containers
/
image
mirror of https://github.com/containers/image.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
3,164 Commits 38 Branches 102 Tags 17 MiB
Commit Graph

3164 Commits

Author SHA1 Message Date
Miloslav Trmač a56436cb15 Use testing.T.Setenv instead of os.Setenv in tests 
... to simplify and benefit from Go 1.17.

In some cases, wrap tests in testing.T.Run() to decrease
the scope, or to make the relationship between the test and the
cleanup clearer.  In some cases it's still a bit awkward
because there is no testing.T.Unsetenv, but still worth it.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-14 20:57:04 +02:00
Miloslav Trmač 225404ed0f Stop using net/tls.Config.PreferServerCipherSuites 
As of Go 1.17 it is deprecated and ignored.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-14 18:40:25 +02:00
Miloslav Trmač f9f909dd38 Update go.mod to Go 1.17 
> go mod tidy -go=1.17

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-14 18:40:25 +02:00
Valentin Rothberg e609a9f71c
Merge pull request #1577 from mtrmac/mocks 
Consolidate interface mocks in a testing subpackage
 2022-06-14 09:08:35 +02:00
Miloslav Trmač 4856cb94d6 Use a separate fakeUnparsedImage for TestIsMultiImage 
We will need to reimplement the fakeImageSource (actually a types.Image)
for testing determineManifestConversion differently, so split the two.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-13 23:53:58 +02:00
Miloslav Trmač 6bc578535a Introduce mocks.ForbiddenUnparsedImage, use it to simplify tests 
Should not change (test) behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-13 23:53:56 +02:00
Miloslav Trmač 5bac9979d1 Remove irrelevant methods from forbiddenImageMock 
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-13 23:53:17 +02:00
Miloslav Trmač 94a2667e94 Introduce mocks.ForbiddenImageReference, use it to simplify tests 
Should not change (test) behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-13 23:53:14 +02:00
Miloslav Trmač 38bda3b889 Move image.unusedImageSource to mocks.ForbiddenImageSource 
Start collecting Forbiden* mocks in mocks, to eliminate
unnecessary duplication.

Should not change (test) behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-13 23:52:31 +02:00
Miloslav Trmač 163c57f026 Rename imagetransport.go to image_transport.go 
to be a bit easier to read, and consistent with future
changes.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-13 16:25:42 +02:00
Daniel J Walsh 3c0150e430
Merge pull request #1576 from mtrmac/private-image 
Make c/image/image available as c/image/internal/image
 2022-06-13 10:22:56 -04:00
Miloslav Trmač 08a6499933 Add image.FromReference, replace most users of image.FromSource 
This avoids some repetition, and (in all but one case) fixes
a missing .Close() on a failure path.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-11 01:25:44 +02:00
Miloslav Trmač 320a1ff585 Move all internal users of image/v5/image to image/v5/internal/image 
... to skip the compatibility layer.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-11 01:25:44 +02:00
Miloslav Trmač 46dccab3f2 Move c/image/image to c/image/internal/image 
... to allow us to add more APIs using a new mechanism.

Currently c/image/image exposes images as types.Image, which we can't change;
so, let's define a new API that will return a different type that we can modify
as necessary.

For now, make that new API internal, at least until we fix the way edits
are bundled with data-to-be-edited in types.BlobInfo.

c/image/image continues to exist, but currently only trivially forwards
all calls to the moved c/image/internal/image.

As a minimal proof of concept, none of the users of c/image/image in the repo
have been modified; they now refer to the compatibility forwarders.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-11 01:25:43 +02:00
Miloslav Trmač a4c340b1a2
Merge pull request #1569 from containers/dependabot/go_modules/github.com/docker/docker-20.10.17incompatible 
build(deps): bump github.com/docker/docker from 20.10.16+incompatible to 20.10.17+incompatible
 2022-06-07 15:45:51 +02:00
dependabot[bot] fa9480234f
build(deps): bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.16+incompatible to 20.10.17+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.16...v20.10.17)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-07 08:19:14 +00:00
Daniel J Walsh 7085147739
Merge pull request #1568 from mtrmac/bump-ocicrypt 
Update github.com/containers/ocicrypt
 2022-06-06 12:59:08 -04:00
Miloslav Trmač 69bb21a719 Update github.com/containers/ocicrypt 
> go get github.com/containers/ocicrypt@latest

It seems Dependabot doesn't update from commit references.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-06-06 17:54:01 +02:00
Miloslav Trmač eca7fea52e
Merge pull request #1567 from containers/dependabot/go_modules/github.com/stretchr/testify-1.7.2 
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2
 2022-06-06 17:31:57 +02:00
dependabot[bot] e4f45b5e3b
build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-06 15:12:18 +00:00
Daniel J Walsh 6e363d2b40
Merge pull request #1566 from containers/dependabot/go_modules/github.com/klauspost/compress-1.15.6 
build(deps): bump github.com/klauspost/compress from 1.15.5 to 1.15.6
 2022-06-03 08:35:08 -04:00
dependabot[bot] 18d5f163a7
build(deps): bump github.com/klauspost/compress from 1.15.5 to 1.15.6 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.15.5 to 1.15.6.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.15.5...v1.15.6)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-03 09:23:45 +00:00
Miloslav Trmač dabbab2196
Merge pull request #1564 from containers/dependabot/go_modules/github.com/sylabs/sif/v2-2.7.1 
build(deps): bump github.com/sylabs/sif/v2 from 2.7.0 to 2.7.1
 2022-06-02 16:10:35 +02:00
dependabot[bot] ccddde4874
build(deps): bump github.com/sylabs/sif/v2 from 2.7.0 to 2.7.1 
Bumps [github.com/sylabs/sif/v2](https://github.com/sylabs/sif) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/sylabs/sif/releases)
- [Changelog](https://github.com/sylabs/sif/blob/main/.goreleaser.yml)
- [Commits](https://github.com/sylabs/sif/compare/v2.7.0...v2.7.1)

---
updated-dependencies:
- dependency-name: github.com/sylabs/sif/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-02 08:13:59 +00:00
Daniel J Walsh 8b8d797969
Merge pull request #1561 from lsm5/ubuntu-2204-lts-cirrus 
Cirrus: use Ubuntu 22.04 LTS
 2022-05-31 11:37:34 -04:00
Daniel J Walsh c1de81f1ce
Merge pull request #1560 from containers/dependabot/go_modules/github.com/klauspost/compress-1.15.5 
build(deps): bump github.com/klauspost/compress from 1.15.4 to 1.15.5
 2022-05-31 10:09:48 -04:00
dependabot[bot] ca2cdf1b7d
build(deps): bump github.com/klauspost/compress from 1.15.4 to 1.15.5 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.15.4 to 1.15.5.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.15.4...v1.15.5)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-30 23:25:18 +00:00
Lokesh Mandvekar 523461bea0
Cirrus: use Ubuntu 22.04 LTS 
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2022-05-27 10:56:43 -04:00
Valentin Rothberg 888ede3f78
Merge pull request #1559 from mtrmac/runc-1.1.2 
Make sure github.com/opencontainers/runc >= 1.1.2 is used
 2022-05-27 10:57:59 +02:00
Miloslav Trmač 7942511dd2 Make sure github.com/opencontainers/runc >= 1.1.2 is used 
... to silence Dependabot alerts about CVE-2022-29162
= GHSA-f3fp-gc8g-vw66.

Note that nothing in c/image actually calls this package,
so the vulnerability could only be triggered by some other code path.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-05-26 19:08:25 +02:00
Daniel J Walsh 89f33ce055
Merge pull request #1558 from containers/dependabot/go_modules/github.com/imdario/mergo-0.3.13 
build(deps): bump github.com/imdario/mergo from 0.3.12 to 0.3.13
 2022-05-26 05:38:46 -04:00
dependabot[bot] 5b2015ae7d
build(deps): bump github.com/imdario/mergo from 0.3.12 to 0.3.13 
Bumps [github.com/imdario/mergo](https://github.com/imdario/mergo) from 0.3.12 to 0.3.13.
- [Release notes](https://github.com/imdario/mergo/releases)
- [Commits](https://github.com/imdario/mergo/compare/0.3.12...v0.3.13)

---
updated-dependencies:
- dependency-name: github.com/imdario/mergo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-26 08:12:41 +00:00
Daniel J Walsh 0a482d00e9
Merge pull request #1557 from rhatdan/codespell 
Fix codespell errors
 2022-05-25 12:28:40 -04:00
Daniel J Walsh 409cc66a7c
Fix codespell errors 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2022-05-25 06:18:36 -04:00
Daniel J Walsh 18d58d29fd
Merge pull request #1556 from containers/dependabot/go_modules/github.com/vbauerster/mpb/v7-7.4.2 
build(deps): bump github.com/vbauerster/mpb/v7 from 7.4.1 to 7.4.2
 2022-05-25 06:13:13 -04:00
dependabot[bot] f853064d04
build(deps): bump github.com/vbauerster/mpb/v7 from 7.4.1 to 7.4.2 
Bumps [github.com/vbauerster/mpb/v7](https://github.com/vbauerster/mpb) from 7.4.1 to 7.4.2.
- [Release notes](https://github.com/vbauerster/mpb/releases)
- [Commits](https://github.com/vbauerster/mpb/compare/v7.4.1...v7.4.2)

---
updated-dependencies:
- dependency-name: github.com/vbauerster/mpb/v7
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-25 08:17:44 +00:00
Daniel J Walsh e594853d64
Merge pull request #1555 from mtrmac/gpgme-native-pkg-config 
Stop calling gpgme-config
 2022-05-20 06:56:16 -04:00
Miloslav Trmač 8a6354627d Stop calling gpgme-config 
As of the just-updated github.com/proglottis/gpgme 0.1.2,
the gpgme subpackage uses CGo's native #cgo pkg-config support
to find the relevant libraries, and we no longer need to manually set
CGO_CFLAGS and CGO_LDFLAGS. So stop doing that.

Note that the proglottis/gpgme update (already before this commit)
means the minimal supported version of GPGME is 1.13.0.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2022-05-19 21:42:40 +02:00
Miloslav Trmač 1e26896b80
Merge pull request #1554 from containers/dependabot/go_modules/github.com/proglottis/gpgme-0.1.2 
build(deps): bump github.com/proglottis/gpgme from 0.1.1 to 0.1.2
 2022-05-19 21:38:17 +02:00
dependabot[bot] eeae3e4771
build(deps): bump github.com/proglottis/gpgme from 0.1.1 to 0.1.2 
Bumps [github.com/proglottis/gpgme](https://github.com/proglottis/gpgme) from 0.1.1 to 0.1.2.
- [Release notes](https://github.com/proglottis/gpgme/releases)
- [Commits](https://github.com/proglottis/gpgme/compare/v0.1.1...v0.1.2)

---
updated-dependencies:
- dependency-name: github.com/proglottis/gpgme
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-19 08:10:31 +00:00
Miloslav Trmač 2b5fc829de
Merge pull request #1550 from Jamstah/sparse-errors 
Improve errors messages when image missing from list
 2022-05-16 18:16:04 +02:00
James Hewitt 3c83b65b71
Improve errors messages when image missing from list 
When using an image index (manifest list/fat manifest) from a registry,
but the specific image is missing from the registry, be more clear about
the error.

Signed-off-by: James Hewitt <james.hewitt@uk.ibm.com>
 2022-05-16 16:44:18 +01:00
Daniel J Walsh 478c04d030
Merge pull request #1553 from containers/dependabot/go_modules/github.com/docker/docker-20.10.16incompatible 
build(deps): bump github.com/docker/docker from 20.10.15+incompatible to 20.10.16+incompatible
 2022-05-13 06:48:28 -04:00
dependabot[bot] 1ec09ee1f3
build(deps): bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.15+incompatible to 20.10.16+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.15...v20.10.16)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-13 08:17:08 +00:00
Valentin Rothberg a5cf85e8d1
Merge pull request #1551 from rhatdan/vendor 
Update containers/storage
 2022-05-12 10:16:07 +02:00
Daniel J Walsh 66b9b9a8ab
Update containers/storage 
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
 2022-05-11 17:09:14 -04:00
Miloslav Trmač fe4fd4ed8b
Merge pull request #1548 from giuseppe/quay-partial-pulls 
docker: add workaround for CloudFront
 2022-05-11 22:37:56 +02:00
Miloslav Trmač 7b5a89f94c
Merge pull request #1547 from containers/dependabot/go_modules/github.com/klauspost/compress-1.15.4 
build(deps): bump github.com/klauspost/compress from 1.15.3 to 1.15.4
 2022-05-11 22:00:28 +02:00
Giuseppe Scrivano 857a813795
docker: add workaround for CloudFront 
CloudFront returns an unquoted ':' in the boundary, special handle it.
It is needed for partial pulls from quay.io.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
 2022-05-11 21:11:23 +02:00
dependabot[bot] 6f655cc3d7
build(deps): bump github.com/klauspost/compress from 1.15.3 to 1.15.4 
Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.15.3 to 1.15.4.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](https://github.com/klauspost/compress/compare/v1.15.3...v1.15.4)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-11 18:04:33 +00:00