Update c/image from the main branch

> go get github.com/containers/image/v5@main
> make vendor

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

vendor/github.com/sylabs/sif/v2/LICENSE.md

@@ -1,6 +1,6 @@
 # LICENSE
 
-Copyright (c) 2018-2022, Sylabs Inc. All rights reserved.
+Copyright (c) 2018-2023, Sylabs Inc. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are met:

vendor/github.com/sylabs/sif/v2/pkg/sif/create.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2018-2022, Sylabs Inc. All rights reserved.
+// Copyright (c) 2018-2023, Sylabs Inc. All rights reserved.
 // Copyright (c) 2017, SingularityWare, LLC. All rights reserved.
 // Copyright (c) 2017, Yannick Cote <yhcote@gmail.com> All rights reserved.
 // This software is licensed under a 3-clause BSD license. Please consult the
@@ -69,7 +69,7 @@ func (f *FileImage) writeDataObject(i int, di DescriptorInput, t time.Time) erro
 
 	// If this is a primary partition, verify there isn't another primary partition, and update the
 	// architecture in the global header.
-	if p, ok := di.opts.extra.(partition); ok && p.Parttype == PartPrimSys {
+	if p, ok := di.opts.md.(partition); ok && p.Parttype == PartPrimSys {
 		if ds, err := f.GetDescriptors(WithPartitionType(PartPrimSys)); err == nil && len(ds) > 0 {
 			return errPrimaryPartition
 		}
@@ -251,7 +251,7 @@ func createContainer(rw ReadWriter, co createOpts) (*FileImage, error) {
 // By default, the image ID is set to a randomly generated value. To override this, consider using
 // OptCreateDeterministic or OptCreateWithID.
 //
-// By default, the image creation time is set to time.Now(). To override this, consider using
+// By default, the image creation time is set to the current time. To override this, consider using
 // OptCreateDeterministic or OptCreateWithTime.
 //
 // By default, the image will support a maximum of 48 descriptors. To change this, consider using
@@ -296,7 +296,7 @@ func CreateContainer(rw ReadWriter, opts ...CreateOpt) (*FileImage, error) {
 // By default, the image ID is set to a randomly generated value. To override this, consider using
 // OptCreateDeterministic or OptCreateWithID.
 //
-// By default, the image creation time is set to time.Now(). To override this, consider using
+// By default, the image creation time is set to the current time. To override this, consider using
 // OptCreateDeterministic or OptCreateWithTime.
 //
 // By default, the image will support a maximum of 48 descriptors. To change this, consider using
@@ -393,11 +393,13 @@ func OptAddWithTime(t time.Time) AddOpt {
 
 // AddObject adds a new data object and its descriptor into the specified SIF file.
 //
-// By default, the image modification time is set to the current time. To override this, consider
-// using OptAddDeterministic or OptAddWithTime.
+// By default, the image modification time is set to the current time for non-deterministic images,
+// and unset otherwise. To override this, consider using OptAddDeterministic or OptAddWithTime.
 func (f *FileImage) AddObject(di DescriptorInput, opts ...AddOpt) error {
-	ao := addOpts{
-		t: time.Now(),
+	ao := addOpts{}
+
+	if !f.isDeterministic() {
+		ao.t = time.Now()
 	}
 
 	for _, opt := range opts {
@@ -449,11 +451,7 @@ func (f *FileImage) isLast(d *rawDescriptor) bool {
 func (f *FileImage) truncateAt(d *rawDescriptor) error {
 	start := d.Offset + d.Size - d.SizeWithPadding
 
-	if err := f.rw.Truncate(start); err != nil {
-		return err
-	}
-
-	return nil
+	return f.rw.Truncate(start)
 }
 
 // deleteOpts accumulates object deletion options.
@@ -506,11 +504,14 @@ var errCompactNotImplemented = errors.New("compact not implemented for non-last
 // To zero the data region of the deleted object, use OptDeleteZero. To compact the file following
 // object deletion, use OptDeleteCompact.
 //
-// By default, the image modification time is set to time.Now(). To override this, consider using
-// OptDeleteDeterministic or OptDeleteWithTime.
+// By default, the image modification time is set to the current time for non-deterministic images,
+// and unset otherwise. To override this, consider using OptDeleteDeterministic or
+// OptDeleteWithTime.
 func (f *FileImage) DeleteObject(id uint32, opts ...DeleteOpt) error {
-	do := deleteOpts{
-		t: time.Now(),
+	do := deleteOpts{}
+
+	if !f.isDeterministic() {
+		do.t = time.Now()
 	}
 
 	for _, opt := range opts {
@@ -596,11 +597,14 @@ var (
 
 // SetPrimPart sets the specified system partition to be the primary one.
 //
-// By default, the image/object modification times are set to time.Now(). To override this,
-// consider using OptSetDeterministic or OptSetWithTime.
+// By default, the image/object modification times are set to the current time for
+// non-deterministic images, and unset otherwise. To override this, consider using
+// OptSetDeterministic or OptSetWithTime.
 func (f *FileImage) SetPrimPart(id uint32, opts ...SetOpt) error {
-	so := setOpts{
-		t: time.Now(),
+	so := setOpts{}
+
+	if !f.isDeterministic() {
+		so.t = time.Now()
 	}
 
 	for _, opt := range opts {
@@ -636,9 +640,6 @@ func (f *FileImage) SetPrimPart(id uint32, opts ...SetOpt) error {
 	if err != nil && !errors.Is(err, ErrObjectNotFound) {
 		return fmt.Errorf("%w", err)
 	}
-
-	f.h.Arch = getSIFArch(arch)
-
 	extra := partition{
 		Fstype:   fs,
 		Parttype: PartPrimSys,
@@ -649,6 +650,8 @@ func (f *FileImage) SetPrimPart(id uint32, opts ...SetOpt) error {
 		return fmt.Errorf("%w", err)
 	}
 
+	descr.ModifiedAt = so.t.Unix()
+
 	if olddescr != nil {
 		oldfs, _, oldarch, err := olddescr.getPartitionMetadata()
 		if err != nil {
@@ -664,12 +667,15 @@ func (f *FileImage) SetPrimPart(id uint32, opts ...SetOpt) error {
 		if err := olddescr.setExtra(oldextra); err != nil {
 			return fmt.Errorf("%w", err)
 		}
+
+		olddescr.ModifiedAt = so.t.Unix()
 	}
 
 	if err := f.writeDescriptors(); err != nil {
 		return fmt.Errorf("%w", err)
 	}
 
+	f.h.Arch = getSIFArch(arch)
 	f.h.ModifiedAt = so.t.Unix()
 
 	if err := f.writeHeader(); err != nil {

vendor/github.com/sylabs/sif/v2/pkg/sif/descriptor.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2018-2022, Sylabs Inc. All rights reserved.
+// Copyright (c) 2018-2023, Sylabs Inc. All rights reserved.
 // Copyright (c) 2017, SingularityWare, LLC. All rights reserved.
 // Copyright (c) 2017, Yannick Cote <yhcote@gmail.com> All rights reserved.
 // This software is licensed under a 3-clause BSD license. Please consult the
@@ -10,6 +10,7 @@ package sif
 import (
 	"bytes"
 	"crypto"
+	"encoding"
 	"encoding/binary"
 	"errors"
 	"fmt"
@@ -44,6 +45,11 @@ type partition struct {
 	Arch     archType
 }
 
+// MarshalBinary encodes p into binary format.
+func (p partition) MarshalBinary() ([]byte, error) {
+	return binaryMarshaler{p}.MarshalBinary()
+}
+
 // signature represents the SIF signature data object descriptor.
 type signature struct {
 	Hashtype hashType
@@ -61,6 +67,26 @@ type sbom struct {
 	Format SBOMFormat
 }
 
+// The binaryMarshaler type is an adapter that allows a type suitable for use with the
+// encoding/binary package to be used as an encoding.BinaryMarshaler.
+type binaryMarshaler struct{ any }
+
+// MarshalBinary encodes m into binary format.
+func (m binaryMarshaler) MarshalBinary() ([]byte, error) {
+	var b bytes.Buffer
+	err := binary.Write(&b, binary.LittleEndian, m.any)
+	return b.Bytes(), err
+}
+
+// The binaryUnmarshaler type is an adapter that allows a type suitable for use with the
+// encoding/binary package to be used as an encoding.BinaryUnmarshaler.
+type binaryUnmarshaler struct{ any }
+
+// UnmarshalBinary decodes b into u.
+func (u binaryUnmarshaler) UnmarshalBinary(b []byte) error {
+	return binary.Read(bytes.NewReader(b), binary.LittleEndian, u.any)
+}
+
 var errNameTooLarge = errors.New("name value too large")
 
 // setName encodes name into the name field of d.
@@ -78,28 +104,33 @@ func (d *rawDescriptor) setName(name string) error {
 
 var errExtraTooLarge = errors.New("extra value too large")
 
-// setExtra encodes v into the extra field of d.
-func (d *rawDescriptor) setExtra(v interface{}) error {
-	if v == nil {
+// setExtra marshals metadata from md into the "extra" field of d.
+func (d *rawDescriptor) setExtra(md encoding.BinaryMarshaler) error {
+	if md == nil {
 		return nil
 	}
 
-	if binary.Size(v) > len(d.Extra) {
-		return errExtraTooLarge
-	}
-
-	b := new(bytes.Buffer)
-	if err := binary.Write(b, binary.LittleEndian, v); err != nil {
+	extra, err := md.MarshalBinary()
+	if err != nil {
 		return err
 	}
 
-	for i := copy(d.Extra[:], b.Bytes()); i < len(d.Extra); i++ {
+	if len(extra) > len(d.Extra) {
+		return errExtraTooLarge
+	}
+
+	for i := copy(d.Extra[:], extra); i < len(d.Extra); i++ {
 		d.Extra[i] = 0
 	}
 
 	return nil
 }
 
+// getExtra unmarshals metadata from the "extra" field of d into md.
+func (d *rawDescriptor) getExtra(md encoding.BinaryUnmarshaler) error {
+	return md.UnmarshalBinary(d.Extra[:])
+}
+
 // getPartitionMetadata gets metadata for a partition data object.
 func (d rawDescriptor) getPartitionMetadata() (FSType, PartType, string, error) {
 	if got, want := d.DataType, DataPartition; got != want {
@@ -108,9 +139,8 @@ func (d rawDescriptor) getPartitionMetadata() (FSType, PartType, string, error)
 
 	var p partition
 
-	b := bytes.NewReader(d.Extra[:])
-	if err := binary.Read(b, binary.LittleEndian, &p); err != nil {
-		return 0, 0, "", fmt.Errorf("%w", err)
+	if err := d.getExtra(binaryUnmarshaler{&p}); err != nil {
+		return 0, 0, "", err
 	}
 
 	return p.Fstype, p.Parttype, p.Arch.GoArch(), nil
@@ -168,11 +198,23 @@ func (d Descriptor) ModifiedAt() time.Time { return time.Unix(d.raw.ModifiedAt,
 // Name returns the name of the data object.
 func (d Descriptor) Name() string { return strings.TrimRight(string(d.raw.Name[:]), "\000") }
 
+// GetMetadata unmarshals metadata from the "extra" field of d into md.
+func (d Descriptor) GetMetadata(md encoding.BinaryUnmarshaler) error {
+	if err := d.raw.getExtra(md); err != nil {
+		return fmt.Errorf("%w", err)
+	}
+	return nil
+}
+
 // PartitionMetadata gets metadata for a partition data object.
 //
 //nolint:nonamedreturns // Named returns effective as documentation.
 func (d Descriptor) PartitionMetadata() (fs FSType, pt PartType, arch string, err error) {
-	return d.raw.getPartitionMetadata()
+	fs, pt, arch, err = d.raw.getPartitionMetadata()
+	if err != nil {
+		return 0, 0, "", fmt.Errorf("%w", err)
+	}
+	return fs, pt, arch, err
 }
 
 var errHashUnsupported = errors.New("hash algorithm unsupported")
@@ -204,8 +246,7 @@ func (d Descriptor) SignatureMetadata() (ht crypto.Hash, fp []byte, err error) {
 
 	var s signature
 
-	b := bytes.NewReader(d.raw.Extra[:])
-	if err := binary.Read(b, binary.LittleEndian, &s); err != nil {
+	if err := d.raw.getExtra(binaryUnmarshaler{&s}); err != nil {
 		return ht, fp, fmt.Errorf("%w", err)
 	}
 
@@ -232,8 +273,7 @@ func (d Descriptor) CryptoMessageMetadata() (FormatType, MessageType, error) {
 
 	var m cryptoMessage
 
-	b := bytes.NewReader(d.raw.Extra[:])
-	if err := binary.Read(b, binary.LittleEndian, &m); err != nil {
+	if err := d.raw.getExtra(binaryUnmarshaler{&m}); err != nil {
 		return 0, 0, fmt.Errorf("%w", err)
 	}
 
@@ -248,8 +288,7 @@ func (d Descriptor) SBOMMetadata() (SBOMFormat, error) {
 
 	var s sbom
 
-	b := bytes.NewReader(d.raw.Extra[:])
-	if err := binary.Read(b, binary.LittleEndian, &s); err != nil {
+	if err := d.raw.getExtra(binaryUnmarshaler{&s}); err != nil {
 		return 0, fmt.Errorf("%w", err)
 	}
 

vendor/github.com/sylabs/sif/v2/pkg/sif/descriptor_input.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2021-2022, Sylabs Inc. All rights reserved.
+// Copyright (c) 2021-2023, Sylabs Inc. All rights reserved.
 // This software is licensed under a 3-clause BSD license. Please consult the
 // LICENSE file distributed with the sources of this project regarding your
 // rights to use or distribute this software.
@@ -7,6 +7,7 @@ package sif
 
 import (
 	"crypto"
+	"encoding"
 	"errors"
 	"fmt"
 	"io"
@@ -19,7 +20,7 @@ type descriptorOpts struct {
 	linkID    uint32
 	alignment int
 	name      string
-	extra     interface{}
+	md        encoding.BinaryMarshaler
 	t         time.Time
 }
 
@@ -92,6 +93,14 @@ func OptObjectTime(t time.Time) DescriptorInputOpt {
 	}
 }
 
+// OptMetadata marshals metadata from md into the "extra" field of d.
+func OptMetadata(md encoding.BinaryMarshaler) DescriptorInputOpt {
+	return func(t DataType, opts *descriptorOpts) error {
+		opts.md = md
+		return nil
+	}
+}
+
 type unexpectedDataTypeError struct {
 	got  DataType
 	want []DataType
@@ -155,7 +164,7 @@ func OptCryptoMessageMetadata(ft FormatType, mt MessageType) DescriptorInputOpt
 			Messagetype: mt,
 		}
 
-		opts.extra = m
+		opts.md = binaryMarshaler{m}
 		return nil
 	}
 }
@@ -184,7 +193,7 @@ func OptPartitionMetadata(fs FSType, pt PartType, arch string) DescriptorInputOp
 			Arch:     sifarch,
 		}
 
-		opts.extra = p
+		opts.md = p
 		return nil
 	}
 }
@@ -221,7 +230,7 @@ func OptSignatureMetadata(ht crypto.Hash, fp []byte) DescriptorInputOpt {
 		}
 		copy(s.Entity[:], fp)
 
-		opts.extra = s
+		opts.md = binaryMarshaler{s}
 		return nil
 	}
 }
@@ -239,7 +248,7 @@ func OptSBOMMetadata(f SBOMFormat) DescriptorInputOpt {
 			Format: f,
 		}
 
-		opts.extra = s
+		opts.md = binaryMarshaler{s}
 		return nil
 	}
 }
@@ -259,7 +268,8 @@ const DefaultObjectGroup = 1
 //
 // It is possible (and often necessary) to store additional metadata related to certain types of
 // data objects. Consider supplying options such as OptCryptoMessageMetadata, OptPartitionMetadata,
-// OptSignatureMetadata, and OptSBOMMetadata for this purpose.
+// OptSignatureMetadata, and OptSBOMMetadata for this purpose. To set custom metadata, use
+// OptMetadata.
 //
 // By default, the data object will be placed in the default data object group (1). To override
 // this behavior, use OptNoGroup or OptGroupID. To link this data object, use OptLinkedID or
@@ -317,5 +327,5 @@ func (di DescriptorInput) fillDescriptor(t time.Time, d *rawDescriptor) error {
 		return err
 	}
 
-	return d.setExtra(di.opts.extra)
+	return d.setExtra(di.opts.md)
 }

vendor/github.com/sylabs/sif/v2/pkg/sif/sif.go

@@ -1,4 +1,4 @@
-// Copyright (c) 2018-2022, Sylabs Inc. All rights reserved.
+// Copyright (c) 2018-2023, Sylabs Inc. All rights reserved.
 // Copyright (c) 2017, SingularityWare, LLC. All rights reserved.
 // Copyright (c) 2017, Yannick Cote <yhcote@gmail.com> All rights reserved.
 // This software is licensed under a 3-clause BSD license. Please consult the
@@ -402,3 +402,9 @@ func (f *FileImage) DataSize() int64 { return f.h.DataSize }
 func (f *FileImage) GetHeaderIntegrityReader() io.Reader {
 	return f.h.GetIntegrityReader()
 }
+
+// isDeterministic returns true if the UUID and timestamps in the header of f are set to
+// deterministic values.
+func (f *FileImage) isDeterministic() bool {
+	return f.h.ID == uuid.Nil && f.CreatedAt().IsZero() && f.ModifiedAt().IsZero()
+}