Bump to Buildah v1.40.0

Bumps to Buildah v1.40.0 and adds the `--inherits-labels` option to build and farm build man pages. Also turn off the inherit-labels option test for now as it seems to be rathr unhappy. Issue for inherit-labels test failure: https://github.com/containers/podman/issues/25938 Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
2025-12-01 10:38:05 +08:00 · 2025-04-21 15:45:26 -04:00
parent a3e132055d
commit 76b07dd48d
54 changed files with 661 additions and 305 deletions
--- a/vendor/github.com/containers/buildah/chroot/seccomp.go
+++ b/vendor/github.com/containers/buildah/chroot/seccomp.go
@@ -4,16 +4,12 @@ package chroot

 import (
 	"fmt"
-	"os"

-	"github.com/containers/common/pkg/seccomp"
 	specs "github.com/opencontainers/runtime-spec/specs-go"
 	libseccomp "github.com/seccomp/libseccomp-golang"
 	"github.com/sirupsen/logrus"
 )

-const seccompAvailable = true
-
 // setSeccomp sets the seccomp filter for ourselves and any processes that we'll start.
 func setSeccomp(spec *specs.Spec) error {
 	logrus.Debugf("setting seccomp configuration")
@@ -178,27 +174,3 @@ func setSeccomp(spec *specs.Spec) error {
 	}
 	return nil
 }
-
-func setupSeccomp(spec *specs.Spec, seccompProfilePath string) error {
-	switch seccompProfilePath {
-	case "unconfined":
-		spec.Linux.Seccomp = nil
-	case "":
-		seccompConfig, err := seccomp.GetDefaultProfile(spec)
-		if err != nil {
-			return fmt.Errorf("loading default seccomp profile failed: %w", err)
-		}
-		spec.Linux.Seccomp = seccompConfig
-	default:
-		seccompProfile, err := os.ReadFile(seccompProfilePath)
-		if err != nil {
-			return fmt.Errorf("opening seccomp profile failed: %w", err)
-		}
-		seccompConfig, err := seccomp.LoadProfile(string(seccompProfile), spec)
-		if err != nil {
-			return fmt.Errorf("loading seccomp profile (%s) failed: %w", seccompProfilePath, err)
-		}
-		spec.Linux.Seccomp = seccompConfig
-	}
-	return nil
-}