commit 572498be56 moved the ioutils.HashData
utility to the libnetwork resolvconf package.
After removing, we saw some tests in the reference pacakge failing;
=== Failed
=== FAIL: reference TestLoad (0.00s)
store_test.go:53: failed to parse reference: unsupported digest algorithm
=== FAIL: reference TestSave (0.00s)
store_test.go:82: failed to parse reference: unsupported digest algorithm
=== FAIL: reference TestAddDeleteGet (0.00s)
store_test.go:174: could not parse reference: unsupported digest algorithm
=== FAIL: reference TestInvalidTags (0.00s)
store_test.go:355: assertion failed: error is not nil: unsupported digest algorithm
Those failures were because those tests depended on a side-effect of the
ioutils package being imported, which (before removal of HashData) imported
crypto/sha256, registering that algorithms, which on its turn was used by
github.com/opencontainers/go-digest to determnin if a given algorithm must
be accepted (see [go-digest#64]).
As a workaround, these imports were added. pkg/ioutils is now imported
in less places, and should not be depended on for this purpose.
Let's remove this workaround; if needed, these imports can be added in
a more relevant location.
This reverts commit 98caf09f0f.
[go-digest#64]: https://github.com/opencontainers/go-digest/pull/64
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
It was added in Docker [v1.3.0] through bd130e72a0,
but never used, and its behavior never documented. There are no publicly
visible external consumers of this function, so let's remove it.
[v1.3.0]: https://github.com/moby/moby/releases/tag/v1.3.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
commit e9bbc41dd1 removed our fork of
pkg/archive that was in place to mitigate CVE-2019-14271. As part of that
change, a nosysFileInfo type was added to prevent tar.FileInfoHeader from
looking up user- and group-names.
A proposal was pending in go https://go.dev/issue/50102 to define an
interface for implementing custom lookup functions to be implemented,
and disable go's builtin lookup. That proposal was accepted, and is now
implemented in go1.23.
Thia patch makes the nosysFileInfo implement the tar.FileInfoNames interface
to prevent tar.FileInfoHeader from performing its own lookups. While the
mitigation implemented in e9bbc41dd1 should
already prevent this from happening, implementing the interface does not
cost us much and is complementary to the existing mitigation.
This patch keeps the mitigation added in a316b10dab
in place for any unforeseen other code.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
It was only used internally, and has no external consumers; deprecate
it to be removed in the next release.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These types are only used internally in container/streams and have no
external consumers. move them to a subpackage of container/streams.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Apart from being used internally for NewWriteFlusher, it's only used
in a single location outside of this package. Copy the implementation
where it's used, and mark it deprecated.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
it was moved to pkg/ioutils in c30a55f14d,
and only had a single use at the time in [engine/Env.WriteTo]. That use
was removed in 531f4122bd, which removed
the engine package.
[engine/Env.WriteTo]: c30a55f14d/engine/env.go (L260-L264)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These types are only used internally in container/streams and have no
external consumers. Deprecate them in preparation of moving them to
a subpackage of container/streams.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This type was exported in fd35494a25 to be
used in tests in pkg/archive. It's no longer used in pkg/archive since
ba90fd8da0, so we can un-export it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Separare idtools functionality that is used internally from the
functionlality used by importers. The `pkg/idtools` package is now
much smaller and more generic.
Signed-off-by: Derek McGowan <derek@mcg.dev>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This function is only used internally and has no external consumers.
Mark it deprecated to be removed in the next release.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- use t.TempDir()
- combine various tests to check if New() sets expected values instead
of skipping tests when not.
- remove gotest.tools, as it was only used minimally
- replace uses of "path" for filepath operations.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This type was originally in pkg/transport, but got moved to pkg/ioutils
in 276c640be4.
This type is only used in a single location, and has no external consumers,
so we can move it where it's used and un-export it.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Cleanup decompress logic and add a pool. The close logic should be
custom defined for each compression type since they have different
close interfaces.
Signed-off-by: Derek McGowan <derek@mcg.dev>
After the untar errors, the reader must complete in order to fill
the buffer used by the subsequent check.
Signed-off-by: Derek McGowan <derek@mcg.dev>
commit 86d1223a29 introduced a custom version
of `os.MkdirAll` for Windows to account for situations where the path to
create would start with a Windows volume name (GUID path), for example,
`"\\?\Volume{4c1b02c1-d990-11dc-99ae-806e6f6e6963}\`. At the time that patch
was added we were using [go1.4.2], which did not have special handling
for Windows in [MkdirAll], therefore would recognize such paths as regular
paths, trying to create them, which would fail.
This code was later updated in 46ec4c1ae2
to provide ACL (DACL) support on Windows.
Further updates were made in cfef1b11e5 and
55ceb5047c to allow for an early return when
detecting a volume GUID path, and the code was re-aligned with the latest
(go1.19.2) implementation in f058afc861, which
brought in the platform-specific [fixRootDirectory] handling introduced in
go1.11. While that enhancement detected UNC volume-paths (`\\?c\`, `//?/c:`),
it did not yet support volume GUID paths.
go1.22, through [golang.org/cl/86295] added support for this, and `os.MkdirAll`
now natively detects volume GUID paths, making our own implementation for
this redundant.
This patch:
- Deprecates pkg/system.MkdirAll in favor of os.MkdirAll, which now provides
the same functionality on go1.22 and up.
- Renames the (non-exported) `mkdirall` function to `mkdirAllWithACL`, and
synchronises `it` with the [implementation in go1.23.4], bringing in the
changes from [golang.org/cl/86295] and [golang.org/cl/582499].
- Adds a fast path to `MkdirAllWithACL` if no ACL / SDDL is provided.
It's worth noting that we currently still support go1.22, and that the
implementation changed in go1.23; those changes ([golang.org/cl/581517]
and [golang.org/cl/566556]) were lateral moves, therefore should be
identical to the implementation in go1.22, and we can safely use the
implementation provided by [filepath.VolumeName] on either go1.22 or go1.23.
[go1.4.2]: 86d1223a29/Dockerfile (L77)
[MkdirAll]: https://github.com/golang/go/blob/go1.4.2/src/os/path.go#L19-L60
[fixRootDirectory]: b86e766813
[golang.org/cl/86295]: cd589c8a73
[golang.org/cl/582499]: 5616ab6025
[golang.org/cl/581517]: ad22356ec6
[golang.org/cl/566556]: ceef0633b3
[1]: https://github.com/golang/go/blob/go1.23.4/src/os/path.go#L12-L66
[filepath.VolumeName]: https://pkg.go.dev/path/filepath#VolumeName
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These comments were added to prevent users from accidentally
importing using the wrong module name, but they don't have
an effect when working in go modules mode.
Remove the comments in preparation of moving this package
to a separate module.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Remove use of github.com/pkg/errors for this package, in preparation
of it being moved to a separate module.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
