From 5cb269a09a301db0f7e44468819aeadb301117cc Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Thu, 10 Nov 2022 10:29:37 -0800 Subject: [PATCH 1/2] vendor: update fsutil to 9ed61262 Fixes a possible panic on accessing nil fileinfo. Signed-off-by: Tonis Tiigi --- go.mod | 2 +- go.sum | 4 ++-- vendor/github.com/tonistiigi/fsutil/walker.go | 20 ++++++++++++------- vendor/modules.txt | 2 +- 4 files changed, 17 insertions(+), 11 deletions(-) diff --git a/go.mod b/go.mod index 49f906711fb2..8a8ff6ef2f16 100644 --- a/go.mod +++ b/go.mod @@ -49,7 +49,7 @@ require ( github.com/serialx/hashring v0.0.0-20190422032157-8b2912629002 github.com/sirupsen/logrus v1.8.1 github.com/stretchr/testify v1.7.0 - github.com/tonistiigi/fsutil v0.0.0-20220115021204-b19f7f9cb274 + github.com/tonistiigi/fsutil v0.0.0-20220315205639-9ed612626da3 github.com/tonistiigi/go-actions-cache v0.0.0-20220404170428-0bdeb6e1eac7 github.com/tonistiigi/go-archvariant v1.0.0 github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea diff --git a/go.sum b/go.sum index 52e9a755abc7..f1737a44707f 100644 --- a/go.sum +++ b/go.sum @@ -1241,8 +1241,8 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20201229170055-e5319fda7802/go.mod h1 github.com/tommy-muehle/go-mnd v1.1.1/go.mod h1:dSUh0FtTP8VhvkL1S+gUR1OKd9ZnSaozuI6r3m6wOig= github.com/tommy-muehle/go-mnd v1.3.1-0.20200224220436-e6f9a994e8fa/go.mod h1:dSUh0FtTP8VhvkL1S+gUR1OKd9ZnSaozuI6r3m6wOig= github.com/tonistiigi/fsutil v0.0.0-20201103201449-0834f99b7b85/go.mod h1:a7cilN64dG941IOXfhJhlH0qB92hxJ9A1ewrdUmJ6xo= -github.com/tonistiigi/fsutil v0.0.0-20220115021204-b19f7f9cb274 h1:wbyZxD6IPFp0sl5uscMOJRsz5UKGFiNiD16e+MVfKZY= -github.com/tonistiigi/fsutil v0.0.0-20220115021204-b19f7f9cb274/go.mod h1:oPAfvw32vlUJSjyDcQ3Bu0nb2ON2B+G0dtVN/SZNJiA= +github.com/tonistiigi/fsutil v0.0.0-20220315205639-9ed612626da3 h1:T1pEe+WB3SCPVAfVquvfPfagKZU2Z8c1OP3SuGB+id0= +github.com/tonistiigi/fsutil v0.0.0-20220315205639-9ed612626da3/go.mod h1:oPAfvw32vlUJSjyDcQ3Bu0nb2ON2B+G0dtVN/SZNJiA= github.com/tonistiigi/go-actions-cache v0.0.0-20220404170428-0bdeb6e1eac7 h1:8eY6m1mjgyB8XySUR7WvebTM8D/Vs86jLJzD/Tw7zkc= github.com/tonistiigi/go-actions-cache v0.0.0-20220404170428-0bdeb6e1eac7/go.mod h1:qqvyZqkfwkoJuPU/bw61bItaoO0SJ8YSW0vSVRRvsRg= github.com/tonistiigi/go-archvariant v1.0.0 h1:5LC1eDWiBNflnTF1prCiX09yfNHIxDC/aukdhCdTyb0= diff --git a/vendor/github.com/tonistiigi/fsutil/walker.go b/vendor/github.com/tonistiigi/fsutil/walker.go index d0b5114b4038..83045bec850f 100644 --- a/vendor/github.com/tonistiigi/fsutil/walker.go +++ b/vendor/github.com/tonistiigi/fsutil/walker.go @@ -123,7 +123,13 @@ func Walk(ctx context.Context, p string, opt *WalkOpt, fn filepath.WalkFunc) err return nil } - var dir visitedDir + var ( + dir visitedDir + isDir bool + ) + if fi != nil { + isDir = fi.IsDir() + } if includeMatcher != nil || excludeMatcher != nil { for len(parentDirs) != 0 { @@ -134,7 +140,7 @@ func Walk(ctx context.Context, p string, opt *WalkOpt, fn filepath.WalkFunc) err parentDirs = parentDirs[:len(parentDirs)-1] } - if fi.IsDir() { + if isDir { dir = visitedDir{ fi: fi, path: path, @@ -156,12 +162,12 @@ func Walk(ctx context.Context, p string, opt *WalkOpt, fn filepath.WalkFunc) err return errors.Wrap(err, "failed to match includepatterns") } - if fi.IsDir() { + if isDir { dir.includeMatchInfo = matchInfo } if !m { - if fi.IsDir() && onlyPrefixIncludes { + if isDir && onlyPrefixIncludes { // Optimization: we can skip walking this dir if no include // patterns could match anything inside it. dirSlash := path + string(filepath.Separator) @@ -191,12 +197,12 @@ func Walk(ctx context.Context, p string, opt *WalkOpt, fn filepath.WalkFunc) err return errors.Wrap(err, "failed to match excludepatterns") } - if fi.IsDir() { + if isDir { dir.excludeMatchInfo = matchInfo } if m { - if fi.IsDir() && onlyPrefixExcludeExceptions { + if isDir && onlyPrefixExcludeExceptions { // Optimization: we can skip walking this dir if no // exceptions to exclude patterns could match anything // inside it. @@ -230,7 +236,7 @@ func Walk(ctx context.Context, p string, opt *WalkOpt, fn filepath.WalkFunc) err if includeMatcher != nil || excludeMatcher != nil { defer func() { - if fi.IsDir() { + if isDir { parentDirs = append(parentDirs, dir) } }() diff --git a/vendor/modules.txt b/vendor/modules.txt index 3bfb8330e07e..5a48015b050c 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -449,7 +449,7 @@ github.com/sirupsen/logrus ## explicit; go 1.13 github.com/stretchr/testify/assert github.com/stretchr/testify/require -# github.com/tonistiigi/fsutil v0.0.0-20220115021204-b19f7f9cb274 +# github.com/tonistiigi/fsutil v0.0.0-20220315205639-9ed612626da3 ## explicit; go 1.13 github.com/tonistiigi/fsutil github.com/tonistiigi/fsutil/copy From cd96f9074fc40de24f7c8bd4ab06100733dae378 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Thu, 10 Nov 2022 10:35:26 -0800 Subject: [PATCH 2/2] v0.10: update main Dockerfile to Go 1.18 Go1.17 is EOL and shows up in vulnerability scanners. Intentionally didn't update the examples and linters as not critical for a patch release. Signed-off-by: Tonis Tiigi --- .github/workflows/build.yml | 2 +- Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f60b45f1f5cb..0035e6c73bd4 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -143,7 +143,7 @@ jobs: name: Set up Go uses: actions/setup-go@v2 with: - go-version: 1.16 + go-version: 1.18 - name: Cache Go modules uses: actions/cache@v2 diff --git a/Dockerfile b/Dockerfile index f36534b26adf..259d2b247cda 100644 --- a/Dockerfile +++ b/Dockerfile @@ -22,7 +22,7 @@ RUN apk add --no-cache git # xx is a helper for cross-compilation FROM --platform=$BUILDPLATFORM tonistiigi/xx@sha256:1e96844fadaa2f9aea021b2b05299bc02fe4c39a92d8e735b93e8e2b15610128 AS xx -FROM --platform=$BUILDPLATFORM golang:1.17-alpine AS golatest +FROM --platform=$BUILDPLATFORM golang:1.18-alpine AS golatest # gobuild is base stage for compiling go/cgo FROM golatest AS gobuild-base