Drop the "omitempty" tag from the "json" tag on struct members that are
themselves structs, since the JSON encoder doesn't actually do that, per
golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Use the CutPrefix(), SplitSeq(), and FieldsSeq() functions from the
strings package when chopping up or iterating over parts of strings, per
golang.org/x/tools/gopls/internal/analysis/modernize/cmd/modernize
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a note that we need a test binary built for the sake of a few
conformance tests, for people who run the conformance tests directly
instead of using the top-level makefile target.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
When RUN requires us to create the target for a mountpoint, make note of
it and any parent directories that needed to be created, and filter them
out when generating a layer diff or --output data.
The exceptions will be directories that the conformance tests confirm
that BuildKit also leaves behind, though for compatibility with the
classic builder, we have to make that conditional.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Replace our use of the
github.com/docker/docker/api/types.BuildCachePruneOptions with the
github.com/docker/docker/api/types/build.CachePruneOptions type, which
the former is now an alias for.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
There is some code in tests/conformance which is only used by tests.
Move it to *_test.go files.
Found by golangci-lint run --tests=false, which shows this warning:
> tests/conformance/selinux.go:9:6: func `selinuxMountFlag` is unused (unused)
> func selinuxMountFlag() string {
> ^
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This fixes the following warning:
> tests/conformance/conformance_test.go:37:2: ST1019: package "github.com/containers/image/v5/storage" is being imported more than once (staticcheck)
> is "github.com/containers/image/v5/storage"
> ^
> tests/conformance/conformance_test.go:38:2: ST1019(related information): other import of "github.com/containers/image/v5/storage" (staticcheck)
> istorage "github.com/containers/image/v5/storage"
> ^
Fixes: 3a61cc099 ("Add OverrideChanges and OverrideConfig to CommitOptions")
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
... to validate that the manifests match expected digests, if any.
In some cases, using an UnparsedInstance can also avoid redundant I/O.
Do this everywhere, even where we read local storage which is
mostly trusted, because it is cheap enough and being consistent
makes it less likely for the code to be copied into other
contexts where the sources are not trusted.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
The origin repository renamed its "master" branch to "main", so we need
to update our references to items in that branch.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
New imagebuilder contains fix that sets empty TARGETVARIANT and BUILDVARIANT. Docker does not set these values for ARM64.
This fixes the TestConformance/multistage-builtin-args and TestConformance/builtins tests on ARM64.
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
This fixes getting of cpu variants for ARM64
Fixes the TestConformance/setuid-file-in-archive test on ARM64.
Signed-off-by: Jan Rodák <hony.com@seznam.cz>
Two tests `TestCommit` and `TestConformance` can be made parallel given
that we are already using multiple cores for conformance tests.
Signed-off-by: flouthoc <flouthoc.git@gmail.com>
Normally, we select and distinguish --mount=type=cache directories that
we create by either the "id" or "target" value used when mounting them,
but we should also be distinguishing them by the "uid" and "gid" flags,
or lack thereof.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
These experimental packages are now available in the Go standard
library since Go 1.21:
1. golang.org/x/exp/slices -> slices [1]
2. golang.org/x/exp/maps -> maps [2]
[1]: https://go.dev/doc/go1.21#slices
[2]: https://go.dev/doc/go1.21#maps
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
When handling RUN --mount=type=bind, where the mount is read-write,
instead of a simple bind mount, create an overlay mount with an upper
directory that will be discarded after the overlay mount is unmounted.
This brings us in line with the expected behavior, wherein writes to
bind mounts should be discarded.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Handle glob patterns with "**" path components by expanding "**" to the
set of subdirectories and calling filepath.Glob() on the results.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
The default configuration that `docker build` applies to images built
using "scratch" has changed from classic builds to BuildKit. Add a
toggle for selecting which behavior to mimic.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Remove certain weirdly-named files being used by a conformance test out
of the repository and create them at test-time. Github refused to
generate archives of the repository when they were present in the commit
being requested.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
1. Use gofmt to format the code:
git ls-files \*.go | grep -Ev '/?vendor/' | xargs gofmt -w -s
2. Add gofmt to golangci-lint (it's not enabled by default).
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
This change is generated by `go1.23rc2 fix ./...`.
Had to use go1.23rc2, since all released go versions have a bug
preventing it from working with `go 1.22.0` in go.mod (opened
https://github.com/golang/go/issues/68825,
https://github.com/golang/go/issues/68824 for awareness).
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
When collecting items we matched using the passed-in globs during Add(),
be sure that globbing performed by Get() will match the items exactly,
by escaping special matching characters.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Use busybox and alpine images from mirror.gcr.io, where possible, to
avoid tripping pull limits in CI.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a conformance test that attempts to "chown" a volume declared in a
base image, which produces different results depending on whether we're
using the BuildKit-based builder or the V1 "classic" builder. For now,
don't try to change our behavior, and continue imitating the behavior of
the classic builder.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add flags for specifying not just that we use BuildKit, but specifically
which docker builder we request, and which value of CompatSetParent we
set at the same time.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Renovate updated references "FROM centos:7" to "FROM centos:8", but we
changed various others references to it to quay.io/libpod/centos:7 some
time ago. Update these stragglers.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Check "WORKDIR" both with and without path separators at the end of the
instruction argument (e.g. "/foo" and "/foo/").
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Use slices.Clone() and maps.Clone() instead of our own non-generic
functions. We have to be more careful in a couple of places where we
set items in maps which aren't unconditionally initialized.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Per consent in 2024-03-20 Planning, remove support for cgroups v1.
And, per discovery on 2024-05-28, systemd 256 no longer even
boots on a cgroups v1 system.
This commit switches to VMs built in:
https://github.com/containers/automation_images/pull/338
...in which Debian is now cgroups v2 with crun.
Requires disabling two conformance tests which fail when run
against docker 26.1; see #5526 for context on those.
Also requires disabling two bats tests on debian because
something changed there in ulimits. I'll look into them
later but right now this gives us breathing space.
And, latest git on f40 refuses to serve non-root files when
run as root ("dubious ownership"); so, in start_git_daemon(),
chown the extracted files.
Signed-off-by: Ed Santiago <santiago@redhat.com>
When handling RUN instructions that use heredoc syntax, don't bother
interpolating environment variables and argument values, and let the
command that's running handle it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
When analyzing a layer blob's contents, don't break if the blob has more
zeroes padding it out even after the tar reader thinks it's hit the end
of the archive.
Add more detail to the diagnostic error we print when there's a digest
or length mismatch, too, in case it's triggered by something other than
zero padding.
Don't ignore errors which might be encountered when we try to use skopeo
to copy an image to a directory.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Nalin Dahyabhai
Jan Kaluza
Rahil Bhimjiani
Kir Kolyshkin
Jan Rodák
Miloslav Trmač
flouthoc
Eng Zer Jun
Daniel J Walsh
openshift-merge-bot[bot]
Ed Santiago