From fc8138468fc5d1407fec31ba362de0a7e69c2234 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 18 Nov 2021 00:39:12 +0100 Subject: [PATCH] go.mod: update image-spec to latest (v1.0.3-dev) The OCI image spec did a v1.0.2 security release for CVE-2021-41190, however commit 09c9270feee1d81044e29c47c3609fb0c1e4d7f5, depends on MediaTypes that have not yet been released by the OCI image-spec, so using current "main" instead. full diff: https://github.com/opencontainers/image-space/compare/5ad6f50d6283...693428a734f5 Signed-off-by: Sebastiaan van Stijn --- go.mod | 2 +- go.sum | 4 ++-- images/converter/default.go | 20 +++++++++---------- integration/client/go.mod | 2 +- integration/client/go.sum | 4 ++-- .../image-spec/specs-go/v1/index.go | 3 +++ .../image-spec/specs-go/v1/manifest.go | 3 +++ .../image-spec/specs-go/version.go | 2 +- vendor/modules.txt | 2 +- 9 files changed, 23 insertions(+), 19 deletions(-) diff --git a/go.mod b/go.mod index 8f78011d0..157c63850 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,7 @@ require ( github.com/moby/sys/signal v0.6.0 github.com/moby/sys/symlink v0.2.0 github.com/opencontainers/go-digest v1.0.0 - github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 + github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5 github.com/opencontainers/runc v1.0.3 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 github.com/opencontainers/selinux v1.8.2 diff --git a/go.sum b/go.sum index dd941b08e..a08074e60 100644 --- a/go.sum +++ b/go.sum @@ -473,8 +473,8 @@ github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+t github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 h1:TVzvdjOalkJBNkbpPVMAr4KV9QRf2IjfxdyxwAK78Gs= -github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5 h1:q37d91F6BO4Jp1UqWiun0dUFYaqv6WsKTLTCaWv+8LY= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= github.com/opencontainers/runc v1.0.3 h1:1hbqejyQWCJBvtKAfdO0b1FmaEf2z/bxnjqbARass5k= github.com/opencontainers/runc v1.0.3/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= diff --git a/images/converter/default.go b/images/converter/default.go index b17799b03..825d4dd6a 100644 --- a/images/converter/default.go +++ b/images/converter/default.go @@ -144,12 +144,11 @@ func (c *defaultConverter) convertLayer(ctx context.Context, cs content.Store, d // convertManifest converts image manifests. // -// - clears `.mediaType` if the target format is OCI -// +// - converts `.mediaType` if the target format is OCI // - records diff ID changes in c.diffIDMap func (c *defaultConverter) convertManifest(ctx context.Context, cs content.Store, desc ocispec.Descriptor) (*ocispec.Descriptor, error) { var ( - manifest DualManifest + manifest ocispec.Manifest modified bool ) labels, err := readJSON(ctx, cs, &manifest, desc) @@ -160,7 +159,7 @@ func (c *defaultConverter) convertManifest(ctx context.Context, cs content.Store labels = make(map[string]string) } if images.IsDockerType(manifest.MediaType) && c.docker2oci { - manifest.MediaType = "" + manifest.MediaType = ConvertDockerMediaTypeToOCI(manifest.MediaType) modified = true } var mu sync.Mutex @@ -226,12 +225,11 @@ func (c *defaultConverter) convertManifest(ctx context.Context, cs content.Store // convertIndex converts image index. // -// - clears `.mediaType` if the target format is OCI -// +// - converts `.mediaType` if the target format is OCI // - clears manifest entries that do not match c.platformMC func (c *defaultConverter) convertIndex(ctx context.Context, cs content.Store, desc ocispec.Descriptor) (*ocispec.Descriptor, error) { var ( - index DualIndex + index ocispec.Index modified bool ) labels, err := readJSON(ctx, cs, &index, desc) @@ -242,7 +240,7 @@ func (c *defaultConverter) convertIndex(ctx context.Context, cs content.Store, d labels = make(map[string]string) } if images.IsDockerType(index.MediaType) && c.docker2oci { - index.MediaType = "" + index.MediaType = ConvertDockerMediaTypeToOCI(index.MediaType) modified = true } @@ -381,22 +379,22 @@ func clearDockerV1DummyID(cfg DualConfig) (bool, error) { } // ObjectWithMediaType represents an object with a MediaType field +// Deprecated type ObjectWithMediaType struct { // MediaType appears on Docker manifests and manifest lists. - // MediaType does not appear on OCI manifests and index MediaType string `json:"mediaType,omitempty"` } // DualManifest covers Docker manifest and OCI manifest +// Deprecated: use github.com/opencontainers/image-spec/specs-go/v1.Manifest type DualManifest struct { ocispec.Manifest - ObjectWithMediaType } // DualIndex covers Docker manifest list and OCI index +// Deprecated: use github.com/opencontainers/image-spec/specs-go/v1.Index type DualIndex struct { ocispec.Index - ObjectWithMediaType } // DualConfig covers Docker config (v1.0, v1.1, v1.2) and OCI config. diff --git a/integration/client/go.mod b/integration/client/go.mod index 8591a56e5..127abba13 100644 --- a/integration/client/go.mod +++ b/integration/client/go.mod @@ -14,7 +14,7 @@ require ( github.com/containerd/typeurl v1.0.2 github.com/gogo/protobuf v1.3.2 github.com/opencontainers/go-digest v1.0.0 - github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 + github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5 github.com/opencontainers/runtime-spec v1.0.3-0.20210326190908-1c3f411f0417 github.com/pkg/errors v0.9.1 github.com/sirupsen/logrus v1.8.1 diff --git a/integration/client/go.sum b/integration/client/go.sum index 2911f58b7..6599b2b81 100644 --- a/integration/client/go.sum +++ b/integration/client/go.sum @@ -443,8 +443,8 @@ github.com/onsi/gomega v1.15.0/go.mod h1:cIuvLEne0aoVhAgh/O6ac0Op8WWw9H6eYCriF+t github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= -github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 h1:TVzvdjOalkJBNkbpPVMAr4KV9QRf2IjfxdyxwAK78Gs= -github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5 h1:q37d91F6BO4Jp1UqWiun0dUFYaqv6WsKTLTCaWv+8LY= +github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v1.0.2/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= github.com/opencontainers/runc v1.0.3 h1:1hbqejyQWCJBvtKAfdO0b1FmaEf2z/bxnjqbARass5k= github.com/opencontainers/runc v1.0.3/go.mod h1:aTaHFFwQXuA71CiyxOdFFIorAoemI04suvGRQFzWTD0= diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go index 4e6c4b236..82da6c6a8 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/index.go @@ -21,6 +21,9 @@ import "github.com/opencontainers/image-spec/specs-go" type Index struct { specs.Versioned + // MediaType specificies the type of this document data structure e.g. `application/vnd.oci.image.index.v1+json` + MediaType string `json:"mediaType,omitempty"` + // Manifests references platform specific manifests. Manifests []Descriptor `json:"manifests"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go index 7ff32c40b..d72d15ce4 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/v1/manifest.go @@ -20,6 +20,9 @@ import "github.com/opencontainers/image-spec/specs-go" type Manifest struct { specs.Versioned + // MediaType specificies the type of this document data structure e.g. `application/vnd.oci.image.manifest.v1+json` + MediaType string `json:"mediaType,omitempty"` + // Config references a configuration object for a container, by digest. // The referenced configuration object is a JSON blob that the runtime uses to set up the container. Config Descriptor `json:"config"` diff --git a/vendor/github.com/opencontainers/image-spec/specs-go/version.go b/vendor/github.com/opencontainers/image-spec/specs-go/version.go index 58f1095ab..31f99cf64 100644 --- a/vendor/github.com/opencontainers/image-spec/specs-go/version.go +++ b/vendor/github.com/opencontainers/image-spec/specs-go/version.go @@ -22,7 +22,7 @@ const ( // VersionMinor is for functionality in a backwards-compatible manner VersionMinor = 0 // VersionPatch is for backwards-compatible bug fixes - VersionPatch = 1 + VersionPatch = 2 // VersionDev indicates development branch. Releases will be empty string. VersionDev = "-dev" diff --git a/vendor/modules.txt b/vendor/modules.txt index 6b17c99d1..52451c9a7 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -306,7 +306,7 @@ github.com/modern-go/reflect2 ## explicit github.com/opencontainers/go-digest github.com/opencontainers/go-digest/digestset -# github.com/opencontainers/image-spec v1.0.2-0.20210819154149-5ad6f50d6283 +# github.com/opencontainers/image-spec v1.0.2-0.20211117181255-693428a734f5 ## explicit github.com/opencontainers/image-spec/identity github.com/opencontainers/image-spec/specs-go