opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-05 12:52:12 +08:00
Code Issues Packages Projects Releases Wiki Activity

vendor: update buildah to latest

Browse Source 
Includes a fix for CVE-2024-9407

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This commit is contained in:
Paul Holzinger
2024-10-02 11:29:28 +02:00
parent dde1c3d98c
commit 83a0299309
106 changed files with 1414 additions and 1115 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
vendor/github.com/containers/buildah/pkg/parse/parse.go generated vendored
View File

@@ -15,7 +15,7 @@ import (
"strings"
"unicode"
"github.com/containerd/containerd/platforms"
"github.com/containerd/platforms"
"github.com/containers/buildah/define"
mkcwtypes "github.com/containers/buildah/internal/mkcw/types"
internalParse "github.com/containers/buildah/internal/parse"
@@ -250,7 +250,6 @@ func parseSecurityOpts(securityOpts []string, commonOpts *define.CommonBuildOpti
default:
return fmt.Errorf("invalid --security-opt 2: %q", opt)
}
}
if commonOpts.SeccompProfilePath == "" {
@@ -328,7 +327,7 @@ func validateExtraHost(val string) error {
// validateIPAddress validates an Ip address.
// for dns, ip, and ip6 flags also
func validateIPAddress(val string) (string, error) {
var ip = net.ParseIP(strings.TrimSpace(val))
ip := net.ParseIP(strings.TrimSpace(val))
if ip != nil {
return ip.String(), nil
}
@@ -636,7 +635,9 @@ func AuthConfig(creds string) (*types.DockerAuthConfig, error) {
username, password := parseCreds(creds)
if username == "" {
fmt.Print("Username: ")
fmt.Scanln(&username)
if _, err := fmt.Scanln(&username); err != nil {
return nil, fmt.Errorf("reading user name: %w", err)
}
}
if password == "" {
fmt.Print("Password: ")
@@ -659,15 +660,19 @@ func GetBuildOutput(buildOutput string) (define.BuildOutputOption, error) {
if len(buildOutput) == 1 && buildOutput == "-" {
// Feature parity with buildkit, output tar to stdout
// Read more here: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs
return define.BuildOutputOption{Path: "",
return define.BuildOutputOption{
Path: "",
IsDir: false,
IsStdout: true}, nil
IsStdout: true,
}, nil
}
if !strings.Contains(buildOutput, ",") {
// expect default --output <dirname>
return define.BuildOutputOption{Path: buildOutput,
return define.BuildOutputOption{
Path: buildOutput,
IsDir: true,
IsStdout: false}, nil
IsStdout: false,
}, nil
}
isDir := true
isStdout := false
@@ -712,9 +717,11 @@ func GetBuildOutput(buildOutput string) (define.BuildOutputOption, error) {
if isDir {
return define.BuildOutputOption{}, fmt.Errorf("invalid build output option %q, type=local and dest=- is not supported", buildOutput)
}
return define.BuildOutputOption{Path: "",
return define.BuildOutputOption{
Path: "",
IsDir: false,
IsStdout: true}, nil
IsStdout: true,
}, nil
}
return define.BuildOutputOption{Path: path, IsDir: isDir, IsStdout: isStdout}, nil
@@ -750,7 +757,7 @@ func GetConfidentialWorkloadOptions(arg string) (define.ConfidentialWorkloadOpti
if options.AttestationURL == option {
options.AttestationURL = strings.TrimPrefix(option, "attestation-url=")
}
case strings.HasPrefix(option, "passphrase="), strings.HasPrefix(option, "passphrase="):
case strings.HasPrefix(option, "passphrase="):
options.Convert = true
options.DiskEncryptionPassphrase = strings.TrimPrefix(option, "passphrase=")
case strings.HasPrefix(option, "workload_id="), strings.HasPrefix(option, "workload-id="):
@@ -801,7 +808,7 @@ func SBOMScanOptions(c *cobra.Command) (*define.SBOMScanOptions, error) {
}
// SBOMScanOptionsFromFlagSet parses scan settings from the cli
func SBOMScanOptionsFromFlagSet(flags *pflag.FlagSet, findFlagFunc func(name string) *pflag.Flag) (*define.SBOMScanOptions, error) {
func SBOMScanOptionsFromFlagSet(flags *pflag.FlagSet, _ func(name string) *pflag.Flag) (*define.SBOMScanOptions, error) {
preset, err := flags.GetString("sbom")
if err != nil {
return nil, fmt.Errorf("invalid value for --sbom: %w", err)
@@ -866,7 +873,7 @@ func SBOMScanOptionsFromFlagSet(flags *pflag.FlagSet, findFlagFunc func(name str
}
// IDMappingOptions parses the build options related to user namespaces and ID mapping.
func IDMappingOptions(c *cobra.Command, isolation define.Isolation) (usernsOptions define.NamespaceOptions, idmapOptions *define.IDMappingOptions, err error) {
func IDMappingOptions(c *cobra.Command, _ define.Isolation) (usernsOptions define.NamespaceOptions, idmapOptions *define.IDMappingOptions, err error) {
return IDMappingOptionsFromFlagSet(c.Flags(), c.PersistentFlags(), c.Flag)
}
@@ -1209,7 +1216,7 @@ func Device(device string) (string, string, string, error) {
// isValidDeviceMode checks if the mode for device is valid or not.
// isValid mode is a composition of r (read), w (write), and m (mknod).
func isValidDeviceMode(mode string) bool {
var legalDeviceMode = map[rune]struct{}{
legalDeviceMode := map[rune]struct{}{
'r': {},
'w': {},
'm': {},
@@ -1285,7 +1292,6 @@ func Secrets(secrets []string) (map[string]define.Secret, error) {
SourceType: typ,
}
parsed[id] = newSecret
}
return parsed, nil
}