking for matching double-quote") + } if ch == '$' { tmp, err := sw.processDollar() if err != nil { @@ -206,8 +217,8 @@ func (sw *shellWord) processDoubleQuote() (string, error) { continue } - if chNext == '"' || chNext == '$' { - // \" and \$ can be escaped, all other \'s are left as-is + if chNext == '"' || chNext == '$' || chNext == '\\' { + // \" and \$ and \\ can be escaped, all other \'s are left as-is ch = sw.scanner.Next() } } diff --git a/vendor/modules.txt b/vendor/modules.txt index 6d8a7b8a4..8cfc2a1eb 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -67,7 +67,7 @@ github.com/containernetworking/plugins/pkg/utils/hwaddr github.com/containernetworking/plugins/pkg/utils/sysctl github.com/containernetworking/plugins/plugins/ipam/host-local/backend github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator -# github.com/containers/buildah v1.16.4 +# github.com/containers/buildah v1.16.5 github.com/containers/buildah github.com/containers/buildah/bind github.com/containers/buildah/chroot @@ -441,7 +441,7 @@ github.com/opencontainers/runtime-tools/validate github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk -# github.com/openshift/imagebuilder v1.1.6 +# github.com/openshift/imagebuilder v1.1.8 github.com/openshift/imagebuilder github.com/openshift/imagebuilder/dockerfile/command github.com/openshift/imagebuilder/dockerfile/parser -- cgit v1.2.3-54-g00ecf