Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package apko for openSUSE:Factory checked in
at 2025-07-24 18:47:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apko (Old)
and /work/SRC/openSUSE:Factory/.apko.new.13279 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apko"
Thu Jul 24 18:47:23 2025 rev:60 rq:1295487 version:0.29.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/apko/apko.changes 2025-07-17
17:21:09.741740868 +0200
+++ /work/SRC/openSUSE:Factory/.apko.new.13279/apko.changes 2025-07-24
18:49:50.196454889 +0200
@@ -1,0 +2,22 @@
+Thu Jul 24 08:20:01 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 0.29.9:
+ * Ensure parent dirs exist for partial idb (#1776)
+ * build(deps): bump chainguard-dev/actions from 1.4.5 to 1.4.6
+ (#1775)
+ * build(deps): bump github/codeql-action from 3.29.2 to 3.29.3
+ (#1774)
+
+-------------------------------------------------------------------
+Thu Jul 24 08:06:25 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 0.29.8:
+ * build(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2
+ (#1771)
+ * Close response from index HEAD request (#1770)
+ * build(deps): bump sigs.k8s.io/release-utils from 0.11.1 to
+ 0.12.0 (#1766)
+ * build(deps): bump chainguard.dev/sdk from 0.1.36 to 0.1.37
+ (#1767)
+
+-------------------------------------------------------------------
Old:
----
apko-0.29.7.obscpio
New:
----
apko-0.29.9.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ apko.spec ++++++
--- /var/tmp/diff_new_pack.sBdsZu/_old 2025-07-24 18:49:52.236539380 +0200
+++ /var/tmp/diff_new_pack.sBdsZu/_new 2025-07-24 18:49:52.240539545 +0200
@@ -17,7 +17,7 @@
Name: apko
-Version: 0.29.7
+Version: 0.29.9
Release: 0
Summary: Build OCI images from APK packages directly without Dockerfile
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.sBdsZu/_old 2025-07-24 18:49:52.284541368 +0200
+++ /var/tmp/diff_new_pack.sBdsZu/_new 2025-07-24 18:49:52.284541368 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/chainguard-dev/apko</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.29.7</param>
+ <param name="revision">v0.29.9</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.sBdsZu/_old 2025-07-24 18:49:52.308542362 +0200
+++ /var/tmp/diff_new_pack.sBdsZu/_new 2025-07-24 18:49:52.316542694 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/chainguard-dev/apko</param>
- <param
name="changesrevision">28bb8ff0e706fea7812008bb8c7e2305710aacba</param></service></servicedata>
+ <param
name="changesrevision">249040d757402713b515281a333ea5042050c471</param></service></servicedata>
(No newline at EOF)
++++++ apko-0.29.7.obscpio -> apko-0.29.9.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/.golangci.yml
new/apko-0.29.9/.golangci.yml
--- old/apko-0.29.7/.golangci.yml 2025-07-17 01:34:24.000000000 +0200
+++ new/apko-0.29.9/.golangci.yml 2025-07-21 20:08:10.000000000 +0200
@@ -4,6 +4,7 @@
linters:
enable:
- asciicheck
+ - bodyclose
- errorlint
- forbidigo
- gocritic
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/go.mod new/apko-0.29.9/go.mod
--- old/apko-0.29.7/go.mod 2025-07-17 01:34:24.000000000 +0200
+++ new/apko-0.29.9/go.mod 2025-07-21 20:08:10.000000000 +0200
@@ -3,7 +3,7 @@
go 1.24.5
require (
- chainguard.dev/sdk v0.1.36
+ chainguard.dev/sdk v0.1.37
github.com/chainguard-dev/clog v1.7.0
github.com/charmbracelet/log v0.4.2
github.com/go-git/go-git/v5 v5.16.2
@@ -33,7 +33,7 @@
gopkg.in/ini.v1 v1.67.0
gopkg.in/yaml.v3 v3.0.1
k8s.io/apimachinery v0.33.3
- sigs.k8s.io/release-utils v0.11.1
+ sigs.k8s.io/release-utils v0.12.0
)
require (
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/go.sum new/apko-0.29.9/go.sum
--- old/apko-0.29.7/go.sum 2025-07-17 01:34:24.000000000 +0200
+++ new/apko-0.29.9/go.sum 2025-07-21 20:08:10.000000000 +0200
@@ -1,7 +1,7 @@
chainguard.dev/go-grpc-kit v0.17.11
h1:m4ZL2yg6sSrdPA593qVh9KHTZ+XOmLwqv3Jt5vT0FuU=
chainguard.dev/go-grpc-kit v0.17.11/go.mod
h1:aYlrvAscMZBtVIA7bykUWfbjhL2fDoUCECHvopC2xWY=
-chainguard.dev/sdk v0.1.36 h1:YzxE7ZccR32spQ3i8boN6eDEYlvhV17r8fdpI9vdOgE=
-chainguard.dev/sdk v0.1.36/go.mod
h1:4HOnG9fVNC9ruzkJLMWWUNM1iVxxBL+bKqj0STERbcs=
+chainguard.dev/sdk v0.1.37 h1:4hZ2enarpA/FZ1JMXE3EOlpzd18LmdWZ7UScwdSlrSs=
+chainguard.dev/sdk v0.1.37/go.mod
h1:4HOnG9fVNC9ruzkJLMWWUNM1iVxxBL+bKqj0STERbcs=
cloud.google.com/go v0.26.0/go.mod
h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
cloud.google.com/go/auth v0.16.2
h1:QvBAGFPLrDeoiNjyfVunhQ10HKNYuOwZ5noee0M5df4=
cloud.google.com/go/auth v0.16.2/go.mod
h1:sRBas2Y1fB1vZTdurouM0AzuYQBMZinrUYL8EufhtEA=
@@ -348,8 +348,8 @@
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod
h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
-golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
-golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
+golang.org/x/mod v0.26.0 h1:EGMPT//Ezu+ylkCijjPc+f4Aih7sZvaAr+O3EHBxvZg=
+golang.org/x/mod v0.26.0/go.mod h1:/j6NAhSk8iQ723BGAUyoAcn7SlD7s15Dp9Nd/SfeaFQ=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -429,8 +429,8 @@
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod
h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.12/go.mod
h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.6.0/go.mod
h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
-golang.org/x/tools v0.34.0 h1:qIpSLOxeCYGg9TrcJokLBG4KFA6d795g0xkBkiESGlo=
-golang.org/x/tools v0.34.0/go.mod
h1:pAP9OwEaY1CAW3HOmg3hLZC5Z0CCmzjAF2UQMSqNARg=
+golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0=
+golang.org/x/tools v0.35.0/go.mod
h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -479,5 +479,5 @@
honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod
h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
k8s.io/apimachinery v0.33.3 h1:4ZSrmNa0c/ZpZJhAgRdcsFcZOw1PQU1bALVQ0B3I5LA=
k8s.io/apimachinery v0.33.3/go.mod
h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
-sigs.k8s.io/release-utils v0.11.1
h1:hzvXGpHgHJfLOJB6TRuu14bzWc3XEglHmXHJqwClSZE=
-sigs.k8s.io/release-utils v0.11.1/go.mod
h1:ybR2V/uQAOGxYfzYtBenSYeXWkBGNP2qnEiX77ACtpc=
+sigs.k8s.io/release-utils v0.12.0
h1:+Z8cEUAaxItrMcTOJ0jtUg3Fm1uNgPNol+VIL6XtQqQ=
+sigs.k8s.io/release-utils v0.12.0/go.mod
h1:TveYRPK4Mq6qXA0PJiUMEOlWvvIQG0Mh5APQmHD5JpA=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/internal/cli/publish_test.go
new/apko-0.29.9/internal/cli/publish_test.go
--- old/apko-0.29.7/internal/cli/publish_test.go 2025-07-17
01:34:24.000000000 +0200
+++ new/apko-0.29.9/internal/cli/publish_test.go 2025-07-21
20:08:10.000000000 +0200
@@ -167,7 +167,7 @@
// This test will fail if we ever make a change in apko that changes
the image.
// Sometimes, this is intentional, and we need to change this and bump
the version.
- want :=
"sha256:88a8065a9ccb964f27ca842a3e297e152997ddae2997fe68ae7535653c1ebc46"
+ want :=
"sha256:66dc21761826860d1152e8a6defa7919ad3f65af5d56fd75164c4c36ba85c648"
require.Equal(t, want, digest.String())
im, err := idx.IndexManifest()
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/pkg/apk/apk/index.go
new/apko-0.29.9/pkg/apk/apk/index.go
--- old/apko-0.29.7/pkg/apk/apk/index.go 2025-07-17 01:34:24.000000000
+0200
+++ new/apko-0.29.9/pkg/apk/apk/index.go 2025-07-21 20:08:10.000000000
+0200
@@ -135,6 +135,7 @@
if err != nil {
return nil, err
}
+ defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
return nil, fmt.Errorf("unexpected status code %d",
resp.StatusCode)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/pkg/build/layers.go
new/apko-0.29.9/pkg/build/layers.go
--- old/apko-0.29.7/pkg/build/layers.go 2025-07-17 01:34:24.000000000 +0200
+++ new/apko-0.29.9/pkg/build/layers.go 2025-07-21 20:08:10.000000000 +0200
@@ -284,10 +284,6 @@
top := newLayerWriter(f)
- // We want to match the file info from the top layer's idb file below,
- // so when we run into it, just stash it for later.
- var idb tar.Header
-
// In a tar file, it is customary to include directories before files
in those directories.
// In order to know which directories we need to include, we maintain a
directory stack for each layer.
// We compare those stacks to the full FS that we're walking whenever
we create a new tar entry.
@@ -371,7 +367,6 @@
if err != nil {
return nil, fmt.Errorf("opening %s: %w",
f.path, err)
}
-
if _, err := io.CopyBuffer(w.w, data, buf); err != nil {
return nil, fmt.Errorf("copying %s: %w",
f.path, err)
}
@@ -383,35 +378,46 @@
}
if f.header.Name == "usr/lib/apk/db/installed" {
- idb = *f.header
- }
- }
-
- // Once we're done walking the FS, we need to finalize each layer...
- layers := make([]v1.Layer, 0, len(groups)+1)
- for i, g := range groups {
- w := groupToWriter[g]
+ // Add a partial installed db to each layer to satisfy
scanners.
+ for _, g := range groups {
+ w := groupToWriter[g]
+
+ // Make sure we have all parent directories to
appease AWS Lambda.
+ for _, todo := range w.alignStacks(stack) {
+ todo.header.ModTime = f.header.ModTime
+
+ if err := w.w.WriteHeader(todo.header);
err != nil {
+ return nil, fmt.Errorf("writing
header %s: %w", todo.header.Name, err)
+ }
+ }
- // Add a partial installed db to satisfy scanners.
- {
- var buf bytes.Buffer
- for _, pkg := range g.pkgs {
- if _, err := buf.Write(pkgToDiff[pkg]); err !=
nil {
- return nil, err
+ // Accumulate all the idb entries for this
layer.
+ var buf bytes.Buffer
+ for _, pkg := range g.pkgs {
+ if _, err := buf.Write(pkgToDiff[pkg]);
err != nil {
+ return nil, err
+ }
}
- }
- // Only the size should be different across layers.
- idb.Size = int64(buf.Len())
+ // Only the size should be different across
layers.
+ idb := *f.header
+ idb.Size = int64(buf.Len())
- if err := w.w.WriteHeader(&idb); err != nil {
- return nil, err
- }
+ if err := w.w.WriteHeader(&idb); err != nil {
+ return nil, err
+ }
- if _, err := io.Copy(w.w, &buf); err != nil {
- return nil, err
+ if _, err := io.Copy(w.w, &buf); err != nil {
+ return nil, err
+ }
}
}
+ }
+
+ // Once we're done walking the FS, we need to finalize each layer...
+ layers := make([]v1.Layer, 0, len(groups)+1)
+ for i, g := range groups {
+ w := groupToWriter[g]
l, err := w.finalize()
if err != nil {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/apko-0.29.7/pkg/build/layers_test.go
new/apko-0.29.9/pkg/build/layers_test.go
--- old/apko-0.29.7/pkg/build/layers_test.go 2025-07-17 01:34:24.000000000
+0200
+++ new/apko-0.29.9/pkg/build/layers_test.go 2025-07-21 20:08:10.000000000
+0200
@@ -15,11 +15,16 @@
package build
import (
+ "archive/tar"
+ "context"
"fmt"
+ "io"
+ "os"
"slices"
"testing"
"chainguard.dev/apko/pkg/apk/apk"
+ apkfs "chainguard.dev/apko/pkg/apk/fs"
)
func size(pkgs ...*apk.Package) uint64 {
@@ -224,3 +229,122 @@
return nil
}
+
+func TestSplitLayersDirectoryCreation(t *testing.T) {
+ // Create a minimal filesystem with an installed DB file
+ fsys := apkfs.NewMemFS()
+
+ // Create the parent directories first
+ if err := fsys.MkdirAll("usr/lib/apk/db", 0755); err != nil {
+ t.Fatalf("failed to create parent directories: %v", err)
+ }
+
+ // Create the installed DB file with some content
+ idbContent := []byte("test db content")
+ if err := fsys.WriteFile("usr/lib/apk/db/installed", idbContent, 0644);
err != nil {
+ t.Fatalf("failed to create installed DB file: %v", err)
+ }
+
+ // Create test packages for multiple layers
+ pkg1 := &apk.Package{
+ Name: "pkg1",
+ Origin: "pkg1",
+ Version: "1.0.0",
+ InstalledSize: 1000,
+ }
+ pkg2 := &apk.Package{
+ Name: "pkg2",
+ Origin: "pkg2",
+ Version: "1.0.0",
+ InstalledSize: 2000,
+ }
+
+ // Create package groups (this will result in multiple layers)
+ groups := []*group{
+ {pkgs: []*apk.Package{pkg1}, size: 1000, tiebreaker: "pkg1"},
+ {pkgs: []*apk.Package{pkg2}, size: 2000, tiebreaker: "pkg2"},
+ }
+
+ // Create package diffs (minimal content for each package)
+ pkgToDiff := map[*apk.Package][]byte{
+ pkg1: []byte("pkg1 info\n"),
+ pkg2: []byte("pkg2 info\n"),
+ }
+
+ // Create temp directory for layer files
+ tmpDir, err := os.MkdirTemp("", "layer-test-*")
+ if err != nil {
+ t.Fatalf("failed to create temp dir: %v", err)
+ }
+ defer os.RemoveAll(tmpDir)
+
+ // Call splitLayers to create the layers
+ ctx := context.Background()
+ layers, err := splitLayers(ctx, fsys, groups, pkgToDiff, tmpDir)
+ if err != nil {
+ t.Fatalf("splitLayers failed: %v", err)
+ }
+
+ // We expect 3 layers: one for each package group + top layer
+ if len(layers) != 3 {
+ t.Fatalf("expected 3 layers, got %d", len(layers))
+ }
+
+ wantDirs := map[string]struct{}{
+ "usr": {},
+ "usr/lib": {},
+ "usr/lib/apk": {},
+ "usr/lib/apk/db": {},
+ }
+
+ foundDirs := map[string]struct{}{}
+
+ // Check each of the first 2 layers (package layers) for directory and
file
+ for i := range 2 {
+ layer := layers[i]
+
+ // Get layer content as tar reader
+ rc, err := layer.Uncompressed()
+ if err != nil {
+ t.Fatalf("failed to get layer %d content: %v", i, err)
+ }
+
+ tr := tar.NewReader(rc)
+
+ for {
+ header, err := tr.Next()
+ if err == io.EOF {
+ break
+ }
+ if err != nil {
+ t.Fatalf("failed to read tar entry in layer %d:
%v", i, err)
+ }
+
+ // Check for the parent directory
+ if _, ok := wantDirs[header.Name]; ok &&
header.Typeflag == tar.TypeDir {
+ foundDirs[header.Name] = struct{}{}
+ }
+
+ // Check for the installed DB file
+ if header.Name == "usr/lib/apk/db/installed" &&
header.Typeflag == tar.TypeReg {
+ // Verify the file has content
+ content, err := io.ReadAll(tr)
+ if err != nil {
+ t.Fatalf("failed to read installed DB
content in layer %d: %v", i, err)
+ }
+ if len(content) == 0 {
+ t.Errorf("installed DB file in layer %d
is empty", i)
+ }
+ }
+ }
+
+ rc.Close()
+
+ // Verify both directory and file were found
+ for dir := range wantDirs {
+ if _, ok := foundDirs[dir]; !ok {
+ t.Errorf("layer %d missing parent directory %q
- this indicates the directory creation fix is not working", i, dir)
+ }
+ }
+ }
+}
++++++ apko.obsinfo ++++++
--- /var/tmp/diff_new_pack.sBdsZu/_old 2025-07-24 18:49:52.764561248 +0200
+++ /var/tmp/diff_new_pack.sBdsZu/_new 2025-07-24 18:49:52.768561414 +0200
@@ -1,5 +1,5 @@
name: apko
-version: 0.29.7
-mtime: 1752708864
-commit: 28bb8ff0e706fea7812008bb8c7e2305710aacba
+version: 0.29.9
+mtime: 1753121290
+commit: 249040d757402713b515281a333ea5042050c471
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/apko/vendor.tar.gz
/work/SRC/openSUSE:Factory/.apko.new.13279/vendor.tar.gz differ: char 19, line 1
