diff --git a/VERSION-openeuler b/VERSION-openeuler index fedb281..edac318 100644 --- a/VERSION-openeuler +++ b/VERSION-openeuler @@ -1 +1 @@ -0.9.6-1 +0.9.6-2 diff --git a/git-commit b/git-commit index 7a8f4f0..0dcce9b 100644 --- a/git-commit +++ b/git-commit @@ -1 +1 @@ -8de0b373053da17a3dc3e63cda4ea2b8e49655ea +01a8133f799d0ec83cbe4bbcedd4a14ea7ff3a7a diff --git a/isula-build.spec b/isula-build.spec index 60114a8..7fc5454 100644 --- a/isula-build.spec +++ b/isula-build.spec @@ -2,7 +2,7 @@ Name: isula-build Version: 0.9.6 -Release: 1 +Release: 2 Summary: A tool to build container images License: Mulan PSL V2 URL: https://gitee.com/openeuler/isula-build @@ -85,6 +85,12 @@ fi /usr/share/bash-completion/completions/isula-build %changelog +* Wed Dec 08 2021 DCCooper <1866858@gmail.com> - 0.9.6-2 +- Type:enhancement +- CVE:NA +- SUG:restart +- DESC:sync upstream patch + * Mon Nov 29 2021 DCCooper <1866858@gmail.com> - 0.9.6-1 - Type:enhancement - CVE:NA diff --git a/patch/0092-tests-fixes-make-test-unit-cover-not-generates-cover.patch b/patch/0092-tests-fixes-make-test-unit-cover-not-generates-cover.patch new file mode 100644 index 0000000..c65b844 --- /dev/null +++ b/patch/0092-tests-fixes-make-test-unit-cover-not-generates-cover.patch @@ -0,0 +1,29 @@ +From 0aa3f0bda673bc3defd9990e71507aa39f6fcb55 Mon Sep 17 00:00:00 2001 +From: jingxiaolu +Date: Tue, 30 Nov 2021 10:45:14 +0800 +Subject: [PATCH 1/3] tests: fixes make test-unit-cover not generates cover + files + +Fixes: #I4KDKL + +Signed-off-by: jingxiaolu +--- + hack/unit_test.sh | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/hack/unit_test.sh b/hack/unit_test.sh +index b6a7978..0237605 100755 +--- a/hack/unit_test.sh ++++ b/hack/unit_test.sh +@@ -62,7 +62,7 @@ function run_unit_test() { + fi + # TEST_ARGS is " -args SKIP_REG=foo", so no double quote for it + # shellcheck disable=SC2086 +- go test -v "${go_test_race_flag}" "${go_test_mod_method}" "${go_test_coverprofile_flag}" "${go_test_covermode_flag}" -coverpkg=${package} "${go_test_count_method}" "${go_test_timeout_flag}" "${package}" ${TEST_ARGS} >> "${testlog}" ++ go test -v ${go_test_race_flag} "${go_test_mod_method}" "${go_test_coverprofile_flag}" "${go_test_covermode_flag}" -coverpkg=${package} "${go_test_count_method}" "${go_test_timeout_flag}" "${package}" ${TEST_ARGS} >> "${testlog}" + done + + if grep -E -- "--- FAIL:|^FAIL" "${testlog}"; then +-- +1.8.3.1 + diff --git a/patch/0093-test-fix-go-test-failed-but-show-success.patch b/patch/0093-test-fix-go-test-failed-but-show-success.patch new file mode 100644 index 0000000..40ce099 --- /dev/null +++ b/patch/0093-test-fix-go-test-failed-but-show-success.patch @@ -0,0 +1,99 @@ +From 1e56fb7d42b3a91ed7b11485d65dd52b12012a81 Mon Sep 17 00:00:00 2001 +From: DCCooper <1866858@gmail.com> +Date: Wed, 8 Dec 2021 12:51:03 +0800 +Subject: [PATCH 1/2] test: fix go test failed but show success + +Signed-off-by: DCCooper <1866858@gmail.com> +--- + cmd/daemon/main_test.go | 23 +++++++++++++---------- + hack/unit_test.sh | 7 ++++--- + 2 files changed, 17 insertions(+), 13 deletions(-) + +diff --git a/cmd/daemon/main_test.go b/cmd/daemon/main_test.go +index d98ea83..3947f7a 100644 +--- a/cmd/daemon/main_test.go ++++ b/cmd/daemon/main_test.go +@@ -14,6 +14,7 @@ + package main + + import ( ++ "fmt" + "io/ioutil" + "os" + "testing" +@@ -143,7 +144,7 @@ func TestRunAndDataRootSet(t *testing.T) { + if err != nil { + t.Fatalf("get default store options failed with error: %v", err) + } +- ++ + var storeOpt store.DaemonStoreOptions + storeOpt.RunRoot = option.RunRoot + storeOpt.DataRoot = option.GraphRoot +@@ -158,6 +159,15 @@ func TestRunAndDataRootSet(t *testing.T) { + expectation store.DaemonStoreOptions + }{ + { ++ // first run so can not be affected by other testcase ++ name: "TC3 - all not set", ++ setF: setStorage("[storage]\ndriver = \"overlay\""), ++ expectation: store.DaemonStoreOptions{ ++ DataRoot: "/var/lib/isula-build/storage", ++ RunRoot: "/var/run/isula-build/storage", ++ }, ++ }, ++ { + name: "TC1 - cmd set, configuration and storage not set", + setF: func() { + cmd.PersistentFlags().Set("runroot", runRoot.Path()) +@@ -176,17 +186,10 @@ func TestRunAndDataRootSet(t *testing.T) { + expectation: result, + }, + { +- name: "TC3 - all not set", +- setF: setStorage("[storage]"), +- expectation: store.DaemonStoreOptions{ +- DataRoot: "/var/lib/containers/storage", +- RunRoot: "/var/run/containers/storage", +- }, +- }, +- { + name: "TC4 - cmd and configuration not set, storage set", + setF: func() { +- config := "[storage]\nrunroot = \"" + runRoot.Join("storage") + "\"\ngraphroot = \"" + dataRoot.Join("storage") + "\"" ++ config := fmt.Sprintf("[storage]\ndriver = \"%s\"\nrunroot = \"%s\"\ngraphroot = \"%s\"\n", ++ "overlay", runRoot.Join("storage"), dataRoot.Join("storage")) + sT := setStorage(config) + sT() + }, +diff --git a/hack/unit_test.sh b/hack/unit_test.sh +index 0237605..e13bca3 100755 +--- a/hack/unit_test.sh ++++ b/hack/unit_test.sh +@@ -63,14 +63,13 @@ function run_unit_test() { + # TEST_ARGS is " -args SKIP_REG=foo", so no double quote for it + # shellcheck disable=SC2086 + go test -v ${go_test_race_flag} "${go_test_mod_method}" "${go_test_coverprofile_flag}" "${go_test_covermode_flag}" -coverpkg=${package} "${go_test_count_method}" "${go_test_timeout_flag}" "${package}" ${TEST_ARGS} >> "${testlog}" ++ grep "^[?|ok].*${package}" "${testlog}" + done + + if grep -E -- "--- FAIL:|^FAIL" "${testlog}"; then + echo "Testing failed... Please check ${testlog}" ++ return 1 + fi +- tail -n 1 "${testlog}" +- +- rm -f "${testlog}" + } + + function generate_unit_test_coverage() { +@@ -82,4 +81,6 @@ function generate_unit_test_coverage() { + + precheck + run_unit_test ++exit_flag=$? + generate_unit_test_coverage ++exit $exit_flag +-- +1.8.3.1 + diff --git a/patch/0094-isula-build-fix-problems-found-by-code-review.patch b/patch/0094-isula-build-fix-problems-found-by-code-review.patch new file mode 100644 index 0000000..fbd497e --- /dev/null +++ b/patch/0094-isula-build-fix-problems-found-by-code-review.patch @@ -0,0 +1,350 @@ +From a3638072985a0cb71ff561ad5e5bbc2454f81c1f Mon Sep 17 00:00:00 2001 +From: DCCooper <1866858@gmail.com> +Date: Wed, 8 Dec 2021 12:51:20 +0800 +Subject: [PATCH 2/2] isula-build: fix problems found by code review + +Signed-off-by: DCCooper <1866858@gmail.com> +--- + daemon/load.go | 67 ++++++++++++++++++++++++------------------------- + daemon/save.go | 79 ++++++++++++++++++++-------------------------------------- + image/image.go | 3 ++- + util/cipher.go | 8 +++++- + 4 files changed, 69 insertions(+), 88 deletions(-) + +diff --git a/daemon/load.go b/daemon/load.go +index 378325c..894159b 100644 +--- a/daemon/load.go ++++ b/daemon/load.go +@@ -69,9 +69,9 @@ type separatorLoad struct { + } + + type loadOptions struct { ++ logEntry *logrus.Entry + path string + format string +- logEntry *logrus.Entry + sep separatorLoad + } + +@@ -355,7 +355,7 @@ func (s *separatorLoad) getTarballInfo() error { + return errors.Wrap(err, "join manifest file path failed") + } + +- var t = make(map[string]tarballInfo) ++ var t = make(map[string]tarballInfo, 1) + if err = util.LoadJSONFile(manifest, &t); err != nil { + return errors.Wrap(err, "load manifest file failed") + } +@@ -370,7 +370,7 @@ func (s *separatorLoad) getTarballInfo() error { + } + + func (s *separatorLoad) constructTarballInfo() (err error) { +- s.log.Infof("construct image tarball info for %s", s.appName) ++ s.log.Infof("Construct image tarball info for %s", s.appName) + // fill up path for separator + // this case should not happened since client side already check this flag + if len(s.appName) == 0 { +@@ -408,26 +408,25 @@ func (s *separatorLoad) tarballCheckSum() error { + return nil + } + +- // app image tarball can not be empty +- if len(s.appPath) == 0 { +- return errors.New("app image tarball path can not be empty") +- } +- if err := util.CheckSum(s.appPath, s.info.AppHash); err != nil { +- return errors.Wrapf(err, "check sum for file %q failed", s.appPath) +- } +- +- // base image tarball can not be empty +- if len(s.basePath) == 0 { +- return errors.New("base image tarball path can not be empty") +- } +- if err := util.CheckSum(s.basePath, s.info.BaseHash); err != nil { +- return errors.Wrapf(err, "check sum for file %q failed", s.basePath) +- } +- +- // lib image may be empty image +- if len(s.libPath) != 0 { +- if err := util.CheckSum(s.libPath, s.info.LibHash); err != nil { +- return errors.Wrapf(err, "check sum for file %q failed", s.libPath) ++ type checkInfo struct { ++ path string ++ hash string ++ str string ++ canBeEmpty bool ++ } ++ checkLen := 3 ++ var checkList = make([]checkInfo, 0, checkLen) ++ checkList = append(checkList, checkInfo{path: s.basePath, hash: s.info.BaseHash, canBeEmpty: false, str: "base image"}) ++ checkList = append(checkList, checkInfo{path: s.libPath, hash: s.info.LibHash, canBeEmpty: true, str: "lib image"}) ++ checkList = append(checkList, checkInfo{path: s.appPath, hash: s.info.AppHash, canBeEmpty: false, str: "app image"}) ++ for _, p := range checkList { ++ if len(p.path) == 0 && !p.canBeEmpty { ++ return errors.Errorf("%s tarball path can not be empty", p.str) ++ } ++ if len(p.path) != 0 { ++ if err := util.CheckSum(p.path, p.hash); err != nil { ++ return errors.Wrapf(err, "check sum for file %q failed", p.path) ++ } + } + } + +@@ -457,18 +456,18 @@ func (s *separatorLoad) unpackTarballs() error { + return errors.Wrap(err, "failed to make temporary directories") + } + +- // unpack base first and the later images will be moved here +- if err := util.UnpackFile(s.basePath, s.tmpDir.base, archive.Gzip, false); err != nil { +- return errors.Wrapf(err, "unpack base tarball %q failed", s.basePath) +- } +- +- if err := util.UnpackFile(s.appPath, s.tmpDir.app, archive.Gzip, false); err != nil { +- return errors.Wrapf(err, "unpack app tarball %q failed", s.appPath) +- } ++ type unpackInfo struct{ path, dir, str string } ++ unpackLen := 3 ++ var unpackList = make([]unpackInfo, 0, unpackLen) ++ unpackList = append(unpackList, unpackInfo{path: s.basePath, dir: s.tmpDir.base, str: "base image"}) ++ unpackList = append(unpackList, unpackInfo{path: s.appPath, dir: s.tmpDir.app, str: "app image"}) ++ unpackList = append(unpackList, unpackInfo{path: s.libPath, dir: s.tmpDir.lib, str: "lib image"}) + +- if len(s.libPath) != 0 { +- if err := util.UnpackFile(s.libPath, s.tmpDir.lib, archive.Gzip, false); err != nil { +- return errors.Wrapf(err, "unpack lib tarball %q failed", s.libPath) ++ for _, p := range unpackList { ++ if len(p.path) != 0 { ++ if err := util.UnpackFile(p.path, p.dir, archive.Gzip, false); err != nil { ++ return errors.Wrapf(err, "unpack %s tarball %q failed", p.str, p.path) ++ } + } + } + +diff --git a/daemon/save.go b/daemon/save.go +index f14a485..7a110bd 100644 +--- a/daemon/save.go ++++ b/daemon/save.go +@@ -77,9 +77,9 @@ type saveOptions struct { + } + + type separatorSave struct { ++ log *logrus.Entry + renameData []renames + tmpDir imageTmpDir +- log *logrus.Entry + base string + lib string + dest string +@@ -190,7 +190,7 @@ func (b *Backend) Save(req *pb.SaveRequest, stream pb.Control_SaveServer) (err e + }).Info("SaveRequest received") + + opts := b.getSaveOptions(req) +- if err = opts.check(); err != nil { ++ if err = opts.manage(); err != nil { + return errors.Wrap(err, "check save options failed") + } + +@@ -278,17 +278,17 @@ func messageHandler(stream pb.Control_SaveServer, cliLogger *logger.Logger) func + } + } + +-func (opts *saveOptions) check() error { ++func (opts *saveOptions) manage() error { + if err := opts.checkImageNameIsID(); err != nil { + return err + } +- if err := opts.checkFormat(); err != nil { ++ if err := opts.setFormat(); err != nil { + return err + } + if err := opts.filterImageName(); err != nil { + return err + } +- if err := opts.checkRenameFile(); err != nil { ++ if err := opts.loadRenameFile(); err != nil { + return err + } + +@@ -318,7 +318,7 @@ func (opts *saveOptions) checkImageNameIsID() error { + return nil + } + +-func (opts *saveOptions) checkFormat() error { ++func (opts *saveOptions) setFormat() error { + switch opts.format { + case constant.DockerTransport: + opts.format = constant.DockerArchiveTransport +@@ -337,7 +337,7 @@ func (opts *saveOptions) filterImageName() error { + return nil + } + +- visitedImage := make(map[string]bool) ++ visitedImage := make(map[string]bool, 1) + for _, imageName := range opts.oriImgList { + if _, exists := visitedImage[imageName]; exists { + continue +@@ -351,8 +351,7 @@ func (opts *saveOptions) filterImageName() error { + + finalImage, ok := opts.finalImageSet[img.ID] + if !ok { +- finalImage = &savedImage{exist: true} +- finalImage.tags = []reference.NamedTagged{} ++ finalImage = &savedImage{exist: true, tags: []reference.NamedTagged{}} + opts.finalImageOrdered = append(opts.finalImageOrdered, img.ID) + } + +@@ -369,7 +368,7 @@ func (opts *saveOptions) filterImageName() error { + return nil + } + +-func (opts *saveOptions) checkRenameFile() error { ++func (opts *saveOptions) loadRenameFile() error { + if len(opts.sep.renameFile) != 0 { + var reName []renames + if err := util.LoadJSONFile(opts.sep.renameFile, &reName); err != nil { +@@ -494,12 +493,11 @@ func (s *separatorSave) adjustLayers() ([]imageManifest, error) { + return man, nil + } + +-func separateImage(opt saveOptions) error { ++func separateImage(opt saveOptions) (err error) { + s := &opt.sep + s.log.Infof("Start saving separated images %v", opt.oriImgList) +- var errList []error + +- if err := os.MkdirAll(s.dest, constant.DefaultRootDirMode); err != nil { ++ if err = os.MkdirAll(s.dest, constant.DefaultRootDirMode); err != nil { + return err + } + +@@ -507,30 +505,26 @@ func separateImage(opt saveOptions) error { + if tErr := os.RemoveAll(s.tmpDir.root); tErr != nil && !os.IsNotExist(tErr) { + s.log.Warnf("Removing save tmp directory %q failed: %v", s.tmpDir.root, tErr) + } +- if len(errList) != 0 { ++ if err != nil { + if rErr := os.RemoveAll(s.dest); rErr != nil && !os.IsNotExist(rErr) { + s.log.Warnf("Removing save dest directory %q failed: %v", s.dest, rErr) + } + } + }() +- if err := util.UnpackFile(opt.outputPath, s.tmpDir.untar, archive.Gzip, true); err != nil { +- errList = append(errList, err) ++ if err = util.UnpackFile(opt.outputPath, s.tmpDir.untar, archive.Gzip, true); err != nil { + return errors.Wrapf(err, "unpack %q failed", opt.outputPath) + } +- manifest, err := s.adjustLayers() +- if err != nil { +- errList = append(errList, err) +- return errors.Wrap(err, "adjust layers failed") ++ manifest, aErr := s.adjustLayers() ++ if aErr != nil { ++ return errors.Wrap(aErr, "adjust layers failed") + } + +- imgInfos, err := s.constructImageInfos(manifest, opt.localStore) +- if err != nil { +- errList = append(errList, err) +- return errors.Wrap(err, "process image infos failed") ++ imgInfos, cErr := s.constructImageInfos(manifest, opt.localStore) ++ if cErr != nil { ++ return errors.Wrap(cErr, "process image infos failed") + } + +- if err := s.processImageLayers(imgInfos); err != nil { +- errList = append(errList, err) ++ if err = s.processImageLayers(imgInfos); err != nil { + return err + } + +@@ -552,7 +546,7 @@ func (s *separatorSave) processImageLayers(imgInfos map[string]imageInfo) error + sort.Strings(sortedKey) + for _, k := range sortedKey { + info := imgInfos[k] +- if err := s.clearDirs(true); err != nil { ++ if err := s.clearTempDirs(); err != nil { + return errors.Wrap(err, "clear tmp dirs failed") + } + var t tarballInfo +@@ -584,32 +578,13 @@ func (s *separatorSave) processImageLayers(imgInfos map[string]imageInfo) error + return nil + } + +-func (s *separatorSave) clearDirs(reCreate bool) error { +- tmpDir := s.tmpDir +- dirs := []string{tmpDir.base, tmpDir.app, tmpDir.lib} +- var mkTmpDirs = func(dirs []string) error { +- for _, dir := range dirs { +- if err := os.MkdirAll(dir, constant.DefaultRootDirMode); err != nil { +- return err +- } +- } +- return nil +- } +- +- var rmTmpDirs = func(dirs []string) error { +- for _, dir := range dirs { +- if err := os.RemoveAll(dir); err != nil { +- return err +- } ++func (s *separatorSave) clearTempDirs() error { ++ dirs := []string{s.tmpDir.base, s.tmpDir.app, s.tmpDir.lib} ++ for _, dir := range dirs { ++ if err := os.RemoveAll(dir); err != nil { ++ return err + } +- return nil +- } +- +- if err := rmTmpDirs(dirs); err != nil { +- return err +- } +- if reCreate { +- if err := mkTmpDirs(dirs); err != nil { ++ if err := os.MkdirAll(dir, constant.DefaultRootDirMode); err != nil { + return err + } + } +diff --git a/image/image.go b/image/image.go +index b24cb41..37cd7fa 100644 +--- a/image/image.go ++++ b/image/image.go +@@ -626,7 +626,8 @@ func GetNamedTaggedReference(image string) (reference.NamedTagged, string, error + return nil, "", nil + } + +- if slashLastIndex, sepLastIndex := strings.LastIndex(image, "/"), strings.LastIndex(image, ":"); sepLastIndex == -1 || (sepLastIndex < slashLastIndex) { ++ slashLastIndex, sepLastIndex := strings.LastIndex(image, "/"), strings.LastIndex(image, ":") ++ if sepLastIndex == -1 || (sepLastIndex < slashLastIndex) { + image = fmt.Sprintf("%s:%s", image, constant.DefaultTag) + } + +diff --git a/util/cipher.go b/util/cipher.go +index a5e3125..67cb52b 100644 +--- a/util/cipher.go ++++ b/util/cipher.go +@@ -212,6 +212,9 @@ func GenRSAPublicKeyFile(key *rsa.PrivateKey, path string) error { + if err := pem.Encode(file, block); err != nil { + return err + } ++ if cErr := file.Close(); cErr != nil { ++ return cErr ++ } + + return nil + } +@@ -230,7 +233,10 @@ func ReadPublicKey(path string) (rsa.PublicKey, error) { + if err != nil { + return rsa.PublicKey{}, err + } +- key := pubInterface.(*rsa.PublicKey) ++ key, ok := pubInterface.(*rsa.PublicKey) ++ if !ok { ++ return rsa.PublicKey{}, errors.New("failed to find public key type") ++ } + + return *key, nil + } +-- +1.8.3.1 + diff --git a/series.conf b/series.conf index 01bcda6..5b33500 100644 --- a/series.conf +++ b/series.conf @@ -1,2 +1,5 @@ patch/0030-xattr-support-ima-and-evm.patch patch/0033-isula-build-remove-docker-releated-path-for-authenti.patch +patch/0092-tests-fixes-make-test-unit-cover-not-generates-cover.patch +patch/0093-test-fix-go-test-failed-but-show-success.patch +patch/0094-isula-build-fix-problems-found-by-code-review.patch