Update vendor containers/(common,image,storage)

Fixes: https://github.com/containers/podman/issues/16150 Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-12-01 02:27:13 +08:00 · 2022-10-15 09:42:51 -04:00
parent d21a35630d
commit 01a3245d7d
26 changed files with 821 additions and 2253 deletions
--- a/vendor/github.com/containers/common/libimage/pull.go
+++ b/vendor/github.com/containers/common/libimage/pull.go
@@ -232,7 +232,7 @@ func (r *Runtime) copyFromDefault(ctx context.Context, ref types.ImageReference,
 		imageName = storageName

 	case ociArchiveTransport.Transport.Name():
-		manifestDescriptor, err := ociArchiveTransport.LoadManifestDescriptor(ref)
+		manifestDescriptor, err := ociArchiveTransport.LoadManifestDescriptorWithContext(r.SystemContext(), ref)
 		if err != nil {
 			return nil, err
 		}
--- a/vendor/github.com/containers/common/pkg/config/containers.conf
+++ b/vendor/github.com/containers/common/pkg/config/containers.conf
@@ -581,7 +581,7 @@ default_sysctls = [

 # map of service destinations
 #
-#[service_destinations]
+# [service_destinations]
 #  [service_destinations.production]
 #     URI to access the Podman service
 #     Examples:
--- a/vendor/github.com/containers/common/version/version.go
+++ b/vendor/github.com/containers/common/version/version.go
@@ -1,4 +1,4 @@
 package version

 // Version is the version of the build.
-const Version = "0.50.1"
+const Version = "0.50.2-dev"
--- a/vendor/github.com/containers/image/v5/directory/directory_dest.go
+++ b/vendor/github.com/containers/image/v5/directory/directory_dest.go
@@ -105,7 +105,7 @@ func newImageDestination(sys *types.SystemContext, ref dirReference) (private.Im
 			AcceptsForeignLayerURLs:        false,
 			MustMatchRuntimeOS:             false,
 			IgnoresEmbeddedDockerReference: false, // N/A, DockerReference() returns nil.
-			HasThreadSafePutBlob:           false,
+			HasThreadSafePutBlob:           true,
 		}),
 		NoPutBlobPartialInitialize: stubs.NoPutBlobPartial(ref),

--- a/vendor/github.com/containers/image/v5/docker/docker_client.go
+++ b/vendor/github.com/containers/image/v5/docker/docker_client.go
@@ -1,6 +1,7 @@
 package docker

 import (
+	"bytes"
 	"context"
 	"crypto/tls"
 	"encoding/json"
@@ -989,11 +990,22 @@ func (c *dockerClient) getOCIDescriptorContents(ctx context.Context, ref dockerR

 // isManifestUnknownError returns true iff err from fetchManifest is a “manifest unknown” error.
 func isManifestUnknownError(err error) bool {
+	// docker/distribution, and as defined in the spec
 	var ec errcode.ErrorCoder
-	if !errors.As(err, &ec) {
-		return false
+	if errors.As(err, &ec) && ec.ErrorCode() == v2.ErrorCodeManifestUnknown {
+		return true
 	}
-	return ec.ErrorCode() == v2.ErrorCodeManifestUnknown
+	// registry.redhat.io as of October 2022
+	var e errcode.Error
+	if errors.As(err, &e) && e.ErrorCode() == errcode.ErrorCodeUnknown && e.Message == "Not Found" {
+		return true
+	}
+	// ALSO registry.redhat.io as of October 2022
+	var unexpected *unexpectedHTTPResponseError
+	if errors.As(err, &unexpected) && unexpected.StatusCode == http.StatusNotFound && bytes.Contains(unexpected.Response, []byte("Not found")) {
+		return true
+	}
+	return false
 }

 // getSigstoreAttachmentManifest loads and parses the manifest for sigstore attachments for
--- a/vendor/github.com/containers/image/v5/docker/docker_image_dest.go
+++ b/vendor/github.com/containers/image/v5/docker/docker_image_dest.go
@@ -648,6 +648,7 @@ func (d *dockerImageDestination) putSignaturesToSigstoreAttachments(ctx context.
 			Digest:    "", // We will fill this in later.
 			Size:      0,
 		}, nil)
+		ociConfig.RootFS.Type = "layers"
 	} else {
 		logrus.Debugf("Fetching sigstore attachment config %s", ociManifest.Config.Digest.String())
 		// We don’t benefit from a real BlobInfoCache here because we never try to reuse/mount configs.
--- a/vendor/github.com/containers/storage/containers.go
+++ b/vendor/github.com/containers/storage/containers.go
@@ -81,18 +81,8 @@ type rwContainerStore interface {
 	// convenience of the caller, nothing more.
 	Create(id string, names []string, image, layer, metadata string, options *ContainerOptions) (*Container, error)

-	// SetNames updates the list of names associated with the container
-	// with the specified ID.
-	// Deprecated: Prone to race conditions, suggested alternatives are `AddNames` and `RemoveNames`.
-	SetNames(id string, names []string) error
-
-	// AddNames adds the supplied values to the list of names associated with the container with
-	// the specified id.
-	AddNames(id string, names []string) error
-
-	// RemoveNames removes the supplied values from the list of names associated with the container with
-	// the specified id.
-	RemoveNames(id string, names []string) error
+	// updateNames modifies names associated with a  container based on (op, names).
+	updateNames(id string, names []string, op updateNameOperation) error

 	// Get retrieves information about a container given an ID or name.
 	Get(id string) (*Container, error)
@@ -388,19 +378,6 @@ func (r *containerStore) removeName(container *Container, name string) {
 	container.Names = stringSliceWithoutValue(container.Names, name)
 }

-// Deprecated: Prone to race conditions, suggested alternatives are `AddNames` and `RemoveNames`.
-func (r *containerStore) SetNames(id string, names []string) error {
-	return r.updateNames(id, names, setNames)
-}
-
-func (r *containerStore) AddNames(id string, names []string) error {
-	return r.updateNames(id, names, addNames)
-}
-
-func (r *containerStore) RemoveNames(id string, names []string) error {
-	return r.updateNames(id, names, removeNames)
-}
-
 func (r *containerStore) updateNames(id string, names []string, op updateNameOperation) error {
 	container, ok := r.lookup(id)
 	if !ok {
--- a/vendor/github.com/containers/storage/images.go
+++ b/vendor/github.com/containers/storage/images.go
@@ -129,21 +129,10 @@ type rwImageStore interface {
 	// read-only) layer.  That layer can be referenced by multiple images.
 	Create(id string, names []string, layer, metadata string, created time.Time, searchableDigest digest.Digest) (*Image, error)

-	// SetNames replaces the list of names associated with an image with the
-	// supplied values.  The values are expected to be valid normalized
+	// updateNames modifies names associated with an image based on (op, names).
+	// The values are expected to be valid normalized
 	// named image references.
-	// Deprecated: Prone to race conditions, suggested alternatives are `AddNames` and `RemoveNames`.
-	SetNames(id string, names []string) error
-
-	// AddNames adds the supplied values to the list of names associated with the image with
-	// the specified id. The values are expected to be valid normalized
-	// named image references.
-	AddNames(id string, names []string) error
-
-	// RemoveNames removes the supplied values from the list of names associated with the image with
-	// the specified id.  The values are expected to be valid normalized
-	// named image references.
-	RemoveNames(id string, names []string) error
+	updateNames(id string, names []string, op updateNameOperation) error

 	// Delete removes the record of the image.
 	Delete(id string) error
@@ -516,19 +505,6 @@ func (i *Image) addNameToHistory(name string) {
 	i.NamesHistory = dedupeNames(append([]string{name}, i.NamesHistory...))
 }

-// Deprecated: Prone to race conditions, suggested alternatives are `AddNames` and `RemoveNames`.
-func (r *imageStore) SetNames(id string, names []string) error {
-	return r.updateNames(id, names, setNames)
-}
-
-func (r *imageStore) AddNames(id string, names []string) error {
-	return r.updateNames(id, names, addNames)
-}
-
-func (r *imageStore) RemoveNames(id string, names []string) error {
-	return r.updateNames(id, names, removeNames)
-}
-
 func (r *imageStore) updateNames(id string, names []string, op updateNameOperation) error {
 	if !r.IsReadWrite() {
 		return fmt.Errorf("not allowed to change image name assignments at %q: %w", r.imagespath(), ErrStoreIsReadOnly)
--- a/vendor/github.com/containers/storage/layers.go
+++ b/vendor/github.com/containers/storage/layers.go
@@ -214,18 +214,8 @@ type rwLayerStore interface {
 	// Put combines the functions of CreateWithFlags and ApplyDiff.
 	Put(id string, parent *Layer, names []string, mountLabel string, options map[string]string, moreOptions *LayerOptions, writeable bool, flags map[string]interface{}, diff io.Reader) (*Layer, int64, error)

-	// SetNames replaces the list of names associated with a layer with the
-	// supplied values.
-	// Deprecated: Prone to race conditions, suggested alternatives are `AddNames` and `RemoveNames`.
-	SetNames(id string, names []string) error
-
-	// AddNames adds the supplied values to the list of names associated with the layer with the
-	// specified id.
-	AddNames(id string, names []string) error
-
-	// RemoveNames remove the supplied values from the list of names associated with the layer with the
-	// specified id.
-	RemoveNames(id string, names []string) error
+	// updateNames modifies names associated with a layer based on (op, names).
+	updateNames(id string, names []string, op updateNameOperation) error

 	// Delete deletes a layer with the specified name or ID.
 	Delete(id string) error
@@ -1091,19 +1081,6 @@ func (r *layerStore) removeName(layer *Layer, name string) {
 	layer.Names = stringSliceWithoutValue(layer.Names, name)
 }

-// Deprecated: Prone to race conditions, suggested alternatives are `AddNames` and `RemoveNames`.
-func (r *layerStore) SetNames(id string, names []string) error {
-	return r.updateNames(id, names, setNames)
-}
-
-func (r *layerStore) AddNames(id string, names []string) error {
-	return r.updateNames(id, names, addNames)
-}
-
-func (r *layerStore) RemoveNames(id string, names []string) error {
-	return r.updateNames(id, names, removeNames)
-}
-
 func (r *layerStore) updateNames(id string, names []string, op updateNameOperation) error {
 	if !r.IsReadWrite() {
 		return fmt.Errorf("not allowed to change layer name assignments at %q: %w", r.layerspath(), ErrStoreIsReadOnly)
--- a/vendor/github.com/containers/storage/store.go
+++ b/vendor/github.com/containers/storage/store.go
--- a/vendor/github.com/containers/storage/userns.go
+++ b/vendor/github.com/containers/storage/userns.go
@@ -123,12 +123,9 @@ func parseMountedFiles(containerMount, passwdFile, groupFile string) uint32 {
 }

 // getMaxSizeFromImage returns the maximum ID used by the specified image.
-// The layer stores must be already locked.
-func (s *store) getMaxSizeFromImage(image *Image, passwdFile, groupFile string) (_ uint32, retErr error) {
-	layerStores, err := s.allLayerStores()
-	if err != nil {
-		return 0, err
-	}
+// On entry, rlstore must be locked for writing, and lstores must be locked for reading.
+func (s *store) getMaxSizeFromImage(image *Image, rlstore rwLayerStore, lstores []roLayerStore, passwdFile, groupFile string) (_ uint32, retErr error) {
+	layerStores := append([]roLayerStore{rlstore}, lstores...)

 	size := uint32(0)

@@ -163,11 +160,6 @@ outer:
 		return 0, fmt.Errorf("cannot find layer %q", layerName)
 	}

-	rlstore, err := s.getLayerStore()
-	if err != nil {
-		return 0, err
-	}
-
 	layerOptions := &LayerOptions{
 		IDMappingOptions: types.IDMappingOptions{
 			HostUIDMapping: true,
@@ -223,7 +215,8 @@ outer:
 }

 // getAutoUserNS creates an automatic user namespace
-func (s *store) getAutoUserNS(options *types.AutoUserNsOptions, image *Image) ([]idtools.IDMap, []idtools.IDMap, error) {
+// If image != nil, On entry, rlstore must be locked for writing, and lstores must be locked for reading.
+func (s *store) getAutoUserNS(options *types.AutoUserNsOptions, image *Image, rlstore rwLayerStore, lstores []roLayerStore) ([]idtools.IDMap, []idtools.IDMap, error) {
 	requestedSize := uint32(0)
 	initialSize := uint32(1)
 	if options.Size > 0 {
@@ -262,7 +255,7 @@ func (s *store) getAutoUserNS(options *types.AutoUserNsOptions, image *Image) ([
 			size = s.autoNsMinSize
 		}
 		if image != nil {
-			sizeFromImage, err := s.getMaxSizeFromImage(image, options.PasswdFile, options.GroupFile)
+			sizeFromImage, err := s.getMaxSizeFromImage(image, rlstore, lstores, options.PasswdFile, options.GroupFile)
 			if err != nil {
 				return nil, nil, err
 			}