From 510dd75f689384df4d0fea7de45c52a4ad31ad73 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 22 Aug 2024 13:04:57 +0000 Subject: [PATCH] fix(deps): update module github.com/openshift/imagebuilder to v1.2.15 Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- go.mod | 6 +- go.sum | 12 +- .../containerd/errdefs/errdefs_deprecated.go | 118 ------ vendor/github.com/moby/buildkit/AUTHORS | 222 ++++++++++- .../frontend/dockerfile/parser/directives.go | 32 +- .../frontend/dockerfile/parser/errors.go | 7 +- .../dockerfile/parser/line_parsers.go | 46 ++- .../frontend/dockerfile/parser/parser.go | 55 ++- .../dockerfile/parser/split_command.go | 15 +- .../dockerfile/shell/equal_env_unix.go | 7 + .../dockerfile/shell/equal_env_windows.go | 7 + .../buildkit/frontend/dockerfile/shell/lex.go | 360 ++++++++++++++---- .../moby/buildkit/util/stack/stack.go | 27 +- .../moby/buildkit/util/stack/stack.pb.go | 2 +- .../moby/buildkit/util/stack/stack.proto | 16 +- .../openshift/imagebuilder/.travis.yml | 2 +- .../openshift/imagebuilder/dispatchers.go | 7 +- .../imagebuilder/dockerfile/parser/parser.go | 3 +- .../openshift/imagebuilder/imagebuilder.spec | 2 +- .../openshift/imagebuilder/internal/env.go | 23 ++ vendor/modules.txt | 14 +- 21 files changed, 678 insertions(+), 305 deletions(-) delete mode 100644 vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go create mode 100644 vendor/github.com/openshift/imagebuilder/internal/env.go diff --git a/go.mod b/go.mod index cf3b4752463..7c6c8e6c94c 100644 --- a/go.mod +++ b/go.mod @@ -33,14 +33,14 @@ require ( github.com/fsouza/go-dockerclient v1.11.2 github.com/hashicorp/go-multierror v1.1.1 github.com/mattn/go-shellwords v1.0.12 - github.com/moby/buildkit v0.12.5 + github.com/moby/buildkit v0.15.1 github.com/opencontainers/go-digest v1.0.0 github.com/opencontainers/image-spec v1.1.0 github.com/opencontainers/runc v1.1.13 github.com/opencontainers/runtime-spec v1.2.0 github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc github.com/opencontainers/selinux v1.11.0 - github.com/openshift/imagebuilder v1.2.14 + github.com/openshift/imagebuilder v1.2.15 github.com/seccomp/libseccomp-golang v0.10.0 github.com/sirupsen/logrus v1.9.3 github.com/spf13/cobra v1.8.1 @@ -125,7 +125,7 @@ require ( github.com/moby/patternmatcher v0.6.0 // indirect github.com/moby/sys/mountinfo v0.7.2 // indirect github.com/moby/sys/sequential v0.5.0 // indirect - github.com/moby/sys/user v0.2.0 // indirect + github.com/moby/sys/user v0.3.0 // indirect github.com/moby/sys/userns v0.1.0 // indirect github.com/moby/term v0.5.0 // indirect github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect diff --git a/go.sum b/go.sum index bd1c12cb7e4..41459c65970 100644 --- a/go.sum +++ b/go.sum @@ -240,8 +240,8 @@ github.com/mistifyio/go-zfs/v3 v3.0.1 h1:YaoXgBePoMA12+S1u/ddkv+QqxcfiZK4prI6HPn github.com/mistifyio/go-zfs/v3 v3.0.1/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/moby/buildkit v0.12.5 h1:RNHH1l3HDhYyZafr5EgstEu8aGNCwyfvMtrQDtjH9T0= -github.com/moby/buildkit v0.12.5/go.mod h1:YGwjA2loqyiYfZeEo8FtI7z4x5XponAaIWsWcSjWwso= +github.com/moby/buildkit v0.15.1 h1:J6wrew7hphKqlq1wuu6yaUb/1Ra7gEzDAovylGztAKM= +github.com/moby/buildkit v0.15.1/go.mod h1:Yis8ZMUJTHX9XhH9zVyK2igqSHV3sxi3UN0uztZocZk= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk= @@ -250,8 +250,8 @@ github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9Kou github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= github.com/moby/sys/sequential v0.5.0 h1:OPvI35Lzn9K04PBbCLW0g4LcFAJgHsvXsRyewg5lXtc= github.com/moby/sys/sequential v0.5.0/go.mod h1:tH2cOOs5V9MlPiXcQzRC+eEyab644PWKGRYaaV5ZZlo= -github.com/moby/sys/user v0.2.0 h1:OnpapJsRp25vkhw8TFG6OLJODNh/3rEwRWtJ3kakwRM= -github.com/moby/sys/user v0.2.0/go.mod h1:RYstrcWOJpVh+6qzUqp2bU3eaRpdiQeKGlKitaH0PM8= +github.com/moby/sys/user v0.3.0 h1:9ni5DlcW5an3SvRSx4MouotOygvzaXbaSrc/wGDFWPo= +github.com/moby/sys/user v0.3.0/go.mod h1:bG+tYYYJgaMtRKgEmuueC0hJEAZWwtIbZTB+85uoHjs= github.com/moby/sys/userns v0.1.0 h1:tVLXkFOxVu9A64/yh59slHVv9ahO9UIev4JZusOLG/g= github.com/moby/sys/userns v0.1.0/go.mod h1:IHUYgu/kao6N8YZlp9Cf444ySSvCmDlmzUcYfDHOl28= github.com/moby/term v0.5.0 h1:xt8Q1nalod/v7BqbG21f8mQPqH+xAaC9C3N3wfWbVP0= @@ -281,8 +281,8 @@ github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc h1: github.com/opencontainers/runtime-tools v0.9.1-0.20230914150019-408c51e934dc/go.mod h1:8tx1helyqhUC65McMm3x7HmOex8lO2/v9zPuxmKHurs= github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU= github.com/opencontainers/selinux v1.11.0/go.mod h1:E5dMC3VPuVvVHDYmi78qvhJp8+M586T4DlDRYpFkyec= -github.com/openshift/imagebuilder v1.2.14 h1:l4gUw0KIsjZrX7otfS4WoKxzGBrxYldU3pF4+5W/ud8= -github.com/openshift/imagebuilder v1.2.14/go.mod h1:KkkXOyRjJlZEXWQtHNBNzVHqh4vf/0xX5cDIQ2gr+5I= +github.com/openshift/imagebuilder v1.2.15 h1:MNn1OztEE/l8pSEDPYAQ71Ys6rpXA2P00UFhdY9p/yk= +github.com/openshift/imagebuilder v1.2.15/go.mod h1:cK6MLyBl1IHmIYGLY/2SLOG6p0PtEDUOC7khxsFYUXE= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f h1:/UDgs8FGMqwnHagNDPGOlts35QkhAZ8by3DR7nMih7M= github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f/go.mod h1:J6OG6YJVEWopen4avK3VNQSnALmmjvniMmni/YFYAwc= github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4= diff --git a/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go b/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go deleted file mode 100644 index a88cb8b1893..00000000000 --- a/vendor/github.com/containerd/containerd/errdefs/errdefs_deprecated.go +++ /dev/null @@ -1,118 +0,0 @@ -/* - Copyright The containerd Authors. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. -*/ - -// Package errdefs defines the common errors used throughout containerd -// packages. -// -// Use with fmt.Errorf to add context to an error. -// -// To detect an error class, use the IsXXX functions to tell whether an error -// is of a certain type. -// -// The functions ToGRPC and FromGRPC can be used to map server-side and -// client-side errors to the correct types. -// -// Deprecated: use [github.com/containerd/errdefs]. -package errdefs - -import ( - "github.com/containerd/errdefs" -) - -// Definitions of common error types used throughout containerd. All containerd -// errors returned by most packages will map into one of these errors classes. -// Packages should return errors of these types when they want to instruct a -// client to take a particular action. -// -// For the most part, we just try to provide local grpc errors. Most conditions -// map very well to those defined by grpc. -var ( - ErrUnknown = errdefs.ErrUnknown - ErrInvalidArgument = errdefs.ErrInvalidArgument - ErrNotFound = errdefs.ErrNotFound - ErrAlreadyExists = errdefs.ErrAlreadyExists - ErrFailedPrecondition = errdefs.ErrFailedPrecondition - ErrUnavailable = errdefs.ErrUnavailable - ErrNotImplemented = errdefs.ErrNotImplemented -) - -// IsInvalidArgument returns true if the error is due to an invalid argument -func IsInvalidArgument(err error) bool { - return errdefs.IsInvalidArgument(err) -} - -// IsNotFound returns true if the error is due to a missing object -func IsNotFound(err error) bool { - return errdefs.IsNotFound(err) -} - -// IsAlreadyExists returns true if the error is due to an already existing -// metadata item -func IsAlreadyExists(err error) bool { - return errdefs.IsAlreadyExists(err) -} - -// IsFailedPrecondition returns true if an operation could not proceed to the -// lack of a particular condition -func IsFailedPrecondition(err error) bool { - return errdefs.IsFailedPrecondition(err) -} - -// IsUnavailable returns true if the error is due to a resource being unavailable -func IsUnavailable(err error) bool { - return errdefs.IsUnavailable(err) -} - -// IsNotImplemented returns true if the error is due to not being implemented -func IsNotImplemented(err error) bool { - return errdefs.IsNotImplemented(err) -} - -// IsCanceled returns true if the error is due to `context.Canceled`. -func IsCanceled(err error) bool { - return errdefs.IsCanceled(err) -} - -// IsDeadlineExceeded returns true if the error is due to -// `context.DeadlineExceeded`. -func IsDeadlineExceeded(err error) bool { - return errdefs.IsDeadlineExceeded(err) -} - -// ToGRPC will attempt to map the backend containerd error into a grpc error, -// using the original error message as a description. -// -// Further information may be extracted from certain errors depending on their -// type. -// -// If the error is unmapped, the original error will be returned to be handled -// by the regular grpc error handling stack. -func ToGRPC(err error) error { - return errdefs.ToGRPC(err) -} - -// ToGRPCf maps the error to grpc error codes, assembling the formatting string -// and combining it with the target error string. -// -// This is equivalent to errdefs.ToGRPC(fmt.Errorf("%s: %w", fmt.Sprintf(format, args...), err)) -func ToGRPCf(err error, format string, args ...interface{}) error { - return errdefs.ToGRPCf(err, format, args...) -} - -// FromGRPC returns the underlying error from a grpc service based on the grpc error code -func FromGRPC(err error) error { - return errdefs.FromGRPC(err) -} diff --git a/vendor/github.com/moby/buildkit/AUTHORS b/vendor/github.com/moby/buildkit/AUTHORS index c1dce65586b..c5ae03bfcb8 100644 --- a/vendor/github.com/moby/buildkit/AUTHORS +++ b/vendor/github.com/moby/buildkit/AUTHORS @@ -1,66 +1,284 @@ # This file lists all individuals having contributed content to the repository. -# For how it is generated, see `scripts/generate-authors.sh`. +# For how it is generated, see hack/dockerfiles/authors.Dockerfile. +a-palchikov Aaron L. Xu Aaron Lehmann +Aaron Lehmann +Abdur Rehman +Addam Hardy +Adrian Plata +Aidan Hobson Sayers Akihiro Suda +Alan Fregtman <941331+darkvertex@users.noreply.github.com> +Alex Couture-Beil +Alex Mayer +Alex Suraci Alexander Morozov +Alexis Murzeau Alice Frosi Allen Sun +Amen Belayneh +Anca Iordache Anda Xu +Anders F Björklund +Andrea Bolognani +Andrea Luzzardi +Andrew Chang +Andrey Smirnov +Andy Alt +Andy Caldwell +Ankush Agarwal Anthony Sottile +Anurag Goel +Anusha Ragunathan Arnaud Bailly +Avi Deitcher +Bastiaan Bakker +Ben Longo +Bertrand Paquet Bin Liu +Brandon Mitchell Brian Goff +Ce Gao +Chaerim Yeo +Changwei Ge +Chanhun Jeong +ChaosGramer +Charles Chan +Charles Korn +Charles Law +Chenbin +Chris Goller +Chris McKinnel +Christian Höltje +Christian Weichel +Ciro S. Costa +Claudiu Belu +Colin Chartier +Corey Larson +Cory Bennett +Cory Snider +coryb +CrazyMax +Csaba Apagyi +Dan Duvall +Daniel Cassidy Daniel Nephin +Darren Shepherd Dave Chen +Dave Henderson +Dave Tucker David Calavera +David Dooling +David Gageot +David Karlsson +Davis Schirmer Dennis Chen +dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Derek McGowan +Dharmit Shah +Ding Fei +dito Doug Davis -Edgar Lee +Edgar Lee Eli Uriegas +Elias Faxö +Eng Zer Jun +Eric Engestrom +Erik Sipsma +eyherabh f0 Fernando Miguel +Fiona Klute +Foysal Iqbal +Fred Cox +Frieder Bluemle +Gabriel +Gabriel Adrian Samfira +Gaetan de Villele +Gahl Saraf +genglu.gl +George +ggjulio +Govind Rai +Grant Reaber +Guilhem C +Hans van den Bogert Hao Hu +Hector S Helen Xie Himanshu Pandey Hiromu Nakamura +HowJMay +Hugo Santos Ian Campbell +Ilya Dmitrichenko Iskander (Alex) Sharipov +Jacob Gillespie +Jacob MacElroy Jean-Pierre Huynh +Jeffrey Huang +Jesse Rittner Jessica Frazelle +jgeiger +Jitender Kumar +jlecordier +joey John Howard +John Maguire +John Mulhausen +John Tims +Jon Zeolla +Jonathan Azoff +Jonathan Giannuzzi Jonathan Stoppani +Jonny Stoten +JordanGoasdoue +jroenf +Julian Goede Justas Brazauskas +Justin Chadwell Justin Cormack +Justin Garrison +Jörg Franke <359489+NewJorg@users.noreply.github.com> +Kang, Matthew +Kees Cook +Kevin Burke +kevinmeredith +Kir Kolyshkin +Kohei Tokunaga +Koichi Shiraishi +Kris-Mikael Krister Kunal Kushwaha +Kyle +l00397676 Lajos Papp +lalyos +Levi Harrison +liwenqi +lixiaobing10051267 +lomot +Lu Jingxiao +Luca Visentin +Maciej Kalisz +Madhav Puri +Manu Gupta +Marcus Comstedt +Mark Gordon +Marko Kohtala +Mary Anthony +masibw +Matias Insaurralde +Matt Kang Matt Rickard +Maxime Lagresle Michael Crosby +Michael Friis +Michael Irwin +Miguel Ángel Jimeno +Mihai Borobocea +Mike Brown +mikelinjie <294893458@qq.com> +Mikhail Vasin +Misty Stanley-Jones Miyachi Katsuya +Morgan Bauer +Morlay +msg Nao YONASHIRO Natasha Jarus +Nathan Sullivan +Nick Miyake +Nick Santos +Nikhil Pandeti Noel Georgi <18496730+frezbo@users.noreply.github.com> +Oliver Bristow +Omer Duchovne <79370724+od-cyera@users.noreply.github.com> +Omer Mizrahi Ondrej Fabry +Otto Kekäläinen +Pablo Chico de Guzman +Patrick Hemmer +Patrick Lang Patrick Van Stee +Paul "TBBle" Hampson +Paweł Gronowski +Peter Dave Hello +Petr Fedchenkov +Phil Estes +Pierre Fenoll +pieterdd +Pranav Pandit +Pratik Raj +Prayag Verma +Qiang Huang +Remy Suen Ri Xu +Rob Taylor +Robert Estelle +Rubens Figueiredo +Sam Whited +Sascha Schwarze +Sean P. Kane Sebastiaan van Stijn +Seiya Miyata +Serhat Gülçiçek +Sertac Ozercan Shev Yan +Shijiang Wei +Shingo Omura +Shiwei Zhang +Siebe Schaap +Silvin Lubecki <31478878+silvin-lubecki@users.noreply.github.com> Simon Ferquel +Slava Semushin +Solomon Hykes +squeegels <1674195+squeegels@users.noreply.github.com> +Stefan Scherer Stefan Weil +StefanSchoof +Stepan Blyshchak +Steve Lohr +sunchunming +Sven Dowideit +Takuya Noguchi Thomas Leonard +Thomas Riccardi Thomas Shaw +Tianon Gravi Tibor Vass Tiffany Jernigan +Tim Waugh +Tim Wraight Tino Rusch Tobias Klauser Tomas Tomecek +Tomasz Kopczynski Tomohiro Kusumoto +Troels Liebe Bentsen Tõnis Tiigi +Valentin Lorentz +Vasek - Tom C +Victor Vieux +Victoria Bialas Vincent Demeester +Vlad A. Ionescu +Vladislav Ivanov +Wang Yumu <37442693@qq.com> Wei Fu +Wei Zhang +wingkwong +Xiaofan Zhang +Ximo Guanter +Yamazaki Masashi +Yan Song Yong Tang Yuichiro Kaneko +Yurii Rashkovskii +Zach Badgett +zhangwenlong Ziv Tsarfati +岁丰 +沈陵 郑泽宇 diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go index db1668f252b..651b13148c3 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/directives.go @@ -13,12 +13,14 @@ import ( const ( keySyntax = "syntax" + keyCheck = "check" keyEscape = "escape" ) var validDirectives = map[string]struct{}{ keySyntax: {}, keyEscape: {}, + keyCheck: {}, } type Directive struct { @@ -110,6 +112,10 @@ func (d *DirectiveParser) ParseAll(data []byte) ([]*Directive, error) { // This allows for a flexible range of input formats, and appropriate syntax // selection. func DetectSyntax(dt []byte) (string, string, []Range, bool) { + return ParseDirective(keySyntax, dt) +} + +func ParseDirective(key string, dt []byte) (string, string, []Range, bool) { dt, hadShebang, err := discardShebang(dt) if err != nil { return "", "", nil, false @@ -119,42 +125,38 @@ func DetectSyntax(dt []byte) (string, string, []Range, bool) { line++ } - // use default directive parser, and search for #syntax= + // use default directive parser, and search for #key= directiveParser := DirectiveParser{line: line} - if syntax, cmdline, loc, ok := detectSyntaxFromParser(dt, directiveParser); ok { + if syntax, cmdline, loc, ok := detectDirectiveFromParser(key, dt, directiveParser); ok { return syntax, cmdline, loc, true } - // use directive with different comment prefix, and search for //syntax= + // use directive with different comment prefix, and search for //key= directiveParser = DirectiveParser{line: line} directiveParser.setComment("//") - if syntax, cmdline, loc, ok := detectSyntaxFromParser(dt, directiveParser); ok { + if syntax, cmdline, loc, ok := detectDirectiveFromParser(key, dt, directiveParser); ok { return syntax, cmdline, loc, true } - // search for possible json directives - var directive struct { - Syntax string `json:"syntax"` - } - if err := json.Unmarshal(dt, &directive); err == nil { - if directive.Syntax != "" { + // use json directive, and search for { "key": "..." } + jsonDirective := map[string]string{} + if err := json.Unmarshal(dt, &jsonDirective); err == nil { + if v, ok := jsonDirective[key]; ok { loc := []Range{{ Start: Position{Line: line}, End: Position{Line: line}, }} - return directive.Syntax, directive.Syntax, loc, true + return v, v, loc, true } } return "", "", nil, false } -func detectSyntaxFromParser(dt []byte, parser DirectiveParser) (string, string, []Range, bool) { +func detectDirectiveFromParser(key string, dt []byte, parser DirectiveParser) (string, string, []Range, bool) { directives, _ := parser.ParseAll(dt) for _, d := range directives { - // check for syntax directive before erroring out, since the error - // might have occurred *after* the syntax directive - if d.Name == keySyntax { + if d.Name == key { p, _, _ := strings.Cut(d.Value, " ") return p, d.Value, d.Location, true } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go index 9f28a5a2e15..10d749a437e 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/errors.go @@ -7,7 +7,7 @@ import ( // ErrorLocation gives a location in source code that caused the error type ErrorLocation struct { - Location []Range + Locations [][]Range error } @@ -39,11 +39,12 @@ func WithLocation(err error, location []Range) error { } var el *ErrorLocation if errors.As(err, &el) { + el.Locations = append(el.Locations, location) return err } return stack.Enable(&ErrorLocation{ - error: err, - Location: location, + error: err, + Locations: [][]Range{location}, }) } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go index db8d0bda23d..f8d891c71f5 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/line_parsers.go @@ -17,6 +17,7 @@ import ( var ( errDockerfileNotStringArray = errors.New("when using JSON array syntax, arrays must be comprised of strings only") + errDockerfileNotJSONArray = errors.New("not a JSON array") ) const ( @@ -58,11 +59,11 @@ func parseWords(rest string, d *directives) []string { words := []string{} phase := inSpaces - word := "" quote := '\000' blankOK := false var ch rune var chWidth int + var sbuilder strings.Builder for pos := 0; pos <= len(rest); pos += chWidth { if pos != len(rest) { @@ -79,18 +80,18 @@ func parseWords(rest string, d *directives) []string { phase = inWord // found it, fall through } if (phase == inWord || phase == inQuote) && (pos == len(rest)) { - if blankOK || len(word) > 0 { - words = append(words, word) + if blankOK || sbuilder.Len() > 0 { + words = append(words, sbuilder.String()) } break } if phase == inWord { if unicode.IsSpace(ch) { phase = inSpaces - if blankOK || len(word) > 0 { - words = append(words, word) + if blankOK || sbuilder.Len() > 0 { + words = append(words, sbuilder.String()) } - word = "" + sbuilder.Reset() blankOK = false continue } @@ -106,11 +107,11 @@ func parseWords(rest string, d *directives) []string { // If we're not quoted and we see an escape token, then always just // add the escape token plus the char to the word, even if the char // is a quote. - word += string(ch) + sbuilder.WriteRune(ch) pos += chWidth ch, chWidth = utf8.DecodeRuneInString(rest[pos:]) } - word += string(ch) + sbuilder.WriteRune(ch) continue } if phase == inQuote { @@ -124,10 +125,10 @@ func parseWords(rest string, d *directives) []string { continue // just skip the escape token at end } pos += chWidth - word += string(ch) + sbuilder.WriteRune(ch) ch, chWidth = utf8.DecodeRuneInString(rest[pos:]) } - word += string(ch) + sbuilder.WriteRune(ch) } } @@ -154,7 +155,7 @@ func parseNameVal(rest string, key string, d *directives) (*Node, error) { if len(parts) < 2 { return nil, errors.Errorf("%s must have two arguments", key) } - return newKeyValueNode(parts[0], parts[1]), nil + return newKeyValueNode(parts[0], parts[1], ""), nil } var rootNode *Node @@ -165,17 +166,20 @@ func parseNameVal(rest string, key string, d *directives) (*Node, error) { } parts := strings.SplitN(word, "=", 2) - node := newKeyValueNode(parts[0], parts[1]) + node := newKeyValueNode(parts[0], parts[1], "=") rootNode, prevNode = appendKeyValueNode(node, rootNode, prevNode) } return rootNode, nil } -func newKeyValueNode(key, value string) *Node { +func newKeyValueNode(key, value, sep string) *Node { return &Node{ Value: key, - Next: &Node{Value: value}, + Next: &Node{ + Value: value, + Next: &Node{Value: sep}, + }, } } @@ -187,7 +191,9 @@ func appendKeyValueNode(node, rootNode, prevNode *Node) (*Node, *Node) { prevNode.Next = node } - prevNode = node.Next + for prevNode = node.Next; prevNode.Next != nil; { + prevNode = prevNode.Next + } return rootNode, prevNode } @@ -269,14 +275,14 @@ func parseString(rest string, d *directives) (*Node, map[string]bool, error) { } // parseJSON converts JSON arrays to an AST. -func parseJSON(rest string, d *directives) (*Node, map[string]bool, error) { +func parseJSON(rest string) (*Node, map[string]bool, error) { rest = strings.TrimLeftFunc(rest, unicode.IsSpace) if !strings.HasPrefix(rest, "[") { - return nil, nil, errors.Errorf("Error parsing %q as a JSON array", rest) + return nil, nil, errDockerfileNotJSONArray } var myJSON []interface{} - if err := json.NewDecoder(strings.NewReader(rest)).Decode(&myJSON); err != nil { + if err := json.Unmarshal([]byte(rest), &myJSON); err != nil { return nil, nil, err } @@ -307,7 +313,7 @@ func parseMaybeJSON(rest string, d *directives) (*Node, map[string]bool, error) return nil, nil, nil } - node, attrs, err := parseJSON(rest, d) + node, attrs, err := parseJSON(rest) if err == nil { return node, attrs, nil @@ -325,7 +331,7 @@ func parseMaybeJSON(rest string, d *directives) (*Node, map[string]bool, error) // so, passes to parseJSON; if not, attempts to parse it as a whitespace // delimited string. func parseMaybeJSONToList(rest string, d *directives) (*Node, map[string]bool, error) { - node, attrs, err := parseJSON(rest, d) + node, attrs, err := parseJSON(rest) if err == nil { return node, attrs, nil diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go index 4a6129fdc8d..c70236ff7d5 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/parser.go @@ -114,7 +114,6 @@ type Heredoc struct { var ( dispatch map[string]func(string, *directives) (*Node, map[string]bool, error) reWhitespace = regexp.MustCompile(`[\t\v\f\r ]+`) - reComment = regexp.MustCompile(`^#.*$`) reHeredoc = regexp.MustCompile(`^(\d*)<<(-?)([^<]*)$`) reLeadingTabs = regexp.MustCompile(`(?m)^\t+`) ) @@ -169,8 +168,8 @@ func (d *directives) setEscapeToken(s string) error { // possibleParserDirective looks for parser directives, eg '# escapeToken='. // Parser directives must precede any builder instruction or other comments, // and cannot be repeated. -func (d *directives) possibleParserDirective(line string) error { - directive, err := d.parser.ParseLine([]byte(line)) +func (d *directives) possibleParserDirective(line []byte) error { + directive, err := d.parser.ParseLine(line) if err != nil { return err } @@ -284,6 +283,7 @@ func Parse(rwc io.Reader) (*Result, error) { scanner.Split(scanLines) warnings := []Warning{} var comments []string + buf := &bytes.Buffer{} var err error for scanner.Scan() { @@ -307,10 +307,12 @@ func Parse(rwc io.Reader) (*Result, error) { currentLine++ startLine := currentLine - line, isEndOfLine := trimContinuationCharacter(string(bytesRead), d) - if isEndOfLine && line == "" { + bytesRead, isEndOfLine := trimContinuationCharacter(bytesRead, d) + if isEndOfLine && len(bytesRead) == 0 { continue } + buf.Reset() + buf.Write(bytesRead) var hasEmptyContinuationLine bool for !isEndOfLine && scanner.Scan() { @@ -329,16 +331,17 @@ func Parse(rwc io.Reader) (*Result, error) { continue } - continuationLine := string(bytesRead) - continuationLine, isEndOfLine = trimContinuationCharacter(continuationLine, d) - line += continuationLine + bytesRead, isEndOfLine = trimContinuationCharacter(bytesRead, d) + buf.Write(bytesRead) } + line := buf.String() + if hasEmptyContinuationLine { warnings = append(warnings, Warning{ Short: "Empty continuation line found in: " + line, Detail: [][]byte{[]byte("Empty continuation lines will become errors in a future release")}, - URL: "https://github.com/moby/moby/pull/33719", + URL: "https://docs.docker.com/go/dockerfile/rule/no-empty-continuation/", Location: &Range{Start: Position{Line: currentLine}, End: Position{Line: currentLine}}, }) } @@ -348,7 +351,7 @@ func Parse(rwc io.Reader) (*Result, error) { return nil, withLocation(err, startLine, currentLine) } - if child.canContainHeredoc() { + if child.canContainHeredoc() && strings.Contains(line, "<<") { heredocs, err := heredocsFromLine(line) if err != nil { return nil, withLocation(err, startLine, currentLine) @@ -415,7 +418,7 @@ func heredocFromMatch(match []string) (*Heredoc, error) { // If there are quotes in one but not the other, then we know that some // part of the heredoc word is quoted, so we shouldn't expand the content. shlex.RawQuotes = false - words, err := shlex.ProcessWords(rest, []string{}) + words, err := shlex.ProcessWords(rest, emptyEnvs{}) if err != nil { return nil, err } @@ -425,7 +428,7 @@ func heredocFromMatch(match []string) (*Heredoc, error) { } shlex.RawQuotes = true - wordsRaw, err := shlex.ProcessWords(rest, []string{}) + wordsRaw, err := shlex.ProcessWords(rest, emptyEnvs{}) if err != nil { return nil, err } @@ -466,7 +469,7 @@ func heredocsFromLine(line string) ([]Heredoc, error) { shlex.RawQuotes = true shlex.RawEscapes = true shlex.SkipUnsetEnv = true - words, _ := shlex.ProcessWords(line, []string{}) + words, _ := shlex.ProcessWords(line, emptyEnvs{}) var docs []Heredoc for _, word := range words { @@ -487,7 +490,10 @@ func ChompHeredocContent(src string) string { } func trimComments(src []byte) []byte { - return reComment.ReplaceAll(src, []byte{}) + if !isComment(src) { + return src + } + return nil } func trimLeadingWhitespace(src []byte) []byte { @@ -501,7 +507,8 @@ func trimNewline(src []byte) []byte { } func isComment(line []byte) bool { - return reComment.Match(trimLeadingWhitespace(trimNewline(line))) + line = trimLeadingWhitespace(line) + return len(line) > 0 && line[0] == '#' } func isEmptyContinuationLine(line []byte) bool { @@ -510,9 +517,9 @@ func isEmptyContinuationLine(line []byte) bool { var utf8bom = []byte{0xEF, 0xBB, 0xBF} -func trimContinuationCharacter(line string, d *directives) (string, bool) { - if d.lineContinuationRegex.MatchString(line) { - line = d.lineContinuationRegex.ReplaceAllString(line, "$1") +func trimContinuationCharacter(line []byte, d *directives) ([]byte, bool) { + if d.lineContinuationRegex.Match(line) { + line = d.lineContinuationRegex.ReplaceAll(line, []byte("$1")) return line, false } return line, true @@ -525,7 +532,7 @@ func processLine(d *directives, token []byte, stripLeftWhitespace bool) ([]byte, if stripLeftWhitespace { token = trimLeadingWhitespace(token) } - return trimComments(token), d.possibleParserDirective(string(token)) + return trimComments(token), d.possibleParserDirective(token) } // Variation of bufio.ScanLines that preserves the line endings @@ -550,3 +557,13 @@ func handleScannerError(err error) error { return err } } + +type emptyEnvs struct{} + +func (emptyEnvs) Get(string) (string, bool) { + return "", false +} + +func (emptyEnvs) Keys() []string { + return nil +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go index c0261652f8e..d1c87522e4f 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/parser/split_command.go @@ -36,7 +36,7 @@ func extractBuilderFlags(line string) (string, []string, error) { words := []string{} phase := inSpaces - word := "" + sbuilder := &strings.Builder{} quote := '\000' blankOK := false var ch rune @@ -62,13 +62,14 @@ func extractBuilderFlags(line string) (string, []string, error) { phase = inWord // found something with "--", fall through } if (phase == inWord || phase == inQuote) && (pos == len(line)) { - if word != "--" && (blankOK || len(word) > 0) { + if word := sbuilder.String(); word != "--" && (blankOK || len(word) > 0) { words = append(words, word) } break } if phase == inWord { if unicode.IsSpace(ch) { + word := sbuilder.String() phase = inSpaces if word == "--" { return line[pos:], words, nil @@ -76,7 +77,7 @@ func extractBuilderFlags(line string) (string, []string, error) { if blankOK || len(word) > 0 { words = append(words, word) } - word = "" + sbuilder.Reset() blankOK = false continue } @@ -93,7 +94,9 @@ func extractBuilderFlags(line string) (string, []string, error) { pos++ ch = rune(line[pos]) } - word += string(ch) + if _, err := sbuilder.WriteRune(ch); err != nil { + return "", nil, err + } continue } if phase == inQuote { @@ -109,7 +112,9 @@ func extractBuilderFlags(line string) (string, []string, error) { pos++ ch = rune(line[pos]) } - word += string(ch) + if _, err := sbuilder.WriteRune(ch); err != nil { + return "", nil, err + } } } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go index f9aca5d9ef0..ec0c8fc744d 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_unix.go @@ -9,3 +9,10 @@ package shell func EqualEnvKeys(from, to string) bool { return from == to } + +// NormalizeEnvKey returns the key in a normalized form that can be used +// for comparison. On Unix this is a no-op. On Windows this converts the +// key to uppercase. +func NormalizeEnvKey(key string) string { + return key +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go index 7bbed9b2073..02eedcc490a 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/equal_env_windows.go @@ -8,3 +8,10 @@ import "strings" func EqualEnvKeys(from, to string) bool { return strings.EqualFold(from, to) } + +// NormalizeEnvKey returns the key in a normalized form that can be used +// for comparison. On Unix this is a no-op. On Windows this converts the +// key to uppercase. +func NormalizeEnvKey(key string) string { + return strings.ToUpper(key) +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go index 80806f8ba77..0d74545d1ac 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/shell/lex.go @@ -3,6 +3,8 @@ package shell import ( "bytes" "fmt" + "regexp" + "slices" "strings" "text/scanner" "unicode" @@ -10,6 +12,11 @@ import ( "github.com/pkg/errors" ) +type EnvGetter interface { + Get(string) (string, bool) + Keys() []string +} + // Lex performs shell word splitting and variable expansion. // // Lex takes a string and an array of env variables and @@ -17,12 +24,15 @@ import ( // tokens. Tries to mimic bash shell process. // It doesn't support all flavors of ${xx:...} formats but new ones can // be added by adding code to the "special ${} format processing" section +// +// It is not safe to call methods on a Lex instance concurrently. type Lex struct { escapeToken rune RawQuotes bool RawEscapes bool SkipProcessQuotes bool SkipUnsetEnv bool + shellWord shellWord } // NewLex creates a new Lex which uses escapeToken to escape quotes. @@ -31,10 +41,13 @@ func NewLex(escapeToken rune) *Lex { } // ProcessWord will use the 'env' list of environment variables, -// and replace any env var references in 'word'. -func (s *Lex) ProcessWord(word string, env []string) (string, error) { - word, _, err := s.process(word, BuildEnvs(env)) - return word, err +// and replace any env var references in 'word'. It will also +// return variables in word which were not found in the 'env' list, +// which is useful in later linting. +// TODO: rename +func (s *Lex) ProcessWord(word string, env EnvGetter) (string, map[string]struct{}, error) { + result, err := s.process(word, env, true) + return result.Result, result.Unmatched, err } // ProcessWords will use the 'env' list of environment variables, @@ -44,63 +57,62 @@ func (s *Lex) ProcessWord(word string, env []string) (string, error) { // this splitting is done **after** the env var substitutions are done. // Note, each one is trimmed to remove leading and trailing spaces (unless // they are quoted", but ProcessWord retains spaces between words. -func (s *Lex) ProcessWords(word string, env []string) ([]string, error) { - _, words, err := s.process(word, BuildEnvs(env)) - return words, err +func (s *Lex) ProcessWords(word string, env EnvGetter) ([]string, error) { + result, err := s.process(word, env, false) + return result.Words, err } -// ProcessWordWithMap will use the 'env' list of environment variables, -// and replace any env var references in 'word'. -func (s *Lex) ProcessWordWithMap(word string, env map[string]string) (string, error) { - word, _, err := s.process(word, env) - return word, err +type ProcessWordResult struct { + Result string + Words []string + Matched map[string]struct{} + Unmatched map[string]struct{} } // ProcessWordWithMatches will use the 'env' list of environment variables, // replace any env var references in 'word' and return the env that were used. -func (s *Lex) ProcessWordWithMatches(word string, env map[string]string) (string, map[string]struct{}, error) { - sw := s.init(word, env) - word, _, err := sw.process(word) - return word, sw.matches, err -} - -func (s *Lex) ProcessWordsWithMap(word string, env map[string]string) ([]string, error) { - _, words, err := s.process(word, env) - return words, err -} - -func (s *Lex) init(word string, env map[string]string) *shellWord { - sw := &shellWord{ - envs: env, - escapeToken: s.escapeToken, - skipUnsetEnv: s.SkipUnsetEnv, - skipProcessQuotes: s.SkipProcessQuotes, - rawQuotes: s.RawQuotes, - rawEscapes: s.RawEscapes, - matches: make(map[string]struct{}), +func (s *Lex) ProcessWordWithMatches(word string, env EnvGetter) (ProcessWordResult, error) { + return s.process(word, env, true) +} + +func (s *Lex) initWord(word string, env EnvGetter, capture bool) *shellWord { + sw := &s.shellWord + sw.Lex = s + sw.envs = env + sw.capture = capture + sw.rawEscapes = s.RawEscapes + if capture { + sw.matches = nil + sw.nonmatches = nil } sw.scanner.Init(strings.NewReader(word)) return sw } -func (s *Lex) process(word string, env map[string]string) (string, []string, error) { - sw := s.init(word, env) - return sw.process(word) +func (s *Lex) process(word string, env EnvGetter, capture bool) (ProcessWordResult, error) { + sw := s.initWord(word, env, capture) + word, words, err := sw.process(word) + return ProcessWordResult{ + Result: word, + Words: words, + Matched: sw.matches, + Unmatched: sw.nonmatches, + }, err } type shellWord struct { - scanner scanner.Scanner - envs map[string]string - escapeToken rune - rawQuotes bool - rawEscapes bool - skipUnsetEnv bool - skipProcessQuotes bool - matches map[string]struct{} + *Lex + wordsBuffer strings.Builder + scanner scanner.Scanner + envs EnvGetter + rawEscapes bool + capture bool // capture matches and nonmatches + matches map[string]struct{} + nonmatches map[string]struct{} } func (sw *shellWord) process(source string) (string, []string, error) { - word, words, err := sw.processStopOn(scanner.EOF) + word, words, err := sw.processStopOn(scanner.EOF, sw.rawEscapes) if err != nil { err = errors.Wrapf(err, "failed to process %q", source) } @@ -108,16 +120,16 @@ func (sw *shellWord) process(source string) (string, []string, error) { } type wordsStruct struct { - word string + buf *strings.Builder words []string inWord bool } func (w *wordsStruct) addChar(ch rune) { if unicode.IsSpace(ch) && w.inWord { - if len(w.word) != 0 { - w.words = append(w.words, w.word) - w.word = "" + if w.buf.Len() != 0 { + w.words = append(w.words, w.buf.String()) + w.buf.Reset() w.inWord = false } } else if !unicode.IsSpace(ch) { @@ -126,7 +138,7 @@ func (w *wordsStruct) addChar(ch rune) { } func (w *wordsStruct) addRawChar(ch rune) { - w.word += string(ch) + w.buf.WriteRune(ch) w.inWord = true } @@ -137,16 +149,16 @@ func (w *wordsStruct) addString(str string) { } func (w *wordsStruct) addRawString(str string) { - w.word += str + w.buf.WriteString(str) w.inWord = true } func (w *wordsStruct) getWords() []string { - if len(w.word) > 0 { - w.words = append(w.words, w.word) + if w.buf.Len() > 0 { + w.words = append(w.words, w.buf.String()) // Just in case we're called again by mistake - w.word = "" + w.buf.Reset() w.inWord = false } return w.words @@ -154,18 +166,31 @@ func (w *wordsStruct) getWords() []string { // Process the word, starting at 'pos', and stop when we get to the // end of the word or the 'stopChar' character -func (sw *shellWord) processStopOn(stopChar rune) (string, []string, error) { - var result bytes.Buffer +func (sw *shellWord) processStopOn(stopChar rune, rawEscapes bool) (string, []string, error) { + // result buffer can't be currently shared for shellWord as it is called internally + // by processDollar + var result strings.Builder + sw.wordsBuffer.Reset() var words wordsStruct + words.buf = &sw.wordsBuffer + // no need to initialize all the time var charFuncMapping = map[rune]func() (string, error){ '$': sw.processDollar, } - if !sw.skipProcessQuotes { + if !sw.SkipProcessQuotes { charFuncMapping['\''] = sw.processSingleQuote charFuncMapping['"'] = sw.processDoubleQuote } + // temporarily set sw.rawEscapes if needed + if rawEscapes != sw.rawEscapes { + sw.rawEscapes = rawEscapes + defer func() { + sw.rawEscapes = !rawEscapes + }() + } + for sw.scanner.Peek() != scanner.EOF { ch := sw.scanner.Peek() @@ -230,7 +255,7 @@ func (sw *shellWord) processSingleQuote() (string, error) { var result bytes.Buffer ch := sw.scanner.Next() - if sw.rawQuotes { + if sw.RawQuotes { result.WriteRune(ch) } @@ -240,7 +265,7 @@ func (sw *shellWord) processSingleQuote() (string, error) { case scanner.EOF: return "", errors.New("unexpected end of statement while looking for matching single-quote") case '\'': - if sw.rawQuotes { + if sw.RawQuotes { result.WriteRune(ch) } return result.String(), nil @@ -265,7 +290,7 @@ func (sw *shellWord) processDoubleQuote() (string, error) { var result bytes.Buffer ch := sw.scanner.Next() - if sw.rawQuotes { + if sw.RawQuotes { result.WriteRune(ch) } @@ -275,7 +300,7 @@ func (sw *shellWord) processDoubleQuote() (string, error) { return "", errors.New("unexpected end of statement while looking for matching double-quote") case '"': ch := sw.scanner.Next() - if sw.rawQuotes { + if sw.RawQuotes { result.WriteRune(ch) } return result.String(), nil @@ -319,7 +344,7 @@ func (sw *shellWord) processDollar() (string, error) { return "$", nil } value, found := sw.getEnv(name) - if !found && sw.skipUnsetEnv { + if !found && sw.SkipUnsetEnv { return "$" + name, nil } return value, nil @@ -342,7 +367,7 @@ func (sw *shellWord) processDollar() (string, error) { case '}': // Normal ${xx} case value, set := sw.getEnv(name) - if !set && sw.skipUnsetEnv { + if !set && sw.SkipUnsetEnv { return fmt.Sprintf("${%s}", name), nil } return value, nil @@ -351,8 +376,9 @@ func (sw *shellWord) processDollar() (string, error) { ch = sw.scanner.Next() chs += string(ch) fallthrough - case '+', '-', '?': - word, _, err := sw.processStopOn('}') + case '+', '-', '?', '#', '%': + rawEscapes := ch == '#' || ch == '%' + word, _, err := sw.processStopOn('}', rawEscapes) if err != nil { if sw.scanner.Peek() == scanner.EOF { return "", errors.New("syntax error: missing '}'") @@ -363,7 +389,7 @@ func (sw *shellWord) processDollar() (string, error) { // Grab the current value of the variable in question so we // can use it to determine what to do based on the modifier value, set := sw.getEnv(name) - if sw.skipUnsetEnv && !set { + if sw.SkipUnsetEnv && !set { return fmt.Sprintf("${%s%s%s}", name, chs, word), nil } @@ -394,9 +420,61 @@ func (sw *shellWord) processDollar() (string, error) { return "", errors.Errorf("%s: %s", name, message) } return value, nil + case '%', '#': + // %/# matches the shortest pattern expansion, %%/## the longest + greedy := false + + if len(word) > 0 && word[0] == byte(ch) { + greedy = true + word = word[1:] + } + + if ch == '%' { + return trimSuffix(word, value, greedy) + } + return trimPrefix(word, value, greedy) default: return "", errors.Errorf("unsupported modifier (%s) in substitution", chs) } + case '/': + replaceAll := sw.scanner.Peek() == '/' + if replaceAll { + sw.scanner.Next() + } + + pattern, _, err := sw.processStopOn('/', true) + if err != nil { + if sw.scanner.Peek() == scanner.EOF { + return "", errors.New("syntax error: missing '/' in ${}") + } + return "", err + } + + replacement, _, err := sw.processStopOn('}', true) + if err != nil { + if sw.scanner.Peek() == scanner.EOF { + return "", errors.New("syntax error: missing '}'") + } + return "", err + } + + value, set := sw.getEnv(name) + if sw.SkipUnsetEnv && !set { + return fmt.Sprintf("${%s/%s/%s}", name, pattern, replacement), nil + } + + re, err := convertShellPatternToRegex(pattern, true, false) + if err != nil { + return "", errors.Errorf("invalid pattern (%s) in substitution: %s", pattern, err) + } + if replaceAll { + value = re.ReplaceAllString(value, replacement) + } else { + if idx := re.FindStringIndex(value); idx != nil { + value = value[0:idx[0]] + replacement + value[idx[1]:] + } + } + return value, nil default: return "", errors.Errorf("unsupported modifier (%s) in substitution", chs) } @@ -444,31 +522,155 @@ func isSpecialParam(char rune) bool { } func (sw *shellWord) getEnv(name string) (string, bool) { - for key, value := range sw.envs { - if EqualEnvKeys(name, key) { + v, ok := sw.envs.Get(name) + if ok { + if sw.capture { + if sw.matches == nil { + sw.matches = make(map[string]struct{}) + } sw.matches[name] = struct{}{} - return value, true } + return v, true + } + if sw.capture { + if sw.nonmatches == nil { + sw.nonmatches = make(map[string]struct{}) + } + sw.nonmatches[name] = struct{}{} } return "", false } -func BuildEnvs(env []string) map[string]string { +func EnvsFromSlice(env []string) EnvGetter { envs := map[string]string{} - + keys := make([]string, 0, len(env)) for _, e := range env { - i := strings.Index(e, "=") + k, v, _ := strings.Cut(e, "=") + keys = append(keys, k) + envs[NormalizeEnvKey(k)] = v + } + return &envGetter{env: envs, keys: keys} +} - if i < 0 { - envs[e] = "" - } else { - k := e[:i] - v := e[i+1:] +type envGetter struct { + env map[string]string + keys []string +} - // overwrite value if key already exists - envs[k] = v +var _ EnvGetter = &envGetter{} + +func (e *envGetter) Get(key string) (string, bool) { + key = NormalizeEnvKey(key) + v, ok := e.env[key] + return v, ok +} + +func (e *envGetter) Keys() []string { + return e.keys +} + +// convertShellPatternToRegex converts a shell-like wildcard pattern +// (? is a single char, * either the shortest or longest (greedy) string) +// to an equivalent regular expression. +// +// Based on +// https://pubs.opengroup.org/onlinepubs/9699919799/utilities/V3_chap02.html#tag_18_13 +// but without the bracket expressions (`[]`) +func convertShellPatternToRegex(pattern string, greedy bool, anchored bool) (*regexp.Regexp, error) { + var s scanner.Scanner + s.Init(strings.NewReader(pattern)) + var out strings.Builder + out.Grow(len(pattern) + 4) + + // match only at the beginning of the string + if anchored { + out.WriteByte('^') + } + + // default: non-greedy wildcards + starPattern := ".*?" + if greedy { + starPattern = ".*" + } + + for tok := s.Next(); tok != scanner.EOF; tok = s.Next() { + switch tok { + case '*': + out.WriteString(starPattern) + continue + case '?': + out.WriteByte('.') + continue + case '\\': + // } and / as part of ${} need to be escaped, but the escape isn't part + // of the pattern + if s.Peek() == '}' || s.Peek() == '/' { + continue + } + out.WriteRune('\\') + tok = s.Next() + if tok != '*' && tok != '?' && tok != '\\' { + return nil, errors.Errorf("invalid escape '\\%c'", tok) + } + // regex characters that need to be escaped + // escaping closing is optional, but done for consistency + case '[', ']', '{', '}', '.', '+', '(', ')', '|', '^', '$': + out.WriteByte('\\') + } + out.WriteRune(tok) + } + return regexp.Compile(out.String()) +} + +func trimPrefix(word, value string, greedy bool) (string, error) { + re, err := convertShellPatternToRegex(word, greedy, true) + if err != nil { + return "", errors.Errorf("invalid pattern (%s) in substitution: %s", word, err) + } + + if idx := re.FindStringIndex(value); idx != nil { + value = value[idx[1]:] + } + return value, nil +} + +// reverse without avoid reversing escapes, i.e. a\*c -> c\*a +func reversePattern(pattern string) string { + patternRunes := []rune(pattern) + out := make([]rune, len(patternRunes)) + lastIdx := len(patternRunes) - 1 + for i := 0; i <= lastIdx; { + tok := patternRunes[i] + outIdx := lastIdx - i + if tok == '\\' && i != lastIdx { + out[outIdx-1] = tok + // the pattern is taken from a ${var#pattern}, so the last + // character can't be an escape character + out[outIdx] = patternRunes[i+1] + i += 2 + } else { + out[outIdx] = tok + i++ } } + return string(out) +} - return envs +func reverseString(str string) string { + out := []rune(str) + slices.Reverse(out) + return string(out) +} + +func trimSuffix(pattern, word string, greedy bool) (string, error) { + // regular expressions can't handle finding the shortest rightmost + // string so we reverse both search space and pattern to convert it + // to a leftmost search in both cases + pattern = reversePattern(pattern) + word = reverseString(word) + str, err := trimPrefix(pattern, word, greedy) + if err != nil { + return "", err + } + return reverseString(str), nil } diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.go b/vendor/github.com/moby/buildkit/util/stack/stack.go index fb9fc3ddf54..2fec18cb7a6 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.go +++ b/vendor/github.com/moby/buildkit/util/stack/stack.go @@ -46,22 +46,23 @@ func Helper() { func Traces(err error) []*Stack { var st []*Stack - wrapped, ok := err.(interface { - Unwrap() error - }) - if ok { - st = Traces(wrapped.Unwrap()) + switch e := err.(type) { + case interface{ Unwrap() error }: + st = Traces(e.Unwrap()) + case interface{ Unwrap() []error }: + for _, ue := range e.Unwrap() { + st = Traces(ue) + // Only take first stack + if len(st) > 0 { + break + } + } } - if ste, ok := err.(interface { - StackTrace() errors.StackTrace - }); ok { + switch ste := err.(type) { + case interface{ StackTrace() errors.StackTrace }: st = append(st, convertStack(ste.StackTrace())) - } - - if ste, ok := err.(interface { - StackTrace() *Stack - }); ok { + case interface{ StackTrace() *Stack }: st = append(st, ste.StackTrace()) } diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go index 43809d48761..b0d7a52cb72 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.pb.go +++ b/vendor/github.com/moby/buildkit/util/stack/stack.pb.go @@ -1,6 +1,6 @@ // Code generated by protoc-gen-go. DO NOT EDIT. // versions: -// protoc-gen-go v1.30.0 +// protoc-gen-go v1.33.0 // protoc v3.11.4 // source: stack.proto diff --git a/vendor/github.com/moby/buildkit/util/stack/stack.proto b/vendor/github.com/moby/buildkit/util/stack/stack.proto index 9c63bc3626c..56a696d20cb 100644 --- a/vendor/github.com/moby/buildkit/util/stack/stack.proto +++ b/vendor/github.com/moby/buildkit/util/stack/stack.proto @@ -3,15 +3,15 @@ syntax = "proto3"; package stack; message Stack { - repeated Frame frames = 1; - repeated string cmdline = 2; - int32 pid = 3; - string version = 4; - string revision = 5; + repeated Frame frames = 1; + repeated string cmdline = 2; + int32 pid = 3; + string version = 4; + string revision = 5; } message Frame { - string Name = 1; - string File = 2; - int32 Line = 3; + string Name = 1; + string File = 2; + int32 Line = 3; } \ No newline at end of file diff --git a/vendor/github.com/openshift/imagebuilder/.travis.yml b/vendor/github.com/openshift/imagebuilder/.travis.yml index b2abfa40a09..da9138bb86b 100644 --- a/vendor/github.com/openshift/imagebuilder/.travis.yml +++ b/vendor/github.com/openshift/imagebuilder/.travis.yml @@ -6,7 +6,7 @@ services: - docker go: - - "1.20" + - "1.21.13" before_install: - sudo systemctl stop docker.service && sudo systemctl stop docker.socket diff --git a/vendor/github.com/openshift/imagebuilder/dispatchers.go b/vendor/github.com/openshift/imagebuilder/dispatchers.go index 6e4f242cee0..2a4f45433cf 100644 --- a/vendor/github.com/openshift/imagebuilder/dispatchers.go +++ b/vendor/github.com/openshift/imagebuilder/dispatchers.go @@ -18,9 +18,10 @@ import ( docker "github.com/fsouza/go-dockerclient" - "github.com/containerd/containerd/errdefs" - "github.com/containerd/containerd/platforms" + "github.com/containerd/errdefs" + "github.com/containerd/platforms" "github.com/containers/storage/pkg/regexp" + "github.com/openshift/imagebuilder/internal" "github.com/openshift/imagebuilder/signal" "github.com/openshift/imagebuilder/strslice" @@ -143,7 +144,7 @@ func processHereDocs(instruction, originalInstruction string, heredocs []buildki shlex := buildkitshell.NewLex('\\') shlex.RawQuotes = true shlex.RawEscapes = true - content, err = shlex.ProcessWord(content, args) + content, _, err = shlex.ProcessWord(content, internal.EnvironmentSlice(args)) if err != nil { return nil, err } diff --git a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go index f8cb979a8f8..5e4f4a04bb2 100644 --- a/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go +++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go @@ -18,6 +18,7 @@ import ( buildkitparser "github.com/moby/buildkit/frontend/dockerfile/parser" buildkitshell "github.com/moby/buildkit/frontend/dockerfile/shell" "github.com/openshift/imagebuilder/dockerfile/command" + "github.com/openshift/imagebuilder/internal" ) // Node is a structure used to represent a parse tree. @@ -408,7 +409,7 @@ func heredocsFromLine(line string) ([]buildkitparser.Heredoc, error) { shlex.RawQuotes = true shlex.RawEscapes = true shlex.SkipUnsetEnv = true - words, _ := shlex.ProcessWords(line, []string{}) + words, _ := shlex.ProcessWords(line, internal.EnvironmentSlice([]string{})) var docs []buildkitparser.Heredoc for _, word := range words { diff --git a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec index 9fc2bc102b4..d388aa91260 100644 --- a/vendor/github.com/openshift/imagebuilder/imagebuilder.spec +++ b/vendor/github.com/openshift/imagebuilder/imagebuilder.spec @@ -12,7 +12,7 @@ # %global golang_version 1.19 -%{!?version: %global version 1.2.14} +%{!?version: %global version 1.2.15} %{!?release: %global release 1} %global package_name imagebuilder %global product_name Container Image Builder diff --git a/vendor/github.com/openshift/imagebuilder/internal/env.go b/vendor/github.com/openshift/imagebuilder/internal/env.go new file mode 100644 index 00000000000..d72968deefd --- /dev/null +++ b/vendor/github.com/openshift/imagebuilder/internal/env.go @@ -0,0 +1,23 @@ +package internal + +import "strings" + +type EnvironmentSlice []string + +func (e EnvironmentSlice) Keys() []string { + keys := make([]string, 0, len(e)) + for _, kv := range e { + k, _, _ := strings.Cut(kv, "=") + keys = append(keys, k) + } + return keys +} + +func (e EnvironmentSlice) Get(key string) (string, bool) { + for _, kv := range e { + if k, v, ok := strings.Cut(kv, "="); ok && k == key { + return v, true + } + } + return "", false +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 7fec7e88006..85cf121c649 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -76,7 +76,6 @@ github.com/cilium/ebpf/link github.com/containerd/cgroups/v3/cgroup1/stats # github.com/containerd/containerd v1.7.20 ## explicit; go 1.21 -github.com/containerd/containerd/errdefs github.com/containerd/containerd/platforms # github.com/containerd/errdefs v0.1.0 ## explicit; go 1.20 @@ -518,8 +517,8 @@ github.com/mistifyio/go-zfs/v3 # github.com/mitchellh/mapstructure v1.5.0 ## explicit; go 1.14 github.com/mitchellh/mapstructure -# github.com/moby/buildkit v0.12.5 -## explicit; go 1.20 +# github.com/moby/buildkit v0.15.1 +## explicit; go 1.21.0 github.com/moby/buildkit/frontend/dockerfile/command github.com/moby/buildkit/frontend/dockerfile/parser github.com/moby/buildkit/frontend/dockerfile/shell @@ -536,8 +535,8 @@ github.com/moby/sys/mountinfo # github.com/moby/sys/sequential v0.5.0 ## explicit; go 1.17 github.com/moby/sys/sequential -# github.com/moby/sys/user v0.2.0 -## explicit; go 1.21 +# github.com/moby/sys/user v0.3.0 +## explicit; go 1.17 github.com/moby/sys/user # github.com/moby/sys/userns v0.1.0 ## explicit; go 1.21 @@ -593,13 +592,14 @@ github.com/opencontainers/runtime-tools/validate/capabilities github.com/opencontainers/selinux/go-selinux github.com/opencontainers/selinux/go-selinux/label github.com/opencontainers/selinux/pkg/pwalkdir -# github.com/openshift/imagebuilder v1.2.14 -## explicit; go 1.19 +# github.com/openshift/imagebuilder v1.2.15 +## explicit; go 1.21.0 github.com/openshift/imagebuilder github.com/openshift/imagebuilder/dockerclient github.com/openshift/imagebuilder/dockerfile/command github.com/openshift/imagebuilder/dockerfile/parser github.com/openshift/imagebuilder/imageprogress +github.com/openshift/imagebuilder/internal github.com/openshift/imagebuilder/signal github.com/openshift/imagebuilder/strslice # github.com/ostreedev/ostree-go v0.0.0-20210805093236-719684c64e4f