From a7f61ac520fe001d13dd4e83398e0b0d5e043517 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Aug 2023 13:29:31 +0000 Subject: [PATCH] chore(deps): Bump github.com/vmware-tanzu/carvel-imgpkg Bumps [github.com/vmware-tanzu/carvel-imgpkg](https://github.com/vmware-tanzu/carvel-imgpkg) from 0.36.2 to 0.37.3. - [Release notes](https://github.com/vmware-tanzu/carvel-imgpkg/releases) - [Changelog](https://github.com/carvel-dev/imgpkg/blob/develop/.goreleaser.yml) - [Commits](https://github.com/vmware-tanzu/carvel-imgpkg/compare/v0.36.2...v0.37.3) --- updated-dependencies: - dependency-name: github.com/vmware-tanzu/carvel-imgpkg dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 6 ++-- go.sum | 13 +++---- .../pkg/imgpkg/image/dir_image.go | 8 +++++ .../pkg/imgpkg/image/tar_image.go | 36 +++++++++++++------ .../pkg/imgpkg/plainimage/contents.go | 11 +++--- vendor/modules.txt | 6 ++-- 6 files changed, 52 insertions(+), 28 deletions(-) diff --git a/go.mod b/go.mod index cba53b454..8e7eb6a59 100644 --- a/go.mod +++ b/go.mod @@ -19,7 +19,7 @@ require ( github.com/stretchr/testify v1.8.4 github.com/vito/go-interact v1.0.1 github.com/vmware-labs/reconciler-runtime v0.11.1 - github.com/vmware-tanzu/carvel-imgpkg v0.36.2 + github.com/vmware-tanzu/carvel-imgpkg v0.37.3 github.com/vmware-tanzu/difflib v0.0.0-20201117154628-0c031775bf57 github.com/vmware-tanzu/tanzu-plugin-runtime v0.90.0 golang.org/x/crypto v0.10.0 @@ -105,7 +105,7 @@ require ( github.com/magiconair/properties v1.8.7 // indirect github.com/mailru/easyjson v0.7.7 // indirect github.com/mattn/go-colorable v0.1.13 // indirect - github.com/mattn/go-isatty v0.0.17 // indirect + github.com/mattn/go-isatty v0.0.19 // indirect github.com/mattn/go-runewidth v0.0.13 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect @@ -143,7 +143,7 @@ require ( golang.org/x/mod v0.10.0 // indirect golang.org/x/net v0.10.0 // indirect golang.org/x/oauth2 v0.7.0 // indirect - golang.org/x/sync v0.1.0 // indirect + golang.org/x/sync v0.2.0 // indirect golang.org/x/sys v0.9.0 // indirect golang.org/x/term v0.9.0 // indirect golang.org/x/text v0.10.0 // indirect diff --git a/go.sum b/go.sum index f3a4979cc..5994601d7 100644 --- a/go.sum +++ b/go.sum @@ -475,8 +475,8 @@ github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNx github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s= github.com/mattn/go-isatty v0.0.11/go.mod h1:PhnuNfih5lzO57/f3n+odYbM4JtupLOxQOAqxQCu2WE= github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= +github.com/mattn/go-isatty v0.0.19 h1:JITubQf0MOLdlGRuRq+jtsDlekdYPia9ZFsB8h/APPA= +github.com/mattn/go-isatty v0.0.19/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y= github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI= github.com/mattn/go-runewidth v0.0.13 h1:lTGmDsbAYt5DmK6OnoV7EuIF1wEIFAcxld6ypU4OSgU= github.com/mattn/go-runewidth v0.0.13/go.mod h1:Jdepj2loyihRzMpdS35Xk/zdY8IAYHsh153qUoGf23w= @@ -667,8 +667,8 @@ github.com/vito/go-interact v1.0.1 h1:O8xi8c93bRUv2Tb/v6HdiuGc+WnWt+AQzF74MOOdlB github.com/vito/go-interact v1.0.1/go.mod h1:HrdHSJXD2yn1MhlTwSIMeFgQ5WftiIorszVGd3S/DAA= github.com/vmware-labs/reconciler-runtime v0.11.1 h1:eU2bDUq4XWFmjICaKgnNieT8NhCicMqc5ST53R2QYug= github.com/vmware-labs/reconciler-runtime v0.11.1/go.mod h1:IrjEBBrCnBhvvQA4RT9l1J4vYbH5+QKF3O93XU/lj3c= -github.com/vmware-tanzu/carvel-imgpkg v0.36.2 h1:RxHd4A4o+Q2qn67ZhiQSMR42cslN/XnAaGXG+MeF+4M= -github.com/vmware-tanzu/carvel-imgpkg v0.36.2/go.mod h1:eBOaUEF4tVajROCfcNFnB3zThG6xONhKuahbLFiqGU4= +github.com/vmware-tanzu/carvel-imgpkg v0.37.3 h1:e83Ugr6Lmuw1Q8nD9U0gdPXN1hP5iLW9JMxJs5gV2SQ= +github.com/vmware-tanzu/carvel-imgpkg v0.37.3/go.mod h1:YFKwj9DebWdI/yOrHNDGtS7WEUYmYUrXjZl/zAlzX08= github.com/vmware-tanzu/difflib v0.0.0-20201117154628-0c031775bf57 h1:NmeWaPuGdwr2+NdXEFqDfcBYiA8Qi/z+twfED7mqCyY= github.com/vmware-tanzu/difflib v0.0.0-20201117154628-0c031775bf57/go.mod h1:q4R37lXdaJmkpws5TUoMwT2GXOMs8qJJ9P+zxrtHv28= github.com/vmware-tanzu/tanzu-plugin-runtime v0.90.0 h1:MbnTxvqCBOLR8gHpnzwxlcbP16vF71LyV8Tx2ANC57o= @@ -859,8 +859,8 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI= +golang.org/x/sync v0.2.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -931,6 +931,7 @@ golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220906165534-d0df966e6959/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= diff --git a/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/dir_image.go b/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/dir_image.go index 955b94606..514350663 100644 --- a/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/dir_image.go +++ b/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/dir_image.go @@ -135,6 +135,14 @@ func (i *DirImage) extractTarEntry(header *tar.Header, input io.Reader) error { userPermission := int64(mode & 0700) permMode := os.FileMode(userPermission | userPermission>>3 | userPermission>>6) + // By default, imgpkg will remove the permissions for group/all on all files. + // Here we are checking if these permissions are still present. If this is the case it means that the creator + // of the OCI image intended to keep the original permissions of the file. In this case we will honor the + // request by keeping the original permissions on the files + if mode&0077 > 0 { + permMode = mode + } + err := os.MkdirAll(filepath.Dir(path), 0777) if err != nil { return err diff --git a/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/tar_image.go b/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/tar_image.go index 8e1857cf8..94aa825b0 100644 --- a/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/tar_image.go +++ b/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image/tar_image.go @@ -16,14 +16,15 @@ import ( ) type TarImage struct { - files []string - excludePaths []string - logger Logger + files []string + excludePaths []string + logger Logger + keepPermissions bool } // NewTarImage creates a struct that will allow users to create a representation of a set of paths as an OCI Image -func NewTarImage(files []string, excludePaths []string, logger Logger) *TarImage { - return &TarImage{files, excludePaths, logger} +func NewTarImage(files []string, excludePaths []string, logger Logger, keepPermissions bool) *TarImage { + return &TarImage{files, excludePaths, logger, keepPermissions} } // AsFileImage Creates an OCI Image representation of the provided folders @@ -80,7 +81,7 @@ func (i *TarImage) createTarball(file *os.File, filePaths []string) error { if i.isExcluded(relPath) { return filepath.SkipDir } - return i.addDirToTar(relPath, tarWriter) + return i.addDirToTar(path, relPath, tarWriter) } if (info.Mode() & os.ModeType) != 0 { return fmt.Errorf("Expected file '%s' to be a regular file", walkedPath) @@ -101,7 +102,7 @@ func (i *TarImage) createTarball(file *os.File, filePaths []string) error { return nil } -func (i *TarImage) addDirToTar(relPath string, tarWriter *tar.Writer) error { +func (i *TarImage) addDirToTar(fullPath string, relPath string, tarWriter *tar.Writer) error { if i.isExcluded(relPath) { panic("Unreachable") // directories excluded above } @@ -113,10 +114,19 @@ func (i *TarImage) addDirToTar(relPath string, tarWriter *tar.Writer) error { relPath = strings.ReplaceAll(relPath, "\\", "/") } + folderPermission := int64(0700) + if i.keepPermissions { + fInfo, err := os.Stat(fullPath) + if err != nil { + return fmt.Errorf("Unable to stat the folder '%s': %s", fullPath, err) + } + folderPermission = int64(fInfo.Mode()) + } + header := &tar.Header{ Name: relPath, - Mode: 0700, // static - ModTime: time.Time{}, // static + Mode: folderPermission, // static + ModTime: time.Time{}, // static Typeflag: tar.TypeDir, } @@ -141,12 +151,16 @@ func (i *TarImage) addFileToTar(fullPath, relPath string, info os.FileInfo, tarW if runtime.GOOS == "windows" { relPath = strings.ReplaceAll(relPath, "\\", "/") } + filePermission := int64(info.Mode() & 0700) + if i.keepPermissions { + filePermission = int64(info.Mode()) + } header := &tar.Header{ Name: relPath, Size: info.Size(), - Mode: int64(info.Mode() & 0700), // static - ModTime: time.Time{}, // static + Mode: filePermission, // static + ModTime: time.Time{}, // static Typeflag: tar.TypeReg, } diff --git a/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/plainimage/contents.go b/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/plainimage/contents.go index 78b9236fb..fa767f22c 100644 --- a/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/plainimage/contents.go +++ b/vendor/github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/plainimage/contents.go @@ -18,8 +18,9 @@ import ( // Contents of the OCI Image type Contents struct { - paths []string - excludedPaths []string + paths []string + excludedPaths []string + preservePermissions bool } // ImagesWriter defines the needed functions to write to the registry @@ -29,8 +30,8 @@ type ImagesWriter interface { } // NewContents creates the struct that represent an OCI Image based on the provided paths -func NewContents(paths []string, excludedPaths []string) Contents { - return Contents{paths: paths, excludedPaths: excludedPaths} +func NewContents(paths []string, excludedPaths []string, preservePermissions bool) Contents { + return Contents{paths: paths, excludedPaths: excludedPaths, preservePermissions: preservePermissions} } // Push the OCI Image to the registry @@ -40,7 +41,7 @@ func (i Contents) Push(uploadRef regname.Tag, labels map[string]string, writer I return "", err } - tarImg := ctlimg.NewTarImage(i.paths, i.excludedPaths, logger) + tarImg := ctlimg.NewTarImage(i.paths, i.excludedPaths, logger, i.preservePermissions) img, err := tarImg.AsFileImage(labels) if err != nil { diff --git a/vendor/modules.txt b/vendor/modules.txt index 80811d729..3ef39844d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -359,7 +359,7 @@ github.com/mailru/easyjson/jwriter # github.com/mattn/go-colorable v0.1.13 ## explicit; go 1.15 github.com/mattn/go-colorable -# github.com/mattn/go-isatty v0.0.17 +# github.com/mattn/go-isatty v0.0.19 ## explicit; go 1.15 github.com/mattn/go-isatty # github.com/mattn/go-runewidth v0.0.13 @@ -500,7 +500,7 @@ github.com/vmware-labs/reconciler-runtime/reconcilers github.com/vmware-labs/reconciler-runtime/testing github.com/vmware-labs/reconciler-runtime/tracker github.com/vmware-labs/reconciler-runtime/validation -# github.com/vmware-tanzu/carvel-imgpkg v0.36.2 +# github.com/vmware-tanzu/carvel-imgpkg v0.37.3 ## explicit; go 1.20 github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/image github.com/vmware-tanzu/carvel-imgpkg/pkg/imgpkg/imagedigest @@ -561,7 +561,7 @@ golang.org/x/oauth2/google/internal/externalaccount golang.org/x/oauth2/internal golang.org/x/oauth2/jws golang.org/x/oauth2/jwt -# golang.org/x/sync v0.1.0 +# golang.org/x/sync v0.2.0 ## explicit golang.org/x/sync/errgroup # golang.org/x/sys v0.9.0