build(deps): bump github.com/containers/storage from 1.15.7 to 1.15.8

Bumps [github.com/containers/storage](https://github.com/containers/storage) from 1.15.7 to 1.15.8. - [Release notes](https://github.com/containers/storage/releases) - [Changelog](https://github.com/containers/storage/blob/master/docs/containers-storage-changes.md) - [Commits](https://github.com/containers/storage/compare/v1.15.7...v1.15.8) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
2025-06-02 10:46:09 +08:00 · 2020-02-03 09:16:41 +00:00
parent 4699d5e02d
commit 94453c85c7
38 changed files with 681 additions and 2410 deletions
--- a/vendor/github.com/containers/storage/.golangci.yml
+++ b/vendor/github.com/containers/storage/.golangci.yml
@ -3,37 +3,35 @@ run:
  concurrency: 6
  deadline: 5m
 linters:
-  disable-all: true
-  enable:
-    - bodyclose
-    - depguard
-    - gofmt
-    - interfacer
-    - typecheck
-    # - deadcode
-    # - dupl
-    # - errcheck
-    # - gochecknoglobals
-    # - gochecknoinits
-    # - goconst
-    # - gocritic
-    # - gocyclo
-    # - goimports
-    # - golint
-    # - gosec
-    # - gosimple
-    # - govet
-    # - ineffassign
-    # - lll
-    # - maligned
-    # - misspell
-    # - nakedret
-    # - prealloc
-    # - scopelint
-    # - staticcheck
-    # - structcheck
-    # - stylecheck
-    # - unconvert
-    # - unparam
-    # - unused
-    # - varcheck
+  enable-all: true
+  disable:
+    - dogsled
+    - dupl
+    - errcheck
+    - funlen
+    - gochecknoglobals
+    - gochecknoinits
+    - gocognit
+    - gocritic
+    - gocyclo
+    - godox
+    - gomnd
+    - gosec
+    - gosimple
+    - govet
+    - ineffassign
+    - lll
+    - maligned
+    - misspell
+    - nakedret
+    - prealloc
+    - scopelint
+    - staticcheck
+    - structcheck
+    - stylecheck
+    - unconvert
+    - unparam
+    - unused
+    - varcheck
+    - whitespace
+    - wsl
--- a/vendor/github.com/containers/storage/VERSION
+++ b/vendor/github.com/containers/storage/VERSION
@ -1 +1 @@
-1.15.8-dev
+1.15.8
--- a/vendor/github.com/containers/storage/drivers/aufs/aufs.go
+++ b/vendor/github.com/containers/storage/drivers/aufs/aufs.go
@ -35,7 +35,7 @@ import (
 	"sync"
 	"time"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/containers/storage/pkg/archive"
 	"github.com/containers/storage/pkg/chrootarchive"
 	"github.com/containers/storage/pkg/directory"
--- a/vendor/github.com/containers/storage/drivers/btrfs/btrfs.go
+++ b/vendor/github.com/containers/storage/drivers/btrfs/btrfs.go
@ -26,7 +26,7 @@ import (
 	"sync"
 	"unsafe"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/containers/storage/pkg/idtools"
 	"github.com/containers/storage/pkg/mount"
 	"github.com/containers/storage/pkg/parsers"
--- a/vendor/github.com/containers/storage/drivers/chown_unix.go
+++ b/vendor/github.com/containers/storage/drivers/chown_unix.go
@ -25,14 +25,14 @@ func platformLChown(path string, info os.FileInfo, toHost, toContainer *idtools.
 				UID: uid,
 				GID: gid,
 			}
-			mappedUid, mappedGid, err := toContainer.ToContainer(pair)
+			mappedUID, mappedGID, err := toContainer.ToContainer(pair)
 			if err != nil {
 				if (uid != 0) || (gid != 0) {
 					return fmt.Errorf("error mapping host ID pair %#v for %q to container: %v", pair, path, err)
 				}
-				mappedUid, mappedGid = uid, gid
+				mappedUID, mappedGID = uid, gid
 			}
-			uid, gid = mappedUid, mappedGid
+			uid, gid = mappedUID, mappedGID
 		}
 		if toHost != nil {
 			pair := idtools.IDPair{
--- a/vendor/github.com/containers/storage/drivers/devmapper/deviceset.go
+++ b/vendor/github.com/containers/storage/drivers/devmapper/deviceset.go
@ -18,7 +18,7 @@ import (
 	"sync"
 	"time"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/containers/storage/pkg/devicemapper"
 	"github.com/containers/storage/pkg/dmesg"
 	"github.com/containers/storage/pkg/idtools"
@ -49,8 +49,13 @@ var (
 	lvmSetupConfigForce          bool
 )

-const deviceSetMetaFile string = "deviceset-metadata"
-const transactionMetaFile string = "transaction-metadata"
+const (
+	deviceSetMetaFile   = "deviceset-metadata"
+	transactionMetaFile = "transaction-metadata"
+	xfs                 = "xfs"
+	ext4                = "ext4"
+	base                = "base"
+)

 type transaction struct {
 	OpenTransactionID uint64 `json:"open_transaction_id"`
@ -199,7 +204,7 @@ func getDevName(name string) string {
 func (info *devInfo) Name() string {
 	hash := info.Hash
 	if hash == "" {
-		hash = "base"
+		hash = base
 	}
 	return fmt.Sprintf("%s-%s", info.devices.devicePrefix, hash)
 }
@ -219,7 +224,7 @@ func (devices *DeviceSet) metadataDir() string {
 func (devices *DeviceSet) metadataFile(info *devInfo) string {
 	file := info.Hash
 	if file == "" {
-		file = "base"
+		file = base
 	}
 	return path.Join(devices.metadataDir(), file)
 }
@ -440,7 +445,7 @@ func (devices *DeviceSet) deviceFileWalkFunction(path string, finfo os.FileInfo)
 	logrus.Debugf("devmapper: Loading data for file %s", path)

 	hash := finfo.Name()
-	if hash == "base" {
+	if hash == base {
 		hash = ""
 	}

@ -542,7 +547,7 @@ func xfsSupported() error {
 	}

 	// Check if kernel supports xfs filesystem or not.
-	exec.Command("modprobe", "xfs").Run()
+	exec.Command("modprobe", xfs).Run()

 	f, err := os.Open("/proc/filesystems")
 	if err != nil {
@ -567,16 +572,16 @@ func xfsSupported() error {
 func determineDefaultFS() string {
 	err := xfsSupported()
 	if err == nil {
-		return "xfs"
+		return xfs
 	}

-	logrus.Warnf("devmapper: XFS is not supported in your system (%v). Defaulting to ext4 filesystem", err)
-	return "ext4"
+	logrus.Warnf("devmapper: XFS is not supported in your system (%v). Defaulting to %s filesystem", ext4, err)
+	return ext4
 }

 // mkfsOptions tries to figure out whether some additional mkfs options are required
 func mkfsOptions(fs string) []string {
-	if fs == "xfs" && !kernel.CheckKernelVersion(3, 16, 0) {
+	if fs == xfs && !kernel.CheckKernelVersion(3, 16, 0) {
 		// For kernels earlier than 3.16 (and newer xfsutils),
 		// some xfs features need to be explicitly disabled.
 		return []string{"-m", "crc=0,finobt=0"}
@ -609,9 +614,9 @@ func (devices *DeviceSet) createFilesystem(info *devInfo) (err error) {
 	}()

 	switch devices.filesystem {
-	case "xfs":
+	case xfs:
 		err = exec.Command("mkfs.xfs", args...).Run()
-	case "ext4":
+	case ext4:
 		err = exec.Command("mkfs.ext4", append([]string{"-E", "nodiscard,lazy_itable_init=0,lazy_journal_init=0"}, args...)...).Run()
 		if err != nil {
 			err = exec.Command("mkfs.ext4", append([]string{"-E", "nodiscard,lazy_itable_init=0"}, args...)...).Run()
@ -1197,7 +1202,7 @@ func (devices *DeviceSet) growFS(info *devInfo) error {
 	}

 	options := ""
-	if devices.BaseDeviceFilesystem == "xfs" {
+	if devices.BaseDeviceFilesystem == xfs {
 		// XFS needs nouuid or it can't mount filesystems with the same fs
 		options = joinMountOptions(options, "nouuid")
 	}
@ -1210,11 +1215,11 @@ func (devices *DeviceSet) growFS(info *devInfo) error {
 	defer unix.Unmount(fsMountPoint, unix.MNT_DETACH)

 	switch devices.BaseDeviceFilesystem {
-	case "ext4":
+	case ext4:
 		if out, err := exec.Command("resize2fs", info.DevName()).CombinedOutput(); err != nil {
 			return fmt.Errorf("Failed to grow rootfs:%v:%s", err, string(out))
 		}
-	case "xfs":
+	case xfs:
 		if out, err := exec.Command("xfs_growfs", info.DevName()).CombinedOutput(); err != nil {
 			return fmt.Errorf("Failed to grow rootfs:%v:%s", err, string(out))
 		}
@ -2391,7 +2396,7 @@ func (devices *DeviceSet) MountDevice(hash, path string, moptions graphdriver.Mo

 	options := ""

-	if fstype == "xfs" {
+	if fstype == xfs {
 		// XFS needs nouuid or it can't mount filesystems with the same fs
 		options = joinMountOptions(options, "nouuid")
 	}
@ -2412,7 +2417,7 @@ func (devices *DeviceSet) MountDevice(hash, path string, moptions graphdriver.Mo
 		return fmt.Errorf("devmapper: Error mounting '%s' on '%s': %s\n%v", info.DevName(), path, err, string(dmesg.Dmesg(256)))
 	}

-	if fstype == "xfs" && devices.xfsNospaceRetries != "" {
+	if fstype == xfs && devices.xfsNospaceRetries != "" {
 		if err := devices.xfsSetNospaceRetries(info); err != nil {
 			unix.Unmount(path, unix.MNT_DETACH)
 			devices.deactivateDevice(info)
@ -2693,7 +2698,7 @@ func NewDeviceSet(root string, doInit bool, options []string, uidMaps, gidMaps [
 			}
 			devices.metaDataLoopbackSize = size
 		case "dm.fs":
-			if val != "ext4" && val != "xfs" {
+			if val != ext4 && val != xfs {
 				return nil, fmt.Errorf("devmapper: Unsupported filesystem %s", val)
 			}
 			devices.filesystem = val
--- a/vendor/github.com/containers/storage/drivers/devmapper/driver.go
+++ b/vendor/github.com/containers/storage/drivers/devmapper/driver.go
@ -9,7 +9,7 @@ import (
 	"path"
 	"strconv"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/containers/storage/pkg/devicemapper"
 	"github.com/containers/storage/pkg/idtools"
 	"github.com/containers/storage/pkg/locker"
--- a/vendor/github.com/containers/storage/drivers/driver.go
+++ b/vendor/github.com/containers/storage/drivers/driver.go
@ -49,8 +49,8 @@ type MountOpts struct {
 	// Mount label is the MAC Labels to assign to mount point (SELINUX)
 	MountLabel string
 	// UidMaps & GidMaps are the User Namespace mappings to be assigned to content in the mount point
-	UidMaps []idtools.IDMap
-	GidMaps []idtools.IDMap
+	UidMaps []idtools.IDMap // nolint: golint
+	GidMaps []idtools.IDMap // nolint: golint
 	Options []string
 }

--- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go
+++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go
@ -401,9 +401,8 @@ func supportsOverlay(home string, homeMagic graphdriver.FsMagic, rootUID, rootGI
 			if err == nil {
 				logrus.Debugf("overlay test mount with multiple lowers succeeded")
 				return supportsDType, nil
-			} else {
-				logrus.Debugf("overlay test mount with multiple lowers failed %v", err)
 			}
+			logrus.Debugf("overlay test mount with multiple lowers failed %v", err)
 		}
 		flags = fmt.Sprintf("lowerdir=%s,upperdir=%s,workdir=%s", lower1Dir, upperDir, workDir)
 		if len(flags) < unix.Getpagesize() {
@ -411,9 +410,8 @@ func supportsOverlay(home string, homeMagic graphdriver.FsMagic, rootUID, rootGI
 			if err == nil {
 				logrus.Errorf("overlay test mount with multiple lowers failed, but succeeded with a single lower")
 				return supportsDType, errors.Wrap(graphdriver.ErrNotSupported, "kernel too old to provide multiple lowers feature for overlay")
-			} else {
-				logrus.Debugf("overlay test mount with a single lower failed %v", err)
 			}
+			logrus.Debugf("overlay test mount with a single lower failed %v", err)
 		}
 		logrus.Errorf("'overlay' is not supported over %s at %q", backingFs, home)
 		return supportsDType, errors.Wrapf(graphdriver.ErrIncompatibleFS, "'overlay' is not supported over %s at %q", backingFs, home)
@ -810,15 +808,6 @@ func (d *Driver) get(id string, disableShifting bool, options graphdriver.MountO
 		return "", err
 	}
 	readWrite := true
-	// fuse-overlayfs doesn't support working without an upperdir.
-	if d.options.mountProgram == "" {
-		for _, o := range options.Options {
-			if o == "ro" {
-				readWrite = false
-				break
-			}
-		}
-	}

 	lowers, err := ioutil.ReadFile(path.Join(dir, lowerFile))
 	if err != nil && !os.IsNotExist(err) {
--- a/vendor/github.com/containers/storage/drivers/overlayutils/overlayutils.go
+++ b/vendor/github.com/containers/storage/drivers/overlayutils/overlayutils.go
@ -5,7 +5,7 @@ package overlayutils
 import (
 	"fmt"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/pkg/errors"
 )

--- a/vendor/github.com/containers/storage/drivers/vfs/driver.go
+++ b/vendor/github.com/containers/storage/drivers/vfs/driver.go
@ -8,7 +8,7 @@ import (
 	"strconv"
 	"strings"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/containers/storage/pkg/archive"
 	"github.com/containers/storage/pkg/idtools"
 	"github.com/containers/storage/pkg/parsers"
--- a/vendor/github.com/containers/storage/drivers/zfs/zfs.go
+++ b/vendor/github.com/containers/storage/drivers/zfs/zfs.go
@ -12,7 +12,7 @@ import (
 	"sync"
 	"time"

-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/containers/storage/pkg/idtools"
 	"github.com/containers/storage/pkg/mount"
 	"github.com/containers/storage/pkg/parsers"
--- a/vendor/github.com/containers/storage/drivers/zfs/zfs_linux.go
+++ b/vendor/github.com/containers/storage/drivers/zfs/zfs_linux.go
@ -1,7 +1,7 @@
 package zfs

 import (
-	"github.com/containers/storage/drivers"
+	graphdriver "github.com/containers/storage/drivers"
 	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 )
--- a/vendor/github.com/containers/storage/go.mod
+++ b/vendor/github.com/containers/storage/go.mod
@ -7,14 +7,14 @@ require (
 	github.com/Microsoft/hcsshim v0.8.7
 	github.com/docker/docker v0.0.0-20171019062838-86f080cff091 // indirect
 	github.com/docker/go-units v0.4.0
-	github.com/klauspost/compress v1.9.7
+	github.com/klauspost/compress v1.9.8
 	github.com/klauspost/cpuid v1.2.1 // indirect
 	github.com/klauspost/pgzip v1.2.1
-	github.com/mattn/go-shellwords v1.0.7
+	github.com/mattn/go-shellwords v1.0.9
 	github.com/mistifyio/go-zfs v2.1.1+incompatible
 	github.com/opencontainers/go-digest v1.0.0-rc1
 	github.com/opencontainers/runc v1.0.0-rc9
-	github.com/opencontainers/selinux v1.3.0
+	github.com/opencontainers/selinux v1.3.1
 	github.com/pkg/errors v0.9.1
 	github.com/pquerna/ffjson v0.0.0-20181028064349-e517b90714f7
 	github.com/sirupsen/logrus v1.4.2
@ -24,7 +24,7 @@ require (
 	github.com/tchap/go-patricia v2.3.0+incompatible
 	github.com/vbatts/tar-split v0.11.1
 	golang.org/x/net v0.0.0-20190628185345-da137c7871d7
-	golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3
+	golang.org/x/sys v0.0.0-20191115151921-52ab43148777
 	gotest.tools v2.2.0+incompatible
 )

--- a/vendor/github.com/containers/storage/go.sum
+++ b/vendor/github.com/containers/storage/go.sum
@ -77,6 +77,8 @@ github.com/klauspost/compress v1.9.5 h1:U+CaK85mrNNb4k8BNOfgJtJ/gr6kswUCFj6miSzV
 github.com/klauspost/compress v1.9.5/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/klauspost/compress v1.9.7 h1:hYW1gP94JUmAhBtJ+LNz5My+gBobDxPR1iVuKug26aA=
 github.com/klauspost/compress v1.9.7/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
+github.com/klauspost/compress v1.9.8 h1:VMAMUUOh+gaxKTMk+zqbjsSjsIcUcL/LF4o63i82QyA=
+github.com/klauspost/compress v1.9.8/go.mod h1:RyIbtBH6LamlWaDj8nUwkbUhJ87Yi3uG0guNDohfE1A=
 github.com/klauspost/cpuid v1.2.1 h1:vJi+O/nMdFt0vqm8NZBI6wzALWdA2X+egi0ogNyrC/w=
 github.com/klauspost/cpuid v1.2.1/go.mod h1:Pj4uuM528wm8OyEC2QMXAi2YiTZ96dNQPGgoMS4s3ek=
 github.com/klauspost/pgzip v1.2.1 h1:oIPZROsWuPHpOdMVWLuJZXwgjhrW8r1yEX8UqMyeNHM=
@ -89,6 +91,8 @@ github.com/mattn/go-shellwords v1.0.6 h1:9Jok5pILi5S1MnDirGVTufYGtksUs/V2BWUP3Zk
 github.com/mattn/go-shellwords v1.0.6/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o=
 github.com/mattn/go-shellwords v1.0.7 h1:KqhVjVZomx2puPACkj9vrGFqnp42Htvo9SEAWePHKOs=
 github.com/mattn/go-shellwords v1.0.7/go.mod h1:3xCvwCdWdlDJUrvuMn7Wuy9eWs4pE8vqg+NOMyg4B2o=
+github.com/mattn/go-shellwords v1.0.9 h1:eaB5JspOwiKKcHdqcjbfe5lA9cNn/4NRRtddXJCimqk=
+github.com/mattn/go-shellwords v1.0.9/go.mod h1:EZzvwXDESEeg03EKmM+RmDnNOPKG4lLtQsUlTZDWQ8Y=
 github.com/mistifyio/go-zfs v2.1.1+incompatible h1:gAMO1HM9xBRONLHHYnu5iFsOJUiJdNZo6oqSENd4eW8=
 github.com/mistifyio/go-zfs v2.1.1+incompatible/go.mod h1:8AuVvqP/mXw1px98n46wfvcGfQ4ci2FwoAjKYxuo3Z4=
 github.com/mrunalp/fileutils v0.0.0-20171103030105-7d4729fb3618 h1:7InQ7/zrOh6SlFjaXFubv0xX0HsuC9qJsdqm7bNQpYM=
@ -111,6 +115,8 @@ github.com/opencontainers/selinux v1.2.2 h1:Kx9J6eDG5/24A6DtUquGSpJQ+m2MUTahn4Ft
 github.com/opencontainers/selinux v1.2.2/go.mod h1:+BLncwf63G4dgOzykXAxcmnFlUaOlkDdmw/CqsW6pjs=
 github.com/opencontainers/selinux v1.3.0 h1:xsI95WzPZu5exzA6JzkLSfdr/DilzOhCJOqGe5TgR0g=
 github.com/opencontainers/selinux v1.3.0/go.mod h1:+BLncwf63G4dgOzykXAxcmnFlUaOlkDdmw/CqsW6pjs=
+github.com/opencontainers/selinux v1.3.1 h1:dn2Rc3wTEvTB6iVqoFrKKeMb0uZ38ZheeyMu2h5C1TI=
+github.com/opencontainers/selinux v1.3.1/go.mod h1:yTcKuYAh6R95iDpefGLQaPaRwJFwyzAJufJyiTt7s0g=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@ -194,6 +200,8 @@ golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3 h1:7TYNF4UdlohbFwpNH04CoPMp1
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191025090151-53bf42e6b339 h1:zSqWKgm/o7HAnlAzBQ+aetp9fpuyytsXnKA8eiLHYQM=
 golang.org/x/sys v0.0.0-20191025090151-53bf42e6b339/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20191115151921-52ab43148777 h1:wejkGHRTr38uaKRqECZlsCsJ1/TGxIyFbH32x5zUdu4=
+golang.org/x/sys v0.0.0-20191115151921-52ab43148777/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20191127021746-63cb32ae39b2 h1:/J2nHFg1MTqaRLFO7M+J78ASNsJoz3r0cvHBPQ77fsE=
 golang.org/x/sys v0.0.0-20191127021746-63cb32ae39b2/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
--- a/vendor/github.com/containers/storage/images.go
+++ b/vendor/github.com/containers/storage/images.go
@ -214,17 +214,17 @@ func bigDataNameIsManifest(name string) bool {

 // recomputeDigests takes a fixed digest and a name-to-digest map and builds a
 // list of the unique values that would identify the image.
-func (image *Image) recomputeDigests() error {
-	validDigests := make([]digest.Digest, 0, len(image.BigDataDigests)+1)
+func (i *Image) recomputeDigests() error {
+	validDigests := make([]digest.Digest, 0, len(i.BigDataDigests)+1)
 	digests := make(map[digest.Digest]struct{})
-	if image.Digest != "" {
-		if err := image.Digest.Validate(); err != nil {
-			return errors.Wrapf(err, "error validating image digest %q", string(image.Digest))
+	if i.Digest != "" {
+		if err := i.Digest.Validate(); err != nil {
+			return errors.Wrapf(err, "error validating image digest %q", string(i.Digest))
 		}
-		digests[image.Digest] = struct{}{}
-		validDigests = append(validDigests, image.Digest)
+		digests[i.Digest] = struct{}{}
+		validDigests = append(validDigests, i.Digest)
 	}
-	for name, digest := range image.BigDataDigests {
+	for name, digest := range i.BigDataDigests {
 		if !bigDataNameIsManifest(name) {
 			continue
 		}
@ -237,10 +237,10 @@ func (image *Image) recomputeDigests() error {
 			validDigests = append(validDigests, digest)
 		}
 	}
-	if image.Digest == "" && len(validDigests) > 0 {
-		image.Digest = validDigests[0]
+	if i.Digest == "" && len(validDigests) > 0 {
+		i.Digest = validDigests[0]
 	}
-	image.Digests = validDigests
+	i.Digests = validDigests
 	return nil
 }

--- a/vendor/github.com/containers/storage/layers.go
+++ b/vendor/github.com/containers/storage/layers.go
@ -239,6 +239,10 @@ type LayerStore interface {
 	// ApplyDiff reads a tarstream which was created by a previous call to Diff and
 	// applies its changes to a specified layer.
 	ApplyDiff(to string, diff io.Reader) (int64, error)
+
+	// LoadLocked wraps Load in a locked state. This means it loads the store
+	// and cleans-up invalid layers if needed.
+	LoadLocked() error
 }

 type layerStore struct {
@ -346,6 +350,7 @@ func (r *layerStore) Load() error {
 	r.byname = names
 	r.bycompressedsum = compressedsums
 	r.byuncompressedsum = uncompressedsums
+
 	// Load and merge information about which layers are mounted, and where.
 	if r.IsReadWrite() {
 		r.mountsLockfile.RLock()
@ -353,22 +358,23 @@ func (r *layerStore) Load() error {
 		if err = r.loadMounts(); err != nil {
 			return err
 		}
-	}
-	// Last step: if we're writable, try to remove anything that a previous
-	// user of this storage area marked for deletion but didn't manage to
-	// actually delete.
-	if r.IsReadWrite() && r.Locked() {
-		for _, layer := range r.layers {
-			if layer.Flags == nil {
-				layer.Flags = make(map[string]interface{})
-			}
-			if cleanup, ok := layer.Flags[incompleteFlag]; ok {
-				if b, ok := cleanup.(bool); ok && b {
-					err = r.deleteInternal(layer.ID)
-					if err != nil {
-						break
+
+		// Last step: as we’re writable, try to remove anything that a previous
+		// user of this storage area marked for deletion but didn't manage to
+		// actually delete.
+		if r.Locked() {
+			for _, layer := range r.layers {
+				if layer.Flags == nil {
+					layer.Flags = make(map[string]interface{})
+				}
+				if cleanup, ok := layer.Flags[incompleteFlag]; ok {
+					if b, ok := cleanup.(bool); ok && b {
+						err = r.deleteInternal(layer.ID)
+						if err != nil {
+							break
+						}
+						shouldSave = true
 					}
-					shouldSave = true
 				}
 			}
 		}
@ -376,9 +382,16 @@ func (r *layerStore) Load() error {
 			return r.saveLayers()
 		}
 	}
+
 	return err
 }

+func (r *layerStore) LoadLocked() error {
+	r.lockfile.Lock()
+	defer r.lockfile.Unlock()
+	return r.Load()
+}
+
 func (r *layerStore) loadMounts() error {
 	mounts := make(map[string]*Layer)
 	mpath := r.mountspath()
@ -487,8 +500,6 @@ func (s *store) newLayerStore(rundir string, layerdir string, driver drivers.Dri
 	if err != nil {
 		return nil, err
 	}
-	lockfile.Lock()
-	defer lockfile.Unlock()
 	mountsLockfile, err := GetLockfile(filepath.Join(rundir, "mountpoints.lock"))
 	if err != nil {
 		return nil, err
@ -516,8 +527,6 @@ func newROLayerStore(rundir string, layerdir string, driver drivers.Driver) (ROL
 	if err != nil {
 		return nil, err
 	}
-	lockfile.RLock()
-	defer lockfile.Unlock()
 	rlstore := layerStore{
 		lockfile:       lockfile,
 		mountsLockfile: nil,
--- a/vendor/github.com/containers/storage/layers_ffjson.go
+++ b/vendor/github.com/containers/storage/layers_ffjson.go
--- a/vendor/github.com/containers/storage/pkg/archive/archive.go
+++ b/vendor/github.com/containers/storage/pkg/archive/archive.go
@ -68,6 +68,12 @@ type (
 	}
 )

+const (
+	tarExt  = "tar"
+	solaris = "solaris"
+	windows = "windows"
+)
+
 // Archiver allows the reuse of most utility functions of this package with a
 // pluggable Untar function.  To facilitate the passing of specific id mappings
 // for untar, an archiver can be created with maps which will then be passed to
@ -325,15 +331,15 @@ func ReplaceFileTarWrapper(inputTarStream io.ReadCloser, mods map[string]TarModi
 func (compression *Compression) Extension() string {
 	switch *compression {
 	case Uncompressed:
-		return "tar"
+		return tarExt
 	case Bzip2:
-		return "tar.bz2"
+		return tarExt + ".bz2"
 	case Gzip:
-		return "tar.gz"
+		return tarExt + ".gz"
 	case Xz:
-		return "tar.xz"
+		return tarExt + ".xz"
 	case Zstd:
-		return "tar.zst"
+		return tarExt + ".zst"
 	}
 	return ""
 }
@ -670,7 +676,7 @@ func createTarFile(path, extractDir string, hdr *tar.Header, reader io.Reader, L
 	}

 	// Lchown is not supported on Windows.
-	if Lchown && runtime.GOOS != "windows" {
+	if Lchown && runtime.GOOS != windows {
 		if chownOpts == nil {
 			chownOpts = &idtools.IDPair{UID: hdr.Uid, GID: hdr.Gid}
 		}
--- a/vendor/github.com/containers/storage/pkg/archive/changes_unix.go
+++ b/vendor/github.com/containers/storage/pkg/archive/changes_unix.go
@ -13,17 +13,17 @@ import (

 func statDifferent(oldStat *system.StatT, oldInfo *FileInfo, newStat *system.StatT, newInfo *FileInfo) bool {
 	// Don't look at size for dirs, its not a good measure of change
-	oldUid, oldGid := oldStat.UID(), oldStat.GID()
+	oldUID, oldGID := oldStat.UID(), oldStat.GID()
 	uid, gid := newStat.UID(), newStat.GID()
 	if cuid, cgid, err := newInfo.idMappings.ToContainer(idtools.IDPair{UID: int(uid), GID: int(gid)}); err == nil {
 		uid = uint32(cuid)
 		gid = uint32(cgid)
-		if oldcuid, oldcgid, err := oldInfo.idMappings.ToContainer(idtools.IDPair{UID: int(oldUid), GID: int(oldGid)}); err == nil {
-			oldUid = uint32(oldcuid)
-			oldGid = uint32(oldcgid)
+		if oldcuid, oldcgid, err := oldInfo.idMappings.ToContainer(idtools.IDPair{UID: int(oldUID), GID: int(oldGID)}); err == nil {
+			oldUID = uint32(oldcuid)
+			oldGID = uint32(oldcgid)
 		}
 	}
-	ownerChanged := uid != oldUid || gid != oldGid
+	ownerChanged := uid != oldUID || gid != oldGID
 	if oldStat.Mode() != newStat.Mode() ||
 		ownerChanged ||
 		oldStat.Rdev() != newStat.Rdev() ||
--- a/vendor/github.com/containers/storage/pkg/archive/diff.go
+++ b/vendor/github.com/containers/storage/pkg/archive/diff.go
@ -68,7 +68,7 @@ func UnpackLayer(dest string, layer io.Reader, options *TarOptions) (size int64,
 		// specific or Linux-specific, this warning should be changed to an error
 		// to cater for the situation where someone does manage to upload a Linux
 		// image but have it tagged as Windows inadvertently.
-		if runtime.GOOS == "windows" {
+		if runtime.GOOS == windows {
 			if strings.Contains(hdr.Name, ":") {
 				logrus.Warnf("Windows: Ignoring %s (is this a Linux image?)", hdr.Name)
 				continue
--- a/vendor/github.com/containers/storage/pkg/fileutils/fileutils.go
+++ b/vendor/github.com/containers/storage/pkg/fileutils/fileutils.go
@ -226,8 +226,9 @@ func (p *Pattern) compile() error {

 	sl := string(os.PathSeparator)
 	escSL := sl
-	if sl == `\` {
-		escSL += `\`
+	const bs = `\`
+	if sl == bs {
+		escSL += bs
 	}

 	for scan.Peek() != scanner.EOF {
@ -262,11 +263,11 @@ func (p *Pattern) compile() error {
 		} else if ch == '.' || ch == '$' {
 			// Escape some regexp special chars that have no meaning
 			// in golang's filepath.Match
-			regStr += `\` + string(ch)
+			regStr += bs + string(ch)
 		} else if ch == '\\' {
 			// escape next char. Note that a trailing \ in the pattern
 			// will be left alone (but need to escape it)
-			if sl == `\` {
+			if sl == bs {
 				// On windows map "\" to "\\", meaning an escaped backslash,
 				// and then just continue because filepath.Match on
 				// Windows doesn't allow escaping at all
@ -274,9 +275,9 @@ func (p *Pattern) compile() error {
 				continue
 			}
 			if scan.Peek() != scanner.EOF {
-				regStr += `\` + string(scan.Next())
+				regStr += bs + string(scan.Next())
 			} else {
-				regStr += `\`
+				regStr += bs
 			}
 		} else {
 			regStr += string(ch)
--- a/vendor/github.com/containers/storage/pkg/lockfile/lockfile_unix.go
+++ b/vendor/github.com/containers/storage/pkg/lockfile/lockfile_unix.go
@ -77,14 +77,14 @@ func createLockerForPath(path string, ro bool) (Locker, error) {

 // lock locks the lockfile via FCTNL(2) based on the specified type and
 // command.
-func (l *lockfile) lock(l_type int16, recursive bool) {
+func (l *lockfile) lock(lType int16, recursive bool) {
 	lk := unix.Flock_t{
-		Type:   l_type,
+		Type:   lType,
 		Whence: int16(os.SEEK_SET),
 		Start:  0,
 		Len:    0,
 	}
-	switch l_type {
+	switch lType {
 	case unix.F_RDLCK:
 		l.rwMutex.RLock()
 	case unix.F_WRLCK:
@ -96,7 +96,7 @@ func (l *lockfile) lock(l_type int16, recursive bool) {
 			l.rwMutex.Lock()
 		}
 	default:
-		panic(fmt.Sprintf("attempted to acquire a file lock of unrecognized type %d", l_type))
+		panic(fmt.Sprintf("attempted to acquire a file lock of unrecognized type %d", lType))
 	}
 	l.stateMutex.Lock()
 	defer l.stateMutex.Unlock()
@ -116,7 +116,7 @@ func (l *lockfile) lock(l_type int16, recursive bool) {
 			time.Sleep(10 * time.Millisecond)
 		}
 	}
-	l.locktype = l_type
+	l.locktype = lType
 	l.locked = true
 	l.recursive = recursive
 	l.counter++
--- a/vendor/github.com/containers/storage/pkg/mount/flags_linux.go
+++ b/vendor/github.com/containers/storage/pkg/mount/flags_linux.go
@ -82,6 +82,4 @@ const (
 	// it possible for the kernel to default to relatime or noatime but still
 	// allow userspace to override it.
 	STRICTATIME = unix.MS_STRICTATIME
-
-	mntDetach = unix.MNT_DETACH
 )
--- a/vendor/github.com/containers/storage/pkg/mount/mounter_linux.go
+++ b/vendor/github.com/containers/storage/pkg/mount/mounter_linux.go
@ -13,6 +13,8 @@ const (

 	// broflags is the combination of bind and read only
 	broflags = unix.MS_BIND | unix.MS_RDONLY
+
+	none = "none"
 )

 // isremount returns true if either device name or flags identify a remount request, false otherwise.
@ -20,7 +22,7 @@ func isremount(device string, flags uintptr) bool {
 	switch {
 	// We treat device "" and "none" as a remount request to provide compatibility with
 	// requests that don't explicitly set MS_REMOUNT such as those manipulating bind mounts.
-	case flags&unix.MS_REMOUNT != 0, device == "", device == "none":
+	case flags&unix.MS_REMOUNT != 0, device == "", device == none:
 		return true
 	default:
 		return false
--- a/vendor/github.com/containers/storage/store.go
+++ b/vendor/github.com/containers/storage/store.go
@ -2783,18 +2783,24 @@ func (s *store) ContainerParentOwners(id string) ([]int, []int, error) {
 }

 func (s *store) Layers() ([]Layer, error) {
-	var layers []Layer
 	lstore, err := s.LayerStore()
 	if err != nil {
 		return nil, err
 	}
+	if err := lstore.LoadLocked(); err != nil {
+		return nil, err
+	}
+	layers, err := lstore.Layers()
+	if err != nil {
+		return nil, err
+	}

 	lstores, err := s.ROLayerStores()
 	if err != nil {
 		return nil, err
 	}

-	for _, s := range append([]ROLayerStore{lstore}, lstores...) {
+	for _, s := range lstores {
 		store := s
 		store.RLock()
 		defer store.Unlock()
--- a/vendor/github.com/containers/storage/utils.go
+++ b/vendor/github.com/containers/storage/utils.go
@ -69,8 +69,8 @@ func ParseIDMapping(UIDMapSlice, GIDMapSlice []string, subUIDMap, subGIDMap stri
 }

 // GetRootlessRuntimeDir returns the runtime directory when running as non root
-func GetRootlessRuntimeDir(rootlessUid int) (string, error) {
-	path, err := getRootlessRuntimeDir(rootlessUid)
+func GetRootlessRuntimeDir(rootlessUID int) (string, error) {
+	path, err := getRootlessRuntimeDir(rootlessUID)
 	if err != nil {
 		return "", err
 	}
@ -81,18 +81,18 @@ func GetRootlessRuntimeDir(rootlessUid int) (string, error) {
 	return path, nil
 }

-func getRootlessRuntimeDir(rootlessUid int) (string, error) {
+func getRootlessRuntimeDir(rootlessUID int) (string, error) {
 	runtimeDir := os.Getenv("XDG_RUNTIME_DIR")

 	if runtimeDir != "" {
 		return runtimeDir, nil
 	}
-	tmpDir := fmt.Sprintf("/run/user/%d", rootlessUid)
+	tmpDir := fmt.Sprintf("/run/user/%d", rootlessUID)
 	st, err := system.Stat(tmpDir)
 	if err == nil && int(st.UID()) == os.Getuid() && st.Mode()&0700 == 0700 && st.Mode()&0066 == 0000 {
 		return tmpDir, nil
 	}
-	tmpDir = fmt.Sprintf("%s/%d", os.TempDir(), rootlessUid)
+	tmpDir = fmt.Sprintf("%s/%d", os.TempDir(), rootlessUID)
 	if err := os.MkdirAll(tmpDir, 0700); err != nil {
 		logrus.Errorf("failed to create %s: %v", tmpDir, err)
 	} else {
@ -111,8 +111,8 @@ func getRootlessRuntimeDir(rootlessUid int) (string, error) {

 // getRootlessDirInfo returns the parent path of where the storage for containers and
 // volumes will be in rootless mode
-func getRootlessDirInfo(rootlessUid int) (string, string, error) {
-	rootlessRuntime, err := GetRootlessRuntimeDir(rootlessUid)
+func getRootlessDirInfo(rootlessUID int) (string, string, error) {
+	rootlessRuntime, err := GetRootlessRuntimeDir(rootlessUID)
 	if err != nil {
 		return "", "", err
 	}
@ -135,10 +135,10 @@ func getRootlessDirInfo(rootlessUid int) (string, string, error) {
 }

 // getRootlessStorageOpts returns the storage opts for containers running as non root
-func getRootlessStorageOpts(rootlessUid int) (StoreOptions, error) {
+func getRootlessStorageOpts(rootlessUID int) (StoreOptions, error) {
 	var opts StoreOptions

-	dataDir, rootlessRuntime, err := getRootlessDirInfo(rootlessUid)
+	dataDir, rootlessRuntime, err := getRootlessDirInfo(rootlessUID)
 	if err != nil {
 		return opts, err
 	}
@ -153,10 +153,6 @@ func getRootlessStorageOpts(rootlessUid int) (StoreOptions, error) {
 	return opts, nil
 }

-type tomlOptionsConfig struct {
-	MountProgram string `toml:"mount_program"`
-}
-
 func getTomlStorage(storeOptions *StoreOptions) *tomlConfig {
 	config := new(tomlConfig)

@ -189,21 +185,21 @@ func DefaultStoreOptionsAutoDetectUID() (StoreOptions, error) {
 }

 // DefaultStoreOptions returns the default storage ops for containers
-func DefaultStoreOptions(rootless bool, rootlessUid int) (StoreOptions, error) {
+func DefaultStoreOptions(rootless bool, rootlessUID int) (StoreOptions, error) {
 	var (
 		defaultRootlessRunRoot   string
 		defaultRootlessGraphRoot string
 		err                      error
 	)
 	storageOpts := defaultStoreOptions
-	if rootless && rootlessUid != 0 {
-		storageOpts, err = getRootlessStorageOpts(rootlessUid)
+	if rootless && rootlessUID != 0 {
+		storageOpts, err = getRootlessStorageOpts(rootlessUID)
 		if err != nil {
 			return storageOpts, err
 		}
 	}

-	storageConf, err := DefaultConfigFile(rootless && rootlessUid != 0)
+	storageConf, err := DefaultConfigFile(rootless && rootlessUID != 0)
 	if err != nil {
 		return storageOpts, err
 	}
@ -218,7 +214,7 @@ func DefaultStoreOptions(rootless bool, rootlessUid int) (StoreOptions, error) {
 		ReloadConfigurationFile(storageConf, &storageOpts)
 	}

-	if rootless && rootlessUid != 0 {
+	if rootless && rootlessUID != 0 {
 		if err == nil {
 			// If the file did not specify a graphroot or runroot,
 			// set sane defaults so we don't try and use root-owned