From f3781ab7f3ac5a6eb66a1b07e7bba60eb9f764b9a0a6b782022bce625a05993b Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Mon, 24 Jul 2017 10:39:50 +0000 Subject: [PATCH] Accepting request 512069 from home:cyphar:containers - Update to umoci v0.3.0. Upstream changelog: - `umoci` now passes all of the requirements for the [CII best practices bading program][cii]. openSUSE/umoci#134 - `umoci` also now has more extensive architecture, quick-start and roadmap documentation. openSUSE/umoci#134 - `umoci` now supports [`1.0.0` of the OCI image specification][ispec-v1.0.0] and [`1.0.0` of the OCI runtime specification][rspec-v1.0.0], which are the first milestone release. Note that there are still some remaining UX issues with `--image` and other parts of `umoci` which may be subject to change in future versions. In particular, this update of the specification now means that images may have ambiguous tags. `umoci` will warn you if an operation may have an ambiguous result, but we plan to improve this functionality far more in the future. openSUSE/umoci#133 openSUSE/umoci#142 - `umoci` also now supports more complicated descriptor walk structures, and also handles mutation of such structures more sanely. At the moment, this functionality has not been used "in the wild" and `umoci` doesn't have the UX to create such structures (yet) but these will be implemented in future versions. openSUSE/umoci#145 - `umoci repack` now supports `--mask-path` to ignore changes in the rootfs that are in a child of at least one of the provided masks when generating new layers. openSUSE/umoci#127 - Error messages from `github.com/openSUSE/umoci/oci/cas/drivers/dir` actually make sense now. openSUSE/umoci#121 - `umoci unpack` now generates `config.json` blobs according to the [still proposed][ispec-pr492] OCI image specification conversion document. openSUSE/umoci#120 - `umoci repack` also now automatically adding `Config.Volumes` from the image configuration to the set of masked paths. This matches recently added [recommendations by the spec][ispec-pr694], but is a backwards-incompatible change because the new default is that `Config.Volumes` **will** be masked. If you wish to retain the old semantics, use `--no-mask-volumes` (though make sure to be aware of the reasoning behind `Config.Volume` masking). openSUSE/umoci#127 - `umoci` now uses [`SecureJoin`][securejoin] rather than a patched version of `FollowSymlinkInScope`. The two implementations are roughly equivalent, but `SecureJoin` has a nicer API and is maintained as a separate project. - Switched to using `golang.org/x/sys/unix` over `syscall` where possible, which makes the codebase significantly cleaner. openSUSE/umoci#141 [cii]: https://bestpractices.coreinfrastructure.org/projects/1084 [rspec-v1.0.0]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0 [ispec-v1.0.0]: https://github.com/opencontainers/image-spec/releases/tag/v1.0.0 [ispec-pr492]: https://github.com/opencontainers/image-spec/pull/492 [ispec-pr694]: https://github.com/opencontainers/image-spec/pull/694 [securejoin]: https://github.com/cyphar/filepath-securejoin OBS-URL: https://build.opensuse.org/request/show/512069 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/umoci?expand=0&rev=23 --- _service | 8 +++---- umoci-0.2.1.tar.xz | 3 --- umoci-0.2.1.tar.xz.asc | 16 ------------- umoci-0.3.0.tar.xz | 3 +++ umoci-0.3.0.tar.xz.asc | 16 +++++++++++++ umoci.changes | 52 +++++++++++++++++++++++++++++++++++++++++- umoci.spec | 6 ++--- 7 files changed, 77 insertions(+), 27 deletions(-) delete mode 100644 umoci-0.2.1.tar.xz delete mode 100644 umoci-0.2.1.tar.xz.asc create mode 100644 umoci-0.3.0.tar.xz create mode 100644 umoci-0.3.0.tar.xz.asc diff --git a/_service b/_service index 760458d..710b5e7 100644 --- a/_service +++ b/_service @@ -2,14 +2,14 @@ https github.com - openSUSE/umoci/releases/download/v0.2.1/umoci.tar.xz - umoci-0.2.1.tar.xz + openSUSE/umoci/releases/download/v0.3.0/umoci.tar.xz + umoci-0.3.0.tar.xz https github.com - openSUSE/umoci/releases/download/v0.2.1/umoci.tar.xz.asc - umoci-0.2.1.tar.xz.asc + openSUSE/umoci/releases/download/v0.3.0/umoci.tar.xz.asc + umoci-0.3.0.tar.xz.asc umoci diff --git a/umoci-0.2.1.tar.xz b/umoci-0.2.1.tar.xz deleted file mode 100644 index 313293c..0000000 --- a/umoci-0.2.1.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:3e911839d1650a8ce987ef9f4c6936801ac6bf8ca271430122bca775756e506c -size 171776 diff --git a/umoci-0.2.1.tar.xz.asc b/umoci-0.2.1.tar.xz.asc deleted file mode 100644 index 480d776..0000000 --- a/umoci-0.2.1.tar.xz.asc +++ /dev/null @@ -1,16 +0,0 @@ ------BEGIN PGP SIGNATURE----- - -iQIzBAABCAAdFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAljtcHgACgkQnhiqJn3b -jbSKDBAAsX0KhAn3X29TKB5VJemgxI7Wf4/DBm7yWBvY+Mco+/u62NG8uZi5ZL/F -9bGys+scPaWjIKiLDLA5YLNRE/+jvOwUnNvg1BoQSj5iL85vCC83+l5P9ZIB5Tc5 -hc7OCrENiL/tJ2nHzgvNOkrGuUEKhO1L2GqGZvQFkrrRNWsojnX/ki46Am0hhMcx -31+I5YofXz0LcokNuj1VnFNS9dGgSYeGMUSDThQ9iBLN20TwVWHBRTkX4SYo7IGC -2I5NSmcv0dLJW3Z4Kug/12MsRZhbwPgXS40dXoTWjdJZyhYzn30Ai288K2fZOP4y -hsKrdck+VYml0kuqkWzCEz6/TF0OH2uRdvGbGU+r2/s5sEuRaL/NiJyzBUZeFb48 -PG1/BFcmHI0K84AswQIVbsuNBw+1jLSw4ahkdQkvD0Rh/4MhFkTgFGXvVhSK+tP0 -xKzDaFH4OnbvH/9jEAVxFn7sSKFJQTOgjPxRokMqSGjLqtu0w6hZEjZQhGRE6sd9 -VEhdsdG94ypyGDMLVLKLvIJIAeDQsgPOXYCKAFkx7PI2T/bxIhgw4jCYf5N8wwAF -kCydgoxl8MmWrjJgfqoD3xb3QQjLPTs4OIDR606rsMlji0d6vB4DylzBqC9iWS6P -1k9qDqC1r014JpkhVR6vjodK2SQ4S5LaF4Nsye1hL3Sd51d/HCo= -=BPwR ------END PGP SIGNATURE----- diff --git a/umoci-0.3.0.tar.xz b/umoci-0.3.0.tar.xz new file mode 100644 index 0000000..3ad2086 --- /dev/null +++ b/umoci-0.3.0.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:be8a3b921ad18d16212a0693500ccd02dce7fa4ad3d897b229f43e8d9fc4062b +size 316896 diff --git a/umoci-0.3.0.tar.xz.asc b/umoci-0.3.0.tar.xz.asc new file mode 100644 index 0000000..f63ef79 --- /dev/null +++ b/umoci-0.3.0.tar.xz.asc @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCAAdFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAllzczoACgkQnhiqJn3b +jbRhJRAAgdV9H2ExrjDjP/VPlhu1PRhDBBIudwmBj32isqb83eLx/0o68rxhnFm2 +SyjwDy1YApfgUaEUjEUOJSIhfkO3d9NyFA4znkO/p8E6EnbFaAQ2EBov0+QuhrjY +iq3F2oM0bUsV9DYYsmDsseHc8Ti+VqJdAiv+fa8detPAmJknHBFTka58L0yCPT8m +t0hQRbFRD/9bbLt9FUOjUtdRmenJvpM7XEh7l+DPi5qVvESMtgUmpNJ7ZljGE/6l +Bd+qBr3SGNbGxwrirNRhTSlEz2uEQYfaArOr3gD42XvFa2kq25bbTuL29eF7jd39 +9ipmpnqlYmxxKh/9wOYqjkFTDwsfxgxV7Aw7m3XABm/tUNIg3taBjDmOKdWKUf60 +xxObtcFTUC8Y7KJCF2uzxJh4xO8NWVx5wKsoFyN8Wm/zlMJCdt1m7dj1o4T4aMHh +CXhjqPPyj7dmMWKk6jQ/7/o3gz2ZCUPm2ytHdFKFQX7FoFY4QnJ9UhUfSwjOlTSS +stUI8o9vHpP/pfp89OWwdo+Rc68oP00+EUk/L5CcbyMRSmtRC6owt480dYOPGuu4 +i8yj4cNQe51gJ9qSHayrELt+sfZRO7vK2ws12eNavt26DzMU5oucDgU6Aoj6S5ka +4g8VaG8GLcU8I4ORdjmXqI+Pntfa2cUsY/Hlr0ZA0dpiUdgx0LI= +=U59f +-----END PGP SIGNATURE----- diff --git a/umoci.changes b/umoci.changes index f8c0758..d1bbeed 100644 --- a/umoci.changes +++ b/umoci.changes @@ -1,8 +1,58 @@ +------------------------------------------------------------------- +Sat Jul 22 15:57:44 UTC 2017 - asarai@suse.com + +- Update to umoci v0.3.0. Upstream changelog: + - `umoci` now passes all of the requirements for the [CII best practices bading + program][cii]. openSUSE/umoci#134 + - `umoci` also now has more extensive architecture, quick-start and roadmap + documentation. openSUSE/umoci#134 + - `umoci` now supports [`1.0.0` of the OCI image + specification][ispec-v1.0.0] and [`1.0.0` of the OCI runtime + specification][rspec-v1.0.0], which are the first milestone release. Note + that there are still some remaining UX issues with `--image` and other parts + of `umoci` which may be subject to change in future versions. In particular, + this update of the specification now means that images may have ambiguous + tags. `umoci` will warn you if an operation may have an ambiguous result, but + we plan to improve this functionality far more in the future. + openSUSE/umoci#133 openSUSE/umoci#142 + - `umoci` also now supports more complicated descriptor walk structures, and + also handles mutation of such structures more sanely. At the moment, this + functionality has not been used "in the wild" and `umoci` doesn't have the UX + to create such structures (yet) but these will be implemented in future + versions. openSUSE/umoci#145 + - `umoci repack` now supports `--mask-path` to ignore changes in the rootfs + that are in a child of at least one of the provided masks when generating new + layers. openSUSE/umoci#127 + - Error messages from `github.com/openSUSE/umoci/oci/cas/drivers/dir` actually + make sense now. openSUSE/umoci#121 + - `umoci unpack` now generates `config.json` blobs according to the [still + proposed][ispec-pr492] OCI image specification conversion document. + openSUSE/umoci#120 + - `umoci repack` also now automatically adding `Config.Volumes` from the image + configuration to the set of masked paths. This matches recently added + [recommendations by the spec][ispec-pr694], but is a backwards-incompatible + change because the new default is that `Config.Volumes` **will** be masked. + If you wish to retain the old semantics, use `--no-mask-volumes` (though make + sure to be aware of the reasoning behind `Config.Volume` masking). + openSUSE/umoci#127 + - `umoci` now uses [`SecureJoin`][securejoin] rather than a patched version of + `FollowSymlinkInScope`. The two implementations are roughly equivalent, but + `SecureJoin` has a nicer API and is maintained as a separate project. + - Switched to using `golang.org/x/sys/unix` over `syscall` where possible, + which makes the codebase significantly cleaner. openSUSE/umoci#141 + + [cii]: https://bestpractices.coreinfrastructure.org/projects/1084 + [rspec-v1.0.0]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0 + [ispec-v1.0.0]: https://github.com/opencontainers/image-spec/releases/tag/v1.0.0 + [ispec-pr492]: https://github.com/opencontainers/image-spec/pull/492 + [ispec-pr694]: https://github.com/opencontainers/image-spec/pull/694 + [securejoin]: https://github.com/cyphar/filepath-securejoin + ------------------------------------------------------------------- Wed Apr 12 09:46:18 UTC 2017 - jmassaguerpla@suse.com - remove the go_arches macro because we are using go1.7 which - is available in all archs + is available in all archs ------------------------------------------------------------------- Wed Apr 12 01:05:12 UTC 2017 - asarai@suse.com diff --git a/umoci.spec b/umoci.spec index 0f15754..b3d13f6 100644 --- a/umoci.spec +++ b/umoci.spec @@ -24,7 +24,7 @@ %define project github.com/openSUSE/umoci Name: umoci -Version: 0.2.1 +Version: 0.3.0 Release: 0 Summary: Open Container Image manipulation tool License: Apache-2.0 @@ -74,7 +74,7 @@ make doc install -D -m 0755 %{name} "%{buildroot}/%{_bindir}/%{name}" # Install all of the docs. -for file in man/*.1; do +for file in doc/man/*.1; do install -D -m 0644 $file "%{buildroot}/%{_mandir}/man1/$(basename $file)" done @@ -86,7 +86,7 @@ hack/test-unit.sh %files %defattr(-,root,root) -%doc COPYING README.md man/*.md +%doc COPYING README.md doc/* %{_bindir}/%{name} %{_mandir}/man1/umoci*