Commit Graph

2595 Commits

Author SHA1 Message Date
Daniel J Walsh
fffdc1f9df
Merge pull request #1696 from jsoref/irc
Update IRC information
2022-07-01 07:02:58 -04:00
Daniel J Walsh
f75d570709
Merge pull request #1698 from mtrmac/pkg_errors
Error handling cleanups, and drop pkg/errors
2022-07-01 07:02:23 -04:00
Miloslav Trmač
7900440ac9 Use errors.As() instead of direct type checks
... to be a bit more robust against unexpected error wrapping.

Also be a little more idiomatic on the sync error handling path.

Should not change behavior, assuming the previous code was correct.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-30 21:40:46 +02:00
Miloslav Trmač
c654871bd9 Remove uses of pkg/errors
This is clearly safe because the changes are
mostly top-level CLI where nothing is checking
the type of the error.

Even in that case, use %w for idiomatic consistency
(and to make it easier to possibly move some code into a Go library.)

Mostly mechanical, but note the changes to error handling of .Close():
we use %w for the primary error, not for the close error.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-30 21:00:40 +02:00
Miloslav Trmač
7abcca9313 Modify error messages on failures to close
- Use a wrapping wording similar to c/image; it's slightly
  awkward at the start of the error message, but those should
  hopefully be rare.
- Notably, distinguish the three failure paths in (skopeo layers).

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-30 20:30:40 +02:00
Miloslav Trmač
f7df4a0838 Introduce noteCloseFailure, use it for reporting of cleanup errors
Note that this is a behavior change: we used to do
    retErr = errors.Wrapf(retErr, ..., closeErr)
which doesn't record closeErr if retErr was nil.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-30 20:30:11 +02:00
Miloslav Trmač
68e9f2c576
Merge pull request #1697 from containers/dependabot/go_modules/github.com/stretchr/testify-1.8.0
Bump github.com/stretchr/testify from 1.7.5 to 1.8.0
2022-06-30 17:43:30 +02:00
dependabot[bot]
331162358b
Bump github.com/stretchr/testify from 1.7.5 to 1.8.0
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-30 08:17:49 +00:00
Josh Soref
89089f3a8d
Update IRC information
Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>
2022-06-29 20:14:56 -04:00
Miloslav Trmač
ba6af16e53 Use bytes.ReplaceAll instead of bytes.Replace(..., -1)
... for a trivial improvement in readability.

Should not change behavior.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-29 19:40:02 +02:00
Miloslav Trmač
bc84a02bc4
Merge pull request #1661 from cevich/multiarch_build
[CI:BUILD] Cirrus: Migrate multiarch build off github actions
2022-06-29 19:16:13 +02:00
Chris Evich
2024e2e258
Update & fix skopeo multiarch image Containerfiles
These changes substantially mirror similar updates made recently to both
podman and buildah.  Besides renaming `Dockerfile` -> `Containerfile`,
there are much needed updates to docs, and the build instructions.

Signed-off-by: Chris Evich <cevich@redhat.com>
2022-06-29 11:42:15 -04:00
Chris Evich
774ff9d16f
Cirrus: Migrate multiarch build off github actions
The github actions workflow for this operation is complex and difficult
to maintain.  For several months now a replacement has been running well
in the podman repository.  It's scripts/components are centralized,
versioned, unit, and integration tested.  Add cirrus tasks to run the
build, and another task to allow test builds in a PR.

This also adds support for a new magic CI string: `[CI:BUILD]`.
With this string in the PR title, automation will only do basic build
verification, and enable testing of the multi-arch build process.

Otherwise, many tasks were updated to not be created when running the
cirrus-cron multi-arch image builds, since this would simply be a waste
of time and invitation for flakes.

Lastly, since only native tooling is used in the new build process,
rename all the recipes to `Containerfile`.

Signed-off-by: Chris Evich <cevich@redhat.com>
2022-06-28 17:43:37 -04:00
Daniel J Walsh
1462a45c91
Merge pull request #1653 from mairin/patch-1
Updated skopeo logo with new artwork
2022-06-27 10:56:26 -04:00
Miloslav Trmač
7bfa5cbad8
Merge pull request #1690 from containers/dependabot/go_modules/github.com/stretchr/testify-1.7.5
Bump github.com/stretchr/testify from 1.7.4 to 1.7.5
2022-06-24 19:12:34 +02:00
dependabot[bot]
899d3686f9
Bump github.com/stretchr/testify from 1.7.4 to 1.7.5
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.4...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-24 08:34:09 +00:00
Daniel J Walsh
1a98f253b4
Merge pull request #1687 from containers/dependabot/go_modules/github.com/stretchr/testify-1.7.4
Bump github.com/stretchr/testify from 1.7.2 to 1.7.4
2022-06-21 13:08:58 -04:00
Daniel J Walsh
fdd8aa2fd0
Merge pull request #1686 from containers/dependabot/go_modules/github.com/spf13/cobra-1.5.0
Bump github.com/spf13/cobra from 1.4.0 to 1.5.0
2022-06-21 13:08:33 -04:00
dependabot[bot]
2f77d21343
Bump github.com/stretchr/testify from 1.7.2 to 1.7.4
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.2 to 1.7.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.2...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-21 08:13:03 +00:00
dependabot[bot]
2009d1c61e
Bump github.com/spf13/cobra from 1.4.0 to 1.5.0
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.4.0...v1.5.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-21 08:12:52 +00:00
Miloslav Trmač
168f8d648a
Merge pull request #1684 from lsm5/rpmspec-syntax-highlight-fix
[CI:DOCS] skopeo.spec.rpkg: Fix syntax highlighting
2022-06-17 20:35:21 +02:00
Lokesh Mandvekar
fe0228095b
[CI:DOCS] skopeo.spec.rpkg: Fix syntax highlighting
For whatever reason, the comment rearrangement is
required for vim rpm synatx highlighting to work.

Also added a comment pointing out where additional comments
should go. :)

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2022-06-17 10:14:57 -04:00
Daniel J Walsh
14650880c8
Merge pull request #1679 from mtrmac/test-registry-2.8.1-from-image
Use an updated CI image with OCI-capable registry
2022-06-17 06:06:22 -04:00
Miloslav Trmač
e7363a2e30
Merge pull request #1682 from lsm5/rpkg-doc-update
[CI:DOCS] Makefile: include cautionary note for rpm target
2022-06-16 21:38:02 +02:00
Lokesh Mandvekar
71d450cb35
[CI:DOCS] Makefile: include cautionary note for rpm target
Also add same warning to skopeo.spec.rpkg

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2022-06-16 15:36:06 -04:00
Lokesh Mandvekar
3738854467 CoPR: Autobuild rpm on rhcontainerbot/podman-next
The new file `skopeo.spec.rpkg` along with a webhook will automatically
build rpms on every PR merge on the main branch.

Run `rpkg local` or `make rpm` to generate the rpm.

Known issue: Doesn't yet build for EL8 environments.

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2022-06-16 15:27:39 -04:00
Miloslav Trmač
38f4b9d032 Enable schema1 support on the test registries
We expect schema1 images to work.  Also, docker/distribution
doesn't provide useful errors for rejected schema1 images
( https://github.com/distribution/distribution/issues/2925 ),
which makes it impractical for Skopeo to automatically convert
schema1 to schema2.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-16 20:27:05 +02:00
Miloslav Trmač
1b5fb465be Update for docker/distribution CLI change
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-16 20:27:05 +02:00
Miloslav Trmač
e9ed5e04e2 Use an updated CI image
... from https://github.com/containers/automation_images/pull/137 .

This updates the docker/distribution registry to 2.8.1, allowing it
to accept OCI images.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-16 20:27:01 +02:00
Daniel J Walsh
f2c1d77c57
Merge pull request #1672 from mtrmac/non-artifact-oci-repo
Change a repo used for sync tests
2022-06-11 05:52:07 -04:00
Miloslav Trmač
bbdabebd17 Change a repo used for sync tests
The k8s.gcr.io/coredns/coredns repo now contains an OCI
artifact, which we can't copy; so, use a different
repo to test syncing.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-11 03:15:14 +02:00
Daniel J Walsh
4b5e6327cd
Merge pull request #1667 from mtrmac/go1.17
Update to benefit from Go 1.17
2022-06-09 11:11:51 -04:00
Miloslav Trmač
92c0d0c09d Use testing.T.Setenv instead of os.Setenv in tests
... to benefit from Go 1.17.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-08 16:57:06 +02:00
Miloslav Trmač
a3a72342f2 Update go.mod to Go 1.17
> go mod tidy -go=1.17
> make vendor

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-06-08 16:46:38 +02:00
Miloslav Trmač
14a3b9241e
Merge pull request #1666 from containers/dependabot/go_modules/github.com/docker/docker-20.10.17incompatible
Bump github.com/docker/docker from 20.10.16+incompatible to 20.10.17+incompatible
2022-06-07 15:59:14 +02:00
dependabot[bot]
e9379d15d2
Bump github.com/docker/docker
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.16+incompatible to 20.10.17+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Changelog](https://github.com/moby/moby/blob/master/CHANGELOG.md)
- [Commits](https://github.com/docker/docker/compare/v20.10.16...v20.10.17)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-07 08:19:08 +00:00
Miloslav Trmač
eb61a79dde
Merge pull request #1664 from containers/dependabot/go_modules/github.com/stretchr/testify-1.7.2
Bump github.com/stretchr/testify from 1.7.1 to 1.7.2
2022-06-06 17:31:50 +02:00
dependabot[bot]
69840fd082
Bump github.com/stretchr/testify from 1.7.1 to 1.7.2
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.2.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.2)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-06 14:50:42 +00:00
Daniel J Walsh
dc905cb7be
Merge pull request #1663 from containers/dependabot/go_modules/github.com/containers/ocicrypt-1.1.5
Bump github.com/containers/ocicrypt from 1.1.4 to 1.1.5
2022-06-06 08:05:31 -04:00
dependabot[bot]
63622bc7c4
Bump github.com/containers/ocicrypt from 1.1.4 to 1.1.5
Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/containers/ocicrypt/releases)
- [Commits](https://github.com/containers/ocicrypt/compare/v1.1.4...v1.1.5)

---
updated-dependencies:
- dependency-name: github.com/containers/ocicrypt
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2022-06-06 08:16:08 +00:00
Chris Evich
02ae5c2af5
Merge pull request #1658 from lsm5/ubuntu-2204-lts-cirrus
Cirrus: use Ubuntu 22.04 LTS
2022-05-31 13:37:11 -04:00
Lokesh Mandvekar
6b58459829
Cirrus: use Ubuntu 22.04 LTS
Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
2022-05-31 13:03:56 -04:00
Valentin Rothberg
a5d4e6655d
Merge pull request #1655 from mtrmac/runc-1.1.2
Update to github.com/opencontainers/runc >= 1.1.2
2022-05-31 09:09:11 +02:00
Miloslav Trmač
00a58e48b1 Update to github.com/opencontainers/runc >= 1.1.2
... to silence Dependabot alerts about CVE-2022-29162 = GHSA-f3fp-gc8g-vw66.

Note that the vulnerable code is not actually included in Skopeo at all,
this is purely to silence imprecise vulnerability checkers.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-05-31 01:23:51 +02:00
Miloslav Trmač
db663df804
Merge pull request #1659 from Luap99/make-completions
fix make completions for all POSIX shells
2022-05-30 15:00:14 +02:00
Paul Holzinger
263a5f017f
fix make completions for all POSIX shells
The {a,b} syntax is not POSIX compatible. The Makefile should run with
all POSIX shells so we cannot use shell specific features like this.

Fixes #1657

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
2022-05-30 14:38:56 +02:00
Valentin Rothberg
47afd101f0
Merge pull request #1656 from mtrmac/yaml-3.0.0
Update to gopkg.in/yaml.v3 v3.0.0
2022-05-30 11:38:26 +02:00
Miloslav Trmač
0a3be734a9 Update to gopkg.in/yaml.v3 v3.0.0
... to include a fix for CVE-2022-28948 = GHSA-hp87-p4gw-j4gq .

Note that the package is only used for Skopeo's tests, so
Skopeo's users can't reach the vulnerable code.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
2022-05-26 20:30:59 +02:00
Chris Evich
e8a3064328
Merge pull request #1652 from cevich/fix_gha_security
[CI:DOCS] Pin actions to a full length commit SHA
2022-05-26 14:28:01 -04:00
Máirín Duffy
0ad7ec2402 Updated skopeo logo with new artwork
Signed-off-by: Máirín Duffy <duffy@redhat.com>
2022-05-25 13:39:05 -04:00