fix buildah push description #1
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Huamin Chen <hchen@redhat.com>
Author
|
oops, should be against atomic repo. |
rhatdan
pushed a commit
that referenced
this pull request
Jun 15, 2020
2397: Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 r=rhatdan a=dependabot-preview[bot] Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0-rc9 to 1.0.0-rc90. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/opencontainers/runc/releases">github.com/opencontainers/runc's releases</a>.</em></p> <blockquote> <h2>runc 1.0-rc90 -- "We Have To Go Back!"</h2> <p>This release is <em>identical</em> to v1.0.0-rc10 (and thus the version string in the binary will be v1.0.0-rc10).</p> <p>The purpose of this release is to resolve an issue with our versioning scheme (in particular, the format we've used under SemVer means that the "-rcNN" string suffix is sorted lexicographically rather than in the classic <code>sort -V</code> order).</p> <p>Because we cannot do a post-1.0 release yet, this is a workaround to make sure that systems such as Go modules correctly update to the latest runc release. See <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2399">#2399</a> for more details.</p> <p>The next release (which would've originally been called -rc11) will be 1.0.0-rc91. I'm sorry.</p> <p>Signed-off-by: Aleksa Sarai <a href="mailto:asarai@suse.de">asarai@suse.de</a></p> <h2>runc 1.0-rc10 -- "Procfs Strikes Back"</h2> <p>This is a hot-fix for v1.0.0~rc9, primarily fixing CVE-2019-19921. Given that the <a href="https://github-redirect.dependabot.com/opencontainers/runtime-spec/pull/1008">relevant runtime-spec PR which was considered a blocker has been merged</a> the next rc release of runc should be the last one before 1.0.0.</p> <p>Other notable changes include:</p> <ul> <li>Fixing an exec-fifo race that could be triggered under Kubernetes (opencontainers/runc#2185).</li> <li>Partial cgroupv2 support (opencontainers/runc#2209 for remaining issues).</li> </ul> <p>Thanks to the following people who made this release possible:</p> <ul> <li>Akihiro Suda <a href="mailto:akihiro.suda.cz@hco.ntt.co.jp">akihiro.suda.cz@hco.ntt.co.jp</a></li> <li>Aleksa Sarai <a href="mailto:asarai@suse.de">asarai@suse.de</a></li> <li>James Peach <a href="mailto:jpeach@apache.org">jpeach@apache.org</a></li> <li>Jordan Liggitt <a href="mailto:liggitt@google.com">liggitt@google.com</a></li> <li>Julia Nedialkova <a href="mailto:julianedialkova@hotmail.com">julianedialkova@hotmail.com</a></li> <li>Julio Montes <a href="mailto:julio.montes@intel.com">julio.montes@intel.com</a></li> <li>Kevin Kelani <a href="mailto:kkelani@gmail.com">kkelani@gmail.com</a></li> <li>Kurnia D Win <a href="mailto:kurnia.d.win@gmail.com">kurnia.d.win@gmail.com</a></li> <li>Manuel Rüger <a href="mailto:manuel@rueg.eu">manuel@rueg.eu</a></li> <li>Michael Crosby <a href="mailto:crosbymichael@gmail.com">crosbymichael@gmail.com</a></li> <li>Mrunal Patel <a href="mailto:mrunal@me.com">mrunal@me.com</a></li> <li>Qiang Huang <a href="mailto:h.huangqiang@huawei.com">h.huangqiang@huawei.com</a></li> <li>Radostin Stoyanov <a href="mailto:rstoyanov1@gmail.com">rstoyanov1@gmail.com</a></li> <li>Sascha Grunert <a href="mailto:sgrunert@suse.com">sgrunert@suse.com</a></li> <li>tianye15 <a href="mailto:tianye15@yq01-ps-www007cc6e83.yq01.baidu.com">tianye15@yq01-ps-www007cc6e83.yq01.baidu.com</a></li> </ul> <p>Vote: <code>+4 -0 [#1](https://github.com/opencontainers/runc/issues/1)</code> Signed-off-by: Aleksa Sarai <a href="mailto:asarai@suse.de">asarai@suse.de</a></p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/opencontainers/runc/commit/dc9208a3303feef5b3839f4323d9beb36df0a9dd"><code>dc9208a</code></a> VERSION: update to 1.0.0~rc10</li> <li><a href="https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0"><code>2fc03cc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2207">#2207</a> from cyphar/fix-double-volume-attack</li> <li><a href="https://github.com/opencontainers/runc/commit/3291d66b98445bd7f7d02eac7f2bca2ac2c56942"><code>3291d66</code></a> rootfs: do not permit /proc mounts to non-directories</li> <li><a href="https://github.com/opencontainers/runc/commit/f6fb7a0338c3ea8488bd9bd7cc7667b113aff8d8"><code>f6fb7a0</code></a> merge branch 'pr-2133'</li> <li><a href="https://github.com/opencontainers/runc/commit/709377ca558df88ea538852c9310b700f140fc9b"><code>709377c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2198">#2198</a> from AkihiroSuda/criu-master</li> <li><a href="https://github.com/opencontainers/runc/commit/55f8c254beb00f916c115a7034f7eee0cfd657a1"><code>55f8c25</code></a> temporarily disable CRIU tests</li> <li><a href="https://github.com/opencontainers/runc/commit/5c20ea1472dbeeebdb1bcef31a09888890a25b3a"><code>5c20ea1</code></a> fix merging <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2177">#2177</a> and <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2169">#2169</a></li> <li><a href="https://github.com/opencontainers/runc/commit/5cc0deaf7a089a91a5ce4b81f835b64fcc4778d6"><code>5cc0dea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2169">#2169</a> from AkihiroSuda/split-fs</li> <li><a href="https://github.com/opencontainers/runc/commit/2b52db75279ca687e18156de86d845876e9ef35d"><code>2b52db7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2177">#2177</a> from devimc/topic/libcontainer/kata-containers</li> <li><a href="https://github.com/opencontainers/runc/commit/a88592a63474e6976030b4fbded41dd445152236"><code>a88592a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2185">#2185</a> from liggitt/exec-race</li> <li>Additional commits viewable in <a href="https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc90">compare view</a></li> </ul> </details> <br /> [](https://dependabot.com/compatibility-score/?dependency-name=github.com/opencontainers/runc&package-manager=go_modules&previous-version=1.0.0-rc9&new-version=1.0.0-rc90) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) </details> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
rhatdan
added a commit
that referenced
this pull request
Oct 31, 2020
This subtle bug keeps lurking in because error checking for `Mkdir()` and `MkdirAll()` is slightly different wrt `EEXIST`/`IsExist`: - for `Mkdir()`, `IsExist` error should (usually) be ignored (unless you want to make sure directory was not there before) as it means "the destination directory was already there"; - for `MkdirAll()`, `IsExist` error should NEVER be ignored. This commit removes ignoring the IsExist error, as it should not be ignored. [v2: skip patching (*Builder).Run] For more details, a quote from opencontainers/runc PR containers#162: -quote- TL;DR: check for IsExist(err) after a failed MkdirAll() is both redundant and wrong -- so two reasons to remove it. Quoting MkdirAll documentation: > MkdirAll creates a directory named path, along with any necessary > parents, and returns nil, or else returns an error. If path > is already a directory, MkdirAll does nothing and returns nil. This means two things: 1. If a directory to be created already exists, no error is returned. 2. If the error returned is IsExist (EEXIST), it means there exists a non-directory with the same name as MkdirAll need to use for directory. Example: we want to MkdirAll("a/b"), but file "a" (or "a/b") already exists, so MkdirAll fails. The above is a theory, based on quoted documentation and my UNIX knowledge. 3. In practice, though, current MkdirAll implementation [1] returns ENOTDIR in most of cases described in #2, with the exception when there is a race between MkdirAll and someone else creating the last component of MkdirAll argument as a file. In this very case MkdirAll() will indeed return EEXIST. Because of #1, IsExist check after MkdirAll is not needed. Because of #2 and #3, ignoring IsExist error is just plain wrong, as directory we require is not created. It's cleaner to report the error now. Note this error is all over the tree, I guess due to copy-paste, or trying to follow the same usage pattern as for Mkdir(), or some not quite correct examples on the Internet. > [1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go -end-quote- Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
rhatdan
added a commit
that referenced
this pull request
Nov 3, 2020
This subtle bug keeps lurking in because error checking for `Mkdir()` and `MkdirAll()` is slightly different wrt `EEXIST`/`IsExist`: - for `Mkdir()`, `IsExist` error should (usually) be ignored (unless you want to make sure directory was not there before) as it means "the destination directory was already there"; - for `MkdirAll()`, `IsExist` error should NEVER be ignored. This commit removes ignoring the IsExist error, as it should not be ignored. [v2: skip patching (*Builder).Run] For more details, a quote from opencontainers/runc PR containers#162: -quote- TL;DR: check for IsExist(err) after a failed MkdirAll() is both redundant and wrong -- so two reasons to remove it. Quoting MkdirAll documentation: > MkdirAll creates a directory named path, along with any necessary > parents, and returns nil, or else returns an error. If path > is already a directory, MkdirAll does nothing and returns nil. This means two things: 1. If a directory to be created already exists, no error is returned. 2. If the error returned is IsExist (EEXIST), it means there exists a non-directory with the same name as MkdirAll need to use for directory. Example: we want to MkdirAll("a/b"), but file "a" (or "a/b") already exists, so MkdirAll fails. The above is a theory, based on quoted documentation and my UNIX knowledge. 3. In practice, though, current MkdirAll implementation [1] returns ENOTDIR in most of cases described in #2, with the exception when there is a race between MkdirAll and someone else creating the last component of MkdirAll argument as a file. In this very case MkdirAll() will indeed return EEXIST. Because of #1, IsExist check after MkdirAll is not needed. Because of #2 and #3, ignoring IsExist error is just plain wrong, as directory we require is not created. It's cleaner to report the error now. Note this error is all over the tree, I guess due to copy-paste, or trying to follow the same usage pattern as for Mkdir(), or some not quite correct examples on the Internet. > [1] https://github.com/golang/go/blob/f9ed2f75/src/os/path.go -end-quote- Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.