Move the conformance tests from ginkgo to using the default testing
package and github.com/stretchr/testify/require, preserving the existing
tests and adding more.
Add conformance tests to our Cirrus configuration, currently marked as
an allowed failure.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
2397: Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0-rc9 to 1.0.0-rc90.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/opencontainers/runc/releases">github.com/opencontainers/runc's releases</a>.</em></p>
<blockquote>
<h2>runc 1.0-rc90 -- "We Have To Go Back!"</h2>
<p>This release is <em>identical</em> to v1.0.0-rc10 (and thus the version string in
the binary will be v1.0.0-rc10).</p>
<p>The purpose of this release is to resolve an issue with our versioning
scheme (in particular, the format we've used under SemVer means that the
"-rcNN" string suffix is sorted lexicographically rather than in the
classic <code>sort -V</code> order).</p>
<p>Because we cannot do a post-1.0 release yet, this is a workaround to
make sure that systems such as Go modules correctly update to the latest
runc release. See <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2399">#2399</a> for more details.</p>
<p>The next release (which would've originally been called -rc11) will be
1.0.0-rc91. I'm sorry.</p>
<p>Signed-off-by: Aleksa Sarai <a href="mailto:asarai@suse.de">asarai@suse.de</a></p>
<h2>runc 1.0-rc10 -- "Procfs Strikes Back"</h2>
<p>This is a hot-fix for v1.0.0~rc9, primarily fixing CVE-2019-19921. Given
that the <a href="https://github-redirect.dependabot.com/opencontainers/runtime-spec/pull/1008">relevant runtime-spec PR which was considered a blocker has
been merged</a> the next rc release of runc should be the last one before
1.0.0.</p>
<p>Other notable changes include:</p>
<ul>
<li>Fixing an exec-fifo race that could be triggered under Kubernetes (opencontainers/runc#2185).</li>
<li>Partial cgroupv2 support (opencontainers/runc#2209 for remaining issues).</li>
</ul>
<p>Thanks to the following people who made this release possible:</p>
<ul>
<li>Akihiro Suda <a href="mailto:akihiro.suda.cz@hco.ntt.co.jp">akihiro.suda.cz@hco.ntt.co.jp</a></li>
<li>Aleksa Sarai <a href="mailto:asarai@suse.de">asarai@suse.de</a></li>
<li>James Peach <a href="mailto:jpeach@apache.org">jpeach@apache.org</a></li>
<li>Jordan Liggitt <a href="mailto:liggitt@google.com">liggitt@google.com</a></li>
<li>Julia Nedialkova <a href="mailto:julianedialkova@hotmail.com">julianedialkova@hotmail.com</a></li>
<li>Julio Montes <a href="mailto:julio.montes@intel.com">julio.montes@intel.com</a></li>
<li>Kevin Kelani <a href="mailto:kkelani@gmail.com">kkelani@gmail.com</a></li>
<li>Kurnia D Win <a href="mailto:kurnia.d.win@gmail.com">kurnia.d.win@gmail.com</a></li>
<li>Manuel Rüger <a href="mailto:manuel@rueg.eu">manuel@rueg.eu</a></li>
<li>Michael Crosby <a href="mailto:crosbymichael@gmail.com">crosbymichael@gmail.com</a></li>
<li>Mrunal Patel <a href="mailto:mrunal@me.com">mrunal@me.com</a></li>
<li>Qiang Huang <a href="mailto:h.huangqiang@huawei.com">h.huangqiang@huawei.com</a></li>
<li>Radostin Stoyanov <a href="mailto:rstoyanov1@gmail.com">rstoyanov1@gmail.com</a></li>
<li>Sascha Grunert <a href="mailto:sgrunert@suse.com">sgrunert@suse.com</a></li>
<li>tianye15 <a href="mailto:tianye15@yq01-ps-www007cc6e83.yq01.baidu.com">tianye15@yq01-ps-www007cc6e83.yq01.baidu.com</a></li>
</ul>
<p>Vote: <code>+4 -0 [#1](https://github.com/opencontainers/runc/issues/1)</code>
Signed-off-by: Aleksa Sarai <a href="mailto:asarai@suse.de">asarai@suse.de</a></p>
</tr></table> ... (truncated)
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="dc9208a330"><code>dc9208a</code></a> VERSION: update to 1.0.0~rc10</li>
<li><a href="2fc03cc11c"><code>2fc03cc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2207">#2207</a> from cyphar/fix-double-volume-attack</li>
<li><a href="3291d66b98"><code>3291d66</code></a> rootfs: do not permit /proc mounts to non-directories</li>
<li><a href="f6fb7a0338"><code>f6fb7a0</code></a> merge branch 'pr-2133'</li>
<li><a href="709377ca55"><code>709377c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2198">#2198</a> from AkihiroSuda/criu-master</li>
<li><a href="55f8c254be"><code>55f8c25</code></a> temporarily disable CRIU tests</li>
<li><a href="5c20ea1472"><code>5c20ea1</code></a> fix merging <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2177">#2177</a> and <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2169">#2169</a></li>
<li><a href="5cc0deaf7a"><code>5cc0dea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2169">#2169</a> from AkihiroSuda/split-fs</li>
<li><a href="2b52db7527"><code>2b52db7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2177">#2177</a> from devimc/topic/libcontainer/kata-containers</li>
<li><a href="a88592a634"><code>a88592a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2185">#2185</a> from liggitt/exec-race</li>
<li>Additional commits viewable in <a href="https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc90">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/opencontainers/runc&package-manager=go_modules&previous-version=1.0.0-rc9&new-version=1.0.0-rc90)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2398: Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/seccomp/containers-golang](https://github.com/seccomp/containers-golang) from 0.4.1 to 0.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/seccomp/containers-golang/releases">github.com/seccomp/containers-golang's releases</a>.</em></p>
<blockquote>
<h2>v0.5.0</h2>
<pre><code>policy: ignore socket(AF_NETLINK, .*, NETLINK_AUDIT)
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c830928ef1"><code>c830928</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/seccomp/containers-golang/issues/27">#27</a> from giuseppe/block-audit-socket</li>
<li><a href="f318ea962a"><code>f318ea9</code></a> policy: ignore socket(AF_NETLINK, .*, NETLINK_AUDIT)</li>
<li>See full diff in <a href="https://github.com/seccomp/containers-golang/compare/v0.4.1...v0.5.0">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/seccomp/containers-golang&package-manager=go_modules&previous-version=0.4.1&new-version=0.5.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
2399: Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.0 to 1.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/stretchr/testify/releases">github.com/stretchr/testify's releases</a>.</em></p>
<blockquote>
<h2>Fixes breaking change with HTTPBodyContains</h2>
<p>A breaking change was accidentally released in v1.6.0 which breaks the API for the <code>HTTPBodyContains</code> and <code>HTTPBodyNotContains</code>, this release reverts that change.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f654a9112b"><code>f654a91</code></a> Update Go versions in Travis</li>
<li><a href="3184a9e141"><code>3184a9e</code></a> This reverts commit 0a813b5898c0ee8d00b4f13fae21ea5df8b35e74.</li>
<li><a href="e2b269ecc5"><code>e2b269e</code></a> This reverts commit 2adb7b54b75da2c74e9342ed115957fe0b07e0b4.</li>
<li><a href="6353e56395"><code>6353e56</code></a> This reverts commit 9d083cac4a26c76f8d92dff41d459f3f2fc0b911.</li>
<li><a href="656132404a"><code>6561324</code></a> This reverts commit 484fff1ace1f0acb84676a548b53477685c16414.</li>
<li><a href="46420cf544"><code>46420cf</code></a> This reverts commit 1a43b8334acb9df58064b765cd16675cc7c2c8b3.</li>
<li><a href="303198d014"><code>303198d</code></a> Revert "allow body for HTTPBodyContains and HTTPBodyNotContains for</li>
<li><a href="e7cc868148"><code>e7cc868</code></a> Update TravisCI config</li>
<li>See full diff in <a href="https://github.com/stretchr/testify/compare/v1.6.0...v1.6.1">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/stretchr/testify&package-manager=go_modules&previous-version=1.6.0&new-version=1.6.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2385: Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/stretchr/testify/releases">github.com/stretchr/testify's releases</a>.</em></p>
<blockquote>
<h2>v1.6.0</h2>
<p>Latest release of testify. This includes many fixes and enhancements. Please view the <a href="https://github.com/stretchr/testify/milestone/3?closed=1">v1.6.0 milestone</a> for a list of changes.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="004e3cb722"><code>004e3cb</code></a> commit generated files</li>
<li><a href="ac1463f956"><code>ac1463f</code></a> Implement NotEqualValues</li>
<li><a href="e72b029e2a"><code>e72b029</code></a> new regex</li>
<li><a href="d4e7ca1687"><code>d4e7ca1</code></a> address comments</li>
<li><a href="8329c5daa7"><code>8329c5d</code></a> add test</li>
<li><a href="3ec00f620a"><code>3ec00f6</code></a> assertion_compare: fix format string for numbers</li>
<li><a href="15aff29f35"><code>15aff29</code></a> docs: update Comparison function comment</li>
<li><a href="d76ac5e41f"><code>d76ac5e</code></a> Fix comment</li>
<li><a href="1bbde5e52a"><code>1bbde5e</code></a> Change Require to Error</li>
<li><a href="f96052c82a"><code>f96052c</code></a> Remove 1.8 and 1.9 tests. Updated failfast test</li>
<li>Additional commits viewable in <a href="https://github.com/stretchr/testify/compare/v1.5.1...v1.6.0">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/stretchr/testify&package-manager=go_modules&previous-version=1.5.1&new-version=1.6.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
2386: Bump github.com/onsi/ginkgo from 1.12.2 to 1.12.3 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo) from 1.12.2 to 1.12.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/onsi/ginkgo/releases">github.com/onsi/ginkgo's releases</a>.</em></p>
<blockquote>
<h2>v1.12.3</h2>
<h3>Fixes</h3>
<ul>
<li>Print correct code location of failing table test (<a href="https://github-redirect.dependabot.com/onsi/ginkgo/issues/666">#666</a>) [c6d7afb]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md">github.com/onsi/ginkgo's changelog</a>.</em></p>
<blockquote>
<h2>1.12.3</h2>
<h3>Fixes</h3>
<ul>
<li>Print correct code location of failing table test (<a href="https://github-redirect.dependabot.com/onsi/ginkgo/issues/666">#666</a>) [c6d7afb]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9bef594084"><code>9bef594</code></a> v1.12.3</li>
<li><a href="9304a8cd49"><code>9304a8c</code></a> doc(readme): add link to Slack channel (<a href="https://github-redirect.dependabot.com/onsi/ginkgo/issues/679">#679</a>)</li>
<li><a href="7823445b89"><code>7823445</code></a> doc(readme): add "TLDR" to explain core purpose quickly (<a href="https://github-redirect.dependabot.com/onsi/ginkgo/issues/678">#678</a>)</li>
<li><a href="c6d7afb527"><code>c6d7afb</code></a> Print correct code location of failing table test (<a href="https://github-redirect.dependabot.com/onsi/ginkgo/issues/666">#666</a>)</li>
<li>See full diff in <a href="https://github.com/onsi/ginkgo/compare/v1.12.2...v1.12.3">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/onsi/ginkgo&package-manager=go_modules&previous-version=1.12.2&new-version=1.12.3)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2373: Bump imagebuilder for ARG fix r=giuseppe a=TomSweeneyRedHat
Bump imagebuilder to the latest upstream to get the ARG fix from
https://github.com/openshift/imagebuilder/pull/159
Also touched up the install.md with vendoring from a commitId so
I won't have to run all around looking for it next time.
Fixes: https://github.com/containers/buildah/issues/2192
and probably https://github.com/containers/buildah/issues/2345
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
<!--
Thanks for sending a pull request!
Please make sure you've read and understood our contributing guidelines
(https://github.com/containers/buildah/blob/master/CONTRIBUTING.md) as well as ensuring
that all your commits are signed with `git commit -s`.
-->
#### What type of PR is this?
<!--
Please label this pull request according to what type of issue you are
addressing, especially if this is a release targeted pull request.
Uncomment only one `/kind <>` line, hit enter to put that in a new line, and
remove leading whitespace from that line:
-->
> /kind api-change
> /kind bug
> /kind cleanup
> /kind deprecation
> /kind design
> /kind documentation
> /kind failing-test
> /kind feature
> /kind flake
> /kind other
#### What this PR does / why we need it:
#### How to verify it
#### Which issue(s) this PR fixes:
<!--
Automatically closes linked issue when PR is merged.
Uncomment the following comment block and include the issue
number or None on one line.
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`, or `None`.
-->
<!--
Fixes #
or
None
-->
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
<!--
If no, just write `None` in the release-note block below. If yes, a release note
is required: Enter your extended release note in the block below. If the PR
requires additional action from users switching to the new release, include the
string "action required".
For more information on release notes please follow the kubernetes model:
https://git.k8s.io/community/contributors/guide/release-notes.md
-->
```release-note
```
Co-authored-by: TomSweeneyRedHat <tsweeney@redhat.com>
Release notes
Commits
Dependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
use of github.com/openshift/api/config/v1 is costly in size, something around 10MB. removal of this dependancy and using a locally defined struct took the buildah executable size from around 38MB to around 27MB. This also hits libpod and allows it also shed that size as well.
Signed-off-by: Brent Baude <bbaude@redhat.com>
2271: Implement encrypted push and pull/bud/from using encrypted images r=rhatdan a=lumjjb
<!--
Thanks for sending a pull request!
Please make sure you've read and understood our contributing guidelines
(https://github.com/containers/buildah/blob/master/CONTRIBUTING.md) as well as ensuring
that all your commits are signed with `git commit -s`.
-->
#### What type of PR is this?
<!--
Please label this pull request according to what type of issue you are
addressing, especially if this is a release targeted pull request.
Uncomment only one `/kind <>` line, hit enter to put that in a new line, and
remove leading whitespace from that line:
-->
/kind feature
#### What this PR does / why we need it:
This PR introduces the ability to encrypt an OCI container image when pushing, and also allows the use of encrypted OCI container images when building a Dockerfile or pulling an encrypted image from the registry.
This is the initial implementation idea. There are a few more things that I am working on right now before taking out of DRAFT, but would like some feedback on the general idea.
TODO in progress by me:
- Remove ufave/cli and some additional imports which are not necessary from upstream ocicrypt lirbary
- Add tests
#### How to verify it
```
# Create keypair
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ openssl genrsa -out mykey.pem 1024
Generating RSA private key, 1024 bit long modulus (2 primes)
...........+++++
.......+++++
e is 65537 (0x010001)
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ openssl rsa -in mykey.pem -pubout > mykey.pub
writing RSA key
# Encrypt an image to local registry
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah images
REPOSITORY TAG IMAGE ID CREATED SIZE
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah pull docker://docker.io/library/nginx:latest
Getting image source signatures
Copying blob ffadbd415ab7 done
Copying blob c499e6d256d6 done
Copying blob 74cda408e262 done
Copying config ed21b7a8ae done
Writing manifest to image destination
Storing signatures
ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f91d02361eae registry:2.7.1 "/entrypoint.sh /etc…" 4 months ago Up 2 days 0.0.0.0:5000->5000/tcp registry
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah push --tls-verify=false --encryption-key jwe:./mykey.pub docker.io/library/nginx:latest docker://localhost:5000/test_enc_img
Getting image source signatures
Copying blob d37eecb5b769 done
Copying blob 99134ec7f247 done
Copying blob c3a984abe8a8 done
Copying config 3f9bb7a003 done
Writing manifest to image destination
Storing signatures
# Try pulling encrypted image without key
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah pull --tls-verify=false docker://localhost:5000/test_enc_img
Getting image source signatures
Getting image source signatures
Getting image source signatures
Getting image source signatures
while pulling "docker://localhost:5000/test_enc_img" as "localhost:5000/test_enc_img": Error decrypting layer sha256:ae69626ca4b44e82dce805f5f7be5272c5651bd75e19aa38ec2f5ef78986f3ff: missing private key needed for decryption
ERRO exit status 1
# Try pulling encrypted image with key
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah pull --tls-verify=false --decryption-key ./mykey.pem docker://localhost:5000/test_enc_img
Getting image source signatures
Copying blob ae69626ca4b4 done
Copying blob de5dd0ed1059 done
Copying blob 4071791f0baf done
Copying config 3f9bb7a003 done
Writing manifest to image destination
Storing signatures
3f9bb7a003b412bc186a8437e2d2246f42a6bb7488458585948e50be00a9037d
# Cleanup
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah rmi --all -f
ed21b7a8aee9cc677df6d7f38a641fa0e3c05f65592c592c9f28c42b3dd89291
3f9bb7a003b412bc186a8437e2d2246f42a6bb7488458585948e50be00a9037d
# Create dockerfile that uses encrypted image
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ vi enc_dockerfile/Dockerfile
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ cat enc_dockerfile/Dockerfile
FROM localhost:5000/test_enc_img
# buildah bud without key
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah bud --tls-verify=false ./enc_dockerfile/
STEP 1: FROM localhost:5000/test_enc_img
Getting image source signatures
Getting image source signatures
Getting image source signatures
Getting image source signatures
error creating build container: Error decrypting layer sha256:ae69626ca4b44e82dce805f5f7be5272c5651bd75e19aa38ec2f5ef78986f3ff: missing private key needed for decryption
ERRO exit status 1
# buildah bud with key
vagrant@ubuntu-bionic:~/go/src/github.com/containers/buildah$ ./buildah bud --tls-verify=false --decryption-key ./mykey.pem ./enc_dockerfile/
STEP 1: FROM localhost:5000/test_enc_img
Getting image source signatures
Copying blob ae69626ca4b4 done
Copying blob 4071791f0baf done
Copying blob de5dd0ed1059 done
Copying config 3f9bb7a003 done
Writing manifest to image destination
Storing signatures
STEP 2: COMMIT
--> 3f9bb7a003b
3f9bb7a003b412bc186a8437e2d2246f42a6bb7488458585948e50be00a9037d
```
#### Which issue(s) this PR fixes:
<!--
Automatically closes linked issue when PR is merged.
Uncomment the following comment block and include the issue
number or None on one line.
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`, or `None`.
-->
None
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
Yes
- it provides a new flag for `buildah push` with `--encryption-key`
- it provides a new flag for `buildah pull` with `--decryption-key`
- it provides a new flag for `buildah bud` with `--decryption-key`
<!--
If no, just write `None` in the release-note block below. If yes, a release note
is required: Enter your extended release note in the block below. If the PR
requires additional action from users switching to the new release, include the
string "action required".
For more information on release notes please follow the kubernetes model:
https://git.k8s.io/community/contributors/guide/release-notes.md
-->
```release-note
```
Co-authored-by: Brandon Lum <lumjjb@gmail.com>
2363: Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/opencontainers/go-digest](https://github.com/opencontainers/go-digest) from 1.0.0-rc1 to 1.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/opencontainers/go-digest/releases">github.com/opencontainers/go-digest's releases</a>.</em></p>
<blockquote>
<h2>go-digest 1.0.0</h2>
<p>Welcome to the v1.0.0 release of go-digest!</p>
<p>This is the first official release of the go-digest package. This package
provides a simple toolkit for working with the digests used in the open
containers ecosystem.</p>
<p>This includes support for <code>sha256</code>, <code>sha384</code>, and <code>sha512</code> algorithms, with
<code>sha256</code> being the most common and preferred for greatest compatibility across
the ecosystem. Encoding ambiguity has been removed by only supporting lower
case hex-encoded characters in the format for this release.</p>
<p>The <code>digestset</code> package is provided to securely and unambiguously use
shortened forms of the digest in environments where there is a full set
of known digests.</p>
<p>Please try out the release binaries and report any issues at
<a href="https://github.com/opencontainers/go-digest/issues">https://github.com/opencontainers/go-digest/issues</a>.</p>
<h3>Contributors</h3>
<ul>
<li>Stephen J Day</li>
<li>Derek McGowan</li>
<li>Vincent Batts</li>
<li>W. Trevor King</li>
<li>Chris Aniszczyk</li>
<li>Aaron Lehmann</li>
<li>Jonathan Boulle</li>
<li>xiekeyang</li>
<li>Akihiro Suda</li>
<li>Josh Hawn</li>
<li>Sebastiaan van Stijn</li>
<li>Tonis Tiigi</li>
<li>Akihiro Suda</li>
<li>Andy Goldstein</li>
<li>Brandon Philips</li>
<li>David Lawrence</li>
<li>Haibing Zhou</li>
<li>Harald Nordgren</li>
<li>Ian Campbell</li>
<li>Olivier Gambier</li>
<li>Vanessa Sochat</li>
<li>bin liu</li>
</ul>
<h3>Changes</h3>
<ul>
<li><a href="ea51bea511"><code>ea51bea5</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/go-digest/pull/56">#56</a> from dmcgowan/release-1.0</li>
<li><a href="43cccb7fb8"><code>43cccb7f</code></a> Add release notes for v1.0.0</li>
<li><a href="28d3ccc31a"><code>28d3ccc3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/go-digest/pull/55">#55</a> from dmcgowan/add-digestset</li>
<li><a href="641993bf8f"><code>641993bf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/go-digest/pull/54">#54</a> from vbatts/maintainers</li>
</ul>
</tr></table> ... (truncated)
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="ea51bea511"><code>ea51bea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/go-digest/issues/56">#56</a> from dmcgowan/release-1.0</li>
<li><a href="43cccb7fb8"><code>43cccb7</code></a> Add release notes for v1.0.0</li>
<li><a href="28d3ccc31a"><code>28d3ccc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/go-digest/issues/55">#55</a> from dmcgowan/add-digestset</li>
<li><a href="641993bf8f"><code>641993b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/go-digest/issues/54">#54</a> from vbatts/maintainers</li>
<li><a href="17eb78b6c7"><code>17eb78b</code></a> Add copyright to digestset files</li>
<li><a href="132fb4765b"><code>132fb47</code></a> Enable static checks</li>
<li><a href="ecd7b3c77d"><code>ecd7b3c</code></a> digestset: refine some words on unit test</li>
<li><a href="5dd3cbe30c"><code>5dd3cbe</code></a> digest: migrate to opencontainers/go-digest</li>
<li><a href="e0bfa0f7aa"><code>e0bfa0f</code></a> digest: remove stuttering ParseDigest function</li>
<li><a href="1cbb645d46"><code>1cbb645</code></a> Typo fixes in comments</li>
<li>Additional commits viewable in <a href="https://github.com/opencontainers/go-digest/compare/v1.0.0-rc1...v1.0.0">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/opencontainers/go-digest&package-manager=go_modules&previous-version=1.0.0-rc1&new-version=1.0.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
2366: fix resolve docker image name as transport r=rhatdan a=QiWang19
fix#2205 Validate the supported transports to fix the corner case. Do not use docker as transport if `docker:` is Docker Official Image
Signed-off-by: Qi Wang <qiwan@redhat.com>
<!--
Thanks for sending a pull request!
Please make sure you've read and understood our contributing guidelines
(https://github.com/containers/buildah/blob/master/CONTRIBUTING.md) as well as ensuring
that all your commits are signed with `git commit -s`.
-->
#### What type of PR is this?
<!--
Please label this pull request according to what type of issue you are
addressing, especially if this is a release targeted pull request.
Uncomment only one `/kind <>` line, hit enter to put that in a new line, and
remove leading whitespace from that line:
-->
/kind bug
#### What this PR does / why we need it:
#### How to verify it
`$ buildah from docker:stable`
#### Which issue(s) this PR fixes:
#2205
<!--
Automatically closes linked issue when PR is merged.
Uncomment the following comment block and include the issue
number or None on one line.
Usage: `Fixes #<issue number>`, or `Fixes (paste link of issue)`, or `None`.
-->
<!--
Fixes #
or
None
-->
#### Special notes for your reviewer:
#### Does this PR introduce a user-facing change?
No
<!--
If no, just write `None` in the release-note block below. If yes, a release note
is required: Enter your extended release note in the block below. If the PR
requires additional action from users switching to the new release, include the
string "action required".
For more information on release notes please follow the kubernetes model:
https://git.k8s.io/community/contributors/guide/release-notes.md
-->
```release-note
```
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Qi Wang <qiwan@redhat.com>
2341: Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.5.0 to 1.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/sirupsen/logrus/releases">github.com/sirupsen/logrus's releases</a>.</em></p>
<blockquote>
<p>Release v1.6.0</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md">github.com/sirupsen/logrus's changelog</a>.</em></p>
<blockquote>
<h1>1.6.0</h1>
<p>Fixes:</p>
<ul>
<li>end of line cleanup</li>
<li>revert the entry concurrency bug fix whic leads to deadlock under some circumstances</li>
<li>update dependency on go-windows-terminal-sequences to fix a crash with go 1.14</li>
</ul>
<p>Features:</p>
<ul>
<li>add an option to the <code>TextFormatter</code> to completely disable fields quoting</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="60c74ad9be"><code>60c74ad</code></a> update CHANGELOG.md with 1.5.0 and 1.6.0 version contents</li>
<li><a href="e8e563a823"><code>e8e563a</code></a> Merge remote-tracking branch 'origin/master' into thlacroix-disable-quotes</li>
<li><a href="0fd458a22e"><code>0fd458a</code></a> complete documetation on TextFormatter.DisableQuote</li>
<li><a href="4d96c600d9"><code>4d96c60</code></a> Merge branch 'disable-quotes' of <a href="https://github.com/thlacroix/logrus">https://github.com/thlacroix/logrus</a> into thl...</li>
<li><a href="a5b02471f8"><code>a5b0247</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sirupsen/logrus/issues/1136">#1136</a> from ialidzhikov/nit/line-endings</li>
<li><a href="163c051d4a"><code>163c051</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/sirupsen/logrus/issues/1137">#1137</a> from sirupsen/fix_crash_windows</li>
<li><a href="e79215d3d5"><code>e79215d</code></a> update github.com/konsorten/go-windows-terminal-sequences dependency to v1.0.3</li>
<li><a href="4989a3fd5d"><code>4989a3f</code></a> Change CRLF line endings to LF</li>
<li><a href="aff00feb0a"><code>aff00fe</code></a> Adds additional test cases for DisableQuote</li>
<li><a href="c7455de10a"><code>c7455de</code></a> Adds flag to disable quotes in TextFormatter</li>
<li>Additional commits viewable in <a href="https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/sirupsen/logrus&package-manager=go_modules&previous-version=1.5.0&new-version=1.6.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2330: Bump github.com/containers/common from 0.9.1 to 0.9.5 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.9.1 to 0.9.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/containers/common/releases">github.com/containers/common's releases</a>.</em></p>
<blockquote>
<h2>v0.9.4</h2>
<p>Previous version tags did not work.</p>
<h2>v0.9.3</h2>
<p>Fix default for UserNS to be host not private.</p>
<h2>v0.9.2</h2>
<p>Fix default event_logger setting to "file" if pulled from libpod.conf</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="e4654560b6"><code>e465456</code></a> Bump to v0.9.5</li>
<li><a href="92f1370ff8"><code>92f1370</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/127">#127</a> from giuseppe/fix-cgroup-default</li>
<li><a href="b2a6813160"><code>b2a6813</code></a> config: default to cgroupns="host" on cgroup v1</li>
<li><a href="f98c2ebefb"><code>f98c2eb</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/125">#125</a> from rhatdan/master</li>
<li><a href="47c1d9c5d3"><code>47c1d9c</code></a> Move to v0.9.4-dev</li>
<li><a href="a76ab0b721"><code>a76ab0b</code></a> Bump to v0.9.4</li>
<li><a href="c1c68cd82a"><code>c1c68cd</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/124">#124</a> from rhatdan/version</li>
<li><a href="1a5689fd26"><code>1a5689f</code></a> Move to v0.9.4-dev</li>
<li><a href="0ec35cacd7"><code>0ec35ca</code></a> Bump to v0.9.3</li>
<li><a href="0e0a18d475"><code>0e0a18d</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/122">#122</a> from giuseppe/default-no-userns</li>
<li>Additional commits viewable in <a href="https://github.com/containers/common/compare/v0.9.1...v0.9.5">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/containers/common&package-manager=go_modules&previous-version=0.9.1&new-version=0.9.5)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
2331: Bump github.com/fsouza/go-dockerclient from 1.6.4 to 1.6.5 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/fsouza/go-dockerclient](https://github.com/fsouza/go-dockerclient) from 1.6.4 to 1.6.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/fsouza/go-dockerclient/releases">github.com/fsouza/go-dockerclient's releases</a>.</em></p>
<blockquote>
<h2>Version compatible with Docker 1.9 and Go 1.4</h2>
<p>This has a special tag name to make it clear that it was the latest version compatible with Docker 1.9 and Go 1.4.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="9abb9ed850"><code>9abb9ed</code></a> Fix JSON property name for HostMount.TempfsOptions. (<a href="https://github-redirect.dependabot.com/fsouza/go-dockerclient/issues/829">#829</a>)</li>
<li><a href="a8121b9051"><code>a8121b9</code></a> golangci: disable godot, nestif and testpackage</li>
<li>See full diff in <a href="https://github.com/fsouza/go-dockerclient/compare/v1.6.4...v1.6.5">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/fsouza/go-dockerclient&package-manager=go_modules&previous-version=1.6.4&new-version=1.6.5)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2281: Bump github.com/containers/common from 0.7.0 to 0.8.1 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.7.0 to 0.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/containers/common/releases">github.com/containers/common's releases</a>.</em></p>
<blockquote>
<h2>v0.8.1</h2>
<p>Downgrade logrus.</p>
<h2>v0.8.0</h2>
<pre><code>Add more utils for returning defaults
Only default to systemd if built with the systemd buildtag
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="cc5cb38ee7"><code>cc5cb38</code></a> Bump version to 0.8.1</li>
<li><a href="6ceb6dee30"><code>6ceb6de</code></a> Downgrade siruspen/logrus to 1.14.2</li>
<li><a href="5ca381897a"><code>5ca3818</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/105">#105</a> from rhatdan/version</li>
<li><a href="73e0468569"><code>73e0468</code></a> Move to v0.8.1-dev</li>
<li><a href="27faee810f"><code>27faee8</code></a> Bump to v0.8.0</li>
<li><a href="498fac0880"><code>498fac0</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/100">#100</a> from rhatdan/sysctl</li>
<li><a href="b5e3dc6fae"><code>b5e3dc6</code></a> Add more utils for returning defaults</li>
<li><a href="97357d3e30"><code>97357d3</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/104">#104</a> from containers/dependabot/go_modules/github.com/cont...</li>
<li><a href="9776e300f6"><code>9776e30</code></a> Bump github.com/containers/storage from 1.18.0 to 1.18.1</li>
<li><a href="bc9847e5b3"><code>bc9847e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/common/issues/103">#103</a> from rhatdan/systemd</li>
<li>Additional commits viewable in <a href="https://github.com/containers/common/compare/v0.7.0...v0.8.1">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/containers/common&package-manager=go_modules&previous-version=0.7.0&new-version=0.8.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
The upgrade of logrus forces to update the dependency in go module
consumers as well.
The new locking in logrus 1.5.0 introduces regressions in conjunction to
deadlocks when using custom hooks, which is the case in CRI-O for
example.
Having it point to v1.5.0 here is forcing cri-o to upgrade it as well
when we update c/buildah to v1.14.6.
Let's downgrade logrus till sirupsen/logrus#1122
is fixed.
Signed-off-by: Urvashi Mohnani <umohnani@redhat.com>
2259: Bump github.com/containers/storage from 1.16.5 to 1.17.0 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.16.5 to 1.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/containers/storage/releases">github.com/containers/storage's releases</a>.</em></p>
<blockquote>
<h2>v1.17.0</h2>
<pre><code>userns: add support for auto
layers: copy UIDs and GIDs
store: change the default user to containers
</code></pre>
<h2>v1.16.6</h2>
<pre><code>store: memoize ReloadConfigurationFile
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="171ec9b6a7"><code>171ec9b</code></a> Bump to v1.17.0</li>
<li><a href="23c3429fa6"><code>23c3429</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/storage/issues/571">#571</a> from giuseppe/auto-userns</li>
<li><a href="2cff5ddf93"><code>2cff5dd</code></a> userns: add support for auto</li>
<li><a href="4642bac728"><code>4642bac</code></a> layers: copy UIDs and GIDs</li>
<li><a href="3cd5065405"><code>3cd5065</code></a> store: change the default user to containers</li>
<li><a href="f465e40a83"><code>f465e40</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/storage/issues/574">#574</a> from rhatdan/version</li>
<li><a href="32b9f78999"><code>32b9f78</code></a> Move to v1.16.7-dev</li>
<li><a href="dffb2b88b4"><code>dffb2b8</code></a> Bump to v1.16.6</li>
<li><a href="a1ee6f7bf6"><code>a1ee6f7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/storage/issues/573">#573</a> from containers/dependabot/go_modules/github.com/siru...</li>
<li><a href="d9f9ee168a"><code>d9f9ee1</code></a> Merge branch 'master' of github.com:containers/storage into dependabot/go_mod...</li>
<li>Additional commits viewable in <a href="https://github.com/containers/storage/compare/v1.16.5...v1.17.0">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/containers/storage&package-manager=go_modules&previous-version=1.16.5&new-version=1.17.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
2260: Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.6 to 0.0.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spf13/cobra/releases">github.com/spf13/cobra's releases</a>.</em></p>
<blockquote>
<h2>v0.0.7</h2>
<p>Bug fix to restore previous exit behavior when a command is not runnable.</p>
<p>Issue Ref: <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1056">#1056</a>
Bug Introduced: <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/922">#922</a>
Affected Releases: 0.0.6</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="6607e6b860"><code>6607e6b</code></a> Partial Revert of <a href="https://github-redirect.dependabot.com/spf13/cobra/issues/922">#922</a> (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1068">#1068</a>)</li>
<li><a href="95f2f73ed9"><code>95f2f73</code></a> Add short version flag -v when not otherwise set (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/996">#996</a>)</li>
<li><a href="39cf99f556"><code>39cf99f</code></a> leverage makefile to run build tasks (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/976">#976</a>)</li>
<li><a href="3c2624538b"><code>3c26245</code></a> Correct documentation for InOrStdin (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/929">#929</a>)</li>
<li>See full diff in <a href="https://github.com/spf13/cobra/compare/v0.0.6...0.0.7">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/spf13/cobra&package-manager=go_modules&previous-version=0.0.6&new-version=0.0.7)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: Daniel J Walsh <dwalsh@redhat.com>
2226: Bump github.com/containers/storage from 1.16.2 to 1.16.4 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.16.2 to 1.16.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/containers/storage/releases">github.com/containers/storage's releases</a>.</em></p>
<blockquote>
<h2>v1.16.3</h2>
<pre><code>drivers/platformLChown: rm os.Lstat call
drivers/platformLChown: return early
drivers/chown: use pwalk.Walk
vendor: bump selinux to 1.4.0
pkg/system: return nil explicitly
pkg/mount.RecursiveUnmount(): don't call Mounted()
pkg/system.EnsureRemoveAll: don't call Mounted
devmapper: no need to wrap Mount errors
pkg/mount: wrap mount/umount errors
pkg/mount: drop solaris and freebsd support
pkg/mount: mountinfo parser speed up
pkg/system/[l]stat_unix: wrap errors in PathErro
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="2998ec321b"><code>2998ec3</code></a> Bump to v1.16.3</li>
<li><a href="9e2666784a"><code>9e26667</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/storage/issues/557">#557</a> from kolyshkin/chown-use-pwalk</li>
<li><a href="be28a551a5"><code>be28a55</code></a> drivers/platformLChown: rm os.Lstat call</li>
<li><a href="1e8bf20d6b"><code>1e8bf20</code></a> drivers/platformLChown: return early</li>
<li><a href="e517250392"><code>e517250</code></a> drivers/chown: use pwalk.Walk</li>
<li><a href="a7a13d877e"><code>a7a13d8</code></a> vendor: bump selinux to 1.4.0</li>
<li><a href="3c8efa94aa"><code>3c8efa9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/storage/issues/554">#554</a> from kolyshkin/mount-2</li>
<li><a href="7401bbaa02"><code>7401bba</code></a> pkg/system: return nil explicitly</li>
<li><a href="5021d6a329"><code>5021d6a</code></a> pkg/mount.RecursiveUnmount(): don't call Mounted()</li>
<li><a href="f19d4755a0"><code>f19d475</code></a> pkg/system.EnsureRemoveAll: don't call Mounted</li>
<li>Additional commits viewable in <a href="https://github.com/containers/storage/compare/v1.16.2...v1.16.3">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/containers/storage&package-manager=go_modules&previous-version=1.16.2&new-version=1.16.3)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2185: Bump github.com/spf13/cobra from 0.0.5 to 0.0.6 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 0.0.5 to 0.0.6.
<details>
<summary>Commits</summary>
<ul>
<li><a href="0da0687426"><code>0da0687</code></a> Add support for context.Context</li>
<li><a href="21cab29ef9"><code>21cab29</code></a> fix: undefined er (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1039">#1039</a>)</li>
<li><a href="89c7ffb512"><code>89c7ffb</code></a> Bump year on golden files (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1010">#1010</a>)</li>
<li><a href="bf26895664"><code>bf26895</code></a> Fix regression when calling *_custom_func (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1001">#1001</a>)</li>
<li><a href="447f182a9d"><code>447f182</code></a> format tpl/main.go templates (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/980">#980</a>)</li>
<li><a href="0d9d2d46f3"><code>0d9d2d4</code></a> Revert change so help is printed on stdout again (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/1004">#1004</a>)</li>
<li><a href="b04b5bfc50"><code>b04b5bf</code></a> substitute wrong word in md_docs (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/998">#998</a>)</li>
<li><a href="77e4d5aecc"><code>77e4d5a</code></a> Update md2man to v2.0.0 (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/977">#977</a>)</li>
<li><a href="8a4b46fadf"><code>8a4b46f</code></a> update viper to v1.4.0 (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/953">#953</a>)</li>
<li><a href="c022f6fabd"><code>c022f6f</code></a> Update README.md (<a href="https://github-redirect.dependabot.com/spf13/cobra/issues/944">#944</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/spf13/cobra/compare/0.0.5...v0.0.6">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/spf13/cobra&package-manager=go_modules&previous-version=0.0.5&new-version=0.0.6)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2186: Bump github.com/fsouza/go-dockerclient from 1.6.1 to 1.6.3 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/fsouza/go-dockerclient](https://github.com/fsouza/go-dockerclient) from 1.6.1 to 1.6.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/fsouza/go-dockerclient/releases">github.com/fsouza/go-dockerclient's releases</a>.</em></p>
<blockquote>
<h2>Version compatible with Docker 1.9 and Go 1.4</h2>
<p>This has a special tag name to make it clear that it was the latest version compatible with Docker 1.9 and Go 1.4.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="97b4aba9b2"><code>97b4aba</code></a> Bump golang.org/x/crypto</li>
<li><a href="0f160ccc8f"><code>0f160cc</code></a> authors: add Nathan Pemberton</li>
<li><a href="4bfda89ff0"><code>4bfda89</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/fsouza/go-dockerclient/issues/822">#822</a> from serverlessresearch/addDeviceRequests</li>
<li><a href="b735941b97"><code>b735941</code></a> Add support for the DeviceRequests field of HostConfig</li>
<li><a href="b9dd991f57"><code>b9dd991</code></a> appveyor: go 1.12.17 & 1.13.8 [travis skip]</li>
<li><a href="903fc82c14"><code>903fc82</code></a> build(deps): bump github.com/gorilla/mux from 1.7.3 to 1.7.4</li>
<li><a href="47db3932f1"><code>47db393</code></a> travis-scripts/win-setup: latest make</li>
<li>See full diff in <a href="https://github.com/fsouza/go-dockerclient/compare/v1.6.1...v1.6.3">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/fsouza/go-dockerclient&package-manager=go_modules&previous-version=1.6.1&new-version=1.6.3)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2155: Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.2.0 to 5.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/containers/image/releases">github.com/containers/image/v5's releases</a>.</em></p>
<blockquote>
<h2>v5.2.1</h2>
<ul>
<li>Bump github.com/mtrmac/gpgme from 0.1.1 to 0.1.2</li>
<li>determineListConversion: check forced type</li>
<li>copyMultipleImages: re-serialize the list if we changed it</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1b183a9bd9"><code>1b183a9</code></a> v5.2.1</li>
<li><a href="e7af7efde5"><code>e7af7ef</code></a> Bump github.com/mtrmac/gpgme from 0.1.1 to 0.1.2</li>
<li><a href="0e9c228071"><code>0e9c228</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/containers/image/issues/809">#809</a> from nalind/list-conversion</li>
<li><a href="46d9b121c9"><code>46d9b12</code></a> determineListConversion: check forced type</li>
<li><a href="32644feb67"><code>32644fe</code></a> copyMultipleImages: re-serialize the list if we changed it</li>
<li><a href="b1ecee527d"><code>b1ecee5</code></a> bump to v5.2.1-dev</li>
<li>See full diff in <a href="https://github.com/containers/image/compare/v5.2.0...v5.2.1">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/containers/image/v5&package-manager=go_modules&previous-version=5.2.0&new-version=5.2.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: Daniel J Walsh <dwalsh@redhat.com>
2156: Bump github.com/fsouza/go-dockerclient from 1.6.0 to 1.6.1 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/fsouza/go-dockerclient](https://github.com/fsouza/go-dockerclient) from 1.6.0 to 1.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/fsouza/go-dockerclient/releases">github.com/fsouza/go-dockerclient's releases</a>.</em></p>
<blockquote>
<h2>Version compatible with Docker 1.9 and Go 1.4</h2>
<p>This has a special tag name to make it clear that it was the latest version compatible with Docker 1.9 and Go 1.4.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="1060e89e32"><code>1060e89</code></a> swarm_service_test: fix some staticcheck violations</li>
<li><a href="041a7fc041"><code>041a7fc</code></a> swarm_service: add Status to ListServicesOptions</li>
<li><a href="bf6d49ee5e"><code>bf6d49e</code></a> container: add NanoCPUs</li>
<li><a href="51262b1f10"><code>51262b1</code></a> go mod tidy</li>
<li><a href="be73cee628"><code>be73cee</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/fsouza/go-dockerclient/issues/820">#820</a> from teads/hotfix/base64-nopadding</li>
<li><a href="39a04943e8"><code>39a0494</code></a> base64 hash without padding on docker for mac</li>
<li><a href="7f77daa5fc"><code>7f77daa</code></a> Go 1.14rc1</li>
<li><a href="7402d3a427"><code>7402d3a</code></a> Happy New Year</li>
<li><a href="d5f90d29b3"><code>d5f90d2</code></a> build(deps): bump github.com/google/go-cmp from 0.3.1 to 0.4.0</li>
<li><a href="b19d14c14f"><code>b19d14c</code></a> golangci: disable gomnd</li>
<li>Additional commits viewable in <a href="https://github.com/fsouza/go-dockerclient/compare/v1.6.0...v1.6.1">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/fsouza/go-dockerclient&package-manager=go_modules&previous-version=1.6.0&new-version=1.6.1)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
2154: Bump github.com/mattn/go-shellwords from 1.0.9 to 1.0.10 r=rhatdan a=dependabot-preview[bot]
Bumps [github.com/mattn/go-shellwords](https://github.com/mattn/go-shellwords) from 1.0.9 to 1.0.10.
<details>
<summary>Commits</summary>
<ul>
<li><a href="28e4fdf351"><code>28e4fdf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mattn/go-shellwords/issues/37">#37</a> from mattn/fix-36</li>
<li><a href="dde38073ed"><code>dde3807</code></a> Add test</li>
<li><a href="fb350fde1d"><code>fb350fd</code></a> Drop go1.5</li>
<li><a href="24faaf1c49"><code>24faaf1</code></a> Fallback SHELL/COMPSEC</li>
<li><a href="d25c5ef2e6"><code>d25c5ef</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/mattn/go-shellwords/issues/35">#35</a> from markus-oberhumer/minor-testcase-cleanups</li>
<li><a href="f722472e3c"><code>f722472</code></a> Add some tests for emtpy strings.</li>
<li><a href="29f20d48d2"><code>29f20d4</code></a> Convert 2 functions to testcase entries.</li>
<li><a href="58a811f1d6"><code>58a811f</code></a> Remove stray comments.</li>
<li>See full diff in <a href="https://github.com/mattn/go-shellwords/compare/v1.0.9...v1.0.10">compare view</a></li>
</ul>
</details>
<br />
[](https://dependabot.com/compatibility-score/?dependency-name=github.com/mattn/go-shellwords&package-manager=go_modules&previous-version=1.0.9&new-version=1.0.10)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
</details>
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
In porting containers.conf to libpod, we found that buildah needed
to handle the containers.conf on the server side rather then from
the CLI.
Since the `podman-remote build` would probably not have the same content
as containers.conf on the server, the processesing of the defaults needs
to be handled in imagebuildah. The CapAdd and CapDrop values need to be
passed in.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
As the title says, bumping to c/storage v1.15.7 to
get overlayv2 fix.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #2094
Approved by: rhatdan
This is a rework of Qi Wang's patches.
Import package pkg/config from containers/common to read containers.conf
This patch allows users to specify default values stored in containers.conf
that will modify the behaviour of buildah tool.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #2011
Approved by: TomSweeneyRedHat
Update the openshift/api dependency to the latest commit. Several users
have reported that the go.mod couldn't be parsed, which should now be
fixed.
Fixes: #2042
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #2066
Approved by: rhatdan
Bumping c/storage to v1.15.5. Once merged I'll spin up
a Buildah v1.13.0
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #2050
Approved by: rhatdan
We have moved share code from buildah, podman and others into containers/common.
Specifically for this PR we are moving to use containers/common/pkg/unshare and
containers/common/pkg/cgroups.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #2010
Approved by: QiWang19
In #1715 we added an additional valid path for `!excludes.Exclusions()`
when considering a full copy of the source directory to the destination
via `ADD`/`COPY`. This breaks the functionality of the `.dockerignore`
file, because `PatternMatcher.Exclusions` is true if any of the defined
patterns contain an exclusion (the pattern starts with `!`). This means
if we have no Exclusions defined at all, the `.dockerignore` behavior
does not work any more.
To still have the optimization in, we now skip whole directories if the
patterns to exclude match in a pure way.
Introduced by: https://github.com/containers/buildah/pull/1715
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Closes: #1914
Approved by: rhatdan
Certain versions of go have different vendoring capabilities.
We want to make sure that vendoring the the vendor checker are
running with the same version of golang. We do this by using
podman to run a container of the lates golang container image.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1949
Approved by: TomSweeneyRedHat
* Update generated files
* ImageBigData: distinguish between no-such-image and no-such-item
* ImageSize: don't get tripped up by images with no layers
* tarlogger: disable raw accouting
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Some Dockerfiles (fuse-overlay) require additional devices to be in the
build environment.
This patch allows the user to specify additional devices.
Also I noticed that CapAdd and CapDrop was not working in buildah bud situations,
so this patch also fixes this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1820
Approved by: @TomSweeneyRedHat
Add github.com/openshift/api to our list of dependencies, and update
dependencies.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1787
Approved by: rhatdan
Vendor Storage v1.13.2 which features functionality to
Ignore ro mount options in btrfs and windows drivers.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1779
Approved by: vrothberg
Bump github.com/containernetworking/cni from v0.7.0-rc2 to v0.7.1, which
is the version that libpod master is currently using.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1765
Approved by: rhatdan
* progress bar: use spinners for unknown blob sizes
* use 'containers_image_ostree' as build tag
* ostree: default is no OStree support
* Add "Env" to ImageInspectInfo
* config.go: improve debug message
* config.go: log where credentials come from
* Fix typo in docs/containers-registries.conf.5.md
* docker: delete: support all MIME types
* Try harder in storageImageDestination.TryReusingBlob
* docker: allow deleting OCI images
* ostree: improve error message
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #1730
Approved by: TomSweeneyRedHat
* make local-cross more reliable for CI
* Fix cross-compilation
* zstd: use github.com/klauspost/compress directly
* Add support for installing man pages
* Remove merged directory when it is unmounted
* Switch to golangci-lint
* Update generated files
* Keep track of the UIDs and GIDs used in applied layers
* Add cirrus vendor check
* Switch to go modules
* Use same variable name on both commands
* cirrus: ubuntu: try removing cryptsetup-initramfs
* Move lockfiles to their own package
* getLockfile(): use the absolute path
* lockfile: don't bother releasing a lock when closing a file
* locking: take read locks on read-only stores
* locking test updates
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #1739
Approved by: TomSweeneyRedHat
Update to runc v1.0.0-rc8. The libcontainer components that we use
haven't changed, so there's not much to this.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Update runtime-tools to v0.9.0. This requires a newer version of
runtime-spec, so pull one in, too.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1720
Approved by: vrothberg
When the WORKDIR is a symlink and the target directory does not exist, RUN
commands would fail. If the target doesn't exist, create the directory in
the container. This also converts the code to use SecureJoin so that if
a symlink is in the middle of a filepath, it will be converted correctly.
Fixes: #1569
Tip of the hat to @karelyatin for the initial fix
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1576
Approved by: rhatdan
Container image also switched out the version of bolddb
we were uisng.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1586
Approved by: vrothberg
buildah bud is ignoring --volumes flag.
This patch parses the volumes and then passes them into the builder to be used.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1559
Approved by: vrothberg
Fixes the use of additional stores, use of devices based on link paths,
properly checks the permissions on /run/usr/UID directory.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1541
Approved by: vrothberg
use --dns* flags to change /etc/resolv.conf in the container during the build.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1491
Approved by: rhatdan
We don't want to vendor anything from libpod into Buildah.
We want to switch this around. Moving pkg content from libpod
to Buildah allows us to fix this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1400
Approved by: giuseppe
The {Add,Del}NetworkList APIs were extended with a context parameter,
which require adjustments in the code.
Fixes: #1433
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #1434
Approved by: rhatdan
It looks like the latest `vndr` wants to pull in more files than before.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #1390
Approved by: rhatdan
openshift/imagebuilder had a dependency on a deprecated package that is
now forked into imagebuilder to allow using more recent versions of
docker/docker.
Also vendor the latest docker/docker to a) demonstrate that imagebuilder
does not force using an old version docker/docker and to b) pull in
fixes and updates to our dependencies on docker/docker.
See https://github.com/openshift/imagebuilder/pull/125 for more details
on the imagebuilder change.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #1390
Approved by: rhatdan
Replaces a lot of write locks with read locks, which should help with
performance.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1376
Approved by: TomSweeneyRedHat
Starting to remove dependency on libpod from buildah.
secrets is used so that builds can access RHEL subscriptions
so this makes more sense to be in buildah then libpod.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1366
Approved by: vrothberg
This requires some additional changes to the dependencies since the
progress-bar library has been changed to github.com/vbauerster/mpb.
Please refer to the following link for the release notes:
https://github.com/containers/image/releases/tag/v1.4
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
Closes: #1355
Approved by: @TomSweeneyRedHat
Currently buildah support COPY --chown in a Dockerfile build,
but it ignores this flag if it is passed into an ADD.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1288
Approved by: vrothberg
This will fix the labeling of container images
when using user namespace
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1282
Approved by: umohnani8
Nalin Dahyabhai
Valentin Rothberg
Daniel J Walsh
dependabot-preview[bot]
TomSweeneyRedHat
bors[bot]
Brent Baude
Giuseppe Scrivano
Brandon Lum
Qi Wang
Miloslav Trmač
Urvashi Mohnani
Nick Carboni
Sascha Grunert