Merge pull request #698 from vrothberg/vendor-image

vendor github.com/containers/image@v3.0.0
2025-08-18 22:47:18 +00:00 · 2019-08-02 13:21:45 +02:00 · 2019-08-02 13:21:45 +02:00 · 65b3aa973a
commit 65b3aa973a
parent 19025f5cb4 bebcb94653
7 changed files with 33 additions and 17 deletions
--- a/go.mod
+++ b/go.mod
@ -9,7 +9,7 @@ require (
 	github.com/VividCortex/ewma v1.1.1 // indirect
 	github.com/containerd/continuity v0.0.0-20180216233310-d8fb8589b0e8 // indirect
 	github.com/containers/buildah v1.8.4
-	github.com/containers/image v1.5.2-0.20190725091050-48acc3dcbb76
+	github.com/containers/image v3.0.0+incompatible
 	github.com/containers/storage v1.12.10
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/docker/distribution v0.0.0-20170817175659-5f6282db7d65 // indirect
--- a/go.sum
+++ b/go.sum
@ -18,6 +18,8 @@ github.com/containers/image v1.5.2-0.20190725091050-48acc3dcbb76 h1:+9unAKrV92Jv
 github.com/containers/image v1.5.2-0.20190725091050-48acc3dcbb76/go.mod h1:8Vtij257IWSanUQKe1tAeNOm2sRVkSqQTVQ1IlwI3+M=
 github.com/containers/image v2.0.0+incompatible h1:FTr6Br7jlIKNCKMjSOMbAxKp2keQ0//jzJaYNTVhauk=
 github.com/containers/image v2.0.0+incompatible/go.mod h1:8Vtij257IWSanUQKe1tAeNOm2sRVkSqQTVQ1IlwI3+M=
+github.com/containers/image v3.0.0+incompatible h1:pdUHY//H+3jYNnoTt+rqY8NsStX4ZBLKzPTlMC+XvnU=
+github.com/containers/image v3.0.0+incompatible/go.mod h1:8Vtij257IWSanUQKe1tAeNOm2sRVkSqQTVQ1IlwI3+M=
 github.com/containers/storage v1.12.10 h1:vw1aiLsZ1LvO09ELMxVBTe35tThRiMftI2cPeH+G5ow=
 github.com/containers/storage v1.12.10/go.mod h1:+RirK6VQAqskQlaTBrOG6ulDvn4si2QjFE1NZCn06MM=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
--- a/vendor/github.com/containers/image/docker/docker_client.go
+++ b/vendor/github.com/containers/image/docker/docker_client.go
@ -526,11 +526,7 @@ func (c *dockerClient) getBearerToken(ctx context.Context, challenge challenge,
 		authReq.SetBasicAuth(c.username, c.password)
 	}
 	logrus.Debugf("%s %s", authReq.Method, authReq.URL.String())
-	tr := tlsclientconfig.NewTransport()
-	// TODO(runcom): insecure for now to contact the external token service
-	tr.TLSClientConfig = &tls.Config{InsecureSkipVerify: true}
-	client := &http.Client{Transport: tr}
-	res, err := client.Do(authReq)
+	res, err := c.client.Do(authReq)
 	if err != nil {
 		return nil, err
 	}
--- a/vendor/github.com/containers/image/pkg/docker/config/config.go
+++ b/vendor/github.com/containers/image/pkg/docker/config/config.go
@ -46,13 +46,18 @@ func SetAuthentication(sys *types.SystemContext, registry, username, password st
 			return false, setAuthToCredHelper(ch, registry, username, password)
 		}

+		// Set the credentials to kernel keyring if sys.AuthFile is not specified.
+		// The keyring might not work in all environments (e.g., missing capability) and isn't supported on all platforms.
+		// Hence, we want to fall-back to using the authfile in case the keyring failed.
+		// However, if the sys.AuthFilePath is set, we want adhere to the user specification and not use the keyring.
+		if sys.AuthFilePath == "" {
 			err := setAuthToKernelKeyring(registry, username, password)
 			if err == nil {
 				logrus.Debugf("credentials for (%s, %s) were stored in the kernel keyring\n", registry, username)
 				return false, nil
 			}
-		logrus.Debugf("failed to authenticate with the kernel keyring, falling back to authfiles.")
-
+			logrus.Debugf("failed to authenticate with the kernel keyring, falling back to authfiles. %v", err)
+		}
 		creds := base64.StdEncoding.EncodeToString([]byte(username + ":" + password))
 		newCreds := dockerAuthConfig{Auth: creds}
 		auths.AuthConfigs[registry] = newCreds
--- a/vendor/github.com/containers/image/pkg/sysregistriesv2/system_registries_v2.go
+++ b/vendor/github.com/containers/image/pkg/sysregistriesv2/system_registries_v2.go
@ -338,11 +338,24 @@ func getConfig(ctx *types.SystemContext) (*V2RegistriesConf, error) {
 	configPath := ConfigPath(ctx)

 	configMutex.Lock()
-	defer configMutex.Unlock()
 	// if the config has already been loaded, return the cached registries
 	if config, inCache := configCache[configPath]; inCache {
+		configMutex.Unlock()
 		return config, nil
 	}
+	configMutex.Unlock()
+
+	return TryUpdatingCache(ctx)
+}
+
+// TryUpdatingCache loads the configuration from the provided `SystemContext`
+// without using the internal cache. On success, the loaded configuration will
+// be added into the internal registry cache.
+func TryUpdatingCache(ctx *types.SystemContext) (*V2RegistriesConf, error) {
+	configPath := ConfigPath(ctx)
+
+	configMutex.Lock()
+	defer configMutex.Unlock()

 	// load the config
 	config, err := loadRegistryConf(configPath)
--- a/vendor/github.com/containers/image/version/version.go
+++ b/vendor/github.com/containers/image/version/version.go
@ -4,14 +4,14 @@ import "fmt"

 const (
 	// VersionMajor is for an API incompatible changes
-	VersionMajor = 2
+	VersionMajor = 3
 	// VersionMinor is for functionality in a backwards-compatible manner
 	VersionMinor = 0
 	// VersionPatch is for backwards-compatible bug fixes
-	VersionPatch = 2
+	VersionPatch = 0

 	// VersionDev indicates development branch. Releases will be empty string.
-	VersionDev = "-dev"
+	VersionDev = ""
 )

 // Version is the specification version that the package types support.
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -26,7 +26,7 @@ github.com/VividCortex/ewma
 github.com/containerd/continuity/pathdriver
 # github.com/containers/buildah v1.8.4
 github.com/containers/buildah/pkg/unshare
-# github.com/containers/image v1.5.2-0.20190725091050-48acc3dcbb76
+# github.com/containers/image v3.0.0+incompatible
 github.com/containers/image/copy
 github.com/containers/image/directory
 github.com/containers/image/docker