diff --git a/go.mod b/go.mod index 21eb432ab3..b6b8bfba06 100644 --- a/go.mod +++ b/go.mod @@ -13,8 +13,8 @@ require ( github.com/checkpoint-restore/checkpointctl v1.1.0 github.com/checkpoint-restore/go-criu/v7 v7.1.0 github.com/containernetworking/plugins v1.5.0 - github.com/containers/buildah v1.35.1-0.20240510150258-77f239ae12e5 - github.com/containers/common v0.58.1-0.20240523020001-79d954c77663 + github.com/containers/buildah v1.36.0 + github.com/containers/common v0.59.0 github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.7.4-0.20240515153903-01a1a0cd3f70 github.com/containers/image/v5 v5.31.0 @@ -60,7 +60,7 @@ require ( github.com/opencontainers/runtime-spec v1.2.0 github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc github.com/opencontainers/selinux v1.11.0 - github.com/openshift/imagebuilder v1.2.7 + github.com/openshift/imagebuilder v1.2.9 github.com/rootless-containers/rootlesskit/v2 v2.1.0 github.com/shirou/gopsutil/v3 v3.24.4 github.com/sirupsen/logrus v1.9.3 @@ -105,7 +105,7 @@ require ( github.com/containerd/typeurl/v2 v2.1.1 // indirect github.com/containernetworking/cni v1.1.2 // indirect github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 // indirect - github.com/containers/luksy v0.0.0-20240408185936-afd8e7619947 // indirect + github.com/containers/luksy v0.0.0-20240506205542-84b50f50f3ee // indirect github.com/coreos/go-oidc/v3 v3.10.0 // indirect github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f // indirect github.com/cyberphone/json-canonicalization v0.0.0-20231217050601-ba74d44ecf5f // indirect @@ -116,7 +116,7 @@ require ( github.com/docker/docker-credential-helpers v0.8.1 // indirect github.com/felixge/httpsnoop v1.0.4 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect - github.com/fsouza/go-dockerclient v1.10.1 // indirect + github.com/fsouza/go-dockerclient v1.11.0 // indirect github.com/gabriel-vasile/mimetype v1.4.3 // indirect github.com/gin-contrib/sse v0.1.0 // indirect github.com/gin-gonic/gin v1.9.1 // indirect diff --git a/go.sum b/go.sum index d54eed4f8a..6662accdc9 100644 --- a/go.sum +++ b/go.sum @@ -77,10 +77,10 @@ github.com/containernetworking/cni v1.1.2 h1:wtRGZVv7olUHMOqouPpn3cXJWpJgM6+EUl3 github.com/containernetworking/cni v1.1.2/go.mod h1:sDpYKmGVENF3s6uvMvGgldDWeG8dMxakj/u+i9ht9vw= github.com/containernetworking/plugins v1.5.0 h1:P09DMlfvvsLSskDoftnuwXY7lwa7IAhTGznZxA5E8fk= github.com/containernetworking/plugins v1.5.0/go.mod h1:bcXMvG9gWGc6jVXeodmMzuXmXqpqMguZm6Zu/oIr7AA= -github.com/containers/buildah v1.35.1-0.20240510150258-77f239ae12e5 h1:xtKtw/g2iDkirqSw6Dvvc2ZMPxBYhyN9xPdH81a7hO4= -github.com/containers/buildah v1.35.1-0.20240510150258-77f239ae12e5/go.mod h1:ezOOMchy0Dcu/jKNNsTJbtxvOrhdogVkbG+UxkG77EY= -github.com/containers/common v0.58.1-0.20240523020001-79d954c77663 h1:uuVZV1SZO4Mdtiyngf91HytchzlXPW90F8weyXk71hY= -github.com/containers/common v0.58.1-0.20240523020001-79d954c77663/go.mod h1:53VicJCZ2AD0O+Br7VVoyrS7viXF4YmwlTIocWUT8XE= +github.com/containers/buildah v1.36.0 h1:e369nE9bx0yJtPVRDMsbr0OzkW59XCYAl+5poGhFjcs= +github.com/containers/buildah v1.36.0/go.mod h1:qlEF4RuCnzEUTQhAnCyGr5WoYNZaU0k2mPcZscUR//c= +github.com/containers/common v0.59.0 h1:fy9Jz0B7Qs1C030bm73YJtVddaiFSZD3558EV1tgN2g= +github.com/containers/common v0.59.0/go.mod h1:53VicJCZ2AD0O+Br7VVoyrS7viXF4YmwlTIocWUT8XE= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.7.4-0.20240515153903-01a1a0cd3f70 h1:aACcXSIgcuPq5QdNZZ8B53BCdhqYvw33/8QmZWJATvg= @@ -91,8 +91,8 @@ github.com/containers/libhvee v0.7.1 h1:dWGF5GLq9DZvXo3P8aDp3cNieL5eCaSell4UmeA/ github.com/containers/libhvee v0.7.1/go.mod h1:fRKB3AyIqHMvq6xaeYhTpckM2cdoq0oecolyoiuLP7M= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01/go.mod h1:9rfv8iPl1ZP7aqh9YA68wnZv2NUDbXdcdPHVz0pFbPY= -github.com/containers/luksy v0.0.0-20240408185936-afd8e7619947 h1:LDm12XWmz7PQ9K6iy70m+tGxNlr39KcxFVc8CSnMT+I= -github.com/containers/luksy v0.0.0-20240408185936-afd8e7619947/go.mod h1:DeMi9C2WxgZtJLpBGd175oGZwX/pOmZ6xJVhA5XAG/g= +github.com/containers/luksy v0.0.0-20240506205542-84b50f50f3ee h1:QU6XNrPcxyGejcEYJfpIH7LwB+yXVbb0tWxf7mZxfN4= +github.com/containers/luksy v0.0.0-20240506205542-84b50f50f3ee/go.mod h1:cEhy3LVQzQqf/BHx0WS6CXmZp+RZZaUKmhQaFZ4NiiU= github.com/containers/ocicrypt v1.1.10 h1:r7UR6o8+lyhkEywetubUUgcKFjOWOaWz8cEBrCPX0ic= github.com/containers/ocicrypt v1.1.10/go.mod h1:YfzSSr06PTHQwSTUKqDSjish9BeW1E4HUmreluQcMd8= github.com/containers/psgo v1.9.0 h1:eJ74jzSaCHnWt26OlKZROSyUyRcGDf+gYBdXnxrMW4g= @@ -163,8 +163,8 @@ github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA= github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM= -github.com/fsouza/go-dockerclient v1.10.1 h1:bSU5Wu2ARdub+iv9VtoDsN8yBUI0vgflmshbeQLKhvc= -github.com/fsouza/go-dockerclient v1.10.1/go.mod h1:dyzGriw6v3pK4O4O1u/X+vXxDDsrnLLkCqYkcLsDq2k= +github.com/fsouza/go-dockerclient v1.11.0 h1:4ZAk6W7rPAtPXm7198EFqA5S68rwnNQORxlOA5OurCA= +github.com/fsouza/go-dockerclient v1.11.0/go.mod h1:0I3TQCRseuPTzqlY4Y3ajfsg2VAdMQoazrkxJTiJg8s= github.com/gabriel-vasile/mimetype v1.4.3 h1:in2uUcidCuFcDKtdcBxlR0rJ1+fsokWf+uqxgUFjbI0= github.com/gabriel-vasile/mimetype v1.4.3/go.mod h1:d8uq/6HKRL6CGdk+aubisF/M5GcPfT7nKyLpA0lbSSk= github.com/gin-contrib/sse v0.1.0 h1:Y/yl/+YNO8GZSjAhjMsSuLt29uWRFHdHYUb5lYOV9qE= @@ -416,8 +416,8 @@ github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc h1: github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc/go.mod h1:8tx1helyqhUC65McMm3x7HmOex8lO2/v9zPuxmKHurs= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/openshift/imagebuilder v1.2.7 h1:IJUrZ59iW8ekX8XONlyUyJTQHlkkXtKFvb6bpKWXwz0= -github.com/openshift/imagebuilder v1.2.7/go.mod h1:Q7R8nLg2rziREGN1iZuXBcVv7LI8m5GLEOFQMcqtmsg= +github.com/openshift/imagebuilder v1.2.9 h1:830/kg5FWtpLsQ6JcCQ23qOeb/KfzMK66pai544rAUI= +github.com/openshift/imagebuilder v1.2.9/go.mod h1:KkkXOyRjJlZEXWQtHNBNzVHqh4vf/0xX5cDIQ2gr+5I= github.com/opentracing/opentracing-go v1.2.0 h1:uEJPy/1a5RIPAJ0Ov+OIO8OxWu77jEv+1B0VhjKrZUs= github.com/opentracing/opentracing-go v1.2.0/go.mod h1:GxEUsuufX4nBwe+T+Wl9TAgYrxe9dPLANfrWvHYVTgc= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= diff --git a/vendor/github.com/containers/buildah/CHANGELOG.md b/vendor/github.com/containers/buildah/CHANGELOG.md index 2508ab2a12..c9780e5984 100644 --- a/vendor/github.com/containers/buildah/CHANGELOG.md +++ b/vendor/github.com/containers/buildah/CHANGELOG.md @@ -2,6 +2,65 @@ # Changelog +## v1.36.0 (2024-05-23) + + build: be more selective about specifying the default OS + Bump to c/common v0.59.0 + Fix buildah prune --help showing the same example twice + fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0 + fix(deps): update module github.com/containers/image/v5 to v5.31.0 + bud tests: fix breakage when vendoring into podman + Integration tests: fake up a replacement for nixery.dev/shell + copierWithSubprocess(): try to capture stderr on io.ErrClosedPipe + Don't expand RUN heredocs ourselves, let the shell do it + Don't leak temp files on failures + Add release note template to split dependency chores + fix CentOS/RHEL build - no BATS there + fix(deps): update module github.com/containers/luksy to v0.0.0-20240506205542-84b50f50f3ee + Address CVE-2024-3727 + chore(deps): update module github.com/opencontainers/runtime-spec to v1.2.0 + Builder.cdiSetupDevicesInSpecdefConfig(): use configured CDI dirs + Setting --arch should set the TARGETARCH build arg + fix(deps): update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f + [CI:DOCS] Add link to Buildah image page to README.md + Don't set GOTOOLCHAIN=local + fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.5 + Makefile: set GOTOOLCHAIN=local + Integration tests: switch some base images + containerImageRef.NewImageSource: merge the tar filters + fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.2 + fix(deps): update module github.com/containers/luksy to v0.0.0-20240408185936-afd8e7619947 + Disable packit builds for centos-stream+epel-next-8 + Makefile: add missing files to $(SOURCES) + CI VMs: bump to new versions with tmpfs /tmp + chore(deps): update module golang.org/x/net to v0.23.0 [security] + integration test: handle new labels in "bud and test --unsetlabel" + Switch packit configuration to use epel-9-$arch ... + Give unit tests a bit more time + Integration tests: remove a couple of duplicated tests + Integration tests: whitespace tweaks + Integration tests: don't remove images at start or end of test + Integration tests: use cached images more + Integration tests _prefetch: use registry configs + internal: use fileutils.(Le|E)xists + pkg/parse: use fileutils.(Le|E)xists + buildah: use fileutils.(Le|E)xists + chroot: use fileutils.(Le|E)xists + vendor: update containers/(common|storage) + Fix issue/pr lock workflow + [CI:DOCS] Add golang 1.21 update warning + heredoc: honor inline COPY irrespective of ignorefiles + Update install.md + source-push: add support for --digestfile + Fix caching when mounting a cached stage with COPY/ADD + fix(deps): update github.com/containers/luksy digest to 3d2cf0e + Makefile: softcode `strip`, use it from env var + Man page updates + Add support for passing CDI specs to --device + Update comments on some API objects + pkg/parse.DeviceFromPath(): dereference src symlinks + fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1 + ## v1.35.0 (2024-03-06) fix(deps): update module github.com/stretchr/testify to v1.9.0 diff --git a/vendor/github.com/containers/buildah/changelog.txt b/vendor/github.com/containers/buildah/changelog.txt index e250f54447..5444678e2c 100644 --- a/vendor/github.com/containers/buildah/changelog.txt +++ b/vendor/github.com/containers/buildah/changelog.txt @@ -1,3 +1,61 @@ +- Changelog for v1.36.0 (2024-05-23) + * build: be more selective about specifying the default OS + * Bump to c/common v0.59.0 + * Fix buildah prune --help showing the same example twice + * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.18.0 + * fix(deps): update module github.com/containers/image/v5 to v5.31.0 + * bud tests: fix breakage when vendoring into podman + * Integration tests: fake up a replacement for nixery.dev/shell + * copierWithSubprocess(): try to capture stderr on io.ErrClosedPipe + * Don't expand RUN heredocs ourselves, let the shell do it + * Don't leak temp files on failures + * Add release note template to split dependency chores + * fix CentOS/RHEL build - no BATS there + * fix(deps): update module github.com/containers/luksy to v0.0.0-20240506205542-84b50f50f3ee + * Address CVE-2024-3727 + * chore(deps): update module github.com/opencontainers/runtime-spec to v1.2.0 + * Builder.cdiSetupDevicesInSpecdefConfig(): use configured CDI dirs + * Setting --arch should set the TARGETARCH build arg + * fix(deps): update module golang.org/x/exp to v0.0.0-20240416160154-fe59bbe5cc7f + * [CI:DOCS] Add link to Buildah image page to README.md + * Don't set GOTOOLCHAIN=local + * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.5 + * Makefile: set GOTOOLCHAIN=local + * Integration tests: switch some base images + * containerImageRef.NewImageSource: merge the tar filters + * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.2 + * fix(deps): update module github.com/containers/luksy to v0.0.0-20240408185936-afd8e7619947 + * Disable packit builds for centos-stream+epel-next-8 + * Makefile: add missing files to $(SOURCES) + * CI VMs: bump to new versions with tmpfs /tmp + * chore(deps): update module golang.org/x/net to v0.23.0 [security] + * integration test: handle new labels in "bud and test --unsetlabel" + * Switch packit configuration to use epel-9-$arch ... + * Give unit tests a bit more time + * Integration tests: remove a couple of duplicated tests + * Integration tests: whitespace tweaks + * Integration tests: don't remove images at start or end of test + * Integration tests: use cached images more + * Integration tests _prefetch: use registry configs + * internal: use fileutils.(Le|E)xists + * pkg/parse: use fileutils.(Le|E)xists + * buildah: use fileutils.(Le|E)xists + * chroot: use fileutils.(Le|E)xists + * vendor: update containers/(common|storage) + * Fix issue/pr lock workflow + * [CI:DOCS] Add golang 1.21 update warning + * heredoc: honor inline COPY irrespective of ignorefiles + * Update install.md + * source-push: add support for --digestfile + * Fix caching when mounting a cached stage with COPY/ADD + * fix(deps): update github.com/containers/luksy digest to 3d2cf0e + * Makefile: softcode `strip`, use it from env var + * Man page updates + * Add support for passing CDI specs to --device + * Update comments on some API objects + * pkg/parse.DeviceFromPath(): dereference src symlinks + * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.17.1 + - Changelog for v1.35.0 (2024-03-06) * fix(deps): update module github.com/stretchr/testify to v1.9.0 * cgroups: reuse version check from c/common diff --git a/vendor/github.com/containers/buildah/copier/copier.go b/vendor/github.com/containers/buildah/copier/copier.go index babab38886..0dfdca3970 100644 --- a/vendor/github.com/containers/buildah/copier/copier.go +++ b/vendor/github.com/containers/buildah/copier/copier.go @@ -18,6 +18,7 @@ import ( "sync" "syscall" "time" + "unicode" "github.com/containers/image/v5/pkg/compression" "github.com/containers/storage/pkg/archive" @@ -633,6 +634,15 @@ func copierWithSubprocess(bulkReader io.Reader, bulkWriter io.Writer, req reques if err2 := cmd.Process.Kill(); err2 != nil { return nil, fmt.Errorf("killing subprocess: %v; %s: %w", err2, step, err) } + if errors.Is(err, io.ErrClosedPipe) || errors.Is(err, syscall.EPIPE) { + err2 := cmd.Wait() + if errorText := strings.TrimFunc(errorBuffer.String(), unicode.IsSpace); errorText != "" { + err = fmt.Errorf("%s: %w", errorText, err) + } + if err2 != nil { + return nil, fmt.Errorf("waiting on subprocess: %v; %s: %w", err2, step, err) + } + } return nil, fmt.Errorf("%v: %w", step, err) } if err = encoder.Encode(req); err != nil { diff --git a/vendor/github.com/containers/buildah/define/types.go b/vendor/github.com/containers/buildah/define/types.go index e8fbaf8d2c..eb52197bf7 100644 --- a/vendor/github.com/containers/buildah/define/types.go +++ b/vendor/github.com/containers/buildah/define/types.go @@ -29,7 +29,7 @@ const ( // identify working containers. Package = "buildah" // Version for the Package. Also used by .packit.sh for Packit builds. - Version = "1.36.0-dev" + Version = "1.36.0" // DefaultRuntime if containers.conf fails. DefaultRuntime = "runc" diff --git a/vendor/github.com/containers/buildah/docker/types.go b/vendor/github.com/containers/buildah/docker/types.go index b0ed2e4c02..275951d039 100644 --- a/vendor/github.com/containers/buildah/docker/types.go +++ b/vendor/github.com/containers/buildah/docker/types.go @@ -60,9 +60,10 @@ type HealthConfig struct { Test []string `json:",omitempty"` // Zero means to inherit. Durations are expressed as integer nanoseconds. - Interval time.Duration `json:",omitempty"` // Interval is the time to wait between checks. - Timeout time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung. - StartPeriod time.Duration `json:",omitempty"` // Time to wait after the container starts before running the first check. + Interval time.Duration `json:",omitempty"` // Interval is the time to wait between checks. + Timeout time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung. + StartPeriod time.Duration `json:",omitempty"` // Time to wait after the container starts before running the first check. + StartInterval time.Duration `json:",omitempty"` // Time to wait between checks during the StartPeriod. // Retries is the number of consecutive failures needed to consider a container as unhealthy. // Zero means inherit. diff --git a/vendor/github.com/containers/buildah/image.go b/vendor/github.com/containers/buildah/image.go index aaad13807a..5be7265160 100644 --- a/vendor/github.com/containers/buildah/image.go +++ b/vendor/github.com/containers/buildah/image.go @@ -952,7 +952,7 @@ func (i *containerImageSource) GetBlob(ctx context.Context, blob types.BlobInfo, // makeExtraImageContentDiff creates an archive file containing the contents of // files named in i.extraImageContent. The footer that marks the end of the // archive may be omitted. -func (i *containerImageRef) makeExtraImageContentDiff(includeFooter bool) (string, digest.Digest, int64, error) { +func (i *containerImageRef) makeExtraImageContentDiff(includeFooter bool) (_ string, _ digest.Digest, _ int64, retErr error) { cdir, err := i.store.ContainerDirectory(i.containerID) if err != nil { return "", "", -1, err @@ -962,6 +962,11 @@ func (i *containerImageRef) makeExtraImageContentDiff(includeFooter bool) (strin return "", "", -1, err } defer diff.Close() + defer func() { + if retErr != nil { + os.Remove(diff.Name()) + } + }() digester := digest.Canonical.Digester() counter := ioutils.NewWriteCounter(digester.Hash()) tw := tar.NewWriter(io.MultiWriter(diff, counter)) @@ -1001,10 +1006,10 @@ func (i *containerImageRef) makeExtraImageContentDiff(includeFooter bool) (strin } } if !includeFooter { - return diff.Name(), "", -1, err + return diff.Name(), "", -1, nil } tw.Close() - return diff.Name(), digester.Digest(), counter.Count, err + return diff.Name(), digester.Digest(), counter.Count, nil } // makeContainerImageRef creates a containers/image/v5/types.ImageReference diff --git a/vendor/github.com/containers/buildah/imagebuildah/build.go b/vendor/github.com/containers/buildah/imagebuildah/build.go index 39e9837063..04ed9194bd 100644 --- a/vendor/github.com/containers/buildah/imagebuildah/build.go +++ b/vendor/github.com/containers/buildah/imagebuildah/build.go @@ -11,6 +11,7 @@ import ( "os" "os/exec" "path/filepath" + "runtime" "strconv" "strings" "sync" @@ -221,6 +222,9 @@ func BuildDockerfiles(ctx context.Context, store storage.Store, options define.B systemContext := options.SystemContext for _, platform := range options.Platforms { platformContext := *systemContext + if platform.OS == "" && platform.Arch != "" { + platform.OS = runtime.GOOS + } platformSpec := internalUtil.NormalizePlatform(v1.Platform{ OS: platform.OS, Architecture: platform.Arch, diff --git a/vendor/github.com/containers/buildah/run_common.go b/vendor/github.com/containers/buildah/run_common.go index fd537851ee..f4f9de60c6 100644 --- a/vendor/github.com/containers/buildah/run_common.go +++ b/vendor/github.com/containers/buildah/run_common.go @@ -1659,7 +1659,7 @@ func (b *Builder) getTmpfsMount(tokens []string, idMaps IDMaps) (*specs.Mount, e return &volumes[0], nil } -func (b *Builder) getSecretMount(tokens []string, secrets map[string]define.Secret, idMaps IDMaps, workdir string) (*specs.Mount, string, error) { +func (b *Builder) getSecretMount(tokens []string, secrets map[string]define.Secret, idMaps IDMaps, workdir string) (_ *specs.Mount, _ string, retErr error) { errInvalidSyntax := errors.New("secret should have syntax id=id[,target=path,required=bool,mode=uint,uid=uint,gid=uint") if len(tokens) == 0 { return nil, "", errInvalidSyntax @@ -1739,6 +1739,11 @@ func (b *Builder) getSecretMount(tokens []string, secrets map[string]define.Secr if err != nil { return nil, "", err } + defer func() { + if retErr != nil { + os.Remove(tmpFile.Name()) + } + }() envFile = tmpFile.Name() ctrFileOnHost = tmpFile.Name() case "file": diff --git a/vendor/github.com/containers/common/version/version.go b/vendor/github.com/containers/common/version/version.go index fe53f91044..b8311bf196 100644 --- a/vendor/github.com/containers/common/version/version.go +++ b/vendor/github.com/containers/common/version/version.go @@ -1,4 +1,4 @@ package version // Version is the version of the build. -const Version = "0.60.0-dev" +const Version = "0.59.0" diff --git a/vendor/github.com/fsouza/go-dockerclient/container.go b/vendor/github.com/fsouza/go-dockerclient/container.go index 48e550495b..0eea041e41 100644 --- a/vendor/github.com/fsouza/go-dockerclient/container.go +++ b/vendor/github.com/fsouza/go-dockerclient/container.go @@ -389,9 +389,10 @@ type HealthConfig struct { Test []string `json:"Test,omitempty" yaml:"Test,omitempty" toml:"Test,omitempty"` // Zero means to inherit. Durations are expressed as integer nanoseconds. - Interval time.Duration `json:"Interval,omitempty" yaml:"Interval,omitempty" toml:"Interval,omitempty"` // Interval is the time to wait between checks. - Timeout time.Duration `json:"Timeout,omitempty" yaml:"Timeout,omitempty" toml:"Timeout,omitempty"` // Timeout is the time to wait before considering the check to have hung. - StartPeriod time.Duration `json:"StartPeriod,omitempty" yaml:"StartPeriod,omitempty" toml:"StartPeriod,omitempty"` // The start period for the container to initialize before the retries starts to count down. + Interval time.Duration `json:"Interval,omitempty" yaml:"Interval,omitempty" toml:"Interval,omitempty"` // Interval is the time to wait between checks. + Timeout time.Duration `json:"Timeout,omitempty" yaml:"Timeout,omitempty" toml:"Timeout,omitempty"` // Timeout is the time to wait before considering the check to have hung. + StartPeriod time.Duration `json:"StartPeriod,omitempty" yaml:"StartPeriod,omitempty" toml:"StartPeriod,omitempty"` // The start period for the container to initialize before the retries starts to count down. + StartInterval time.Duration `json:"StartInterval,omitempty" yaml:"StartInterval,omitempty" toml:"StartInterval,omitempty"` // The start interval is the time to wait between checks during the start period. // Retries is the number of consecutive failures needed to consider a container as unhealthy. // Zero means inherit. @@ -555,6 +556,7 @@ type HostConfig struct { PublishAllPorts bool `json:"PublishAllPorts,omitempty" yaml:"PublishAllPorts,omitempty" toml:"PublishAllPorts,omitempty"` ReadonlyRootfs bool `json:"ReadonlyRootfs,omitempty" yaml:"ReadonlyRootfs,omitempty" toml:"ReadonlyRootfs,omitempty"` AutoRemove bool `json:"AutoRemove,omitempty" yaml:"AutoRemove,omitempty" toml:"AutoRemove,omitempty"` + Annotations map[string]string `json:"Annotations,omitempty" yaml:"Annotations,omitempty" toml:"Annotations,omitempty"` } // NetworkingConfig represents the container's networking configuration for each of its interfaces diff --git a/vendor/github.com/openshift/imagebuilder/.travis.yml b/vendor/github.com/openshift/imagebuilder/.travis.yml index 124944ebd8..937782d53c 100644 --- a/vendor/github.com/openshift/imagebuilder/.travis.yml +++ b/vendor/github.com/openshift/imagebuilder/.travis.yml @@ -9,7 +9,11 @@ go: - "1.20" before_install: + - sudo systemctl stop docker.service && sudo systemctl stop docker.socket + - curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - + - yes | sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" - sudo apt-get update -q -y + - sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce - docker pull busybox - docker pull centos:7 - chmod -R go-w ./dockerclient/testdata diff --git a/vendor/github.com/openshift/imagebuilder/dispatchers.go b/vendor/github.com/openshift/imagebuilder/dispatchers.go index f43adacb43..84c44100a9 100644 --- a/vendor/github.com/openshift/imagebuilder/dispatchers.go +++ b/vendor/github.com/openshift/imagebuilder/dispatchers.go @@ -23,6 +23,7 @@ import ( "github.com/openshift/imagebuilder/signal" "github.com/openshift/imagebuilder/strslice" + buildkitcommand "github.com/moby/buildkit/frontend/dockerfile/command" buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" buildkitshell "github.com/moby/buildkit/frontend/dockerfile/shell" ) @@ -130,7 +131,7 @@ func label(b *Builder, args []string, attributes map[string]bool, flagArgs []str return nil } -func processHereDocs(originalInstruction string, heredocs []buildkitparser.Heredoc, args []string) ([]File, error) { +func processHereDocs(instruction, originalInstruction string, heredocs []buildkitparser.Heredoc, args []string) ([]File, error) { var files []File for _, heredoc := range heredocs { var err error @@ -138,7 +139,7 @@ func processHereDocs(originalInstruction string, heredocs []buildkitparser.Hered if heredoc.Chomp { content = buildkitparser.ChompHeredocContent(content) } - if heredoc.Expand { + if heredoc.Expand && !strings.EqualFold(instruction, buildkitcommand.Run) { shlex := buildkitshell.NewLex('\\') shlex.RawQuotes = true shlex.RawEscapes = true @@ -202,7 +203,7 @@ func add(b *Builder, args []string, attributes map[string]bool, flagArgs []strin return fmt.Errorf("ADD only supports the --chmod=, --chown=, and --checksum= flags") } } - files, err := processHereDocs(original, heredocs, userArgs) + files, err := processHereDocs(buildkitcommand.Add, original, heredocs, userArgs) if err != nil { return err } @@ -256,7 +257,7 @@ func dispatchCopy(b *Builder, args []string, attributes map[string]bool, flagArg return fmt.Errorf("COPY only supports the --chmod= --chown= and the --from= flags") } } - files, err := processHereDocs(original, heredocs, userArgs) + files, err := processHereDocs(buildkitcommand.Copy, original, heredocs, userArgs) if err != nil { return err } @@ -422,7 +423,7 @@ func run(b *Builder, args []string, attributes map[string]bool, flagArgs []strin } } - files, err := processHereDocs(original, heredocs, userArgs) + files, err := processHereDocs(buildkitcommand.Run, original, heredocs, userArgs) if err != nil { return err } @@ -606,6 +607,7 @@ func healthcheck(b *Builder, args []string, attributes map[string]bool, flagArgs flags := flag.NewFlagSet("", flag.ContinueOnError) flags.String("start-period", "", "") + flags.String("start-interval", "", "") flags.String("interval", "", "") flags.String("timeout", "", "") flRetries := flags.String("retries", "", "") @@ -642,6 +644,12 @@ func healthcheck(b *Builder, args []string, attributes map[string]bool, flagArgs } healthcheck.Interval = interval + startInterval, err := parseOptInterval(flags.Lookup("start-interval")) + if err != nil { + return err + } + healthcheck.StartInterval = startInterval + timeout, err := parseOptInterval(flags.Lookup("timeout")) if err != nil { return err diff --git a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec index b475166a0c..7819bdc8ba 100644 --- a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec +++ b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec @@ -12,7 +12,7 @@ # %global golang_version 1.19 -%{!?version: %global version 1.2.7} +%{!?version: %global version 1.2.9} %{!?release: %global release 1} %global package_name imagebuilder %global product_name Container Image Builder diff --git a/vendor/modules.txt b/vendor/modules.txt index e2c6fdf922..0571df8739 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -141,7 +141,7 @@ github.com/containernetworking/cni/pkg/version # github.com/containernetworking/plugins v1.5.0 ## explicit; go 1.20 github.com/containernetworking/plugins/pkg/ns -# github.com/containers/buildah v1.35.1-0.20240510150258-77f239ae12e5 +# github.com/containers/buildah v1.36.0 ## explicit; go 1.21 github.com/containers/buildah github.com/containers/buildah/bind @@ -171,7 +171,7 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.58.1-0.20240523020001-79d954c77663 +# github.com/containers/common v0.59.0 ## explicit; go 1.21 github.com/containers/common/internal github.com/containers/common/internal/attributedstring @@ -325,7 +325,7 @@ github.com/containers/libhvee/pkg/wmiext # github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 ## explicit github.com/containers/libtrust -# github.com/containers/luksy v0.0.0-20240408185936-afd8e7619947 +# github.com/containers/luksy v0.0.0-20240506205542-84b50f50f3ee ## explicit; go 1.20 github.com/containers/luksy # github.com/containers/ocicrypt v1.1.10 @@ -529,8 +529,8 @@ github.com/felixge/httpsnoop # github.com/fsnotify/fsnotify v1.7.0 ## explicit; go 1.17 github.com/fsnotify/fsnotify -# github.com/fsouza/go-dockerclient v1.10.1 -## explicit; go 1.20 +# github.com/fsouza/go-dockerclient v1.11.0 +## explicit; go 1.21 github.com/fsouza/go-dockerclient # github.com/gabriel-vasile/mimetype v1.4.3 ## explicit; go 1.20 @@ -911,7 +911,7 @@ github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalk github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/imagebuilder v1.2.7 +# github.com/openshift/imagebuilder v1.2.9 ## explicit; go 1.19 github.com/openshift/imagebuilder github.com/openshift/imagebuilder/dockerfile/command