From aba0beb71d028003ec812084e4423fae5d0e3f52 Mon Sep 17 00:00:00 2001 From: Kevin Michel Date: Thu, 5 Sep 2024 08:54:35 +0200 Subject: [PATCH] Fix conflict on heredoc temp files If two image builds start concurrently and they both use an heredoc with the same EOF marker, then they will use the same filename and overwrite each other. It's possible for concurrent builds to either use the wrong heredoc content or to fail because the file of one build is deleted by the other, leading to this error message: ``` STEP 13/21: COPY < --- imagebuildah/stage_executor.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/imagebuildah/stage_executor.go b/imagebuildah/stage_executor.go index 60d5a9a9ead..33ebfddfcfc 100644 --- a/imagebuildah/stage_executor.go +++ b/imagebuildah/stage_executor.go @@ -451,7 +451,7 @@ func (s *StageExecutor) performCopy(excludes []string, copies ...imagebuilder.Co data = strings.TrimPrefix(data, "\n") // add breakline when heredoc ends for docker compat data = data + "\n" - tmpFile, err := os.Create(filepath.Join(parse.GetTempDir(), path.Base(filepath.ToSlash(file.Name)))) + tmpFile, err := os.CreateTemp(parse.GetTempDir(), path.Base(filepath.ToSlash(file.Name))) if err != nil { return fmt.Errorf("unable to create tmp file for COPY instruction at %q: %w", parse.GetTempDir(), err) }