Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package go-containerregistry for openSUSE:Factory checked in at 2023-01-03 15:05:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/go-containerregistry (Old) and /work/SRC/openSUSE:Factory/.go-containerregistry.new.1563 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "go-containerregistry" Tue Jan 3 15:05:38 2023 rev:3 rq:1046393 version:0.12.1 Changes: -------- --- /work/SRC/openSUSE:Factory/go-containerregistry/go-containerregistry.changes 2022-12-15 19:26:16.900423785 +0100 +++ /work/SRC/openSUSE:Factory/.go-containerregistry.new.1563/go-containerregistry.changes 2023-01-03 15:05:58.402722784 +0100 @@ -1,0 +2,10 @@ +Mon Jan 2 22:05:28 UTC 2023 - Dirk Müller <dmuel...@suse.com> + +- update to 0.12.1: + * Fix context.DeadlineExceeded comparison (#1488) + * Fix missing body.Close() in bearer auth (#1482) + * bump version of slsa generator (#1468) + * crane: add catalog argument use annotation (#1473) + * k8schain: Log and proceed if secret or SA are not found + +------------------------------------------------------------------- Old: ---- go-containerregistry-0.12.0.tar.gz New: ---- go-containerregistry-0.12.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ go-containerregistry.spec ++++++ --- /var/tmp/diff_new_pack.mCEF13/_old 2023-01-03 15:06:00.422734574 +0100 +++ /var/tmp/diff_new_pack.mCEF13/_new 2023-01-03 15:06:00.430734620 +0100 @@ -1,7 +1,7 @@ # # spec file for package go-containerregistry # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %global goipath github.com/google/go-containerregistry Name: go-containerregistry -Version: 0.12.0 +Version: 0.12.1 Release: 0 Summary: Container Library and tools for working with container registries License: Apache-2.0 ++++++ go-containerregistry-0.12.0.tar.gz -> go-containerregistry-0.12.1.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/.github/workflows/release.yml new/go-containerregistry-0.12.1/.github/workflows/release.yml --- old/go-containerregistry-0.12.0/.github/workflows/release.yml 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/.github/workflows/release.yml 2022-11-10 04:01:22.000000000 +0100 @@ -17,7 +17,7 @@ with: go-version: 1.17 check-latest: true - - uses: goreleaser/goreleaser-action@v3.1.0 + - uses: goreleaser/goreleaser-action@v3.2.0 id: run-goreleaser with: version: latest @@ -40,7 +40,7 @@ actions: read # To read the workflow path. id-token: write # To sign the provenance. contents: write # To add assets to a release. - uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.0 + uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.2.1 with: base64-subjects: "${{ needs.goreleaser.outputs.hashes }}" upload-assets: true # upload to a new release diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/.github/workflows/style.yaml new/go-containerregistry-0.12.1/.github/workflows/style.yaml --- old/go-containerregistry-0.12.0/.github/workflows/style.yaml 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/.github/workflows/style.yaml 2022-11-10 04:01:22.000000000 +0100 @@ -28,7 +28,7 @@ go-version: 1.18 check-latest: true - - uses: golangci/golangci-lint-action@v3.2.0 + - uses: golangci/golangci-lint-action@v3.3.0 with: version: v1.45.2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/cmd/crane/cmd/catalog.go new/go-containerregistry-0.12.1/cmd/crane/cmd/catalog.go --- old/go-containerregistry-0.12.0/cmd/crane/cmd/catalog.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/cmd/crane/cmd/catalog.go 2022-11-10 04:01:22.000000000 +0100 @@ -16,17 +16,28 @@ import ( "fmt" + "os" + "strings" "github.com/google/go-containerregistry/pkg/crane" "github.com/spf13/cobra" ) // NewCmdCatalog creates a new cobra.Command for the repos subcommand. -func NewCmdCatalog(options *[]crane.Option) *cobra.Command { +func NewCmdCatalog(options *[]crane.Option, argv ...string) *cobra.Command { + if len(argv) == 0 { + argv = []string{os.Args[0]} + } + + baseCmd := strings.Join(argv, " ") + eg := fmt.Sprintf(` # list the repos for reg.example.com + $ %s catalog reg.example.com`, baseCmd) + return &cobra.Command{ - Use: "catalog", - Short: "List the repos in a registry", - Args: cobra.ExactArgs(1), + Use: "catalog [REGISTRY]", + Short: "List the repos in a registry", + Example: eg, + Args: cobra.ExactArgs(1), RunE: func(_ *cobra.Command, args []string) error { reg := args[0] repos, err := crane.Catalog(reg, *options...) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/cmd/crane/cmd/root.go new/go-containerregistry-0.12.1/cmd/crane/cmd/root.go --- old/go-containerregistry-0.12.0/cmd/crane/cmd/root.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/cmd/crane/cmd/root.go 2022-11-10 04:01:22.000000000 +0100 @@ -96,7 +96,7 @@ NewCmdAppend(&options), NewCmdAuth(options, "crane", "auth"), NewCmdBlob(&options), - NewCmdCatalog(&options), + NewCmdCatalog(&options, "crane"), NewCmdConfig(&options), NewCmdCopy(&options), NewCmdDelete(&options), diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/cmd/crane/doc/crane_catalog.md new/go-containerregistry-0.12.1/cmd/crane/doc/crane_catalog.md --- old/go-containerregistry-0.12.0/cmd/crane/doc/crane_catalog.md 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/cmd/crane/doc/crane_catalog.md 2022-11-10 04:01:22.000000000 +0100 @@ -3,7 +3,14 @@ List the repos in a registry ``` -crane catalog [flags] +crane catalog [REGISTRY] [flags] +``` + +### Examples + +``` + # list the repos for reg.example.com + $ crane catalog reg.example.com ``` ### Options diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/internal/retry/retry.go new/go-containerregistry-0.12.1/internal/retry/retry.go --- old/go-containerregistry-0.12.0/internal/retry/retry.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/internal/retry/retry.go 2022-11-10 04:01:22.000000000 +0100 @@ -18,6 +18,7 @@ import ( "context" + "errors" "fmt" "github.com/google/go-containerregistry/internal/retry/wait" @@ -36,7 +37,7 @@ // IsTemporary returns true if err implements Temporary() and it returns true. func IsTemporary(err error) bool { - if err == context.DeadlineExceeded { + if errors.Is(err, context.DeadlineExceeded) { return false } if te, ok := err.(temporary); ok && te.Temporary() { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/internal/retry/retry_test.go new/go-containerregistry-0.12.1/internal/retry/retry_test.go --- old/go-containerregistry-0.12.0/internal/retry/retry_test.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/internal/retry/retry_test.go 2022-11-10 04:01:22.000000000 +0100 @@ -17,6 +17,8 @@ import ( "context" "fmt" + "net/http" + "net/url" "testing" ) @@ -55,6 +57,14 @@ predicate: IsTemporary, err: context.DeadlineExceeded, shouldRetry: false, + }, { + predicate: IsTemporary, + err: &url.Error{ + Op: http.MethodPost, + URL: "http://127.0.0.1:56520/v2/example/blobs/uploads/", + Err: context.DeadlineExceeded, + }, + shouldRetry: false, }} { // Make sure we retry 5 times if we shouldRetry. steps := 5 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/pkg/authn/kubernetes/keychain.go new/go-containerregistry-0.12.1/pkg/authn/kubernetes/keychain.go --- old/go-containerregistry-0.12.0/pkg/authn/kubernetes/keychain.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/pkg/authn/kubernetes/keychain.go 2022-11-10 04:01:22.000000000 +0100 @@ -25,7 +25,9 @@ "strings" "github.com/google/go-containerregistry/pkg/authn" + "github.com/google/go-containerregistry/pkg/logs" corev1 "k8s.io/api/core/v1" + k8serrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/client-go/kubernetes" "k8s.io/client-go/rest" @@ -65,7 +67,10 @@ var pullSecrets []corev1.Secret for _, name := range opt.ImagePullSecrets { ps, err := client.CoreV1().Secrets(opt.Namespace).Get(ctx, name, metav1.GetOptions{}) - if err != nil { + if k8serrors.IsNotFound(err) { + logs.Warn.Printf("secret %s/%s not found; ignoring", opt.Namespace, name) + continue + } else if err != nil { return nil, err } pullSecrets = append(pullSecrets, *ps) @@ -73,15 +78,22 @@ // Second, fetch all of the pull secrets attached to our service account. sa, err := client.CoreV1().ServiceAccounts(opt.Namespace).Get(ctx, opt.ServiceAccountName, metav1.GetOptions{}) - if err != nil { + if k8serrors.IsNotFound(err) { + logs.Warn.Printf("serviceaccount %s/%s not found; ignoring", opt.Namespace, opt.ServiceAccountName) + } else if err != nil { return nil, err } - for _, localObj := range sa.ImagePullSecrets { - ps, err := client.CoreV1().Secrets(opt.Namespace).Get(ctx, localObj.Name, metav1.GetOptions{}) - if err != nil { - return nil, err + if sa != nil { + for _, localObj := range sa.ImagePullSecrets { + ps, err := client.CoreV1().Secrets(opt.Namespace).Get(ctx, localObj.Name, metav1.GetOptions{}) + if k8serrors.IsNotFound(err) { + logs.Warn.Printf("secret %s/%s not found; ignoring", opt.Namespace, localObj.Name) + continue + } else if err != nil { + return nil, err + } + pullSecrets = append(pullSecrets, *ps) } - pullSecrets = append(pullSecrets, *ps) } return NewFromPullSecrets(ctx, pullSecrets) @@ -236,8 +248,9 @@ // glob wild cards in the host name. // // Examples: -// globURL=*.docker.io, targetURL=blah.docker.io => match -// globURL=*.docker.io, targetURL=not.right.io => no match +// +// globURL=*.docker.io, targetURL=blah.docker.io => match +// globURL=*.docker.io, targetURL=not.right.io => no match // // Note that we don't support wildcards in ports and paths yet. func urlsMatch(globURL *url.URL, targetURL *url.URL) (bool, error) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/pkg/authn/kubernetes/keychain_test.go new/go-containerregistry-0.12.1/pkg/authn/kubernetes/keychain_test.go --- old/go-containerregistry-0.12.0/pkg/authn/kubernetes/keychain_test.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/pkg/authn/kubernetes/keychain_test.go 2022-11-10 04:01:22.000000000 +0100 @@ -89,6 +89,41 @@ testResolve(t, kc, registry(t, "fake.registry.io"), authn.Anonymous) } +func TestSecretNotFound(t *testing.T) { + client := fakeclient.NewSimpleClientset(&corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + Namespace: "default", + }, + }) + + kc, err := New(context.Background(), client, Options{ + ImagePullSecrets: []string{"not-found"}, + }) + if err != nil { + t.Errorf("New() = %v", err) + } + + testResolve(t, kc, registry(t, "fake.registry.io"), authn.Anonymous) +} + +func TestServiceAccountNotFound(t *testing.T) { + client := fakeclient.NewSimpleClientset(&corev1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + Namespace: "default", + }, + }) + kc, err := New(context.Background(), client, Options{ + ServiceAccountName: "not-found", + }) + if err != nil { + t.Errorf("New() = %v", err) + } + + testResolve(t, kc, registry(t, "fake.registry.io"), authn.Anonymous) +} + func TestAttachedServiceAccount(t *testing.T) { username, password := "foo", "bar" client := fakeclient.NewSimpleClientset(&corev1.ServiceAccount{ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/go-containerregistry-0.12.0/pkg/v1/remote/transport/bearer.go new/go-containerregistry-0.12.1/pkg/v1/remote/transport/bearer.go --- old/go-containerregistry-0.12.0/pkg/v1/remote/transport/bearer.go 2022-10-19 22:27:46.000000000 +0200 +++ new/go-containerregistry-0.12.1/pkg/v1/remote/transport/bearer.go 2022-11-10 04:01:22.000000000 +0100 @@ -87,6 +87,9 @@ // If we hit a WWW-Authenticate challenge, it might be due to expired tokens or insufficient scope. if challenges := authchallenge.ResponseChallenges(res); len(challenges) != 0 { + // close out old response, since we will not return it. + res.Body.Close() + newScopes := []string{} for _, wac := range challenges { // TODO(jonjohnsonjr): Should we also update "realm" or "service"? ++++++ vendor.tar.gz ++++++