mirror of https://github.com/containers/podman.git
				
				
				
			Merge pull request #20621 from mtrmac/docker-compat-login
Add --compat-auth-file to login and logout
This commit is contained in:
		
						commit
						a6bb601400
					
				|  | @ -96,8 +96,6 @@ func login(cmd *cobra.Command, args []string) error { | |||
| 	} | ||||
| 
 | ||||
| 	sysCtx := &types.SystemContext{ | ||||
| 		AuthFilePath:                loginOptions.AuthFile, | ||||
| 		DockerCertPath:              loginOptions.CertDir, | ||||
| 		DockerInsecureSkipTLSVerify: skipTLS, | ||||
| 	} | ||||
| 	setRegistriesConfPath(sysCtx) | ||||
|  |  | |||
|  | @ -48,9 +48,7 @@ func init() { | |||
| 
 | ||||
| // Implementation of podman-logout.
 | ||||
| func logout(cmd *cobra.Command, args []string) error { | ||||
| 	sysCtx := &types.SystemContext{ | ||||
| 		AuthFilePath: logoutOptions.AuthFile, | ||||
| 	} | ||||
| 	sysCtx := &types.SystemContext{} | ||||
| 	setRegistriesConfPath(sysCtx) | ||||
| 	return auth.Logout(sysCtx, &logoutOptions, args) | ||||
| } | ||||
|  |  | |||
|  | @ -32,6 +32,10 @@ For more details about format and configurations of the auth.json file, see cont | |||
| 
 | ||||
| @@option cert-dir | ||||
| 
 | ||||
| #### **--compat-auth-file**=*path* | ||||
| 
 | ||||
| Instead of updating the default credentials file, update the one at *path*, and use a Docker-compatible format. | ||||
| 
 | ||||
| #### **--get-login** | ||||
| 
 | ||||
| Return the logged-in user for the registry.  Return error if no login is found. | ||||
|  |  | |||
|  | @ -27,6 +27,10 @@ Remove the cached credentials for all registries in the auth file | |||
| 
 | ||||
| @@option authfile | ||||
| 
 | ||||
| #### **--compat-auth-file**=*path* | ||||
| 
 | ||||
| Instead of updating the default credentials file, update the one at *path*, and use a Docker-compatible format. | ||||
| 
 | ||||
| #### **--help**, **-h** | ||||
| 
 | ||||
| Print usage statement | ||||
|  |  | |||
							
								
								
									
										30
									
								
								go.mod
								
								
								
								
							
							
						
						
									
										30
									
								
								go.mod
								
								
								
								
							|  | @ -11,15 +11,15 @@ require ( | |||
| 	github.com/checkpoint-restore/go-criu/v7 v7.0.0 | ||||
| 	github.com/containernetworking/cni v1.1.2 | ||||
| 	github.com/containernetworking/plugins v1.3.0 | ||||
| 	github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761 | ||||
| 	github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce | ||||
| 	github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 | ||||
| 	github.com/containers/common v0.57.0 | ||||
| 	github.com/containers/conmon v2.0.20+incompatible | ||||
| 	github.com/containers/gvisor-tap-vsock v0.7.1 | ||||
| 	github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f | ||||
| 	github.com/containers/image/v5 v5.29.0 | ||||
| 	github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 | ||||
| 	github.com/containers/ocicrypt v1.1.9 | ||||
| 	github.com/containers/psgo v1.8.0 | ||||
| 	github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd | ||||
| 	github.com/containers/storage v1.51.0 | ||||
| 	github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 | ||||
| 	github.com/coreos/stream-metadata-go v0.4.3 | ||||
| 	github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420 | ||||
|  | @ -54,7 +54,7 @@ require ( | |||
| 	github.com/opencontainers/runtime-spec v1.1.1-0.20230922153023-c0e90434df2a | ||||
| 	github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc | ||||
| 	github.com/opencontainers/selinux v1.11.0 | ||||
| 	github.com/openshift/imagebuilder v1.2.5 | ||||
| 	github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc | ||||
| 	github.com/rootless-containers/rootlesskit v1.1.1 | ||||
| 	github.com/shirou/gopsutil/v3 v3.23.10 | ||||
| 	github.com/sirupsen/logrus v1.9.3 | ||||
|  | @ -93,14 +93,14 @@ require ( | |||
| 	github.com/chenzhuoyu/iasm v0.9.0 // indirect | ||||
| 	github.com/chzyer/readline v1.5.1 // indirect | ||||
| 	github.com/containerd/cgroups/v3 v3.0.2 // indirect | ||||
| 	github.com/containerd/containerd v1.7.8 // indirect | ||||
| 	github.com/containerd/containerd v1.7.9 // indirect | ||||
| 	github.com/containerd/log v0.1.0 // indirect | ||||
| 	github.com/containerd/stargz-snapshotter/estargz v0.15.1 // indirect | ||||
| 	github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect | ||||
| 	github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd // indirect | ||||
| 	github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b // indirect | ||||
| 	github.com/coreos/go-oidc/v3 v3.7.0 // indirect | ||||
| 	github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f // indirect | ||||
| 	github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd // indirect | ||||
| 	github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect | ||||
| 	github.com/davecgh/go-spew v1.1.1 // indirect | ||||
| 	github.com/digitalocean/go-libvirt v0.0.0-20220804181439-8648fbde413e // indirect | ||||
| 	github.com/disiqueira/gotree/v3 v3.0.2 // indirect | ||||
|  | @ -112,7 +112,7 @@ require ( | |||
| 	github.com/gabriel-vasile/mimetype v1.4.2 // indirect | ||||
| 	github.com/gin-contrib/sse v0.1.0 // indirect | ||||
| 	github.com/gin-gonic/gin v1.9.1 // indirect | ||||
| 	github.com/go-jose/go-jose/v3 v3.0.0 // indirect | ||||
| 	github.com/go-jose/go-jose/v3 v3.0.1 // indirect | ||||
| 	github.com/go-logr/logr v1.3.0 // indirect | ||||
| 	github.com/go-logr/stdr v1.2.2 // indirect | ||||
| 	github.com/go-ole/go-ole v1.2.6 // indirect | ||||
|  | @ -140,11 +140,11 @@ require ( | |||
| 	github.com/google/pprof v0.0.0-20230323073829-e72429f035bd // indirect | ||||
| 	github.com/hashicorp/errwrap v1.1.0 // indirect | ||||
| 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect | ||||
| 	github.com/hashicorp/go-retryablehttp v0.7.4 // indirect | ||||
| 	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect | ||||
| 	github.com/inconshreveable/mousetrap v1.1.0 // indirect | ||||
| 	github.com/jinzhu/copier v0.4.0 // indirect | ||||
| 	github.com/josharian/intern v1.0.0 // indirect | ||||
| 	github.com/klauspost/compress v1.17.2 // indirect | ||||
| 	github.com/klauspost/compress v1.17.3 // indirect | ||||
| 	github.com/klauspost/cpuid/v2 v2.2.5 // indirect | ||||
| 	github.com/klauspost/pgzip v1.2.6 // indirect | ||||
| 	github.com/kr/fs v0.1.0 // indirect | ||||
|  | @ -198,13 +198,13 @@ require ( | |||
| 	go.mongodb.org/mongo-driver v1.11.3 // indirect | ||||
| 	go.mozilla.org/pkcs7 v0.0.0-20210826202110-33d05740a352 // indirect | ||||
| 	go.opencensus.io v0.24.0 // indirect | ||||
| 	go.opentelemetry.io/otel v1.16.0 // indirect | ||||
| 	go.opentelemetry.io/otel/metric v1.16.0 // indirect | ||||
| 	go.opentelemetry.io/otel/trace v1.16.0 // indirect | ||||
| 	go.opentelemetry.io/otel v1.19.0 // indirect | ||||
| 	go.opentelemetry.io/otel/metric v1.19.0 // indirect | ||||
| 	go.opentelemetry.io/otel/trace v1.19.0 // indirect | ||||
| 	golang.org/x/arch v0.5.0 // indirect | ||||
| 	golang.org/x/crypto v0.15.0 // indirect | ||||
| 	golang.org/x/mod v0.13.0 // indirect | ||||
| 	golang.org/x/oauth2 v0.13.0 // indirect | ||||
| 	golang.org/x/oauth2 v0.14.0 // indirect | ||||
| 	golang.org/x/tools v0.14.0 // indirect | ||||
| 	google.golang.org/appengine v1.6.8 // indirect | ||||
| 	google.golang.org/genproto/googleapis/rpc v0.0.0-20230920204549-e6e6cdab5c13 // indirect | ||||
|  |  | |||
							
								
								
									
										66
									
								
								go.sum
								
								
								
								
							
							
						
						
									
										66
									
								
								go.sum
								
								
								
								
							|  | @ -193,8 +193,8 @@ github.com/containerd/containerd v1.5.0-beta.4/go.mod h1:GmdgZd2zA2GYIBZ0w09Zvgq | |||
| github.com/containerd/containerd v1.5.0-rc.0/go.mod h1:V/IXoMqNGgBlabz3tHD2TWDoTJseu1FGOKuoA4nNb2s= | ||||
| github.com/containerd/containerd v1.5.1/go.mod h1:0DOxVqwDy2iZvrZp2JUx/E+hS0UNTVn7dJnIOwtYR4g= | ||||
| github.com/containerd/containerd v1.5.7/go.mod h1:gyvv6+ugqY25TiXxcZC3L5yOeYgEw0QMhscqVp1AR9c= | ||||
| github.com/containerd/containerd v1.7.8 h1:RkwgOW3AVUT3H/dyT0W03Dc8AzlpMG65lX48KftOFSM= | ||||
| github.com/containerd/containerd v1.7.8/go.mod h1:L/Hn9qylJtUFT7cPeM0Sr3fATj+WjHwRQ0lyrYk3OPY= | ||||
| github.com/containerd/containerd v1.7.9 h1:KOhK01szQbM80YfW1H6RZKh85PHGqY/9OcEZ35Je8sc= | ||||
| github.com/containerd/containerd v1.7.9/go.mod h1:0/W44LWEYfSHoxBtsHIiNU/duEkgpMokemafHVCpq9Y= | ||||
| github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= | ||||
| github.com/containerd/continuity v0.0.0-20190815185530-f2a389ac0a02/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= | ||||
| github.com/containerd/continuity v0.0.0-20191127005431-f65d91d395eb/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= | ||||
|  | @ -252,22 +252,22 @@ github.com/containernetworking/plugins v0.8.6/go.mod h1:qnw5mN19D8fIwkqW7oHHYDHV | |||
| github.com/containernetworking/plugins v0.9.1/go.mod h1:xP/idU2ldlzN6m4p5LmGiwRDjeJr6FLK6vuiUwoH7P8= | ||||
| github.com/containernetworking/plugins v1.3.0 h1:QVNXMT6XloyMUoO2wUOqWTC1hWFV62Q6mVDp5H1HnjM= | ||||
| github.com/containernetworking/plugins v1.3.0/go.mod h1:Pc2wcedTQQCVuROOOaLBPPxrEXqqXBFt3cZ+/yVg6l0= | ||||
| github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761 h1:MNE9Yk+sw3GhHGRIXQHqx4V3P9L2MVHrZITD107DDB4= | ||||
| github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761/go.mod h1:78sIy+6IjdfQWXfPUZyDqysufB/vhgz9SGLrLQ2k0KU= | ||||
| github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce h1:b0NLsUl+hvPYPiAlP7VJrSHJZDQbZgUa3i+JfwMv4To= | ||||
| github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce/go.mod h1:EOB29rKXAeQcUU8JQ9MjbYkyPfcNpAZ7s3Ar59PU0YE= | ||||
| github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 h1:G+FidpI/V85O3sXfOg+xFwWav23FW0/L9KjZuxbr71g= | ||||
| github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310/go.mod h1:2mTSu+BX8gjB2wUxu4raCdNdP/bc5ADL8Hiw6oUrOYE= | ||||
| github.com/containers/common v0.57.0 h1:5O/+6QUBafKK0/zeok9y1rLPukfWgdE0sT4nuzmyAqk= | ||||
| github.com/containers/common v0.57.0/go.mod h1:t/Z+/sFrapvFMEJe3YnecN49/Tae2wYEQShbEN6SRaU= | ||||
| github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= | ||||
| github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= | ||||
| github.com/containers/gvisor-tap-vsock v0.7.1 h1:+Rc+sOPplrkQb/BUXeN0ug8TxjgyrIqo/9P/eNS2A4c= | ||||
| github.com/containers/gvisor-tap-vsock v0.7.1/go.mod h1:WSSsjcuYZkvP8i0J+Ht3LF8yvysn3krD5zxQ74wz7y0= | ||||
| github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f h1:x79xiC/Zs7yRzCWCT/fuf8J8LALTzVHzGT9T0HEx9FQ= | ||||
| github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f/go.mod h1:7+h9aIQgB6YzWxFzKAAYQ0CQZS0ks/bc+FMZQTJFoN8= | ||||
| github.com/containers/image/v5 v5.29.0 h1:9+nhS/ZM7c4Kuzu5tJ0NMpxrgoryOJ2HAYTgG8Ny7j4= | ||||
| github.com/containers/image/v5 v5.29.0/go.mod h1:kQ7qcDsps424ZAz24thD+x7+dJw1vgur3A9tTDsj97E= | ||||
| github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734 h1:R6e4nMpxUWRTn+QoiS1dnWL3qa0hpFb2+8/ltKtSnWE= | ||||
| github.com/containers/libhvee v0.4.1-0.20231106202301-9651e31ae734/go.mod h1:3lTcwI2g7qe8Ekgk9hdDxQeT9KrqXPilQvxJfIJp8TQ= | ||||
| github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= | ||||
| github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= | ||||
| github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd h1:NbQ782+jynau+ySnK8qBGyLstgiaLOAjoJWrwSLovGc= | ||||
| github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd/go.mod h1:p3x2uBi+Eaqor7MXSnXIoSGmIaocAlRnd3UiEl6AtgQ= | ||||
| github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b h1:8XvNAm+g7ivwPUkyiHvBs7z356JWpK9a0FDaek86+sY= | ||||
| github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b/go.mod h1:menB9p4o5HckgcLW6cO0+dl6+axkVmSqKlrNcratsh4= | ||||
| github.com/containers/ocicrypt v1.0.1/go.mod h1:MeJDzk1RJHv89LjsH0Sp5KTY3ZYkjXO/C+bKAeWFIrc= | ||||
| github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgUV4GP9qXPfu4= | ||||
| github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= | ||||
|  | @ -276,8 +276,8 @@ github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPN | |||
| github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= | ||||
| github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= | ||||
| github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= | ||||
| github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd h1:IidA+YID5VdlNNJ0xcRdOcaPWs+fP0IFJqFRVuwtPjo= | ||||
| github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd/go.mod h1:ybl8a3j1PPtpyaEi/5A6TOFs+5TrEyObeKJzVtkUlfc= | ||||
| github.com/containers/storage v1.51.0 h1:AowbcpiWXzAjHosKz7MKvPEqpyX+ryZA/ZurytRrFNA= | ||||
| github.com/containers/storage v1.51.0/go.mod h1:ybl8a3j1PPtpyaEi/5A6TOFs+5TrEyObeKJzVtkUlfc= | ||||
| github.com/coreos/bbolt v1.3.2/go.mod h1:iRUV2dpdMOn7Bo10OQBFzIJO9kkE559Wcmn+qkEiiKk= | ||||
| github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= | ||||
| github.com/coreos/go-iptables v0.4.5/go.mod h1:/mVI274lEDI2ns62jHCDnCyBF9Iwsmekav8Dbxlm1MU= | ||||
|  | @ -311,8 +311,8 @@ github.com/crc-org/vfkit v0.1.2-0.20231030102423-f3c783d34420/go.mod h1:OQiqOghC | |||
| github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY= | ||||
| github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= | ||||
| github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY= | ||||
| github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd h1:0av0vtcjA8Hqv5gyWj79CLCFVwOOyBNWPjrfUWceMNg= | ||||
| github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= | ||||
| github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 h1:2Dx4IHfC1yHWI12AxQDJM1QbRCDfk6M+blLzlZCXdrc= | ||||
| github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw= | ||||
| github.com/cyphar/filepath-securejoin v0.2.3/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= | ||||
| github.com/cyphar/filepath-securejoin v0.2.4 h1:Ugdm7cg7i6ZK6x3xDF1oEu1nfkyfH53EtKeQYTC3kyg= | ||||
| github.com/cyphar/filepath-securejoin v0.2.4/go.mod h1:aPGpWjXOXUn2NCNjFvBE6aRxGGx79pTxQpKOJNYHHl4= | ||||
|  | @ -337,6 +337,7 @@ github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK | |||
| github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= | ||||
| github.com/dnaeon/go-vcr v1.0.1/go.mod h1:aBB1+wY4s93YsC3HHjMBMrwTj2R9FHDzUr9KyGc8n1E= | ||||
| github.com/docker/cli v0.0.0-20191017083524-a8ff7f821017/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= | ||||
| github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg= | ||||
| github.com/docker/distribution v0.0.0-20190905152932-14b96e55d84c/go.mod h1:0+TTO4EOBfRPhZXAeF1Vu+W3hHZ8eLp8PgKVZlcvtFY= | ||||
| github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= | ||||
| github.com/docker/distribution v2.7.1+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= | ||||
|  | @ -354,6 +355,7 @@ github.com/docker/go-connections v0.4.1-0.20231031175723-0b8c1f4e07a0/go.mod h1: | |||
| github.com/docker/go-events v0.0.0-20170721190031-9461782956ad/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= | ||||
| github.com/docker/go-events v0.0.0-20190806004212-e31b211e4f1c/go.mod h1:Uw6UezgYA44ePAFQYUehOuCzmy5zmg/+nl2ZfMWGkpA= | ||||
| github.com/docker/go-metrics v0.0.0-20180209012529-399ea8c73916/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= | ||||
| github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8= | ||||
| github.com/docker/go-metrics v0.0.1/go.mod h1:cG1hvH2utMXtqgqqYE9plW6lDxS3/5ayHzueweSI3Vw= | ||||
| github.com/docker/go-plugins-helpers v0.0.0-20211224144127-6eecb7beb651 h1:YcvzLmdrP/b8kLAGJ8GT7bdncgCAiWxJZIlt84D+RJg= | ||||
| github.com/docker/go-plugins-helpers v0.0.0-20211224144127-6eecb7beb651/go.mod h1:LFyLie6XcDbyKGeVK6bHe+9aJTYCxWLBg5IrJZOaXKA= | ||||
|  | @ -406,8 +408,8 @@ github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9 | |||
| github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= | ||||
| github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= | ||||
| github.com/go-ini/ini v1.25.4/go.mod h1:ByCAeIL28uOIIG0E3PJtZPDL8WnHpFKFOtgjp+3Ies8= | ||||
| github.com/go-jose/go-jose/v3 v3.0.0 h1:s6rrhirfEP/CGIoc6p+PZAeogN2SxKav6Wp7+dyMWVo= | ||||
| github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= | ||||
| github.com/go-jose/go-jose/v3 v3.0.1 h1:pWmKFVtt+Jl0vBZTIpz/eAKwsm6LkIxDVVbFHKkchhA= | ||||
| github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= | ||||
| github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= | ||||
| github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as= | ||||
| github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE= | ||||
|  | @ -639,8 +641,8 @@ github.com/hashicorp/go-multierror v0.0.0-20161216184304-ed905158d874/go.mod h1: | |||
| github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk= | ||||
| github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= | ||||
| github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.4 h1:ZQgVdpTdAL7WpMIwLzCfbalOcSUdkDZnpUv3/+BxzFA= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.4/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.5 h1:bJj+Pj19UZMIweq/iie+1u5YCdGrnxCT9yvm0e+Nd5M= | ||||
| github.com/hashicorp/go-retryablehttp v0.7.5/go.mod h1:Jy/gPYAdjqffZ/yFGCFV2doI5wjtH1ewM9u8iYVjtX8= | ||||
| github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= | ||||
| github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8= | ||||
| github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ= | ||||
|  | @ -695,8 +697,8 @@ github.com/klauspost/compress v1.11.13/go.mod h1:aoV0uJVorq1K+umq18yTdKaF57EivdY | |||
| github.com/klauspost/compress v1.13.6/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk= | ||||
| github.com/klauspost/compress v1.15.7/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= | ||||
| github.com/klauspost/compress v1.15.9/go.mod h1:PhcZ0MbTNciWF3rruxRgKxI5NkcHHrHUDtV4Yw2GlzU= | ||||
| github.com/klauspost/compress v1.17.2 h1:RlWWUY/Dr4fL8qk9YG7DTZ7PDgME2V4csBXA8L/ixi4= | ||||
| github.com/klauspost/compress v1.17.2/go.mod h1:ntbaceVETuRiXiv4DpjP66DpAtAGkEQskQzEyD//IeE= | ||||
| github.com/klauspost/compress v1.17.3 h1:qkRjuerhUU1EmXLYGkSH6EZL+vPSxIrYjLNAK4slzwA= | ||||
| github.com/klauspost/compress v1.17.3/go.mod h1:/dCuZOvVtNoHsyb+cuJD3itjs3NbnF6KH9zAO4BDxPM= | ||||
| github.com/klauspost/cpuid/v2 v2.0.9/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg= | ||||
| github.com/klauspost/cpuid/v2 v2.2.5 h1:0E5MSMDEoAulmXNFquVs//DdoomxaoTY1kUhbc/qbZg= | ||||
| github.com/klauspost/cpuid/v2 v2.2.5/go.mod h1:Lcz8mBdAVJIBVzewtcLocK12l3Y+JytZYpaMropDUws= | ||||
|  | @ -870,8 +872,8 @@ github.com/opencontainers/selinux v1.8.2/go.mod h1:MUIHuUEvKB1wtJjQdOyYRgOnLD2xA | |||
| github.com/opencontainers/selinux v1.10.1/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuho1lHsJxIJ3gGbJI= | ||||
| github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= | ||||
| github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= | ||||
| github.com/openshift/imagebuilder v1.2.5 h1:dby0N3FTouXSBgWNf+gfTkj36fAb8g4iL/SRw1eNAoo= | ||||
| github.com/openshift/imagebuilder v1.2.5/go.mod h1:bF4w79W8nM+jH1QkAiHSUVaqHkMBJGijafZxCJEHH5o= | ||||
| github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc h1:ZQ+qN+nVYlNOOx/Nsm5J78je5r+eJfo62pFGisvHtyI= | ||||
| github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc/go.mod h1:hFr3F5mM+J/zFaXcZdNzHS0xKuxAYOZOoHQO9D2JvIU= | ||||
| github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= | ||||
| github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= | ||||
| github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= | ||||
|  | @ -941,8 +943,8 @@ github.com/rogpeppe/fastuuid v1.2.0/go.mod h1:jVj6XXZzXRy/MSR5jhDC/2q6DgLz+nrA6L | |||
| github.com/rogpeppe/go-internal v1.1.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||||
| github.com/rogpeppe/go-internal v1.2.2/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||||
| github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4= | ||||
| github.com/rogpeppe/go-internal v1.9.0 h1:73kH8U+JUqXU8lRuOHeVHaa/SZPifC7BkcraZVejAe8= | ||||
| github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= | ||||
| github.com/rogpeppe/go-internal v1.11.0 h1:cWPaGQEPrBb5/AsnsZesgZZ9yb1OQ+GOISoDNXVBh4M= | ||||
| github.com/rootless-containers/rootlesskit v1.1.1 h1:F5psKWoWY9/VjZ3ifVcaosjvFZJOagX85U22M0/EQZE= | ||||
| github.com/rootless-containers/rootlesskit v1.1.1/go.mod h1:UD5GoA3dqKCJrnvnhVgQQnweMF2qZnf9KLw8EewcMZI= | ||||
| github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= | ||||
|  | @ -1133,13 +1135,13 @@ go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= | |||
| go.opencensus.io v0.22.3/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw= | ||||
| go.opencensus.io v0.24.0 h1:y73uSU6J157QMP2kn2r30vwW1A2W2WFwSCGnAVxeaD0= | ||||
| go.opencensus.io v0.24.0/go.mod h1:vNK8G9p7aAivkbmorf4v+7Hgx+Zs0yY+0fOtgBfjQKo= | ||||
| go.opentelemetry.io/otel v1.16.0 h1:Z7GVAX/UkAXPKsy94IU+i6thsQS4nb7LviLpnaNeW8s= | ||||
| go.opentelemetry.io/otel v1.16.0/go.mod h1:vl0h9NUa1D5s1nv3A5vZOYWn8av4K8Ml6JDeHrT/bx4= | ||||
| go.opentelemetry.io/otel/metric v1.16.0 h1:RbrpwVG1Hfv85LgnZ7+txXioPDoh6EdbZHo26Q3hqOo= | ||||
| go.opentelemetry.io/otel/metric v1.16.0/go.mod h1:QE47cpOmkwipPiefDwo2wDzwJrlfxxNYodqc4xnGCo4= | ||||
| go.opentelemetry.io/otel/sdk v1.16.0 h1:Z1Ok1YsijYL0CSJpHt4cS3wDDh7p572grzNrBMiMWgE= | ||||
| go.opentelemetry.io/otel/trace v1.16.0 h1:8JRpaObFoW0pxuVPapkgH8UhHQj+bJW8jJsCZEu5MQs= | ||||
| go.opentelemetry.io/otel/trace v1.16.0/go.mod h1:Yt9vYq1SdNz3xdjZZK7wcXv1qv2pwLkqr2QVwea0ef0= | ||||
| go.opentelemetry.io/otel v1.19.0 h1:MuS/TNf4/j4IXsZuJegVzI1cwut7Qc00344rgH7p8bs= | ||||
| go.opentelemetry.io/otel v1.19.0/go.mod h1:i0QyjOq3UPoTzff0PJB2N66fb4S0+rSbSB15/oyH9fY= | ||||
| go.opentelemetry.io/otel/metric v1.19.0 h1:aTzpGtV0ar9wlV4Sna9sdJyII5jTVJEvKETPiOKwvpE= | ||||
| go.opentelemetry.io/otel/metric v1.19.0/go.mod h1:L5rUsV9kM1IxCj1MmSdS+JQAcVm319EUrDVLrt7jqt8= | ||||
| go.opentelemetry.io/otel/sdk v1.19.0 h1:6USY6zH+L8uMH8L3t1enZPR3WFEmSTADlqldyHtJi3o= | ||||
| go.opentelemetry.io/otel/trace v1.19.0 h1:DFVQmlVbfVeOuBRrwdtaehRrWiL1JoVs9CPIQ1Dzxpg= | ||||
| go.opentelemetry.io/otel/trace v1.19.0/go.mod h1:mfaSyvGyEJEI0nyV2I4qhNQnbBOUUmYZpYojqMnX2vo= | ||||
| go.opentelemetry.io/proto/otlp v0.7.0/go.mod h1:PqfVotwruBrMGOCsRd/89rSnXhoiJIqeYNgFYFoEGnI= | ||||
| go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= | ||||
| go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= | ||||
|  | @ -1265,8 +1267,8 @@ golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4Iltr | |||
| golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||||
| golang.org/x/oauth2 v0.0.0-20191202225959-858c2ad4c8b6/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||||
| golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= | ||||
| golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY= | ||||
| golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0= | ||||
| golang.org/x/oauth2 v0.14.0 h1:P0Vrf/2538nmC0H+pEQ3MNFRRnVR7RlqyVw+bvm26z0= | ||||
| golang.org/x/oauth2 v0.14.0/go.mod h1:lAtNWgaWfL4cm7j2OV8TxGi9Qb7ECORx8DktCY74OwM= | ||||
| golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||||
| golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||||
| golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= | ||||
|  |  | |||
|  | @ -159,8 +159,8 @@ errmsg "no contents in .*" \ | |||
|        "Error: context must be a directory: .*" \ | ||||
|        "bud with specified context should fail if context contains empty Dockerfile" | ||||
| 
 | ||||
| errmsg "checking authfile: stat /tmp/nonexistent: no such file or directory" \ | ||||
|        "Error: checking authfile: stat /tmp/nonexistent: no such file or directory" \ | ||||
| errmsg "credential file is not accessible: stat /tmp/nonexistent: no such file or directory" \ | ||||
|        "Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory" \ | ||||
|        "bud with Containerfile should fail with nonexistent authfile" | ||||
| 
 | ||||
| errmsg "cannot find Containerfile or Dockerfile" \ | ||||
|  |  | |||
|  | @ -168,7 +168,7 @@ var _ = Describe("Podman login and logout", func() { | |||
| 		session = podmanTest.Podman([]string{"push", "-q", "--authfile", "/tmp/nonexistent", ALPINE, testImg}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).To(ExitWithError()) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: checking authfile: stat /tmp/nonexistent: no such file or directory")) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) | ||||
| 
 | ||||
| 		session = podmanTest.Podman([]string{"push", "-q", "--authfile", authFile, ALPINE, testImg}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
|  | @ -182,13 +182,52 @@ var _ = Describe("Podman login and logout", func() { | |||
| 		session = podmanTest.Podman([]string{"logout", "--authfile", "/tmp/nonexistent", server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).To(ExitWithError()) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: checking authfile: stat /tmp/nonexistent: no such file or directory")) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) | ||||
| 
 | ||||
| 		session = podmanTest.Podman([]string{"logout", "--authfile", authFile, server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).Should(ExitCleanly()) | ||||
| 	}) | ||||
| 
 | ||||
| 	It("podman login and logout --compat-auth-file flag handling", func() { | ||||
| 		// A minimal smoke test
 | ||||
| 		compatAuthFile := filepath.Join(podmanTest.TempDir, "config.json") | ||||
| 		session := podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", "--compat-auth-file", compatAuthFile, server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).Should(ExitCleanly()) | ||||
| 
 | ||||
| 		readAuthInfo(compatAuthFile) | ||||
| 
 | ||||
| 		session = podmanTest.Podman([]string{"logout", "--compat-auth-file", compatAuthFile, server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).Should(ExitCleanly()) | ||||
| 
 | ||||
| 		// logout should fail with nonexistent authfile
 | ||||
| 		session = podmanTest.Podman([]string{"logout", "--compat-auth-file", "/tmp/nonexistent", server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).To(ExitWithError()) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) | ||||
| 
 | ||||
| 		// inconsistent command line flags are rejected
 | ||||
| 		// Pre-create the files to make sure we are not hitting the “file not found” path
 | ||||
| 		authFile := filepath.Join(podmanTest.TempDir, "auth.json") | ||||
| 		err := os.WriteFile(authFile, []byte("{}"), 0o700) | ||||
| 		Expect(err).ToNot(HaveOccurred()) | ||||
| 		err = os.WriteFile(compatAuthFile, []byte("{}"), 0o700) | ||||
| 		Expect(err).ToNot(HaveOccurred()) | ||||
| 
 | ||||
| 		session = podmanTest.Podman([]string{"login", "--username", "podmantest", "--password", "test", | ||||
| 			"--authfile", authFile, "--compat-auth-file", compatAuthFile, server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).To(ExitWithError()) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously")) | ||||
| 
 | ||||
| 		session = podmanTest.Podman([]string{"logout", "--authfile", authFile, "--compat-auth-file", compatAuthFile, server}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).To(ExitWithError()) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously")) | ||||
| 	}) | ||||
| 
 | ||||
| 	It("podman manifest with --authfile", func() { | ||||
| 		os.Unsetenv("REGISTRY_AUTH_FILE") | ||||
| 
 | ||||
|  |  | |||
|  | @ -172,7 +172,7 @@ var _ = Describe("Podman pull", func() { | |||
| 		session := podmanTest.Podman([]string{"pull", "-q", "--authfile", "/tmp/nonexistent", ALPINE}) | ||||
| 		session.WaitWithDefaultTimeout() | ||||
| 		Expect(session).To(ExitWithError()) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: checking authfile: stat /tmp/nonexistent: no such file or directory")) | ||||
| 		Expect(session.ErrorToString()).To(Equal("Error: credential file is not accessible: stat /tmp/nonexistent: no such file or directory")) | ||||
| 	}) | ||||
| 
 | ||||
| 	It("podman pull by digest (image list)", func() { | ||||
|  |  | |||
|  | @ -1297,12 +1297,12 @@ search               | $IMAGE           | | |||
|         if [[ "$args" = "''" ]]; then args=;fi | ||||
| 
 | ||||
|         run_podman 125 $command --authfile=$bogus $args | ||||
|         assert "$output" = "Error: checking authfile: stat $bogus: no such file or directory" \ | ||||
|         assert "$output" = "Error: credential file is not accessible: stat $bogus: no such file or directory" \ | ||||
|            "$command --authfile=nonexistent-path" | ||||
| 
 | ||||
|         if [[ "$command" != "logout" ]]; then | ||||
|            REGISTRY_AUTH_FILE=$bogus run_podman ? $command $args | ||||
|            assert "$output" !~ "checking authfile" \ | ||||
|            assert "$output" !~ "credential file is not accessible" \ | ||||
|               "$command REGISTRY_AUTH_FILE=nonexistent-path" | ||||
|         fi | ||||
|     done < <(parse_table "$tests") | ||||
|  |  | |||
|  | @ -80,6 +80,17 @@ function setup() { | |||
|     is "$output" "{}" "credentials removed from $authfile" | ||||
| } | ||||
| 
 | ||||
| @test "podman login inconsistent authfiles" { | ||||
|     ambiguous_file=${PODMAN_LOGIN_WORKDIR}/ambiguous-auth.json | ||||
|     echo '{}' > $ambiguous_file # To make sure we are not hitting the “file not found” path | ||||
| 
 | ||||
|     run_podman 125 login --authfile "$ambiguous_file" --compat-auth-file "$ambiguous_file" localhost:5000 | ||||
|     assert "$output" =~ "Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously" | ||||
| 
 | ||||
|     run_podman 125 logout --authfile "$ambiguous_file" --compat-auth-file "$ambiguous_file" localhost:5000 | ||||
|     assert "$output" =~ "Error: options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously" | ||||
| } | ||||
| 
 | ||||
| # Some push tests | ||||
| @test "podman push fail" { | ||||
| 
 | ||||
|  |  | |||
|  | @ -756,7 +756,7 @@ spec: | |||
|     bogus=$PODMAN_TMPDIR/bogus-authfile | ||||
| 
 | ||||
|     run_podman 125 kube play --authfile=$bogus - < $PODMAN_TMPDIR/test.yaml | ||||
|     is "$output" "Error: checking authfile: stat $bogus: no such file or directory" "$command should fail with not such file" | ||||
|     is "$output" "Error: credential file is not accessible: stat $bogus: no such file or directory" "$command should fail with not such file" | ||||
| } | ||||
| 
 | ||||
| @test "podman kube play with umask from containers.conf" { | ||||
|  |  | |||
|  | @ -27,8 +27,8 @@ env: | |||
|     #### | ||||
|     # GCE project where images live | ||||
|     IMAGE_PROJECT: "libpod-218412" | ||||
|     FEDORA_NAME: "fedora-38" | ||||
|     PRIOR_FEDORA_NAME: "fedora-37" | ||||
|     FEDORA_NAME: "fedora-39β" | ||||
|     PRIOR_FEDORA_NAME: "fedora-38" | ||||
|     DEBIAN_NAME: "debian-13" | ||||
| 
 | ||||
|     # Image identifiers | ||||
|  | @ -120,7 +120,7 @@ vendor_task: | |||
| 
 | ||||
|     # Runs within Cirrus's "community cluster" | ||||
|     container: | ||||
|         image: docker.io/library/golang:1.18 | ||||
|         image: docker.io/library/golang:1.20 | ||||
|         cpu: 1 | ||||
|         memory: 1 | ||||
| 
 | ||||
|  |  | |||
|  | @ -192,13 +192,13 @@ tests/testreport/testreport: tests/testreport/testreport.go | |||
| .PHONY: test-unit | ||||
| test-unit: tests/testreport/testreport | ||||
| 	$(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)" -cover $(RACEFLAGS) $(shell $(GO) list ./... | grep -v vendor | grep -v tests | grep -v cmd | grep -v chroot | grep -v copier) -timeout 45m | ||||
| 	$(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)"        $(RACEFLAGS) ./chroot ./copier -timeout 45m | ||||
| 	$(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)"        $(RACEFLAGS) ./chroot ./copier -timeout 60m | ||||
| 	tmp=$(shell mktemp -d) ; \
 | ||||
| 	mkdir -p $$tmp/root $$tmp/runroot; \
 | ||||
| 	$(GO_TEST) -v -tags "$(STORAGETAGS) $(SECURITYTAGS)" -cover $(RACEFLAGS) ./cmd/buildah -args --root $$tmp/root --runroot $$tmp/runroot --storage-driver vfs --signature-policy $(shell pwd)/tests/policy.json --registries-conf $(shell pwd)/tests/registries.conf | ||||
| 
 | ||||
| vendor-in-container: | ||||
| 	podman run --privileged --rm --env HOME=/root -v `pwd`:/src -w /src docker.io/library/golang:1.18 make vendor | ||||
| 	podman run --privileged --rm --env HOME=/root -v `pwd`:/src -w /src docker.io/library/golang:1.20 make vendor | ||||
| 
 | ||||
| .PHONY: vendor | ||||
| vendor: | ||||
|  |  | |||
|  | @ -22,6 +22,7 @@ import ( | |||
| 	"github.com/containers/storage/pkg/fileutils" | ||||
| 	"github.com/containers/storage/pkg/idtools" | ||||
| 	"github.com/hashicorp/go-multierror" | ||||
| 	digest "github.com/opencontainers/go-digest" | ||||
| 	"github.com/opencontainers/runc/libcontainer/userns" | ||||
| 	"github.com/opencontainers/runtime-spec/specs-go" | ||||
| 	"github.com/sirupsen/logrus" | ||||
|  | @ -35,6 +36,9 @@ type AddAndCopyOptions struct { | |||
| 	// newly-added content, potentially overriding permissions which would
 | ||||
| 	// otherwise be set to 0:0.
 | ||||
| 	Chown string | ||||
| 	// Checksum is a standard container digest string (e.g. <algorithm>:<digest>)
 | ||||
| 	// and is the expected hash of the content being copied.
 | ||||
| 	Checksum string | ||||
| 	// PreserveOwnership, if Chown is not set, tells us to avoid setting
 | ||||
| 	// ownership of copied items to 0:0, instead using whatever ownership
 | ||||
| 	// information is already set.  Not meaningful for remote sources or
 | ||||
|  | @ -77,7 +81,7 @@ func sourceIsRemote(source string) bool { | |||
| } | ||||
| 
 | ||||
| // getURL writes a tar archive containing the named content
 | ||||
| func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, writer io.Writer, chmod *os.FileMode) error { | ||||
| func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, writer io.Writer, chmod *os.FileMode, srcDigest digest.Digest) error { | ||||
| 	url, err := url.Parse(src) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
|  | @ -110,7 +114,7 @@ func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, | |||
| 	} | ||||
| 	// Figure out the size of the content.
 | ||||
| 	size := response.ContentLength | ||||
| 	responseBody := response.Body | ||||
| 	var responseBody io.Reader = response.Body | ||||
| 	if size < 0 { | ||||
| 		// Create a temporary file and copy the content to it, so that
 | ||||
| 		// we can figure out how much content there is.
 | ||||
|  | @ -130,6 +134,11 @@ func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, | |||
| 		} | ||||
| 		responseBody = f | ||||
| 	} | ||||
| 	var digester digest.Digester | ||||
| 	if srcDigest != "" { | ||||
| 		digester = srcDigest.Algorithm().Digester() | ||||
| 		responseBody = io.TeeReader(responseBody, digester.Hash()) | ||||
| 	} | ||||
| 	// Write the output archive.  Set permissions for compatibility.
 | ||||
| 	tw := tar.NewWriter(writer) | ||||
| 	defer tw.Close() | ||||
|  | @ -161,6 +170,12 @@ func getURL(src string, chown *idtools.IDPair, mountpoint, renameTarget string, | |||
| 		return fmt.Errorf("writing content from %q to tar stream: %w", src, err) | ||||
| 	} | ||||
| 
 | ||||
| 	if digester != nil { | ||||
| 		if responseDigest := digester.Digest(); responseDigest != srcDigest { | ||||
| 			return fmt.Errorf("unexpected response digest for %q: %s, want %s", src, responseDigest, srcDigest) | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
|  | @ -392,9 +407,16 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption | |||
| 		var wg sync.WaitGroup | ||||
| 		if sourceIsRemote(src) { | ||||
| 			pipeReader, pipeWriter := io.Pipe() | ||||
| 			var srcDigest digest.Digest | ||||
| 			if options.Checksum != "" { | ||||
| 				srcDigest, err = digest.Parse(options.Checksum) | ||||
| 				if err != nil { | ||||
| 					return fmt.Errorf("invalid checksum flag: %w", err) | ||||
| 				} | ||||
| 			} | ||||
| 			wg.Add(1) | ||||
| 			go func() { | ||||
| 				getErr = getURL(src, chownFiles, mountPoint, renameTarget, pipeWriter, chmodDirsFiles) | ||||
| 				getErr = getURL(src, chownFiles, mountPoint, renameTarget, pipeWriter, chmodDirsFiles, srcDigest) | ||||
| 				pipeWriter.Close() | ||||
| 				wg.Done() | ||||
| 			}() | ||||
|  | @ -441,6 +463,10 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption | |||
| 			continue | ||||
| 		} | ||||
| 
 | ||||
| 		if options.Checksum != "" { | ||||
| 			return fmt.Errorf("checksum flag is not supported for local sources") | ||||
| 		} | ||||
| 
 | ||||
| 		// Dig out the result of running glob+stat on this source spec.
 | ||||
| 		var localSourceStat *copier.StatsForGlob | ||||
| 		for _, st := range localSourceStats { | ||||
|  |  | |||
|  | @ -3,7 +3,6 @@ package buildah | |||
| import ( | ||||
| 	"context" | ||||
| 	"encoding/json" | ||||
| 	"errors" | ||||
| 	"fmt" | ||||
| 	"io" | ||||
| 	"os" | ||||
|  | @ -22,7 +21,6 @@ import ( | |||
| 	"github.com/containers/image/v5/transports" | ||||
| 	"github.com/containers/image/v5/types" | ||||
| 	encconfig "github.com/containers/ocicrypt/config" | ||||
| 	"github.com/containers/storage" | ||||
| 	"github.com/containers/storage/pkg/archive" | ||||
| 	"github.com/containers/storage/pkg/stringid" | ||||
| 	digest "github.com/opencontainers/go-digest" | ||||
|  | @ -358,7 +356,7 @@ func (b *Builder) Commit(ctx context.Context, dest types.ImageReference, options | |||
| 	if len(options.AdditionalTags) > 0 { | ||||
| 		switch dest.Transport().Name() { | ||||
| 		case is.Transport.Name(): | ||||
| 			img, err := is.Transport.GetStoreImage(b.store, dest) | ||||
| 			_, img, err := is.ResolveReference(dest) | ||||
| 			if err != nil { | ||||
| 				return imgID, nil, "", fmt.Errorf("locating just-written image %q: %w", transports.ImageName(dest), err) | ||||
| 			} | ||||
|  | @ -371,11 +369,12 @@ func (b *Builder) Commit(ctx context.Context, dest types.ImageReference, options | |||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	img, err := is.Transport.GetStoreImage(b.store, dest) | ||||
| 	if err != nil && !errors.Is(err, storage.ErrImageUnknown) { | ||||
| 		return imgID, nil, "", fmt.Errorf("locating image %q in local storage: %w", transports.ImageName(dest), err) | ||||
| 	} | ||||
| 	if err == nil { | ||||
| 	if dest.Transport().Name() == is.Transport.Name() { | ||||
| 		dest2, img, err := is.ResolveReference(dest) | ||||
| 		if err != nil { | ||||
| 			return imgID, nil, "", fmt.Errorf("locating image %q in local storage: %w", transports.ImageName(dest), err) | ||||
| 		} | ||||
| 		dest = dest2 | ||||
| 		imgID = img.ID | ||||
| 		toPruneNames := make([]string, 0, len(img.Names)) | ||||
| 		for _, name := range img.Names { | ||||
|  | @ -388,11 +387,6 @@ func (b *Builder) Commit(ctx context.Context, dest types.ImageReference, options | |||
| 				return imgID, nil, "", fmt.Errorf("failed to remove temporary name from image %q: %w", imgID, err) | ||||
| 			} | ||||
| 			logrus.Debugf("removing %v from assigned names to image %q", nameToRemove, img.ID) | ||||
| 			dest2, err := is.Transport.ParseStoreReference(b.store, "@"+imgID) | ||||
| 			if err != nil { | ||||
| 				return imgID, nil, "", fmt.Errorf("creating unnamed destination reference for image: %w", err) | ||||
| 			} | ||||
| 			dest = dest2 | ||||
| 		} | ||||
| 		if options.IIDFile != "" { | ||||
| 			if err = os.WriteFile(options.IIDFile, []byte("sha256:"+img.ID), 0644); err != nil { | ||||
|  |  | |||
|  | @ -58,8 +58,8 @@ const ( | |||
| type TeeType string | ||||
| 
 | ||||
| var ( | ||||
| 	// DefaultCapabilities is the list of capabilities which we grant by
 | ||||
| 	// default to containers which are running under UID 0.
 | ||||
| 	// Deprecated: DefaultCapabilities values should be retrieved from
 | ||||
| 	// github.com/containers/common/pkg/config
 | ||||
| 	DefaultCapabilities = []string{ | ||||
| 		"CAP_AUDIT_WRITE", | ||||
| 		"CAP_CHOWN", | ||||
|  | @ -75,8 +75,8 @@ var ( | |||
| 		"CAP_SETUID", | ||||
| 		"CAP_SYS_CHROOT", | ||||
| 	} | ||||
| 	// DefaultNetworkSysctl is the list of Kernel parameters which we
 | ||||
| 	// grant by default to containers which are running under UID 0.
 | ||||
| 	// Deprecated: DefaultNetworkSysctl values should be retrieved from
 | ||||
| 	// github.com/containers/common/pkg/config
 | ||||
| 	DefaultNetworkSysctl = map[string]string{ | ||||
| 		"net.ipv4.ping_group_range": "0 0", | ||||
| 	} | ||||
|  |  | |||
|  | @ -286,6 +286,18 @@ func (i *containerImageRef) createConfigsAndManifests() (v1.Image, v1.Manifest, | |||
| 	} | ||||
| 	// Always replace this value, since we're newer than our base image.
 | ||||
| 	dimage.Created = created | ||||
| 	// Clear the list of diffIDs, since we always repopulate it.
 | ||||
| 	dimage.RootFS = &docker.V2S2RootFS{} | ||||
| 	dimage.RootFS.Type = docker.TypeLayers | ||||
| 	dimage.RootFS.DiffIDs = []digest.Digest{} | ||||
| 	// Only clear the history if we're squashing, otherwise leave it be so
 | ||||
| 	// that we can append entries to it.  Clear the parent, too, we no
 | ||||
| 	// longer include its layers and history.
 | ||||
| 	if i.confidentialWorkload.Convert || i.squash || i.omitHistory { | ||||
| 		dimage.Parent = "" | ||||
| 		dimage.History = []docker.V2S2History{} | ||||
| 	} | ||||
| 
 | ||||
| 	// If we're producing a confidential workload, override the command and
 | ||||
| 	// assorted other settings that aren't expected to work correctly.
 | ||||
| 	if i.confidentialWorkload.Convert { | ||||
|  | @ -304,17 +316,6 @@ func (i *containerImageRef) createConfigsAndManifests() (v1.Image, v1.Manifest, | |||
| 		dimage.Config.ExposedPorts = nil | ||||
| 		oimage.Config.ExposedPorts = nil | ||||
| 	} | ||||
| 	// Clear the list of diffIDs, since we always repopulate it.
 | ||||
| 	dimage.RootFS = &docker.V2S2RootFS{} | ||||
| 	dimage.RootFS.Type = docker.TypeLayers | ||||
| 	dimage.RootFS.DiffIDs = []digest.Digest{} | ||||
| 	// Only clear the history if we're squashing, otherwise leave it be so
 | ||||
| 	// that we can append entries to it.  Clear the parent, too, we no
 | ||||
| 	// longer include its layers and history.
 | ||||
| 	if i.confidentialWorkload.Convert || i.squash || i.omitHistory { | ||||
| 		dimage.Parent = "" | ||||
| 		dimage.History = []docker.V2S2History{} | ||||
| 	} | ||||
| 
 | ||||
| 	// Build empty manifests.  The Layers lists will be populated later.
 | ||||
| 	omanifest := v1.Manifest{ | ||||
|  |  | |||
|  | @ -15,6 +15,7 @@ import ( | |||
| 	"sync" | ||||
| 
 | ||||
| 	"github.com/containerd/containerd/platforms" | ||||
| 	"github.com/containers/buildah" | ||||
| 	"github.com/containers/buildah/define" | ||||
| 	internalUtil "github.com/containers/buildah/internal/util" | ||||
| 	"github.com/containers/buildah/pkg/parse" | ||||
|  | @ -267,6 +268,9 @@ func BuildDockerfiles(ctx context.Context, store storage.Store, options define.B | |||
| 			} | ||||
| 			thisID, thisRef, err := buildDockerfilesOnce(ctx, store, loggerPerPlatform, logPrefix, platformOptions, paths, files) | ||||
| 			if err != nil { | ||||
| 				if errorContext := strings.TrimSpace(logPrefix); errorContext != "" { | ||||
| 					return fmt.Errorf("%s: %w", errorContext, err) | ||||
| 				} | ||||
| 				return err | ||||
| 			} | ||||
| 			instancesLock.Lock() | ||||
|  | @ -669,7 +673,7 @@ func baseImages(dockerfilenames []string, dockerfilecontents [][]byte, from stri | |||
| 							} | ||||
| 						} | ||||
| 						base := child.Next.Value | ||||
| 						if base != "scratch" && !nicknames[base] { | ||||
| 						if base != "" && base != buildah.BaseImageFakeName && !nicknames[base] { | ||||
| 							headingArgs := argsMapToSlice(stage.Builder.HeadingArgs) | ||||
| 							userArgs := argsMapToSlice(stage.Builder.Args) | ||||
| 							// append heading args so if --build-arg key=value is not
 | ||||
|  |  | |||
|  | @ -762,7 +762,7 @@ func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) (image | |||
| 							b.fromOverride = "" | ||||
| 						} | ||||
| 						base := child.Next.Value | ||||
| 						if base != "scratch" { | ||||
| 						if base != "" && base != buildah.BaseImageFakeName { | ||||
| 							if replaceBuildContext, ok := b.additionalBuildContexts[child.Next.Value]; ok { | ||||
| 								if replaceBuildContext.IsImage { | ||||
| 									child.Next.Value = replaceBuildContext.Value | ||||
|  | @ -1018,7 +1018,7 @@ func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) (image | |||
| 	if dest, err := b.resolveNameToImageRef(b.output); err == nil { | ||||
| 		switch dest.Transport().Name() { | ||||
| 		case storageTransport.Transport.Name(): | ||||
| 			img, err := storageTransport.Transport.GetStoreImage(b.store, dest) | ||||
| 			_, img, err := storageTransport.ResolveReference(dest) | ||||
| 			if err != nil { | ||||
| 				return imageID, ref, fmt.Errorf("locating just-written image %q: %w", transports.ImageName(dest), err) | ||||
| 			} | ||||
|  | @ -1029,7 +1029,7 @@ func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) (image | |||
| 				logrus.Debugf("assigned names %v to image %q", img.Names, img.ID) | ||||
| 			} | ||||
| 			// Report back the caller the tags applied, if any.
 | ||||
| 			img, err = storageTransport.Transport.GetStoreImage(b.store, dest) | ||||
| 			_, img, err = storageTransport.ResolveReference(dest) | ||||
| 			if err != nil { | ||||
| 				return imageID, ref, fmt.Errorf("locating just-written image %q: %w", transports.ImageName(dest), err) | ||||
| 			} | ||||
|  |  | |||
|  | @ -473,6 +473,7 @@ func (s *StageExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) err | |||
| 		options := buildah.AddAndCopyOptions{ | ||||
| 			Chmod:             copy.Chmod, | ||||
| 			Chown:             copy.Chown, | ||||
| 			Checksum:          copy.Checksum, | ||||
| 			PreserveOwnership: preserveOwnership, | ||||
| 			ContextDir:        contextDir, | ||||
| 			Excludes:          copyExcludes, | ||||
|  | @ -1040,57 +1041,34 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, | |||
| 
 | ||||
| 	if len(children) == 0 { | ||||
| 		// There are no steps.
 | ||||
| 		if s.builder.FromImageID == "" || s.executor.squash { | ||||
| 		if s.builder.FromImageID == "" || s.executor.squash || s.executor.confidentialWorkload.Convert || len(s.executor.labels) > 0 || len(s.executor.annotations) > 0 || len(s.executor.unsetEnvs) > 0 || len(s.executor.unsetLabels) > 0 { | ||||
| 			// We either don't have a base image, or we need to
 | ||||
| 			// squash the contents of the base image.  Whichever is
 | ||||
| 			// the case, we need to commit() to create a new image.
 | ||||
| 			// transform the contents of the base image, or we need
 | ||||
| 			// to make some changes to just the config blob.  Whichever
 | ||||
| 			// is the case, we need to commit() to create a new image.
 | ||||
| 			logCommit(s.output, -1) | ||||
| 			emptyLayer := false | ||||
| 			if s.builder.FromImageID == "" { | ||||
| 				// No base image means there's nothing to put in a
 | ||||
| 				// layer, so don't create one.
 | ||||
| 				emptyLayer = true | ||||
| 			} | ||||
| 			// No base image means there's nothing to put in a
 | ||||
| 			// layer, so don't create one.
 | ||||
| 			emptyLayer := (s.builder.FromImageID == "") | ||||
| 			if imgID, ref, err = s.commit(ctx, s.getCreatedBy(nil, ""), emptyLayer, s.output, s.executor.squash, lastStage); err != nil { | ||||
| 				return "", nil, false, fmt.Errorf("committing base container: %w", err) | ||||
| 			} | ||||
| 			// Generate build output if needed.
 | ||||
| 			if canGenerateBuildOutput { | ||||
| 				if err := s.generateBuildOutput(buildOutputOption); err != nil { | ||||
| 					return "", nil, false, err | ||||
| 				} | ||||
| 			} | ||||
| 		} else if len(s.executor.labels) > 0 || len(s.executor.annotations) > 0 { | ||||
| 			// The image would be modified by the labels passed
 | ||||
| 			// via the command line, so we need to commit.
 | ||||
| 			logCommit(s.output, -1) | ||||
| 			if imgID, ref, err = s.commit(ctx, s.getCreatedBy(stage.Node, ""), true, s.output, s.executor.squash, lastStage); err != nil { | ||||
| 				return "", nil, false, err | ||||
| 			} | ||||
| 			// Generate build output if needed.
 | ||||
| 			if canGenerateBuildOutput { | ||||
| 				if err := s.generateBuildOutput(buildOutputOption); err != nil { | ||||
| 					return "", nil, false, err | ||||
| 				} | ||||
| 			} | ||||
| 		} else { | ||||
| 			// We don't need to squash the base image, and the
 | ||||
| 			// image wouldn't be modified by the command line
 | ||||
| 			// options, so just reuse the base image.
 | ||||
| 			// We don't need to squash or otherwise transform the
 | ||||
| 			// base image, and the image wouldn't be modified by
 | ||||
| 			// the command line options, so just reuse the base
 | ||||
| 			// image.
 | ||||
| 			logCommit(s.output, -1) | ||||
| 			if imgID, ref, err = s.tagExistingImage(ctx, s.builder.FromImageID, s.output); err != nil { | ||||
| 				return "", nil, onlyBaseImage, err | ||||
| 			} | ||||
| 			onlyBaseImage = true | ||||
| 			// If we have reached this point then our build is just performing a tag
 | ||||
| 			// and it contains no steps or instructions (i.e Containerfile only contains
 | ||||
| 			// `FROM <imagename> and nothing else so we will never end up committing this
 | ||||
| 			// but instead just re-tag image. For such use-cases if `-o` or `--output` was
 | ||||
| 			// specified honor that and export the contents of the current build anyways.
 | ||||
| 			if canGenerateBuildOutput { | ||||
| 				if err := s.generateBuildOutput(buildOutputOption); err != nil { | ||||
| 					return "", nil, onlyBaseImage, err | ||||
| 				} | ||||
| 		} | ||||
| 		// Generate build output from the new image, or the preexisting
 | ||||
| 		// one if we didn't actually do anything, if needed.
 | ||||
| 		if canGenerateBuildOutput { | ||||
| 			if err := s.generateBuildOutput(buildOutputOption); err != nil { | ||||
| 				return "", nil, onlyBaseImage, err | ||||
| 			} | ||||
| 		} | ||||
| 		logImageID(imgID) | ||||
|  | @ -1118,13 +1096,13 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, | |||
| 			if command == "COPY" && (flag == "--chmod" || flag == "--chown" || flag == "--from") { | ||||
| 				return "", nil, false, fmt.Errorf("COPY only supports the --chmod=<permissions> --chown=<uid:gid> and the --from=<image|stage> flags") | ||||
| 			} | ||||
| 			if command == "ADD" && (flag == "--chmod" || flag == "--chown") { | ||||
| 				return "", nil, false, fmt.Errorf("ADD only supports the --chmod=<permissions> and the --chown=<uid:gid> flags") | ||||
| 			if command == "ADD" && (flag == "--chmod" || flag == "--chown" || flag == "--checksum") { | ||||
| 				return "", nil, false, fmt.Errorf("ADD only supports the --chmod=<permissions>, --chown=<uid:gid>, and --checksum=<checksum> flags") | ||||
| 			} | ||||
| 			if strings.Contains(flag, "--from") && command == "COPY" { | ||||
| 				arr := strings.Split(flag, "=") | ||||
| 				if len(arr) != 2 { | ||||
| 					return "", nil, false, fmt.Errorf("%s: invalid --from flag, should be --from=<name|stage>", command) | ||||
| 					return "", nil, false, fmt.Errorf("%s: invalid --from flag %q, should be --from=<name|stage>", command, flag) | ||||
| 				} | ||||
| 				// If arr[1] has an argument within it, resolve it to its
 | ||||
| 				// value.  Otherwise just return the value found.
 | ||||
|  | @ -1415,7 +1393,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, | |||
| 		} | ||||
| 
 | ||||
| 		// Note: If the build has squash, we must try to re-use as many layers as possible if cache is found.
 | ||||
| 		// So only perform commit if its the lastInstruction of lastStage.
 | ||||
| 		// So only perform commit if it's the lastInstruction of lastStage.
 | ||||
| 		if cacheID != "" { | ||||
| 			logCacheHit(cacheID) | ||||
| 			// A suitable cached image was found, so we can just
 | ||||
|  | @ -1439,7 +1417,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, | |||
| 			// While committing we always set squash to false here
 | ||||
| 			// because at this point we want to save history for
 | ||||
| 			// layers even if its a squashed build so that they
 | ||||
| 			// can be part of build-cache.
 | ||||
| 			// can be part of the build cache.
 | ||||
| 			imgID, ref, err = s.commit(ctx, s.getCreatedBy(node, addedContentSummary), !s.stepRequiresLayer(step), commitName, false, lastStage && lastInstruction) | ||||
| 			if err != nil { | ||||
| 				return "", nil, false, fmt.Errorf("committing container for step %+v: %w", *step, err) | ||||
|  | @ -1470,7 +1448,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, | |||
| 		} | ||||
| 
 | ||||
| 		if lastInstruction && lastStage { | ||||
| 			if s.executor.squash { | ||||
| 			if s.executor.squash || s.executor.confidentialWorkload.Convert { | ||||
| 				// Create a squashed version of this image
 | ||||
| 				// if we're supposed to create one and this
 | ||||
| 				// is the last instruction of the last stage.
 | ||||
|  | @ -1531,6 +1509,7 @@ func (s *StageExecutor) Execute(ctx context.Context, base string) (imgID string, | |||
| 			} | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	return imgID, ref, onlyBaseImage, nil | ||||
| } | ||||
| 
 | ||||
|  | @ -1752,7 +1731,7 @@ func (s *StageExecutor) tagExistingImage(ctx context.Context, cacheID, output st | |||
| 	if err != nil { | ||||
| 		return "", nil, fmt.Errorf("computing digest of manifest for image %q: %w", cacheID, err) | ||||
| 	} | ||||
| 	img, err := is.Transport.GetStoreImage(s.executor.store, dest) | ||||
| 	_, img, err := is.ResolveReference(dest) | ||||
| 	if err != nil { | ||||
| 		return "", nil, fmt.Errorf("locating new copy of image %q (i.e., %q): %w", cacheID, transports.ImageName(dest), err) | ||||
| 	} | ||||
|  |  | |||
										
											Binary file not shown.
										
									
								
							|  | @ -8,7 +8,7 @@ import ( | |||
| 	"github.com/sirupsen/logrus" | ||||
| ) | ||||
| 
 | ||||
| // GetTempDir returns base for a temporary directory on host.
 | ||||
| // GetTempDir returns the path of the preferred temporary directory on the host.
 | ||||
| func GetTempDir() string { | ||||
| 	if tmpdir, ok := os.LookupEnv("TMPDIR"); ok { | ||||
| 		abs, err := filepath.Abs(tmpdir) | ||||
|  |  | |||
|  | @ -140,7 +140,7 @@ func newBuilder(ctx context.Context, store storage.Store, options BuilderOptions | |||
| 
 | ||||
| 	systemContext := getSystemContext(store, options.SystemContext, options.SignaturePolicyPath) | ||||
| 
 | ||||
| 	if options.FromImage != "" && options.FromImage != "scratch" { | ||||
| 	if options.FromImage != "" && options.FromImage != BaseImageFakeName { | ||||
| 		imageRuntime, err := libimage.RuntimeFromStore(store, &libimage.RuntimeOptions{SystemContext: systemContext}) | ||||
| 		if err != nil { | ||||
| 			return nil, err | ||||
|  |  | |||
|  | @ -196,7 +196,7 @@ func GetNameSpaceFlagsCompletions() commonComp.FlagCompletions { | |||
| func GetLayerFlags(flags *LayerResults) pflag.FlagSet { | ||||
| 	fs := pflag.FlagSet{} | ||||
| 	fs.BoolVar(&flags.ForceRm, "force-rm", false, "always remove intermediate containers after a build, even if the build is unsuccessful.") | ||||
| 	fs.BoolVar(&flags.Layers, "layers", UseLayers(), "cache intermediate layers during build. Use BUILDAH_LAYERS environment variable to override.") | ||||
| 	fs.BoolVar(&flags.Layers, "layers", UseLayers(), "use intermediate layers during build. Use BUILDAH_LAYERS environment variable to override.") | ||||
| 	return fs | ||||
| } | ||||
| 
 | ||||
|  | @ -276,7 +276,7 @@ func GetBudFlags(flags *BudResults) pflag.FlagSet { | |||
| 		panic(fmt.Sprintf("error marking the signature-policy flag as hidden: %v", err)) | ||||
| 	} | ||||
| 	fs.BoolVar(&flags.SkipUnusedStages, "skip-unused-stages", true, "skips stages in multi-stage builds which do not affect the final target") | ||||
| 	fs.BoolVar(&flags.Squash, "squash", false, "squash newly built layers into a single new layer") | ||||
| 	fs.BoolVar(&flags.Squash, "squash", false, "squash all image layers into a single layer") | ||||
| 	fs.StringArrayVar(&flags.SSH, "ssh", []string{}, "SSH agent socket or keys to expose to the build. (format: default|<id>[=<socket>|<key>[,<key>]])") | ||||
| 	fs.BoolVar(&flags.Stdin, "stdin", false, "pass stdin into containers") | ||||
| 	fs.StringArrayVarP(&flags.Tag, "tag", "t", []string{}, "tagged `name` to apply to the built image") | ||||
|  | @ -371,7 +371,7 @@ func GetFromAndBudFlags(flags *FromAndBudResults, usernsResults *UserNSResults, | |||
| 	fs.StringVar(&flags.RetryDelay, "retry-delay", PullPushRetryDelay.String(), "delay between retries in case of push/pull failures") | ||||
| 	fs.String("arch", runtime.GOARCH, "set the ARCH of the image to the provided value instead of the architecture of the host") | ||||
| 	fs.String("os", runtime.GOOS, "prefer `OS` instead of the running OS when pulling images") | ||||
| 	fs.StringSlice("platform", []string{parse.DefaultPlatform()}, "set the OS/ARCH/VARIANT of the image to the provided value instead of the current operating system and architecture of the host (for example `linux/arm`)") | ||||
| 	fs.StringSlice("platform", []string{parse.DefaultPlatform()}, "set the `OS/ARCH[/VARIANT]` of the image to the provided value instead of the current operating system and architecture of the host (for example \"linux/arm\")") | ||||
| 	fs.String("variant", "", "override the `variant` of the specified image") | ||||
| 	fs.StringArrayVar(&flags.SecurityOpt, "security-opt", []string{}, "security options (default [])") | ||||
| 	fs.StringVar(&flags.ShmSize, "shm-size", defaultContainerConfig.Containers.ShmSize, "size of '/dev/shm'. The format is `<number><unit>`.") | ||||
|  |  | |||
|  | @ -519,14 +519,10 @@ func DefaultPlatform() string { | |||
| // Platform separates the platform string into os, arch and variant,
 | ||||
| // accepting any of $arch, $os/$arch, or $os/$arch/$variant.
 | ||||
| func Platform(platform string) (os, arch, variant string, err error) { | ||||
| 	if platform == "local" || platform == "" || platform == "/" { | ||||
| 	platform = strings.Trim(platform, "/") | ||||
| 	if platform == "local" || platform == "" { | ||||
| 		return Platform(DefaultPlatform()) | ||||
| 	} | ||||
| 	if platform[len(platform)-1] == '/' || platform[0] == '/' { | ||||
| 		// If --platform string has format as `some/plat/string/`
 | ||||
| 		// or `/some/plat/string` make it `some/plat/string`
 | ||||
| 		platform = strings.Trim(platform, "/") | ||||
| 	} | ||||
| 	platformSpec, err := platforms.Parse(platform) | ||||
| 	if err != nil { | ||||
| 		return "", "", "", fmt.Errorf("invalid platform syntax for --platform=%q: %w", platform, err) | ||||
|  | @ -638,6 +634,11 @@ func GetBuildOutput(buildOutput string) (define.BuildOutputOption, error) { | |||
| 	return define.BuildOutputOption{Path: path, IsDir: isDir, IsStdout: isStdout}, nil | ||||
| } | ||||
| 
 | ||||
| // TeeType parses a string value and returns a TeeType
 | ||||
| func TeeType(teeType string) define.TeeType { | ||||
| 	return define.TeeType(strings.ToLower(teeType)) | ||||
| } | ||||
| 
 | ||||
| // GetConfidentialWorkloadOptions parses a confidential workload settings
 | ||||
| // argument, which controls both whether or not we produce an image that
 | ||||
| // expects to be run using krun, and how we handle things like encrypting
 | ||||
|  | @ -651,7 +652,7 @@ func GetConfidentialWorkloadOptions(arg string) (define.ConfidentialWorkloadOpti | |||
| 		var err error | ||||
| 		switch { | ||||
| 		case strings.HasPrefix(option, "type="): | ||||
| 			options.TeeType = define.TeeType(strings.ToLower(strings.TrimPrefix(option, "type="))) | ||||
| 			options.TeeType = TeeType(strings.TrimPrefix(option, "type=")) | ||||
| 			switch options.TeeType { | ||||
| 			case define.SEV, define.SNP, mkcwtypes.SEV_NO_ES: | ||||
| 			default: | ||||
|  | @ -1069,6 +1070,7 @@ func isValidDeviceMode(mode string) bool { | |||
| 	return true | ||||
| } | ||||
| 
 | ||||
| // GetTempDir returns the path of the preferred temporary directory on the host.
 | ||||
| func GetTempDir() string { | ||||
| 	return tmpdir.GetTempDir() | ||||
| } | ||||
|  |  | |||
|  | @ -5,6 +5,8 @@ import ( | |||
| 	"os" | ||||
| 	"path/filepath" | ||||
| 	"strings" | ||||
| 
 | ||||
| 	"github.com/containers/buildah/pkg/parse" | ||||
| ) | ||||
| 
 | ||||
| // Mirrors path to a tmpfile if path points to a
 | ||||
|  | @ -17,7 +19,7 @@ import ( | |||
| func MirrorToTempFileIfPathIsDescriptor(file string) (string, bool) { | ||||
| 	// one use-case is discussed here
 | ||||
| 	// https://github.com/containers/buildah/issues/3070
 | ||||
| 	if !strings.HasPrefix(file, "/dev/fd") { | ||||
| 	if !strings.HasPrefix(file, "/dev/fd/") { | ||||
| 		return file, false | ||||
| 	} | ||||
| 	b, err := os.ReadFile(file) | ||||
|  | @ -25,10 +27,11 @@ func MirrorToTempFileIfPathIsDescriptor(file string) (string, bool) { | |||
| 		// if anything goes wrong return original path
 | ||||
| 		return file, false | ||||
| 	} | ||||
| 	tmpfile, err := os.CreateTemp(os.TempDir(), "buildah-temp-file") | ||||
| 	tmpfile, err := os.CreateTemp(parse.GetTempDir(), "buildah-temp-file") | ||||
| 	if err != nil { | ||||
| 		return file, false | ||||
| 	} | ||||
| 	defer tmpfile.Close() | ||||
| 	if _, err := tmpfile.Write(b); err != nil { | ||||
| 		// if anything goes wrong return original path
 | ||||
| 		return file, false | ||||
|  |  | |||
|  | @ -773,20 +773,6 @@ func setupNamespaces(logger *logrus.Logger, g *generate.Generator, namespaceOpti | |||
| 		if err := addSysctl([]string{"net"}); err != nil { | ||||
| 			return false, "", false, err | ||||
| 		} | ||||
| 		for name, val := range define.DefaultNetworkSysctl { | ||||
| 			// Check that the sysctl we are adding is actually supported
 | ||||
| 			// by the kernel
 | ||||
| 			p := filepath.Join("/proc/sys", strings.Replace(name, ".", "/", -1)) | ||||
| 			_, err := os.Stat(p) | ||||
| 			if err != nil && !errors.Is(err, os.ErrNotExist) { | ||||
| 				return false, "", false, err | ||||
| 			} | ||||
| 			if err == nil { | ||||
| 				g.AddLinuxSysctl(name, val) | ||||
| 			} else { | ||||
| 				logger.Warnf("ignoring sysctl %s since %s doesn't exist", name, p) | ||||
| 			} | ||||
| 		} | ||||
| 	} | ||||
| 	return configureNetwork, networkString, configureUTS, nil | ||||
| } | ||||
|  | @ -1023,32 +1009,13 @@ func (b *Builder) runSetupVolumeMounts(mountLabel string, volumeMounts []string, | |||
| } | ||||
| 
 | ||||
| func setupMaskedPaths(g *generate.Generator) { | ||||
| 	for _, mp := range []string{ | ||||
| 		"/proc/acpi", | ||||
| 		"/proc/kcore", | ||||
| 		"/proc/keys", | ||||
| 		"/proc/latency_stats", | ||||
| 		"/proc/timer_list", | ||||
| 		"/proc/timer_stats", | ||||
| 		"/proc/sched_debug", | ||||
| 		"/proc/scsi", | ||||
| 		"/sys/firmware", | ||||
| 		"/sys/fs/selinux", | ||||
| 		"/sys/dev", | ||||
| 	} { | ||||
| 	for _, mp := range config.DefaultMaskedPaths { | ||||
| 		g.AddLinuxMaskedPaths(mp) | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| func setupReadOnlyPaths(g *generate.Generator) { | ||||
| 	for _, rp := range []string{ | ||||
| 		"/proc/asound", | ||||
| 		"/proc/bus", | ||||
| 		"/proc/fs", | ||||
| 		"/proc/irq", | ||||
| 		"/proc/sys", | ||||
| 		"/proc/sysrq-trigger", | ||||
| 	} { | ||||
| 	for _, rp := range config.DefaultReadOnlyPaths { | ||||
| 		g.AddLinuxReadonlyPaths(rp) | ||||
| 	} | ||||
| } | ||||
|  |  | |||
|  | @ -10,11 +10,11 @@ const ( | |||
| ) | ||||
| 
 | ||||
| var ( | ||||
| 	// DefaultCapabilities is the list of capabilities which we grant by
 | ||||
| 	// default to containers which are running under UID 0.
 | ||||
| 	DefaultCapabilities = define.DefaultCapabilities | ||||
| 	// Deprecated: DefaultCapabilities values should be retrieved from
 | ||||
| 	// github.com/containers/common/pkg/config
 | ||||
| 	DefaultCapabilities = define.DefaultCapabilities //nolint
 | ||||
| 
 | ||||
| 	// DefaultNetworkSysctl is the list of Kernel parameters which we
 | ||||
| 	// grant by default to containers which are running under UID 0.
 | ||||
| 	DefaultNetworkSysctl = define.DefaultNetworkSysctl | ||||
| 	// Deprecated: DefaultNetworkSysctl values should be retrieved from
 | ||||
| 	// github.com/containers/common/pkg/config
 | ||||
| 	DefaultNetworkSysctl = define.DefaultNetworkSysctl //nolint
 | ||||
| ) | ||||
|  |  | |||
|  | @ -16,6 +16,7 @@ import ( | |||
| 	"github.com/containers/image/v5/pkg/docker/config" | ||||
| 	"github.com/containers/image/v5/pkg/sysregistriesv2" | ||||
| 	"github.com/containers/image/v5/types" | ||||
| 	"github.com/containers/storage/pkg/homedir" | ||||
| 	"github.com/sirupsen/logrus" | ||||
| ) | ||||
| 
 | ||||
|  | @ -39,33 +40,46 @@ func (e ErrNewCredentialsInvalid) Unwrap() error { | |||
| // GetDefaultAuthFile returns env value REGISTRY_AUTH_FILE as default
 | ||||
| // --authfile path used in multiple --authfile flag definitions
 | ||||
| // Will fail over to DOCKER_CONFIG if REGISTRY_AUTH_FILE environment is not set
 | ||||
| //
 | ||||
| // WARNINGS:
 | ||||
| //   - In almost all invocations, expect this function to return ""; so it can not be used
 | ||||
| //     for directly accessing the file.
 | ||||
| //   - Use this only for commands that _read_ credentials, not write them.
 | ||||
| //     The path may refer to github.com/containers auth.json, or to Docker config.json,
 | ||||
| //     and the distinction is lost; writing auth.json data to config.json may not be consumable by Docker,
 | ||||
| //     or it may overwrite and discard unrelated Docker configuration set by the user.
 | ||||
| func GetDefaultAuthFile() string { | ||||
| 	// Keep this in sync with the default logic in systemContextWithOptions!
 | ||||
| 
 | ||||
| 	if authfile := os.Getenv("REGISTRY_AUTH_FILE"); authfile != "" { | ||||
| 		return authfile | ||||
| 	} | ||||
| 	// This pre-existing behavior is not conceptually consistent:
 | ||||
| 	// If users have a ~/.docker/config.json in the default path, and no environment variable
 | ||||
| 	// set, we read auth.json first, falling back to config.json;
 | ||||
| 	// but if DOCKER_CONFIG is set, we read only config.json in that path, and we don’t read auth.json at all.
 | ||||
| 	if authEnv := os.Getenv("DOCKER_CONFIG"); authEnv != "" { | ||||
| 		return filepath.Join(authEnv, "config.json") | ||||
| 	} | ||||
| 	return "" | ||||
| } | ||||
| 
 | ||||
| // CheckAuthFile validates filepath given by --authfile
 | ||||
| // used by command has --authfile flag
 | ||||
| func CheckAuthFile(authfile string) error { | ||||
| 	if authfile == "" { | ||||
| // CheckAuthFile validates a path option, failing if the option is set but the referenced file is not accessible.
 | ||||
| func CheckAuthFile(pathOption string) error { | ||||
| 	if pathOption == "" { | ||||
| 		return nil | ||||
| 	} | ||||
| 	if _, err := os.Stat(authfile); err != nil { | ||||
| 		return fmt.Errorf("checking authfile: %w", err) | ||||
| 	if _, err := os.Stat(pathOption); err != nil { | ||||
| 		return fmt.Errorf("credential file is not accessible: %w", err) | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
| // systemContextWithOptions returns a version of sys
 | ||||
| // updated with authFile and certDir values (if they are not "").
 | ||||
| // updated with authFile, dockerCompatAuthFile and certDir values (if they are not "").
 | ||||
| // NOTE: this is a shallow copy that can be used and updated, but may share
 | ||||
| // data with the original parameter.
 | ||||
| func systemContextWithOptions(sys *types.SystemContext, authFile, certDir string) *types.SystemContext { | ||||
| func systemContextWithOptions(sys *types.SystemContext, authFile, dockerCompatAuthFile, certDir string) (*types.SystemContext, error) { | ||||
| 	if sys != nil { | ||||
| 		sysCopy := *sys | ||||
| 		sys = &sysCopy | ||||
|  | @ -73,24 +87,50 @@ func systemContextWithOptions(sys *types.SystemContext, authFile, certDir string | |||
| 		sys = &types.SystemContext{} | ||||
| 	} | ||||
| 
 | ||||
| 	if authFile != "" { | ||||
| 	defaultDockerConfigPath := filepath.Join(homedir.Get(), ".docker", "config.json") | ||||
| 	switch { | ||||
| 	case authFile != "" && dockerCompatAuthFile != "": | ||||
| 		return nil, errors.New("options for paths to the credential file and to the Docker-compatible credential file can not be set simultaneously") | ||||
| 	case authFile != "": | ||||
| 		if authFile == defaultDockerConfigPath { | ||||
| 			logrus.Warn("saving credentials to ~/.docker/config.json, but not using Docker-compatible file format") | ||||
| 		} | ||||
| 		sys.AuthFilePath = authFile | ||||
| 	case dockerCompatAuthFile != "": | ||||
| 		sys.DockerCompatAuthFilePath = dockerCompatAuthFile | ||||
| 	default: | ||||
| 		// Keep this in sync with GetDefaultAuthFile()!
 | ||||
| 		//
 | ||||
| 		// Note that c/image does not natively implement the REGISTRY_AUTH_FILE
 | ||||
| 		// variable, so not all callers look for credentials in this location.
 | ||||
| 		if authFileVar := os.Getenv("REGISTRY_AUTH_FILE"); authFileVar != "" { | ||||
| 			if authFileVar == defaultDockerConfigPath { | ||||
| 				logrus.Warn("$REGISTRY_AUTH_FILE points to ~/.docker/config.json, but the file format is not fully compatible; use the Docker-compatible file path option instead") | ||||
| 			} | ||||
| 			sys.AuthFilePath = authFileVar | ||||
| 		} else if dockerConfig := os.Getenv("DOCKER_CONFIG"); dockerConfig != "" { | ||||
| 			// This preserves pre-existing _inconsistent_ behavior:
 | ||||
| 			// If the Docker configuration exists in the default ~/.docker/config.json location,
 | ||||
| 			// we DO NOT write to it; instead, we update auth.json in the default path.
 | ||||
| 			// Only if the user explicitly sets DOCKER_CONFIG, we write to that config.json.
 | ||||
| 			sys.DockerCompatAuthFilePath = filepath.Join(dockerConfig, "config.json") | ||||
| 		} | ||||
| 	} | ||||
| 	if certDir != "" { | ||||
| 		sys.DockerCertPath = certDir | ||||
| 	} | ||||
| 	return sys | ||||
| 	return sys, nil | ||||
| } | ||||
| 
 | ||||
| // Login implements a “log in” command with the provided opts and args
 | ||||
| // reading the password from opts.Stdin or the options in opts.
 | ||||
| func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginOptions, args []string) error { | ||||
| 	systemContext = systemContextWithOptions(systemContext, opts.AuthFile, opts.CertDir) | ||||
| 	systemContext, err := systemContextWithOptions(systemContext, opts.AuthFile, opts.DockerCompatAuthFile, opts.CertDir) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 
 | ||||
| 	var ( | ||||
| 		key, registry string | ||||
| 		err           error | ||||
| 	) | ||||
| 	var key, registry string | ||||
| 	switch len(args) { | ||||
| 	case 0: | ||||
| 		if !opts.AcceptUnspecifiedRegistry { | ||||
|  | @ -284,7 +324,13 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri | |||
| 	if err := CheckAuthFile(opts.AuthFile); err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	systemContext = systemContextWithOptions(systemContext, opts.AuthFile, "") | ||||
| 	if err := CheckAuthFile(opts.DockerCompatAuthFile); err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 	systemContext, err := systemContextWithOptions(systemContext, opts.AuthFile, opts.DockerCompatAuthFile, "") | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 
 | ||||
| 	if opts.All { | ||||
| 		if len(args) != 0 { | ||||
|  | @ -297,10 +343,7 @@ func Logout(systemContext *types.SystemContext, opts *LogoutOptions, args []stri | |||
| 		return nil | ||||
| 	} | ||||
| 
 | ||||
| 	var ( | ||||
| 		key, registry string | ||||
| 		err           error | ||||
| 	) | ||||
| 	var key, registry string | ||||
| 	switch len(args) { | ||||
| 	case 0: | ||||
| 		if !opts.AcceptUnspecifiedRegistry { | ||||
|  |  | |||
|  | @ -14,14 +14,15 @@ type LoginOptions struct { | |||
| 	// CLI flags managed by the FlagSet returned by GetLoginFlags
 | ||||
| 	// Callers that use GetLoginFlags should not need to touch these values at all; callers that use
 | ||||
| 	// other CLI frameworks should set them based on user input.
 | ||||
| 	AuthFile           string | ||||
| 	CertDir            string | ||||
| 	Password           string | ||||
| 	Username           string | ||||
| 	StdinPassword      bool | ||||
| 	GetLoginSet        bool | ||||
| 	Verbose            bool // set to true for verbose output
 | ||||
| 	AcceptRepositories bool // set to true to allow namespaces or repositories rather than just registries
 | ||||
| 	AuthFile             string | ||||
| 	DockerCompatAuthFile string | ||||
| 	CertDir              string | ||||
| 	Password             string | ||||
| 	Username             string | ||||
| 	StdinPassword        bool | ||||
| 	GetLoginSet          bool | ||||
| 	Verbose              bool // set to true for verbose output
 | ||||
| 	AcceptRepositories   bool // set to true to allow namespaces or repositories rather than just registries
 | ||||
| 	// Options caller can set
 | ||||
| 	Stdin                     io.Reader // set to os.Stdin
 | ||||
| 	Stdout                    io.Writer // set to os.Stdout
 | ||||
|  | @ -34,9 +35,10 @@ type LogoutOptions struct { | |||
| 	// CLI flags managed by the FlagSet returned by GetLogoutFlags
 | ||||
| 	// Callers that use GetLogoutFlags should not need to touch these values at all; callers that use
 | ||||
| 	// other CLI frameworks should set them based on user input.
 | ||||
| 	AuthFile           string | ||||
| 	All                bool | ||||
| 	AcceptRepositories bool // set to true to allow namespaces or repositories rather than just registries
 | ||||
| 	AuthFile             string | ||||
| 	DockerCompatAuthFile string | ||||
| 	All                  bool | ||||
| 	AcceptRepositories   bool // set to true to allow namespaces or repositories rather than just registries
 | ||||
| 	// Options caller can set
 | ||||
| 	Stdout                    io.Writer // set to os.Stdout
 | ||||
| 	AcceptUnspecifiedRegistry bool      // set to true if allows logout with unspecified registry
 | ||||
|  | @ -45,7 +47,8 @@ type LogoutOptions struct { | |||
| // GetLoginFlags defines and returns login flags for containers tools
 | ||||
| func GetLoginFlags(flags *LoginOptions) *pflag.FlagSet { | ||||
| 	fs := pflag.FlagSet{} | ||||
| 	fs.StringVar(&flags.AuthFile, "authfile", GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") | ||||
| 	fs.StringVar(&flags.AuthFile, "authfile", "", "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") | ||||
| 	fs.StringVar(&flags.DockerCompatAuthFile, "compat-auth-file", "", "path of a Docker-compatible config file to update instead") | ||||
| 	fs.StringVar(&flags.CertDir, "cert-dir", "", "use certificates at the specified path to access the registry") | ||||
| 	fs.StringVarP(&flags.Password, "password", "p", "", "Password for registry") | ||||
| 	fs.StringVarP(&flags.Username, "username", "u", "", "Username for registry") | ||||
|  | @ -59,6 +62,7 @@ func GetLoginFlags(flags *LoginOptions) *pflag.FlagSet { | |||
| func GetLoginFlagsCompletions() completion.FlagCompletions { | ||||
| 	flagCompletion := completion.FlagCompletions{} | ||||
| 	flagCompletion["authfile"] = completion.AutocompleteDefault | ||||
| 	flagCompletion["compat-auth-file"] = completion.AutocompleteDefault | ||||
| 	flagCompletion["cert-dir"] = completion.AutocompleteDefault | ||||
| 	flagCompletion["password"] = completion.AutocompleteNone | ||||
| 	flagCompletion["username"] = completion.AutocompleteNone | ||||
|  | @ -68,7 +72,8 @@ func GetLoginFlagsCompletions() completion.FlagCompletions { | |||
| // GetLogoutFlags defines and returns logout flags for containers tools
 | ||||
| func GetLogoutFlags(flags *LogoutOptions) *pflag.FlagSet { | ||||
| 	fs := pflag.FlagSet{} | ||||
| 	fs.StringVar(&flags.AuthFile, "authfile", GetDefaultAuthFile(), "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") | ||||
| 	fs.StringVar(&flags.AuthFile, "authfile", "", "path of the authentication file. Use REGISTRY_AUTH_FILE environment variable to override") | ||||
| 	fs.StringVar(&flags.DockerCompatAuthFile, "compat-auth-file", "", "path of a Docker-compatible config file to update instead") | ||||
| 	fs.BoolVarP(&flags.All, "all", "a", false, "Remove the cached credentials for all registries in the auth file") | ||||
| 	return &fs | ||||
| } | ||||
|  | @ -77,5 +82,6 @@ func GetLogoutFlags(flags *LogoutOptions) *pflag.FlagSet { | |||
| func GetLogoutFlagsCompletions() completion.FlagCompletions { | ||||
| 	flagCompletion := completion.FlagCompletions{} | ||||
| 	flagCompletion["authfile"] = completion.AutocompleteDefault | ||||
| 	flagCompletion["compat-auth-file"] = completion.AutocompleteDefault | ||||
| 	return flagCompletion | ||||
| } | ||||
|  |  | |||
|  | @ -1,4 +1,4 @@ | |||
| package version | ||||
| 
 | ||||
| // Version is the version of the build.
 | ||||
| const Version = "0.56.1-dev" | ||||
| const Version = "0.57.0" | ||||
|  |  | |||
|  | @ -284,11 +284,24 @@ func (d *bpCompressionStepData) recordValidatedDigestData(c *copier, uploadedInf | |||
| 		} | ||||
| 	} | ||||
| 	if d.uploadedCompressorName != "" && d.uploadedCompressorName != internalblobinfocache.UnknownCompression { | ||||
| 		c.blobInfoCache.RecordDigestCompressorName(uploadedInfo.Digest, d.uploadedCompressorName) | ||||
| 		if d.uploadedCompressorName != compressiontypes.ZstdChunkedAlgorithmName { | ||||
| 			// HACK: Don’t record zstd:chunked algorithms.
 | ||||
| 			// There is already a similar hack in internal/imagedestination/impl/helpers.BlobMatchesRequiredCompression,
 | ||||
| 			// and that one prevents reusing zstd:chunked blobs, so recording the algorithm here would be mostly harmless.
 | ||||
| 			//
 | ||||
| 			// We skip that here anyway to work around the inability of blobPipelineDetectCompressionStep to differentiate
 | ||||
| 			// between zstd and zstd:chunked; so we could, in varying situations over time, call RecordDigestCompressorName
 | ||||
| 			// with the same digest and both ZstdAlgorithmName and ZstdChunkedAlgorithmName , which causes warnings about
 | ||||
| 			// inconsistent data to be logged.
 | ||||
| 			c.blobInfoCache.RecordDigestCompressorName(uploadedInfo.Digest, d.uploadedCompressorName) | ||||
| 		} | ||||
| 	} | ||||
| 	if srcInfo.Digest != "" && srcInfo.Digest != uploadedInfo.Digest && | ||||
| 		d.srcCompressorName != "" && d.srcCompressorName != internalblobinfocache.UnknownCompression { | ||||
| 		c.blobInfoCache.RecordDigestCompressorName(srcInfo.Digest, d.srcCompressorName) | ||||
| 		if d.srcCompressorName != compressiontypes.ZstdChunkedAlgorithmName { | ||||
| 			// HACK: Don’t record zstd:chunked algorithms, see above.
 | ||||
| 			c.blobInfoCache.RecordDigestCompressorName(srcInfo.Digest, d.srcCompressorName) | ||||
| 		} | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
|  |  | |||
|  | @ -88,7 +88,7 @@ func registryHTTPResponseToError(res *http.Response) error { | |||
| 			response = response[:50] + "..." | ||||
| 		} | ||||
| 		// %.0w makes e visible to error.Unwrap() without including any text
 | ||||
| 		err = fmt.Errorf("StatusCode: %d, %s%.0w", e.StatusCode, response, e) | ||||
| 		err = fmt.Errorf("StatusCode: %d, %q%.0w", e.StatusCode, response, e) | ||||
| 	case errcode.Error: | ||||
| 		// e.Error() is fmt.Sprintf("%s: %s", e.Code.Error(), e.Message, which is usually
 | ||||
| 		// rather redundant. So reword it without using e.Code.Error() if e.Message is the default.
 | ||||
|  |  | |||
							
								
								
									
										5
									
								
								vendor/github.com/containers/image/v5/internal/imagedestination/impl/helpers.go
								
								
									generated
								
								
									vendored
								
								
							
							
						
						
									
										5
									
								
								vendor/github.com/containers/image/v5/internal/imagedestination/impl/helpers.go
								
								
									generated
								
								
									vendored
								
								
							|  | @ -12,6 +12,11 @@ func BlobMatchesRequiredCompression(options private.TryReusingBlobOptions, candi | |||
| 	if options.RequiredCompression == nil { | ||||
| 		return true // no requirement imposed
 | ||||
| 	} | ||||
| 	if options.RequiredCompression.Name() == compression.ZstdChunkedAlgorithmName { | ||||
| 		// HACK: Never match when the caller asks for zstd:chunked, because we don’t record the annotations required to use the chunked blobs.
 | ||||
| 		// The caller must re-compress to build those annotations.
 | ||||
| 		return false | ||||
| 	} | ||||
| 	return candidateCompression != nil && (options.RequiredCompression.Name() == candidateCompression.Name()) | ||||
| } | ||||
| 
 | ||||
|  |  | |||
|  | @ -5,6 +5,7 @@ import ( | |||
| 	"encoding/json" | ||||
| 	"errors" | ||||
| 	"fmt" | ||||
| 	"io/fs" | ||||
| 	"os" | ||||
| 	"os/exec" | ||||
| 	"path/filepath" | ||||
|  | @ -61,78 +62,6 @@ func newAuthPathDefault(path string) authPath { | |||
| 	return authPath{path: path, legacyFormat: false} | ||||
| } | ||||
| 
 | ||||
| // SetCredentials stores the username and password in a location
 | ||||
| // appropriate for sys and the users’ configuration.
 | ||||
| // A valid key is a repository, a namespace within a registry, or a registry hostname;
 | ||||
| // using forms other than just a registry may fail depending on configuration.
 | ||||
| // Returns a human-readable description of the location that was updated.
 | ||||
| // NOTE: The return value is only intended to be read by humans; its form is not an API,
 | ||||
| // it may change (or new forms can be added) any time.
 | ||||
| func SetCredentials(sys *types.SystemContext, key, username, password string) (string, error) { | ||||
| 	isNamespaced, err := validateKey(key) | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	helpers, err := sysregistriesv2.CredentialHelpers(sys) | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	// Make sure to collect all errors.
 | ||||
| 	var multiErr error | ||||
| 	for _, helper := range helpers { | ||||
| 		var desc string | ||||
| 		var err error | ||||
| 		switch helper { | ||||
| 		// Special-case the built-in helpers for auth files.
 | ||||
| 		case sysregistriesv2.AuthenticationFileHelper: | ||||
| 			desc, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) { | ||||
| 				if ch, exists := fileContents.CredHelpers[key]; exists { | ||||
| 					if isNamespaced { | ||||
| 						return false, "", unsupportedNamespaceErr(ch) | ||||
| 					} | ||||
| 					desc, err := setCredsInCredHelper(ch, key, username, password) | ||||
| 					if err != nil { | ||||
| 						return false, "", err | ||||
| 					} | ||||
| 					return false, desc, nil | ||||
| 				} | ||||
| 				creds := base64.StdEncoding.EncodeToString([]byte(username + ":" + password)) | ||||
| 				newCreds := dockerAuthConfig{Auth: creds} | ||||
| 				fileContents.AuthConfigs[key] = newCreds | ||||
| 				return true, "", nil | ||||
| 			}) | ||||
| 		// External helpers.
 | ||||
| 		default: | ||||
| 			if isNamespaced { | ||||
| 				err = unsupportedNamespaceErr(helper) | ||||
| 			} else { | ||||
| 				desc, err = setCredsInCredHelper(helper, key, username, password) | ||||
| 			} | ||||
| 		} | ||||
| 		if err != nil { | ||||
| 			multiErr = multierror.Append(multiErr, err) | ||||
| 			logrus.Debugf("Error storing credentials for %s in credential helper %s: %v", key, helper, err) | ||||
| 			continue | ||||
| 		} | ||||
| 		logrus.Debugf("Stored credentials for %s in credential helper %s", key, helper) | ||||
| 		return desc, nil | ||||
| 	} | ||||
| 	return "", multiErr | ||||
| } | ||||
| 
 | ||||
| func unsupportedNamespaceErr(helper string) error { | ||||
| 	return fmt.Errorf("namespaced key is not supported for credential helper %s", helper) | ||||
| } | ||||
| 
 | ||||
| // SetAuthentication stores the username and password in the credential helper or file
 | ||||
| // See the documentation of SetCredentials for format of "key"
 | ||||
| func SetAuthentication(sys *types.SystemContext, key, username, password string) error { | ||||
| 	_, err := SetCredentials(sys, key, username, password) | ||||
| 	return err | ||||
| } | ||||
| 
 | ||||
| // GetAllCredentials returns the registry credentials for all registries stored
 | ||||
| // in any of the configured credential helpers.
 | ||||
| func GetAllCredentials(sys *types.SystemContext) (map[string]types.DockerAuthConfig, error) { | ||||
|  | @ -370,17 +299,79 @@ func getAuthenticationWithHomeDir(sys *types.SystemContext, key, homeDir string) | |||
| 	return creds.Username, creds.Password, nil | ||||
| } | ||||
| 
 | ||||
| // SetCredentials stores the username and password in a location
 | ||||
| // appropriate for sys and the users’ configuration.
 | ||||
| // A valid key is a repository, a namespace within a registry, or a registry hostname;
 | ||||
| // using forms other than just a registry may fail depending on configuration.
 | ||||
| // Returns a human-readable description of the location that was updated.
 | ||||
| // NOTE: The return value is only intended to be read by humans; its form is not an API,
 | ||||
| // it may change (or new forms can be added) any time.
 | ||||
| func SetCredentials(sys *types.SystemContext, key, username, password string) (string, error) { | ||||
| 	helpers, jsonEditor, key, isNamespaced, err := prepareForEdit(sys, key, true) | ||||
| 	if err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	// Make sure to collect all errors.
 | ||||
| 	var multiErr error | ||||
| 	for _, helper := range helpers { | ||||
| 		var desc string | ||||
| 		var err error | ||||
| 		switch helper { | ||||
| 		// Special-case the built-in helpers for auth files.
 | ||||
| 		case sysregistriesv2.AuthenticationFileHelper: | ||||
| 			desc, err = jsonEditor(sys, func(fileContents *dockerConfigFile) (bool, string, error) { | ||||
| 				if ch, exists := fileContents.CredHelpers[key]; exists { | ||||
| 					if isNamespaced { | ||||
| 						return false, "", unsupportedNamespaceErr(ch) | ||||
| 					} | ||||
| 					desc, err := setCredsInCredHelper(ch, key, username, password) | ||||
| 					if err != nil { | ||||
| 						return false, "", err | ||||
| 					} | ||||
| 					return false, desc, nil | ||||
| 				} | ||||
| 				creds := base64.StdEncoding.EncodeToString([]byte(username + ":" + password)) | ||||
| 				newCreds := dockerAuthConfig{Auth: creds} | ||||
| 				fileContents.AuthConfigs[key] = newCreds | ||||
| 				return true, "", nil | ||||
| 			}) | ||||
| 		// External helpers.
 | ||||
| 		default: | ||||
| 			if isNamespaced { | ||||
| 				err = unsupportedNamespaceErr(helper) | ||||
| 			} else { | ||||
| 				desc, err = setCredsInCredHelper(helper, key, username, password) | ||||
| 			} | ||||
| 		} | ||||
| 		if err != nil { | ||||
| 			multiErr = multierror.Append(multiErr, err) | ||||
| 			logrus.Debugf("Error storing credentials for %s in credential helper %s: %v", key, helper, err) | ||||
| 			continue | ||||
| 		} | ||||
| 		logrus.Debugf("Stored credentials for %s in credential helper %s", key, helper) | ||||
| 		return desc, nil | ||||
| 	} | ||||
| 	return "", multiErr | ||||
| } | ||||
| 
 | ||||
| func unsupportedNamespaceErr(helper string) error { | ||||
| 	return fmt.Errorf("namespaced key is not supported for credential helper %s", helper) | ||||
| } | ||||
| 
 | ||||
| // SetAuthentication stores the username and password in the credential helper or file
 | ||||
| // See the documentation of SetCredentials for format of "key"
 | ||||
| func SetAuthentication(sys *types.SystemContext, key, username, password string) error { | ||||
| 	_, err := SetCredentials(sys, key, username, password) | ||||
| 	return err | ||||
| } | ||||
| 
 | ||||
| // RemoveAuthentication removes credentials for `key` from all possible
 | ||||
| // sources such as credential helpers and auth files.
 | ||||
| // A valid key is a repository, a namespace within a registry, or a registry hostname;
 | ||||
| // using forms other than just a registry may fail depending on configuration.
 | ||||
| func RemoveAuthentication(sys *types.SystemContext, key string) error { | ||||
| 	isNamespaced, err := validateKey(key) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
| 
 | ||||
| 	helpers, err := sysregistriesv2.CredentialHelpers(sys) | ||||
| 	helpers, jsonEditor, key, isNamespaced, err := prepareForEdit(sys, key, true) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
|  | @ -411,7 +402,7 @@ func RemoveAuthentication(sys *types.SystemContext, key string) error { | |||
| 		switch helper { | ||||
| 		// Special-case the built-in helper for auth files.
 | ||||
| 		case sysregistriesv2.AuthenticationFileHelper: | ||||
| 			_, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) { | ||||
| 			_, err = jsonEditor(sys, func(fileContents *dockerConfigFile) (bool, string, error) { | ||||
| 				if innerHelper, exists := fileContents.CredHelpers[key]; exists { | ||||
| 					removeFromCredHelper(innerHelper) | ||||
| 				} | ||||
|  | @ -443,7 +434,7 @@ func RemoveAuthentication(sys *types.SystemContext, key string) error { | |||
| // RemoveAllAuthentication deletes all the credentials stored in credential
 | ||||
| // helpers and auth files.
 | ||||
| func RemoveAllAuthentication(sys *types.SystemContext) error { | ||||
| 	helpers, err := sysregistriesv2.CredentialHelpers(sys) | ||||
| 	helpers, jsonEditor, _, _, err := prepareForEdit(sys, "", false) | ||||
| 	if err != nil { | ||||
| 		return err | ||||
| 	} | ||||
|  | @ -454,7 +445,7 @@ func RemoveAllAuthentication(sys *types.SystemContext) error { | |||
| 		switch helper { | ||||
| 		// Special-case the built-in helper for auth files.
 | ||||
| 		case sysregistriesv2.AuthenticationFileHelper: | ||||
| 			_, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) { | ||||
| 			_, err = jsonEditor(sys, func(fileContents *dockerConfigFile) (bool, string, error) { | ||||
| 				for registry, helper := range fileContents.CredHelpers { | ||||
| 					// Helpers in auth files are expected
 | ||||
| 					// to exist, so no special treatment
 | ||||
|  | @ -497,6 +488,46 @@ func RemoveAllAuthentication(sys *types.SystemContext) error { | |||
| 	return multiErr | ||||
| } | ||||
| 
 | ||||
| // prepareForEdit processes sys and key (if keyRelevant) to return:
 | ||||
| // - a list of credential helpers
 | ||||
| // - a function which can be used to edit the JSON file
 | ||||
| // - the key value to actually use in credential helpers / JSON
 | ||||
| // - a boolean which is true if key is namespaced (and should not be used with credential helpers).
 | ||||
| func prepareForEdit(sys *types.SystemContext, key string, keyRelevant bool) ([]string, func(*types.SystemContext, func(*dockerConfigFile) (bool, string, error)) (string, error), string, bool, error) { | ||||
| 	var isNamespaced bool | ||||
| 	if keyRelevant { | ||||
| 		ns, err := validateKey(key) | ||||
| 		if err != nil { | ||||
| 			return nil, nil, "", false, err | ||||
| 		} | ||||
| 		isNamespaced = ns | ||||
| 	} | ||||
| 
 | ||||
| 	if sys != nil && sys.DockerCompatAuthFilePath != "" { | ||||
| 		if sys.AuthFilePath != "" { | ||||
| 			return nil, nil, "", false, errors.New("AuthFilePath and DockerCompatAuthFilePath can not be set simultaneously") | ||||
| 		} | ||||
| 		if keyRelevant { | ||||
| 			if isNamespaced { | ||||
| 				return nil, nil, "", false, fmt.Errorf("Credentials cannot be recorded in Docker-compatible format with namespaced key %q", key) | ||||
| 			} | ||||
| 			if key == "docker.io" { | ||||
| 				key = "https://index.docker.io/v1/" | ||||
| 			} | ||||
| 		} | ||||
| 
 | ||||
| 		// Do not use helpers defined in sysregistriesv2 because Docker isn’t aware of them.
 | ||||
| 		return []string{sysregistriesv2.AuthenticationFileHelper}, modifyDockerConfigJSON, key, false, nil | ||||
| 	} | ||||
| 
 | ||||
| 	helpers, err := sysregistriesv2.CredentialHelpers(sys) | ||||
| 	if err != nil { | ||||
| 		return nil, nil, "", false, err | ||||
| 	} | ||||
| 
 | ||||
| 	return helpers, modifyJSON, key, isNamespaced, nil | ||||
| } | ||||
| 
 | ||||
| func listCredsInCredHelper(credHelper string) (map[string]string, error) { | ||||
| 	helperName := fmt.Sprintf("docker-credential-%s", credHelper) | ||||
| 	p := helperclient.NewShellProgramFunc(helperName) | ||||
|  | @ -513,9 +544,17 @@ func getPathToAuth(sys *types.SystemContext) (authPath, bool, error) { | |||
| // it exists only to allow testing it with an artificial runtime.GOOS.
 | ||||
| func getPathToAuthWithOS(sys *types.SystemContext, goOS string) (authPath, bool, error) { | ||||
| 	if sys != nil { | ||||
| 		if sys.AuthFilePath != "" && sys.DockerCompatAuthFilePath != "" { | ||||
| 			return authPath{}, false, errors.New("AuthFilePath and DockerCompatAuthFilePath can not be set simultaneously") | ||||
| 		} | ||||
| 		if sys.AuthFilePath != "" { | ||||
| 			return newAuthPathDefault(sys.AuthFilePath), true, nil | ||||
| 		} | ||||
| 		// When reading, we can process auth.json and Docker’s config.json with the same code.
 | ||||
| 		// When writing, prepareForEdit chooses an appropriate jsonEditor implementation.
 | ||||
| 		if sys.DockerCompatAuthFilePath != "" { | ||||
| 			return newAuthPathDefault(sys.DockerCompatAuthFilePath), true, nil | ||||
| 		} | ||||
| 		if sys.LegacyFormatAuthFilePath != "" { | ||||
| 			return authPath{path: sys.LegacyFormatAuthFilePath, legacyFormat: true}, true, nil | ||||
| 		} | ||||
|  | @ -626,6 +665,86 @@ func modifyJSON(sys *types.SystemContext, editor func(fileContents *dockerConfig | |||
| 	return description, nil | ||||
| } | ||||
| 
 | ||||
| // modifyDockerConfigJSON finds a docker config.json file, calls editor on the contents, and
 | ||||
| // writes it back if editor returns true.
 | ||||
| // Returns a human-readable description of the file, to be returned by SetCredentials.
 | ||||
| //
 | ||||
| // The editor may also return a human-readable description of the updated location; if it is "",
 | ||||
| // the file itself is used.
 | ||||
| func modifyDockerConfigJSON(sys *types.SystemContext, editor func(fileContents *dockerConfigFile) (bool, string, error)) (string, error) { | ||||
| 	if sys == nil || sys.DockerCompatAuthFilePath == "" { | ||||
| 		return "", errors.New("internal error: modifyDockerConfigJSON called with DockerCompatAuthFilePath not set") | ||||
| 	} | ||||
| 	path := sys.DockerCompatAuthFilePath | ||||
| 
 | ||||
| 	dir := filepath.Dir(path) | ||||
| 	if err := os.MkdirAll(dir, 0700); err != nil { | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	// Try hard not to clobber fields we don’t understand, even fields which may be added in future Docker versions.
 | ||||
| 	var rawContents map[string]json.RawMessage | ||||
| 	originalBytes, err := os.ReadFile(path) | ||||
| 	switch { | ||||
| 	case err == nil: | ||||
| 		if err := json.Unmarshal(originalBytes, &rawContents); err != nil { | ||||
| 			return "", fmt.Errorf("unmarshaling JSON at %q: %w", path, err) | ||||
| 		} | ||||
| 	case errors.Is(err, fs.ErrNotExist): | ||||
| 		rawContents = map[string]json.RawMessage{} | ||||
| 	default: // err != nil
 | ||||
| 		return "", err | ||||
| 	} | ||||
| 
 | ||||
| 	syntheticContents := dockerConfigFile{ | ||||
| 		AuthConfigs: map[string]dockerAuthConfig{}, | ||||
| 		CredHelpers: map[string]string{}, | ||||
| 	} | ||||
| 	// json.Unmarshal also falls back to case-insensitive field matching; this code does not do that. Presumably
 | ||||
| 	// config.json is mostly maintained by machines doing `docker login`, so the files should, hopefully, not contain field names with
 | ||||
| 	// unexpected case.
 | ||||
| 	if rawAuths, ok := rawContents["auths"]; ok { | ||||
| 		// This conversion will lose fields we don’t know about; when updating an entry, we can’t tell whether an unknown field
 | ||||
| 		// should be preserved or discarded (because it is made obsolete/unwanted with the new credentials).
 | ||||
| 		// It might make sense to track which entries of "auths" we actually modified, and to not touch any others.
 | ||||
| 		if err := json.Unmarshal(rawAuths, &syntheticContents.AuthConfigs); err != nil { | ||||
| 			return "", fmt.Errorf(`unmarshaling "auths" in JSON at %q: %w`, path, err) | ||||
| 		} | ||||
| 	} | ||||
| 	if rawCH, ok := rawContents["credHelpers"]; ok { | ||||
| 		if err := json.Unmarshal(rawCH, &syntheticContents.CredHelpers); err != nil { | ||||
| 			return "", fmt.Errorf(`unmarshaling "credHelpers" in JSON at %q: %w`, path, err) | ||||
| 
 | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	updated, description, err := editor(&syntheticContents) | ||||
| 	if err != nil { | ||||
| 		return "", fmt.Errorf("updating %q: %w", path, err) | ||||
| 	} | ||||
| 	if updated { | ||||
| 		rawAuths, err := json.MarshalIndent(syntheticContents.AuthConfigs, "", "\t") | ||||
| 		if err != nil { | ||||
| 			return "", fmt.Errorf("marshaling JSON %q: %w", path, err) | ||||
| 		} | ||||
| 		rawContents["auths"] = rawAuths | ||||
| 		// We never modify syntheticContents.CredHelpers, so we don’t need to update it.
 | ||||
| 		newData, err := json.MarshalIndent(rawContents, "", "\t") | ||||
| 		if err != nil { | ||||
| 			return "", fmt.Errorf("marshaling JSON %q: %w", path, err) | ||||
| 		} | ||||
| 
 | ||||
| 		if err = ioutils.AtomicWriteFile(path, newData, 0600); err != nil { | ||||
| 			return "", fmt.Errorf("writing to file %q: %w", path, err) | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
| 	if description == "" { | ||||
| 		description = path | ||||
| 	} | ||||
| 	return description, nil | ||||
| } | ||||
| 
 | ||||
| func getCredsFromCredHelper(credHelper, registry string) (types.DockerAuthConfig, error) { | ||||
| 	helperName := fmt.Sprintf("docker-credential-%s", credHelper) | ||||
| 	p := helperclient.NewShellProgramFunc(helperName) | ||||
|  |  | |||
|  | @ -102,6 +102,8 @@ func multiArchImageMatchesSystemContext(store storage.Store, img *storage.Image, | |||
| 
 | ||||
| // Resolve the reference's name to an image ID in the store, if there's already
 | ||||
| // one present with the same name or ID, and return the image.
 | ||||
| //
 | ||||
| // Returns an error matching ErrNoSuchImage if an image matching ref was not found.
 | ||||
| func (s *storageReference) resolveImage(sys *types.SystemContext) (*storage.Image, error) { | ||||
| 	var loadedImage *storage.Image | ||||
| 	if s.id == "" && s.named != nil { | ||||
|  | @ -297,6 +299,8 @@ func (s storageReference) NewImageDestination(ctx context.Context, sys *types.Sy | |||
| // Note that it _is_ possible for the later uses to fail, either because the image was removed
 | ||||
| // completely, or because the name used in the reference was untaged (even if the underlying image
 | ||||
| // ID still exists in local storage).
 | ||||
| //
 | ||||
| // Returns an error matching ErrNoSuchImage if an image matching ref was not found.
 | ||||
| func ResolveReference(ref types.ImageReference) (types.ImageReference, *storage.Image, error) { | ||||
| 	sref, ok := ref.(*storageReference) | ||||
| 	if !ok { | ||||
|  |  | |||
|  | @ -53,7 +53,8 @@ type StoreTransport interface { | |||
| 	// can return different images, with no way for the caller to "freeze" the storage.Image identity
 | ||||
| 	// without discarding the name entirely.
 | ||||
| 	//
 | ||||
| 	// Use storage.ResolveReference instead.
 | ||||
| 	// Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns
 | ||||
| 	// c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown.
 | ||||
| 	GetImage(types.ImageReference) (*storage.Image, error) | ||||
| 	// GetStoreImage retrieves the image from a specified store that's named
 | ||||
| 	// by the reference.
 | ||||
|  | @ -65,7 +66,8 @@ type StoreTransport interface { | |||
| 	//
 | ||||
| 	// Also, a StoreTransport reference already contains a store, so providing another one is redundant.
 | ||||
| 	//
 | ||||
| 	// Use storage.ResolveReference instead.
 | ||||
| 	// Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns
 | ||||
| 	// c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown.
 | ||||
| 	GetStoreImage(storage.Store, types.ImageReference) (*storage.Image, error) | ||||
| 	// ParseStoreReference parses a reference, overriding any store
 | ||||
| 	// specification that it may contain.
 | ||||
|  | @ -312,7 +314,8 @@ func (s *storageTransport) ParseReference(reference string) (types.ImageReferenc | |||
| //
 | ||||
| // Also, a StoreTransport reference already contains a store, so providing another one is redundant.
 | ||||
| //
 | ||||
| // Use storage.ResolveReference instead.
 | ||||
| // Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns
 | ||||
| // c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown.
 | ||||
| func (s storageTransport) GetStoreImage(store storage.Store, ref types.ImageReference) (*storage.Image, error) { | ||||
| 	dref := ref.DockerReference() | ||||
| 	if dref != nil { | ||||
|  | @ -334,7 +337,8 @@ func (s storageTransport) GetStoreImage(store storage.Store, ref types.ImageRefe | |||
| // can return different images, with no way for the caller to "freeze" the storage.Image identity
 | ||||
| // without discarding the name entirely.
 | ||||
| //
 | ||||
| // Use storage.ResolveReference instead.
 | ||||
| // Use storage.ResolveReference instead; note that if the image is not found, ResolveReference returns
 | ||||
| // c/image/v5/storage.ErrNoSuchImage, not c/storage.ErrImageUnknown.
 | ||||
| func (s *storageTransport) GetImage(ref types.ImageReference) (*storage.Image, error) { | ||||
| 	store, err := s.GetStore() | ||||
| 	if err != nil { | ||||
|  |  | |||
|  | @ -594,6 +594,10 @@ type SystemContext struct { | |||
| 	// this field is ignored if `AuthFilePath` is set (we favor the newer format);
 | ||||
| 	// only reading of this data is supported;
 | ||||
| 	LegacyFormatAuthFilePath string | ||||
| 	// If set, a path to a Docker-compatible "config.json" file containing credentials; and no other files are processed.
 | ||||
| 	// This must not be set if AuthFilePath is set.
 | ||||
| 	// Only credentials and credential helpers in this file apre processed, not any other configuration in this file.
 | ||||
| 	DockerCompatAuthFilePath string | ||||
| 	// If not "", overrides the use of platform.GOARCH when choosing an image or verifying architecture match.
 | ||||
| 	ArchitectureChoice string | ||||
| 	// If not "", overrides the use of platform.GOOS when choosing an image or verifying OS match.
 | ||||
|  |  | |||
|  | @ -6,12 +6,12 @@ const ( | |||
| 	// VersionMajor is for an API incompatible changes
 | ||||
| 	VersionMajor = 5 | ||||
| 	// VersionMinor is for functionality in a backwards-compatible manner
 | ||||
| 	VersionMinor = 28 | ||||
| 	VersionMinor = 29 | ||||
| 	// VersionPatch is for backwards-compatible bug fixes
 | ||||
| 	VersionPatch = 1 | ||||
| 	VersionPatch = 0 | ||||
| 
 | ||||
| 	// VersionDev indicates development branch. Releases will be empty string.
 | ||||
| 	VersionDev = "-dev" | ||||
| 	VersionDev = "" | ||||
| ) | ||||
| 
 | ||||
| // Version is the specification version that the package types support.
 | ||||
|  |  | |||
|  | @ -9,8 +9,23 @@ docker_builder: | |||
|         apt-get -q install -y bats cryptsetup golang | ||||
|         go version | ||||
|         make | ||||
|     unit_test_script: | ||||
|     unit_test_script: | | ||||
|         go test -timeout 45m -v -cover | ||||
|         case $(go env GOARCH) in | ||||
|         amd64) | ||||
|           otherarch=386;; | ||||
|         arm64) | ||||
|           otherarch=arm;; | ||||
|         mips64) | ||||
|           otherarch=mips;; | ||||
|         mips64le) | ||||
|           otherarch=mipsle;; | ||||
|         esac | ||||
|         if test -n "$otherarch" ; then | ||||
|           echo running unit tests again with GOARCH=$otherarch | ||||
|           GOARCH=$otherarch go test -timeout 45m -v -cover | ||||
|         fi | ||||
|         : | ||||
|     defaults_script: | | ||||
|         bats -f defaults ./tests | ||||
|     aes_script: | | ||||
|  |  | |||
|  | @ -40,7 +40,7 @@ func memoryCostArgon2(salt []byte, keyLen, timeCost, threadsCost int, kdf func([ | |||
| 		if d < time.Second/10 { | ||||
| 			memoryCost *= 2 | ||||
| 		} else { | ||||
| 			return memoryCost * int(time.Second) / int(d) | ||||
| 			return memoryCost * int(float64(time.Second)/float64(d)) | ||||
| 		} | ||||
| 	} | ||||
| 	return memoryCost | ||||
|  |  | |||
|  | @ -1 +1 @@ | |||
| 1.50.3-dev | ||||
| 1.51.0 | ||||
|  |  | |||
|  | @ -0,0 +1,8 @@ | |||
| # v3.0.1 | ||||
| 
 | ||||
| Fixed: | ||||
|  - Security issue: an attacker specifying a large "p2c" value can cause | ||||
|    JSONWebEncryption.Decrypt and JSONWebEncryption.DecryptMulti to consume large | ||||
|    amounts of CPU, causing a DoS. Thanks to Matt Schwager (@mschwager) for the | ||||
|    disclosure and to Tom Tervoort for originally publishing the category of attack. | ||||
|    https://i.blackhat.com/BH-US-23/Presentations/US-23-Tervoort-Three-New-Attacks-Against-JSON-Web-Tokens.pdf | ||||
|  | @ -415,6 +415,11 @@ func (ctx *symmetricKeyCipher) decryptKey(headers rawHeader, recipient *recipien | |||
| 		if p2c <= 0 { | ||||
| 			return nil, fmt.Errorf("go-jose/go-jose: invalid P2C: must be a positive integer") | ||||
| 		} | ||||
| 		if p2c > 1000000 { | ||||
| 			// An unauthenticated attacker can set a high P2C value. Set an upper limit to avoid
 | ||||
| 			// DoS attacks.
 | ||||
| 			return nil, fmt.Errorf("go-jose/go-jose: invalid P2C: too high") | ||||
| 		} | ||||
| 
 | ||||
| 		// salt is UTF8(Alg) || 0x00 || Salt Input
 | ||||
| 		alg := headers.getAlgorithm() | ||||
|  |  | |||
|  | @ -1,3 +1,9 @@ | |||
| ## 0.7.5 (Nov 8, 2023) | ||||
| 
 | ||||
| BUG FIXES | ||||
| 
 | ||||
| - client: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections [GH-207] | ||||
| 
 | ||||
| ## 0.7.4 (Jun 6, 2023) | ||||
| 
 | ||||
| BUG FIXES | ||||
|  |  | |||
|  | @ -160,6 +160,20 @@ func (r *Request) SetBody(rawBody interface{}) error { | |||
| 	} | ||||
| 	r.body = bodyReader | ||||
| 	r.ContentLength = contentLength | ||||
| 	if bodyReader != nil { | ||||
| 		r.GetBody = func() (io.ReadCloser, error) { | ||||
| 			body, err := bodyReader() | ||||
| 			if err != nil { | ||||
| 				return nil, err | ||||
| 			} | ||||
| 			if rc, ok := body.(io.ReadCloser); ok { | ||||
| 				return rc, nil | ||||
| 			} | ||||
| 			return io.NopCloser(body), nil | ||||
| 		} | ||||
| 	} else { | ||||
| 		r.GetBody = func() (io.ReadCloser, error) { return http.NoBody, nil } | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
|  | @ -302,18 +316,19 @@ func NewRequest(method, url string, rawBody interface{}) (*Request, error) { | |||
| // The context controls the entire lifetime of a request and its response:
 | ||||
| // obtaining a connection, sending the request, and reading the response headers and body.
 | ||||
| func NewRequestWithContext(ctx context.Context, method, url string, rawBody interface{}) (*Request, error) { | ||||
| 	bodyReader, contentLength, err := getBodyReaderAndContentLength(rawBody) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 
 | ||||
| 	httpReq, err := http.NewRequestWithContext(ctx, method, url, nil) | ||||
| 	if err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 	httpReq.ContentLength = contentLength | ||||
| 
 | ||||
| 	return &Request{body: bodyReader, Request: httpReq}, nil | ||||
| 	req := &Request{ | ||||
| 		Request: httpReq, | ||||
| 	} | ||||
| 	if err := req.SetBody(rawBody); err != nil { | ||||
| 		return nil, err | ||||
| 	} | ||||
| 
 | ||||
| 	return req, nil | ||||
| } | ||||
| 
 | ||||
| // Logger interface allows to use other loggers than
 | ||||
|  |  | |||
|  | @ -16,6 +16,14 @@ This package provides various compression algorithms. | |||
| 
 | ||||
| # changelog | ||||
| 
 | ||||
| * Oct 22nd, 2023 - [v1.17.2](https://github.com/klauspost/compress/releases/tag/v1.17.2) | ||||
| 	* zstd: Fix rare *CORRUPTION* output in "best" mode. See https://github.com/klauspost/compress/pull/876 | ||||
| 
 | ||||
| * Oct 14th, 2023 - [v1.17.1](https://github.com/klauspost/compress/releases/tag/v1.17.1) | ||||
| 	* s2: Fix S2 "best" dictionary wrong encoding by @klauspost in https://github.com/klauspost/compress/pull/871 | ||||
| 	* flate: Reduce allocations in decompressor and minor code improvements by @fakefloordiv in https://github.com/klauspost/compress/pull/869 | ||||
| 	* s2: Fix EstimateBlockSize on 6&7 length input by @klauspost in https://github.com/klauspost/compress/pull/867 | ||||
| 
 | ||||
| * Sept 19th, 2023 - [v1.17.0](https://github.com/klauspost/compress/releases/tag/v1.17.0) | ||||
| 	* Add experimental dictionary builder  https://github.com/klauspost/compress/pull/853 | ||||
| 	* Add xerial snappy read/writer https://github.com/klauspost/compress/pull/838 | ||||
|  |  | |||
|  | @ -212,7 +212,7 @@ func (s *Scratch) writeCount() error { | |||
| 		previous0 bool | ||||
| 		charnum   uint16 | ||||
| 
 | ||||
| 		maxHeaderSize = ((int(s.symbolLen) * int(tableLog)) >> 3) + 3 | ||||
| 		maxHeaderSize = ((int(s.symbolLen)*int(tableLog) + 4 + 2) >> 3) + 3 | ||||
| 
 | ||||
| 		// Write Table Size
 | ||||
| 		bitStream = uint32(tableLog - minTablelog) | ||||
|  |  | |||
|  | @ -43,7 +43,7 @@ func (m *match) estBits(bitsPerByte int32) { | |||
| 	if m.rep < 0 { | ||||
| 		ofc = ofCode(uint32(m.s-m.offset) + 3) | ||||
| 	} else { | ||||
| 		ofc = ofCode(uint32(m.rep)) | ||||
| 		ofc = ofCode(uint32(m.rep) & 3) | ||||
| 	} | ||||
| 	// Cost, excluding
 | ||||
| 	ofTT, mlTT := fsePredefEnc[tableOffsets].ct.symbolTT[ofc], fsePredefEnc[tableMatchLengths].ct.symbolTT[mlc] | ||||
|  | @ -227,7 +227,7 @@ encodeLoop: | |||
| 				} | ||||
| 			} | ||||
| 			l := 4 + e.matchlen(s+4, offset+4, src) | ||||
| 			if rep < 0 { | ||||
| 			if true { | ||||
| 				// Extend candidate match backwards as far as possible.
 | ||||
| 				tMin := s - e.maxMatchOff | ||||
| 				if tMin < 0 { | ||||
|  | @ -282,6 +282,7 @@ encodeLoop: | |||
| 		// Load next and check...
 | ||||
| 		e.longTable[nextHashL] = prevEntry{offset: s + e.cur, prev: candidateL.offset} | ||||
| 		e.table[nextHashS] = prevEntry{offset: s + e.cur, prev: candidateS.offset} | ||||
| 		index0 := s + 1 | ||||
| 
 | ||||
| 		// Look far ahead, unless we have a really long match already...
 | ||||
| 		if best.length < goodEnough { | ||||
|  | @ -357,19 +358,16 @@ encodeLoop: | |||
| 			blk.sequences = append(blk.sequences, seq) | ||||
| 
 | ||||
| 			// Index old s + 1 -> s - 1
 | ||||
| 			index0 := s + 1 | ||||
| 			s = best.s + best.length | ||||
| 
 | ||||
| 			nextEmit = s | ||||
| 			if s >= sLimit { | ||||
| 				if debugEncoder { | ||||
| 					println("repeat ended", s, best.length) | ||||
| 				} | ||||
| 				break encodeLoop | ||||
| 			} | ||||
| 
 | ||||
| 			// Index skipped...
 | ||||
| 			end := s | ||||
| 			if s > sLimit+4 { | ||||
| 				end = sLimit + 4 | ||||
| 			} | ||||
| 			off := index0 + e.cur | ||||
| 			for index0 < s { | ||||
| 			for index0 < end { | ||||
| 				cv0 := load6432(src, index0) | ||||
| 				h0 := hashLen(cv0, bestLongTableBits, bestLongLen) | ||||
| 				h1 := hashLen(cv0, bestShortTableBits, bestShortLen) | ||||
|  | @ -378,6 +376,7 @@ encodeLoop: | |||
| 				off++ | ||||
| 				index0++ | ||||
| 			} | ||||
| 
 | ||||
| 			switch best.rep { | ||||
| 			case 2, 4 | 1: | ||||
| 				offset1, offset2 = offset2, offset1 | ||||
|  | @ -386,12 +385,17 @@ encodeLoop: | |||
| 			case 4 | 3: | ||||
| 				offset1, offset2, offset3 = offset1-1, offset1, offset2 | ||||
| 			} | ||||
| 			if s >= sLimit { | ||||
| 				if debugEncoder { | ||||
| 					println("repeat ended", s, best.length) | ||||
| 				} | ||||
| 				break encodeLoop | ||||
| 			} | ||||
| 			continue | ||||
| 		} | ||||
| 
 | ||||
| 		// A 4-byte match has been found. Update recent offsets.
 | ||||
| 		// We'll later see if more than 4 bytes.
 | ||||
| 		index0 := s + 1 | ||||
| 		s = best.s | ||||
| 		t := best.offset | ||||
| 		offset1, offset2, offset3 = s-t, offset1, offset2 | ||||
|  | @ -419,19 +423,25 @@ encodeLoop: | |||
| 		} | ||||
| 		blk.sequences = append(blk.sequences, seq) | ||||
| 		nextEmit = s | ||||
| 		if s >= sLimit { | ||||
| 			break encodeLoop | ||||
| 
 | ||||
| 		// Index old s + 1 -> s - 1 or sLimit
 | ||||
| 		end := s | ||||
| 		if s > sLimit-4 { | ||||
| 			end = sLimit - 4 | ||||
| 		} | ||||
| 
 | ||||
| 		// Index old s + 1 -> s - 1
 | ||||
| 		for index0 < s { | ||||
| 		off := index0 + e.cur | ||||
| 		for index0 < end { | ||||
| 			cv0 := load6432(src, index0) | ||||
| 			h0 := hashLen(cv0, bestLongTableBits, bestLongLen) | ||||
| 			h1 := hashLen(cv0, bestShortTableBits, bestShortLen) | ||||
| 			off := index0 + e.cur | ||||
| 			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} | ||||
| 			e.table[h1] = prevEntry{offset: off, prev: e.table[h1].offset} | ||||
| 			index0++ | ||||
| 			off++ | ||||
| 		} | ||||
| 		if s >= sLimit { | ||||
| 			break encodeLoop | ||||
| 		} | ||||
| 	} | ||||
| 
 | ||||
|  |  | |||
|  | @ -145,7 +145,7 @@ encodeLoop: | |||
| 		var t int32 | ||||
| 		// We allow the encoder to optionally turn off repeat offsets across blocks
 | ||||
| 		canRepeat := len(blk.sequences) > 2 | ||||
| 		var matched int32 | ||||
| 		var matched, index0 int32 | ||||
| 
 | ||||
| 		for { | ||||
| 			if debugAsserts && canRepeat && offset1 == 0 { | ||||
|  | @ -162,6 +162,7 @@ encodeLoop: | |||
| 			off := s + e.cur | ||||
| 			e.longTable[nextHashL] = prevEntry{offset: off, prev: candidateL.offset} | ||||
| 			e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)} | ||||
| 			index0 = s + 1 | ||||
| 
 | ||||
| 			if canRepeat { | ||||
| 				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) { | ||||
|  | @ -258,7 +259,6 @@ encodeLoop: | |||
| 					} | ||||
| 					blk.sequences = append(blk.sequences, seq) | ||||
| 
 | ||||
| 					index0 := s + repOff2 | ||||
| 					s += lenght + repOff2 | ||||
| 					nextEmit = s | ||||
| 					if s >= sLimit { | ||||
|  | @ -498,15 +498,15 @@ encodeLoop: | |||
| 		} | ||||
| 
 | ||||
| 		// Index match start+1 (long) -> s - 1
 | ||||
| 		index0 := s - l + 1 | ||||
| 		off := index0 + e.cur | ||||
| 		for index0 < s-1 { | ||||
| 			cv0 := load6432(src, index0) | ||||
| 			cv1 := cv0 >> 8 | ||||
| 			h0 := hashLen(cv0, betterLongTableBits, betterLongLen) | ||||
| 			off := index0 + e.cur | ||||
| 			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} | ||||
| 			e.table[hashLen(cv1, betterShortTableBits, betterShortLen)] = tableEntry{offset: off + 1, val: uint32(cv1)} | ||||
| 			index0 += 2 | ||||
| 			off += 2 | ||||
| 		} | ||||
| 
 | ||||
| 		cv = load6432(src, s) | ||||
|  | @ -672,7 +672,7 @@ encodeLoop: | |||
| 		var t int32 | ||||
| 		// We allow the encoder to optionally turn off repeat offsets across blocks
 | ||||
| 		canRepeat := len(blk.sequences) > 2 | ||||
| 		var matched int32 | ||||
| 		var matched, index0 int32 | ||||
| 
 | ||||
| 		for { | ||||
| 			if debugAsserts && canRepeat && offset1 == 0 { | ||||
|  | @ -691,6 +691,7 @@ encodeLoop: | |||
| 			e.markLongShardDirty(nextHashL) | ||||
| 			e.table[nextHashS] = tableEntry{offset: off, val: uint32(cv)} | ||||
| 			e.markShortShardDirty(nextHashS) | ||||
| 			index0 = s + 1 | ||||
| 
 | ||||
| 			if canRepeat { | ||||
| 				if repIndex >= 0 && load3232(src, repIndex) == uint32(cv>>(repOff*8)) { | ||||
|  | @ -726,7 +727,6 @@ encodeLoop: | |||
| 					blk.sequences = append(blk.sequences, seq) | ||||
| 
 | ||||
| 					// Index match start+1 (long) -> s - 1
 | ||||
| 					index0 := s + repOff | ||||
| 					s += lenght + repOff | ||||
| 
 | ||||
| 					nextEmit = s | ||||
|  | @ -790,7 +790,6 @@ encodeLoop: | |||
| 					} | ||||
| 					blk.sequences = append(blk.sequences, seq) | ||||
| 
 | ||||
| 					index0 := s + repOff2 | ||||
| 					s += lenght + repOff2 | ||||
| 					nextEmit = s | ||||
| 					if s >= sLimit { | ||||
|  | @ -1024,18 +1023,18 @@ encodeLoop: | |||
| 		} | ||||
| 
 | ||||
| 		// Index match start+1 (long) -> s - 1
 | ||||
| 		index0 := s - l + 1 | ||||
| 		off := index0 + e.cur | ||||
| 		for index0 < s-1 { | ||||
| 			cv0 := load6432(src, index0) | ||||
| 			cv1 := cv0 >> 8 | ||||
| 			h0 := hashLen(cv0, betterLongTableBits, betterLongLen) | ||||
| 			off := index0 + e.cur | ||||
| 			e.longTable[h0] = prevEntry{offset: off, prev: e.longTable[h0].offset} | ||||
| 			e.markLongShardDirty(h0) | ||||
| 			h1 := hashLen(cv1, betterShortTableBits, betterShortLen) | ||||
| 			e.table[h1] = tableEntry{offset: off + 1, val: uint32(cv1)} | ||||
| 			e.markShortShardDirty(h1) | ||||
| 			index0 += 2 | ||||
| 			off += 2 | ||||
| 		} | ||||
| 
 | ||||
| 		cv = load6432(src, s) | ||||
|  |  | |||
|  | @ -29,8 +29,9 @@ type Copy struct { | |||
| 	Download bool | ||||
| 	// If set, the owner:group for the destination.  This value is passed
 | ||||
| 	// to the executor for handling.
 | ||||
| 	Chown string | ||||
| 	Chmod string | ||||
| 	Chown    string | ||||
| 	Chmod    string | ||||
| 	Checksum string | ||||
| } | ||||
| 
 | ||||
| // Run defines a run operation required in the container.
 | ||||
|  | @ -78,7 +79,7 @@ func (logExecutor) EnsureContainerPathAs(path, user string, mode *os.FileMode) e | |||
| 
 | ||||
| func (logExecutor) Copy(excludes []string, copies ...Copy) error { | ||||
| 	for _, c := range copies { | ||||
| 		log.Printf("COPY %v -> %s (from:%s download:%t), chown: %s, chmod %s", c.Src, c.Dest, c.From, c.Download, c.Chown, c.Chmod) | ||||
| 		log.Printf("COPY %v -> %s (from:%s download:%t), chown: %s, chmod %s, checksum: %s", c.Src, c.Dest, c.From, c.Download, c.Chown, c.Chmod, c.Checksum) | ||||
| 	} | ||||
| 	return nil | ||||
| } | ||||
|  |  | |||
|  | @ -137,6 +137,7 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin | |||
| 	} | ||||
| 	var chown string | ||||
| 	var chmod string | ||||
| 	var checksum string | ||||
| 	last := len(args) - 1 | ||||
| 	dest := makeAbsolute(args[last], b.RunConfig.WorkingDir) | ||||
| 	filteredUserArgs := make(map[string]string) | ||||
|  | @ -160,11 +161,19 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin | |||
| 			if err != nil { | ||||
| 				return err | ||||
| 			} | ||||
| 		case strings.HasPrefix(arg, "--checksum="): | ||||
| 			checksum = strings.TrimPrefix(arg, "--checksum=") | ||||
| 		default: | ||||
| 			return fmt.Errorf("ADD only supports the --chmod=<permissions> and the --chown=<uid:gid> flag") | ||||
| 			return fmt.Errorf("ADD only supports the --chmod=<permissions>, --chown=<uid:gid>, and --checksum=<checksum> flags") | ||||
| 		} | ||||
| 	} | ||||
| 	b.PendingCopies = append(b.PendingCopies, Copy{Src: args[0:last], Dest: dest, Download: true, Chown: chown, Chmod: chmod}) | ||||
| 	b.PendingCopies = append(b.PendingCopies, Copy{ | ||||
| 		Src:      args[0:last], | ||||
| 		Dest:     dest, | ||||
| 		Download: true, | ||||
| 		Chown:    chown, | ||||
| 		Chmod:    chmod, | ||||
| 		Checksum: checksum}) | ||||
| 	return nil | ||||
| } | ||||
| 
 | ||||
|  |  | |||
|  | @ -261,6 +261,10 @@ func Parse(rwc io.Reader) (*Result, error) { | |||
| 	currentLine := 0 | ||||
| 	root := &Node{StartLine: -1} | ||||
| 	scanner := bufio.NewScanner(rwc) | ||||
| 	buf := []byte{} | ||||
| 	// containerfile may contain large lines,
 | ||||
| 	// allocate 2MB for such use-cases.
 | ||||
| 	scanner.Buffer(buf, 2048*1024) | ||||
| 	warnings := []string{} | ||||
| 
 | ||||
| 	var err error | ||||
|  | @ -312,6 +316,10 @@ func Parse(rwc io.Reader) (*Result, error) { | |||
| 		root.AddChild(child, startLine, currentLine) | ||||
| 	} | ||||
| 
 | ||||
| 	if scannerErr := scanner.Err(); scannerErr != nil { | ||||
| 		return nil, scannerErr | ||||
| 	} | ||||
| 
 | ||||
| 	if len(warnings) > 0 { | ||||
| 		warnings = append(warnings, "[WARNING]: Empty continuation lines will become errors in a future release.") | ||||
| 	} | ||||
|  |  | |||
|  | @ -12,7 +12,7 @@ | |||
| # | ||||
| 
 | ||||
| %global golang_version 1.8.1 | ||||
| %{!?version: %global version 1.2.5} | ||||
| %{!?version: %global version 1.2.6-dev} | ||||
| %{!?release: %global release 1} | ||||
| %global package_name imagebuilder | ||||
| %global product_name Container Image Builder | ||||
|  |  | |||
|  | @ -13,6 +13,7 @@ go.work.sum | |||
| 
 | ||||
| gen/ | ||||
| 
 | ||||
| /example/dice/dice | ||||
| /example/fib/fib | ||||
| /example/fib/traces.txt | ||||
| /example/jaeger/jaeger | ||||
|  |  | |||
|  | @ -61,28 +61,63 @@ issues: | |||
| 
 | ||||
| linters-settings: | ||||
|   depguard: | ||||
|     # Check the list against standard lib. | ||||
|     # Default: false | ||||
|     include-go-root: true | ||||
|     # A list of packages for the list type specified. | ||||
|     # Default: [] | ||||
|     packages: | ||||
|       - "crypto/md5" | ||||
|       - "crypto/sha1" | ||||
|       - "crypto/**/pkix" | ||||
|     ignore-file-rules: | ||||
|       - "**/*_test.go" | ||||
|     additional-guards: | ||||
|       # Do not allow testing packages in non-test files. | ||||
|       - list-type: denylist | ||||
|         include-go-root: true | ||||
|         packages: | ||||
|           - testing | ||||
|           - github.com/stretchr/testify | ||||
|         ignore-file-rules: | ||||
|           - "**/*_test.go" | ||||
|           - "**/*test/*.go" | ||||
|           - "**/internal/matchers/*.go" | ||||
|     rules: | ||||
|       non-tests: | ||||
|         files: | ||||
|           - "!$test" | ||||
|           - "!**/*test/*.go" | ||||
|           - "!**/internal/matchers/*.go" | ||||
|         deny: | ||||
|           - pkg: "testing" | ||||
|           - pkg: "github.com/stretchr/testify" | ||||
|           - pkg: "crypto/md5" | ||||
|           - pkg: "crypto/sha1" | ||||
|           - pkg: "crypto/**/pkix" | ||||
|       otlp-internal: | ||||
|         files: | ||||
|           - "!**/exporters/otlp/internal/**/*.go" | ||||
|         deny: | ||||
|           - pkg: "go.opentelemetry.io/otel/exporters/otlp/internal" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|       otlptrace-internal: | ||||
|         files: | ||||
|           - "!**/exporters/otlp/otlptrace/*.go" | ||||
|           - "!**/exporters/otlp/otlptrace/internal/**.go" | ||||
|         deny: | ||||
|           - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|       otlpmetric-internal: | ||||
|         files: | ||||
|           - "!**/exporters/otlp/otlpmetric/internal/*.go" | ||||
|           - "!**/exporters/otlp/otlpmetric/internal/**/*.go" | ||||
|         deny: | ||||
|           - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|       otel-internal: | ||||
|         files: | ||||
|           - "**/sdk/*.go" | ||||
|           - "**/sdk/**/*.go" | ||||
|           - "**/exporters/*.go" | ||||
|           - "**/exporters/**/*.go" | ||||
|           - "**/schema/*.go" | ||||
|           - "**/schema/**/*.go" | ||||
|           - "**/metric/*.go" | ||||
|           - "**/metric/**/*.go" | ||||
|           - "**/bridge/*.go" | ||||
|           - "**/bridge/**/*.go" | ||||
|           - "**/example/*.go" | ||||
|           - "**/example/**/*.go" | ||||
|           - "**/trace/*.go" | ||||
|           - "**/trace/**/*.go" | ||||
|         deny: | ||||
|           - pkg: "go.opentelemetry.io/otel/internal$" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|           - pkg: "go.opentelemetry.io/otel/internal/attribute" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|           - pkg: "go.opentelemetry.io/otel/internal/internaltest" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|           - pkg: "go.opentelemetry.io/otel/internal/matchers" | ||||
|             desc: Do not use cross-module internal packages. | ||||
|   godot: | ||||
|     exclude: | ||||
|       # Exclude links. | ||||
|  |  | |||
|  | @ -8,6 +8,164 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm | |||
| 
 | ||||
| ## [Unreleased] | ||||
| 
 | ||||
| ## [1.19.0/0.42.0/0.0.7] 2023-09-28 | ||||
| 
 | ||||
| This release contains the first stable release of the OpenTelemetry Go [metric SDK]. | ||||
| Our project stability guarantees now apply to the `go.opentelemetry.io/otel/sdk/metric` package. | ||||
| See our [versioning policy](VERSIONING.md) for more information about these stability guarantees. | ||||
| 
 | ||||
| ### Added | ||||
| 
 | ||||
| - Add the "Roll the dice" getting started application example in `go.opentelemetry.io/otel/example/dice`. (#4539) | ||||
| - The `WithWriter` and `WithPrettyPrint` options to `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric` to set a custom `io.Writer`, and allow displaying the output in human-readable JSON. (#4507) | ||||
| 
 | ||||
| ### Changed | ||||
| 
 | ||||
| - Allow '/' characters in metric instrument names. (#4501) | ||||
| - The exporter in `go.opentelemetry.io/otel/exporters/stdout/stdoutmetric` does not prettify its output by default anymore. (#4507) | ||||
| - Upgrade `gopkg.io/yaml` from `v2` to `v3` in `go.opentelemetry.io/otel/schema`. (#4535) | ||||
| 
 | ||||
| ### Fixed | ||||
| 
 | ||||
| - In `go.opentelemetry.op/otel/exporters/prometheus`, don't try to create the Prometheus metric on every `Collect` if we know the scope is invalid. (#4499) | ||||
| 
 | ||||
| ### Removed | ||||
| 
 | ||||
| - Remove `"go.opentelemetry.io/otel/bridge/opencensus".NewMetricExporter`, which is replaced by `NewMetricProducer`. (#4566) | ||||
| 
 | ||||
| ## [1.19.0-rc.1/0.42.0-rc.1] 2023-09-14 | ||||
| 
 | ||||
| This is a release candidate for the v1.19.0/v0.42.0 release. | ||||
| That release is expected to include the `v1` release of the OpenTelemetry Go metric SDK and will provide stability guarantees of that SDK. | ||||
| See our [versioning policy](VERSIONING.md) for more information about these stability guarantees. | ||||
| 
 | ||||
| ### Changed | ||||
| 
 | ||||
| - Allow '/' characters in metric instrument names. (#4501) | ||||
| 
 | ||||
| ### Fixed | ||||
| 
 | ||||
| - In `go.opentelemetry.op/otel/exporters/prometheus`, don't try to create the prometheus metric on every `Collect` if we know the scope is invalid. (#4499) | ||||
| 
 | ||||
| ## [1.18.0/0.41.0/0.0.6] 2023-09-12 | ||||
| 
 | ||||
| This release drops the compatibility guarantee of [Go 1.19]. | ||||
| 
 | ||||
| ### Added | ||||
| 
 | ||||
| - Add `WithProducer` option in `go.opentelemetry.op/otel/exporters/prometheus` to restore the ability to register producers on the prometheus exporter's manual reader. (#4473) | ||||
| - Add `IgnoreValue` option in `go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest` to allow ignoring values when comparing metrics. (#4447) | ||||
| 
 | ||||
| ### Changed | ||||
| 
 | ||||
| - Use a `TestingT` interface instead of `*testing.T` struct in `go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest`. (#4483) | ||||
| 
 | ||||
| ### Deprecated | ||||
| 
 | ||||
| - The `NewMetricExporter` in `go.opentelemetry.io/otel/bridge/opencensus` was deprecated in `v0.35.0` (#3541). | ||||
|   The deprecation notice format for the function has been corrected to trigger Go documentation and build tooling. (#4470) | ||||
| 
 | ||||
| ### Removed | ||||
| 
 | ||||
| - Removed the deprecated `go.opentelemetry.io/otel/exporters/jaeger` package. (#4467) | ||||
| - Removed the deprecated `go.opentelemetry.io/otel/example/jaeger` package. (#4467) | ||||
| - Removed the deprecated `go.opentelemetry.io/otel/sdk/metric/aggregation` package. (#4468) | ||||
| - Removed the deprecated internal packages in `go.opentelemetry.io/otel/exporters/otlp` and its sub-packages. (#4469) | ||||
| - Dropped guaranteed support for versions of Go less than 1.20. (#4481) | ||||
| 
 | ||||
| ## [1.17.0/0.40.0/0.0.5] 2023-08-28 | ||||
| 
 | ||||
| ### Added | ||||
| 
 | ||||
| - Export the `ManualReader` struct in `go.opentelemetry.io/otel/sdk/metric`. (#4244) | ||||
| - Export the `PeriodicReader` struct in `go.opentelemetry.io/otel/sdk/metric`. (#4244) | ||||
| - Add support for exponential histogram aggregations. | ||||
|   A histogram can be configured as an exponential histogram using a view with `"go.opentelemetry.io/otel/sdk/metric".ExponentialHistogram` as the aggregation. (#4245) | ||||
| - Export the `Exporter` struct in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. (#4272) | ||||
| - Export the `Exporter` struct in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#4272) | ||||
| - The exporters in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric` now support the `OTEL_EXPORTER_OTLP_METRICS_TEMPORALITY_PREFERENCE` environment variable. (#4287) | ||||
| - Add `WithoutCounterSuffixes` option in `go.opentelemetry.io/otel/exporters/prometheus` to disable addition of `_total` suffixes. (#4306) | ||||
| - Add info and debug logging to the metric SDK in `go.opentelemetry.io/otel/sdk/metric`. (#4315) | ||||
| - The `go.opentelemetry.io/otel/semconv/v1.21.0` package. | ||||
|   The package contains semantic conventions from the `v1.21.0` version of the OpenTelemetry Semantic Conventions. (#4362) | ||||
| - Accept 201 to 299 HTTP status as success in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` and `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#4365) | ||||
| - Document the `Temporality` and `Aggregation` methods of the `"go.opentelemetry.io/otel/sdk/metric".Exporter"` need to be concurrent safe. (#4381) | ||||
| - Expand the set of units supported by the Prometheus exporter, and don't add unit suffixes if they are already present in `go.opentelemetry.op/otel/exporters/prometheus` (#4374) | ||||
| - Move the `Aggregation` interface and its implementations from `go.opentelemetry.io/otel/sdk/metric/aggregation` to `go.opentelemetry.io/otel/sdk/metric`. (#4435) | ||||
| - The exporters in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric` now support the `OTEL_EXPORTER_OTLP_METRICS_DEFAULT_HISTOGRAM_AGGREGATION` environment variable. (#4437) | ||||
| - Add the `NewAllowKeysFilter` and `NewDenyKeysFilter` functions to `go.opentelemetry.io/otel/attribute` to allow convenient creation of allow-keys and deny-keys filters. (#4444) | ||||
| - Support Go 1.21. (#4463) | ||||
| 
 | ||||
| ### Changed | ||||
| 
 | ||||
| - Starting from `v1.21.0` of semantic conventions, `go.opentelemetry.io/otel/semconv/{version}/httpconv` and `go.opentelemetry.io/otel/semconv/{version}/netconv` packages will no longer be published. (#4145) | ||||
| - Log duplicate instrument conflict at a warning level instead of info in `go.opentelemetry.io/otel/sdk/metric`. (#4202) | ||||
| - Return an error on the creation of new instruments in `go.opentelemetry.io/otel/sdk/metric` if their name doesn't pass regexp validation. (#4210) | ||||
| - `NewManualReader` in `go.opentelemetry.io/otel/sdk/metric` returns `*ManualReader` instead of `Reader`. (#4244) | ||||
| - `NewPeriodicReader` in `go.opentelemetry.io/otel/sdk/metric` returns `*PeriodicReader` instead of `Reader`. (#4244) | ||||
| - Count the Collect time in the `PeriodicReader` timeout in `go.opentelemetry.io/otel/sdk/metric`. (#4221) | ||||
| - The function `New` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` returns `*Exporter` instead of `"go.opentelemetry.io/otel/sdk/metric".Exporter`. (#4272) | ||||
| - The function `New` in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` returns `*Exporter` instead of `"go.opentelemetry.io/otel/sdk/metric".Exporter`. (#4272) | ||||
| - If an attribute set is omitted from an async callback, the previous value will no longer be exported in `go.opentelemetry.io/otel/sdk/metric`. (#4290) | ||||
| - If an attribute set is observed multiple times in an async callback in `go.opentelemetry.io/otel/sdk/metric`, the values will be summed instead of the last observation winning. (#4289) | ||||
| - Allow the explicit bucket histogram aggregation to be used for the up-down counter, observable counter, observable up-down counter, and observable gauge in the `go.opentelemetry.io/otel/sdk/metric` package. (#4332) | ||||
| - Restrict `Meter`s in `go.opentelemetry.io/otel/sdk/metric` to only register and collect instruments it created. (#4333) | ||||
| - `PeriodicReader.Shutdown` and `PeriodicReader.ForceFlush` in `go.opentelemetry.io/otel/sdk/metric` now apply the periodic reader's timeout to the operation if the user provided context does not contain a deadline. (#4356, #4377) | ||||
| - Upgrade all use of `go.opentelemetry.io/otel/semconv` to use `v1.21.0`. (#4408) | ||||
| - Increase instrument name maximum length from 63 to 255 characters in `go.opentelemetry.io/otel/sdk/metric`. (#4434) | ||||
| - Add `go.opentelemetry.op/otel/sdk/metric.WithProducer` as an `Option` for `"go.opentelemetry.io/otel/sdk/metric".NewManualReader` and `"go.opentelemetry.io/otel/sdk/metric".NewPeriodicReader`. (#4346) | ||||
| 
 | ||||
| ### Removed | ||||
| 
 | ||||
| - Remove `Reader.RegisterProducer` in `go.opentelemetry.io/otel/metric`. | ||||
|   Use the added `WithProducer` option instead. (#4346) | ||||
| - Remove `Reader.ForceFlush` in `go.opentelemetry.io/otel/metric`. | ||||
|   Notice that `PeriodicReader.ForceFlush` is still available. (#4375) | ||||
| 
 | ||||
| ### Fixed | ||||
| 
 | ||||
| - Correctly format log messages from the `go.opentelemetry.io/otel/exporters/zipkin` exporter. (#4143) | ||||
| - Log an error for calls to `NewView` in `go.opentelemetry.io/otel/sdk/metric` that have empty criteria. (#4307) | ||||
| - Fix `"go.opentelemetry.io/otel/sdk/resource".WithHostID()` to not set an empty `host.id`. (#4317) | ||||
| - Use the instrument identifying fields to cache aggregators and determine duplicate instrument registrations in `go.opentelemetry.io/otel/sdk/metric`. (#4337) | ||||
| - Detect duplicate instruments for case-insensitive names in `go.opentelemetry.io/otel/sdk/metric`. (#4338) | ||||
| - The `ManualReader` will not panic if `AggregationSelector` returns `nil` in `go.opentelemetry.io/otel/sdk/metric`. (#4350) | ||||
| - If a `Reader`'s `AggregationSelector` returns `nil` or `DefaultAggregation` the pipeline will use the default aggregation. (#4350) | ||||
| - Log a suggested view that fixes instrument conflicts in `go.opentelemetry.io/otel/sdk/metric`. (#4349) | ||||
| - Fix possible panic, deadlock and race condition in batch span processor in `go.opentelemetry.io/otel/sdk/trace`. (#4353) | ||||
| - Improve context cancellation handling in batch span processor's `ForceFlush` in  `go.opentelemetry.io/otel/sdk/trace`. (#4369) | ||||
| - Decouple `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` using gotmpl. (#4397, #3846) | ||||
| - Decouple `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal` using gotmpl. (#4404, #3846) | ||||
| - Decouple `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal` using gotmpl. (#4407, #3846) | ||||
| - Decouple `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` using gotmpl. (#4400, #3846) | ||||
| - Decouple `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp/internal` from `go.opentelemetry.io/otel/exporters/otlp/internal` and `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` using gotmpl. (#4401, #3846) | ||||
| - Do not block the metric SDK when OTLP metric exports are blocked in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#3925, #4395) | ||||
| - Do not append `_total` if the counter already has that suffix for the Prometheus exproter in `go.opentelemetry.io/otel/exporter/prometheus`. (#4373) | ||||
| - Fix resource detection data race in `go.opentelemetry.io/otel/sdk/resource`. (#4409) | ||||
| - Use the first-seen instrument name during instrument name conflicts in `go.opentelemetry.io/otel/sdk/metric`. (#4428) | ||||
| 
 | ||||
| ### Deprecated | ||||
| 
 | ||||
| - The `go.opentelemetry.io/otel/exporters/jaeger` package is deprecated. | ||||
|   OpenTelemetry dropped support for Jaeger exporter in July 2023. | ||||
|   Use `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` | ||||
|   or `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` instead. (#4423) | ||||
| - The `go.opentelemetry.io/otel/example/jaeger` package is deprecated. (#4423) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal` package is deprecated. (#4420) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal/oconf` package is deprecated. (#4420) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal/otest` package is deprecated. (#4420) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal/transform` package is deprecated. (#4420) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/internal` package is deprecated. (#4421) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/internal/envconfig` package is deprecated. (#4421) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/internal/retry` package is deprecated. (#4421) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal` package is deprecated. (#4425) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/envconfig` package is deprecated. (#4425) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlpconfig` package is deprecated. (#4425) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlptracetest` package is deprecated. (#4425) | ||||
| - The `go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/retry` package is deprecated. (#4425) | ||||
| - The `go.opentelemetry.io/otel/sdk/metric/aggregation` package is deprecated. | ||||
|   Use the aggregation types added to `go.opentelemetry.io/otel/sdk/metric` instead. (#4435) | ||||
| 
 | ||||
| ## [1.16.0/0.39.0] 2023-05-18 | ||||
| 
 | ||||
| This release contains the first stable release of the OpenTelemetry Go [metric API]. | ||||
|  | @ -20,10 +178,14 @@ See our [versioning policy](VERSIONING.md) for more information about these stab | |||
|   The package contains semantic conventions from the `v1.19.0` version of the OpenTelemetry specification. (#3848) | ||||
| - The `go.opentelemetry.io/otel/semconv/v1.20.0` package. | ||||
|   The package contains semantic conventions from the `v1.20.0` version of the OpenTelemetry specification. (#4078) | ||||
| - The Exponential Histogram data types in `go.opentelemetry.io/otel/sdk/metric/metricdata`. (#4165) | ||||
| - OTLP metrics exporter now supports the Exponential Histogram Data Type. (#4222) | ||||
| - Fix serialization of `time.Time` zero values in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc` and `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` packages. (#4271) | ||||
| 
 | ||||
| ### Changed | ||||
| 
 | ||||
| - Use `strings.Cut()` instead of `string.SplitN()` for better readability and memory use. (#4049) | ||||
| - `MeterProvider` returns noop meters once it has been shutdown. (#4154) | ||||
| 
 | ||||
| ### Removed | ||||
| 
 | ||||
|  | @ -188,6 +350,8 @@ This release drops the compatibility guarantee of [Go 1.18]. | |||
| 
 | ||||
| - Handle empty environment variable as it they were not set. (#3764) | ||||
| - Clarify the `httpconv` and `netconv` packages in `go.opentelemetry.io/otel/semconv/*` provide tracing semantic conventions. (#3823) | ||||
| - Fix race conditions in `go.opentelemetry.io/otel/exporters/metric/prometheus` that could cause a panic. (#3899) | ||||
| - Fix sending nil `scopeInfo` to metrics channel in `go.opentelemetry.io/otel/exporters/metric/prometheus` that could cause a panic in `github.com/prometheus/client_golang/prometheus`. (#3899) | ||||
| 
 | ||||
| ### Deprecated | ||||
| 
 | ||||
|  | @ -2492,7 +2656,11 @@ It contains api and sdk for trace and meter. | |||
| - CircleCI build CI manifest files. | ||||
| - CODEOWNERS file to track owners of this project. | ||||
| 
 | ||||
| [Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.16.0...HEAD | ||||
| [Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.19.0...HEAD | ||||
| [1.19.0/0.42.0/0.0.7]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0 | ||||
| [1.19.0-rc.1/0.42.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.19.0-rc.1 | ||||
| [1.18.0/0.41.0/0.0.6]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.18.0 | ||||
| [1.17.0/0.40.0/0.0.5]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.17.0 | ||||
| [1.16.0/0.39.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.16.0 | ||||
| [1.16.0-rc.1/0.39.0-rc.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.16.0-rc.1 | ||||
| [1.15.1/0.38.1]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.15.1 | ||||
|  | @ -2563,5 +2731,7 @@ It contains api and sdk for trace and meter. | |||
| [Go 1.20]: https://go.dev/doc/go1.20 | ||||
| [Go 1.19]: https://go.dev/doc/go1.19 | ||||
| [Go 1.18]: https://go.dev/doc/go1.18 | ||||
| [Go 1.19]: https://go.dev/doc/go1.19 | ||||
| 
 | ||||
| [metric API]:https://pkg.go.dev/go.opentelemetry.io/otel/metric | ||||
| [metric SDK]:https://pkg.go.dev/go.opentelemetry.io/otel/sdk/metric | ||||
|  |  | |||
|  | @ -14,4 +14,4 @@ | |||
| 
 | ||||
| * @MrAlias @Aneurysm9 @evantorrie @XSAM @dashpole @MadVikingGod @pellared @hanyuancheung @dmathieu | ||||
| 
 | ||||
| CODEOWNERS @MrAlias @Aneurysm9 @MadVikingGod | ||||
| CODEOWNERS @MrAlias @MadVikingGod @pellared | ||||
|  | @ -179,23 +179,23 @@ For a deeper discussion, see | |||
| 
 | ||||
| ## Documentation | ||||
| 
 | ||||
| Each non-example Go Module should have its own `README.md` containing: | ||||
| Each (non-internal, non-test) package must be documented using | ||||
| [Go Doc Comments](https://go.dev/doc/comment), | ||||
| preferably in a `doc.go` file. | ||||
| 
 | ||||
| - A pkg.go.dev badge which can be generated [here](https://pkg.go.dev/badge/). | ||||
| - Brief description. | ||||
| - Installation instructions (and requirements if applicable). | ||||
| - Hyperlink to an example. Depending on the component the example can be: | ||||
|   - An `example_test.go` like [here](exporters/stdout/stdouttrace/example_test.go). | ||||
|   - A sample Go application with its own `README.md`, like [here](example/zipkin). | ||||
| - Additional documentation sections such us: | ||||
|   - Configuration, | ||||
|   - Contributing, | ||||
|   - References. | ||||
| Prefer using [Examples](https://pkg.go.dev/testing#hdr-Examples) | ||||
| instead of putting code snippets in Go doc comments. | ||||
| In some cases, you can even create [Testable Examples](https://go.dev/blog/examples). | ||||
| 
 | ||||
| [Here](exporters/jaeger/README.md) is an example of a concise `README.md`. | ||||
| You can install and run a "local Go Doc site" in the following way: | ||||
| 
 | ||||
| Moreover, it should be possible to navigate to any `README.md` from the | ||||
| root `README.md`. | ||||
|   ```sh | ||||
|   go install golang.org/x/pkgsite/cmd/pkgsite@latest | ||||
|   pkgsite | ||||
|   ``` | ||||
| 
 | ||||
| [`go.opentelemetry.io/otel/metric`](https://pkg.go.dev/go.opentelemetry.io/otel/metric) | ||||
| is an example of a very well-documented package. | ||||
| 
 | ||||
| ## Style Guide | ||||
| 
 | ||||
|  | @ -475,8 +475,33 @@ documentation are allowed to be extended with additional methods. | |||
| 
 | ||||
| > Warning: methods may be added to this interface in minor releases. | ||||
| 
 | ||||
| These interfaces are defined by the OpenTelemetry specification and will be | ||||
| updated as the specification evolves. | ||||
| 
 | ||||
| Otherwise, stable interfaces MUST NOT be modified. | ||||
| 
 | ||||
| #### How to Change Specification Interfaces | ||||
| 
 | ||||
| When an API change must be made, we will update the SDK with the new method one | ||||
| release before the API change. This will allow the SDK one version before the | ||||
| API change to work seamlessly with the new API. | ||||
| 
 | ||||
| If an incompatible version of the SDK is used with the new API the application | ||||
| will fail to compile. | ||||
| 
 | ||||
| #### How Not to Change Specification Interfaces | ||||
| 
 | ||||
| We have explored using a v2 of the API to change interfaces and found that there | ||||
| was no way to introduce a v2 and have it work seamlessly with the v1 of the API. | ||||
| Problems happened with libraries that upgraded to v2 when an application did not, | ||||
| and would not produce any telemetry. | ||||
| 
 | ||||
| More detail of the approaches considered and their limitations can be found in | ||||
| the [Use a V2 API to evolve interfaces](https://github.com/open-telemetry/opentelemetry-go/issues/3920) | ||||
| issue. | ||||
| 
 | ||||
| #### How to Change Other Interfaces | ||||
| 
 | ||||
| If new functionality is needed for an interface that cannot be changed it MUST | ||||
| be added by including an additional interface. That added interface can be a | ||||
| simple interface for the specific functionality that you want to add or it can | ||||
|  | @ -531,6 +556,37 @@ functionality should be added, each one will need their own super-set | |||
| interfaces and will duplicate the pattern. For this reason, the simple targeted | ||||
| interface that defines the specific functionality should be preferred. | ||||
| 
 | ||||
| ### Testing | ||||
| 
 | ||||
| The tests should never leak goroutines. | ||||
| 
 | ||||
| Use the term `ConcurrentSafe` in the test name when it aims to verify the | ||||
| absence of race conditions. | ||||
| 
 | ||||
| ### Internal packages | ||||
| 
 | ||||
| The use of internal packages should be scoped to a single module. A sub-module | ||||
| should never import from a parent internal package. This creates a coupling | ||||
| between the two modules where a user can upgrade the parent without the child | ||||
| and if the internal package API has changed it will fail to upgrade[^3]. | ||||
| 
 | ||||
| There are two known exceptions to this rule: | ||||
| 
 | ||||
| - `go.opentelemetry.io/otel/internal/global` | ||||
|   - This package manages global state for all of opentelemetry-go. It needs to | ||||
|   be a single package in order to ensure the uniqueness of the global state. | ||||
| - `go.opentelemetry.io/otel/internal/baggage` | ||||
|   - This package provides values in a `context.Context` that need to be | ||||
|   recognized by `go.opentelemetry.io/otel/baggage` and | ||||
|   `go.opentelemetry.io/otel/bridge/opentracing` but remain private. | ||||
| 
 | ||||
| If you have duplicate code in multiple modules, make that code into a Go | ||||
| template stored in `go.opentelemetry.io/otel/internal/shared` and use [gotmpl] | ||||
| to render the templates in the desired locations. See [#4404] for an example of | ||||
| this. | ||||
| 
 | ||||
| [^3]: https://github.com/open-telemetry/opentelemetry-go/issues/3548 | ||||
| 
 | ||||
| ## Approvers and Maintainers | ||||
| 
 | ||||
| ### Approvers | ||||
|  | @ -538,14 +594,14 @@ interface that defines the specific functionality should be preferred. | |||
| - [Evan Torrie](https://github.com/evantorrie), Verizon Media | ||||
| - [Sam Xie](https://github.com/XSAM), Cisco/AppDynamics | ||||
| - [David Ashpole](https://github.com/dashpole), Google | ||||
| - [Robert Pająk](https://github.com/pellared), Splunk | ||||
| - [Chester Cheung](https://github.com/hanyuancheung), Tencent | ||||
| - [Damien Mathieu](https://github.com/dmathieu), Elastic | ||||
| - [Anthony Mirabella](https://github.com/Aneurysm9), AWS | ||||
| 
 | ||||
| ### Maintainers | ||||
| 
 | ||||
| - [Aaron Clawson](https://github.com/MadVikingGod), LightStep | ||||
| - [Anthony Mirabella](https://github.com/Aneurysm9), AWS | ||||
| - [Robert Pająk](https://github.com/pellared), Splunk | ||||
| - [Tyler Yahn](https://github.com/MrAlias), Splunk | ||||
| 
 | ||||
| ### Emeritus | ||||
|  | @ -560,3 +616,5 @@ repo](https://github.com/open-telemetry/community/blob/main/community-membership | |||
| 
 | ||||
| [Approver]: #approvers | ||||
| [Maintainer]: #maintainers | ||||
| [gotmpl]: https://pkg.go.dev/go.opentelemetry.io/build-tools/gotmpl | ||||
| [#4404]: https://github.com/open-telemetry/opentelemetry-go/pull/4404 | ||||
|  |  | |||
|  | @ -25,7 +25,7 @@ TIMEOUT = 60 | |||
| .DEFAULT_GOAL := precommit | ||||
| 
 | ||||
| .PHONY: precommit ci | ||||
| precommit: generate dependabot-generate license-check vanity-import-fix misspell go-mod-tidy golangci-lint-fix test-default | ||||
| precommit: generate dependabot-generate license-check misspell go-mod-tidy golangci-lint-fix test-default | ||||
| ci: generate dependabot-check license-check lint vanity-import-check build test-default check-clean-work-tree test-coverage | ||||
| 
 | ||||
| # Tools
 | ||||
|  | @ -71,8 +71,14 @@ $(TOOLS)/porto: PACKAGE=github.com/jcchavezs/porto/cmd/porto | |||
| GOJQ = $(TOOLS)/gojq | ||||
| $(TOOLS)/gojq: PACKAGE=github.com/itchyny/gojq/cmd/gojq | ||||
| 
 | ||||
| GOTMPL = $(TOOLS)/gotmpl | ||||
| $(GOTMPL): PACKAGE=go.opentelemetry.io/build-tools/gotmpl | ||||
| 
 | ||||
| GORELEASE = $(TOOLS)/gorelease | ||||
| $(GORELEASE): PACKAGE=golang.org/x/exp/cmd/gorelease | ||||
| 
 | ||||
| .PHONY: tools | ||||
| tools: $(CROSSLINK) $(DBOTCONF) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(GOJQ) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) | ||||
| tools: $(CROSSLINK) $(DBOTCONF) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(GOJQ) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE) | ||||
| 
 | ||||
| # Virtualized python tools via docker
 | ||||
| 
 | ||||
|  | @ -110,13 +116,24 @@ $(CODESPELL): PACKAGE=codespell | |||
| # Generate
 | ||||
| 
 | ||||
| .PHONY: generate | ||||
| generate: go-generate vanity-import-fix | ||||
| 
 | ||||
| generate: $(OTEL_GO_MOD_DIRS:%=generate/%) | ||||
| generate/%: DIR=$* | ||||
| generate/%: | $(STRINGER) $(PORTO) | ||||
| .PHONY: go-generate | ||||
| go-generate: $(OTEL_GO_MOD_DIRS:%=go-generate/%) | ||||
| go-generate/%: DIR=$* | ||||
| go-generate/%: | $(STRINGER) $(GOTMPL) | ||||
| 	@echo "$(GO) generate $(DIR)/..." \
 | ||||
| 		&& cd $(DIR) \
 | ||||
| 		&& PATH="$(TOOLS):$${PATH}" $(GO) generate ./... && $(PORTO) -w . | ||||
| 		&& PATH="$(TOOLS):$${PATH}" $(GO) generate ./... | ||||
| 
 | ||||
| .PHONY: vanity-import-fix | ||||
| vanity-import-fix: | $(PORTO) | ||||
| 	@$(PORTO) --include-internal -w . | ||||
| 
 | ||||
| # Generate go.work file for local development.
 | ||||
| .PHONY: go-work | ||||
| go-work: | $(CROSSLINK) | ||||
| 	$(CROSSLINK) work --root=$(shell pwd) | ||||
| 
 | ||||
| # Build
 | ||||
| 
 | ||||
|  | @ -193,7 +210,7 @@ go-mod-tidy/%: DIR=$* | |||
| go-mod-tidy/%: | crosslink | ||||
| 	@echo "$(GO) mod tidy in $(DIR)" \
 | ||||
| 		&& cd $(DIR) \
 | ||||
| 		&& $(GO) mod tidy -compat=1.19 | ||||
| 		&& $(GO) mod tidy -compat=1.20 | ||||
| 
 | ||||
| .PHONY: lint-modules | ||||
| lint-modules: go-mod-tidy | ||||
|  | @ -203,11 +220,7 @@ lint: misspell lint-modules golangci-lint | |||
| 
 | ||||
| .PHONY: vanity-import-check | ||||
| vanity-import-check: | $(PORTO) | ||||
| 	@$(PORTO) --include-internal -l . || echo "(run: make vanity-import-fix)" | ||||
| 
 | ||||
| .PHONY: vanity-import-fix | ||||
| vanity-import-fix: | $(PORTO) | ||||
| 	@$(PORTO) --include-internal -w . | ||||
| 	@$(PORTO) --include-internal -l . || ( echo "(run: make vanity-import-fix)"; exit 1 ) | ||||
| 
 | ||||
| .PHONY: misspell | ||||
| misspell: | $(MISSPELL) | ||||
|  | @ -220,7 +233,7 @@ codespell: | $(CODESPELL) | |||
| .PHONY: license-check | ||||
| license-check: | ||||
| 	@licRes=$$(for f in $$(find . -type f \( -iname '*.go' -o -iname '*.sh' \) ! -path '**/third_party/*' ! -path './.git/*' ) ; do \
 | ||||
| 	           awk '/Copyright The OpenTelemetry Authors|generated|GENERATED/ && NR<=3 { found=1; next } END { if (!found) print FILENAME }' $$f; \
 | ||||
| 	           awk '/Copyright The OpenTelemetry Authors|generated|GENERATED/ && NR<=4 { found=1; next } END { if (!found) print FILENAME }' $$f; \
 | ||||
| 	   done); \
 | ||||
| 	   if [ -n "$${licRes}" ]; then \
 | ||||
| 	           echo "license header checking failed:"; echo "$${licRes}"; \
 | ||||
|  | @ -230,7 +243,7 @@ license-check: | |||
| DEPENDABOT_CONFIG = .github/dependabot.yml | ||||
| .PHONY: dependabot-check | ||||
| dependabot-check: | $(DBOTCONF) | ||||
| 	@$(DBOTCONF) verify $(DEPENDABOT_CONFIG) || echo "(run: make dependabot-generate)" | ||||
| 	@$(DBOTCONF) verify $(DEPENDABOT_CONFIG) || ( echo "(run: make dependabot-generate)"; exit 1 ) | ||||
| 
 | ||||
| .PHONY: dependabot-generate | ||||
| dependabot-generate: | $(DBOTCONF) | ||||
|  | @ -249,14 +262,23 @@ check-clean-work-tree: | |||
| SEMCONVPKG ?= "semconv/" | ||||
| .PHONY: semconv-generate | ||||
| semconv-generate: | $(SEMCONVGEN) $(SEMCONVKIT) | ||||
| 	[ "$(TAG)" ] || ( echo "TAG unset: missing opentelemetry specification tag"; exit 1 ) | ||||
| 	[ "$(OTEL_SPEC_REPO)" ] || ( echo "OTEL_SPEC_REPO unset: missing path to opentelemetry specification repo"; exit 1 ) | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=span -p conventionType=trace -f trace.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=attribute_group -p conventionType=trace -f attribute_group.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=event -p conventionType=event -f event.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SPEC_REPO)/semantic_conventions/." --only=resource -p conventionType=resource -f resource.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	[ "$(TAG)" ] || ( echo "TAG unset: missing opentelemetry semantic-conventions tag"; exit 1 ) | ||||
| 	[ "$(OTEL_SEMCONV_REPO)" ] || ( echo "OTEL_SEMCONV_REPO unset: missing path to opentelemetry semantic-conventions repo"; exit 1 ) | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=span -p conventionType=trace -f trace.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=attribute_group -p conventionType=trace -f attribute_group.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=event -p conventionType=event -f event.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVGEN) -i "$(OTEL_SEMCONV_REPO)/model/." --only=resource -p conventionType=resource -f resource.go -t "$(SEMCONVPKG)/template.j2" -s "$(TAG)" | ||||
| 	$(SEMCONVKIT) -output "$(SEMCONVPKG)/$(TAG)" -tag "$(TAG)" | ||||
| 
 | ||||
| .PHONY: gorelease | ||||
| gorelease: $(OTEL_GO_MOD_DIRS:%=gorelease/%) | ||||
| gorelease/%: DIR=$* | ||||
| gorelease/%:| $(GORELEASE) | ||||
| 	@echo "gorelease in $(DIR):" \
 | ||||
| 		&& cd $(DIR) \
 | ||||
| 		&& $(GORELEASE) \
 | ||||
| 		|| echo "" | ||||
| 
 | ||||
| .PHONY: prerelease | ||||
| prerelease: | $(MULTIMOD) | ||||
| 	@[ "${MODSET}" ] || ( echo ">> env var MODSET is not set"; exit 1 ) | ||||
|  |  | |||
|  | @ -11,22 +11,25 @@ It provides a set of APIs to directly measure performance and behavior of your s | |||
| 
 | ||||
| ## Project Status | ||||
| 
 | ||||
| | Signal  | Status     | Project | | ||||
| | ------- | ---------- | ------- | | ||||
| | Traces  | Stable     | N/A     | | ||||
| | Metrics | Beta       | N/A     | | ||||
| | Logs    | Frozen [1] | N/A     | | ||||
| | Signal  | Status     | Project               | | ||||
| |---------|------------|-----------------------| | ||||
| | Traces  | Stable     | N/A                   | | ||||
| | Metrics | Mixed [1]  | [Go: Metric SDK (GA)] | | ||||
| | Logs    | Frozen [2] | N/A                   | | ||||
| 
 | ||||
| - [1]: The Logs signal development is halted for this project while we develop both Traces and Metrics. | ||||
| [Go: Metric SDK (GA)]: https://github.com/orgs/open-telemetry/projects/34 | ||||
| 
 | ||||
| - [1]: [Metrics API](https://pkg.go.dev/go.opentelemetry.io/otel/metric) is Stable. [Metrics SDK](https://pkg.go.dev/go.opentelemetry.io/otel/sdk/metric) is Beta. | ||||
| - [2]: The Logs signal development is halted for this project while we stabilize the Metrics SDK. | ||||
|    No Logs Pull Requests are currently being accepted. | ||||
| 
 | ||||
| Progress and status specific to this repository is tracked in our local | ||||
| Progress and status specific to this repository is tracked in our | ||||
| [project boards](https://github.com/open-telemetry/opentelemetry-go/projects) | ||||
| and | ||||
| [milestones](https://github.com/open-telemetry/opentelemetry-go/milestones). | ||||
| 
 | ||||
| Project versioning information and stability guarantees can be found in the | ||||
| [versioning documentation](./VERSIONING.md). | ||||
| [versioning documentation](VERSIONING.md). | ||||
| 
 | ||||
| ### Compatibility | ||||
| 
 | ||||
|  | @ -49,17 +52,17 @@ stop ensuring compatibility with these versions in the following manner: | |||
| Currently, this project supports the following environments. | ||||
| 
 | ||||
| | OS      | Go Version | Architecture | | ||||
| | ------- | ---------- | ------------ | | ||||
| |---------|------------|--------------| | ||||
| | Ubuntu  | 1.21       | amd64        | | ||||
| | Ubuntu  | 1.20       | amd64        | | ||||
| | Ubuntu  | 1.19       | amd64        | | ||||
| | Ubuntu  | 1.21       | 386          | | ||||
| | Ubuntu  | 1.20       | 386          | | ||||
| | Ubuntu  | 1.19       | 386          | | ||||
| | MacOS   | 1.21       | amd64        | | ||||
| | MacOS   | 1.20       | amd64        | | ||||
| | MacOS   | 1.19       | amd64        | | ||||
| | Windows | 1.21       | amd64        | | ||||
| | Windows | 1.20       | amd64        | | ||||
| | Windows | 1.19       | amd64        | | ||||
| | Windows | 1.21       | 386          | | ||||
| | Windows | 1.20       | 386          | | ||||
| | Windows | 1.19       | 386          | | ||||
| 
 | ||||
| While this project should work for other systems, no compatibility guarantees | ||||
| are made for those systems currently. | ||||
|  | @ -97,12 +100,11 @@ export pipeline to send that telemetry to an observability platform. | |||
| All officially supported exporters for the OpenTelemetry project are contained in the [exporters directory](./exporters). | ||||
| 
 | ||||
| | Exporter                              | Metrics | Traces | | ||||
| | :-----------------------------------: | :-----: | :----: | | ||||
| | [Jaeger](./exporters/jaeger/)         |         | ✓      | | ||||
| | [OTLP](./exporters/otlp/)             | ✓       | ✓      | | ||||
| | [Prometheus](./exporters/prometheus/) | ✓       |        | | ||||
| | [stdout](./exporters/stdout/)         | ✓       | ✓      | | ||||
| | [Zipkin](./exporters/zipkin/)         |         | ✓      | | ||||
| |---------------------------------------|:-------:|:------:| | ||||
| | [OTLP](./exporters/otlp/)             |    ✓    |   ✓    | | ||||
| | [Prometheus](./exporters/prometheus/) |    ✓    |        | | ||||
| | [stdout](./exporters/stdout/)         |    ✓    |   ✓    | | ||||
| | [Zipkin](./exporters/zipkin/)         |         |   ✓    | | ||||
| 
 | ||||
| ## Contributing | ||||
| 
 | ||||
|  |  | |||
|  | @ -2,27 +2,30 @@ | |||
| 
 | ||||
| ## Semantic Convention Generation | ||||
| 
 | ||||
| New versions of the [OpenTelemetry Specification] mean new versions of the `semconv` package need to be generated. | ||||
| New versions of the [OpenTelemetry Semantic Conventions] mean new versions of the `semconv` package need to be generated. | ||||
| The `semconv-generate` make target is used for this. | ||||
| 
 | ||||
| 1. Checkout a local copy of the [OpenTelemetry Specification] to the desired release tag. | ||||
| 1. Checkout a local copy of the [OpenTelemetry Semantic Conventions] to the desired release tag. | ||||
| 2. Pull the latest `otel/semconvgen` image: `docker pull otel/semconvgen:latest` | ||||
| 3. Run the `make semconv-generate ...` target from this repository. | ||||
| 
 | ||||
| For example, | ||||
| 
 | ||||
| ```sh | ||||
| export TAG="v1.13.0" # Change to the release version you are generating. | ||||
| export OTEL_SPEC_REPO="/absolute/path/to/opentelemetry-specification" | ||||
| export TAG="v1.21.0" # Change to the release version you are generating. | ||||
| export OTEL_SEMCONV_REPO="/absolute/path/to/opentelemetry/semantic-conventions" | ||||
| docker pull otel/semconvgen:latest | ||||
| make semconv-generate # Uses the exported TAG and OTEL_SPEC_REPO. | ||||
| make semconv-generate # Uses the exported TAG and OTEL_SEMCONV_REPO. | ||||
| ``` | ||||
| 
 | ||||
| This should create a new sub-package of [`semconv`](./semconv). | ||||
| Ensure things look correct before submitting a pull request to include the addition. | ||||
| 
 | ||||
| **Note**, the generation code was changed to generate versions >= 1.13. | ||||
| To generate versions prior to this, checkout the old release of this repository (i.e. [2fe8861](https://github.com/open-telemetry/opentelemetry-go/commit/2fe8861a24e20088c065b116089862caf9e3cd8b)). | ||||
| ## Breaking changes validation | ||||
| 
 | ||||
| You can run `make gorelease` that runs [gorelease](https://pkg.go.dev/golang.org/x/exp/cmd/gorelease) to ensure that there are no unwanted changes done in the public API. | ||||
| 
 | ||||
| You can check/report problems with `gorelease` [here](https://golang.org/issues/26420). | ||||
| 
 | ||||
| ## Pre-Release | ||||
| 
 | ||||
|  | @ -120,7 +123,17 @@ Once verified be sure to [make a release for the `contrib` repository](https://g | |||
| 
 | ||||
| ### Website Documentation | ||||
| 
 | ||||
| Update [the documentation](./website_docs) for [the OpenTelemetry website](https://opentelemetry.io/docs/go/). | ||||
| Update the [Go instrumentation documentation] in the OpenTelemetry website under [content/en/docs/instrumentation/go]. | ||||
| Importantly, bump any package versions referenced to be the latest one you just released and ensure all code examples still compile and are accurate. | ||||
| 
 | ||||
| [OpenTelemetry Specification]: https://github.com/open-telemetry/opentelemetry-specification | ||||
| [OpenTelemetry Semantic Conventions]: https://github.com/open-telemetry/semantic-conventions | ||||
| [Go instrumentation documentation]: https://opentelemetry.io/docs/instrumentation/go/ | ||||
| [content/en/docs/instrumentation/go]: https://github.com/open-telemetry/opentelemetry.io/tree/main/content/en/docs/instrumentation/go | ||||
| 
 | ||||
| ### Demo Repository | ||||
| 
 | ||||
| Bump the dependencies in the following Go services: | ||||
| 
 | ||||
| - [`accountingservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/accountingservice) | ||||
| - [`checkoutservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/checkoutservice) | ||||
| - [`productcatalogservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/productcatalogservice) | ||||
|  |  | |||
|  | @ -0,0 +1,60 @@ | |||
| // Copyright The OpenTelemetry Authors
 | ||||
| //
 | ||||
| // Licensed under the Apache License, Version 2.0 (the "License");
 | ||||
| // you may not use this file except in compliance with the License.
 | ||||
| // You may obtain a copy of the License at
 | ||||
| //
 | ||||
| //     http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| //
 | ||||
| // Unless required by applicable law or agreed to in writing, software
 | ||||
| // distributed under the License is distributed on an "AS IS" BASIS,
 | ||||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | ||||
| // See the License for the specific language governing permissions and
 | ||||
| // limitations under the License.
 | ||||
| 
 | ||||
| package attribute // import "go.opentelemetry.io/otel/attribute"
 | ||||
| 
 | ||||
| // Filter supports removing certain attributes from attribute sets. When
 | ||||
| // the filter returns true, the attribute will be kept in the filtered
 | ||||
| // attribute set. When the filter returns false, the attribute is excluded
 | ||||
| // from the filtered attribute set, and the attribute instead appears in
 | ||||
| // the removed list of excluded attributes.
 | ||||
| type Filter func(KeyValue) bool | ||||
| 
 | ||||
| // NewAllowKeysFilter returns a Filter that only allows attributes with one of
 | ||||
| // the provided keys.
 | ||||
| //
 | ||||
| // If keys is empty a deny-all filter is returned.
 | ||||
| func NewAllowKeysFilter(keys ...Key) Filter { | ||||
| 	if len(keys) <= 0 { | ||||
| 		return func(kv KeyValue) bool { return false } | ||||
| 	} | ||||
| 
 | ||||
| 	allowed := make(map[Key]struct{}) | ||||
| 	for _, k := range keys { | ||||
| 		allowed[k] = struct{}{} | ||||
| 	} | ||||
| 	return func(kv KeyValue) bool { | ||||
| 		_, ok := allowed[kv.Key] | ||||
| 		return ok | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
| // NewDenyKeysFilter returns a Filter that only allows attributes
 | ||||
| // that do not have one of the provided keys.
 | ||||
| //
 | ||||
| // If keys is empty an allow-all filter is returned.
 | ||||
| func NewDenyKeysFilter(keys ...Key) Filter { | ||||
| 	if len(keys) <= 0 { | ||||
| 		return func(kv KeyValue) bool { return true } | ||||
| 	} | ||||
| 
 | ||||
| 	forbid := make(map[Key]struct{}) | ||||
| 	for _, k := range keys { | ||||
| 		forbid[k] = struct{}{} | ||||
| 	} | ||||
| 	return func(kv KeyValue) bool { | ||||
| 		_, ok := forbid[kv.Key] | ||||
| 		return !ok | ||||
| 	} | ||||
| } | ||||
|  | @ -39,13 +39,6 @@ type ( | |||
| 		iface interface{} | ||||
| 	} | ||||
| 
 | ||||
| 	// Filter supports removing certain attributes from attribute sets. When
 | ||||
| 	// the filter returns true, the attribute will be kept in the filtered
 | ||||
| 	// attribute set. When the filter returns false, the attribute is excluded
 | ||||
| 	// from the filtered attribute set, and the attribute instead appears in
 | ||||
| 	// the removed list of excluded attributes.
 | ||||
| 	Filter func(KeyValue) bool | ||||
| 
 | ||||
| 	// Sortable implements sort.Interface, used for sorting KeyValue. This is
 | ||||
| 	// an exported type to support a memory optimization. A pointer to one of
 | ||||
| 	// these is needed for the call to sort.Stable(), which the caller may
 | ||||
|  |  | |||
|  | @ -61,11 +61,6 @@ type Property struct { | |||
| 	// hasValue indicates if a zero-value value means the property does not
 | ||||
| 	// have a value or if it was the zero-value.
 | ||||
| 	hasValue bool | ||||
| 
 | ||||
| 	// hasData indicates whether the created property contains data or not.
 | ||||
| 	// Properties that do not contain data are invalid with no other check
 | ||||
| 	// required.
 | ||||
| 	hasData bool | ||||
| } | ||||
| 
 | ||||
| // NewKeyProperty returns a new Property for key.
 | ||||
|  | @ -76,7 +71,7 @@ func NewKeyProperty(key string) (Property, error) { | |||
| 		return newInvalidProperty(), fmt.Errorf("%w: %q", errInvalidKey, key) | ||||
| 	} | ||||
| 
 | ||||
| 	p := Property{key: key, hasData: true} | ||||
| 	p := Property{key: key} | ||||
| 	return p, nil | ||||
| } | ||||
| 
 | ||||
|  | @ -95,7 +90,6 @@ func NewKeyValueProperty(key, value string) (Property, error) { | |||
| 		key:      key, | ||||
| 		value:    value, | ||||
| 		hasValue: true, | ||||
| 		hasData:  true, | ||||
| 	} | ||||
| 	return p, nil | ||||
| } | ||||
|  | @ -117,7 +111,7 @@ func parseProperty(property string) (Property, error) { | |||
| 		return newInvalidProperty(), fmt.Errorf("%w: %q", errInvalidProperty, property) | ||||
| 	} | ||||
| 
 | ||||
| 	p := Property{hasData: true} | ||||
| 	var p Property | ||||
| 	if match[1] != "" { | ||||
| 		p.key = match[1] | ||||
| 	} else { | ||||
|  | @ -136,10 +130,6 @@ func (p Property) validate() error { | |||
| 		return fmt.Errorf("invalid property: %w", err) | ||||
| 	} | ||||
| 
 | ||||
| 	if !p.hasData { | ||||
| 		return errFunc(fmt.Errorf("%w: %q", errInvalidProperty, p)) | ||||
| 	} | ||||
| 
 | ||||
| 	if !keyRe.MatchString(p.key) { | ||||
| 		return errFunc(fmt.Errorf("%w: %q", errInvalidKey, p.key)) | ||||
| 	} | ||||
|  |  | |||
|  | @ -0,0 +1,29 @@ | |||
| // Copyright The OpenTelemetry Authors
 | ||||
| //
 | ||||
| // Licensed under the Apache License, Version 2.0 (the "License");
 | ||||
| // you may not use this file except in compliance with the License.
 | ||||
| // You may obtain a copy of the License at
 | ||||
| //
 | ||||
| //     http://www.apache.org/licenses/LICENSE-2.0
 | ||||
| //
 | ||||
| // Unless required by applicable law or agreed to in writing, software
 | ||||
| // distributed under the License is distributed on an "AS IS" BASIS,
 | ||||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 | ||||
| // See the License for the specific language governing permissions and
 | ||||
| // limitations under the License.
 | ||||
| 
 | ||||
| package internal // import "go.opentelemetry.io/otel/internal"
 | ||||
| 
 | ||||
| //go:generate gotmpl --body=./shared/matchers/expectation.go.tmpl "--data={}" --out=matchers/expectation.go
 | ||||
| //go:generate gotmpl --body=./shared/matchers/expecter.go.tmpl "--data={}" --out=matchers/expecter.go
 | ||||
| //go:generate gotmpl --body=./shared/matchers/temporal_matcher.go.tmpl "--data={}" --out=matchers/temporal_matcher.go
 | ||||
| 
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/alignment.go.tmpl "--data={}" --out=internaltest/alignment.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/env.go.tmpl "--data={}" --out=internaltest/env.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/env_test.go.tmpl "--data={}" --out=internaltest/env_test.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/errors.go.tmpl "--data={}" --out=internaltest/errors.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/harness.go.tmpl "--data={\"matchersImportPath\": \"go.opentelemetry.io/otel/internal/matchers\"}" --out=internaltest/harness.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/text_map_carrier.go.tmpl "--data={}" --out=internaltest/text_map_carrier.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/text_map_carrier_test.go.tmpl "--data={}" --out=internaltest/text_map_carrier_test.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/text_map_propagator.go.tmpl "--data={}" --out=internaltest/text_map_propagator.go
 | ||||
| //go:generate gotmpl --body=./shared/internaltest/text_map_propagator_test.go.tmpl "--data={}" --out=internaltest/text_map_propagator_test.go
 | ||||
|  | @ -18,7 +18,6 @@ import ( | |||
| 	"log" | ||||
| 	"os" | ||||
| 	"sync/atomic" | ||||
| 	"unsafe" | ||||
| ) | ||||
| 
 | ||||
| var ( | ||||
|  | @ -42,7 +41,7 @@ type ErrorHandler interface { | |||
| } | ||||
| 
 | ||||
| type ErrDelegator struct { | ||||
| 	delegate unsafe.Pointer | ||||
| 	delegate atomic.Pointer[ErrorHandler] | ||||
| } | ||||
| 
 | ||||
| func (d *ErrDelegator) Handle(err error) { | ||||
|  | @ -50,12 +49,12 @@ func (d *ErrDelegator) Handle(err error) { | |||
| } | ||||
| 
 | ||||
| func (d *ErrDelegator) getDelegate() ErrorHandler { | ||||
| 	return *(*ErrorHandler)(atomic.LoadPointer(&d.delegate)) | ||||
| 	return *d.delegate.Load() | ||||
| } | ||||
| 
 | ||||
| // setDelegate sets the ErrorHandler delegate.
 | ||||
| func (d *ErrDelegator) setDelegate(eh ErrorHandler) { | ||||
| 	atomic.StorePointer(&d.delegate, unsafe.Pointer(&eh)) | ||||
| 	d.delegate.Store(&eh) | ||||
| } | ||||
| 
 | ||||
| func defaultErrorHandler() *ErrDelegator { | ||||
|  |  | |||
|  | @ -18,7 +18,6 @@ import ( | |||
| 	"log" | ||||
| 	"os" | ||||
| 	"sync/atomic" | ||||
| 	"unsafe" | ||||
| 
 | ||||
| 	"github.com/go-logr/logr" | ||||
| 	"github.com/go-logr/stdr" | ||||
|  | @ -28,7 +27,7 @@ import ( | |||
| //
 | ||||
| // The default logger uses stdr which is backed by the standard `log.Logger`
 | ||||
| // interface. This logger will only show messages at the Error Level.
 | ||||
| var globalLogger unsafe.Pointer | ||||
| var globalLogger atomic.Pointer[logr.Logger] | ||||
| 
 | ||||
| func init() { | ||||
| 	SetLogger(stdr.New(log.New(os.Stderr, "", log.LstdFlags|log.Lshortfile))) | ||||
|  | @ -40,11 +39,11 @@ func init() { | |||
| // To see Info messages use a logger with `l.V(4).Enabled() == true`
 | ||||
| // To see Debug messages use a logger with `l.V(8).Enabled() == true`.
 | ||||
| func SetLogger(l logr.Logger) { | ||||
| 	atomic.StorePointer(&globalLogger, unsafe.Pointer(&l)) | ||||
| 	globalLogger.Store(&l) | ||||
| } | ||||
| 
 | ||||
| func getLogger() logr.Logger { | ||||
| 	return *(*logr.Logger)(atomic.LoadPointer(&globalLogger)) | ||||
| 	return *globalLogger.Load() | ||||
| } | ||||
| 
 | ||||
| // Info prints messages about the general state of the API or SDK.
 | ||||
|  |  | |||
|  | @ -167,6 +167,8 @@ func (o unitOpt) applyInt64ObservableGauge(c Int64ObservableGaugeConfig) Int64Ob | |||
| } | ||||
| 
 | ||||
| // WithUnit sets the instrument unit.
 | ||||
| //
 | ||||
| // The unit u should be defined using the appropriate [UCUM](https://ucum.org) case-sensitive code.
 | ||||
| func WithUnit(u string) InstrumentOption { return unitOpt(u) } | ||||
| 
 | ||||
| // AddOption applies options to an addition measurement. See
 | ||||
|  |  | |||
|  | @ -157,6 +157,8 @@ type Meter interface { | |||
| 	//
 | ||||
| 	// If no instruments are passed, f should not be registered nor called
 | ||||
| 	// during collection.
 | ||||
| 	//
 | ||||
| 	// The function f needs to be concurrent safe.
 | ||||
| 	RegisterCallback(f Callback, instruments ...Observable) (Registration, error) | ||||
| } | ||||
| 
 | ||||
|  |  | |||
|  | @ -1 +1 @@ | |||
| codespell==2.2.4 | ||||
| codespell==2.2.5 | ||||
|  |  | |||
|  | @ -16,5 +16,5 @@ package otel // import "go.opentelemetry.io/otel" | |||
| 
 | ||||
| // Version is the current release version of OpenTelemetry in use.
 | ||||
| func Version() string { | ||||
| 	return "1.16.0" | ||||
| 	return "1.19.0" | ||||
| } | ||||
|  |  | |||
|  | @ -14,19 +14,17 @@ | |||
| 
 | ||||
| module-sets: | ||||
|   stable-v1: | ||||
|     version: v1.16.0 | ||||
|     version: v1.19.0 | ||||
|     modules: | ||||
|       - go.opentelemetry.io/otel | ||||
|       - go.opentelemetry.io/otel/bridge/opentracing | ||||
|       - go.opentelemetry.io/otel/bridge/opentracing/test | ||||
|       - go.opentelemetry.io/otel/example/dice | ||||
|       - go.opentelemetry.io/otel/example/fib | ||||
|       - go.opentelemetry.io/otel/example/jaeger | ||||
|       - go.opentelemetry.io/otel/example/namedtracer | ||||
|       - go.opentelemetry.io/otel/example/otel-collector | ||||
|       - go.opentelemetry.io/otel/example/passthrough | ||||
|       - go.opentelemetry.io/otel/example/zipkin | ||||
|       - go.opentelemetry.io/otel/exporters/jaeger | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/internal/retry | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/otlptrace | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp | ||||
|  | @ -34,23 +32,23 @@ module-sets: | |||
|       - go.opentelemetry.io/otel/exporters/zipkin | ||||
|       - go.opentelemetry.io/otel/metric | ||||
|       - go.opentelemetry.io/otel/sdk | ||||
|       - go.opentelemetry.io/otel/sdk/metric | ||||
|       - go.opentelemetry.io/otel/trace | ||||
|   experimental-metrics: | ||||
|     version: v0.39.0 | ||||
|     version: v0.42.0 | ||||
|     modules: | ||||
|       - go.opentelemetry.io/otel/bridge/opencensus | ||||
|       - go.opentelemetry.io/otel/bridge/opencensus/test | ||||
|       - go.opentelemetry.io/otel/example/opencensus | ||||
|       - go.opentelemetry.io/otel/example/prometheus | ||||
|       - go.opentelemetry.io/otel/example/view | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/otlpmetric | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc | ||||
|       - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp | ||||
|       - go.opentelemetry.io/otel/exporters/prometheus | ||||
|       - go.opentelemetry.io/otel/exporters/stdout/stdoutmetric | ||||
|       - go.opentelemetry.io/otel/sdk/metric | ||||
|       - go.opentelemetry.io/otel/bridge/opencensus | ||||
|       - go.opentelemetry.io/otel/bridge/opencensus/test | ||||
|       - go.opentelemetry.io/otel/example/view | ||||
|   experimental-schema: | ||||
|     version: v0.0.4 | ||||
|     version: v0.0.7 | ||||
|     modules: | ||||
|       - go.opentelemetry.io/otel/schema | ||||
| excluded-modules: | ||||
|  |  | |||
|  | @ -107,7 +107,7 @@ github.com/chzyer/readline | |||
| # github.com/containerd/cgroups/v3 v3.0.2 | ||||
| ## explicit; go 1.18 | ||||
| github.com/containerd/cgroups/v3/cgroup1/stats | ||||
| # github.com/containerd/containerd v1.7.8 | ||||
| # github.com/containerd/containerd v1.7.9 | ||||
| ## explicit; go 1.19 | ||||
| github.com/containerd/containerd/errdefs | ||||
| github.com/containerd/containerd/log | ||||
|  | @ -135,8 +135,8 @@ github.com/containernetworking/cni/pkg/version | |||
| # github.com/containernetworking/plugins v1.3.0 | ||||
| ## explicit; go 1.20 | ||||
| github.com/containernetworking/plugins/pkg/ns | ||||
| # github.com/containers/buildah v1.32.1-0.20231026190652-11e3b2132761 | ||||
| ## explicit; go 1.18 | ||||
| # github.com/containers/buildah v1.32.1-0.20231117115950-f00af6b7d310 | ||||
| ## explicit; go 1.20 | ||||
| github.com/containers/buildah | ||||
| github.com/containers/buildah/bind | ||||
| github.com/containers/buildah/chroot | ||||
|  | @ -163,7 +163,7 @@ github.com/containers/buildah/pkg/sshagent | |||
| github.com/containers/buildah/pkg/util | ||||
| github.com/containers/buildah/pkg/volumes | ||||
| github.com/containers/buildah/util | ||||
| # github.com/containers/common v0.56.1-0.20231102181045-6a67921ec5ce | ||||
| # github.com/containers/common v0.57.0 | ||||
| ## explicit; go 1.18 | ||||
| github.com/containers/common/internal/attributedstring | ||||
| github.com/containers/common/libimage | ||||
|  | @ -230,7 +230,7 @@ github.com/containers/conmon/runner/config | |||
| # github.com/containers/gvisor-tap-vsock v0.7.1 | ||||
| ## explicit; go 1.20 | ||||
| github.com/containers/gvisor-tap-vsock/pkg/types | ||||
| # github.com/containers/image/v5 v5.28.1-0.20231101173728-373c52a9466f | ||||
| # github.com/containers/image/v5 v5.29.0 | ||||
| ## explicit; go 1.19 | ||||
| github.com/containers/image/v5/copy | ||||
| github.com/containers/image/v5/directory | ||||
|  | @ -310,7 +310,7 @@ github.com/containers/libhvee/pkg/wmiext | |||
| # github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 | ||||
| ## explicit | ||||
| github.com/containers/libtrust | ||||
| # github.com/containers/luksy v0.0.0-20230912175440-6df88cb7f0dd | ||||
| # github.com/containers/luksy v0.0.0-20231030195837-b5a7f79da98b | ||||
| ## explicit; go 1.20 | ||||
| github.com/containers/luksy | ||||
| # github.com/containers/ocicrypt v1.1.9 | ||||
|  | @ -340,7 +340,7 @@ github.com/containers/psgo/internal/dev | |||
| github.com/containers/psgo/internal/host | ||||
| github.com/containers/psgo/internal/proc | ||||
| github.com/containers/psgo/internal/process | ||||
| # github.com/containers/storage v1.50.3-0.20231108224651-a56f2b2fecfd | ||||
| # github.com/containers/storage v1.51.0 | ||||
| ## explicit; go 1.19 | ||||
| github.com/containers/storage | ||||
| github.com/containers/storage/drivers | ||||
|  | @ -418,7 +418,7 @@ github.com/crc-org/vfkit/pkg/config | |||
| github.com/crc-org/vfkit/pkg/rest | ||||
| github.com/crc-org/vfkit/pkg/rest/define | ||||
| github.com/crc-org/vfkit/pkg/util | ||||
| # github.com/cyberphone/json-canonicalization v0.0.0-20230710064741-aa7fe85c7dbd | ||||
| # github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 | ||||
| ## explicit | ||||
| github.com/cyberphone/json-canonicalization/go/src/webpki.org/jsoncanonicalizer | ||||
| # github.com/cyphar/filepath-securejoin v0.2.4 | ||||
|  | @ -524,7 +524,7 @@ github.com/gin-gonic/gin/binding | |||
| github.com/gin-gonic/gin/internal/bytesconv | ||||
| github.com/gin-gonic/gin/internal/json | ||||
| github.com/gin-gonic/gin/render | ||||
| # github.com/go-jose/go-jose/v3 v3.0.0 | ||||
| # github.com/go-jose/go-jose/v3 v3.0.1 | ||||
| ## explicit; go 1.12 | ||||
| github.com/go-jose/go-jose/v3 | ||||
| github.com/go-jose/go-jose/v3/cipher | ||||
|  | @ -672,7 +672,7 @@ github.com/hashicorp/go-cleanhttp | |||
| # github.com/hashicorp/go-multierror v1.1.1 | ||||
| ## explicit; go 1.13 | ||||
| github.com/hashicorp/go-multierror | ||||
| # github.com/hashicorp/go-retryablehttp v0.7.4 | ||||
| # github.com/hashicorp/go-retryablehttp v0.7.5 | ||||
| ## explicit; go 1.13 | ||||
| github.com/hashicorp/go-retryablehttp | ||||
| # github.com/hugelgupf/p9 v0.3.1-0.20230822151754-54f5c5530921 | ||||
|  | @ -696,8 +696,8 @@ github.com/josharian/intern | |||
| # github.com/json-iterator/go v1.1.12 | ||||
| ## explicit; go 1.12 | ||||
| github.com/json-iterator/go | ||||
| # github.com/klauspost/compress v1.17.2 | ||||
| ## explicit; go 1.18 | ||||
| # github.com/klauspost/compress v1.17.3 | ||||
| ## explicit; go 1.19 | ||||
| github.com/klauspost/compress | ||||
| github.com/klauspost/compress/flate | ||||
| github.com/klauspost/compress/fse | ||||
|  | @ -873,7 +873,7 @@ github.com/opencontainers/selinux/go-selinux | |||
| github.com/opencontainers/selinux/go-selinux/label | ||||
| github.com/opencontainers/selinux/pkg/pwalk | ||||
| github.com/opencontainers/selinux/pkg/pwalkdir | ||||
| # github.com/openshift/imagebuilder v1.2.5 | ||||
| # github.com/openshift/imagebuilder v1.2.6-0.20231108213319-b27edc077bbc | ||||
| ## explicit; go 1.19 | ||||
| github.com/openshift/imagebuilder | ||||
| github.com/openshift/imagebuilder/dockerfile/command | ||||
|  | @ -1083,8 +1083,8 @@ go.opencensus.io/internal | |||
| go.opencensus.io/trace | ||||
| go.opencensus.io/trace/internal | ||||
| go.opencensus.io/trace/tracestate | ||||
| # go.opentelemetry.io/otel v1.16.0 | ||||
| ## explicit; go 1.19 | ||||
| # go.opentelemetry.io/otel v1.19.0 | ||||
| ## explicit; go 1.20 | ||||
| go.opentelemetry.io/otel | ||||
| go.opentelemetry.io/otel/attribute | ||||
| go.opentelemetry.io/otel/baggage | ||||
|  | @ -1096,12 +1096,12 @@ go.opentelemetry.io/otel/internal/global | |||
| go.opentelemetry.io/otel/propagation | ||||
| go.opentelemetry.io/otel/semconv/internal | ||||
| go.opentelemetry.io/otel/semconv/v1.12.0 | ||||
| # go.opentelemetry.io/otel/metric v1.16.0 | ||||
| ## explicit; go 1.19 | ||||
| # go.opentelemetry.io/otel/metric v1.19.0 | ||||
| ## explicit; go 1.20 | ||||
| go.opentelemetry.io/otel/metric | ||||
| go.opentelemetry.io/otel/metric/embedded | ||||
| # go.opentelemetry.io/otel/trace v1.16.0 | ||||
| ## explicit; go 1.19 | ||||
| # go.opentelemetry.io/otel/trace v1.19.0 | ||||
| ## explicit; go 1.20 | ||||
| go.opentelemetry.io/otel/trace | ||||
| # golang.org/x/arch v0.5.0 | ||||
| ## explicit; go 1.17 | ||||
|  | @ -1162,7 +1162,7 @@ golang.org/x/net/internal/socks | |||
| golang.org/x/net/internal/timeseries | ||||
| golang.org/x/net/proxy | ||||
| golang.org/x/net/trace | ||||
| # golang.org/x/oauth2 v0.13.0 | ||||
| # golang.org/x/oauth2 v0.14.0 | ||||
| ## explicit; go 1.18 | ||||
| golang.org/x/oauth2 | ||||
| golang.org/x/oauth2/internal | ||||
|  |  | |||
		Loading…
	
		Reference in New Issue