github/skopeo
1
0
Fork 0
mirror of https://github.com/containers/skopeo.git synced 2025-09-23 19:07:03 +00:00
Code Issues Projects Releases Wiki Activity
2,607 Commits 19 Branches 102 Tags
7685acc2f7f2a6df804c8e97513a19133de205bc
Commit Graph

2607 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Miloslav Trmač
7685acc2f7 Merge pull request #2285 from mtrmac/integration-update-1.13 
[release-1.13] Backport #2280
 2024-04-10 20:08:13 +02:00
Miloslav Trmač
e6f176beca Freeze the fedora-minimal image reference at Fedora 38 
... because the tests are assuming a v2s2 image, but
as of Fedora 39, the image uses the OCI format.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
 2024-04-08 19:51:03 +02:00
Miloslav Trmač
f9e698aef7 Merge pull request #2150 from lsm5/release-1.13-cve-2023-39325 
[release-1.13] Fix for CVE-2023-39325
 2023-11-08 16:44:19 +01:00
Lokesh Mandvekar
55fcc610f3 Fix for CVE-2023-39325 
Updated golang.org/x/net to v0.17.0

Skopeo isn't affected by the vulnerability, but this change will help to
silence security scanners.

Ref: https://github.com/advisories/GHSA-4374-p667-p6c8

Signed-off-by: Lokesh Mandvekar <lsm5@redhat.com>
 2023-11-08 15:11:40 +05:30
Ashley Cui
5ec4b68f3c Merge pull request #2092 from TomSweeneyRedHat/dev/tsweeney/rhel8.9_9.3 
[release-1.13] Bump c/common v0.55.4, c/image v5.26.2, c/storage v1.48.1, Skopeo to v1.13.3, then v1.13.4-dev
 2023-08-24 16:48:43 -04:00
TomSweeneyRedHat
854f02f027 [release-1.13] Bump to v1.13.4-dev 
As the title says

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
 2023-08-24 15:33:58 -04:00
TomSweeneyRedHat
9e29e4cede [release-1.13] Bump to v1.13.3 
As the title says

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
v1.13.3 		2023-08-24 15:32:57 -04:00
TomSweeneyRedHat
daa7a6a589 [release-1.13] Bump c/image v5.26.2, c/storage v1.48.1, c/common v0.55.4 
As the title says.  In preparation for RHEL 8.9/9.3

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
 2023-08-24 15:27:27 -04:00
Miloslav Trmač
c831ed036e Merge pull request #2088 from lsm5/release-1.13-rpm-spdx-license 
[release-1.13 backport] rpm: spdx compatible license field
 2023-08-22 15:20:54 +02:00
Lokesh Mandvekar
6352b18963 rpm: spdx compatible license field 
The lowercase `and` in the License field isn't compatible with spdx
license format.

This commit replaces all `and` with `AND` in the License field in spec.

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
(cherry picked from commit b87a1b3e8e)
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-08-22 08:57:43 -04:00
Lokesh Mandvekar
3962416b35 RPM: define gobuild macro for rhel/centos stream 
The current gobuild macro doesn't account for build tags on both c9s and
c8s. This is currently causing copr build failures for c9s.

Ref: https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/build/6220412/

This commit will define gobuild for all those envs until gobuild is
fixed by default.

Refs:
c9s bz: https://bugzilla.redhat.com/show_bug.cgi?id=2227328
c8s bz: https://bugzilla.redhat.com/show_bug.cgi?id=2227331

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
(cherry picked from commit ab89207511)
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-08-10 14:42:41 -04:00
Miloslav Trmač
80d7d5b5ef Merge pull request #2076 from TomSweeneyRedHat/dev/tsweeney/commonbump 
[release-1.13] Bump c/common to v0.55.3, skopeo to 1.13.2 and 1.13.3-dev
 2023-08-10 20:11:13 +02:00
TomSweeneyRedHat
886bc00c49 [release-1.13] Bump to v1.13.3-dev 
As the title says

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
 2023-08-10 10:59:04 -04:00
TomSweeneyRedHat
24c0c3369d [release-1.13] Bump to v1.13.2 
As the title says.

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
v1.13.2 		2023-08-10 10:58:15 -04:00
TomSweeneyRedHat
ac1c77b894 [release-1.31] Bump c/common v0.55.3 
As the title says

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
 2023-08-10 10:56:07 -04:00
Miloslav Trmač
416218f501 Merge pull request #2053 from lsm5/release-1.13-packit-pre-sync-backport 
Packit: remove pre-sync action
 2023-07-20 23:21:21 +02:00
Lokesh Mandvekar
882b087b3a Packit: remove pre-sync action 
The pre-sync action constantly breaks and is currently not possible to
reliably test until the subsequent upstream release due to limitations
in packit.

The lines being added by the action script to the downstream Fedora spec
were only meant to keep Fedora happy. But given that they provide
no tangible benefit as github notifies us of security
issues in libraries mentioned in go.mod and go.sum, along with redhat
prodsec's own magic for creating security alerts, there's absolutely
no point to having the pre-sync action run and add a layer of uncertainty.

This commit removes the pre-sync action and
`rpm/update-spec-provides.sh`.

Ref: https://github.com/containers/podman/issues/19232

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
(cherry picked from commit a4aa15f4fa)
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-07-20 16:17:49 -04:00
Tom Sweeney
dbb7d4db50 Merge pull request #2050 from TomSweeneyRedHat/dev/tsweeney/1.13.1 
[release-1.13] Bump to v1.13.1
 2023-07-20 14:17:25 -04:00
TomSweeneyRedHat
3162e17e4d [release-1.13] Bump to v1.13.2-dev 
As the title says.  Bump back to a dev version.

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
 2023-07-19 19:30:27 -04:00
TomSweeneyRedHat
8ace37a410 [release-1.13] Bump to v1.13.1 
As the title says

In prep for Feature Freeze testing for RHEL 8.9/9.3

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
v1.13.1 		2023-07-19 19:28:55 -04:00
Miloslav Trmač
b8e070cbf3 Merge pull request #2049 from TomSweeneyRedHat/dev/tsweeney/com_055.2 
[release-1.13] Bump c/common to v0.55.2
 2023-07-20 00:58:09 +02:00
TomSweeneyRedHat
cac20311f1 [release-1.13] Bump c/common to v0.55.2 
Bump c/common to v0.55.2

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
 2023-07-19 18:01:42 -04:00
Lokesh Mandvekar
d5b1f34e26 [release-1.13 backport] [CI:BUILD] Packit: install golist before updating downstream spec 
The default Packit sandbox environment that runs Packit tasks for
downstream Fedora does not have golist installed by default and can't
run superuser tasks.

This commit will download and extract the golist binary from the Fedora
rpm and use it to provide golist.

The GOPATH mention in `rpm/update-spec-provides.sh` is only required for
golist to generate the gopaths and doesn't affect upstream or the rpm spec.

Currently, the only way to reliably test this is on an open github issue by running
`/packit propose-downstream`. This can't be run on an open PR.
The job-specific packit actions can only be tested via the packit
service and not via packit cli.

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
(cherry picked from commit a39972ca35)
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-07-11 15:48:20 -04:00
Daniel J Walsh
f30bf04e73 Merge pull request #2038 from TomSweeneyRedHat/dev/tsweeney/bumpver 
[release-1.13] Bump to v1.13.1-dev
 2023-07-10 09:27:27 -04:00
Tom Sweeney
85d99af242 [release-1.13] Bump to v1.13.1-dev 
As the title says.  Bumping the version to dev
in the 1.13 release branch.

[NO NEW TESTS NEEDED]

Signed-off-by: Tom Sweeney <tsweeney@redhat.com>
 2023-07-06 10:48:31 -04:00
Tom Sweeney
8b9999e1d5 Bump to v1.13.0 
As the title says.  In preparation of RHEL 8.9/9.3

[NO NEW TESTS NEEDED]

Signed-off-by: Tom Sweeney <tsweeney@redhat.com>
v1.13.0 		2023-07-05 16:16:38 -04:00
Colin Walters
71a15da6f2 Merge pull request #2029 from RishabhSaini/sig 
proxy: Policy verification of OCI Image before pulling
 2023-07-04 16:11:00 -04:00
RishabhSaini
4de3a90fa2 proxy: Policy verification of OCI Image before pulling 
Signed-off-by: RishabhSaini <rsaini@redhat.com>
 2023-07-04 10:42:11 -04:00
Miloslav Trmač
ce2780feac Merge pull request #2032 from containers/renovate/github.com-opencontainers-image-spec-1.x 
Update module github.com/opencontainers/image-spec to v1.1.0-rc4
 2023-06-30 21:48:57 +02:00
renovate[bot]
e9303879a8 Update module github.com/opencontainers/image-spec to v1.1.0-rc4 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-30 18:30:59 +00:00
Miloslav Trmač
2d83db01a4 Merge pull request #2028 from containers/renovate/github.com-containers-common-0.x 
Update module github.com/containers/common to v0.55.1
 2023-06-30 18:51:48 +02:00
renovate[bot]
3d8d212869 Update module github.com/containers/common to v0.55.1 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-30 14:18:42 +00:00
Miloslav Trmač
f95931d656 Merge pull request #2027 from containers/renovate/github.com-containers-common-0.x 
Update module github.com/containers/common to v0.54.0
 2023-06-29 18:16:41 +02:00
renovate[bot]
bfa04ea246 Update module github.com/containers/common to v0.54.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-28 23:02:07 +00:00
Miloslav Trmač
7f5b970fb1 Merge pull request #2025 from containers/renovate/github.com-containers-image-v5-5.x 
Update module github.com/containers/image/v5 to v5.26.0
 2023-06-28 21:20:35 +02:00
renovate[bot]
1d5458fa7c Update module github.com/containers/image/v5 to v5.26.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-28 19:04:12 +00:00
Miloslav Trmač
bf7ae0a5d5 Merge pull request #2026 from lsm5/rpm-eln-fix 
[CI:BUILD] RPM: fix ELN builds
 2023-06-28 21:03:09 +02:00
Lokesh Mandvekar
290a76309d [CI:BUILD] RPM: fix ELN builds 
For Fedora, we need to ensure ELN builds are successful.

The recent skopeo builds have been failing on copr because of
/usr/bin/go-md2man being available via different package names.
https://copr.fedorainfracloud.org/coprs/rhcontainerbot/podman-next/build/6119200/

This commit changes go-md2man dependency directly on the
binary path instead of a pacakge.

ELN scratch builds are now successful:
https://koji.fedoraproject.org/koji/taskinfo?taskID=102706281

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-06-28 09:55:41 -04:00
Miloslav Trmač
9ba48ec8eb Merge pull request #2024 from containers/renovate/github.com-containers-storage-1.x 
Update module github.com/containers/storage to v1.47.0
 2023-06-27 19:38:34 +02:00
renovate[bot]
d72d53cc51 Update module github.com/containers/storage to v1.47.0 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-27 00:12:20 +00:00
Tom Sweeney
32da299965 Merge pull request #2017 from lsm5/packit-cleanup 
Packit: easier to read distro conditionals
 2023-06-26 17:25:13 -04:00
Lokesh Mandvekar
0297033e0e Packit: easier to read distro conditionals 
Distro conditionals have been rewritten in a cleaner
and easier to read way.

All `bcond` macros have been replaced with friendlier alternatives.

Also removed macros related to `import_path` as they are no longer
necessary.

update-spec-provides.sh has been updated to account for possible build
issues in downstream tasks which won't be noticed until a downstream
release.

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
 2023-06-26 15:04:50 -04:00
Miloslav Trmač
3fcaddad2c Merge pull request #2022 from containers/renovate/golangci-golangci-lint-1.x 
Update dependency golangci/golangci-lint to v1.53.3
 2023-06-23 00:09:47 +02:00
renovate[bot]
03a1913298 Update dependency golangci/golangci-lint to v1.53.3 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-22 19:40:57 +00:00
Chris Evich
653539719a Merge pull request #2021 from cevich/renovate_golang_ci_lint 
Help Renovate manage the golangci-lint version
 2023-06-22 14:31:14 -04:00
Chris Evich
c04ee48bcb Help Renovate manage the golangci-lint version 
It's a bit cumbersome to manage a tooling version buried deep in a
command, let alone one also buried deep in a `Makefile`.  Add a
variable to hold the version number so renovate can easily manage it.
This happens via a `regex` manager in the shared configuration
include `containers/automation//renovate/defaults.json5`.  Also add a
helpful note/reminder to humans who may want to manually change the
version for some reason.

Depends on: https://github.com/containers/automation/pull/145

Signed-off-by: Chris Evich <cevich@redhat.com>
 2023-06-21 15:33:14 -04:00
Chris Evich
37a81ea7a0 Minor: Cleanup renovate configuration 
Assigning to a group isn't supported in github.  Renove this section and
the golang section (all options moved into defaults.json5).

Signed-off-by: Chris Evich <cevich@redhat.com>
 2023-06-21 15:33:14 -04:00
Miloslav Trmač
caf8c552c6 Merge pull request #2016 from containers/renovate/major-ci-vm-image 
Update dependency containers/automation_images to v20230614
 2023-06-14 19:39:59 +02:00
renovate[bot]
e2174f1764 Update dependency containers/automation_images to v20230614 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-06-14 16:57:53 +00:00
Miloslav Trmač
c41f148fe9 Merge pull request #2015 from containers/renovate/golang.org-x-term-0.x 
Update module golang.org/x/term to v0.9.0
 2023-06-14 18:57:27 +02:00