From ebe590c7f1f2d28c23c0f72a68c4eec84687ba82c81775d609f87cfa94224a20 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 3 May 2024 11:26:24 +0200 Subject: [PATCH] Sync from SUSE:SLFO:Main buildah revision 3978092f3c26d9c1fee1e7ddac8b0f0c --- .gitattributes | 23 + _service | 18 + _servicedata | 4 + buildah-1.34.0.tar.xz | 3 + buildah-rpmlintrc | 5 + buildah.changes | 3275 +++++++++++++++++++++++++++++++++++++++++ buildah.spec | 105 ++ 7 files changed, 3433 insertions(+) create mode 100644 .gitattributes create mode 100644 _service create mode 100644 _servicedata create mode 100644 buildah-1.34.0.tar.xz create mode 100644 buildah-rpmlintrc create mode 100644 buildah.changes create mode 100644 buildah.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/_service b/_service new file mode 100644 index 0000000..d10ae49 --- /dev/null +++ b/_service @@ -0,0 +1,18 @@ + + + https://github.com/containers/buildah.git + git + buildah + @PARENT_TAG@ + v(.*) + v1.34.0 + enable + + + *.tar + xz + + + buildah + + diff --git a/_servicedata b/_servicedata new file mode 100644 index 0000000..4508626 --- /dev/null +++ b/_servicedata @@ -0,0 +1,4 @@ + + + https://github.com/containers/buildah.git + 21ec7aceb20e475c00bb4d65ae3d5764c59ec997 \ No newline at end of file diff --git a/buildah-1.34.0.tar.xz b/buildah-1.34.0.tar.xz new file mode 100644 index 0000000..6785cf1 --- /dev/null +++ b/buildah-1.34.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:de9394dcb8ef52ce449cab479d6c75028559903025f8d281b8eeeaac355390a0 +size 11401860 diff --git a/buildah-rpmlintrc b/buildah-rpmlintrc new file mode 100644 index 0000000..4b4dbf3 --- /dev/null +++ b/buildah-rpmlintrc @@ -0,0 +1,5 @@ +addFilter (".* E: explicit-lib-dependency libcontainers-common") +addFilter (".* E: explicit-lib-dependency libcontainers-image") +addFilter (".* E: explicit-lib-dependency libcontainers-storage") +# intentionally disabled +addFilter (".* W: unstripped-binary-or-object /usr/bin/buildah") diff --git a/buildah.changes b/buildah.changes new file mode 100644 index 0000000..4b81e00 --- /dev/null +++ b/buildah.changes @@ -0,0 +1,3275 @@ +------------------------------------------------------------------- +Thu Feb 22 12:59:44 UTC 2024 - Thorsten Kukuk + +- Allow to disable apparmor support (ALP supports only SELinux) + +------------------------------------------------------------------- +Thu Dec 14 07:42:07 UTC 2023 - danish.prakash@suse.com + +- Drop 0001-set-makefile-target-entrypoint.gz-as-.PHONY-on-non-x.patch + (merged upstream; https://github.com/containers/buildah/pull/5183) +- Update to version 1.34.0: + * Bump to v1.34.0 + * fix(deps): update module github.com/containerd/containerd to v1.7.11 + * fix(deps): update github.com/containers/storage digest to 15c3cb7 + * fix(deps): update module github.com/onsi/ginkgo/v2 to v2.13.2 + * fix(deps): update github.com/containers/common digest to 630c929 + * fix(deps): update module github.com/moby/buildkit to v0.12.4 + * fix(deps): update github.com/openshift/imagebuilder digest to ef2a5fe + * [CI:DOCS] man pages: underscores, too-wide lines + * fix(deps): update module github.com/containerd/containerd to v1.7.10 + * run.bats: use --quiet --pull=false when using a prefetched image + * internal/mkcw/embed/entrypoint.gz: rename to include the arch + * internal/mkcw/embed/entrypoint.gz: compress with -n9 + * fix(deps): update module golang.org/x/crypto to v0.16.0 + * Integration tests: make skip_if_no_unshare check --map-users + * fix(deps): update module golang.org/x/term to v0.15.0 + * fix(deps): update module golang.org/x/sys to v0.15.0 + * fix(deps): update module github.com/onsi/ginkgo to v2 + * vendor: update c/{common,image,storage} + * run: Allow using just one jail per container on FreeBSD + * Remove makefile targets entrypoint{,.gz} for non x86_64 + +------------------------------------------------------------------- +Mon Nov 27 07:04:59 UTC 2023 - dcermak@suse.com + +- Update to version 1.33.2: + * [release-1.33.2] Bump to v1.33.2 + * Update minimum to golang 1.20 + * fix(deps): update module github.com/fsouza/go-dockerclient to v1.10.0 + * fix(deps): update module github.com/moby/buildkit to v0.12.3 + * Bump to v1.33.2-dev + +------------------------------------------------------------------- +Mon Nov 20 07:16:52 UTC 2023 - dcermak@suse.com + +- Add patch: + * 0001-set-makefile-target-entrypoint.gz-as-.PHONY-on-non-x.patch (fixes + builds on non x86_64) +- Update to version 1.33.1: + * Bump to v1.33.1 + * Bump to v1.31.2-dev + * Bump to v1.31.1 + * fix(deps): update module github.com/moby/buildkit to v0.11.4 [security] + * test,heredoc: use fedora instead of docker.io/library/python:latest + * Bump to v1.33.1-dev + * Bump to v1.33.0 + * Never omit layers for emptyLayer instructions when squashing/cwing + * Add OverrideChanges and OverrideConfig to CommitOptions + * buildah: add heredoc support for RUN, COPY and ADD + * vendor: bump imagebuilder to v1.2.6-0.20231110114814-35a50d57f722 + * conformance tests: archive the context directory as 0:0 (#5171) + * blobcacheinfo,test: blobs must be resued when pushing across registry + * Bump c/storage v1.51.0, c/image v5.29.0, c/common v0.57.0 + * pkg/util.MirrorToTempFileIfPathIsDescriptor(): don't leak an fd + * StageExecutor.Execute: force a commit for --unsetenv, too + * Increase a copier+chroot test timeout + * Add support for --compat-auth-file in login/logout + * Update existing tests for error message change + * Update c/image and c/common to latest + * fix(deps): update module github.com/containerd/containerd to v1.7.9 + * build: downgrade to go 1.20 + * Add godoc for pkg/parse.GetTempDir + * conformance tests: use go-dockerclient for BuildKit builds + * Make TEE types case-insensitive + * fix(deps): update module golang.org/x/crypto to v0.15.0 + * Tweak some help descriptions + * Stop using DefaultNetworkSysctl and use containers.conf only + * Implement ADD checksum flag #5135 + * vendor of openshift/imagebuilder #5135 + * Pass secrets from the host down to internal podman containers + * Update cirrus and version of golang + * image: replace GetStoreImage with ResolveReference + * vendor: bump c/image to 373c52a9466f + * pkg/parse.Platform(): minor simplification + * createConfigsAndManifests: clear history before cw-specific logic + * Use a constant definition instead of "scratch" + * conformance: use require.NoErrorf() more + * fix(deps): update module golang.org/x/term to v0.14.0 + * fix(deps): update module golang.org/x/sync to v0.5.0 + * fix(deps): update module github.com/spf13/cobra to v1.8.0 + * fix(deps): update module golang.org/x/sys to v0.14.0 + * fix(deps): update github.com/containers/common digest to 8354404 + * fix(deps): update module github.com/opencontainers/runc to v1.1.10 + * fix(deps): update github.com/containers/luksy digest to b5a7f79 + * Log the platform for build errors during multi-platform builds + * Use mask definitions from containers/common + * Vendor in latest containers/common + * fix(deps): update module github.com/containerd/containerd to v1.7.8 + * fix(deps): update module go.etcd.io/bbolt to v1.3.8 + * container.conf: support attributed string slices + * fix(deps): update module sigs.k8s.io/yaml to v1.4.0 + * Use cutil.StringInSlice rather then contains + * Add --no-hostname option to buildah containers + * vendor c/common: appendable containers.conf strings, Part 1 + * fix(deps): update module github.com/onsi/gomega to v1.28.1 + * chroot.setupChrootBindMounts: pay more attention to flags + * chore(deps): update dependency containers/automation_images to v20231004 + * Vendor containers/common + * chore(deps): update module golang.org/x/net to v0.17.0 [security] + * run: use internal.GetTempDir with os.MkdirTemp + * fix(deps): update module github.com/containerd/containerd to v1.7.7 + * imagebuildah,multi-stage: do not remove base images + * gitignore: add mkcw binary + * mkcw: remove entrypoint binaries + * fix(deps): update module golang.org/x/crypto to v0.14.0 + * fix(deps): update module golang.org/x/sys to v0.13.0 + * fix(deps): update module golang.org/x/sync to v0.4.0 + * Update some comments related to confidential workload + * Use the parent's image ID in the config that we pass to imagebuilder + * fix(deps): update github.com/containers/common digest to 8892536 + * fix(deps): update github.com/containers/luksy digest to 6df88cb + * bug: Ensure the mount type is always BindMount by default + * Protocol can be specified with --port. Ex. --port 514/udp + * fix(deps): update module github.com/onsi/gomega to v1.28.0 + * build,config: add support for --unsetlabel + * tests/bud: add tests + * [CI:BUILD] Packit: tag @containers/packit-build on copr build failures + * stage_executor: allow images without layers + * vendor of containers/common + * Removing selinux_tag.sh as no longer needed after 580356f [NO NEW TESTS NEEDED] + * add/copy: make sure we handle relative path names correctly + * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc5 + * Bump to v1.33.0-dev + * imagebuildah: consider ignorefile with --build-context + +------------------------------------------------------------------- +Wed Nov 01 07:26:09 UTC 2023 - dcermak@suse.com + +- Update to version 1.32.2: + * Mask /sys/devices/virtual/powercap by default + * tag v1.32.2 + +------------------------------------------------------------------- +Tue Oct 24 15:18:09 UTC 2023 - dcermak@suse.com + +- Update to version 1.32.1: + * tag v1.32.1 + * chroot.setupChrootBindMounts: pay more attention to flags + * .cirrus.yml: run tests relative to the release-1.32 branch + +------------------------------------------------------------------- +Fri Oct 6 13:23:05 UTC 2023 - Dan Čermák + +- Bump BuildRequired golang version to >= 1.21, fixes bsc#1216005 + +------------------------------------------------------------------- +Wed Sep 27 06:18:12 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.32.0: + * Tag v1.32.0 + * GetTmpDir is not using ImageCopyTmpdir correctly + * Run codespell on code + * Bump vendor containers/(common, storage, image) + * Cirrus: Remove multi-arch buildah image builds + * fix(deps): update module github.com/containerd/containerd to v1.7.6 + * Split GetTempDir from internal/util + * Move most of internal/parse to internal/volumes + * copier: remove libimage dependency via util package + * Add some docs for `build --cw`, `commit --cw`, and `mkcw` + * Add `buildah mkcw`, add `--cw` to `buildah commit` and `buildah build` + * Make sure that pathnames picked up from the environment are absolute + * fix(deps): update module github.com/cyphar/filepath-securejoin to v0.2.4 + * fix(deps): update module github.com/docker/docker to v24.0.6+incompatible + * Don't try to look up names when committing images + * fix(deps): update module golang.org/x/crypto to v0.13.0 + * docs: use valid github repo + * fix(deps): update module golang.org/x/sys to v0.12.0 + * vendor containers/common@12405381ff45 + * push: --force-compression should be true with --compression-format + * Update module github.com/containerd/containerd to v1.7.5 + * [skip-ci] Update tim-actions/commit-message-checker-with-regex action to v0.3.2 + * docs: add reference to oci-hooks + * Support passing of ULimits as -1 to mean max + * GHA: Attempt to fix discussion_lock workflow + * Fixing the owner of the storage.conf. + * pkg/chrootuser: Ignore comments when parsing /etc/group on FreeBSD + * Use buildah repo rather then podman repo + * GHA: Closed issue/PR comment-lock test + * fix(deps): update module github.com/containers/storage to v1.49.0 + * chore(deps): update dependency containers/automation_images to v20230816 + * Replace troff code with markdown in buildah-{copy,add}.1.md + * [CI:BUILD] rpm: spdx compatible license field + * executor: build-arg warnings must honor global args + * fix(deps): update module github.com/containers/ocicrypt to v1.1.8 + * chroot: `setSeccomp` add support for `ArchPARISC(64)` and `ArchRISCV64` + * make,cross: restore loong64 + * Clear CommonBuildOpts when loading Builder status + * buildah/push/manifest-push: add support for --force-compression + * vendor: bump c/common to v0.55.1-0.20230811093040-524b4d5c12f9 + * chore(deps): update dependency containers/automation_images to v20230809 + * [CI:BUILD] RPM: fix buildtags + * fix(deps): update module github.com/opencontainers/runc to v1.1.9 + * chore(deps): update dependency ubuntu to v22 + * chore(deps): update dependency containers/automation_images to v20230807 + * [CI:BUILD] Packit: add fedora-eln targets + * [CI:BUILD] RPM: build docs with vendored go-md2man + * packit: Build PRs into default packit COPRs + * Update install.md + * Update install.md changes current Debian stable version name + * fix(deps): update module golang.org/x/term to v0.11.0 + * fix(deps): update module golang.org/x/crypto to v0.12.0 + * tests: fix layer-label tests + * buildah: add --layer-label for setting labels on layers + * Cirrus: container/rootless env. var. passthrough + * Cirrus: Remove duplicate env. var. definitions + * fix(deps): update github.com/containers/storage digest to c3da76f + * Add a missing .Close() call on an ImageSource + * Create only a reference when that's all we need + * Add a missing .Close() call on an ImageDestination + * CI:BUILD] RPM: define gobuild macro for rhel/centos stream + * manifest/push: add support for --add-compression + * manifest/inspect: add support for tls-verify and authfile + * vendor: bump c/common to v0.55.1-0.20230727095721-647ed1d4d79a + * vendor: bump c/image to v5.26.1-0.20230726142307-8c387a14f4ac + * fix(deps): update module github.com/containerd/containerd to v1.7.3 + * fix(deps): update module github.com/onsi/gomega to v1.27.10 + * fix(deps): update module github.com/docker/docker to v24.0.5+incompatible + * fix(deps): update module github.com/containers/image/v5 to v5.26.1 + * fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0 + * Update vendor of containers/(storage,image,common) + * fix(deps): update module github.com/opencontainers/runc to v1.1.8 + * [CI:BUILD] Packit: remove pre-sync action + * fix(deps): update module github.com/containers/common to v0.55.2 + * [CI:BUILD] Packit: downstream task script needs GOPATH + * Vendor in containers/(common, image, storage) + * fix(deps): update module golang.org/x/term to v0.10.0 + * [CI:BUILD] Packit: fix pre-sync action for downstream tasks + * contrib/buildahimage: set config correctly for rootless build user + * fix(deps): update module github.com/opencontainers/image-spec to v1.1.0-rc4 + * Bump to v1.32.0-dev + * Update debian install instructions + * pkg/overlay: add limited support for FreeBSD + +------------------------------------------------------------------- +Wed Sep 13 06:04:08 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.31.3: + * [release-1.31] Bump to v1.31.3 + * [release-1.31] Bump c/common 0.55.4, c/image 5.26.2, c/storage 1.48.1 + * rpm: spdx compatible license field + * RPM: fix buildtags + * [release-1.31] Bump to v1.31.3-dev + +------------------------------------------------------------------- +Fri Aug 11 05:43:19 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.31.2: + * [release-1.31] Bump to v1.31.2 + * [release-1.31] Bump to v1.31.2-dev + * [release-1.31] Bump to v1.31.1 + * [release-1.31] Remove zstd:chunked from man, bump c/common to v0.55.3 + * [CI:BUILD] Packit: add fedora-eln targets + * [CI:BUILD] RPM: build docs with vendored go-md2man + * packit: Build PRs into default packit COPRs + * [CI:BUILD] Packit: remove pre-sync action + * CI:BUILD] RPM: define gobuild macro for rhel/centos stream + +------------------------------------------------------------------- +Thu Jul 20 15:49:31 UTC 2023 - dcermak@suse.com + +- Update to version 1.31.1: + * [release-1.31] Bump c/common + +------------------------------------------------------------------- +Mon Jul 03 06:10:49 UTC 2023 - dcermak@suse.com + +- Update to version 1.31.0: + * Bump 1.31.0 + * Bump c/common to 0.55.1 and c/image to 5.26.1 + * Update vendor of containers/common + * Run unit tests for copier and chroot without -cover + * Fix transition test to work with latest selinux policy + * Bump c/image to 5.26.0 and c/common to 0.54.0 + * chore: replace `github.com/ghodss/yaml` with `sigs.k8s.io/yaml` + * rootless: use default_rootless_network_cmd config + * vendor: update c/{common,image,storage} to latest + * chore: pkg imported more than once + * buildah: add pasta(1) support + * use slirp4netns package from c/common + * update c/common to latest + * add hostname to /etc/hosts when running with host network + * vendor: update c/common to latest + * [CI:BUILD] Packit: add jobs for downstream Fedora package builds + * fix(deps): update module golang.org/x/sync to v0.3.0 + * fix(deps): update module golang.org/x/crypto to v0.10.0 + * Add smoke tests for encryption CLI helpers + * fix(deps): update module golang.org/x/term to v0.9.0 + * fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0-rc.3 + * Remove device mapper support + * Remove use of deprecated tar.TypeRegA + * Update tooling to support newer golangci-lint + * Make cli.EncryptConfig,DecryptConfig, GetFormat public + * Don't decrypt images by default + * fix(deps): update module github.com/onsi/gomega to v1.27.8 + * fix(deps): update github.com/containers/storage digest to 3f3fb2f + * Renovate: Don't touch fragile test stuffs + * [CI:DOCS] Update comment to remove ambiguity + * fix(deps): update github.com/containers/image/v5 digest to abe5133 + * fix(deps): update module github.com/sirupsen/logrus to v1.9.3 + * fix(deps): update module github.com/containerd/containerd to v1.7.2 + * Explicitly ref. quay images for CI + * At startup, log the effective capabilities for debugging + * parse: use GetTempDir from internal utils + * GetTmpDir: honor image_copy_tmp_dir from containers.conf + * docs/Makefile: don't show sed invocations + * CI: Support testing w/ podman-next COPR packages + * intermediate-images inherit-label test: make it debuggable + * fix(deps): update github.com/containers/common digest to 462ccdd + * Add a warning to `--secret` docs + * vendor: bump c/storage to v1.46.2-0.20230526114421-55ee2d19292f + * executor: apply label to only final stage + * remove registry.centos.org + * Go back to setting SysProcAttr.Pdeathsig for child processes + * Fix auth.json path (validated on Fedora 38) wq Signed-off-by: Andreas Mack + * fix(deps): update module github.com/stretchr/testify to v1.8.3 + * CI: fix test broken by renovatebot + * chore(deps): update quay.io/libpod/testimage docker tag to v20221018 + * fix(deps): update module github.com/onsi/gomega to v1.27.7 + * test: use debian instead of docker.io/library/debian:testing-slim + * vendor: bump logrus to 1.9.2 + * [skip-ci] Update tim-actions/get-pr-commits action to v1.3.0 + * Revert "Proof of concept: nightly dependency treadmill" + * fix(deps): update module github.com/sirupsen/logrus to v1.9.1 + * vendor in containers/(common,storage,image) + * fix(deps): update module github.com/docker/distribution to v2.8.2+incompatible + * run: drop Pdeathsig + * chroot: lock thread before setPdeathsig + * tests: add a case for required=false + * fix(deps): update module github.com/openshift/imagebuilder to v1.2.5 + * build: validate volumes on backend + * secret: accept required flag w/o value + * fix(deps): update module github.com/containerd/containerd to v1.7.1 + * fix(deps): update module golang.org/x/crypto to v0.9.0 + * Update the demos README file to fix minor typos + * fix(deps): update module golang.org/x/sync to v0.2.0 + * fix(deps): update module golang.org/x/term to v0.8.0 + * manifest, push: use source as destination if not specified + * run,mount: remove path only if they didnt pre-exist + * Cirrus: Fix meta task failing to find commit + * parse: filter edge-case for podman-remote + * fix(deps): update module github.com/opencontainers/runc to v1.1.7 + * fix(deps): update module github.com/docker/docker to v23.0.5+incompatible + * build: --platform must accept only arch + * fix(deps): update module github.com/containers/common to v0.53.0 + * makefile: increase conformance timeout + * Cap suffixDigitsModulo to a 9-digits suffix. + * Rename conflict to suffixDigitsModulo + * fix(deps): update module github.com/opencontainers/runtime-spec to v1.1.0-rc.2 + * fix(deps): update module github.com/opencontainers/runc to v1.1.6 + * chore(deps): update centos docker tag to v8 + * Clarify the need for qemu-user-static package + * chore(deps): update quay.io/centos/centos docker tag to v8 + * Renovate: Ensure test/tools/go.mod is managed + * Revert "buildah image should not enable fuse-overlayfs for rootful mode" + * Bump to v1.31.0-dev + * parse: add support for relabel bind mount option + +------------------------------------------------------------------- +Mon Apr 10 05:32:16 UTC 2023 - danish.prakash@suse.com + +- Update to version 1.30.0: + * Bump to v1.30.0 + * fix(deps): update module github.com/containers/common to v0.52.0 + * fix(deps): update module golang.org/x/crypto to v0.8.0 + * chore(deps): update dependency containers/automation_images to v20230405 + * vendor c/common ff62cdebdd0e + * vendor in latest containers/(storage, image) + * fix(deps): update module github.com/opencontainers/runc to v1.1.5 + * fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.7 + * buildah image should not enable fuse-overlayfs for rootful mode + * stage_executor: inline network add default string + * build: pass process environment variables by reference + * run: pass process environment variables by reference + * fix(deps): update module github.com/containers/common to v0.51.2 + * chore(deps): update dependency containers/automation_images to v20230330 + * fix(deps): update module github.com/docker/docker to v23.0.2+incompatible + * chore(deps): update dependency containers/automation_images to v20230320 + * fix(deps): update module github.com/onsi/gomega to v1.27.6 + * fix(deps): update github.com/opencontainers/runtime-tools digest to e931285 + * [skip-ci] Update actions/stale action to v8 + * test: don't allow to override io.buildah.version + * executor: only apply label on the final stage + * Update docs/buildah-build.1.md + * update build instruction for Ubuntu + * code review + * build: accept arguments from file with --build-arg-file + * run_linux: Update heuristic for mounting /sys + * [CI:BUILD] Packit: Enable Copr builds on PR and commit to main + * fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.6 + * Update to Go 1.18 + * Disable dependabot in favor of renovate + * chore(deps): update dependency containers/automation_images to v20230314 + * Fix requiring tests on Makefile changes + * Vendor in latest containers/(storage, common, image) + * imagebuildah: set len(short_image_id) to 12 + * Re-enable conformance tests + * Skip conformance test failures with Docker 23.0.1 + * Cirrus: Replace Ubuntu -> Debian SID + * run: add support for inline --network in RUN stmt + * vendor: bump imagebuilder to a3c3f8358ca31b1e4daa6 + * stage_executor: attempt to push cache only when cacheKey is valid + * Add "ifnewer" as option in help message for pull command + * build: document behaviour of buildah's distributed cache + * fix(deps): update module golang.org/x/term to v0.6.0 + * Add default list of capabilities required to run buildah in a container + * executor,copy: honor default ARG value while eval stage + * sshagent: use ExtendedAgent instead of Agent + * tests/bud: remove unwated test + * executor: do not warn on builtin default args + * executor: don't warn about unused TARGETARCH,TARGETOS,TARGETPLATFORM + * Fix tutorial for rootless mode + * Vendor in latest containers/(common, storage, image) + * Ignore the base image's base image annotations + * fix(deps): update module github.com/fsouza/go-dockerclient to v1.9.5 + * build(deps): bump github.com/containers/storage from 1.45.3 to 1.45.4 + * Vendor in latest containers/common + * docs/tutorials/04: add defaults for Run() + * imagebuildah.StageExecutor: suppress bogus "Pushing cache []:..." + * executor: also add stage with no children to cleanupStages + * [CI:BUILD] copr: fix el8 builds + * Fix documentation on which Capabilities are allowed by default + * Skip subject-length validation for renovate PRs + * Temporarily hard-skip bud-multiple-platform-values test + * fix(deps): update github.com/openshift/imagebuilder digest to 86828bf + * build(deps): bump github.com/containerd/containerd from 1.6.16 to 1.6.17 + * build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0 + * build(deps): bump github.com/containers/image/v5 from 5.24.0 to 5.24.1 + * [skip-ci] Update tim-actions/get-pr-commits digest to 55b867b + * build(deps): bump github.com/opencontainers/selinux + * build(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 + * Add renovate configuration + * Run codespell on codebase + * login: support interspersed args for password + * conformance: use scratch for minimal test + * pkg/parse: expose public CleanCacheMount API + * build(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 + * build(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.16 + * docs: specify order preference for FROM + * Bump to v1.30.0-dev + +------------------------------------------------------------------- +Fri Feb 17 04:41:55 UTC 2023 - Danish Prakash + +- Update to version 1.29.1: + * [release-1.29] Bump to Buildah v1.29.1 + * Update to c/image 5.24.1 + +------------------------------------------------------------------- +Thu Jan 26 15:20:28 UTC 2023 - dcermak@suse.com + +- Update to version 1.29.0: + * Bump to v1.29.0 + * tests: improve build-with-network-test + * Bump c/storagev1.45.3, c/imagev5.24.0, c/commonv0.51.0 + * build(deps): bump github.com/onsi/gomega from 1.25.0 to 1.26.0 + * Flake 3710 has been closed. Reenable the test. + * [CI:DOCS] Fix two diversity issues in a tutorial + * build(deps): bump github.com/fsouza/go-dockerclient from 1.9.2 to 1.9.3 + * vendor in latests containers/(storage, common, image) + * fix bud-multiple-platform-with-base-as-default-arg flake + * stage_executor: while mounting stages use freshly built stage + * build(deps): bump github.com/fsouza/go-dockerclient from 1.9.0 to 1.9.2 + * build(deps): bump github.com/onsi/gomega from 1.24.2 to 1.25.0 + * vendor in latests containers/(storage, common, image, ocicyrpt) + * [Itests: change the runtime-flag test for crun + * [CI:DOCS] README: drop sudo + * Fix multi-arch manifest-list build timeouts + * Cirrus: Update VM Images + * bud: Consolidate multiple synthetic LABEL instructions + * build, secret: allow realtive mountpoints wrt to work dir + * fixed squash documentation + * build(deps): bump github.com/containerd/containerd from 1.6.14 to 1.6.15 + * Correct minor comment + * Vendor in latest containers/(common, image, storage) + * system tests: remove unhelpful assertions + * buildah: add prune command and expose CleanCacheMount API + * vendor: bump c/storage to a747b27 + * Add support for --group-add to buildah from + * build(deps): bump actions/stale from 6 to 7 + * Add documentation for buildah build --pull=missing + * build(deps): bump github.com/containerd/containerd from 1.6.12 to 1.6.14 + * build(deps): bump github.com/docker/docker + * parse: default ignorefile must not point to symlink outside context + * buildah: wrap network setup errors + * build, mount: allow realtive mountpoints wrt to work dir + * Update to F37 CI VM Images, re-enable prior-fedora + * Update vendor or containers/(image, storage, common) + * build(deps): bump golang.org/x/crypto from 0.3.0 to 0.4.0 + * Update contact information + * build(deps): bump golang.org/x/term from 0.2.0 to 0.3.0 + * Replace io/ioutil calls with os calls + * [skip-ci] GHA/Cirrus-cron: Fix execution order + * Vendor in containers/common + * build(deps): bump golang.org/x/sys from 0.2.0 to 0.3.0 + * remote-cache: support multiple sources and destinations + * Update c/storage after https://github.com/containers/storage/pull/1436 + * util.SortMounts(): make the returned order more stable + * version: Bump to 1.29.0-dev + * [CI:BUILD] Cirrus: Migrate OSX task to M1 + * Update vendor of containers/(common, storage, image) + * mount=type=cache: seperate cache parent on host for each user + * Fix installation instructions for Gentoo Linux + * build(deps): bump github.com/containerd/containerd from 1.6.9 to 1.6.10 + * GHA: Reuse both cirrus rerun and check workflows + * Vendor in latest containers/(common,image,storage) + * build(deps): bump github.com/onsi/gomega from 1.24.0 to 1.24.1 + * copier.Put(): clear up os/syscall mode bit confusion + * build(deps): bump golang.org/x/sys from 0.1.0 to 0.2.0 + * Use TypeBind consistently to name bind/nullfs mounts + * Add no-new-privileges flag + * Update vendor of containers/(common, image, storage) + * imagebuildah:build with --all-platforms must honor args for base images + * codespell code + * Expand args and env when using --all-platforms + * build(deps): bump github.com/onsi/gomega from 1.23.0 to 1.24.0 + * GHA: Simplify Cirrus-Cron check slightly + * Stop using ubi8 + * remove unnecessary (hence misleading) rmi + * chroot: fix mounting of ro bind mounts + * executor: honor default ARG value while eval base name + * userns: add arbitrary steps/stage to --userns=auto test + * Don't set allow.mount in the vnet jail on Freebsd + * copier: Preserve file flags when copying archives on FreeBSD + * Remove quiet flag, so that it works in podman-remote + * test: fix preserve rootfs with --mount for podman-remote + * test: fix prune logic for cache-from after adding content summary + * vendor in latest containers/(storage, common, image) + * Fix RUN --mount=type=bind,from= not preserving rootfs of stage + * Define and use a safe, reliable test image + * Fix word missing in Container Tools Guide + * Makefile: Use $(MAKE) to start sub-makes in install.tools + * imagebuildah: pull cache from remote repo after adding content summary + * Makefile: Fix install on FreeBSD + * Ensure the cache volume locks are unlocked on all paths + * Vendor in latest containers/(common,storage) + * Simplify the interface of GetCacheMount and getCacheMount + * Fix cache locks with multiple mounts + * Remove calls to Lockfile.Locked() + * Maintain cache mount locks as lock objects instead of paths + * test: cleaning cache must not clean lockfiles + * run: honor lockfiles for multiple --mount instruction + * mount,cache: lockfiles must not be part of users cache content + * Update vendor containers/(common,image,storage) + * [CI:BUILD] copr: buildah rpm should depend on containers-common-extra + * pr-should-include-tests: allow specfile, golangci + * build(deps): bump dawidd6/action-send-mail from 3.7.0 to 3.7.1 + * build(deps): bump github.com/docker/docker + * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.3 to 1.9.0 + * Update vendor containers/(common,image,storage) + * build(deps): bump actions/upload-artifact from 2 to 3 + * build(deps): bump actions/checkout from 2 to 3 + * build(deps): bump actions/stale from 1 to 6 + * build(deps): bump dawidd6/action-send-mail from 2.2.2 to 3.7.0 + * build(deps): bump tim-actions/get-pr-commits from 1.1.0 to 1.2.0 + * sshagent: LockOSThread before setting SocketLabel + * Update tests for error message changes + * Update c/image after https://github.com/containers/image/pull/1299 + * Fix ident for dependabot gha block + * build(deps): bump github.com/containers/ocicrypt from 1.1.5 to 1.1.6 + * Fix man pages to match latest cobra settings + * build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.0 + * build(deps): bump github.com/onsi/gomega from 1.20.2 to 1.22.1 + * test: retrofit 'bud with undefined build arg directory' + * imagebuildah: warnOnUnsetBuildArgs while processing stages from executor + * Update contrib/buildahimage/Containerfile + * Cirrus CI add flavor parameter + * Correction - `FLAVOR` not `FLAVOUR` + * Changed build argument from `RELEASE` to `FLAVOUR` + * Combine buildahimage Containerfiles + * bud.bats refactoring: $TEST_SCRATCH_DIR, part 2 of 2 + * bud.bats refactoring: $TEST_SCRATCH_DIR, part 1 of 2 + * System test cleanup: document, clarify, fix + * test: removing unneeded/expensive COPY + * test: warning behaviour for unset/set TARGETOS,TARGETARCH,TARGETPLATFORM + * Bump to v1.28.1-dev + +------------------------------------------------------------------- +Mon Nov 28 08:55:11 UTC 2022 - dcermak@suse.com + +- Update to version 1.28.2: + * version: bump to 1.28.2 + * Stop using ubi8 + * Define and use a safe, reliable test image + +------------------------------------------------------------------- +Wed Nov 23 10:30:12 UTC 2022 - dcermak@suse.com + +- Update to version 1.28.1: + * version: bump to v1.28.1 + * copier.Put(): clear up os/syscall mode bit confusion + * retrofit, test: ubi8 changed architecture string +- Only build targets that we install + +------------------------------------------------------------------- +Fri Oct 07 08:53:06 UTC 2022 - dcermak@suse.com + +- Update to version 1.28.0: + * Bump to v1.28.0 + * No longer modify buildah.spec + * Update for https://github.com/klauspost/pgzip/pull/50 + * Update vendor containers/(common,image) + * [CI:DOCS] Add quay-description update reminder + * vendor: bump c/common to v0.49.2-0.20220929111928-2d1b45ae2423 + * build(deps): bump github.com/opencontainers/selinux + * Vendor in latest containers/storage + * Changing shell list operators from `;` to `&&` + * Fix buildahimage container.conf permissions regression + * Set sysctls from containers.conf + * refactor: stop using Normalize directly from containerd package + * config,builder: process variant while populating image spec + * Proof of concept: nightly dependency treadmill + * Run codespell on code + * Check for unset build args after TARGET args + * pkg/cli: improve completion test + * vendor in latest containers/(common,storage,image) + * copier: work around freebsd bug for "mkdir /" + * vendor: update c/image + * test: run in the host cgroup namespace + * vendor: update c/storage + * vendor: update c/common + * cmd: check for user UID instead of privileges + * run,build: conflict --isolation=chroot and --network + * Fix broken dns test (from merge collision) + * Fix stutters + * Fix broken command completion + * buildah bud --network=none should have no network + * build: support --skip-unused-stages for multi-stage builds + * Prevent use of --dns* options with --net=none + * buildah: make --cache-ttl=0s equivalent to --no-cache + * parse: make processing flags in --mount order agnostic + * Minor test fix for podman-remote + * build: honor .containerignore as ignore file + * Update install.md: Debian 11 (Bullseye) is stable + * build(deps): bump github.com/docker/docker + * Use constants from containers/common for finding seccomp.json + * Don't call os.Exit(1) from manifest exist + * manifest: add support for buildah manifest exists + * Buildah should ignore /etc/crio/seccomp.json + * chroot: Fix cross build break + * chroot: Move isDevNull to run_common.go + * chroot: Fix setRlimit build on FreeBSD + * chroot: Move parseRLimits and setRlimits to run_common.go + * chroot: Fix runUsingChrootExecMain on FreeBSD + * chroot: Move runUsingChrootExecMain to run_common.go + * chroot: Factor out Linux-specific unshare options from runUsingChroot + * chroot: Move runUsingChroot to run_common.go + * chroot: Move RunUsingChroot and runUsingChrootMain to run_common.go + * chroot: Factor out /dev/ptmx pty implementation + * chroot: Add FreeBSD support for run with chroot isolation + * build(deps): bump github.com/docker/go-units from 0.4.0 to 0.5.0 + * Replace k8s.gcr.io/pause in tests with registry.k8s.io/pause + * build(deps): bump github.com/onsi/gomega from 1.20.0 to 1.20.1 + * Cirrus: use image with fewer downloaded dependencies + * build(deps): bump github.com/opencontainers/runc from 1.1.3 to 1.1.4 + * run: add container gid to additional groups (CVE-2022-2990 / bsc#1202812) + * buildah: support for --retry and --retry-delay for push/pull failures + * Makefile: always call $(GO) instead of `go` + * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.2 to 1.8.3 + * test: use `T.TempDir` to create temporary test directory + * mount,cache: enable SElinux shared content label option by default + * commit: use race-free RemoveNames instead of SetNames + * Drop util/util.Cause() + * cmd/buildah: add "manifest create --amend" + * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.1 to 1.8.2 + * docs: specify git protocol is not supported for github hosted repo + * Scrub user and group names from layer diffs + * build(deps): bump github.com/containerd/containerd from 1.6.6 to 1.6.8 + * version: bump to 1.28.0-dev + +------------------------------------------------------------------- +Wed Sep 21 07:41:42 UTC 2022 - dcermak@suse.com + +- Update to version 1.27.2: + * tag v1.27.2 + * Fix broken command completion + * build: support --skip-unused-stages for multi-stage builds + +------------------------------------------------------------------- +Mon Sep 12 09:57:27 UTC 2022 - dcermak@suse.com + +- Update to version 1.27.1: + * release: bump to v1.27.1 + * run: add container gid to additional groups +- Drop add-container-gid-to-additional-groups.patch + (merged upstream) + +------------------------------------------------------------------- +Fri Aug 26 12:13:12 UTC 2022 - Dan Čermák + +- Add fix for CVE-2022-2990 / bsc#1202812 + add: add-container-gid-to-additional-groups.patch + +------------------------------------------------------------------- +Tue Aug 09 06:54:52 UTC 2022 - dcermak@suse.com + +- Update to version 1.27.0: + * release: tag v1.27.0 + * make,cross: ignore loong64 from target list + * Allow chflags operations inside the container + * Don't try to call runLabelStdioPipes if spec.Linux is not set + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * build: support filtering cache by duration using --cache-ttl + * build: support building from commit when using git repo as build context + * build: clean up git repos correctly when using subdirs + * integration tests: quote "?" in shell scripts + * Fix a copy/paste error + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * vendor c/common@v0.49.1 + * test: manifest inspect should have OCIv1 annotation + * vendor: bump to c/common@87fab4b7019a + * Failure to determine a file or directory should print an error + * build(deps): bump github.com/containernetworking/cni from 1.1.1 to 1.1.2 + * refactor: remove unused CommitOptions from generateBuildOutput + * stage_executor: generate output for cases with no commit + * stage_executor, commit: output only if last stage in build + * Use errors.Is() instead of os.Is{Not,}Exist + * Minor test tweak for podman-remote compatibility + * Cirrus: Use the latest imgts container + * imagebuildah: complain about the right Dockerfile + * tests: don't try to wrap `nil` errors + * cmd/buildah.commitCmd: don't shadow "err" + * cmd/buildah.pullCmd: complain about DecryptConfig/EncryptConfig + * Fix a copy/paste error message + * Fix a typo in an error message + * build,cache: support pulling/pushing cache layers to/from remote sources + * Update vendor of containers/(common, storage, image) + * Rename chroot/run.go to chroot/run_linux.go + * Don't bother telling codespell to skip files that don't exist + * Set user namespace defaults correctly for the library + * imagebuildah: optimize cache hits for COPY and ADD instructions + * Cirrus: Update VM images w/ updated bats + * build(deps): bump github.com/onsi/gomega from 1.19.0 to 1.20.0 + * docs, run: show SELinux label flag for cache and bind mounts + * build(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 + * imagebuildah, build: remove undefined concurrent writes + * bump github.com/opencontainers/runtime-tools + * Add FreeBSD support for 'buildah info' + * Vendor in latest containers/(storage, common, image) + * Add freebsd cross build targets + * Make the jail package build on 32bit platforms + * Cirrus: Ensure the build-push VM image is labeled + * GHA: Fix dynamic script filename + * Vendor in containers/(common, storage, image) + * Run codespell + * Remove import of github.com/pkg/errors + * Avoid using cgo in pkg/jail + * Rename footypes to fooTypes for naming consistency + * Move cleanupTempVolumes and cleanupRunMounts to run_common.go + * Make the various run mounts work for FreeBSD + * Move get{Bind,Tmpfs,Secret,SSH}Mount to run_common.go + * Move runSetupRunMounts to run_common.go + * Move cleanableDestinationListFromMounts to run_common.go + * Make setupMounts and runSetupBuiltinVolumes work on FreeBSD + * Move setupMounts and runSetupBuiltinVolumes to run_common.go + * Tidy up - runMakeStdioPipe can't be shared with linux + * Move runAcceptTerminal to run_common.go + * Move stdio copying utilities to run_common.go + * Move runUsingRuntime and runCollectOutput to run_common.go + * Move fileCloser, waitForSync and contains to run_common.go + * Move checkAndOverrideIsolationOptions to run_common.go + * Move DefaultNamespaceOptions to run_common.go + * Move getNetworkInterface to run_common.go + * Move configureEnvironment to run_common.go + * Don't crash in configureUIDGID if Process.Capabilities is nil + * Move configureUIDGID to run_common.go + * Move runLookupPath to run_common.go + * Move setupTerminal to run_common.go + * Move etc file generation utilities to run_common.go + * Add run support for FreeBSD + * Add a simple FreeBSD jail library + * Add FreeBSD support to pkg/chrootuser + * Sync call signature for RunUsingChroot with chroot/run.go + * test: verify feature to resolve basename with args + * vendor: bump openshift/imagebuilder to master@4151e43 + * GHA: Remove required reserved-name use + * buildah: set XDG_RUNTIME_DIR before setting default runroot + * imagebuildah: honor build output even if build container is not commited + * chroot: honor DefaultErrnoRet + * [CI:DOCS] improve pull-policy documentation + * tests: retrofit test since --file does not supports dir + * Switch to golang native error wrapping + * BuildDockerfiles: error out if path to containerfile is a directory + * define.downloadToDirectory: fail early if bad HTTP response + * GHA: Allow re-use of Cirrus-Cron fail-mail workflow + * add: fail on bad http response instead of writing to container + * build(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 + * [CI:DOCS] Update buildahimage comment + * lint: inspectable is never nil + * vendor: c/common to common@7e1563b + * build: support OCI hooks for ephemeral build containers + * [CI:BUILD] Install latest buildah instead of compiling + * Add subid support with BuildRequires and BUILDTAG [NO NEW TESTS NEEDED] + * build(deps): bump github.com/stretchr/testify from 1.7.2 to 1.7.5 + * Make sure cpp is installed in buildah images + * demo: use unshare for rootless invocations + * buildah.spec.rpkg: initial addition + * build: fix test for subid 4 + * build(deps): bump github.com/spf13/cobra from 1.4.0 to 1.5.0 + * build, userns: add support for --userns=auto + * Fix building upstream buildah image + * Remove redundant buildahimages-are-sane validation + * Docs: Update multi-arch buildah images readme + * Cirrus: Migrate multiarch build off github actions + * retrofit-tests: we skip unused stages so use stages + * stage_executor: dont rely on stage while looking for additional-context + * buildkit, multistage: skip computing unwanted stages + * More test cleanup + * copier: work around freebsd bug for "mkdir /" + * Replace $BUILDAH_BINARY with buildah() function + * Fix up buildah images + * Make util and copier build on FreeBSD + * Vendor in latest github.com/sirupsen/logrus + * build(deps): bump github.com/opencontainers/runc from 1.1.2 to 1.1.3 + * Makefile: allow building without .git + * run_unix: don't return an error from getNetworkInterface + * run_unix: return a valid DefaultNamespaceOptions + * Update vendor of containers/storage + * chroot: use ActKillThread instead of ActKill + * use resolvconf package from c/common/libnetwork + * update c/common to latest main + * copier: add `NoOverwriteNonDirDir` option + * Sort buildoptions and move cli/build functions to internal + * build(deps): bump github.com/fsouza/go-dockerclient from 1.8.0 to 1.8.1 + * build(deps): bump github.com/docker/docker + * build(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.2 + * build(deps): bump github.com/containerd/containerd from 1.6.5 to 1.6.6 + * Fix TODO: de-spaghettify run mounts + * Move options parsing out of build.go and into pkg/cli + * [CI:DOCS] Tutorial 04 - Include Debian/Ubuntu deps + * build, multiarch: support splitting build logs for --platform + * build(deps): bump github.com/containerd/containerd from 1.6.4 to 1.6.5 + * [CI:BUILD] WIP Cleanup Image Dockerfiles + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.11 to 1.8.0 + * cli remove stutter + * docker-parity: ignore sanity check if baseImage history is null + * build, commit: allow disabling image history with --omit-history + * Fix use generic/ambiguous DEBUG name + * build(deps): bump github.com/containernetworking/cni from 1.1.0 to 1.1.1 + * Cirrus: use Ubuntu 22.04 LTS + * Fix codespell errors + * Remove util.StringInSlice because it is defined in containers/common + * buildah: add support for renaming a device in rootless setups + * squash: never use build cache when computing last step of last stage + * Update vendor of containers/(common, storage, image) + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * buildkit: supports additionalBuildContext in builds via --build-context + * test cleanup + * buildah source pull/push: show progress bar + * run: allow resuing secret twice in different RUN steps + * test helpers: default to being rootless-aware + * Add --cpp-flag flag to buildah build + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * build: accept branch and subdirectory when context is git repo + * build(deps): bump github.com/docker/docker + * Vendor in latest containers/common + * build(deps): bump github.com/opencontainers/runc from 1.1.1 to 1.1.2 + * vendor: update c/storage and c/image + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * Fix gentoo install docs + * build(deps): bump github.com/docker/docker + * copier: move NSS load to new process + * Add test for prevention of reusing encrypted layers + * Make `buildah build --label foo` create an empty "foo" label again + * Bump to v1.27.0-dev + +------------------------------------------------------------------- +Thu Aug 04 06:27:00 UTC 2022 - dcermak@suse.com + +- Update to version 1.26.4: + * tag v1.26.4 + * build, multiarch: support splitting build logs for --platform + * copier: add `NoOverwriteNonDirDir` option + * docker-parity: ignore sanity check if baseImage history is null + * build, commit: allow disabling image history with --omit-history + * buildkit: supports additionalBuildContext in builds via --build-context + * Add --cpp-flag flag to buildah build + +------------------------------------------------------------------- +Wed Aug 03 11:54:24 UTC 2022 - fcrozat@suse.com + +- Update to version 1.26.3: + * release: bump to v1.26.3 + * define.downloadToDirectory: fail early if bad HTTP response + * add: fail on bad http response instead of writing to container + * squash: never use build cache when computing last step of last stage + * run: allow resuing secret twice in different RUN steps + * integration tests: update expected error messages + * integration tests: quote "?" in shell scripts + * Use errors.Is() to check for storage errors + * lint: inspectable is never nil + * chroot: use ActKillThread instead of ActKill + * chroot: honor DefaultErrnoRet + * Bump dependencies + * Set user namespace defaults correctly for the library + * contrib/rpm/buildah.spec: fix `rpm` parser warnings +- Drop requires on apparmor pattern, should be moved elsewhere + for systems which want AppArmor instead of SELinux. +- Drop binutils-gold workaround, no longer needed. +- Update BuildRequires to libassuan-devel >= 2.5.2, pkgconfig file + is required to build. + +------------------------------------------------------------------- +Thu Jul 07 09:00:47 UTC 2022 - dcermak@suse.com + +- Update to version 1.26.2: + * Bump to v1.26.2 + * Bump github.com/containers/storage from v1.40.2 to v1.40.3 + * buildah: add support for renaming a device in rootless setups + +------------------------------------------------------------------- +Thu May 05 06:18:56 UTC 2022 - dcermak@suse.com + +- Update to version 1.26.1: + * Bump to v1.26.1 + * Make `buildah build --label foo` create an empty "foo" label again + * Bump to v1.26.0 + * build(deps): bump github.com/containerd/containerd from 1.6.3 to 1.6.4 + * imagebuildah,build: move deepcopy of args before we spawn goroutine + * Vendor in containers/storage v1.40.2 + * buildah.BuilderOptions.DefaultEnv is ignored, so mark it as deprecated + * help output: get more consistent about option usage text + * Handle OS version and features flags + * buildah build: --annotation and --label should remove values + * buildah build: add a --env + * buildah: deep copy options.Args before performing concurrent build/stage + * test: inline platform and builtinargs behaviour + * vendor: bump imagebuilder to master/009dbc6 + * build: automatically set correct TARGETPLATFORM where expected + * build(deps): bump github.com/fsouza/go-dockerclient + * Vendor in containers/(common, storage, image) + * imagebuildah, executor: process arg variables while populating baseMap + * buildkit: add support for custom build output with --output + * Cirrus: Update CI VMs to F36 + * fix staticcheck linter warning for deprecated function + * Fix docs build on FreeBSD + * build(deps): bump github.com/containernetworking/cni from 1.0.1 to 1.1.0 + * copier.unwrapError(): update for Go 1.16 + * copier.PutOptions: add StripSetuidBit/StripSetgidBit/StripStickyBit + * copier.Put(): write to read-only directories + * build(deps): bump github.com/cpuguy83/go-md2man/v2 in /tests/tools + * Rename $TESTSDIR (the plural one), step 4 of 3 + * Rename $TESTSDIR (the plural one), step 3 of 3 + * Rename $TESTSDIR (the plural one), step 2 of 3 + * Rename $TESTSDIR (the plural one), step 1 of 3 + * build(deps): bump github.com/containerd/containerd from 1.6.2 to 1.6.3 + * Ed's periodic test cleanup + * using consistent lowercase 'invalid' word in returned err msg + * Update vendor of containers/(common,storage,image) + * use etchosts package from c/common + * run: set actual hostname in /etc/hostname to match docker parity + * update c/common to latest main + * Update vendor of containers/(common,storage,image) + * Stop littering + * manifest-create: allow creating manifest list from local image + * Update vendor of storage,common,image + * Bump golang.org/x/crypto to 7b82a4e + * Initialize network backend before first pull + * oci spec: change special mount points for namespaces + * tests/helpers.bash: assert handle corner cases correctly + * buildah: actually use containers.conf settings + * integration tests: learn to start a dummy registry + * Fix error check to work on Podman + * buildah build should accept at most one arg + * tests: reduce concurrency for flaky bud-multiple-platform-no-run + * vendor in latest containers/common,image,storage + * manifest-add: allow override arch,variant while adding image + * Remove a stray `\` from .containerenv + * Vendor in latest opencontainers/selinux v1.10.1 + * build, commit: allow removing default identity labels + * Create shorter names for containers based on image IDs + * test: skip rootless on cgroupv2 in root env + * fix hang when oci runtime fails + * Set permissions for GitHub actions + * copier test: use correct UID/GID in test archives + * run: set parent-death signals and forward SIGHUP/SIGINT/SIGTERM + * Bump back to v1.26.0-dev + * build(deps): bump github.com/opencontainers/runc from 1.1.0 to 1.1.1 + * Included the URL to check the SHA + +------------------------------------------------------------------- +Thu Mar 31 06:48:03 UTC 2022 - dcermak@suse.com + +- remove obsolete check for TW, SLE 15 & Leap 15 +- add workaround for https://bugzilla.opensuse.org/show_bug.cgi?id=1183043 +- Update to version 1.25.1: + * Bump to v1.25.1 + * buildah: create WORKDIR with USER permissions + * vendor: update github.com/openshift/imagebuilder + * copier: attempt to open the dir before adding it + * Updated dependabot to get updates for GitHub actions. + * Switch most calls to filepath.Walk to filepath.WalkDir + * build: allow --no-cache and --layers so build cache can be overrided + * build(deps): bump github.com/onsi/gomega from 1.18.1 to 1.19.0 + * Bump to v1.26.0-dev + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + +------------------------------------------------------------------- +Wed Mar 30 08:30:01 UTC 2022 - dcermak@suse.com + +- fixes bsc#1197870 +- Update to version 1.25.0: + * Bump to v1.25.0 + * install: drop RHEL/CentOS 7 doc + * build(deps): bump github.com/containers/common from 0.47.4 to 0.47.5 + * Bump c/storage to v1.39.0 in main + * Add a test for CVE-2022-27651 + * build(deps): bump github.com/docker/docker + * Bump github.com/prometheus/client_golang to v1.11.1 + * [CI:DOCS] man pages: sort flags, and keep them that way + * build(deps): bump github.com/containerd/containerd from 1.6.1 to 1.6.2 + * Don't pollute + * network setup: increase timeout to 4 minutes + * do not set the inheritable capabilities + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * build(deps): bump github.com/containers/ocicrypt from 1.1.2 to 1.1.3 + * parse: convert exposed GetVolumes to internal only + * buildkit: mount=type=cache support locking external cache store + * .in support: improve error message when cpp is not installed + * buildah image: install cpp + * build(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 + * build(deps): bump github.com/spf13/cobra from 1.3.0 to 1.4.0 + * build(deps): bump github.com/docker/docker + * Add --no-hosts flag to eliminate use of /etc/hosts within containers + * test: remove skips for rootless users + * test: unshare mount/umount if test is_rootless + * tests/copy: read correct containers.conf + * build(deps): bump github.com/docker/distribution + * cirrus: add seperate task and matrix for rootless + * tests: skip tests for rootless which need unshare + * buildah: test rootless integration + * vendor: bump c/storage to main/93ce26691863 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.9 to 1.7.10 + * tests/copy: initialize the network, too + * [CI:DOCS] remove references to Kubic for CentOS and Ubuntu + * build(deps): bump github.com/containerd/containerd from 1.6.0 to 1.6.1 + * use c/image/pkg/blobcache + * vendor c/image/v5@v5.20.0 + * add: ensure the context directory is an absolute path + * executor: docker builds must inherit healthconfig from base if any + * docs: Remove Containerfile and containeringore + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.8 to 1.7.9 + * helpers.bash: Use correct syntax + * speed up combination-namespaces test + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * Bump back to 1.25.0-dev + * build(deps): bump github.com/containerd/containerd from 1.5.9 to 1.6.0 + +------------------------------------------------------------------- +Thu Feb 17 07:58:57 UTC 2022 - dcermak@suse.com + +- Update to version 1.24.2: + * Bump to v1.24.2 + * Increase subuid/subgid to 65535 + * history: only add proxy vars to history if specified + * run_linux: use --systemd-cgroup + * buildah: new global option --cgroup-manager + * Makefile: build with systemd when available + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.7 to 1.7.8 + * Bump c/common to v0.47.4 + * Cirrus: Use updated VM images + * conformance: add a few "replace-directory-with-symlink" tests + * Bump back to v1.25.0-dev + +------------------------------------------------------------------- +Fri Feb 04 07:31:54 UTC 2022 - dcermak@suse.com + +- Update to version 1.24.1: +* overlay: always honor mountProgram by @giuseppe in https://github.com/containers/buildah/pull/3750 +* build(deps): bump github.com/onsi/gomega from 1.18.0 to 1.18.1 by @dependabot in https://github.com/containers/buildah/pull/3754 +* imagebuildah.BuildDockerfiles(): create the jobs semaphore by @nalind in https://github.com/containers/buildah/pull/3753 +* build(deps): bump github.com/containers/storage from 1.38.1 to 1.38.2 by @dependabot in https://github.com/containers/buildah/pull/3760 +* System tests: fix accidental vandalism of source dir by @edsantiago in https://github.com/containers/buildah/pull/3761 +* Update vendor of containers/storage and containers/common by @rhatdan in https://github.com/containers/buildah/pull/3759 +* Bump version of containers/image and containers/common by @rhatdan in https://github.com/containers/buildah/pull/3764 +* Update vendor of openshift/imagebuilder by @rhatdan in https://github.com/containers/buildah/pull/3765 +* caps: fix buildah run --cap-add=all by @rhatdan in https://github.com/containers/buildah/pull/3766 +* stage_executor: Add support for inline `FROM --platform=` within Containerfile/Dockerfile by @flouthoc in https://github.com/containers/buildah/pull/3757 + +**Full Changelog**: https://github.com/containers/buildah/compare/v1.24.0...v1.24.1 + +------------------------------------------------------------------- +Thu Jan 27 07:30:30 UTC 2022 - dcermak@suse.com + +- Update to version 1.24.0: + * Bump to v1.24.0 + * Update vendor of containers/common + * build(deps): bump github.com/golangci/golangci-lint in /tests/tools + * Github-workflow: Report both failures and errors. + * build(deps): bump github.com/containers/image/v5 from 5.18.0 to 5.19.0 + * Update docs/buildah-build.1.md + * [CI:DOCS] Fix typos and improve language + * buildah bud --network add support for custom networks + * Make pull commands be consistent + * docs/buildah-build.1.md: don't imply that -v isn't just a RUN thing + * build(deps): bump github.com/onsi/gomega from 1.17.0 to 1.18.0 + * Vendor in latest containers/image + * Run codespell on code + * .github/dependabot.yml: add tests/tools go.mod + * CI: rm git-validation, add GHA job to validate PRs + * tests/tools: bump go-md2man to v2.0.1 + * tests/tools/Makefile: simplify + * tests/tools: bump onsi/ginkgo to v1.16.5 + * vendor: bump c/common and others + * mount: add support for custom upper and workdir with overlay mounts + * linux: fix lookup for runtime + * overlay: add MountWithOptions to API which extends support for advanced overlay + * Allow processing of SystemContext from FlagSet + * .golangci.yml: enable unparam linter + * util/resolveName: rm bool return + * tests/tools: bump golangci-lint + * .gitignore: fixups + * all: fix capabilities.NewPid deprecation warnings + * bind/mount.go: fix linter comment + * all: fix gosimple warning S1039 + * tests/e2e/buildah_suite_test.go: fix gosimple warnings + * imagebuildah/executor.go: fix gosimple warning + * util.go: fix gosimple warning + * build(deps): bump github.com/opencontainers/runc from 1.0.3 to 1.1.0 + * Enable git-daemon tests + * Allow processing of id options from FlagSet + * Cirrus: Re-order tasks for more parallelism + * Cirrus: Freshen VM images + * Fix platform handling for empty os/arch values + * Allow processing of network options from FlagSet + * Fix permissions on secrets directory + * Update containers/image and containers/common + * bud.bats: use a local git daemon for the git protocol test + * Allow processing of common options from FlagSet + * Cirrus: Run int. tests in parallel with unit + * vendor c/common + * Fix default CNI paths + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.6 to 1.7.7 + * multi-stage: enable mounting stages across each other with selinux enabled + * executor: Share selinux label of first stage with other stages in a build + * buildkit: add from field to bind and cache mounts so images can be used as source + * Use config.ProxyEnv from containers/common + * use libnetwork from c/common for networking + * setup the netns in the buildah parent process + * build(deps): bump github.com/containerd/containerd from 1.5.8 to 1.5.9 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.4 to 1.7.6 + * build: fix libsubid test + * Allow callers to replace the ContainerSuffix + * parse: allow parsing anomaly non-human value for memory control group + * .cirrus: remove static_build from ci + * stage_executor: re-use all possible layers from cache for squashed builds + * build(deps): bump github.com/spf13/cobra from 1.2.1 to 1.3.0 + * Allow rootless buildah to set resource limits on cgroup V2 + * build(deps): bump github.com/docker/docker + * tests: move buildkit mount tests files from TESTSDIR to TESTDIR before modification + * build(deps): bump github.com/opencontainers/runc from 1.0.2 to 1.0.3 + * Wire logger through to config + * copier.Put: check for is-not-a-directory using lstat, not stat + * Turn on rootless cgroupv2 tests + * Grab all of the containers.conf settings for namespaces. + * image: set MediaType in OCI manifests + * copier: RemoveAll possibly-directories + * Simple README fix + * images: accept multiple filter with logical AND + * build(deps): bump github.com/containernetworking/cni from 0.8.1 to 1.0.1 + * UPdate vendor of container/storage + * build(deps): bump github.com/onsi/gomega from 1.16.0 to 1.17.0 + * build(deps): bump github.com/containers/image/v5 from 5.16.1 to 5.17.0 + * Make LocalIP public function so Podman can use it + * Fix UnsetEnv for buildah bud + * Tests should rely only on static/unchanging images + * run: ensure that stdio pipes are labeled correctly + * build(deps): bump github.com/docker/docker + * Cirrus: Bump up to Fedora 35 & Ubuntu 21.10 + * chroot: don't use the generate default seccomp filter for unit tests + * build(deps): bump github.com/containerd/containerd from 1.5.7 to 1.5.8 + * ssh-agent: Increase timeout before we explicitly close connection + * docs/tutorials: update + * Clarify that manifest defaults to localhost as the registry name + * "config": remove a stray bit of debug output + * "commit": fix a flag typo + * Fix an error message: unlocking vs locking + * Expand the godoc for CommonBuildOptions.Secrets + * chroot: accept an "rw" option + * Add --unsetenv option to buildah commit and build + * define.TempDirForURL(): show CombinedOutput when a command fails + * config: support the variant field + * rootless: do not bind mount /sys if not needed + * Fix tutorial to specify command on buildah run line + * build: history should not contain ARG values + * docs: Use guaranteed path for go-md2man + * run: honor --network=none from builder if nothing specified + * networkpolicy: Should be enabled instead of default when explictly set + * Add support for env var secret sources + * build(deps): bump github.com/docker/docker + * fix: another non-portable shebang + * Rootless containers users should use additional groups + * Support overlayfs path contains colon + * Report ignorefile location when no content added + * Add support for host.containers.internal in the /etc/hosts + * build(deps): bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 + * imagebuildah: fix nil deref + * buildkit: add support for mount=type=cache + * Default secret mode to 400 + * [CI:DOCS] Include manifest example usage + * docs: update buildah-from, buildah-pull 'platform' option compatibility notes + * docs: update buildah-build 'platform' option compatibility notes + * De-dockerize the man page as much as possible + * [CI:DOCS] Touch up Containerfile man page to show ARG can be 1st + * docs: Fix and Update Containerfile man page with supported mount types + * mount: add tmpcopyup to tmpfs mount option + * buildkit: Add support for --mount=type=tmpfs + * build(deps): bump github.com/opencontainers/selinux from 1.8.5 to 1.9.1 + * Fix command doc links in README.md + * build(deps): bump github.com/containers/image/v5 from 5.16.0 to 5.16.1 + * build: Add support for buildkit like --mount=type=bind + * Bump containerd to v1.5.7 + * build(deps): bump github.com/docker/docker + * tests: stop pulling php, composer + * Fix .containerignore link file + * Cirrus: Fix defunct package metadata breaking cache + * build(deps): bump github.com/containers/storage from 1.36.0 to 1.37.0 + * buildah build: add --all-platforms + * Add man page for Containerfile and .containerignore + * Plumb the remote logger throughut Buildah + * Replace fmt.Sprintf("%d", x) with strconv.Itoa(x) + * Run: Cleanup run directory after every RUN step + * build(deps): bump github.com/containers/common from 0.45.0 to 0.46.0 + * Makefile: adjust -ldflags/-gcflags/-gccgoflags depending on the go implementation + * Makefile: check for `-race` using `-mod=vendor` + * imagebuildah: fix an attempt to write to a nil map + * push: support to specify the compression format + * conformance: allow test cases to specify dockerUseBuildKit + * build(deps): bump github.com/containers/common from 0.44.1 to 0.45.0 + * build(deps): bump github.com/containers/common from 0.44.0 to 0.44.1 + * unmarshalConvertedConfig(): handle zstd compression + * tests/copy/copy: wire up compression options + * Update to github.com/vbauerster/mpb v7.1.5 + * Add flouthoc to OWNERS + * build: Add additional step nodes when labels are modified + * Makefile: turn on race detection whenever it's available + * conformance: add more tests for exclusion short-circuiting + * Update VM Images + Drop prior-ubuntu testing + * Bump to v1.24.0-dev + +------------------------------------------------------------------- +Thu Nov 25 15:11:21 UTC 2021 - Dan Čermák + +- Sync package with Factory (bsc#1192999) +- remove no longer used CVE-2019-10214.patch + +------------------------------------------------------------------- +Fri Oct 22 10:16:47 UTC 2021 - rpm@fthiessen.de + +- Update to version 1.23.1: + * Update dependencies + * Bugfixes + +------------------------------------------------------------------- +Fri Sep 17 10:08:13 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.23.0: + * Update dependencies + * Bugfixes + +------------------------------------------------------------------- +Thu Sep 02 15:16:02 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.22.3: + * Update dependencies + * Post-branch commit + * Accept repositories on login/logout + +------------------------------------------------------------------- +Fri Aug 06 09:31:59 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.22.0: + * Bump to v1.22.0 [NO TESTS NEEDED] + * c/image, c/storage, c/common vendor before Podman 3.3 release + * WIP: tests: new assert() + * Proposed patch for 3399 (shadowutils) + * Fix handling of --restore shadow-utils + * build(deps): bump github.com/containers/image/v5 from 5.13.2 to 5.14.0 + * runtime-flag (debug) test: handle old & new runc + * build(deps): bump github.com/containers/storage from 1.32.6 to 1.33.0 + * Allow dst and destination for target in secret mounts + * Multi-arch: Always push updated version-tagged img + * Add a few tests on cgroups V2 + * imagebuildah.stageExecutor.prepare(): remove pseudonym check + * refine dangling filter + * Chown with environment variables not set should fail + * Just restore protections of shadow-utils + * build(deps): bump github.com/opencontainers/runc from 1.0.0 to 1.0.1 + * Remove specific kernel version number requirement from install.md + * Multi-arch image workflow: Make steps generic + * chroot: fix environment value leakage to intermediate processes + * Update nix pin with `make nixpkgs` + * buildah source - create and manage source images + * Update cirrus-cron notification GH workflow + * Reuse code from containers/common/pkg/parse + * Cirrus: Freshen VM images + * Fix excludes exception begining with / or ./ + * Fix syntax for --manifest example + * build(deps): bump github.com/onsi/gomega from 1.13.0 to 1.14.0 + * vendor containers/common@main + * Cirrus: Drop dependence on fedora-minimal + * Adjust conformance-test error-message regex + * Workaround appearance of differing debug messages + * Cirrus: Install docker from package cache + * build(deps): bump github.com/containers/ocicrypt from 1.1.1 to 1.1.2 + * Switch rusagelogfile to use options.Out + * build(deps): bump github.com/containers/storage from 1.32.4 to 1.32.5 + * Turn stdio back to blocking when command finishes + * Add support for default network creation + * Cirrus: Updates for master->main rename + * Change references from master to main + * Add `--env` and `--workingdir` flags to run command + * build(deps): bump github.com/opencontainers/runc + * [CI:DOCS] buildah bud: spelling --ignore-file requires parameter + * [CI:DOCS] push/pull: clarify supported transports + * Remove unused function arguments + * Create mountOptions for mount command flags + * Extract version command implementation to function + * Add --json flags to `mount` and `version` commands + * build(deps): bump github.com/containers/storage from 1.32.2 to 1.32.3 + * build(deps): bump github.com/containers/common from 0.40.0 to 0.40.1 + * copier.Put(): set xattrs after ownership + * buildah add/copy: spelling + * build(deps): bump github.com/containers/common from 0.39.0 to 0.40.0 + * buildah copy and buildah add should support .containerignore + * Remove unused util.StartsWithValidTransport + * Fix documentation of the --format option of buildah push + * Don't use alltransports.ParseImageName with known transports + * build(deps): bump github.com/containers/image/v5 from 5.13.0 to 5.13.1 + * man pages: clarify `rmi` removes dangling parents + * tests: make it easer to override the location of the copy helper + * build(deps): bump github.com/containers/image/v5 from 5.12.0 to 5.13.0 + * [CI:DOCS] Fix links to c/image master branch + * imagebuildah: use the specified logger for logging preprocessing warnings + * Fix copy into workdir for a single file + * Fix docs links due to branch rename + * Update nix pin with `make nixpkgs` + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.2 to 1.7.3 + * build(deps): bump github.com/opencontainers/selinux from 1.8.1 to 1.8.2 + * build(deps): bump go.etcd.io/bbolt from 1.3.5 to 1.3.6 + * build(deps): bump github.com/containers/storage from 1.32.1 to 1.32.2 + * build(deps): bump github.com/mattn/go-shellwords from 1.0.11 to 1.0.12 + * build(deps): bump github.com/onsi/ginkgo from 1.16.3 to 1.16.4 + * fix(docs): typo + * Move to v1.22.0-dev + * Fix handling of auth.json file while in a user namespace + * Add rusage-logfile flag to optionally send rusage to a file + * imagebuildah: redo step logging + * build(deps): bump github.com/onsi/ginkgo from 1.16.2 to 1.16.3 + * build(deps): bump github.com/containers/storage from 1.32.0 to 1.32.1 + * Add volumes to make running buildah within a container easier + * build(deps): bump github.com/onsi/gomega from 1.12.0 to 1.13.0 + * Add and use a "copy" helper instead of podman load/save + * Bump github.com/containers/common from 0.38.4 to 0.39.0 + * containerImageRef/containerImageSource: don't buffer uncompressed layers + * containerImageRef(): squashed images have no parent images + * Sync. workflow across skopeo, buildah, and podman + * Bump github.com/containers/storage from 1.31.1 to 1.31.2 + * Bump github.com/opencontainers/runc from 1.0.0-rc94 to 1.0.0-rc95 + * Bump to v1.21.1-dev [NO TESTS NEEDED] + +------------------------------------------------------------------- +Fri Jul 23 08:35:11 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.21.4: + * Bump to v1.21.4 + * tests: make it easer to override the location of the copy helper + * Add and use a "copy" helper instead of podman load/save + * vendor containers/common@v0.38.16 + * Bump to v1.21.3 + * chroot: fix environment value leakage to intermediate processes + * [release-1.21] Bump to Buildah v1.21.2 + * vendor common@v0.38.12 and storage@v1.31.3 + * Bump to v1.21.1 + * Fix handling of auth.json file while in a user namespace + +------------------------------------------------------------------- +Mon Jul 19 12:09:41 UTC 2021 - Fabian Vogt + +- Set -buildmode=pie properly using GOFLAGS instead of just LDFLAGS +- Exclude building on ppc64, not supported + +------------------------------------------------------------------- +Mon May 24 13:59:14 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.21.0: + * Bump to v1.21.0 - [NO TESTS NEEDED] + * Don't blow up if cpp detects errors + * Vendor in containers/common v0.38.4 + * Remove 'buildah run --security-opt' from completion + * update c/common + * Fix handling of --default-mounts-file + * update vendor of containers/storage v1.31.1 + * Bump github.com/containers/storage from 1.30.3 to 1.31.0 + * Send logrus messages back to caller when building + * github: Fix bad repo. ref in workflow config + * Check earlier for bad image tags name + * buildah bud: fix containers/podman/issues/10307 + * Bump github.com/containers/storage from 1.30.1 to 1.30.3 + * Cirrus: Support [CI:DOCS] test skipping + * Notification email for cirrus-cron build failures + * Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94 + * Fix race condition + * Fix copy race while walking paths + * Preserve ownership of lower directory when doing an overlay mount + * Bump github.com/onsi/gomega from 1.11.0 to 1.12.0 + * Update nix pin with `make nixpkgs` + * codespell cleanup + * Multi-arch github-action workflow unification + * Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0 + * Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2 + * imagebuildah: ignore signatures when tagging images + * update to latest libimage + * Bump github.com/containers/common from 0.37.0 to 0.37.1 + * Bump github.com/containers/storage from 1.30.0 to 1.30.1 + * Upgrade to GitHub-native Dependabot + * Document location of auth.json file if XDG_RUNTIME_DIR is not set + * run.bats: fix flake in run-user test + * Cirrus: Update F34beta -> F34 + * pr-should-include-tests: try to make work in buildah + * runUsingRuntime: when relaying error from the runtime, mention that + * Run(): avoid Mkdir() into the rootfs + * imagebuildah: replace archive with chrootarchive + * imagebuildah.StageExecutor.volumeCacheSaveVFS(): set up bind mounts + * conformance: use :Z with transient mounts when SELinux is enabled + * bud.bats: fix a bats warning + * imagebuildah: create volume directories when using overlays + * imagebuildah: drop resolveSymlink() + * namespaces test - refactoring and cleanup + * Refactor 'idmapping' system test + * Cirrus: Update Ubuntu images to 21.04 + * Tiny fixes in bud system tests + * Add compabitility wrappers for removed packages + * Fix expected message at pulling image + * Fix system tests of 'bud' subcommand + * [CI:DOCS] Update steps for CentOS runc users + * Add support for secret mounts + * Add buildah manifest rm command + * restore push/pull and util API + * [CI:DOCS] Remove older distro docs + * Rename rhel secrets to subscriptions + * vendor in openshift/imagebuilder + * Remove buildah bud --loglevel ... + * use new containers/common/libimage package + * Fix copier when using globs + * Test namespace flags of 'bud' subcommand + * Add system test of 'bud' subcommand + * Output names of multiple tags in buildah bud + * push to docker test: don't get fooled by podman + * copier: add Remove() + * build(deps): bump github.com/containers/image/v5 from 5.10.5 to 5.11.1 + * Restore log timestamps + * Add system test of 'buildah help' with a tiny fix + * tests: copy.bats: fix infinite hang + * Do not force hard code to crun in rootless mode + * build(deps): bump github.com/openshift/imagebuilder from 1.2.0 to 1.2.1 + * build(deps): bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1 + * build(deps): bump github.com/containers/common from 0.35.4 to 0.36.0 + * Fix arg missing warning in bud + * Check without flag in 'from --cgroup-parent' test + * Minor fixes to Buildah as a library tutorial documentation + * Add system test of 'buildah version' for packaged buildah + * Add a few system tests of 'buildah from' + * Log the final error with %+v at logging level "trace" + * copier: add GetOptions.NoCrossDevice + * Update nix pin with `make nixpkgs` + * Bump to v1.20.2-dev + +------------------------------------------------------------------- +Thu Apr 15 12:28:09 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.20.1: + * Bump to v1.20.1 + * Run container with isolation type set at 'from' + * bats helpers.bash - minor refactoring + * Bump containers/storage vendor to v1.29.0 + * build(deps): bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1 + * Cirrus: Update VMs w/ F34beta + * CLI add/copy: add a --from option + * build(deps): bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0 + * Add authentication system tests for 'commit' and 'bud' + * fix local image lookup for custom platform + * Double-check existence of OCI runtimes + * Cirrus: Make use of shared get_ci_vm container + * Add system tests of "buildah run" + * Update nix pin with `make nixpkgs` + * Remove some stuttering on returns errors + * Setup alias for --tty to --terminal + * Add conformance tests for COPY /... + * Put a few more minutes on the clock for the CI conformance test + * Add a conformance test for COPY --from $symlink + * Add conformance tests for COPY "" + * Check for symlink in builtin volume + * Sort all mounts by destination directory + * System-test cleanup + * Export parse.Platform string to be used by podman-remote + * blobcache: fix sequencing error + * build(deps): bump github.com/containers/common from 0.35.3 to 0.35.4 + * Fix URL in demos/buildah_multi_stage.sh + * Add a few system tests + * [NO TESTS NEEDED] Use --recurse-modules when building git context + * Bump to v1.20.1-dev + +------------------------------------------------------------------- +Mon Mar 29 21:02:40 UTC 2021 - alexandre.vicenzi@suse.com + +- Update to version 1.20.0: + * Bump to v1.20.0 + * Fix release.sh to generate good releases + * vendor in containers/storage v1.28.1 + * build(deps): bump github.com/containers/common from 0.35.2 to 0.35.3 + * tests: prefetch: use buildah, not podman, for pulls + * Use faster way to check image tag existence during multi-arch build + * Add information about multi-arch images to the Readme + * COPY --chown: expand the conformance test + * pkg/chrootuser: use a bufio.Scanner + * [CI:DOCS] Fix rootful typo in docs + * build(deps): bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2 + * Add documentation and testing for .containerignore + * build(deps): bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1 + * build(deps): bump github.com/hashicorp/go-multierror from 1.1.0 to 1.1.1 + * Lookup Containerfile if user specifies a directory + * Add Tag format placeholder to docs + * copier: ignore sockets + * image: propagate errors from extractRootfs + * Remove system test of 'buildah containers -a' + * Clarify userns options are usable only as root in man pages + * Fix system test of 'containers -a' + * Remove duplicated code in addcopy + * build(deps): bump github.com/onsi/ginkgo from 1.15.0 to 1.15.1 + * build(deps): bump github.com/onsi/gomega from 1.10.5 to 1.11.0 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.1 to 1.7.2 + * Update multi-arch buildah build setup with new logic + * Update nix pin with `make nixpkgs` + * overlay.bats: fix the "overlay source permissions" test + * imagebuildah: use overlay for volumes when using overlay + * Make PolicyMap and PullPolicy names align + * copier: add GetOptions.IgnoreUnreadable + * Check local image to match system context + * fix: Containerfiles - smaller set of userns u/gids + * Set upperdir permissions based on source + * Shrink the vendoring size of pkc/cli + * Clarify image name match failure message + * ADD/COPY: create the destination directory first, chroot to it + * copier.GetOptions: add NoDerefSymLinks + * copier: add an Eval function + * Update system test for 'from --cap-add/drop' + * copier: fix a renaming bug + * copier: return child process stderr if we can't JSON decode the response + * Add some system tests + * build(deps): bump github.com/containers/storage from 1.26.0 to 1.27.0 + * complement add/copy --chmod documentation + * buildah login and logout, do not need to enter user namespace + * Add multi-arch image build + * chmod/chown added/fixed in bash completions + * OWNERS: add @lsm5 + * buildah add/copy --chmod dockerfile implementation + * bump github.com/openshift/imagebuilder from 1.1.8 to 1.2.0 + * buildah add/copy --chmod cli implementation for files and urls + * Make sure we set the buildah version label + * Isolation strings, should match user input + * [CI:DOCS] buildah-from.md: remove dup arch,os + * build(deps): bump github.com/containers/image/v5 from 5.10.2 to 5.10.3 + * Cirrus: Temp. disable prior-fedora (F32) testing + * pr-should-include-tests: recognized "renamed" tests + * build(deps): bump github.com/sirupsen/logrus from 1.7.0 to 1.8.0 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.7.0 to 1.7.1 + * build(deps): bump github.com/containers/common from 0.34.2 to 0.35.0 + * Fix reaping of stages with no instructions + * add stale bot + * Add base image name to comment + * build(deps): bump github.com/spf13/cobra from 1.1.1 to 1.1.3 + * Don't fail copy to emptydir + * buildah: use volatile containers + * vendor: update containers/storage + * Eliminate the use of containers/building import in pkg subdirs + * Add more support for removing config + * Improve messages about --cache-from not being supported + * Revert patch to allow COPY/ADD of empty dirs. + * Don't fail copy to emptydir + * Fix tutorial for rootless mode + * Fix caching layers with build args + * Vendor in containers/image v5.10.2 + * build(deps): bump github.com/containers/common from 0.34.0 to 0.34.2 + * build(deps): bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0 + * 'make validate': require PRs to include tests + * build(deps): bump github.com/onsi/gomega from 1.10.4 to 1.10.5 + * build(deps): bump github.com/containers/storage from 1.24.5 to 1.25.0 + * Use chown function for U volume flag from containers/common repository + * --iidfile: print hash prefix + * bump containernetworking/cni to v0.8.1 - fix for CVE-2021-20206 (bsc#1181961) + * run: fix check for host pid namespace + * Finish plumbing for buildah bud --manifest + * buildah manifest add localimage should work + * Stop testing directory permissions with latest docker + * Fix build arg check + * build(deps): bump github.com/containers/ocicrypt from 1.0.3 to 1.1.0 + * [ci:docs] Fix man page for buildah push + * Update nix pin with `make nixpkgs` + * Bump to containers/image v5.10.1 + * Rebuild layer if a change in ARG is detected + * Bump golang.org/x/crypto to the latest + * Add Ashley and Urvashi to Approvers + * local image lookup by digest + * Use build-arg ENV val from local environment if set + * Pick default OCI Runtime from containers.conf + * Added required devel packages + * Cirrus: Native OSX Build + * Cirrus: Two minor cleanup items + * Workaround for RHEL gating test failure + * build(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0 + * build(deps): bump github.com/mattn/go-shellwords from 1.0.10 to 1.0.11 + * Reset upstream branch to dev version + * If destination does not exists, do not throw error + * Fix version of release to v1.19.1 + * use local image name for pull policy checks + * Vendor in common 0.33.1 + * Fix conformance test false-failures + * Fix config-flags-verification test on F33 + * Fix bud capabilities test + * Cirrus: Support new VM Images in get_ci_vm.sh + * Cirrus: Make tests pass with new VM Images + * Cirrus: Collect cri-o-runc version + * Cirrus: Update VM Images + Rearrange tasks + * Cirrus: Clarify task names / improve readability + * Stop overriding the location of the blob info cache + * build(deps): bump github.com/fsouza/go-dockerclient from 1.6.6 to 1.7.0 + * Update nix pin with `make nixpkgs` + * Bump to v1.20.0-dev + * Bump to v1.19.0 + * Update vendor of containers/storage and containers/common + * Buildah inspect should be able to inspect manifests + * Make buildah push support pushing manifests lists and digests + * Fix handling of TMPDIR environment variable + * Add support for --manifest flags + * Upper directory should match mode of destination directory + * Only grab the OS, Arch if the user actually specified them + * Use --arch and --os and --variant options to select architecture and os + * Cirrus: Track libseccomp and golang version + * copier.PutOptions: add an "IgnoreDevices" flag + * fix: `rmi --prune` when parent image is in store. + * build(deps): bump github.com/containers/storage from 1.24.3 to 1.24.4 + * build(deps): bump github.com/containers/common from 0.31.1 to 0.31.2 + * Allow users to specify stdin into containers + * Drop log message on failure to mount on /sys file systems to info + * Spelling + * SELinux no longer requires a tag. + * build(deps): bump github.com/containers/common from 0.31.0 to 0.31.1 + * Update nix pin with `make nixpkgs` + * Switch references of /var/run -> /run + * Allow FROM to be overriden with from option + * copier: don't assume we can chroot() on Unixy systems + * copier: add PutOptions.NoOverwriteDirNonDir, Get/PutOptions.Rename + * copier: handle replacing directories with not-directories + * copier: Put: skip entries with zero-length names + * build(deps): bump github.com/containers/storage from 1.24.2 to 1.24.3 + * Add U volume flag to chown source volumes + * Turn off PRIOR_UBUNTU Test until vm is updated + * pkg, cli: rootless uses correct isolation + * build(deps): bump github.com/onsi/gomega from 1.10.3 to 1.10.4 + * update installation doc to reflect current status + * Move away from using docker.io + * enable short-name aliasing + * build(deps): bump github.com/containers/storage from 1.24.1 to 1.24.2 + * build(deps): bump github.com/containers/common from 0.30.0 to 0.31.0 + * Throw errors when using bogus --network flags + * pkg/supplemented test: replace our null blobinfocache + * build(deps): bump github.com/containers/common from 0.29.0 to 0.30.0 + * inserts forgotten quotation mark + * Not prefer use local image create/add manifest + * Add container information to .containerenv + * Add --ignorefile flag to use alternate .dockerignore flags + * Add a source debug build + * Fix crash on invalid filter commands + * Switch to using containers/common pkg's + * fix: non-portable shebang #2812 + * Remove copy/paste errors that leaked `Podman` into man pages. + * Add suggests cpp to spec file + * Apply suggestions from code review + * update docs for debian testing and unstable + * imagebuildah: disable pseudo-terminals for RUN + * Compute diffID for mapped-layer at creating image source + * intermediateImageExists: ignore images whose history we can't read + * Bump to v1.19.0-dev + * Bump to v1.18.0 + * build(deps): bump github.com/containers/common from 0.26.3 to 0.27.0 + * Fix testing error caused by simultanious merge + * Vendor in containers/storage v1.24.0 + * short-names aliasing + * Add --policy flag to buildah pull + * Stop overwrapping and stuttering + * copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs + * Run: don't forcibly disable UTS namespaces in rootless mode + * test: ensure non-directory in a Dockerfile path is handled correctly + * Add a few tests for `pull` command + * Fix buildah config --cmd to handle array + * build(deps): bump github.com/containers/storage from 1.23.8 to 1.23.9 + * Fix NPE when Dockerfile path contains non-directory entries + * Update buildah bud man page from podman build man page + * Move declaration of decryption-keys to common cli + * Run: correctly call copier.Mkdir + * util: digging UID/GID out of os.FileInfo should work on Unix + * imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache results + * Verify userns-uid-map and userns-gid-map input + * Use CPP, CC and flags in dep check scripts + * Avoid overriding LDFLAGS in Makefile + * ADD: handle --chown on URLs + * Update nix pin with `make nixpkgs` + * (*Builder).Run: MkdirAll: handle EEXIST error + * copier: try to force loading of nsswitch modules before chroot() + * fix MkdirAll usage + * build(deps): bump github.com/containers/common from 0.26.2 to 0.26.3 + * build(deps): bump github.com/containers/storage from 1.23.7 to 1.23.8 + * Use osusergo build tag for static build + * imagebuildah: cache should take image format into account + * Bump to v1.18.0-dev + * Bump to v1.17.0 + * Handle cases where other tools mount/unmount containers + * overlay.MountReadOnly: support RO overlay mounts + * overlay: use fusermount for rootless umounts + * overlay: fix umount + * Switch default log level of Buildah to Warn. Users need to see these messages + * Drop error messages about OCI/Docker format to Warning level + * build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2 + * tests/testreport: adjust for API break in storage v1.23.6 + * build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6 + * copier: put: ignore Typeflag="g" + * Use curl to get repo file (fix #2714) + * build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0 + * build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1 + * Remove docs that refer to bors, since we're not using it + * Buildah bud should not use stdin by default + * bump containerd, docker, and golang.org/x/sys + * Makefile: cross: remove windows.386 target + * copier.copierHandlerPut: don't check length when there are errors + * Stop excessive wrapping + * CI: require that conformance tests pass + * bump(github.com/openshift/imagebuilder) to v1.1.8 + * Skip tlsVerify insecure BUILD_REGISTRY_SOURCES + * Fix build path wrong https://github.com/containers/podman/issues/7993 + * refactor pullpolicy to avoid deps + * build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0 + * CI: run gating tasks with a lot more memory + * ADD and COPY: descend into excluded directories, sometimes + * copier: add more context to a couple of error messages + * copier: check an error earlier + * copier: log stderr output as debug on success + * Update nix pin with `make nixpkgs` + * Set directory ownership when copied with ID mapping + * Cirrus: Remove bors artifacts + * Sort build flag definitions alphabetically + * ADD: only expand archives at the right time + * Remove configuration for bors + * Shell Completion for podman build flags + * Bump c/common to v0.24.0 + * New CI check: xref --help vs man pages + * CI: re-enable several linters + * Move --userns-uid-map/--userns-gid-map description into buildah man page + * add: preserve ownerships and permissions on ADDed archives + * Makefile: tweak the cross-compile target + * Bump containers/common to v0.23.0 + * chroot: create bind mount targets 0755 instead of 0700 + * Change call to Split() to safer SplitN() + * chroot: fix handling of errno seccomp rules + * build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0 + * Add In Progress section to contributing + * integration tests: make sure tests run in ${topdir}/tests + * Run(): ignore containers.conf's environment configuration + * Warn when setting healthcheck in OCI format + * Cirrus: Skip git-validate on branches + * tools: update git-validation to the latest commit + * tools: update golangci-lint to v1.18.0 + * Add a few tests of push command + * Add(): fix handling of relative paths with no ContextDir + * build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0 + * Lint: Use same linters as podman + * Validate: reference HEAD + * Fix buildah mount to display container names not ids + * Update nix pin with `make nixpkgs` + * Add missing --format option in buildah from man page + * Fix up code based on codespell + * build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7 + * build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5 + * Improve buildah completions + * Cirrus: Fix validate commit epoch + * Fix bash completion of manifest flags + * Uniform some man pages + * Update Buildah Tutorial to address BZ1867426 + * Update bash completion of `manifest add` sub command + * copier.Get(): hard link targets shouldn't be relative paths + * build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2 + * Pass timestamp down to history lines + * Timestamp gets updated everytime you inspect an image + * bud.bats: use absolute paths in newly-added tests + * contrib/cirrus/lib.sh: don't use CN for the hostname + * tests: Add some tests + * Update `manifest add` man page + * Extend flags of `manifest add` + * build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4 + * build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1 + * Bump to v1.17.0-dev + * Bump to v1.16.0 + * CI: expand cross-compile checks + * fix build on 32bit arches + * StageExecutor.intermediateImageExists: recognize cached images based on scratch + * containerImageRef.NewImageSource(): don't always force timestamps + * Add fuse module warning to image readme + * Heed our retry delay option values when retrying commit/pull/push + * Switch to containers/common for seccomp + * Use --timestamp rather then --omit-timestamp + * docs: remove outdated notice + * docs: remove outdated notice + * build-using-dockerfile: add a hidden --log-rusage flag + * build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 + * Discard ReportWriter if user sets options.Quiet + * build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3 + * Fix ownership of content copied using COPY --from + * newTarDigester: zero out timestamps in tar headers + * Update nix pin with `make nixpkgs` + * bud.bats: correct .dockerignore integration tests + * Use pipes for copying + * run: include stdout in error message + * run: use the correct error for errors.Wrapf + * copier: un-export internal types + * copier: add Mkdir() + * in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE + * docs/buildah-commit.md: tweak some wording, add a --rm example + * imagebuildah: don’t blank out destination names when COPYing + * Replace retry functions with common/pkg/retry + * StageExecutor.historyMatches: compare timestamps using .Equal + * Update vendor of containers/common + * Fix errors found in coverity scan + * Change namespace handling flags to better match podman commands + * conformance testing: ignore buildah.BuilderIdentityAnnotation labels + * Vendor in containers/storage v1.23.0 + * Add buildah.IsContainer interface + * Avoid feeding run_buildah to pipe + * fix(buildahimage): add xz dependency in buildah image + * Bump github.com/containers/common from 0.15.2 to 0.18.0 + * Howto for rootless image building from OpenShift + * Add --omit-timestamp flag to buildah bud + * Update nix pin with `make nixpkgs` + * Shutdown storage on failures + * Handle COPY --from when an argument is used + * Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0 + * Cirrus: Use newly built VM images + * Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92 + * Enhance the .dockerignore man pages + * conformance: add a test for COPY from subdirectory + * fix bug manifest inspct + * Add documentation for .dockerignore + * Add BuilderIdentityAnnotation to identify buildah version + * DOC: Add quay.io/containers/buildah image to README.md + * Update buildahimages readme + * fix spelling mistake in "info" command result display + * Don't bind /etc/host and /etc/resolv.conf if network is not present + * blobcache: avoid an unnecessary NewImage() + * Build static binary with `buildGoModule` + * copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit + * tarFilterer: handle multiple archives + * Fix a race we hit during conformance tests + * Rework conformance testing + * Update 02-registries-repositories.md + * test-unit: invoke cmd/buildah tests with --flags + * parse: fix a type mismatch in a test + * Fix compilation of tests/testreport/testreport + * build.sh: log the version of Go that we're using + * test-unit: increase the test timeout to 40/45 minutes + * Add the "copier" package + * Fix & add notes regarding problematic language in codebase + * Add dependency on github.com/stretchr/testify/require + * CompositeDigester: add the ability to filter tar streams + * BATS tests: make more robust + * vendor golang.org/x/text@v0.3.3 + * Switch golang 1.12 to golang 1.13 + * imagebuildah: wait for stages that might not have even started yet + * chroot, run: not fail on bind mounts from /sys + * chroot: do not use setgroups if it is blocked + * Set engine env from containers.conf + * imagebuildah: return the right stage's image as the "final" image + * Fix a help string + * Deduplicate environment variables + * switch containers/libpod to containers/podman + * Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3 + * Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0 + * Mask out /sys/dev to prevent information leak + * linux: skip errors from the runtime kill + * Mask over the /sys/fs/selinux in mask branch + * Add VFS additional image store to container + * tests: add auth tests + * Allow "readonly" as alias to "ro" in mount options + * Ignore OS X specific consistency mount option + * Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0 + * Bump github.com/containers/common from 0.14.0 to 0.15.2 + * Rootless Buildah should default to IsolationOCIRootless + * imagebuildah: fix inheriting multi-stage builds + * Make imagebuildah.BuildOptions.Architecture/OS optional + * Make imagebuildah.BuildOptions.Jobs optional + * Resolve a possible race in imagebuildah.Executor.startStage() + * Switch scripts to use containers.conf + * Bump openshift/imagebuilder to v1.1.6 + * Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5 + * buildah, bud: support --jobs=N for parallel execution + * executor: refactor build code inside new function + * Add bud regression tests + * Cirrus: Fix missing htpasswd in registry img + * docs: clarify the 'triples' format + * CHANGELOG.md: Fix markdown formatting + * Add nix derivation for static builds + * Bump to v1.16.0-dev + * Bump to v1.15.0 + * vendor github.com/containers/image/v5@v5.5.1 + * add version centos7 for compatible + * vendor github.com/containers/common v0.14.0 + * Bump ImageBuilder to v1.1.5 + * Bump github.com/containers/common from 0.12.0 to 0.13.1 + * Bump github.com/containers/storage from 1.20.1 to 1.20.2 + * Bump github.com/seccomp/containers-golang from 0.4.1 to 0.5.0 + * Bump github.com/stretchr/testify from 1.6.0 to 1.6.1 + * Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 + * Add CVE-2020-10696 to CHANGELOG.md and changelog.txt (bsc#1167864) + * Bump github.com/stretchr/testify from 1.5.1 to 1.6.0 + * Bump github.com/onsi/ginkgo from 1.12.2 to 1.12.3 + * Vendor in containers/common v0.12.0 + * fix lighttpd example + * Vendor in new go.etcd.io/bbolt + * Bump github.com/onsi/ginkgo from 1.12.1 to 1.12.2 + * Bump imagebuilder for ARG fix + * Bump github.com/containers/common from 0.11.2 to 0.11.4 + * remove dependency on openshift struct + * Warn on unset build arguments + * vendor: update seccomp/containers-golang to v0.4.1 + * Ammended docs + * Updated docs + * clean up comments + * update exit code for tests + * Implement commit for encryption + * implementation of encrypt/decrypt push/pull/bud/from + * fix resolve docker image name as transport + * Bump github.com/opencontainers/go-digest from 1.0.0-rc1 to 1.0.0 + * Bump github.com/onsi/ginkgo from 1.12.0 to 1.12.1 + * Bump github.com/containers/storage from 1.19.1 to 1.19.2 + * Bump github.com/containers/image/v5 from 5.4.3 to 5.4.4 + * Add preliminary profiling support to the CLI + * Bump github.com/containers/common from 0.10.0 to 0.11.2 + * Evaluate symlinks in build context directory + * fix error info about get signatures for containerImageSource + * Add Security Policy + * Cirrus: Fixes from review feedback + * Bump github.com/containers/storage from 1.19.0 to 1.19.1 + * Bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 + * imagebuildah: stages shouldn't count as their base images + * Update containers/common v0.10.0 + * Bump github.com/fsouza/go-dockerclient from 1.6.4 to 1.6.5 + * Add registry to buildahimage Dockerfiles + * Cirrus: Use pre-installed VM packages + F32 + * Cirrus: Re-enable all distro versions + * Cirrus: Update to F31 + Use cache images + * golangci-lint: Disable gosimple + * Lower number of golangci-lint threads + * Fix permissions on containers.conf + * Don't force tests to use runc + * Bump github.com/containers/common from 0.9.1 to 0.9.5 + * Return exit code from failed containers + * Bump github.com/containers/storage from 1.18.2 to 1.19.0 + * Bump github.com/containers/common from 0.9.0 to 0.9.1 + * cgroup_manager should be under [engine] + * Use c/common/pkg/auth in login/logout + * Cirrus: Temporarily disable Ubuntu 19 testing + * Add containers.conf to stablebyhand build + * Update gitignore to exclude test Dockerfiles + * Bump github.com/fsouza/go-dockerclient from 1.6.3 to 1.6.4 + * Bump github.com/containers/common from 0.8.1 to 0.9.0 + * Bump back to v1.15.0-dev + * Bump to v1.14.8 + * Remove warning for systemd inside of container + * Run (make vendor) + * Run (make -C tests/tools vendor) + * Run (go mod tidy) before (go mod vendor) again + * Fix (make vendor) + * Bump validation + * Bump back to v1.15.0-dev + * Bump to v1.14.7 + * Bump github.com/containers/image/v5 from 5.3.1 to 5.4.3 + * make vendor: run `tidy` after `vendor` + * Do not skip the directory when the ignore pattern matches + * Bump github.com/containers/common from 0.7.0 to 0.8.1 + * Downgrade siruspen/logrus from 1.4.2 + * Fix errorf conventions + * dockerignore tests : remove symlinks, rework + * Bump back to v1.15.0-dev + * Bump to v1.14.6 + * bud.bats - cleanup, refactoring + * vendor in latest containers/storage 1.18.0 and containers/common v0.7.0 + * Bump github.com/spf13/cobra from 0.0.6 to 0.0.7 + * Bump github.com/containers/storage from 1.16.5 to 1.17.0 + * Bump github.com/containers/image/v5 from 5.2.1 to 5.3.1 + * Fix Amazon install step + * Bump back to v1.15.0-dev + * Bump to v1.14.5 + * Fix bud-build-arg-cache test + * Make image history work correctly with new args handling + * Don't add args to the RUN environment from the Builder + * Update github.com/openshift/imagebuilder to v1.1.4 + * revert #2246 FIPS mode change + * Add .swp files to .gitignore + * Bump back to v1.15.0-dev + * Bump to v1.14.4 + * image with dup layers: we now have one on quay + * Fix fips-mode check for RHEL8 boxes + * digest test : make more robust + * Fix potential CVE in tarfile w/ symlink + * Fix .dockerignore with globs and ! commands + * update install steps for Amazon Linux 2 + * Bump github.com/openshift/imagebuilder from 1.1.2 to 1.1.3 + * Add comment for RUN command in volume ownership test + * Run stat command directly for volume ownership test + * vendor in containers/common v0.6.1 + * Cleanup go.sum + * Bump back to v1.15.0-dev + * Bump to v1.14.3 + * Update containers/storage to v1.16.5 + * Bump github.com/containers/storage from 1.16.2 to 1.16.4 + * Bump github.com/openshift/imagebuilder from 1.1.1 to 1.1.2 + * Update github.com/openshift/imagebuilder vendoring + * Update unshare man page to fix script example + * Fix compilation errors on non linux platforms + * Bump containers/common and opencontainers/selinux versions + * Add tests for volume ownership + * Preserve volume uid and gid through subsequent commands + * Fix FORWARD_NULL errors found by Coverity + * Bump github.com/containers/storage from 1.16.1 to 1.16.2 + * Fix errors found by codespell + * Bump back to v1.15.0-dev + * Bump to v1.14.2 + * Add Pull Request Template + * Bump to containers/storage v1.16.1 + * run_linux: fix tight loop if file is not pollable + * Bump github.com/opencontainers/selinux from 1.3.2 to 1.3.3 + * Bump github.com/containers/common from 0.4.1 to 0.4.2 + * Bump back to v1.15.0-dev + * Bump to v1.14.1 + * Search for local runtime per values in containers.conf + * Set correct ownership on working directory + * BATS : in teardown, umount stale mounts + * Add Containerfile to build a versioned stable image on quay.io + * Bump github.com/spf13/cobra from 0.0.5 to 0.0.6 + * Bump github.com/fsouza/go-dockerclient from 1.6.1 to 1.6.3 + * Bump github.com/stretchr/testify from 1.4.0 to 1.5.1 + * Replace unix with syscall to allow vendoring into libpod + * Update to containers/common v0.4.1 + * Improve remote manifest retrieval + * Fix minor spelling errors in containertools README + * Clear the right variable in buildahimage + * Correct a couple of incorrect format specifiers + * Update to containers/common v0.3.0 + * manifest push --format: force an image type, not a list type + * run: adjust the order in which elements are added to $PATH + * getDateAndDigestAndSize(): handle creation time not being set + * Bump github.com/containers/common from 0.2.0 to 0.2.1 + * include installation steps for CentOS 8 and Stream + * include installation steps for CentOS7 and forks + * Adjust Ubuntu install info to also work on Pop!_OS + * Make the commit id clear like Docker + * Show error on copied file above context directory in build + * Bump github.com/containers/image/v5 from 5.2.0 to 5.2.1 + * pull/from/commit/push: retry on most failures + * Makefile: fix install.cni.sudo + * Repair buildah so it can use containers.conf on the server side + * Bump github.com/mattn/go-shellwords from 1.0.9 to 1.0.10 + * Bump github.com/fsouza/go-dockerclient from 1.6.0 to 1.6.1 + * Fixing formatting & build instructions + * Add Code of Conduct + * Bors: Fix no. req. github reviews + * Cirrus+Bors: Simplify temp branch skipping + * Bors-ng: Add documentation and status-icon + * Bump github.com/onsi/ginkgo from 1.11.0 to 1.12.0 + * fix XDG_RUNTIME_DIR for authfile + * Bump to v1.15.0-dev + * Bump to v1.14.0 + * Cirrus: Disable F29 testing + * Cirrus: Add jq package + * Cirrus: Fix lint + validation using wrong epoch + * Stop using fedorproject registry + * Bors: Workaround ineffective required statuses + * Bors: Enable app + Disable Travis + * Cirrus: Add standardized log-collection + * Cirrus: Improve automated lint + validation + * Allow passing options to golangci-lint + * Cirrus: Fixes from review feedback + * Cirrus: Temporarily ignore VM testing failures + * Cirrus: Migrate off papr + implement VM testing + * Cirrus: Update packages + fixes for get_ci_vm.sh + * Show validation command-line + * Skip overlay test w/ vfs driver + * use alpine, not centos, for various tests + * manifest add: always read the individual image manifest + * Flake handling: cache and prefetch images + * Close tarSource when finished using it + * bump github.com/mtrmac/gpgme + * Update containers/common to v0.1.4 + * manifest push: add --format option + * Bump github.com/onsi/gomega from 1.8.1 to 1.9.0 + * vendor github.com/containers/image/v5@v5.2.0 + * info test: deal with random key order + * Bump back to v1.14.0-dev + * Bump to v1.13.2 + * selinux spc test: fix CI breakage + * sign test: fix gpg failure on Rawhide + * Adjust copy destination for linked tar files in ADD + * sign.bats: set GPG_TTY=/dev/null + * Fix parse_unsupported.go + * getDateAndDigestAndSize(): use manifest.Digest + * Bump github.com/opencontainers/selinux from 1.3.0 to 1.3.1 + * Bump github.com/containers/common from 0.1.0 to 0.1.2 + * Touch up os/arch doc + * chroot: handle slightly broken seccomp defaults + * buildahimage: specify fuse-overlayfs mount options + * Bump github.com/mattn/go-shellwords from 1.0.7 to 1.0.9 + * copy.bats: make sure we detect failures due to missing source + * parse: don't complain about not being able to rename something to itself + * Makefile: use a $(GO_TEST) macro, fix a typo + * manifests: unit test fix + * Fix build for 32bit platforms + * Allow users to set OS and architecture on bud + * Fix COPY in containerfile with envvar + * Bump c/storage to v1.15.7 + * add --sign-by to bud/commit/push, --remove-signatures for pull/push + * Remove cut/paste error in CHANGELOG.md + * Update vendor of containers/common to v0.1.0 + * update install instructions for Debian, Raspbian and Ubuntu + * Add support for containers.conf + * Bump back to v1.14.0-dev + * Bump to v1.13.1 + * Bump github.com/containers/common from 0.0.5 to 0.0.7 + * Bump github.com/onsi/ginkgo from 1.10.3 to 1.11.0 + * Bump github.com/pkg/errors from 0.8.1 to 0.9.0 + * Bump github.com/onsi/gomega from 1.7.1 to 1.8.1 + * Add codespell support + * copyFileWithTar: close source files at the right time + * copy: don't digest files that we ignore + * Check for .dockerignore specifically + * Travis: rm go 1.12.x + * Don't setup excludes, if their is only one pattern to match + * set HOME env to /root on chroot-isolation by default + * docs: fix references to containers-*.5 + * update openshift/api + * fix bug Add check .dockerignore COPY file + * buildah bud --volume: run from tmpdir, not source dir + * Fix imageNamePrefix to give consistent names in buildah-from + * cpp: use -traditional and -undef flags + * Fix image reference in tutorial 4 + * discard outputs coming from onbuild command on buildah-from --quiet + * make --format columnizing consistent with buildah images + * Bump to v1.14.0-dev + * Bump to v1.13.0 + * Bump to c/storage v1.15.5 + * Update container/storage to v1.15.4 + * Fix option handling for volumes in build + * Rework overlay pkg for use with libpod + * Fix buildahimage builds for buildah + * Add support for FIPS-Mode backends + * Set the TMPDIR for pulling/pushing image to $TMPDIR + * WIP: safer test for pull --all-tags + * BATS major cleanup: blobcache.bats: refactor + * BATS major cleanup: part 4: manual stuff + * BATS major cleanup, step 3: yet more run_buildah + * BATS major cleanup, part 2: use more run_buildah + * BATS major cleanup, part 1: log-level + * Bump github.com/containers/image/v5 from 5.0.0 to 5.1.0 + * Bump github.com/containers/common from 0.0.3 to 0.0.5 + * Bump to v1.13.0-dev + +------------------------------------------------------------------- +Sat Feb 20 10:16:36 UTC 2021 - info@paolostivanin.com + +- Update to version 1.19.6: + * Bump c/containers/storage v1.24.6 + * Don't fail copy to emptydir + * Workaround for RHEL gating test failure + * Fix config-flags-verification test on F33 + * Fix bud capabilities test + * Stop overriding the location of the blob info cache + * Fix caching layers with build args + * Vendor in latest containers/image and common + +------------------------------------------------------------------- +Fri Feb 12 08:54:54 UTC 2021 - Paolo Stivanin + +- Update to version 1.19.4: + * run: fix check for host pid namespace + * bump containernetworking/cni library to v0.8.1 - fix for CVE-2021-20206 (bsc#1181961) + * Finish plumbing for buildah bud --manifest + * buildah manifest add localimage should work + * Fix build arg check + * [ci:docs] Fix man page for buildah push + * Vendor in containers/image v5.10.1 + * Rebuild layer if a change in ARG is detected + * Bump golang.org/x/crypto to latest rel-1.19 + * local image lookup by digest + * Use build-arg ENV val from local environment if set + * Pick default OCI Runtime from containers.conf + +------------------------------------------------------------------- +Fri Jan 22 23:28:28 UTC 2021 - dmueller@suse.com + +- Update to version 1.19.2: + * Update vendor of containers/storage and containers/common + * Buildah inspect should be able to inspect manifests + * Make buildah push support pushing manifests lists and digests + * Fix handling of TMPDIR environment variable + * Add support for --manifest flags + * Upper directory should match mode of destination directory + * Only grab the OS, Arch if the user actually specified them + * Use --arch and --os and --variant options to select architecture and os + * Cirrus: Track libseccomp and golang version + * copier.PutOptions: add an "IgnoreDevices" flag + * fix: `rmi --prune` when parent image is in store. + * build(deps): bump github.com/containers/storage from 1.24.3 to 1.24.4 + * build(deps): bump github.com/containers/common from 0.31.1 to 0.31.2 + * Allow users to specify stdin into containers + * Drop log message on failure to mount on /sys file systems to info + * Spelling + * SELinux no longer requires a tag. + * build(deps): bump github.com/opencontainers/selinux from 1.6.0 to 1.8.0 + * build(deps): bump github.com/containers/common from 0.31.0 to 0.31.1 + * Update nix pin with `make nixpkgs` + * Switch references of /var/run -> /run + * Allow FROM to be overriden with from option + * copier: don't assume we can chroot() on Unixy systems + * copier: add PutOptions.NoOverwriteDirNonDir, Get/PutOptions.Rename + * copier: handle replacing directories with not-directories + * copier: Put: skip entries with zero-length names + * build(deps): bump github.com/containers/storage from 1.24.2 to 1.24.3 + * Add U volume flag to chown source volumes + * Turn off PRIOR_UBUNTU Test until vm is updated + * pkg, cli: rootless uses correct isolation + * build(deps): bump github.com/onsi/gomega from 1.10.3 to 1.10.4 + * update installation doc to reflect current status + * Move away from using docker.io + * enable short-name aliasing + * build(deps): bump github.com/containers/storage from 1.24.1 to 1.24.2 + * build(deps): bump github.com/containers/common from 0.30.0 to 0.31.0 + * Throw errors when using bogus --network flags + * pkg/supplemented test: replace our null blobinfocache + * build(deps): bump github.com/containers/common from 0.29.0 to 0.30.0 + * inserts forgotten quotation mark + * Not prefer use local image create/add manifest + * Add container information to .containerenv + * Add --ignorefile flag to use alternate .dockerignore flags + * Add a source debug build + * Fix crash on invalid filter commands + * build(deps): bump github.com/containers/common from 0.27.0 to 0.29.0 + * Switch to using containers/common pkg's + * fix: non-portable shebang #2812 + * Remove copy/paste errors that leaked `Podman` into man pages. + * Add suggests cpp to spec file + * Apply suggestions from code review + * update docs for debian testing and unstable + * imagebuildah: disable pseudo-terminals for RUN + * Compute diffID for mapped-layer at creating image source + * intermediateImageExists: ignore images whose history we can't read + * Bump to v1.19.0-dev + * build(deps): bump github.com/containers/common from 0.26.3 to 0.27.0 + * Fix testing error caused by simultanious merge + * Vendor in containers/storage v1.24.0 + * short-names aliasing + * Add --policy flag to buildah pull + * Stop overwrapping and stuttering + * copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs + * Run: don't forcibly disable UTS namespaces in rootless mode + * test: ensure non-directory in a Dockerfile path is handled correctly + * Add a few tests for `pull` command + * Fix buildah config --cmd to handle array + * build(deps): bump github.com/containers/storage from 1.23.8 to 1.23.9 + * Fix NPE when Dockerfile path contains non-directory entries + * Update buildah bud man page from podman build man page + * Move declaration of decryption-keys to common cli + * Run: correctly call copier.Mkdir + * util: digging UID/GID out of os.FileInfo should work on Unix + * imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache results + * Verify userns-uid-map and userns-gid-map input + * Use CPP, CC and flags in dep check scripts + * Avoid overriding LDFLAGS in Makefile + * ADD: handle --chown on URLs + * Update nix pin with `make nixpkgs` + * (*Builder).Run: MkdirAll: handle EEXIST error + * copier: try to force loading of nsswitch modules before chroot() + * fix MkdirAll usage + * build(deps): bump github.com/containers/common from 0.26.2 to 0.26.3 + * build(deps): bump github.com/containers/storage from 1.23.7 to 1.23.8 + * Use osusergo build tag for static build + * imagebuildah: cache should take image format into account + * Bump to v1.18.0-dev + +------------------------------------------------------------------- +Fri Jan 08 11:52:40 UTC 2021 - rbrown@suse.com + +- Update to version 1.17.1: + * tag v1.17.1 + * copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs + * copier: try to force loading of nsswitch modules before chroot() + * ADD: handle --chown on URLs + * imagebuildah: cache should take image format into account + * Update CI configuration for the release-1.17 branch + +------------------------------------------------------------------- +Mon Nov 30 13:24:14 UTC 2020 - Christian Goll + +- added cni to requires as its needed for buildah to run + (bsc#1187812) + +------------------------------------------------------------------- +Tue Nov 3 14:44:18 UTC 2020 - Ralf Haferkamp + +- Update to v1.17.0 (bsc#1165184) + * Handle cases where other tools mount/unmount containers + * overlay.MountReadOnly: support RO overlay mounts + * overlay: use fusermount for rootless umounts + * overlay: fix umount + * Switch default log level of Buildah to Warn. Users need to see these messages + * Drop error messages about OCI/Docker format to Warning level + * build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2 + * tests/testreport: adjust for API break in storage v1.23.6 + * build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7 + * build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6 + * copier: put: ignore Typeflag="g" + * Use curl to get repo file (fix #2714) + * build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0 + * build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1 + * Remove docs that refer to bors, since we're not using it + * Buildah bud should not use stdin by default + * bump containerd, docker, and golang.org/x/sys + * Makefile: cross: remove windows.386 target + * copier.copierHandlerPut: don't check length when there are errors + * Stop excessive wrapping + * CI: require that conformance tests pass + * bump(github.com/openshift/imagebuilder) to v1.1.8 + * Skip tlsVerify insecure BUILD_REGISTRY_SOURCES + * Fix build path wrong containers/podman#7993 + * refactor pullpolicy to avoid deps + * build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0 + * CI: run gating tasks with a lot more memory + * ADD and COPY: descend into excluded directories, sometimes + * copier: add more context to a couple of error messages + * copier: check an error earlier + * copier: log stderr output as debug on success + * Update nix pin with make nixpkgs + * Set directory ownership when copied with ID mapping + * build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 + * build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0 + * Cirrus: Remove bors artifacts + * Sort build flag definitions alphabetically + * ADD: only expand archives at the right time + * Remove configuration for bors + * Shell Completion for podman build flags + * Bump c/common to v0.24.0 + * New CI check: xref --help vs man pages + * CI: re-enable several linters + * Move --userns-uid-map/--userns-gid-map description into buildah man page + * add: preserve ownerships and permissions on ADDed archives + * Makefile: tweak the cross-compile target + * Bump containers/common to v0.23.0 + * chroot: create bind mount targets 0755 instead of 0700 + * Change call to Split() to safer SplitN() + * chroot: fix handling of errno seccomp rules + * build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0 + * Add In Progress section to contributing + * integration tests: make sure tests run in ${topdir}/tests + * Run(): ignore containers.conf's environment configuration + * Warn when setting healthcheck in OCI format + * Cirrus: Skip git-validate on branches + * tools: update git-validation to the latest commit + * tools: update golangci-lint to v1.18.0 + * Add a few tests of push command + * Add(): fix handling of relative paths with no ContextDir + * build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0 + * Lint: Use same linters as podman + * Validate: reference HEAD + * Fix buildah mount to display container names not ids + * Update nix pin with make nixpkgs + * Add missing --format option in buildah from man page + * Fix up code based on codespell + * build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7 + * build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5 + * Improve buildah completions + * Cirrus: Fix validate commit epoch + * Fix bash completion of manifest flags + * Uniform some man pages + * Update Buildah Tutorial to address BZ1867426 + * Update bash completion of manifest add sub command + * copier.Get(): hard link targets shouldn't be relative paths + * build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2 + * Pass timestamp down to history lines + * Timestamp gets updated everytime you inspect an image + * bud.bats: use absolute paths in newly-added tests + * contrib/cirrus/lib.sh: don't use CN for the hostname + * tests: Add some tests + * Update manifest add man page + * Extend flags of manifest add + * build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4 + * build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1 + * Bump to v1.17.0-dev + * CI: expand cross-compile checks +- SLE: Remove unneeded patch: CVE-2019-10214.patch + +------------------------------------------------------------------- +Wed Sep 30 09:01:59 UTC 2020 - Flavio Castelli + +- Update to v1.16.2 + * fix build on 32bit arches + * containerImageRef.NewImageSource(): don't always force timestamps + * Add fuse module warning to image readme + * Heed our retry delay option values when retrying commit/pull/push + * Switch to containers/common for seccomp + * Use --timestamp rather then --omit-timestamp + * docs: remove outdated notice + * docs: remove outdated notice + * build-using-dockerfile: add a hidden --log-rusage flag + * build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 + * Discard ReportWriter if user sets options.Quiet + * build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3 + * Fix ownership of content copied using COPY --from + * newTarDigester: zero out timestamps in tar headers + * Update nix pin with `make nixpkgs` + * bud.bats: correct .dockerignore integration tests + * Use pipes for copying + * run: include stdout in error message + * run: use the correct error for errors.Wrapf + * copier: un-export internal types + * copier: add Mkdir() + * in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE + * docs/buildah-commit.md: tweak some wording, add a --rm example + * imagebuildah: don’t blank out destination names when COPYing + * Replace retry functions with common/pkg/retry + * StageExecutor.historyMatches: compare timestamps using .Equal + * Update vendor of containers/common + * Fix errors found in coverity scan + * Change namespace handling flags to better match podman commands + * conformance testing: ignore buildah.BuilderIdentityAnnotation labels + * Vendor in containers/storage v1.23.0 + * Add buildah.IsContainer interface + * Avoid feeding run_buildah to pipe + * fix(buildahimage): add xz dependency in buildah image + * Bump github.com/containers/common from 0.15.2 to 0.18.0 + * Howto for rootless image building from OpenShift + * Add --omit-timestamp flag to buildah bud + * Update nix pin with `make nixpkgs` + * Shutdown storage on failures + * Handle COPY --from when an argument is used + * Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0 + * Cirrus: Use newly built VM images + * Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92 + * Enhance the .dockerignore man pages + * conformance: add a test for COPY from subdirectory + * fix bug manifest inspct + * Add documentation for .dockerignore + * Add BuilderIdentityAnnotation to identify buildah version + * DOC: Add quay.io/containers/buildah image to README.md + * Update buildahimages readme + * fix spelling mistake in "info" command result display + * Don't bind /etc/host and /etc/resolv.conf if network is not present + * blobcache: avoid an unnecessary NewImage() + * Build static binary with `buildGoModule` + * copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit + * tarFilterer: handle multiple archives + * Fix a race we hit during conformance tests + * Rework conformance testing + * Update 02-registries-repositories.md + * test-unit: invoke cmd/buildah tests with --flags + * parse: fix a type mismatch in a test + * Fix compilation of tests/testreport/testreport + * build.sh: log the version of Go that we're using + * test-unit: increase the test timeout to 40/45 minutes + * Add the "copier" package + * Fix & add notes regarding problematic language in codebase + * Add dependency on github.com/stretchr/testify/require + * CompositeDigester: add the ability to filter tar streams + * BATS tests: make more robust + * vendor golang.org/x/text@v0.3.3 + * Switch golang 1.12 to golang 1.13 + * imagebuildah: wait for stages that might not have even started yet + * chroot, run: not fail on bind mounts from /sys + * chroot: do not use setgroups if it is blocked + * Set engine env from containers.conf + * imagebuildah: return the right stage's image as the "final" image + * Fix a help string + * Deduplicate environment variables + * switch containers/libpod to containers/podman + * Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3 + * Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0 + * Mask out /sys/dev to prevent information leak + * linux: skip errors from the runtime kill + * Mask over the /sys/fs/selinux in mask branch + * Add VFS additional image store to container + * tests: add auth tests + * Allow "readonly" as alias to "ro" in mount options + * Ignore OS X specific consistency mount option + * Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0 + * Bump github.com/containers/common from 0.14.0 to 0.15.2 + * Rootless Buildah should default to IsolationOCIRootless + * imagebuildah: fix inheriting multi-stage builds + * Make imagebuildah.BuildOptions.Architecture/OS optional + * Make imagebuildah.BuildOptions.Jobs optional + * Resolve a possible race in imagebuildah.Executor.startStage() + * Switch scripts to use containers.conf + * Bump openshift/imagebuilder to v1.1.6 + * Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5 + * buildah, bud: support --jobs=N for parallel execution + * executor: refactor build code inside new function + * Add bud regression tests + * Cirrus: Fix missing htpasswd in registry img + * docs: clarify the 'triples' format + * CHANGELOG.md: Fix markdown formatting + * Add nix derivation for static builds + * Bump to v1.16.0-dev + +------------------------------------------------------------------- +Mon Aug 3 06:39:53 UTC 2020 - Sascha Grunert + +- Update to v1.15.1 + * Mask over the /sys/fs/selinux in mask branch + * chroot: do not use setgroups if it is blocked + * chroot, run: not fail on bind mounts from /sys + * Allow "readonly" as alias to "ro" in mount options + * Add VFS additional image store to container + * vendor golang.org/x/text@v0.3.3 + * Make imagebuildah.BuildOptions.Architecture/OS optional + +------------------------------------------------------------------- +Wed Jun 24 13:24:58 UTC 2020 - Ralf Haferkamp + +- Update to v1.15.0 + * Add CVE-2020-10696 to CHANGELOG.md and changelog.txt (bsc#1167864) + * fix lighttpd example + * remove dependency on openshift struct + * Warn on unset build arguments + * vendor: update seccomp/containers-golang to v0.4.1 + * Updated docs + * clean up comments + * update exit code for tests + * Implement commit for encryption + * implementation of encrypt/decrypt push/pull/bud/from + * fix resolve docker image name as transport + * Add preliminary profiling support to the CLI + * Evaluate symlinks in build context directory + * fix error info about get signatures for containerImageSource + * Add Security Policy + * Cirrus: Fixes from review feedback + * imagebuildah: stages shouldn't count as their base images + * Update containers/common v0.10.0 + * Add registry to buildahimage Dockerfiles + * Cirrus: Use pre-installed VM packages + F32 + * Cirrus: Re-enable all distro versions + * Cirrus: Update to F31 + Use cache images + * golangci-lint: Disable gosimple + * Lower number of golangci-lint threads + * Fix permissions on containers.conf + * Don't force tests to use runc + * Return exit code from failed containers + * cgroup_manager should be under [engine] + * Use c/common/pkg/auth in login/logout + * Cirrus: Temporarily disable Ubuntu 19 testing + * Add containers.conf to stablebyhand build + * Update gitignore to exclude test Dockerfiles + * Remove warning for systemd inside of container + +------------------------------------------------------------------- +Mon Apr 6 06:39:00 UTC 2020 - Sascha Grunert + +- Update to v1.14.6 + * Make image history work correctly with new args handling + * Don't add args to the RUN environment from the Builder + +------------------------------------------------------------------- +Mon Mar 30 06:48:28 UTC 2020 - Sascha Grunert + +- Update to v1.14.5 + * Revert FIPS mode change + +------------------------------------------------------------------- +Fri Mar 27 07:46:03 UTC 2020 - Sascha Grunert + +- Update to v1.14.4 + * Update unshare man page to fix script example + * Fix compilation errors on non linux platforms + * Preserve volume uid and gid through subsequent commands + * Fix potential CVE in tarfile w/ symlink (CVE-2020-10696 / bsc#1167864) + * Fix .dockerignore with globs and ! commands + +------------------------------------------------------------------- +Wed Mar 4 13:43:36 UTC 2020 - Sascha Grunert + +- Update to v1.14.2 + * Search for local runtime per values in containers.conf + * Set correct ownership on working directory + * Improve remote manifest retrieval + * Correct a couple of incorrect format specifiers + * manifest push --format: force an image type, not a list type + * run: adjust the order in which elements are added to $ + * getDateAndDigestAndSize(): handle creation time not being set + * Make the commit id clear like Docker + * Show error on copied file above context directory in build + * pull/from/commit/push: retry on most failures + * Repair buildah so it can use containers.conf on the server side + * Fixing formatting & build instructions + * Fix XDG_RUNTIME_DIR for authfile + * Show validation command-line + +------------------------------------------------------------------- +Thu Feb 13 08:22:30 UTC 2020 - Sascha Grunert + +- Update to v1.14.0 + * getDateAndDigestAndSize(): use manifest.Digest + * Touch up os/arch doc + * chroot: handle slightly broken seccomp defaults + * buildahimage: specify fuse-overlayfs mount options + * parse: don't complain about not being able to rename something + to itself + * Fix build for 32bit platforms + * Allow users to set OS and architecture on bud + * Fix COPY in containerfile with envvar + * Add --sign-by to bud/commit/push, --remove-signatures for + pull/push + * Add support for containers.conf + * manifest push: add --format option + +------------------------------------------------------------------- +Wed Jan 15 07:44:30 UTC 2020 - Sascha Grunert + +- Update to v1.13.1 + * copyFileWithTar: close source files at the right time + * copy: don't digest files that we ignore + * Check for .dockerignore specifically + * Don't setup excludes, if their is only one pattern to match + * set HOME env to /root on chroot-isolation by default + * docs: fix references to containers-*.5 + * fix bug Add check .dockerignore COPY file + * buildah bud --volume: run from tmpdir, not source dir + * Fix imageNamePrefix to give consistent names in buildah-from + * cpp: use -traditional and -undef flags + * discard outputs coming from onbuild command on buildah-from --quiet + * make --format columnizing consistent with buildah images + * Fix option handling for volumes in build + * Rework overlay pkg for use with libpod + * Fix buildahimage builds for buildah + * Add support for FIPS-Mode backends + * Set the TMPDIR for pulling/pushing image to $TMPDIR + +------------------------------------------------------------------- +Mon Dec 16 08:54:54 UTC 2019 - Sascha Grunert + +- Update to v1.12.0 + * Allow ADD to use http src + * imgtype: reset storage opts if driver overridden + * Start using containers/common + * overlay.bats typo: fuse-overlays should be fuse-overlayfs + * chroot: Unmount with MNT_DETACH instead of UnmountMountpoints() + * bind: don't complain about missing mountpoints + * imgtype: check earlier for expected manifest type + * Add history names support + +------------------------------------------------------------------- +Thu Dec 5 08:11:11 UTC 2019 - Sascha Grunert + +- Update to v1.11.6 + * Handle missing equal sign in --from and --chown flags + for COPY/ADD + * bud COPY does not download URL + * Fix .dockerignore exclude regression + * commit(docker): always set ContainerID and ContainerConfig + * Touch up commit man page image parameter + * Add builder identity annotations. + +------------------------------------------------------------------- +Tue Nov 12 14:57:37 UTC 2019 - Sascha Grunert + +- Update to v1.11.5 + * buildah: add "manifest" command + * pkg/supplemented: add a package for grouping images together + * pkg/manifests: add a manifest list build/manipulation API + * Update for ErrUnauthorizedForCredentials API change in containers/image + * Update for manifest-lists API changes in containers/image + * version: also note the version of containers/image + * Move to containers/image v5.0.0 + * Enable --device directory as src device + * Add clarification to the Tutorial for new users + * Silence "using cache" to ensure -q is fully quiet + * Move runtime flag to bud from common + * Commit: check for storage.ErrImageUnknown using errors.Cause() + * Fix crash when invalid COPY --from flag is specified. + +------------------------------------------------------------------- +Tue Oct 29 09:08:07 UTC 2019 - Sascha Grunert + +- Update to v1.11.4 + * buildah: add a "manifest" command + * pkg/manifests: add a manifest list build/manipulation API + * Update for ErrUnauthorizedForCredentials API change in containers/image + * Update for manifest-lists API changes in containers/image + * Move to containers/image v5.0.0 + * Enable --device directory as src device + * Add clarification to the Tutorial for new users + * Silence "using cache" to ensure -q is fully quiet + * Move runtime flag to bud from common + * Commit: check for storage.ErrImageUnknown using errors.Cause() + * Fix crash when invalid COPY --from flag is specified. + +------------------------------------------------------------------- +Mon Oct 7 06:54:05 UTC 2019 - Sascha Grunert + +- Update to v1.11.3 + * Add cgroups2 + * Add support for retrieving context from stdin "-" + * Added tutorial on how to include Buildah as library + * Fix --build-args handling + * Print build 'STEP' line to stdout, not stderr + * Use Containerfile by default + +------------------------------------------------------------------- +Mon Sep 23 15:32:41 UTC 2019 - Richard Brown + +- Update to v1.11.2 + * Add some cleanup code + * Move devices code to unit specific directory. + +------------------------------------------------------------------- +Fri Sep 13 07:07:28 UTC 2019 - Sascha Grunert + +- Update to v1.11.1 + * Add --devices flag to bud and from + * Add support for /run/.containerenv + * Allow mounts.conf entries for equal source and destination paths + * Fix label and annotation for 1-line Dockerfiles + * Preserve file and directory mount permissions + * Replace --debug=false with --log-level=error + * Set TMPDIR to /var/tmp by default + * Truncate output of too long image names + * Ignore EmptyLayer if Squash is set + +------------------------------------------------------------------- +Thu Sep 5 15:02:56 UTC 2019 - Sascha Grunert + +- Update to v1.11.0 + * Add --digestfile and Re-add push statement as debug + * Add --log-level command line option and deprecate --debug + * Add security-related volume options to validator + * Allow buildah bud to be called without arguments + * Allow to override build date with SOURCE_DATE_EPOCH + * Correctly detect ExitError values from Run() + * Disable empty logrus timestamps to reduce logger noise + * Fix directory pull image names + * Fix handling of /dev/null masked devices + * Fix possible runtime panic on bud + * Update bud/from help to contain indicator for --dns=none + * Update documentation about bud + * Update shebangs to take env into consideration + * Use content digests in ADD/COPY history entries + * add support for cgroupsV2 + * add: add a DryRun flag to AddAndCopyOptions + * add: handle hard links when copying with .dockerignore + * add: teach copyFileWithTar() about symlinks and directories + * imagebuilder: fix detection of referenced stage roots + * pull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES + * run_linux: fix mounting /sys in a userns +- Remove hardly set build tags in favor of the Makefile +------------------------------------------------------------------- +Mon Sep 2 12:02:44 UTC 2019 - Sascha Grunert + +- Add patch for CVE-2019-10214. bsc#1144065 + + CVE-2019-10214.patch + +------------------------------------------------------------------- +Fri Aug 16 06:32:33 UTC 2019 - Sascha Grunert + +- Update to v1.10.1 + * Add automatic apparmor tag discovery + * Add overlayfs to fuse-overlayfs tip + * Bug fix for volume minus syntax + * Bump container/storage v1.13.1 and containers/image v3.0.1 + * Bump containers/image to v3.0.2 to fix keyring issue + * Fix bug whereby --get-login has no effect + * Bump github.com/containernetworking/cni to v0.7.1 +- Add appamor-pattern requirement + +------------------------------------------------------------------- +Mon Aug 5 10:41:41 UTC 2019 - Sascha Grunert + +- Update build process to match the latest repository architecture +- Update to v1.10.0 + * vendor github.com/containers/image@v3.0.0 + * Remove GO111MODULE in favor of -mod=vendor + * Vendor in containers/storage v1.12.16 + * Add '-' minus syntax for removal of config values + * tests: enable overlay tests for rootless + * rootless, overlay: use fuse-overlayfs + * vendor github.com/containers/image@v2.0.1 + * Added '-' syntax to remove volume config option + * delete successfully pushed message + * Add golint linter and apply fixes + * vendor github.com/containers/storage@v1.12.15 + * Change wait to sleep in buildahimage readme + * Handle ReadOnly images when deleting images + * Add support for listing read/only images + * from/import: record the base image's digest, if it has one + * Fix CNI version retrieval to not require network connection + * Add misspell linter and apply fixes + * Add goimports linter and apply fixes + * Add stylecheck linter and apply fixes + * Add unconvert linter and apply fixes + * image: make sure we don't try to use zstd compression + * run.bats: skip the "z" flag when testing --mount + * Update to runc v1.0.0-rc8 + * Update to match updated runtime-tools API + * bump github.com/opencontainers/runtime-tools to v0.9.0 + * Build e2e tests using the proper build tags + * Add unparam linter and apply fixes + * Run: correct a typo in the --cap-add help text + * unshare: add a --mount flag + * fix push check image name is not empty + * add: fix slow copy with no excludes + * Add errcheck linter and fix missing error check + * Improve tests/tools/Makefile parallelism and abstraction + * Fix response body not closed resource leak + * Switch to golangci-lint + * Add gomod instructions and mailing list links + * On Masked path, check if /dev/null already mounted before mounting + * Update to containers/storage v1.12.13 + * Refactor code in package imagebuildah + * Add rootless podman with NFS issue in documentation + * Add --mount for buildah run + * import method ValidateVolumeOpts from libpod + * Fix typo + * Makefile: set GO111MODULE=off + * rootless: add the built-in slirp DNS server + * Update docker/libnetwork to get rid of outdated sctp package + * Update buildah-login.md + * migrate to go modules + * install.md: mention go modules + * tests/tools: go module for test binaries + * fix --volume splits comma delimited option + * Add bud test for RUN with a priv'd command + * vendor logrus v1.4.2 + * pkg/cli: panic when flags can't be hidden + * pkg/unshare: check all errors + * pull: check error during report write + * run_linux.go: ignore unchecked errors + * conformance test: catch copy error + * chroot/run_test.go: export funcs to actually be executed + * tests/imgtype: ignore error when shutting down the store + * testreport: check json error + * bind/util.go: remove unused func + * rm chroot/util.go + * imagebuildah: remove unused dedupeStringSlice + * StageExecutor: EnsureContainerPath: catch error from SecureJoin() + * imagebuildah/build.go: return instead of branching + * rmi: avoid redundant branching + * conformance tests: nilness: allocate map + * imagebuildah/build.go: avoid redundant filepath.Join() + * imagebuildah/build.go: avoid redundant os.Stat() + * imagebuildah: omit comparison to bool + * fix "ineffectual assignment" lint errors + * docker: ignore "repeats json tag" lint error + * pkg/unshare: use ... instead of iterating a slice + * conformance: bud test: use raw strings for regexes + * conformance suite: remove unused func/var + * buildah test suite: remove unused vars/funcs + * testreport: fix golangci-lint errors + * util: remove redundant return statement + * chroot: only log clean-up errors + * images_test: ignore golangci-lint error + * blobcache: log error when draining the pipe + * imagebuildah: check errors in deferred calls + * chroot: fix error handling in deferred funcs + * cmd: check all errors + * chroot/run_test.go: check errors + * chroot/run.go: check errors in deferred calls + * imagebuildah.Executor: remove unused onbuild field + * docker/types.go: remove unused struct fields + * util: use strings.ContainsRune instead of index check + * Cirrus: Initial implementation + * buildah-run: fix-out-of-range panic (2) + * Update containers/image to v2.0.0 + * run: fix hang with run and --isolation=chroot + * run: fix hang when using run + * chroot: drop unused function call + * remove --> before imgageID on build + * Always close stdin pipe + * Write deny to setgroups when doing single user mapping + * Avoid including linux/memfd.h + * Add a test for the symlink pointing to a directory + * Add missing continue + * Fix the handling of symlinks to absolute paths + * Only set default network sysctls if not rootless + * Support --dns=none like podman + * fix bug --cpu-shares parsing typo + * Fix validate complaint + * Update vendor on containers/storage to v1.12.10 + * Create directory paths for COPY thereby ensuring correct perms + * imagebuildah: use a stable sort for comparing build args + * imagebuildah: tighten up cache checking + * bud.bats: add a test verying the order of --build-args + * add -t to podman run + * imagebuildah: simplify screening by top layers + * imagebuildah: handle ID mappings for COPY --from + * imagebuildah: apply additionalTags ourselves + * bud.bats: test additional tags with cached images + * bud.bats: add a test for WORKDIR and COPY with absolute destinations + * Cleanup Overlay Mounts content + * Add support for file secret mounts + * Add ability to skip secrets in mounts file + * allow 32bit builds + * fix tutorial instructions + * imagebuilder: pass the right contextDir to Add() + * add: use fileutils.PatternMatcher for .dockerignore + * bud.bats: add another .dockerignore test + * unshare: fallback to single usermapping + * addHelperSymlink: clear the destination on os.IsExist errors + * bud.bats: test replacing symbolic links + * imagebuildah: fix handling of destinations that end with '/' + * bud.bats: test COPY with a final "/" in the destination + * linux: add check for sysctl before using it + * unshare: set _CONTAINERS_ROOTLESS_GID + * Rework buildahimamges + * build context: support https git repos + * Add a test for ENV special chars behaviour + * Check in new Dockerfiles + * Apply custom SHELL during build time + * config: expand variables only at the command line + * SetEnv: we only need to expand v once + * Add default /root if empty on chroot iso + * Add support for Overlay volumes into the container. + * Export buildah validate volume functions so it can share code with libpod + * Bump baseline test to F30 + * Fix rootless handling of /dev/shm size + * Avoid fmt.Printf() in the library + * imagebuildah: tighten cache checking back up + * Handle WORKDIR with dangling target + * Default Authfile to proper path + * Make buildah run --isolation follow BUILDAH_ISOLATION environment + * Vendor in latest containers/storage and containers/image + * getParent/getChildren: handle layerless images + * imagebuildah: recognize cache images for layerless images + * bud.bats: test scratch images with --layers caching + * Get CHANGELOG.md updates + * Add some symlinks to test our .dockerignore logic + * imagebuildah: addHelper: handle symbolic links + * commit/push: use an everything-allowed policy + * Correct manpage formatting in files section + * Remove must be root statement from buildah doc + * Change image names to stable, testing and upstream + * Don't create directory on container + * Replace kubernetes/pause in tests with k8s.gcr.io/pause + * imagebuildah: don't remove intermediate images if we need them + * Rework buildahimagegit to buildahimageupstream + * Fix Transient Mounts + * Handle WORKDIRs that are symlinks + * allow podman to build a client for windows + * Touch up 1.9-dev to 1.9.0-dev + * Resolve symlink when checking container path + * commit: commit on every instruction, but not always with layers + * CommitOptions: drop the unused OnBuild field + * makeImageRef: pass in the whole CommitOptions structure + * cmd: API cleanup: stores before images + * run: check if SELinux is enabled + * Fix buildahimages Dockerfiles to include support for additionalimages mounted from host. + * Detect changes in rootdir + * Fix typo in buildah-pull(1) + * Vendor in latest containers/storage + * Keep track of any build-args used during buildah bud --layers + * commit: always set a parent ID + * imagebuildah: rework unused-argument detection + * fix bug dest path when COPY .dockerignore + * Move Host IDMAppings code from util to unshare + * Add BUILDAH_ISOLATION rootless back + * Travis CI: fail fast, upon error in any step + * imagebuildah: only commit images for intermediate stages if we have to + * Use errors.Cause() when checking for IsNotExist errors + * auto pass http_proxy to container + * imagebuildah: don't leak image structs + * Add Dockerfiles for buildahimages + * Bump to Replace golang 1.10 with 1.12 + * add --dns* flags to buildah bud + * Add hack/build_speed.sh test speeds on building container images + * Create buildahimage Dockerfile for Quay + * rename 'is' to 'expect_output' + * squash.bats: test squashing in multi-layered builds + * bud.bats: test COPY --from in a Dockerfile while using the cache + * commit: make target image names optional + * Fix bud-args to allow comma separation + * oops, missed some tests in commit.bats + * new helper: expect_line_count + * New tests for #1467 (string slices in cmdline opts) + * Workarounds for dealing with travis; review feedback + * BATS tests - extensive but minor cleanup + * imagebuildah: defer pulling images for COPY --from + * imagebuildah: centralize COMMIT and image ID output + * Travis: do not use traviswait + * imagebuildah: only initialize imagebuilder configuration once per stage + * Make cleaner error on Dockerfile build errors + * unshare: move to pkg/ + * unshare: move some code from cmd/buildah/unshare + * Fix handling of Slices versus Arrays + * imagebuildah: reorganize stage and per-stage logic + * imagebuildah: add empty layers for instructions + * Add missing step in installing into Ubuntu + * fix bug in .dockerignore support + * imagebuildah: deduplicate prepended "FROM" instructions + * Touch up intro + * commit: set created-by to the shell if it isn't set + * commit: check that we always set a "created-by" + * docs/buildah.md: add "containers-" prefixes under "SEE ALSO" + +------------------------------------------------------------------- +Mon Apr 1 14:47:27 UTC 2019 - Richard Brown + +- Update to v1.7.2 + * Updates vendored containers/storage to latest version + * rootless: by default use the host network namespace + +------------------------------------------------------------------- +Fri Mar 1 10:12:50 UTC 2019 - Richard Brown + +- Update to v1.7.1 + * Minor fix to vendor in github.com/containers/image 1.5 version + * This fixes a crash on pulling of images +- Stop building from specific commit + +------------------------------------------------------------------- +Tue Feb 26 16:51:30 UTC 2019 - Richard Brown + +- Update to v1.7 + * vendor containers/image v1.4 + * Make "images --all" faster + * Remove quiet option from pull options + * Support oci layout format + +------------------------------------------------------------------- +Thu Jan 17 14:21:58 UTC 2019 - Richard Brown + +- Update to v1.6 + * unshare: do not set USER=root + * run: ignore EIO when flushing at the end, avoid double log + * build-using-dockerfile,commit: disable compression by default + * Make rootless work under no_pivot_root + * Properly format images JSON output + * Assume user 0 group 0, if /etc/passwd file in container. + * Add buildah info command +- Full changelog: https://github.com/containers/buildah/releases/tag/v1.6 + +------------------------------------------------------------------- +Fri Nov 23 07:57:58 UTC 2018 - Valentin Rothberg + +- Changelog for v1.5-1 (2018-11-21) + * Print command in SystemExec as debug information + * Sort CLI flags + * Update imagebuild depdency to support heading ARGs in Dockerfile + * rootless: do not specify --rootless to the OCI runtime + * Exclude --force-rm from common bud cli flags + * run: bind mount /etc/hosts and /etc/resolv.conf if not in a volume + * rootless: use slirp4netns to setup the network namespace + * rootless: only discard network configuration names + * run: only set up /etc/hosts or /etc/resolv.conf with network + * Handle directories better in bud -f + * common: support a per-user registries conf file + * unshare: do not override the configuration + * common: honor the rootless configuration file + * unshare: create a new mount namespace + * unshare: support libpod rootless pkg + * Allow container storage to manage the SELinux labels + * imagebuilder.BuildDockerfiles: return the image ID + * Allow setting --no-pivot default with an env var + * Add man page and bash completion, for --no-pivot + * Add the --no-pivot flag to the run command + * Improve reporting about individual pull failures + * Fix From As in Dockerfile + * Sort CLI flags of buildah bud + * unshare: detect when unprivileged userns are disabled + * buildah: use the same logic for XDG_RUNTIME_DIR as podman + * Make sure we log or return every error + * Correctly set DockerInsecureSkipTLSVerify when pulling images + * chroot: set up seccomp and capabilities after supplemental groups + * chroot: fix capabilities list setup and application + +------------------------------------------------------------------- +Sun Nov 4 08:49:19 UTC 2018 - Valentin Rothberg + +- Require slirp4netns to enable networking for unprivileged network namespaces + aka networking for rootless buildah. + +------------------------------------------------------------------- +Wed Oct 3 07:32:39 UTC 2018 - Valentin Rothberg + +- Changelog for v1.4 (2018-10-02) + * Touchup pull manpage + * Export buildah ReserveSELinuxLables so podman can use it + * Update rmi man for prune changes + * Copy ExposedPorts from base image into the config + * Change rmi --prune to not accept an imageID + * Builtin volumes should be owned by the UID/GID of the container + * Move buildah from projecatatomic/buildah to containers/buildah + * bash: Completion options + * Don't build btrfs if it is not installed + * Push: Allow an empty destination + * Fix arg usage in buildah-tag + * Evaluate symbolic links on Add/Copy Commands + * Retain bounding set when running containers as non root + * push: show image digest after push succeed + * Exclude --layers from the common bug cli flags + * Make buildah-from error message clear when flags are after arg + * Warn about using Commands in Dockerfile that are not supported by OCI. + * Document BUILDAH_* environment variables in buildah bud --help output + * Fix --layers ADD from url issue + * Display the correct ID after deleting image + * Handle COPY --chown in Dockerfile + * Document STORAGE_DRIVER and STORAGE_OPTS environment variable + * Expand variables names for --env + +------------------------------------------------------------------- +Wed Sep 5 07:47:01 UTC 2018 - Valentin Rothberg + +- Set the correct commit for `buildah version`. +- Set the cnilib version for `buildah version`. + +------------------------------------------------------------------- +Mon Aug 6 06:17:06 UTC 2018 - vrothberg@suse.com + +- Update buildah to v1.3: + * bud should not search context directory for Dockerfile + * Set BUILDAH_ISOLATION=rootless when running unprivileged + * Fix rmi to remove intermediate images associated with an image + * Set the default ulimits to match Docker + * buildah: no args is out of bounds + * preprocess ".in" suffixed Dockerfiles + * Add support for multiple Short options + * Update to latest urvave/cli + * Create buildah pull command + * Allow ping command without NET_RAW Capabilities + * Allow Dockerfile content to come from stdin + * add rename command + * Completion command + * Update vendor for runc to fix 32 bit builds + +------------------------------------------------------------------- +Mon Jul 16 06:33:14 UTC 2018 - vrothberg@suse.com + +- Update buildah to v1.2: + * build-using-dockerfile: let -t include transports again + * Block use of /proc/acpi and /proc/keys from inside containers + * Fix handling of -registries-conf + * Add -cidfile option to from + * Add a -loglevel option to build-with-dockerfile + * docs: Follow man-pages(7) suggestions for SYNOPSIS + * umount: add all option to umount all mounted containers + * Fix buildah bud -layers + * Force ownership of /etc/hosts and /etc/resolv.conf to 0:0 + * build without seccomp + * Add Capabilities lists to BuilderInfo + * Fix ARGS parsing for run commands + * Add info on registries.conf to from manpage + * mount: support multiple inputs + * Allow -userns-uid-map/-userns-gid-map to be global options + * Add -rm and -force-rm to buildah bud + * Add -all,-a flag to buildah images + * Add environment variable BUILDAH_RUNTIME + * Add -layers and -no-cache to buildah bud + * Change 'registries' to 'container registries' in man + * Add registries.conf link to a few man pages + +- install missing buildah (1) manpage + +- install bash completion at /usr/share/bash-completion/completions + +- buildmode=pie: build position independent code + +------------------------------------------------------------------- +Mon Jun 11 05:52:37 UTC 2018 - vrothberg@suse.com + +- Update buildah to v1.1: + * Drop capabilities if running container processes as non root + * Print Warning message if cmd will not be used based on entrypoint + * Shouldn't add insecure registries to list of search registries + * Report errors on bad transports specification when pushing images + * Add disable-content-trust noop flag to bud + * runCopyStdio(): don't close stdin unless we saw POLLHUP + * Add registry errors for pull + * Give better messages to users when image can not be found + * Add environment variable to buildah --format + * Accept json array input for config entrypoint + * Add OnBuild support for Dockerfiles + * buildah bud should require a context directory or URL + * buildah bud picks up ENV from base image + * Add CLI options for specifying namespace and cgroup setup + * Read UID/GID mapping information from containers and images + * build-using-dockerfile: add --annotation + * Implement --squash for build-using-dockerfile and commit + * Vendor in latest container/storage for devicemapper support + * Test with Go 1.10, too + * Handle /etc/hosts and /etc/resolv.conf properly in container + * Add support for buildah bud --label + * buildah push/from can push and pull images with no reference + * builder-inspect: fix format option + * Add cpu-shares short flag (-c) and cpu-shares CI tests + +------------------------------------------------------------------- +Sun Jun 10 23:44:35 UTC 2018 - jengelh@inai.de + +- Use noun phrase in summary. + +------------------------------------------------------------------- +Thu Jun 7 06:46:21 UTC 2018 - vrothberg@suse.com + +- Update buildah to v1.0: + * Update option and documentation for --force-rm + * Update buildah run to make command required + * Do not print directly to stdout in Commit() + * Force "localhost" as a default registry + * Validate host and container paths passed to --volume + * Add --compress, --rm, --squash flags as a noop for bud + * Add FIPS mode secret to buildah run and bud + * Add config --comment/--domainname/--history-comment/--hostname + * 'buildah config': stop replacing Created-By whenever it's not specified + * Modify man pages so they compile correctly in mandb + * Add description on how to do --isolation to buildah-bud man page + * Add support for --iidfile to bud and commit + * Remove tarball as an option from buildah push --help + * Fix secrets patch + * Display imageId after commit + * config: add support for StopSignal + * Allow referencing stages as index and names + * Add multi-stage builds support + * Allow umount to have multi-containers + * buildah bud walks symlinks + * Allow --cmd parameter to have commands as values + * Make default-mounts-file a hidden option + * Add various transport support to buildah from + * shallowCopy: avoid a second read of the container's layer + * Add openSUSE in install section + * run: do not open /etc/hosts if not needed + +------------------------------------------------------------------- +Tue Jun 5 08:18:08 UTC 2018 - dcassany@suse.com + +- Refactor %license usage to a simpler form + +------------------------------------------------------------------- +Mon Jun 4 08:54:58 UTC 2018 - dcassany@suse.com + +- Make use of %license macro + +------------------------------------------------------------------- +Wed Apr 4 09:52:25 UTC 2018 - vrothberg@suse.com + +- Change build date to SOURCE_DATE_EPOCH to make builds reproducible. + +------------------------------------------------------------------- +Thu Mar 29 08:50:12 UTC 2018 - vrothberg@suse.com + +- Fix `buildah version` by compiling the build date into the binary. + +------------------------------------------------------------------- +Tue Mar 6 08:28:55 UTC 2018 - vrothberg@suse.com + +- Package buildah v0.12. Buildah is a tool to build OCI images, and is used + by podman-build. diff --git a/buildah.spec b/buildah.spec new file mode 100644 index 0000000..0f80c69 --- /dev/null +++ b/buildah.spec @@ -0,0 +1,105 @@ +# +# spec file for package buildah +# +# Copyright (c) 2023 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# + +%bcond_without apparmor + +%define project github.com/containers/buildah +Name: buildah +Version: 1.34.0 +Release: 0 +Summary: Tool for building OCI containers +License: Apache-2.0 +Group: System/Management +URL: https://%{project} +Source0: %{name}-%{version}.tar.xz +Source1: %{name}-rpmlintrc +BuildRequires: bash-completion +BuildRequires: device-mapper-devel +BuildRequires: fdupes +BuildRequires: git +BuildRequires: glib2-devel-static +BuildRequires: glibc-devel-static +BuildRequires: golang-packaging +%if %{with apparmor} +BuildRequires: libapparmor-devel +%endif +BuildRequires: libassuan-devel >= 2.5.2 +BuildRequires: libbtrfs-devel +BuildRequires: libgpgme-devel +BuildRequires: libseccomp-devel +BuildRequires: golang(API) >= 1.21 +Requires: cni +Requires: libcontainers-common +Requires: libcontainers-image +Requires: libcontainers-storage +Requires: runc >= 1.0.2 +Requires: slirp4netns +%{go_nostrip} +BuildRequires: libostree-devel +# Not supported by libseccomp-golang +ExcludeArch: ppc64 + + +%description +Buildah provides a command line tool which can be used to: +- Create a working container, either from scratch or using an image as a + starting point +- Create an image, either from a working container or via the instructions in a + Dockerfile +- Build images in either the OCI image format or the traditional + upstream docker image format +- Mount a working container's root filesystem for manipulation +- Unmount a working container's root filesystem +- Update the contents of a container's root filesystem +- Delete a working container or an image + +%prep +%autosetup -p1 + +%build +# We can't use symlinks here because go-list gets confused by symlinks, so we +# have to copy the source to $HOME/go and then use that as the GOPATH. +export GOPATH=$HOME/go +mkdir -pv $HOME/go/src/%{project} +rm -rf $HOME/go/src/%{project}/* +cp -avr * $HOME/go/src/%{project} +cd $HOME/go/src/%{project} + +# Build buildah +GOFLAGS=-buildmode=pie %make_build GIT_COMMIT=unknown buildah docs + +%check +# Too many tests fail due to the restricted permissions in the build enviroment. +# Updates must be tested manually. + +%install +cd $HOME/go/src/%{project} + +install -D -m 0755 bin/buildah %{buildroot}/%{_bindir}/buildah +install -d %{buildroot}/%{_mandir}/man1 +install -m 0644 docs/buildah*.1 %{buildroot}/%{_mandir}/man1 +install -D -m 0644 contrib/completions/bash/buildah %{buildroot}/%{_datadir}/bash-completion/completions/buildah + +%fdupes %{buildroot}/%{_prefix} + +%files +%{_bindir}/buildah +%{_mandir}/man1/buildah* +%{_datadir}/bash-completion/completions/buildah +%license LICENSE + +%changelog