WithModTimeUpperBound sets the upper bound value of the ModTime property
of the tar entry structs.
WithSourceDateEpoch now implies WithModTimeUpperBound too,
in addition to WithWhiteoutTime.
For moby/buildkit issue 3296
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This makes diff archives to be reproducible.
The value is expected to be passed from CLI applications via the $SOUCE_DATE_EPOCH env var.
See https://reproducible-builds.org/docs/source-date-epoch/
for the $SOURCE_DATE_EPOCH specification.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Different tar(1) implementations default to different input and output
locations when none is specified. This can include tape devices like
/dev/st0 (on Linux) or /dev/sa0 (on FreeBSD), but may be overridden by
compilation options or environment variables. Using the f option with
the special value of - instructs tar(1) to read from stdin and write to
stdout instead of the default.
Signed-off-by: Samuel Karp <me@samuelkarp.com>
The directory created by `T.TempDir` is automatically removed when the
test and all its subtests complete.
Reference: https://pkg.go.dev/testing#T.TempDir
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
Go 1.15.7 contained a security fix for CVE-2021-3115, which allowed arbitrary
code to be executed at build time when using cgo on Windows. This issue also
affects Unix users who have “.” listed explicitly in their PATH and are running
“go get” outside of a module or with module mode disabled.
This issue is not limited to the go command itself, and can also affect binaries
that use `os.Command`, `os.LookPath`, etc.
From the related blogpost (ttps://blog.golang.org/path-security):
> Are your own programs affected?
>
> If you use exec.LookPath or exec.Command in your own programs, you only need to
> be concerned if you (or your users) run your program in a directory with untrusted
> contents. If so, then a subprocess could be started using an executable from dot
> instead of from a system directory. (Again, using an executable from dot happens
> always on Windows and only with uncommon PATH settings on Unix.)
>
> If you are concerned, then we’ve published the more restricted variant of os/exec
> as golang.org/x/sys/execabs. You can use it in your program by simply replacing
This patch replaces all uses of `os/exec` with `golang.org/x/sys/execabs`. While
some uses of `os/exec` should not be problematic (e.g. part of tests), it is
probably good to be consistent, in case code gets moved around.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Dependencies may be switching to use the new `%w` formatting
option to wrap errors; switching to use `errors.Is()` makes
sure that we are still able to unwrap the error and detect the
underlying cause.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
megacheck, gosimple and unused has been deprecated and subsumed by
staticcheck. And staticcheck also has been upgraded. we need to update
code for the linter issue.
close: #2945
Signed-off-by: Wei Fu <fuweid89@gmail.com>
With `fs.RootPath`, the target file will be the file which the softlink
points to, like:
touch /tmp/zzz
ln -s /tmp/zzz /tmp/xxx
ln /tmp/xxx /tmp/yyy
The `/tmp/yyy` should be same with the `/tmp/xxx`, not `/tmp/zzz`. We
should allow hardlink to softlink file.
Signed-off-by: Wei Fu <fhfuwei@163.com>
Currently directory changes are not added to the list of
included directories, allowing those directories to receive
duplicate entries where there is both a metadata change to the
directory and a change to a file under that directory.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Ensure whiteout is not pointing to the current directory
or parent directory before removing. Protects against invalid
removal of the parent or current directory.
Add whiteout related tar tests using manufactured tar conditions.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
This moves the RootPath function out of the archive package and into the
fs package for external use.
Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
Fixes bug for resolving symlinks which allowed fully resolving
an existing symlink to a path, causing some symlinks to get
overridden as symlinks to self.
Updates logic to split name into parent path, resolve the parent
path, then safely join back with the base name.
Uses the split code to ensure parent directories are created in
all cases.
Replaces `rootJoin` with filepath.Join to the root, which already
correctly cleans relative symlinks to the root.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Ensure symlinks cannot be used to breakout of unpack directory.
Evaluate absolute symlinks as scoped to unpack directory.
Allow symlinks which point outside the root to be created.
Scope all resolution of symlinks to the unpack directory.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Touching the file before hardlinking was covering up a bug in
how hard links are handled in tar. Without the touch the hardlink
should still be included and both files should hardlink after
the tar is applied.
Signed-off-by: Derek McGowan <derek@mcgstyle.net>
Test deleting multiple files, directories, and creating
the equivalent of an opaque directory.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Removed unused requires root test function and updated
tar requires function to use lookup method.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
Archive package handles generating and applying diff tar streams
based on the OCI diff tar specification.
Signed-off-by: Derek McGowan <derek@mcgstyle.net> (github: dmcgowan)
