This adds a couple more integration tests to more fully define the
behavior of these interactions. Additionally, through this, a minor
difference to POSIX was discovered where quotes are supposed to be
properly preserved in a heredoc (since a heredoc is treated as a
double-quoted word).
To handle this, a new property, SkipProcessQuotes is added to the shell
lexer which simply treats quotes as ordinary characters. This is the
only behavioral change needed to actually get the new tests working.
Signed-off-by: Justin Chadwell <me@jedevc.com>
In the contents of COPY/ADD, we perform expansion on variables using a
lexer. However, this lexer, by default, removes quotes as well as
expanding variables - this isn't really the kind of behavior we're
after, as it feels quite unintuitive.
To fix this, we introduce a new ExpandRaw function, which commands can
implement that implement an alternative expansion that preserves quotes
(and possibly other characters/features in the future).
Additionally, we introduce new tests to more clearly define the desired
behavior. One major note is that backslashes are not passed directly,
and are processed, following normal escape rules (so that we can use `$`
symbols directly).
Signed-off-by: Justin Chadwell <me@jedevc.com>
Previously, we'd only write raw escapes out as words, and not out to the
result. We weren't using or relying on this behaviour, but it could
easily have caused a bug if we were. This patch just cleans rawEscapes
to behave like rawQuotes.
Signed-off-by: Justin Chadwell <me@jedevc.com>
Stages and implicit stages from image names can be
redefined with build options.
This enables using more that one source directory
and reusing results from other builds. This can also
be used to use a local image from other build without
including a registry.
Contexts need to be defined as `context:name=` frontend
options. The value can be image, git repository,
URL, local directory or a frontend input.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Using an interface instead of a func is more flexible while achieving
the same effect. It allows you to succintly define a large number of
test cases as structs, as is common in table-driven testing.
A helper func is added that converts the existing test funcs into the
interface, so the change is fairly seamless.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
The problem this change is trying to fix are the environments where some
capabilities are already dropped, so they can't be granted to the
job with `--security=insecure`.
I know that probably fixed set of capabilities was implemented to
provide a stable build environment, but at the same time this breaks
environments with reduced capabilities.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
There are a few goals with this refactor:
1. Remove external access to fields that no longer make sense and/or
won't make sense soon due to other potential changes. For example,
there can now be multiple blobs associated with a ref (for different
compression types), so the fact that you could access the "Blob"
field from the Info method on Ref incorrectly implied there was just
a single blob for the ref. This is on top of the fact that there is
no need for external access to blob digests.
2. Centralize use of cache metadata inside the cache package.
Previously, many parts of the code outside the cache package could
obtain the bolt storage item for any ref and read/write it directly.
This made it hard to understand what fields are used and when. Now,
the Metadata method has been removed from the Ref interface and
replaced with getters+setters for metadata fields we want to expose
outside the package, which makes it much easier to track and
understand. Similar changes have been made to the metadata search
interface.
3. Use a consistent getter+setter interface for metadata, replacing
the mix of interfaces like Metadata(), Size(), Info() and other
inconsistencies.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
Justin Chadwell
Tõnis Tiigi
coryb
CrazyMax
Akihiro Suda
Erik Sipsma
Andrey Smirnov
Koichi Shiraishi
Sebastiaan van Stijn