Vendor buildah after merging https://github.com/containers/buildah/pull/1214

This updates buildah for the sysregistriesv2 changes.

Signed-off-by: Miloslav Trmač <mitr@redhat.com>

vendor.conf

@@ -92,7 +92,7 @@ k8s.io/kube-openapi 275e2ce91dec4c05a4094a7b1daee5560b555ac9 https://github.com/
 k8s.io/utils 258e2a2fa64568210fbd6267cf1d8fd87c3cb86e https://github.com/kubernetes/utils
 github.com/mrunalp/fileutils master
 github.com/varlink/go master
-github.com/containers/buildah 2ac987a52ff8412fb8f2908a191009751a6a1c62
+github.com/containers/buildah 9c65e5699cfa486531b3f123d9ce74873f0e18aa
 github.com/Nvveen/Gotty master
 github.com/fsouza/go-dockerclient master
 github.com/openshift/imagebuilder master

vendor/github.com/containers/buildah/README.md

@@ -105,6 +105,7 @@ $ sudo ./lighttpd.sh
 | [buildah-copy(1)](/docs/buildah-copy.md)             | Copies the contents of a file, URL, or directory into a container's working directory.               |
 | [buildah-from(1)](/docs/buildah-from.md)             | Creates a new working container, either from scratch or using a specified image as a starting point. |
 | [buildah-images(1)](/docs/buildah-images.md)         | List images in local storage.                                                                        |
+| [buildah-info(1)](/docs/buildah-info.md)             | Display Buildah system information.                                                                  |
 | [buildah-inspect(1)](/docs/buildah-inspect.md)       | Inspects the configuration of a container or image.                                                  |
 | [buildah-mount(1)](/docs/buildah-mount.md)           | Mount the working container's root filesystem.                                                       |
 | [buildah-pull(1)](/docs/buildah-pull.md)             | Pull an image from the specified location.                                                           |

vendor/github.com/containers/buildah/buildah.go

@@ -25,7 +25,7 @@ const (
 	Package = "buildah"
 	// Version for the Package.  Bump version in contrib/rpm/buildah.spec
 	// too.
-	Version = "1.5-dev"
+	Version = "1.6-dev"
 	// The value we use to identify what type of information, currently a
 	// serialized Builder structure, we are using as per-container state.
 	// This should only be changed when we make incompatible changes to

vendor/github.com/containers/buildah/common.go

@@ -38,7 +38,6 @@ func getCopyOptions(reportWriter io.Writer, sourceReference types.ImageReference
 	if err != nil {
 		logrus.Debugf("error determining if registry for %q is insecure: %v", transports.ImageName(sourceReference), err)
 	} else if sourceInsecure {
-		sourceCtx.DockerInsecureSkipTLSVerify = true
 		sourceCtx.OCIInsecureSkipTLSVerify = true
 	}
 
@@ -56,7 +55,6 @@ func getCopyOptions(reportWriter io.Writer, sourceReference types.ImageReference
 	if err != nil {
 		logrus.Debugf("error determining if registry for %q is insecure: %v", transports.ImageName(destinationReference), err)
 	} else if destinationInsecure {
-		destinationCtx.DockerInsecureSkipTLSVerify = true
 		destinationCtx.OCIInsecureSkipTLSVerify = true
 	}
 

vendor/github.com/containers/buildah/config.go

@@ -543,3 +543,37 @@ func (b *Builder) SetStopSignal(stopSignal string) {
 	b.OCIv1.Config.StopSignal = stopSignal
 	b.Docker.Config.StopSignal = stopSignal
 }
+
+// Healthcheck returns information that recommends how a container engine
+// should check if a running container is "healthy".
+func (b *Builder) Healthcheck() *docker.HealthConfig {
+	if b.Docker.Config.Healthcheck == nil {
+		return nil
+	}
+	return &docker.HealthConfig{
+		Test:        copyStringSlice(b.Docker.Config.Healthcheck.Test),
+		Interval:    b.Docker.Config.Healthcheck.Interval,
+		Timeout:     b.Docker.Config.Healthcheck.Timeout,
+		StartPeriod: b.Docker.Config.Healthcheck.StartPeriod,
+		Retries:     b.Docker.Config.Healthcheck.Retries,
+	}
+}
+
+// SetHealthcheck sets recommended commands to run in order to verify that a
+// running container based on this image is "healthy", along with information
+// specifying how often that test should be run, and how many times the test
+// should fail before the container should be considered unhealthy.
+// Note: this setting is not present in the OCIv1 image format, so it is
+// discarded when writing images using OCIv1 formats.
+func (b *Builder) SetHealthcheck(config *docker.HealthConfig) {
+	b.Docker.Config.Healthcheck = nil
+	if config != nil {
+		b.Docker.Config.Healthcheck = &docker.HealthConfig{
+			Test:        copyStringSlice(config.Test),
+			Interval:    config.Interval,
+			Timeout:     config.Timeout,
+			StartPeriod: config.StartPeriod,
+			Retries:     config.Retries,
+		}
+	}
+}

vendor/github.com/containers/buildah/docker/types.go

@@ -60,8 +60,9 @@ type HealthConfig struct {
 	Test []string `json:",omitempty"`
 
 	// Zero means to inherit. Durations are expressed as integer nanoseconds.
-	Interval time.Duration `json:",omitempty"` // Interval is the time to wait between checks.
-	Timeout  time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung.
+	Interval    time.Duration `json:",omitempty"` // Interval is the time to wait between checks.
+	Timeout     time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung.
+	StartPeriod time.Duration `json:",omitempty"` // Time to wait after the container starts before running the first check.
 
 	// Retries is the number of consecutive failures needed to consider a container as unhealthy.
 	// Zero means inherit.

vendor/github.com/containers/buildah/imagebuildah/build.go

@@ -15,6 +15,7 @@ import (
 	"time"
 
 	"github.com/containers/buildah"
+	buildahdocker "github.com/containers/buildah/docker"
 	"github.com/containers/buildah/util"
 	cp "github.com/containers/image/copy"
 	"github.com/containers/image/docker/reference"
@@ -225,6 +226,18 @@ type Executor struct {
 	copyFrom                       string            // Used to keep track of the --from flag from COPY and ADD
 }
 
+// builtinAllowedBuildArgs is list of built-in allowed build args
+var builtinAllowedBuildArgs = map[string]bool{
+	"HTTP_PROXY":  true,
+	"http_proxy":  true,
+	"HTTPS_PROXY": true,
+	"https_proxy": true,
+	"FTP_PROXY":   true,
+	"ftp_proxy":   true,
+	"NO_PROXY":    true,
+	"no_proxy":    true,
+}
+
 // withName creates a new child executor that will be used whenever a COPY statement uses --from=NAME.
 func (b *Executor) withName(name string, index int) *Executor {
 	if b.named == nil {
@@ -793,12 +806,28 @@ func (b *Executor) Execute(ctx context.Context, stage imagebuilder.Stage) error
 	commitName := b.output
 	b.containerIDs = nil
 
+	var leftoverArgs []string
+	for arg := range b.builder.Args {
+		if !builtinAllowedBuildArgs[arg] {
+			leftoverArgs = append(leftoverArgs, arg)
+		}
+	}
 	for i, node := range node.Children {
 		step := ib.Step()
 		if err := step.Resolve(node); err != nil {
 			return errors.Wrapf(err, "error resolving step %+v", *node)
 		}
 		logrus.Debugf("Parsed Step: %+v", *step)
+		if step.Command == "arg" {
+			for index, arg := range leftoverArgs {
+				for _, Arg := range step.Args {
+					list := strings.SplitN(Arg, "=", 2)
+					if arg == list[0] {
+						leftoverArgs = append(leftoverArgs[:index], leftoverArgs[index+1:]...)
+					}
+				}
+			}
+		}
 		if !b.quiet {
 			b.log("%s", step.Original)
 		}
@@ -895,6 +924,9 @@ func (b *Executor) Execute(ctx context.Context, stage imagebuilder.Stage) error
 			}
 		}
 	}
+	if len(leftoverArgs) > 0 {
+		fmt.Fprintf(b.out, "[Warning] One or more build-args %v were not consumed\n", leftoverArgs)
+	}
 	return nil
 }
 
@@ -1139,6 +1171,17 @@ func (b *Executor) Commit(ctx context.Context, ib *imagebuilder.Builder, created
 	b.builder.SetEntrypoint(config.Entrypoint)
 	b.builder.SetShell(config.Shell)
 	b.builder.SetStopSignal(config.StopSignal)
+	if config.Healthcheck != nil {
+		b.builder.SetHealthcheck(&buildahdocker.HealthConfig{
+			Test:        append([]string{}, config.Healthcheck.Test...),
+			Interval:    config.Healthcheck.Interval,
+			Timeout:     config.Healthcheck.Timeout,
+			StartPeriod: config.Healthcheck.StartPeriod,
+			Retries:     config.Healthcheck.Retries,
+		})
+	} else {
+		b.builder.SetHealthcheck(nil)
+	}
 	b.builder.ClearLabels()
 	for k, v := range config.Labels {
 		b.builder.SetLabel(k, v)

vendor/github.com/containers/buildah/info.go

@@ -0,0 +1,207 @@
+package buildah
+
+import (
+	"bufio"
+	"bytes"
+	"fmt"
+	"io/ioutil"
+	"os"
+	"runtime"
+	"strconv"
+	"strings"
+	"time"
+
+	"github.com/containers/libpod/pkg/rootless"
+	"github.com/containers/storage"
+	"github.com/containers/storage/pkg/system"
+	"github.com/sirupsen/logrus"
+)
+
+// InfoData holds the info type, i.e store, host etc and the data for each type
+type InfoData struct {
+	Type string
+	Data map[string]interface{}
+}
+
+// Info returns the store and host information
+func Info(store storage.Store) ([]InfoData, error) {
+	info := []InfoData{}
+	// get host information
+	hostInfo, err := hostInfo()
+	if err != nil {
+		logrus.Error(err, "error getting host info")
+	}
+	info = append(info, InfoData{Type: "host", Data: hostInfo})
+
+	// get store information
+	storeInfo, err := storeInfo(store)
+	if err != nil {
+		logrus.Error(err, "error getting store info")
+	}
+	info = append(info, InfoData{Type: "store", Data: storeInfo})
+	return info, nil
+}
+
+func hostInfo() (map[string]interface{}, error) {
+	info := map[string]interface{}{}
+	info["os"] = runtime.GOOS
+	info["arch"] = runtime.GOARCH
+	info["cpus"] = runtime.NumCPU()
+	info["rootless"] = rootless.IsRootless()
+	mi, err := system.ReadMemInfo()
+	if err != nil {
+		logrus.Error(err, "err reading memory info")
+		info["MemTotal"] = ""
+		info["MenFree"] = ""
+		info["SwapTotal"] = ""
+		info["SwapFree"] = ""
+	} else {
+		info["MemTotal"] = mi.MemTotal
+		info["MenFree"] = mi.MemFree
+		info["SwapTotal"] = mi.SwapTotal
+		info["SwapFree"] = mi.SwapFree
+	}
+	hostDistributionInfo := getHostDistributionInfo()
+	info["Distribution"] = map[string]interface{}{
+		"distribution": hostDistributionInfo["Distribution"],
+		"version":      hostDistributionInfo["Version"],
+	}
+
+	kv, err := readKernelVersion()
+	if err != nil {
+		logrus.Error(err, "error reading kernel version")
+	}
+	info["kernel"] = kv
+
+	up, err := readUptime()
+	if err != nil {
+		logrus.Error(err, "error reading up time")
+	}
+	// Convert uptime in seconds to a human-readable format
+	upSeconds := up + "s"
+	upDuration, err := time.ParseDuration(upSeconds)
+	if err != nil {
+		logrus.Error(err, "error parsing system uptime")
+	}
+
+	hoursFound := false
+	var timeBuffer bytes.Buffer
+	var hoursBuffer bytes.Buffer
+	for _, elem := range upDuration.String() {
+		timeBuffer.WriteRune(elem)
+		if elem == 'h' || elem == 'm' {
+			timeBuffer.WriteRune(' ')
+			if elem == 'h' {
+				hoursFound = true
+			}
+		}
+		if !hoursFound {
+			hoursBuffer.WriteRune(elem)
+		}
+	}
+
+	info["uptime"] = timeBuffer.String()
+	if hoursFound {
+		hours, err := strconv.ParseFloat(hoursBuffer.String(), 64)
+		if err == nil {
+			days := hours / 24
+			info["uptime"] = fmt.Sprintf("%s (Approximately %.2f days)", info["uptime"], days)
+		}
+	}
+
+	host, err := os.Hostname()
+	if err != nil {
+		logrus.Error(err, "error getting hostname")
+	}
+	info["hostname"] = host
+
+	return info, nil
+
+}
+
+// top-level "store" info
+func storeInfo(store storage.Store) (map[string]interface{}, error) {
+	// lets say storage driver in use, number of images, number of containers
+	info := map[string]interface{}{}
+	info["GraphRoot"] = store.GraphRoot()
+	info["RunRoot"] = store.RunRoot()
+	info["GraphDriverName"] = store.GraphDriverName()
+	info["GraphOptions"] = store.GraphOptions()
+	statusPairs, err := store.Status()
+	if err != nil {
+		return nil, err
+	}
+	status := map[string]string{}
+	for _, pair := range statusPairs {
+		status[pair[0]] = pair[1]
+	}
+	info["GraphStatus"] = status
+	images, err := store.Images()
+	if err != nil {
+		logrus.Error(err, "error getting number of images")
+	}
+	info["ImageStore"] = map[string]interface{}{
+		"number": len(images),
+	}
+
+	containers, err := store.Containers()
+	if err != nil {
+		logrus.Error(err, "error getting number of containers")
+	}
+	info["ContainerStore"] = map[string]interface{}{
+		"number": len(containers),
+	}
+
+	return info, nil
+}
+
+func readKernelVersion() (string, error) {
+	buf, err := ioutil.ReadFile("/proc/version")
+	if err != nil {
+		return "", err
+	}
+	f := bytes.Fields(buf)
+	if len(f) < 2 {
+		return string(bytes.TrimSpace(buf)), nil
+	}
+	return string(f[2]), nil
+}
+
+func readUptime() (string, error) {
+	buf, err := ioutil.ReadFile("/proc/uptime")
+	if err != nil {
+		return "", err
+	}
+	f := bytes.Fields(buf)
+	if len(f) < 1 {
+		return "", fmt.Errorf("invalid uptime")
+	}
+	return string(f[0]), nil
+}
+
+// getHostDistributionInfo returns a map containing the host's distribution and version
+func getHostDistributionInfo() map[string]string {
+	dist := make(map[string]string)
+
+	// Populate values in case we cannot find the values
+	// or the file
+	dist["Distribution"] = "unknown"
+	dist["Version"] = "unknown"
+
+	f, err := os.Open("/etc/os-release")
+	if err != nil {
+		return dist
+	}
+	defer f.Close()
+
+	l := bufio.NewScanner(f)
+	for l.Scan() {
+		if strings.HasPrefix(l.Text(), "ID=") {
+			dist["Distribution"] = strings.TrimPrefix(l.Text(), "ID=")
+		}
+		if strings.HasPrefix(l.Text(), "VERSION_ID=") {
+			dist["Version"] = strings.Trim(strings.TrimPrefix(l.Text(), "VERSION_ID="), "\"")
+		}
+	}
+	return dist
+}

vendor/github.com/containers/buildah/pkg/parse/parse.go

@@ -282,7 +282,7 @@ func SystemContextFromOptions(c *cli.Context) (*types.SystemContext, error) {
 		DockerCertPath: c.String("cert-dir"),
 	}
 	if c.IsSet("tls-verify") {
-		ctx.DockerInsecureSkipTLSVerify = !c.BoolT("tls-verify")
+		ctx.DockerInsecureSkipTLSVerify = types.NewOptionalBool(!c.BoolT("tls-verify"))
 		ctx.OCIInsecureSkipTLSVerify = !c.BoolT("tls-verify")
 		ctx.DockerDaemonInsecureSkipTLSVerify = !c.BoolT("tls-verify")
 	}

vendor/github.com/containers/buildah/util.go

@@ -175,11 +175,11 @@ func (b *Builder) tarPath() func(path string) (io.ReadCloser, error) {
 
 // isRegistryInsecure checks if the named registry is marked as not secure
 func isRegistryInsecure(registry string, sc *types.SystemContext) (bool, error) {
-	registries, err := sysregistriesv2.GetRegistries(sc)
+	reginfo, err := sysregistriesv2.FindRegistry(sc, registry)
 	if err != nil {
 		return false, errors.Wrapf(err, "unable to parse the registries configuration (%s)", sysregistries.RegistriesConfPath(sc))
 	}
-	if reginfo := sysregistriesv2.FindRegistry(registry, registries); reginfo != nil {
+	if reginfo != nil {
 		if reginfo.Insecure {
 			logrus.Debugf("registry %q is marked insecure in registries configuration %q", registry, sysregistries.RegistriesConfPath(sc))
 		} else {
@@ -193,11 +193,11 @@ func isRegistryInsecure(registry string, sc *types.SystemContext) (bool, error)
 
 // isRegistryBlocked checks if the named registry is marked as blocked
 func isRegistryBlocked(registry string, sc *types.SystemContext) (bool, error) {
-	registries, err := sysregistriesv2.GetRegistries(sc)
+	reginfo, err := sysregistriesv2.FindRegistry(sc, registry)
 	if err != nil {
 		return false, errors.Wrapf(err, "unable to parse the registries configuration (%s)", sysregistries.RegistriesConfPath(sc))
 	}
-	if reginfo := sysregistriesv2.FindRegistry(registry, registries); reginfo != nil {
+	if reginfo != nil {
 		if reginfo.Blocked {
 			logrus.Debugf("registry %q is marked as blocked in registries configuration %q", registry, sysregistries.RegistriesConfPath(sc))
 		} else {

vendor/github.com/containers/buildah/util/util.go

@@ -122,12 +122,11 @@ func ResolveName(name string, firstRegistry string, sc *types.SystemContext, sto
 
 	// Figure out the list of registries.
 	var registries []string
-	allRegistries, err := sysregistriesv2.GetRegistries(sc)
+	searchRegistries, err := sysregistriesv2.FindUnqualifiedSearchRegistries(sc)
 	if err != nil {
 		logrus.Debugf("unable to read configured registries to complete %q: %v", name, err)
-		registries = []string{}
 	}
-	for _, registry := range sysregistriesv2.FindUnqualifiedSearchRegistries(allRegistries) {
+	for _, registry := range searchRegistries {
 		if !registry.Blocked {
 			registries = append(registries, registry.URL)
 		}

vendor/github.com/containers/buildah/vendor.conf

@@ -3,7 +3,7 @@ github.com/blang/semver master
 github.com/BurntSushi/toml master
 github.com/containerd/continuity master
 github.com/containernetworking/cni v0.7.0-alpha1
-github.com/containers/image de7be82ee3c7fb676bf6cfdc9090be7cc28f404c
+github.com/containers/image 63a1cbdc5e6537056695cf0d627c0a33b334df53
 github.com/containers/libpod fe4f09493f41f675d24c969d1b60d1a6a45ddb9e
 github.com/containers/storage 3161726d1db0d0d4e86a9667dd476f09b997f497
 github.com/docker/distribution 5f6282db7d65e6d72ad7c2cc66310724a57be716