containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bump github.com/containers/buildah from 1.19.6 to 1.19.7 

Bumps [github.com/containers/buildah](https://github.com/containers/buildah) from 1.19.6 to 1.19.7.
- [Release notes](https://github.com/containers/buildah/releases)
- [Changelog](https://github.com/containers/buildah/blob/master/CHANGELOG.md)
- [Commits](https://github.com/containers/buildah/compare/v1.19.6...v1.19.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
dependabot-preview[bot] 2021-03-05 09:18:19 +00:00 committed by Daniel J Walsh
parent 05080a12a9
commit efc592fba9
No known key found for this signature in database
GPG Key ID: A2DF901DABE2C028
8 changed files with 98 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@ -11,7 +11,7 @@ require (
github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd // indirect
github.com/containernetworking/cni v0.8.1 github.com/containernetworking/cni v0.8.1
github.com/containernetworking/plugins v0.9.0 github.com/containernetworking/plugins v0.9.0
github.com/containers/buildah v1.19.6 github.com/containers/buildah v1.19.7
github.com/containers/common v0.35.0 github.com/containers/common v0.35.0
github.com/containers/conmon v2.0.20+incompatible github.com/containers/conmon v2.0.20+incompatible
github.com/containers/image/v5 v5.10.2 github.com/containers/image/v5 v5.10.2

4
go.sum
View File

@ -97,8 +97,8 @@ github.com/containernetworking/cni v0.8.1/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ
github.com/containernetworking/plugins v0.8.7/go.mod h1:R7lXeZaBzpfqapcAbHRW8/CYwm0dHzbz0XEjofx0uB0= github.com/containernetworking/plugins v0.8.7/go.mod h1:R7lXeZaBzpfqapcAbHRW8/CYwm0dHzbz0XEjofx0uB0=
github.com/containernetworking/plugins v0.9.0 h1:c+1gegKhR7+d0Caum9pEHugZlyhXPOG6v3V6xJgIGCI= github.com/containernetworking/plugins v0.9.0 h1:c+1gegKhR7+d0Caum9pEHugZlyhXPOG6v3V6xJgIGCI=
github.com/containernetworking/plugins v0.9.0/go.mod h1:dbWv4dI0QrBGuVgj+TuVQ6wJRZVOhrCQj91YyC92sxg= github.com/containernetworking/plugins v0.9.0/go.mod h1:dbWv4dI0QrBGuVgj+TuVQ6wJRZVOhrCQj91YyC92sxg=
github.com/containers/buildah v1.19.6 h1:8mPysB7QzHxX9okR+Bwq/lsKAZA/FjDcqB+vebgwI1g= github.com/containers/buildah v1.19.7 h1:/g11GlhTo177xFex+5GHlF22hq01SyWaJuSA26UGFNU=
github.com/containers/buildah v1.19.6/go.mod h1:VnyHWgNmfR1d89/zJ/F4cbwOzaQS+6sBky46W7dCo3E= github.com/containers/buildah v1.19.7/go.mod h1:VnyHWgNmfR1d89/zJ/F4cbwOzaQS+6sBky46W7dCo3E=
github.com/containers/common v0.33.4/go.mod h1:PhgL71XuC4jJ/1BIqeP7doke3aMFkCP90YBXwDeUr9g= github.com/containers/common v0.33.4/go.mod h1:PhgL71XuC4jJ/1BIqeP7doke3aMFkCP90YBXwDeUr9g=
github.com/containers/common v0.35.0 h1:1OLZ2v+Tj/CN9BTQkKZ5VOriOiArJedinMMqfJRUI38= github.com/containers/common v0.35.0 h1:1OLZ2v+Tj/CN9BTQkKZ5VOriOiArJedinMMqfJRUI38=
github.com/containers/common v0.35.0/go.mod h1:gs1th7XFTOvVUl4LDPdQjOfOeNiVRDbQ7CNrZ0wS6F8= github.com/containers/common v0.35.0/go.mod h1:gs1th7XFTOvVUl4LDPdQjOfOeNiVRDbQ7CNrZ0wS6F8=

26
vendor/github.com/containers/buildah/add.go generated vendored
View File

@ -324,13 +324,33 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption
return errors.Wrapf(err, "error processing excludes list %v", options.Excludes) return errors.Wrapf(err, "error processing excludes list %v", options.Excludes)
} }
// Copy each source in turn. // Make sure that, if it's a symlink, we'll chroot to the target of the link;
// knowing that target requires that we resolve it within the chroot.
evalOptions := copier.EvalOptions{}
evaluated, err := copier.Eval(mountPoint, extractDirectory, evalOptions)
if err != nil {
return errors.Wrapf(err, "error checking on destination %v", extractDirectory)
}
extractDirectory = evaluated
// Set up ID maps.
var srcUIDMap, srcGIDMap []idtools.IDMap var srcUIDMap, srcGIDMap []idtools.IDMap
if options.IDMappingOptions != nil { if options.IDMappingOptions != nil {
srcUIDMap, srcGIDMap = convertRuntimeIDMaps(options.IDMappingOptions.UIDMap, options.IDMappingOptions.GIDMap) srcUIDMap, srcGIDMap = convertRuntimeIDMaps(options.IDMappingOptions.UIDMap, options.IDMappingOptions.GIDMap)
} }
destUIDMap, destGIDMap := convertRuntimeIDMaps(b.IDMappingOptions.UIDMap, b.IDMappingOptions.GIDMap) destUIDMap, destGIDMap := convertRuntimeIDMaps(b.IDMappingOptions.UIDMap, b.IDMappingOptions.GIDMap)
// Create the target directory if it doesn't exist yet.
mkdirOptions := copier.MkdirOptions{
UIDMap: destUIDMap,
GIDMap: destGIDMap,
ChownNew: chownDirs,
}
if err := copier.Mkdir(mountPoint, extractDirectory, mkdirOptions); err != nil {
return errors.Wrapf(err, "error ensuring target directory exists")
}
// Copy each source in turn.
for _, src := range sources { for _, src := range sources {
var multiErr *multierror.Error var multiErr *multierror.Error
var getErr, closeErr, renameErr, putErr error var getErr, closeErr, renameErr, putErr error
@ -363,7 +383,7 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption
ChmodFiles: nil, ChmodFiles: nil,
IgnoreDevices: rsystem.RunningInUserNS(), IgnoreDevices: rsystem.RunningInUserNS(),
} }
putErr = copier.Put(mountPoint, extractDirectory, putOptions, io.TeeReader(pipeReader, hasher)) putErr = copier.Put(extractDirectory, extractDirectory, putOptions, io.TeeReader(pipeReader, hasher))
} }
hashCloser.Close() hashCloser.Close()
pipeReader.Close() pipeReader.Close()
@ -498,7 +518,7 @@ func (b *Builder) Add(destination string, extract bool, options AddAndCopyOption
ChmodFiles: nil, ChmodFiles: nil,
IgnoreDevices: rsystem.RunningInUserNS(), IgnoreDevices: rsystem.RunningInUserNS(),
} }
putErr = copier.Put(mountPoint, extractDirectory, putOptions, io.TeeReader(pipeReader, hasher)) putErr = copier.Put(extractDirectory, extractDirectory, putOptions, io.TeeReader(pipeReader, hasher))
} }
hashCloser.Close() hashCloser.Close()
pipeReader.Close() pipeReader.Close()

2
vendor/github.com/containers/buildah/buildah.go generated vendored
View File

@ -28,7 +28,7 @@ const (
Package = "buildah" Package = "buildah"
// Version for the Package. Bump version in contrib/rpm/buildah.spec // Version for the Package. Bump version in contrib/rpm/buildah.spec
// too. // too.
Version = "1.19.6" Version = "1.19.7"
// The value we use to identify what type of information, currently a // The value we use to identify what type of information, currently a
// serialized Builder structure, we are using as per-container state. // serialized Builder structure, we are using as per-container state.
// This should only be changed when we make incompatible changes to // This should only be changed when we make incompatible changes to

65
vendor/github.com/containers/buildah/copier/copier.go generated vendored
View File

@ -70,6 +70,7 @@ func isArchivePath(path string) bool {
type requestType string type requestType string
const ( const (
requestEval requestType = "EVAL"
requestStat requestType = "STAT" requestStat requestType = "STAT"
requestGet requestType = "GET" requestGet requestType = "GET"
requestPut requestType = "PUT" requestPut requestType = "PUT"
@ -95,6 +96,8 @@ type request struct {
func (req *request) Excludes() []string { func (req *request) Excludes() []string {
switch req.Request { switch req.Request {
case requestEval:
return nil
case requestStat: case requestStat:
return req.StatOptions.Excludes return req.StatOptions.Excludes
case requestGet: case requestGet:
@ -112,6 +115,8 @@ func (req *request) Excludes() []string {
func (req *request) UIDMap() []idtools.IDMap { func (req *request) UIDMap() []idtools.IDMap {
switch req.Request { switch req.Request {
case requestEval:
return nil
case requestStat: case requestStat:
return nil return nil
case requestGet: case requestGet:
@ -129,6 +134,8 @@ func (req *request) UIDMap() []idtools.IDMap {
func (req *request) GIDMap() []idtools.IDMap { func (req *request) GIDMap() []idtools.IDMap {
switch req.Request { switch req.Request {
case requestEval:
return nil
case requestStat: case requestStat:
return nil return nil
case requestGet: case requestGet:
@ -148,6 +155,7 @@ func (req *request) GIDMap() []idtools.IDMap {
type response struct { type response struct {
Error string `json:",omitempty"` Error string `json:",omitempty"`
Stat statResponse Stat statResponse
Eval evalResponse
Get getResponse Get getResponse
Put putResponse Put putResponse
Mkdir mkdirResponse Mkdir mkdirResponse
@ -158,6 +166,11 @@ type statResponse struct {
Globs []*StatsForGlob Globs []*StatsForGlob
} }
// evalResponse encodes a response for a single Eval request.
type evalResponse struct {
Evaluated string
}
// StatsForGlob encode results for a single glob pattern passed to Stat(). // StatsForGlob encode results for a single glob pattern passed to Stat().
type StatsForGlob struct { type StatsForGlob struct {
Error string `json:",omitempty"` // error if the Glob pattern was malformed Error string `json:",omitempty"` // error if the Glob pattern was malformed
@ -192,6 +205,33 @@ type putResponse struct {
type mkdirResponse struct { type mkdirResponse struct {
} }
// EvalOptions controls parts of Eval()'s behavior.
type EvalOptions struct {
}
// Eval evaluates the directory's path, including any intermediate symbolic
// links.
// If root is specified and the current OS supports it, and the calling process
// has the necessary privileges, evaluation is performed in a chrooted context.
// If the directory is specified as an absolute path, it should either be the
// root directory or a subdirectory of the root directory. Otherwise, the
// directory is treated as a path relative to the root directory.
func Eval(root string, directory string, options EvalOptions) (string, error) {
req := request{
Request: requestEval,
Root: root,
Directory: directory,
}
resp, err := copier(nil, nil, req)
if err != nil {
return "", err
}
if resp.Error != "" {
return "", errors.New(resp.Error)
}
return resp.Eval.Evaluated, nil
}
// StatOptions controls parts of Stat()'s behavior. // StatOptions controls parts of Stat()'s behavior.
type StatOptions struct { type StatOptions struct {
CheckForArchives bool // check for and populate the IsArchive bit in returned values CheckForArchives bool // check for and populate the IsArchive bit in returned values
@ -243,6 +283,7 @@ type GetOptions struct {
StripXattrs bool // don't record extended attributes of items being copied. no effect on archives being extracted StripXattrs bool // don't record extended attributes of items being copied. no effect on archives being extracted
KeepDirectoryNames bool // don't strip the top directory's basename from the paths of items in subdirectories KeepDirectoryNames bool // don't strip the top directory's basename from the paths of items in subdirectories
Rename map[string]string // rename items with the specified names, or under the specified names Rename map[string]string // rename items with the specified names, or under the specified names
NoDerefSymlinks bool // don't follow symlinks when globs match them
} }
// Get produces an archive containing items that match the specified glob // Get produces an archive containing items that match the specified glob
@ -557,6 +598,9 @@ func copierWithSubprocess(bulkReader io.Reader, bulkWriter io.Writer, req reques
return killAndReturn(err, "error encoding request for copier subprocess") return killAndReturn(err, "error encoding request for copier subprocess")
} }
if err = decoder.Decode(&resp); err != nil { if err = decoder.Decode(&resp); err != nil {
if errors.Is(err, io.EOF) && errorBuffer.Len() > 0 {
return killAndReturn(errors.New(errorBuffer.String()), "error in copier subprocess")
}
return killAndReturn(err, "error decoding response from copier subprocess") return killAndReturn(err, "error decoding response from copier subprocess")
} }
if err = encoder.Encode(&request{Request: requestQuit}); err != nil { if err = encoder.Encode(&request{Request: requestQuit}); err != nil {
@ -667,7 +711,7 @@ func copierMain() {
var err error var err error
chrooted, err = chroot(req.Root) chrooted, err = chroot(req.Root)
if err != nil { if err != nil {
fmt.Fprintf(os.Stderr, "error changing to intended-new-root directory %q: %v", req.Root, err) fmt.Fprintf(os.Stderr, "%v", err)
os.Exit(1) os.Exit(1)
} }
} }
@ -762,6 +806,9 @@ func copierHandler(bulkReader io.Reader, bulkWriter io.Writer, req request) (*re
switch req.Request { switch req.Request {
default: default:
return nil, nil, errors.Errorf("not an implemented request type: %q", req.Request) return nil, nil, errors.Errorf("not an implemented request type: %q", req.Request)
case requestEval:
resp := copierHandlerEval(req)
return resp, nil, nil
case requestStat: case requestStat:
resp := copierHandlerStat(req, pm) resp := copierHandlerStat(req, pm)
return resp, nil, nil return resp, nil, nil
@ -870,6 +917,17 @@ func resolvePath(root, path string, pm *fileutils.PatternMatcher) (string, error
return workingPath, nil return workingPath, nil
} }
func copierHandlerEval(req request) *response {
errorResponse := func(fmtspec string, args ...interface{}) *response {
return &response{Error: fmt.Sprintf(fmtspec, args...), Eval: evalResponse{}}
}
resolvedTarget, err := resolvePath(req.Root, req.Directory, nil)
if err != nil {
return errorResponse("copier: eval: error resolving %q: %v", req.Directory, err)
}
return &response{Eval: evalResponse{Evaluated: filepath.Join(req.rootPrefix, resolvedTarget)}}
}
func copierHandlerStat(req request, pm *fileutils.PatternMatcher) *response { func copierHandlerStat(req request, pm *fileutils.PatternMatcher) *response {
errorResponse := func(fmtspec string, args ...interface{}) *response { errorResponse := func(fmtspec string, args ...interface{}) *response {
return &response{Error: fmt.Sprintf(fmtspec, args...), Stat: statResponse{}} return &response{Error: fmt.Sprintf(fmtspec, args...), Stat: statResponse{}}
@ -1024,7 +1082,7 @@ func copierHandlerGet(bulkWriter io.Writer, req request, pm *fileutils.PatternMa
// chase links. if we hit a dead end, we should just fail // chase links. if we hit a dead end, we should just fail
followedLinks := 0 followedLinks := 0
const maxFollowedLinks = 16 const maxFollowedLinks = 16
for info.Mode()&os.ModeType == os.ModeSymlink && followedLinks < maxFollowedLinks { for !req.GetOptions.NoDerefSymlinks && info.Mode()&os.ModeType == os.ModeSymlink && followedLinks < maxFollowedLinks {
path, err := os.Readlink(item) path, err := os.Readlink(item)
if err != nil { if err != nil {
continue continue
@ -1139,7 +1197,8 @@ func handleRename(rename map[string]string, name string) string {
return path.Join(mappedPrefix, remainder) return path.Join(mappedPrefix, remainder)
} }
if prefix[len(prefix)-1] == '/' { if prefix[len(prefix)-1] == '/' {
if mappedPrefix, ok := rename[prefix[:len(prefix)-1]]; ok { prefix = prefix[:len(prefix)-1]
if mappedPrefix, ok := rename[prefix]; ok {
return path.Join(mappedPrefix, remainder) return path.Join(mappedPrefix, remainder)
} }
} }

8
vendor/github.com/containers/buildah/copier/syscall_unix.go generated vendored
View File

@ -3,10 +3,10 @@
package copier package copier
import ( import (
"fmt"
"os" "os"
"time" "time"
"github.com/pkg/errors"
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
) )
@ -15,13 +15,13 @@ var canChroot = os.Getuid() == 0
func chroot(root string) (bool, error) { func chroot(root string) (bool, error) {
if canChroot { if canChroot {
if err := os.Chdir(root); err != nil { if err := os.Chdir(root); err != nil {
return false, fmt.Errorf("error changing to intended-new-root directory %q: %v", root, err) return false, errors.Wrapf(err, "error changing to intended-new-root directory %q", root)
} }
if err := unix.Chroot(root); err != nil { if err := unix.Chroot(root); err != nil {
return false, fmt.Errorf("error chrooting to directory %q: %v", root, err) return false, errors.Wrapf(err, "error chrooting to directory %q", root)
} }
if err := os.Chdir(string(os.PathSeparator)); err != nil { if err := os.Chdir(string(os.PathSeparator)); err != nil {
return false, fmt.Errorf("error changing to just-became-root directory %q: %v", root, err) return false, errors.Wrapf(err, "error changing to just-became-root directory %q", root)
} }
return true, nil return true, nil
} }

10
vendor/github.com/containers/buildah/pkg/overlay/overlay.go generated vendored
View File

@ -77,13 +77,11 @@ func mountHelper(contentDir, source, dest string, _, _ int, graphOptions []strin
// Read-write overlay mounts want a lower, upper and a work layer. // Read-write overlay mounts want a lower, upper and a work layer.
workDir := filepath.Join(contentDir, "work") workDir := filepath.Join(contentDir, "work")
upperDir := filepath.Join(contentDir, "upper") upperDir := filepath.Join(contentDir, "upper")
st, err := os.Stat(dest) st, err := os.Stat(source)
if err == nil { if err != nil {
if err := os.Chmod(upperDir, st.Mode()); err != nil { return mount, err
return mount, err
}
} }
if !os.IsNotExist(err) { if err := os.Chmod(upperDir, st.Mode()); err != nil {
return mount, err return mount, err
} }
overlayOptions = fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s,private", source, upperDir, workDir) overlayOptions = fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s,private", source, upperDir, workDir)

2
vendor/modules.txt vendored
View File

@ -72,7 +72,7 @@ github.com/containernetworking/plugins/pkg/utils/hwaddr
github.com/containernetworking/plugins/pkg/utils/sysctl github.com/containernetworking/plugins/pkg/utils/sysctl
github.com/containernetworking/plugins/plugins/ipam/host-local/backend github.com/containernetworking/plugins/plugins/ipam/host-local/backend
github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator github.com/containernetworking/plugins/plugins/ipam/host-local/backend/allocator
# github.com/containers/buildah v1.19.6 # github.com/containers/buildah v1.19.7
github.com/containers/buildah github.com/containers/buildah
github.com/containers/buildah/bind github.com/containers/buildah/bind
github.com/containers/buildah/chroot github.com/containers/buildah/chroot