Bump Buildah to v1.33.0

As the title says.  This is the last dance step in preparation
for Podman v4.8.

[NO NEW TESTS NEEDED]

Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>

vendor/github.com/containers/buildah/internal/config/convert.go

@@ -0,0 +1,121 @@
+package config
+
+import (
+	"github.com/containers/image/v5/manifest"
+	dockerclient "github.com/fsouza/go-dockerclient"
+)
+
+// Schema2ConfigFromGoDockerclientConfig converts a go-dockerclient Config
+// structure to a manifest Schema2Config.
+func Schema2ConfigFromGoDockerclientConfig(config *dockerclient.Config) *manifest.Schema2Config {
+	overrideExposedPorts := make(map[manifest.Schema2Port]struct{})
+	for port := range config.ExposedPorts {
+		overrideExposedPorts[manifest.Schema2Port(port)] = struct{}{}
+	}
+	var overrideHealthCheck *manifest.Schema2HealthConfig
+	if config.Healthcheck != nil {
+		overrideHealthCheck = &manifest.Schema2HealthConfig{
+			Test:        config.Healthcheck.Test,
+			StartPeriod: config.Healthcheck.StartPeriod,
+			Interval:    config.Healthcheck.Interval,
+			Timeout:     config.Healthcheck.Timeout,
+			Retries:     config.Healthcheck.Retries,
+		}
+	}
+	labels := make(map[string]string)
+	for k, v := range config.Labels {
+		labels[k] = v
+	}
+	volumes := make(map[string]struct{})
+	for v := range config.Volumes {
+		volumes[v] = struct{}{}
+	}
+	s2config := &manifest.Schema2Config{
+		Hostname:        config.Hostname,
+		Domainname:      config.Domainname,
+		User:            config.User,
+		AttachStdin:     config.AttachStdin,
+		AttachStdout:    config.AttachStdout,
+		AttachStderr:    config.AttachStderr,
+		ExposedPorts:    overrideExposedPorts,
+		Tty:             config.Tty,
+		OpenStdin:       config.OpenStdin,
+		StdinOnce:       config.StdinOnce,
+		Env:             append([]string{}, config.Env...),
+		Cmd:             append([]string{}, config.Cmd...),
+		Healthcheck:     overrideHealthCheck,
+		ArgsEscaped:     config.ArgsEscaped,
+		Image:           config.Image,
+		Volumes:         volumes,
+		WorkingDir:      config.WorkingDir,
+		Entrypoint:      append([]string{}, config.Entrypoint...),
+		NetworkDisabled: config.NetworkDisabled,
+		MacAddress:      config.MacAddress,
+		OnBuild:         append([]string{}, config.OnBuild...),
+		Labels:          labels,
+		StopSignal:      config.StopSignal,
+		Shell:           config.Shell,
+	}
+	if config.StopTimeout != 0 {
+		s2config.StopTimeout = &config.StopTimeout
+	}
+	return s2config
+}
+
+// GoDockerclientConfigFromSchema2Config converts a manifest Schema2Config
+// to a go-dockerclient config structure.
+func GoDockerclientConfigFromSchema2Config(s2config *manifest.Schema2Config) *dockerclient.Config {
+	overrideExposedPorts := make(map[dockerclient.Port]struct{})
+	for port := range s2config.ExposedPorts {
+		overrideExposedPorts[dockerclient.Port(port)] = struct{}{}
+	}
+	var healthCheck *dockerclient.HealthConfig
+	if s2config.Healthcheck != nil {
+		healthCheck = &dockerclient.HealthConfig{
+			Test:        s2config.Healthcheck.Test,
+			StartPeriod: s2config.Healthcheck.StartPeriod,
+			Interval:    s2config.Healthcheck.Interval,
+			Timeout:     s2config.Healthcheck.Timeout,
+			Retries:     s2config.Healthcheck.Retries,
+		}
+	}
+	labels := make(map[string]string)
+	for k, v := range s2config.Labels {
+		labels[k] = v
+	}
+	volumes := make(map[string]struct{})
+	for v := range s2config.Volumes {
+		volumes[v] = struct{}{}
+	}
+	config := &dockerclient.Config{
+		Hostname:        s2config.Hostname,
+		Domainname:      s2config.Domainname,
+		User:            s2config.User,
+		AttachStdin:     s2config.AttachStdin,
+		AttachStdout:    s2config.AttachStdout,
+		AttachStderr:    s2config.AttachStderr,
+		PortSpecs:       nil,
+		ExposedPorts:    overrideExposedPorts,
+		Tty:             s2config.Tty,
+		OpenStdin:       s2config.OpenStdin,
+		StdinOnce:       s2config.StdinOnce,
+		Env:             append([]string{}, s2config.Env...),
+		Cmd:             append([]string{}, s2config.Cmd...),
+		Healthcheck:     healthCheck,
+		ArgsEscaped:     s2config.ArgsEscaped,
+		Image:           s2config.Image,
+		Volumes:         volumes,
+		WorkingDir:      s2config.WorkingDir,
+		Entrypoint:      append([]string{}, s2config.Entrypoint...),
+		NetworkDisabled: s2config.NetworkDisabled,
+		MacAddress:      s2config.MacAddress,
+		OnBuild:         append([]string{}, s2config.OnBuild...),
+		Labels:          labels,
+		StopSignal:      s2config.StopSignal,
+		Shell:           s2config.Shell,
+	}
+	if s2config.StopTimeout != nil {
+		config.StopTimeout = *s2config.StopTimeout
+	}
+	return config
+}

vendor/github.com/containers/buildah/internal/config/executor.go

@@ -0,0 +1,45 @@
+package config
+
+import (
+	"errors"
+	"fmt"
+	"os"
+
+	dockerclient "github.com/fsouza/go-dockerclient"
+	"github.com/openshift/imagebuilder"
+)
+
+// configOnlyExecutor implements the Executor interface that an
+// imagebuilder.Builder expects to be able to call to do some heavy lifting,
+// but it just refuses to do the work of ADD, COPY, or RUN.  It also doesn't
+// care if the working directory exists in a container, because it's really
+// only concerned with letting the Builder's RunConfig get updated by changes
+// from a Dockerfile.  Try anything more than that and it'll return an error.
+type configOnlyExecutor struct{}
+
+func (g *configOnlyExecutor) Preserve(path string) error {
+	return errors.New("ADD/COPY/RUN not supported as changes")
+}
+
+func (g *configOnlyExecutor) EnsureContainerPath(path string) error {
+	return nil
+}
+
+func (g *configOnlyExecutor) EnsureContainerPathAs(path, user string, mode *os.FileMode) error {
+	return nil
+}
+
+func (g *configOnlyExecutor) Copy(excludes []string, copies ...imagebuilder.Copy) error {
+	if len(copies) == 0 {
+		return nil
+	}
+	return errors.New("ADD/COPY not supported as changes")
+}
+
+func (g *configOnlyExecutor) Run(run imagebuilder.Run, config dockerclient.Config) error {
+	return errors.New("RUN not supported as changes")
+}
+
+func (g *configOnlyExecutor) UnrecognizedInstruction(step *imagebuilder.Step) error {
+	return fmt.Errorf("did not understand change instruction %q", step.Original)
+}

vendor/github.com/containers/buildah/internal/config/override.go

@@ -0,0 +1,181 @@
+package config
+
+import (
+	"fmt"
+	"os"
+	"strings"
+
+	"github.com/containers/buildah/docker"
+	"github.com/containers/image/v5/manifest"
+	v1 "github.com/opencontainers/image-spec/specs-go/v1"
+	"github.com/openshift/imagebuilder"
+)
+
+// firstStringElseSecondString takes two strings, and returns the first
+// string if it isn't empty, else the second string
+func firstStringElseSecondString(first, second string) string {
+	if first != "" {
+		return first
+	}
+	return second
+}
+
+// firstSliceElseSecondSlice takes two string slices, and returns the first
+// slice of strings if it has contents, else the second slice
+func firstSliceElseSecondSlice(first, second []string) []string {
+	if len(first) > 0 {
+		return append([]string{}, first...)
+	}
+	return append([]string{}, second...)
+}
+
+// firstSlicePairElseSecondSlicePair takes two pairs of string slices, and
+// returns the first pair of slices if either has contents, else the second
+// pair
+func firstSlicePairElseSecondSlicePair(firstA, firstB, secondA, secondB []string) ([]string, []string) {
+	if len(firstA) > 0 || len(firstB) > 0 {
+		return append([]string{}, firstA...), append([]string{}, firstB...)
+	}
+	return append([]string{}, secondA...), append([]string{}, secondB...)
+}
+
+// mergeEnv combines variables from a and b into a single environment slice. if
+// a and b both provide values for the same variable, the value from b is
+// preferred
+func mergeEnv(a, b []string) []string {
+	index := make(map[string]int)
+	results := make([]string, 0, len(a)+len(b))
+	for _, kv := range append(append([]string{}, a...), b...) {
+		k, _, specifiesValue := strings.Cut(kv, "=")
+		if !specifiesValue {
+			if value, ok := os.LookupEnv(kv); ok {
+				kv = kv + "=" + value
+			} else {
+				kv = kv + "="
+			}
+		}
+		if i, seen := index[k]; seen {
+			results[i] = kv
+		} else {
+			index[k] = len(results)
+			results = append(results, kv)
+		}
+	}
+	return results
+}
+
+// Override takes a buildah docker config and an OCI ImageConfig, and applies a
+// mixture of a slice of Dockerfile-style instructions and fields from a config
+// blob to them both
+func Override(dconfig *docker.Config, oconfig *v1.ImageConfig, overrideChanges []string, overrideConfig *manifest.Schema2Config) error {
+	if len(overrideChanges) > 0 {
+		if overrideConfig == nil {
+			overrideConfig = &manifest.Schema2Config{}
+		}
+		// Parse the set of changes as we would a Dockerfile.
+		changes := strings.Join(overrideChanges, "\n")
+		parsed, err := imagebuilder.ParseDockerfile(strings.NewReader(changes))
+		if err != nil {
+			return fmt.Errorf("parsing change set %+v: %w", changes, err)
+		}
+		// Create a dummy builder object to process configuration-related
+		// instructions.
+		subBuilder := imagebuilder.NewBuilder(nil)
+		// Convert the incoming data into an initial RunConfig.
+		subBuilder.RunConfig = *GoDockerclientConfigFromSchema2Config(overrideConfig)
+		// Process the change instructions one by one.
+		for _, node := range parsed.Children {
+			var step imagebuilder.Step
+			if err := step.Resolve(node); err != nil {
+				return fmt.Errorf("resolving change %q: %w", node.Original, err)
+			}
+			if err := subBuilder.Run(&step, &configOnlyExecutor{}, true); err != nil {
+				return fmt.Errorf("processing change %q: %w", node.Original, err)
+			}
+		}
+		// Pull settings out of the dummy builder's RunConfig.
+		overrideConfig = Schema2ConfigFromGoDockerclientConfig(&subBuilder.RunConfig)
+	}
+	if overrideConfig != nil {
+		// Apply changes from a possibly-provided possibly-changed config struct.
+		dconfig.Hostname = firstStringElseSecondString(overrideConfig.Hostname, dconfig.Hostname)
+		dconfig.Domainname = firstStringElseSecondString(overrideConfig.Domainname, dconfig.Domainname)
+		dconfig.User = firstStringElseSecondString(overrideConfig.User, dconfig.User)
+		oconfig.User = firstStringElseSecondString(overrideConfig.User, oconfig.User)
+		dconfig.AttachStdin = overrideConfig.AttachStdin
+		dconfig.AttachStdout = overrideConfig.AttachStdout
+		dconfig.AttachStderr = overrideConfig.AttachStderr
+		if len(overrideConfig.ExposedPorts) > 0 {
+			dexposedPorts := make(map[docker.Port]struct{})
+			oexposedPorts := make(map[string]struct{})
+			for port := range dconfig.ExposedPorts {
+				dexposedPorts[port] = struct{}{}
+			}
+			for port := range overrideConfig.ExposedPorts {
+				dexposedPorts[docker.Port(port)] = struct{}{}
+			}
+			for port := range oconfig.ExposedPorts {
+				oexposedPorts[port] = struct{}{}
+			}
+			for port := range overrideConfig.ExposedPorts {
+				oexposedPorts[string(port)] = struct{}{}
+			}
+			dconfig.ExposedPorts = dexposedPorts
+			oconfig.ExposedPorts = oexposedPorts
+		}
+		dconfig.Tty = overrideConfig.Tty
+		dconfig.OpenStdin = overrideConfig.OpenStdin
+		dconfig.StdinOnce = overrideConfig.StdinOnce
+		if len(overrideConfig.Env) > 0 {
+			dconfig.Env = mergeEnv(dconfig.Env, overrideConfig.Env)
+			oconfig.Env = mergeEnv(oconfig.Env, overrideConfig.Env)
+		}
+		dconfig.Entrypoint, dconfig.Cmd = firstSlicePairElseSecondSlicePair(overrideConfig.Entrypoint, overrideConfig.Cmd, dconfig.Entrypoint, dconfig.Cmd)
+		oconfig.Entrypoint, oconfig.Cmd = firstSlicePairElseSecondSlicePair(overrideConfig.Entrypoint, overrideConfig.Cmd, oconfig.Entrypoint, oconfig.Cmd)
+		if overrideConfig.Healthcheck != nil {
+			dconfig.Healthcheck = &docker.HealthConfig{
+				Test:        append([]string{}, overrideConfig.Healthcheck.Test...),
+				Interval:    overrideConfig.Healthcheck.Interval,
+				Timeout:     overrideConfig.Healthcheck.Timeout,
+				StartPeriod: overrideConfig.Healthcheck.StartPeriod,
+				Retries:     overrideConfig.Healthcheck.Retries,
+			}
+		}
+		dconfig.ArgsEscaped = overrideConfig.ArgsEscaped
+		dconfig.Image = firstStringElseSecondString(overrideConfig.Image, dconfig.Image)
+		if len(overrideConfig.Volumes) > 0 {
+			if dconfig.Volumes == nil {
+				dconfig.Volumes = make(map[string]struct{})
+			}
+			if oconfig.Volumes == nil {
+				oconfig.Volumes = make(map[string]struct{})
+			}
+			for volume := range overrideConfig.Volumes {
+				dconfig.Volumes[volume] = struct{}{}
+				oconfig.Volumes[volume] = struct{}{}
+			}
+		}
+		dconfig.WorkingDir = firstStringElseSecondString(overrideConfig.WorkingDir, dconfig.WorkingDir)
+		oconfig.WorkingDir = firstStringElseSecondString(overrideConfig.WorkingDir, oconfig.WorkingDir)
+		dconfig.NetworkDisabled = overrideConfig.NetworkDisabled
+		dconfig.MacAddress = overrideConfig.MacAddress
+		dconfig.OnBuild = overrideConfig.OnBuild
+		if len(overrideConfig.Labels) > 0 {
+			if dconfig.Labels == nil {
+				dconfig.Labels = make(map[string]string)
+			}
+			if oconfig.Labels == nil {
+				oconfig.Labels = make(map[string]string)
+			}
+			for k, v := range overrideConfig.Labels {
+				dconfig.Labels[k] = v
+				oconfig.Labels[k] = v
+			}
+		}
+		dconfig.StopSignal = overrideConfig.StopSignal
+		oconfig.StopSignal = overrideConfig.StopSignal
+		dconfig.StopTimeout = overrideConfig.StopTimeout
+		dconfig.Shell = firstSliceElseSecondSlice(overrideConfig.Shell, dconfig.Shell)
+	}
+	return nil
+}