skopeo

mirror of https://github.com/containers/skopeo.git synced 2025-06-28 23:57:51 +00:00

Author	SHA1	Message	Date
Miloslav Trmač	168f8d648a	Merge pull request #1684 from lsm5/rpmspec-syntax-highlight-fix [CI:DOCS] skopeo.spec.rpkg: Fix syntax highlighting	2022-06-17 20:35:21 +02:00
Lokesh Mandvekar	fe0228095b	[CI:DOCS] skopeo.spec.rpkg: Fix syntax highlighting For whatever reason, the comment rearrangement is required for vim rpm synatx highlighting to work. Also added a comment pointing out where additional comments should go. :) Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2022-06-17 10:14:57 -04:00
Daniel J Walsh	14650880c8	Merge pull request #1679 from mtrmac/test-registry-2.8.1-from-image Use an updated CI image with OCI-capable registry	2022-06-17 06:06:22 -04:00
Miloslav Trmač	e7363a2e30	Merge pull request #1682 from lsm5/rpkg-doc-update [CI:DOCS] Makefile: include cautionary note for rpm target	2022-06-16 21:38:02 +02:00
Lokesh Mandvekar	71d450cb35	[CI:DOCS] Makefile: include cautionary note for rpm target Also add same warning to skopeo.spec.rpkg Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2022-06-16 15:36:06 -04:00
Lokesh Mandvekar	3738854467	CoPR: Autobuild rpm on rhcontainerbot/podman-next The new file `skopeo.spec.rpkg` along with a webhook will automatically build rpms on every PR merge on the main branch. Run `rpkg local` or `make rpm` to generate the rpm. Known issue: Doesn't yet build for EL8 environments. Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2022-06-16 15:27:39 -04:00
Miloslav Trmač	38f4b9d032	Enable schema1 support on the test registries We expect schema1 images to work. Also, docker/distribution doesn't provide useful errors for rejected schema1 images ( https://github.com/distribution/distribution/issues/2925 ), which makes it impractical for Skopeo to automatically convert schema1 to schema2. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-06-16 20:27:05 +02:00
Miloslav Trmač	1b5fb465be	Update for docker/distribution CLI change Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-06-16 20:27:05 +02:00
Miloslav Trmač	e9ed5e04e2	Use an updated CI image ... from https://github.com/containers/automation_images/pull/137 . This updates the docker/distribution registry to 2.8.1, allowing it to accept OCI images. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-06-16 20:27:01 +02:00
Daniel J Walsh	f2c1d77c57	Merge pull request #1672 from mtrmac/non-artifact-oci-repo Change a repo used for sync tests	2022-06-11 05:52:07 -04:00
Miloslav Trmač	bbdabebd17	Change a repo used for sync tests The k8s.gcr.io/coredns/coredns repo now contains an OCI artifact, which we can't copy; so, use a different repo to test syncing. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-06-11 03:15:14 +02:00
Daniel J Walsh	4b5e6327cd	Merge pull request #1667 from mtrmac/go1.17 Update to benefit from Go 1.17	2022-06-09 11:11:51 -04:00
Miloslav Trmač	92c0d0c09d	Use testing.T.Setenv instead of os.Setenv in tests ... to benefit from Go 1.17. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-06-08 16:57:06 +02:00
Miloslav Trmač	a3a72342f2	Update go.mod to Go 1.17 > go mod tidy -go=1.17 > make vendor Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-06-08 16:46:38 +02:00
Miloslav Trmač	14a3b9241e	Merge pull request #1666 from containers/dependabot/go_modules/github.com/docker/docker-20.10.17incompatible Bump github.com/docker/docker from 20.10.16+incompatible to 20.10.17+incompatible	2022-06-07 15:59:14 +02:00
dependabot[bot]	e9379d15d2	Bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.16+incompatible to 20.10.17+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.16...v20.10.17) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-07 08:19:08 +00:00
Miloslav Trmač	eb61a79dde	Merge pull request #1664 from containers/dependabot/go_modules/github.com/stretchr/testify-1.7.2 Bump github.com/stretchr/testify from 1.7.1 to 1.7.2	2022-06-06 17:31:50 +02:00
dependabot[bot]	69840fd082	Bump github.com/stretchr/testify from 1.7.1 to 1.7.2 Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-06 14:50:42 +00:00
Daniel J Walsh	dc905cb7be	Merge pull request #1663 from containers/dependabot/go_modules/github.com/containers/ocicrypt-1.1.5 Bump github.com/containers/ocicrypt from 1.1.4 to 1.1.5	2022-06-06 08:05:31 -04:00
dependabot[bot]	63622bc7c4	Bump github.com/containers/ocicrypt from 1.1.4 to 1.1.5 Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.1.4 to 1.1.5. - [Release notes](https://github.com/containers/ocicrypt/releases) - [Commits](https://github.com/containers/ocicrypt/compare/v1.1.4...v1.1.5) --- updated-dependencies: - dependency-name: github.com/containers/ocicrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-06 08:16:08 +00:00
Chris Evich	02ae5c2af5	Merge pull request #1658 from lsm5/ubuntu-2204-lts-cirrus Cirrus: use Ubuntu 22.04 LTS	2022-05-31 13:37:11 -04:00
Lokesh Mandvekar	6b58459829	Cirrus: use Ubuntu 22.04 LTS Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>	2022-05-31 13:03:56 -04:00
Valentin Rothberg	a5d4e6655d	Merge pull request #1655 from mtrmac/runc-1.1.2 Update to github.com/opencontainers/runc >= 1.1.2	2022-05-31 09:09:11 +02:00
Miloslav Trmač	00a58e48b1	Update to github.com/opencontainers/runc >= 1.1.2 ... to silence Dependabot alerts about CVE-2022-29162 = GHSA-f3fp-gc8g-vw66. Note that the vulnerable code is not actually included in Skopeo at all, this is purely to silence imprecise vulnerability checkers. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-05-31 01:23:51 +02:00
Miloslav Trmač	db663df804	Merge pull request #1659 from Luap99/make-completions fix make completions for all POSIX shells	2022-05-30 15:00:14 +02:00
Paul Holzinger	263a5f017f	fix make completions for all POSIX shells The {a,b} syntax is not POSIX compatible. The Makefile should run with all POSIX shells so we cannot use shell specific features like this. Fixes #1657 Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2022-05-30 14:38:56 +02:00
Valentin Rothberg	47afd101f0	Merge pull request #1656 from mtrmac/yaml-3.0.0 Update to gopkg.in/yaml.v3 v3.0.0	2022-05-30 11:38:26 +02:00
Miloslav Trmač	0a3be734a9	Update to gopkg.in/yaml.v3 v3.0.0 ... to include a fix for CVE-2022-28948 = GHSA-hp87-p4gw-j4gq . Note that the package is only used for Skopeo's tests, so Skopeo's users can't reach the vulnerable code. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-05-26 20:30:59 +02:00
Chris Evich	e8a3064328	Merge pull request #1652 from cevich/fix_gha_security [CI:DOCS] Pin actions to a full length commit SHA	2022-05-26 14:28:01 -04:00
Máirín Duffy	0ad7ec2402	Updated skopeo logo with new artwork Signed-off-by: Máirín Duffy <duffy@redhat.com>	2022-05-25 13:39:05 -04:00
Chris Evich	014d47f396	[CI:DOCS] Pin actions to a full length commit SHA + Pin actions to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload. Ref: https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions + Explicitly set permissions for actions to minimum required. The defaults are (unfortunately) overly permissive: Ref: https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token Signed-off-by: Chris Evich <cevich@redhat.com>	2022-05-25 11:29:18 -04:00
Daniel J Walsh	0fa1b5038f	Merge pull request #1649 from mtrmac/gpgme-native-pkg-config Stop calling gpgme-config	2022-05-23 23:32:14 -04:00
Miloslav Trmač	1add7a81d7	Merge pull request #1647 from Luap99/completion use spf13/cobra to generate shell completions	2022-05-23 19:22:10 +02:00
Paul Holzinger	d78bc82782	shell completion: add completion for transports names Make sure skopeo copy/inspect/delete show the transport names when shell completion is used to not regress compared to the old bash completion script. In theory I would highly recommend to set completion functions for every flag and command. This can be ensured with a test like this: https://github.com/containers/podman/blob/main/cmd/podman/shell_completion_test.go But this is a lot of work to get right and I am neither a skopeo user or maintainer so I am missing a lot of context for most options. I think this would be better handled by a person who knows skopeo better. Normally options should either use AutocompleteNone() or AutocompleteDefault() from c/common/pkg/completion. Even better would be to add custom completion functions for arguments that only accept fixed values, see AutocompleteSupportedTransports() in this commit. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2022-05-23 18:47:51 +02:00
Paul Holzinger	6c2a415f6c	shell completion: add install instructions docs Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2022-05-23 18:47:51 +02:00
Paul Holzinger	9bed0a9e9a	shell completion: add Makefile target Add target to generate the shell scripts and a target to install them. Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2022-05-23 18:47:46 +02:00
Miloslav Trmač	ebc5573e83	Stop calling gpgme-config As of the just-updated github.com/proglottis/gpgme 0.1.2, the gpgme subpackage uses CGo's native #cgo pkg-config support to find the relevant libraries, and we no longer need to manually set CGO_CFLAGS and CGO_LDFLAGS. So stop doing that. Note that the proglottis/gpgme update (implied by vendoring c/image) means the minimal supported version of GPGME is 1.13.0. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-05-19 22:03:26 +02:00
Miloslav Trmač	1ebb2520ca	Update c/image ... to bring in github.com/proglottis/gpgme 0.1.2. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-05-19 21:59:36 +02:00
Miloslav Trmač	9b4c1f15f5	Remove cgo_pthread_ordering_workaround.go Per https://bugzilla.redhat.com/show_bug.cgi?id=1326903 and https://sourceware.org/bugzilla/show_bug.cgi?id=19861#c9 , this was fixed in Glibc 2.24 . Removing this will also allow us not to worry about LDFLAGS necessary to make -lgpgme work. Signed-off-by: Miloslav Trmač <mitr@redhat.com>	2022-05-19 21:54:07 +02:00
Paul Holzinger	6863fe2d35	add completion command to generate shell completion scripts Use the cobra lib to automatically generate shell completion scripts. We can use the completion command which is automatically added, since it is not importent for most users we hide it. To test the new script on bash you can use `source <(bin/skopeo completion bash)` Signed-off-by: Paul Holzinger <pholzing@redhat.com>	2022-05-19 16:56:21 +02:00
Miloslav Trmač	4b924061b8	Merge pull request #1644 from containers/dependabot/go_modules/github.com/docker/docker-20.10.16incompatible Bump github.com/docker/docker from 20.10.15+incompatible to 20.10.16+incompatible	2022-05-13 18:09:45 +02:00
dependabot[bot]	3eca480c2b	Bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.15+incompatible to 20.10.16+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.15...v20.10.16) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-13 08:17:07 +00:00
Miloslav Trmač	149bb8a671	Merge pull request #1643 from containers/dependabot/go_modules/github.com/containers/storage-1.41.0 Bump github.com/containers/storage from 1.40.2 to 1.41.0	2022-05-12 18:10:19 +02:00
dependabot[bot]	149dea8dce	Bump github.com/containers/storage from 1.40.2 to 1.41.0 Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.40.2 to 1.41.0. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/main/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.40.2...v1.41.0) --- updated-dependencies: - dependency-name: github.com/containers/storage dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-12 08:10:20 +00:00
Daniel J Walsh	a90efa2d60	Merge pull request #1642 from dfr/freebsd-config Config files live in /usr/local/etc on FreeBSD (highlight in release notes!)	2022-05-10 16:13:39 -04:00
Doug Rabson	804f7c249d	Avoid hard-coding the location of bash On FreeBSD, bash lives in /usr/local/bin/bash. These scripts don't really depend on bash so could be changed to /bin/sh. Signed-off-by: Doug Rabson <dfr@rabson.org>	2022-05-10 11:24:45 +01:00
Doug Rabson	e47765ed9e	Config files live in /usr/local/etc on FreeBSD Signed-off-by: Doug Rabson <dfr@rabson.org>	2022-05-10 10:37:29 +01:00
Miloslav Trmač	0c6074db50	Merge pull request #1640 from containers/dependabot/go_modules/github.com/docker/docker-20.10.15incompatible Bump github.com/docker/docker from 20.10.14+incompatible to 20.10.15+incompatible	2022-05-09 20:03:20 +02:00
dependabot[bot]	13ceb93bdf	Bump github.com/docker/docker Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.14+incompatible to 20.10.15+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md) - [Commits](https://github.com/docker/docker/compare/v20.10.14...v20.10.15) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-07 12:22:43 +00:00
Daniel J Walsh	30446fae02	Merge pull request #1641 from rhatdan/main Bump to v1.8.0	2022-05-07 08:21:40 -04:00

... 17 18 19 20 21 ...

3075 Commits