Update github.com/containers/image/v5 digest to e14c1c5

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

vendor/github.com/containers/image/v5/internal/set/set.go

@@ -24,11 +24,11 @@ func NewWithValues[E comparable](values ...E) *Set[E] {
 	return s
 }
 
-func (s Set[E]) Add(v E) {
+func (s *Set[E]) Add(v E) {
 	s.m[v] = struct{}{} // Possibly writing the same struct{}{} presence marker again.
 }
 
-func (s Set[E]) Delete(v E) {
+func (s *Set[E]) Delete(v E) {
 	delete(s.m, v)
 }
 

vendor/github.com/containers/image/v5/pkg/docker/config/config.go

@@ -48,9 +48,9 @@ var (
 	ErrNotSupported = errors.New("not supported")
 )
 
-// authPath combines a path to a file with container registry access keys,
-// along with expected properties of that path (currently just whether it's)
-// legacy format or not.
+// authPath combines a path to a file with container registry credentials,
+// along with expected properties of that path (currently just whether it's
+// legacy format or not).
 type authPath struct {
 	path         string
 	legacyFormat bool
@@ -87,12 +87,12 @@ func SetCredentials(sys *types.SystemContext, key, username, password string) (s
 		switch helper {
 		// Special-case the built-in helpers for auth files.
 		case sysregistriesv2.AuthenticationFileHelper:
-			desc, err = modifyJSON(sys, func(auths *dockerConfigFile) (bool, string, error) {
-				if ch, exists := auths.CredHelpers[key]; exists {
+			desc, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) {
+				if ch, exists := fileContents.CredHelpers[key]; exists {
 					if isNamespaced {
 						return false, "", unsupportedNamespaceErr(ch)
 					}
-					desc, err := setAuthToCredHelper(ch, key, username, password)
+					desc, err := setCredsInCredHelper(ch, key, username, password)
 					if err != nil {
 						return false, "", err
 					}
@@ -100,7 +100,7 @@ func SetCredentials(sys *types.SystemContext, key, username, password string) (s
 				}
 				creds := base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
 				newCreds := dockerAuthConfig{Auth: creds}
-				auths.AuthConfigs[key] = newCreds
+				fileContents.AuthConfigs[key] = newCreds
 				return true, "", nil
 			})
 		// External helpers.
@@ -108,7 +108,7 @@ func SetCredentials(sys *types.SystemContext, key, username, password string) (s
 			if isNamespaced {
 				err = unsupportedNamespaceErr(helper)
 			} else {
-				desc, err = setAuthToCredHelper(helper, key, username, password)
+				desc, err = setCredsInCredHelper(helper, key, username, password)
 			}
 		}
 		if err != nil {
@@ -156,17 +156,17 @@ func GetAllCredentials(sys *types.SystemContext) (map[string]types.DockerAuthCon
 		case sysregistriesv2.AuthenticationFileHelper:
 			for _, path := range getAuthFilePaths(sys, homedir.Get()) {
 				// parse returns an empty map in case the path doesn't exist.
-				auths, err := path.parse()
+				fileContents, err := path.parse()
 				if err != nil {
 					return nil, fmt.Errorf("reading JSON file %q: %w", path.path, err)
 				}
 				// Credential helpers in the auth file have a
 				// direct mapping to a registry, so we can just
 				// walk the map.
-				for registry := range auths.CredHelpers {
+				for registry := range fileContents.CredHelpers {
 					allKeys.Add(registry)
 				}
-				for key := range auths.AuthConfigs {
+				for key := range fileContents.AuthConfigs {
 					key := normalizeAuthFileKey(key, path.legacyFormat)
 					if key == normalizedDockerIORegistry {
 						key = "docker.io"
@@ -176,7 +176,7 @@ func GetAllCredentials(sys *types.SystemContext) (map[string]types.DockerAuthCon
 			}
 		// External helpers.
 		default:
-			creds, err := listAuthsFromCredHelper(helper)
+			creds, err := listCredsInCredHelper(helper)
 			if err != nil {
 				logrus.Debugf("Error listing credentials stored in credential helper %s: %v", helper, err)
 				if errors.Is(err, exec.ErrNotFound) {
@@ -193,19 +193,19 @@ func GetAllCredentials(sys *types.SystemContext) (map[string]types.DockerAuthCon
 
 	// Now use `GetCredentials` to the specific auth configs for each
 	// previously listed registry.
-	authConfigs := make(map[string]types.DockerAuthConfig)
+	allCreds := make(map[string]types.DockerAuthConfig)
 	for _, key := range allKeys.Values() {
-		authConf, err := GetCredentials(sys, key)
+		creds, err := GetCredentials(sys, key)
 		if err != nil {
 			// Note: we rely on the logging in `GetCredentials`.
 			return nil, err
 		}
-		if authConf != (types.DockerAuthConfig{}) {
-			authConfigs[key] = authConf
+		if creds != (types.DockerAuthConfig{}) {
+			allCreds[key] = creds
 		}
 	}
 
-	return authConfigs, nil
+	return allCreds, nil
 }
 
 // getAuthFilePaths returns a slice of authPaths based on the system context
@@ -285,13 +285,13 @@ func getCredentialsWithHomeDir(sys *types.SystemContext, key, homeDir string) (t
 	// Anonymous function to query credentials from auth files.
 	getCredentialsFromAuthFiles := func() (types.DockerAuthConfig, string, error) {
 		for _, path := range getAuthFilePaths(sys, homeDir) {
-			authConfig, err := findCredentialsInFile(key, registry, path)
+			creds, err := findCredentialsInFile(key, registry, path)
 			if err != nil {
 				return types.DockerAuthConfig{}, "", err
 			}
 
-			if authConfig != (types.DockerAuthConfig{}) {
-				return authConfig, path.path, nil
+			if creds != (types.DockerAuthConfig{}) {
+				return creds, path.path, nil
 			}
 		}
 		return types.DockerAuthConfig{}, "", nil
@@ -320,7 +320,7 @@ func getCredentialsWithHomeDir(sys *types.SystemContext, key, homeDir string) (t
 			// This intentionally uses "registry", not "key"; we don't support namespaced
 			// credentials in helpers, but a "registry" is a valid parent of "key".
 			helperKey = registry
-			creds, err = getAuthFromCredHelper(helper, registry)
+			creds, err = getCredsFromCredHelper(helper, registry)
 		}
 		if err != nil {
 			logrus.Debugf("Error looking up credentials for %s in credential helper %s: %v", helperKey, helper, err)
@@ -360,14 +360,14 @@ func GetAuthentication(sys *types.SystemContext, key string) (string, string, er
 // getAuthenticationWithHomeDir is an internal implementation detail of GetAuthentication,
 // it exists only to allow testing it with an artificial home directory.
 func getAuthenticationWithHomeDir(sys *types.SystemContext, key, homeDir string) (string, string, error) {
-	auth, err := getCredentialsWithHomeDir(sys, key, homeDir)
+	creds, err := getCredentialsWithHomeDir(sys, key, homeDir)
 	if err != nil {
 		return "", "", err
 	}
-	if auth.IdentityToken != "" {
+	if creds.IdentityToken != "" {
 		return "", "", fmt.Errorf("non-empty identity token found and this API doesn't support it: %w", ErrNotSupported)
 	}
-	return auth.Username, auth.Password, nil
+	return creds.Username, creds.Password, nil
 }
 
 // RemoveAuthentication removes credentials for `key` from all possible
@@ -393,7 +393,7 @@ func RemoveAuthentication(sys *types.SystemContext, key string) error {
 			logrus.Debugf("Not removing credentials because namespaced keys are not supported for the credential helper: %s", helper)
 			return
 		}
-		err := deleteAuthFromCredHelper(helper, key)
+		err := deleteCredsFromCredHelper(helper, key)
 		if err == nil {
 			logrus.Debugf("Credentials for %q were deleted from credential helper %s", key, helper)
 			isLoggedIn = true
@@ -411,13 +411,13 @@ func RemoveAuthentication(sys *types.SystemContext, key string) error {
 		switch helper {
 		// Special-case the built-in helper for auth files.
 		case sysregistriesv2.AuthenticationFileHelper:
-			_, err = modifyJSON(sys, func(auths *dockerConfigFile) (bool, string, error) {
-				if innerHelper, exists := auths.CredHelpers[key]; exists {
+			_, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) {
+				if innerHelper, exists := fileContents.CredHelpers[key]; exists {
 					removeFromCredHelper(innerHelper)
 				}
-				if _, ok := auths.AuthConfigs[key]; ok {
+				if _, ok := fileContents.AuthConfigs[key]; ok {
 					isLoggedIn = true
-					delete(auths.AuthConfigs, key)
+					delete(fileContents.AuthConfigs, key)
 				}
 				return true, "", multiErr
 			})
@@ -454,23 +454,23 @@ func RemoveAllAuthentication(sys *types.SystemContext) error {
 		switch helper {
 		// Special-case the built-in helper for auth files.
 		case sysregistriesv2.AuthenticationFileHelper:
-			_, err = modifyJSON(sys, func(auths *dockerConfigFile) (bool, string, error) {
-				for registry, helper := range auths.CredHelpers {
+			_, err = modifyJSON(sys, func(fileContents *dockerConfigFile) (bool, string, error) {
+				for registry, helper := range fileContents.CredHelpers {
 					// Helpers in auth files are expected
 					// to exist, so no special treatment
 					// for them.
-					if err := deleteAuthFromCredHelper(helper, registry); err != nil {
+					if err := deleteCredsFromCredHelper(helper, registry); err != nil {
 						return false, "", err
 					}
 				}
-				auths.CredHelpers = make(map[string]string)
-				auths.AuthConfigs = make(map[string]dockerAuthConfig)
+				fileContents.CredHelpers = make(map[string]string)
+				fileContents.AuthConfigs = make(map[string]dockerAuthConfig)
 				return true, "", nil
 			})
 		// External helpers.
 		default:
 			var creds map[string]string
-			creds, err = listAuthsFromCredHelper(helper)
+			creds, err = listCredsInCredHelper(helper)
 			if err != nil {
 				if errors.Is(err, exec.ErrNotFound) {
 					// It's okay if the helper doesn't exist.
@@ -480,7 +480,7 @@ func RemoveAllAuthentication(sys *types.SystemContext) error {
 				}
 			}
 			for registry := range creds {
-				err = deleteAuthFromCredHelper(helper, registry)
+				err = deleteCredsFromCredHelper(helper, registry)
 				if err != nil {
 					break
 				}
@@ -497,7 +497,7 @@ func RemoveAllAuthentication(sys *types.SystemContext) error {
 	return multiErr
 }
 
-func listAuthsFromCredHelper(credHelper string) (map[string]string, error) {
+func listCredsInCredHelper(credHelper string) (map[string]string, error) {
 	helperName := fmt.Sprintf("docker-credential-%s", credHelper)
 	p := helperclient.NewShellProgramFunc(helperName)
 	return helperclient.List(p)
@@ -543,40 +543,40 @@ func getPathToAuthWithOS(sys *types.SystemContext, goOS string) (authPath, bool,
 	return newAuthPathDefault(fmt.Sprintf(defaultPerUIDPathFormat, os.Getuid())), false, nil
 }
 
-// parse unmarshals the authentications stored in the auth.json file and returns it
+// parse unmarshals the credentials stored in the auth.json file and returns it
 // or returns an empty dockerConfigFile data structure if auth.json does not exist
 // if the file exists and is empty, this function returns an error.
 func (path authPath) parse() (dockerConfigFile, error) {
-	var auths dockerConfigFile
+	var fileContents dockerConfigFile
 
 	raw, err := os.ReadFile(path.path)
 	if err != nil {
 		if os.IsNotExist(err) {
-			auths.AuthConfigs = map[string]dockerAuthConfig{}
-			return auths, nil
+			fileContents.AuthConfigs = map[string]dockerAuthConfig{}
+			return fileContents, nil
 		}
 		return dockerConfigFile{}, err
 	}
 
 	if path.legacyFormat {
-		if err = json.Unmarshal(raw, &auths.AuthConfigs); err != nil {
+		if err = json.Unmarshal(raw, &fileContents.AuthConfigs); err != nil {
 			return dockerConfigFile{}, fmt.Errorf("unmarshaling JSON at %q: %w", path.path, err)
 		}
-		return auths, nil
+		return fileContents, nil
 	}
 
-	if err = json.Unmarshal(raw, &auths); err != nil {
+	if err = json.Unmarshal(raw, &fileContents); err != nil {
 		return dockerConfigFile{}, fmt.Errorf("unmarshaling JSON at %q: %w", path.path, err)
 	}
 
-	if auths.AuthConfigs == nil {
-		auths.AuthConfigs = map[string]dockerAuthConfig{}
+	if fileContents.AuthConfigs == nil {
+		fileContents.AuthConfigs = map[string]dockerAuthConfig{}
 	}
-	if auths.CredHelpers == nil {
-		auths.CredHelpers = make(map[string]string)
+	if fileContents.CredHelpers == nil {
+		fileContents.CredHelpers = make(map[string]string)
 	}
 
-	return auths, nil
+	return fileContents, nil
 }
 
 // modifyJSON finds an auth.json file, calls editor on the contents, and
@@ -585,7 +585,7 @@ func (path authPath) parse() (dockerConfigFile, error) {
 //
 // The editor may also return a human-readable description of the updated location; if it is "",
 // the file itself is used.
-func modifyJSON(sys *types.SystemContext, editor func(auths *dockerConfigFile) (bool, string, error)) (string, error) {
+func modifyJSON(sys *types.SystemContext, editor func(fileContents *dockerConfigFile) (bool, string, error)) (string, error) {
 	path, _, err := getPathToAuth(sys)
 	if err != nil {
 		return "", err
@@ -599,17 +599,17 @@ func modifyJSON(sys *types.SystemContext, editor func(auths *dockerConfigFile) (
 		return "", err
 	}
 
-	auths, err := path.parse()
+	fileContents, err := path.parse()
 	if err != nil {
 		return "", fmt.Errorf("reading JSON file %q: %w", path.path, err)
 	}
 
-	updated, description, err := editor(&auths)
+	updated, description, err := editor(&fileContents)
 	if err != nil {
 		return "", fmt.Errorf("updating %q: %w", path.path, err)
 	}
 	if updated {
-		newData, err := json.MarshalIndent(auths, "", "\t")
+		newData, err := json.MarshalIndent(fileContents, "", "\t")
 		if err != nil {
 			return "", fmt.Errorf("marshaling JSON %q: %w", path.path, err)
 		}
@@ -625,7 +625,7 @@ func modifyJSON(sys *types.SystemContext, editor func(auths *dockerConfigFile) (
 	return description, nil
 }
 
-func getAuthFromCredHelper(credHelper, registry string) (types.DockerAuthConfig, error) {
+func getCredsFromCredHelper(credHelper, registry string) (types.DockerAuthConfig, error) {
 	helperName := fmt.Sprintf("docker-credential-%s", credHelper)
 	p := helperclient.NewShellProgramFunc(helperName)
 	creds, err := helperclient.Get(p, registry)
@@ -650,9 +650,9 @@ func getAuthFromCredHelper(credHelper, registry string) (types.DockerAuthConfig,
 	}
 }
 
-// setAuthToCredHelper stores (username, password) for registry in credHelper.
+// setCredsInCredHelper stores (username, password) for registry in credHelper.
 // Returns a human-readable description of the destination, to be returned by SetCredentials.
-func setAuthToCredHelper(credHelper, registry, username, password string) (string, error) {
+func setCredsInCredHelper(credHelper, registry, username, password string) (string, error) {
 	helperName := fmt.Sprintf("docker-credential-%s", credHelper)
 	p := helperclient.NewShellProgramFunc(helperName)
 	creds := &credentials.Credentials{
@@ -666,7 +666,7 @@ func setAuthToCredHelper(credHelper, registry, username, password string) (strin
 	return fmt.Sprintf("credential helper: %s", credHelper), nil
 }
 
-func deleteAuthFromCredHelper(credHelper, registry string) error {
+func deleteCredsFromCredHelper(credHelper, registry string) error {
 	helperName := fmt.Sprintf("docker-credential-%s", credHelper)
 	p := helperclient.NewShellProgramFunc(helperName)
 	return helperclient.Erase(p, registry)
@@ -675,7 +675,7 @@ func deleteAuthFromCredHelper(credHelper, registry string) error {
 // findCredentialsInFile looks for credentials matching "key"
 // (which is "registry" or a namespace in "registry") in "path".
 func findCredentialsInFile(key, registry string, path authPath) (types.DockerAuthConfig, error) {
-	auths, err := path.parse()
+	fileContents, err := path.parse()
 	if err != nil {
 		return types.DockerAuthConfig{}, fmt.Errorf("reading JSON file %q: %w", path.path, err)
 	}
@@ -683,9 +683,9 @@ func findCredentialsInFile(key, registry string, path authPath) (types.DockerAut
 	// First try cred helpers. They should always be normalized.
 	// This intentionally uses "registry", not "key"; we don't support namespaced
 	// credentials in helpers.
-	if ch, exists := auths.CredHelpers[registry]; exists {
+	if ch, exists := fileContents.CredHelpers[registry]; exists {
 		logrus.Debugf("Looking up in credential helper %s based on credHelpers entry in %s", ch, path.path)
-		return getAuthFromCredHelper(ch, registry)
+		return getCredsFromCredHelper(ch, registry)
 	}
 
 	// Support sub-registry namespaces in auth.
@@ -701,7 +701,7 @@ func findCredentialsInFile(key, registry string, path authPath) (types.DockerAut
 	// Repo or namespace keys are only supported as exact matches. For registry
 	// keys we prefer exact matches as well.
 	for _, key := range keys {
-		if val, exists := auths.AuthConfigs[key]; exists {
+		if val, exists := fileContents.AuthConfigs[key]; exists {
 			return decodeDockerAuth(path.path, key, val)
 		}
 	}
@@ -715,7 +715,7 @@ func findCredentialsInFile(key, registry string, path authPath) (types.DockerAut
 	// The docker.io registry still uses the /v1/ key with a special host name,
 	// so account for that as well.
 	registry = normalizeRegistry(registry)
-	for k, v := range auths.AuthConfigs {
+	for k, v := range fileContents.AuthConfigs {
 		if normalizeAuthFileKey(k, path.legacyFormat) == registry {
 			return decodeDockerAuth(path.path, k, v)
 		}

vendor/github.com/containers/image/v5/types/types.go

@@ -585,9 +585,9 @@ type SystemContext struct {
 	// resolving to Docker Hub in the Docker-compatible REST API of Podman; it should never be used outside this
 	// specific context.
 	PodmanOnlyShortNamesIgnoreRegistriesConfAndForceDockerHub bool
-	// If not "", overrides the default path for the authentication file, but only new format files
+	// If not "", overrides the default path for the registry authentication file, but only new format files
 	AuthFilePath string
-	// if not "", overrides the default path for the authentication file, but with the legacy format;
+	// if not "", overrides the default path for the registry authentication file, but with the legacy format;
 	// the code currently will by default look for legacy format files like .dockercfg in the $HOME dir;
 	// but in addition to the home dir, openshift may mount .dockercfg files (via secret mount)
 	// in locations other than the home dir; openshift components should then set this field in those cases;