diff --git a/go.mod b/go.mod index 7dc0c5d9..02e3a7e5 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( github.com/containers/common v0.57.4 github.com/containers/image/v5 v5.29.2 - github.com/containers/podman/v4 v4.9.2 + github.com/containers/podman/v4 v4.9.3 github.com/go-kit/log v0.2.1 github.com/pkg/errors v0.9.1 github.com/prometheus/client_golang v1.18.0 diff --git a/go.sum b/go.sum index 752f01e3..f8c905cc 100644 --- a/go.sum +++ b/go.sum @@ -258,8 +258,8 @@ github.com/containers/ocicrypt v1.1.0/go.mod h1:b8AOe0YR67uU8OqfVNcznfFpAzu3rdgU github.com/containers/ocicrypt v1.1.1/go.mod h1:Dm55fwWm1YZAjYRaJ94z2mfZikIyIN4B0oB3dj3jFxY= github.com/containers/ocicrypt v1.1.9 h1:2Csfba4jse85Raxk5HIyEk8OwZNjRvfkhEGijOjIdEM= github.com/containers/ocicrypt v1.1.9/go.mod h1:dTKx1918d8TDkxXvarscpNVY+lyPakPNFN4jwA9GBys= -github.com/containers/podman/v4 v4.9.2 h1:qURD2JZ//J/CaUSgu3lnYoKULfyxY39IdfDcv3H3Yts= -github.com/containers/podman/v4 v4.9.2/go.mod h1:J2qLop+mWjAOxh0QQyYPdnPA3jI6ay2eU0OKakgMniQ= +github.com/containers/podman/v4 v4.9.3 h1:3tEnvIqijxBYtILRdHcbn0UNHAyUiQ1Y5hcvkYmutZA= +github.com/containers/podman/v4 v4.9.3/go.mod h1:J2qLop+mWjAOxh0QQyYPdnPA3jI6ay2eU0OKakgMniQ= github.com/containers/psgo v1.8.0 h1:2loGekmGAxM9ir5OsXWEfGwFxorMPYnc6gEDsGFQvhY= github.com/containers/psgo v1.8.0/go.mod h1:T8ZxnX3Ur4RvnhxFJ7t8xJ1F48RhiZB4rSrOaR/qGHc= github.com/containers/storage v1.43.0/go.mod h1:uZ147thiIFGdVTjMmIw19knttQnUCl3y9zjreHrg11s= diff --git a/vendor/github.com/containers/podman/v4/libpod/container_commit.go b/vendor/github.com/containers/podman/v4/libpod/container_commit.go index 00063c2c..5817f3a1 100644 --- a/vendor/github.com/containers/podman/v4/libpod/container_commit.go +++ b/vendor/github.com/containers/podman/v4/libpod/container_commit.go @@ -20,16 +20,16 @@ import ( // ContainerCommitOptions is a struct used to commit a container to an image // It uses buildah's CommitOptions as a base. Long-term we might wish to -// add these to the buildah struct once buildah is more integrated with -// libpod +// decouple these because it includes duplicates of fields that are in, or +// could later be added, to buildah's CommitOptions, which gets confusing type ContainerCommitOptions struct { buildah.CommitOptions Pause bool IncludeVolumes bool Author string Message string - Changes []string - Squash bool + Changes []string // gets merged with CommitOptions.OverrideChanges + Squash bool // always used instead of CommitOptions.Squash } // Commit commits the changes between a container and its image, creating a new @@ -69,6 +69,8 @@ func (c *Container) Commit(ctx context.Context, destImage string, options Contai Squash: options.Squash, SystemContext: c.runtime.imageContext, PreferredManifestType: options.PreferredManifestType, + OverrideChanges: append(append([]string{}, options.Changes...), options.CommitOptions.OverrideChanges...), + OverrideConfig: options.CommitOptions.OverrideConfig, } importBuilder, err := buildah.ImportBuilder(ctx, c.runtime.store, builderOptions) importBuilder.Format = options.PreferredManifestType @@ -150,51 +152,6 @@ func (c *Container) Commit(ctx context.Context, destImage string, options Contai // Workdir importBuilder.SetWorkDir(c.config.Spec.Process.Cwd) - // Process user changes - newImageConfig, err := libimage.ImageConfigFromChanges(options.Changes) - if err != nil { - return nil, err - } - if newImageConfig.User != "" { - importBuilder.SetUser(newImageConfig.User) - } - // EXPOSE only appends - for port := range newImageConfig.ExposedPorts { - importBuilder.SetPort(port) - } - // ENV only appends - for _, env := range newImageConfig.Env { - splitEnv := strings.SplitN(env, "=", 2) - key := splitEnv[0] - value := "" - if len(splitEnv) == 2 { - value = splitEnv[1] - } - importBuilder.SetEnv(key, value) - } - if newImageConfig.Entrypoint != nil { - importBuilder.SetEntrypoint(newImageConfig.Entrypoint) - } - if newImageConfig.Cmd != nil { - importBuilder.SetCmd(newImageConfig.Cmd) - } - // VOLUME only appends - for vol := range newImageConfig.Volumes { - importBuilder.AddVolume(vol) - } - if newImageConfig.WorkingDir != "" { - importBuilder.SetWorkDir(newImageConfig.WorkingDir) - } - for k, v := range newImageConfig.Labels { - importBuilder.SetLabel(k, v) - } - if newImageConfig.StopSignal != "" { - importBuilder.SetStopSignal(newImageConfig.StopSignal) - } - for _, onbuild := range newImageConfig.OnBuild { - importBuilder.SetOnBuild(onbuild) - } - var commitRef types.ImageReference if destImage != "" { // Now resolve the name. diff --git a/vendor/github.com/containers/podman/v4/pkg/api/handlers/changes.go b/vendor/github.com/containers/podman/v4/pkg/api/handlers/changes.go new file mode 100644 index 00000000..58e3a739 --- /dev/null +++ b/vendor/github.com/containers/podman/v4/pkg/api/handlers/changes.go @@ -0,0 +1,34 @@ +package handlers + +import ( + "strings" + "unicode" +) + +// DecodeChanges reads one or more changes from a slice and cleans them up, +// since what we've advertised as being acceptable in the past isn't really. +func DecodeChanges(changes []string) []string { + result := make([]string, 0, len(changes)) + for _, possiblyMultilineChange := range changes { + for _, change := range strings.Split(possiblyMultilineChange, "\n") { + // In particular, we document that we accept values + // like "CMD=/bin/sh", which is not valid Dockerfile + // syntax, so we can't just pass such a value directly + // to a parser that's going to rightfully reject it. + // If we trim the string of whitespace at both ends, + // and the first occurrence of "=" is before the first + // whitespace, replace that "=" with whitespace. + change = strings.TrimSpace(change) + if change == "" { + continue + } + firstEqualIndex := strings.Index(change, "=") + firstSpaceIndex := strings.IndexFunc(change, unicode.IsSpace) + if firstEqualIndex != -1 && (firstSpaceIndex == -1 || firstEqualIndex < firstSpaceIndex) { + change = change[:firstEqualIndex] + " " + change[firstEqualIndex+1:] + } + result = append(result, change) + } + } + return result +} diff --git a/vendor/github.com/containers/podman/v4/pkg/bindings/containers/commit.go b/vendor/github.com/containers/podman/v4/pkg/bindings/containers/commit.go index 5138b13c..6d094a2f 100644 --- a/vendor/github.com/containers/podman/v4/pkg/bindings/containers/commit.go +++ b/vendor/github.com/containers/podman/v4/pkg/bindings/containers/commit.go @@ -33,7 +33,11 @@ func Commit(ctx context.Context, nameOrID string, options *CommitOptions) (entit return entities.IDResponse{}, err } params.Set("container", nameOrID) - response, err := conn.DoRequest(ctx, nil, http.MethodPost, "/commit", params, nil) + var requestBody io.Reader + if options.Config != nil { + requestBody = *options.Config + } + response, err := conn.DoRequest(ctx, requestBody, http.MethodPost, "/commit", params, nil) if err != nil { return id, err } diff --git a/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types.go b/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types.go index 6678a86f..ee2fe4b9 100644 --- a/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types.go +++ b/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types.go @@ -29,6 +29,7 @@ type LogOptions struct { type CommitOptions struct { Author *string Changes []string + Config *io.Reader `schema:"-"` Comment *string Format *string Pause *bool diff --git a/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types_commit_options.go b/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types_commit_options.go index d58630b9..20e59f4d 100644 --- a/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types_commit_options.go +++ b/vendor/github.com/containers/podman/v4/pkg/bindings/containers/types_commit_options.go @@ -2,6 +2,7 @@ package containers import ( + "io" "net/url" "github.com/containers/podman/v4/pkg/bindings/internal/util" @@ -47,6 +48,21 @@ func (o *CommitOptions) GetChanges() []string { return o.Changes } +// WithConfig set field Config to given value +func (o *CommitOptions) WithConfig(value io.Reader) *CommitOptions { + o.Config = &value + return o +} + +// GetConfig returns value of field Config +func (o *CommitOptions) GetConfig() io.Reader { + if o.Config == nil { + var z io.Reader + return z + } + return *o.Config +} + // WithComment set field Comment to given value func (o *CommitOptions) WithComment(value string) *CommitOptions { o.Comment = &value diff --git a/vendor/github.com/containers/podman/v4/pkg/domain/entities/containers.go b/vendor/github.com/containers/podman/v4/pkg/domain/entities/containers.go index a47b9ed2..44cf3fc5 100644 --- a/vendor/github.com/containers/podman/v4/pkg/domain/entities/containers.go +++ b/vendor/github.com/containers/podman/v4/pkg/domain/entities/containers.go @@ -164,6 +164,7 @@ type ContainerStatReport struct { type CommitOptions struct { Author string Changes []string + Config []byte Format string ImageName string IncludeVolumes bool diff --git a/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/config.go b/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/config.go new file mode 100644 index 00000000..ae564cf4 --- /dev/null +++ b/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/config.go @@ -0,0 +1,22 @@ +package abi + +import ( + "encoding/json" + "errors" + "io" + + "github.com/containers/image/v5/manifest" +) + +// DecodeOverrideConfig reads a Schema2Config from a Reader, suppressing EOF +// errors. +func DecodeOverrideConfig(reader io.Reader) (*manifest.Schema2Config, error) { + config := manifest.Schema2Config{} + if reader != nil { + err := json.NewDecoder(reader).Decode(&config) + if err != nil && !errors.Is(err, io.EOF) { + return nil, err + } + } + return &config, nil +} diff --git a/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/containers.go b/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/containers.go index b495bc91..6f6d8666 100644 --- a/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/containers.go +++ b/vendor/github.com/containers/podman/v4/pkg/domain/infra/abi/containers.go @@ -1,6 +1,7 @@ package abi import ( + "bytes" "context" "errors" "fmt" @@ -17,6 +18,7 @@ import ( "github.com/containers/podman/v4/libpod" "github.com/containers/podman/v4/libpod/define" "github.com/containers/podman/v4/libpod/logs" + "github.com/containers/podman/v4/pkg/api/handlers" "github.com/containers/podman/v4/pkg/checkpoint" "github.com/containers/podman/v4/pkg/domain/entities" "github.com/containers/podman/v4/pkg/domain/entities/reports" @@ -581,18 +583,29 @@ func (ic *ContainerEngine) ContainerCommit(ctx context.Context, nameOrID string, } sc := ic.Libpod.SystemContext() + var changes []string + if len(options.Changes) > 0 { + changes = handlers.DecodeChanges(options.Changes) + } + var overrideConfig *manifest.Schema2Config + if len(options.Config) > 0 { + if overrideConfig, err = DecodeOverrideConfig(bytes.NewReader(options.Config)); err != nil { + return nil, err + } + } coptions := buildah.CommitOptions{ SignaturePolicyPath: rtc.Engine.SignaturePolicyPath, ReportWriter: options.Writer, SystemContext: sc, PreferredManifestType: mimeType, + OverrideConfig: overrideConfig, } opts := libpod.ContainerCommitOptions{ CommitOptions: coptions, Pause: options.Pause, IncludeVolumes: options.IncludeVolumes, Message: options.Message, - Changes: options.Changes, + Changes: changes, Author: options.Author, Squash: options.Squash, } diff --git a/vendor/github.com/containers/podman/v4/pkg/domain/infra/tunnel/containers.go b/vendor/github.com/containers/podman/v4/pkg/domain/infra/tunnel/containers.go index d57d2cd6..aec85bc5 100644 --- a/vendor/github.com/containers/podman/v4/pkg/domain/infra/tunnel/containers.go +++ b/vendor/github.com/containers/podman/v4/pkg/domain/infra/tunnel/containers.go @@ -1,6 +1,7 @@ package tunnel import ( + "bytes" "context" "errors" "fmt" @@ -347,7 +348,15 @@ func (ic *ContainerEngine) ContainerCommit(ctx context.Context, nameOrID string, return nil, fmt.Errorf("invalid image name %q", opts.ImageName) } } - options := new(containers.CommitOptions).WithAuthor(opts.Author).WithChanges(opts.Changes).WithComment(opts.Message).WithSquash(opts.Squash).WithStream(!opts.Quiet) + var changes []string + if len(opts.Changes) > 0 { + changes = handlers.DecodeChanges(opts.Changes) + } + var configReader io.Reader + if len(opts.Config) > 0 { + configReader = bytes.NewReader(opts.Config) + } + options := new(containers.CommitOptions).WithAuthor(opts.Author).WithChanges(changes).WithComment(opts.Message).WithConfig(configReader).WithSquash(opts.Squash).WithStream(!opts.Quiet) options.WithFormat(opts.Format).WithPause(opts.Pause).WithRepo(repo).WithTag(tag) response, err := containers.Commit(ic.ClientCtx, nameOrID, options) if err != nil { diff --git a/vendor/github.com/containers/podman/v4/version/rawversion/version.go b/vendor/github.com/containers/podman/v4/version/rawversion/version.go index 2caf51fd..fd3552c4 100644 --- a/vendor/github.com/containers/podman/v4/version/rawversion/version.go +++ b/vendor/github.com/containers/podman/v4/version/rawversion/version.go @@ -7,4 +7,4 @@ package rawversion // // NOTE: remember to bump the version at the top of the top-level README.md // file when this is bumped. -const RawVersion = "4.9.2" +const RawVersion = "4.9.3" diff --git a/vendor/modules.txt b/vendor/modules.txt index e138e07c..3fe57f54 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -288,7 +288,7 @@ github.com/containers/ocicrypt/keywrap/pkcs7 github.com/containers/ocicrypt/spec github.com/containers/ocicrypt/utils github.com/containers/ocicrypt/utils/keyprovider -# github.com/containers/podman/v4 v4.9.2 +# github.com/containers/podman/v4 v4.9.3 ## explicit; go 1.18 github.com/containers/podman/v4/cmd/podman/parse github.com/containers/podman/v4/cmd/podman/registry