particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5260 commits 1 branch 0 tags 688 MiB
Commit graph

147 commits

Author SHA1 Message Date
dependabot[bot]
dc1a770c0f build(deps): bump github.com/coreos/go-semver from 0.3.0 to 0.3.1 
Bumps [github.com/coreos/go-semver](https://github.com/coreos/go-semver) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/coreos/go-semver/releases)
- [Commits](https://github.com/coreos/go-semver/compare/v0.3.0...v0.3.1)

---
updated-dependencies:
- dependency-name: github.com/coreos/go-semver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-25 13:46:16 +01:00
dependabot[bot]
8fe489ef7c build(deps): bump github.com/Azure/azure-sdk-for-go 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 66.0.0+incompatible to 68.0.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/documentation/release.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v66.0.0...v68.0.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-20 14:56:50 +01:00
dependabot[bot]
967b68745d build(deps): bump github.com/theupdateframework/go-tuf 
Bumps [github.com/theupdateframework/go-tuf](https://github.com/theupdateframework/go-tuf) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/theupdateframework/go-tuf/releases)
- [Commits](https://github.com/theupdateframework/go-tuf/compare/v0.3.1...v0.3.2)

---
updated-dependencies:
- dependency-name: github.com/theupdateframework/go-tuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-09 14:46:28 +01:00
Ondřej Budai
0359647a82 go.mod: update to Go 1.18 
Fedora 35 support was dropped, so we can update to a newer Go.

Stable RHEL 8 and 9 and Fedora 36 ships Go 1.18, so let's switch to it.

"//go:build" directives are now apparently enforced by go fmt, so that's why
there were added.

Also, all the github actions were adjusted to use Go 1.18.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
 2023-01-09 14:03:18 +01:00
Brian C. Lane
59178aa72a vendor: Update BurntSushi/toml to v1.2.1 
This fixes an error when processing blueprints with customizations.firewall
See https://github.com/BurntSushi/toml/issues/360 for details on the
upstream bug.
 2022-10-31 15:24:15 +01:00
dependabot[bot]
159a7e2fe6 build(deps): bump github.com/spf13/cobra from 1.5.0 to 1.6.1 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.5.0 to 1.6.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.5.0...v1.6.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-31 11:34:44 +01:00
dependabot[bot]
3933c37f46 build(deps): bump github.com/aws/aws-sdk-go from 1.44.112 to 1.44.114 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.112 to 1.44.114.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.112...v1.44.114)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-11 11:14:59 +02:00
dependabot[bot]
10a981cfcb build(deps): bump github.com/aws/aws-sdk-go from 1.44.111 to 1.44.112 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.111 to 1.44.112.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.111...v1.44.112)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-06 12:16:29 +02:00
dependabot[bot]
f02067bf0c build(deps): bump github.com/aws/aws-sdk-go from 1.44.108 to 1.44.111 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.108 to 1.44.111.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.108...v1.44.111)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-05 13:53:56 +02:00
dependabot[bot]
b7418d6bba build(deps): bump github.com/labstack/gommon from 0.3.1 to 0.4.0 
Bumps [github.com/labstack/gommon](https://github.com/labstack/gommon) from 0.3.1 to 0.4.0.
- [Release notes](https://github.com/labstack/gommon/releases)
- [Commits](https://github.com/labstack/gommon/compare/v0.3.1...v0.4.0)

---
updated-dependencies:
- dependency-name: github.com/labstack/gommon
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-05 13:00:08 +02:00
dependabot[bot]
c6a960fca8 build(deps): bump google.golang.org/api from 0.97.0 to 0.98.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.97.0 to 0.98.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.97.0...v0.98.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-30 12:07:03 +02:00
dependabot[bot]
79cef73227 build(deps): bump github.com/aws/aws-sdk-go from 1.44.104 to 1.44.108 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.104 to 1.44.108.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.104...v1.44.108)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-30 12:06:16 +02:00
dependabot[bot]
49cf427e6a build(deps): bump cloud.google.com/go/storage from 1.26.0 to 1.27.0 
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.26.0...spanner/v1.27.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-23 15:51:14 +02:00
dependabot[bot]
9670918d21 build(deps): bump github.com/aws/aws-sdk-go from 1.44.93 to 1.44.104 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.93 to 1.44.104.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.93...v1.44.104)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-23 11:20:47 +02:00
dependabot[bot]
743a60fd58 build(deps): bump google.golang.org/api from 0.96.0 to 0.97.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.96.0 to 0.97.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.96.0...v0.97.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-23 09:07:54 +02:00
dependabot[bot]
db7327eb69 build(deps): bump cloud.google.com/go/compute from 1.9.0 to 1.10.0 
Bumps [cloud.google.com/go/compute](https://github.com/googleapis/google-cloud-go) from 1.9.0 to 1.10.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.9.0...pubsub/v1.10.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/compute
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-22 16:26:27 +02:00
dependabot[bot]
f211273732 build(deps): bump github.com/google/go-cmp from 0.5.8 to 0.5.9 
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.8 to 0.5.9.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.8...v0.5.9)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-22 16:26:13 +02:00
dependabot[bot]
e0ce32922c build(deps): bump github.com/labstack/echo/v4 from 4.8.0 to 4.9.0 
Bumps [github.com/labstack/echo/v4](https://github.com/labstack/echo) from 4.8.0 to 4.9.0.
- [Release notes](https://github.com/labstack/echo/releases)
- [Changelog](https://github.com/labstack/echo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/labstack/echo/compare/v4.8.0...v4.9.0)

---
updated-dependencies:
- dependency-name: github.com/labstack/echo/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-19 22:59:56 +02:00
dependabot[bot]
70b6353918 build(deps): bump github.com/jackc/pgx/v4 from 4.17.1 to 4.17.2 
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.17.1 to 4.17.2.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.17.1...v4.17.2)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-19 15:44:34 +02:00
dependabot[bot]
e2cc53eb72 build(deps): bump google.golang.org/api from 0.94.0 to 0.96.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.94.0 to 0.96.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.94.0...v0.96.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-19 15:38:54 +02:00
dependabot[bot]
ba8de9a6a9 build(deps): bump github.com/openshift-online/ocm-sdk-go 
Bumps [github.com/openshift-online/ocm-sdk-go](https://github.com/openshift-online/ocm-sdk-go) from 0.1.266 to 0.1.287.
- [Release notes](https://github.com/openshift-online/ocm-sdk-go/releases)
- [Changelog](https://github.com/openshift-online/ocm-sdk-go/blob/main/CHANGES.md)
- [Commits](https://github.com/openshift-online/ocm-sdk-go/compare/v0.1.266...v0.1.287)

---
updated-dependencies:
- dependency-name: github.com/openshift-online/ocm-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-19 11:55:50 +02:00
dependabot[bot]
c685a00694 build(deps): bump github.com/vmware/govmomi from 0.28.0 to 0.29.0 
Bumps [github.com/vmware/govmomi](https://github.com/vmware/govmomi) from 0.28.0 to 0.29.0.
- [Release notes](https://github.com/vmware/govmomi/releases)
- [Changelog](https://github.com/vmware/govmomi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vmware/govmomi/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: github.com/vmware/govmomi
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-16 18:02:30 +02:00
dependabot[bot]
b8cbe84fda build(deps): bump gopkg.in/ini.v1 from 1.66.6 to 1.67.0 
Bumps [gopkg.in/ini.v1](https://github.com/go-ini/ini) from 1.66.6 to 1.67.0.
- [Release notes](https://github.com/go-ini/ini/releases)
- [Commits](https://github.com/go-ini/ini/compare/v1.66.6...v1.67.0)

---
updated-dependencies:
- dependency-name: gopkg.in/ini.v1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-16 13:52:38 +02:00
dependabot[bot]
d40dbd6f0b build(deps): bump cloud.google.com/go/compute from 1.7.0 to 1.9.0 
Bumps [cloud.google.com/go/compute](https://github.com/googleapis/google-cloud-go) from 1.7.0 to 1.9.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/video/v1.7.0...pubsub/v1.9.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/compute
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-16 01:42:14 +02:00
dependabot[bot]
5088e40795 build(deps): bump github.com/aws/aws-sdk-go from 1.44.44 to 1.44.93 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.44 to 1.44.93.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.44...v1.44.93)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-08 14:16:34 +02:00
dependabot[bot]
c864343770 build(deps): bump github.com/gophercloud/gophercloud 
Bumps [github.com/gophercloud/gophercloud](https://github.com/gophercloud/gophercloud) from 0.24.0 to 1.0.0.
- [Release notes](https://github.com/gophercloud/gophercloud/releases)
- [Changelog](https://github.com/gophercloud/gophercloud/blob/master/CHANGELOG.md)
- [Commits](https://github.com/gophercloud/gophercloud/compare/v0.24.0...v1.0.0)

---
updated-dependencies:
- dependency-name: github.com/gophercloud/gophercloud
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 12:59:11 +02:00
dependabot[bot]
8f26317115 build(deps): bump github.com/golang-jwt/jwt/v4 from 4.4.1 to 4.4.2 
Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.4.1 to 4.4.2.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v4.4.1...v4.4.2)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 12:58:24 +02:00
dependabot[bot]
48ebe60363 build(deps): bump github.com/Azure/go-autorest/autorest 
Bumps [github.com/Azure/go-autorest/autorest](https://github.com/Azure/go-autorest) from 0.11.27 to 0.11.28.
- [Release notes](https://github.com/Azure/go-autorest/releases)
- [Changelog](https://github.com/Azure/go-autorest/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/go-autorest/compare/autorest/v0.11.27...autorest/v0.11.28)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-autorest/autorest
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 12:57:16 +02:00
dependabot[bot]
d75e01aef0 build(deps): bump github.com/labstack/echo/v4 from 4.7.2 to 4.8.0 
Bumps [github.com/labstack/echo/v4](https://github.com/labstack/echo) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/labstack/echo/releases)
- [Changelog](https://github.com/labstack/echo/blob/master/CHANGELOG.md)
- [Commits](https://github.com/labstack/echo/compare/v4.7.2...v4.8.0)

---
updated-dependencies:
- dependency-name: github.com/labstack/echo/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-31 12:47:24 +02:00
dependabot[bot]
efddacc682 build(deps): bump cloud.google.com/go/storage from 1.22.1 to 1.26.0 
Bumps [cloud.google.com/go/storage](https://github.com/googleapis/google-cloud-go) from 1.22.1 to 1.26.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.22.1...spanner/v1.26.0)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/storage
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-30 15:36:14 +02:00
dependabot[bot]
58c87198c6 build(deps): bump github.com/containers/common from 0.48.0 to 0.49.1 
Bumps [github.com/containers/common](https://github.com/containers/common) from 0.48.0 to 0.49.1.
- [Release notes](https://github.com/containers/common/releases)
- [Commits](https://github.com/containers/common/compare/v0.48.0...v0.49.1)

---
updated-dependencies:
- dependency-name: github.com/containers/common
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-30 15:34:58 +02:00
dependabot[bot]
b133ff5994 build(deps): bump github.com/jackc/pgx/v4 from 4.16.0 to 4.17.1 
Bumps [github.com/jackc/pgx/v4](https://github.com/jackc/pgx) from 4.16.0 to 4.17.1.
- [Release notes](https://github.com/jackc/pgx/releases)
- [Changelog](https://github.com/jackc/pgx/blob/master/CHANGELOG.md)
- [Commits](https://github.com/jackc/pgx/compare/v4.16.0...v4.17.1)

---
updated-dependencies:
- dependency-name: github.com/jackc/pgx/v4
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-30 15:34:23 +02:00
dependabot[bot]
5538a92eb3 build(deps): bump github.com/prometheus/client_golang 
Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.12.1 to 1.13.0.
- [Release notes](https://github.com/prometheus/client_golang/releases)
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prometheus/client_golang/compare/v1.12.1...v1.13.0)

---
updated-dependencies:
- dependency-name: github.com/prometheus/client_golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-30 15:22:18 +02:00
Ondřej Budai
29f66a251f go.mod: update github.com/containers/image/v5 
Version 5.22 introduced a new option to /etc/containers/policy.json called
keyPaths, see

https://github.com/containers/image/pull/1609

EL9 immediately took advantage of this new feature and started using it, see
04645c4a84

This quickly became an issue in our code: The go library (containers/image)
parses the configuration file very strictly and refuses to create a client
when policy.json with an unknown key is present on the filesystem. As we
used 5.21.1 that doesn't know the new key, our unit tests started to
failing when containers-common was present.

Reproducer:
podman run --pull=always --rm -it centos:stream9
dnf install -y dnf-plugins-core
dnf config-manager --set-enabled crb
dnf install -y gpgme-devel libassuan-devel krb5-devel golang git-core
git clone https://github.com/osbuild/osbuild-composer
cd osbuild-composer

# install the new containers-common and run the test
dnf install -y https://kojihub.stream.centos.org/kojifiles/packages/containers-common/1/44.el9/x86_64/containers-common-1-44.el9.x86_64.rpm
go test -count 1 ./...

# this returns:
--- FAIL: TestClientResolve (0.00s)
    client_test.go:31:
        	Error Trace:	client_test.go:31
        	Error:      	Received unexpected error:
        	            	Unknown key "keyPaths"
        	            	invalid policy in "/etc/containers/policy.json"
        	            	github.com/containers/image/v5/signature.NewPolicyFromFile
        	            		/osbuild-composer/vendor/github.com/containers/image/v5/signature/policy_config.go:88
        	            	github.com/osbuild/osbuild-composer/internal/container.NewClient
        	            		/osbuild-composer/internal/container/client.go:123
        	            	github.com/osbuild/osbuild-composer/internal/container_test.TestClientResolve
        	            		/osbuild-composer/internal/container/client_test.go:29
        	            	testing.tRunner
        	            		/usr/lib/golang/src/testing/testing.go:1439
        	            	runtime.goexit
        	            		/usr/lib/golang/src/runtime/asm_amd64.s:1571
        	Test:       	TestClientResolve
    client_test.go:32:
        	Error Trace:	client_test.go:32
        	Error:      	Expected value not to be nil.
        	Test:       	TestClientResolve

 When run with an older containers-common, it succeeds:
 dnf install -y https://kojihub.stream.centos.org/kojifiles/packages/containers-common/1/40.el9/x86_64/containers-common-1-40.el9.x86_64.rpm
 go test -count 1 ./...
 PASS

To sum it up, I had to upgrade github.com/containers/image/v5 to v5.22.0.
Unfortunately, this wasn't so simple, see

go get github.com/containers/image/v5@latest
go: github.com/containers/image/v5@v5.22.0 requires
	github.com/letsencrypt/boulder@v0.0.0-20220331220046-b23ab962616e requires
	github.com/honeycombio/beeline-go@v1.1.1 requires
	github.com/gobuffalo/pop/v5@v5.3.1 requires
	github.com/mattn/go-sqlite3@v2.0.3+incompatible: reading github.com/mattn/go-sqlite3/go.mod at revision v2.0.3: unknown revision v2.0.3

It turns out that github.com/mattn/go-sqlite3@v2.0.3+incompatible has been
recently retracted https://github.com/mattn/go-sqlite3/pull/998 and this
broke a ton of packages depending on it. I was able to fix it by adding

exclude github.com/mattn/go-sqlite3 v2.0.3+incompatible

to our go.mod, see
https://github.com/mattn/go-sqlite3/issues/975#issuecomment-955661657

After adding it,
go get github.com/containers/image/v5@latest
succeeded and tools/prepare-source.sh took care of the rest.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
 2022-08-29 10:25:38 +02:00
Christian Kellner
60607af26c container: ability to resolve containers to specs 
Add a new `Resolve` method to `Client` that will resolve its `Target`
to the corresponding manifest digest id and its corresponding iamge
identifier. The former can be used in the URL to fetch a specific
image from the registry via `<name>@<digest>` and the latter uniquely
identifies a container image via the hash of its configuration object.
This should stay the same across pulls and is also the id returned via
`podman pull` and `podman images`.
Since (most) container images are OS and architecture specific a tag
often points to a manifest list that contains all available options.
Therefore the resolve operation needs to choose the correct arch for
image. A new pair of getters `Set{Architecture,Variant}Choice` lets
the user control which architecture/variant is selected during the
resolution process.
 2022-07-21 13:32:07 +02:00
dependabot[bot]
0d1dbd9780 build(deps): bump gopkg.in/ini.v1 from 1.66.4 to 1.66.6 
Bumps [gopkg.in/ini.v1](https://github.com/go-ini/ini) from 1.66.4 to 1.66.6.
- [Release notes](https://github.com/go-ini/ini/releases)
- [Commits](https://github.com/go-ini/ini/compare/v1.66.4...v1.66.6)

---
updated-dependencies:
- dependency-name: gopkg.in/ini.v1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-07-07 13:19:10 +02:00
Christian Kellner
986f076276 container: add support for uploading to registries 
Add a new generic container registry client via a new `container`
package. Use this to create a command line utility as well as a
new upload target for container registries.

The code uses the github.com/containers/* project and packages to
interact with container registires that is also used by skopeo,
podman et al. One if the dependencies is `proglottis/gpgme` that
is using cgo to bind libgpgme, so we have to add the corresponding
devel package to the BuildRequires as well as installing it on CI.

Checks will follow later via an integration test.
 2022-06-29 10:02:46 +02:00
dependabot[bot]
2c6e28b01d build(deps): bump github.com/aws/aws-sdk-go from 1.44.4 to 1.44.43 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.44.4 to 1.44.43.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.44.4...v1.44.43)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-06-28 14:25:12 +02:00
Ondřej Budai
caadee87ec azure: add an option to tag page blobs 
We want to start tagging page blobs so this commit adds a small tagging method
to our azure library and exposes it in the osbuild-upload-azure helper.

Example:

go run ./cmd/osbuild-upload-azure/ \
  -container azure-container \
  -image ./sample.vhd \
  -storage-access-key KEY \
  -storage-account account \
  -tag key:value \
  -tag hello:world \
  -tag bird:toucan

This commit also has to downgrade the azblob library version to 0.13 so the
API for blob tags is the same as the one currently shipped to Fedora.
This is suboptimal but it should unblock us for now.

Signed-off-by: Ondřej Budai <ondrej@budai.cz>
 2022-06-13 21:06:01 +02:00
Sanne Raymaekers
7529382890 go.mod: Update openshift-online/ocm-sdk-go 
This requires golang-jwt/jwt/v4.
 2022-05-19 22:18:42 +02:00
Chloe Kaubisch
13c79294b6 cloudapi: validate input 
Validate incoming requests with openapi3. Remove unsupported
uuid format from the openapi spec. Similarly, change url to uri as
uri is a supported format and url is not.

Co-authored-by: Ondřej Budai <obudai@redhat.com>
Signed-off-by: Ondřej Budai <ondrej@budai.cz>
 2022-05-16 13:20:46 +02:00
Diaa Sami
33711d7d51 composer: add support for logrus syslog hook 
Which will be used on crc in the log forwarding setup
NeededBy: COMPOSER-1285
 2022-05-12 11:02:27 +02:00
dependabot[bot]
60e6d936f0 build(deps): bump github.com/vmware/govmomi from 0.27.4 to 0.28.0 
Bumps [github.com/vmware/govmomi](https://github.com/vmware/govmomi) from 0.27.4 to 0.28.0.
- [Release notes](https://github.com/vmware/govmomi/releases)
- [Changelog](https://github.com/vmware/govmomi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/vmware/govmomi/compare/v0.27.4...v0.28.0)

---
updated-dependencies:
- dependency-name: github.com/vmware/govmomi
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-10 13:31:39 +02:00
Thomas Lavocat
ab7fe6558a worker: protect the instance from upgrading 
Before the instance was vulnerable to an OTA update while processing a
request. Because there is no way of retriggering a job in Composer, it
is better to avoid this situation.
The way we are doing it is by setting the `protected` flag onto the
instance when a job is being processed. This way the AWS scheduler
does hopefully not shutdown the machine at the wrong time.

Main caveats of this solution:
* Starvation: If a worker keeps accepting new jobs, then it might not be
  updated.
* Inconsistency: There exist a window between the job acceptation and the
  protection where the worker can be shutdown without having the time to
  protect itself.
 2022-05-10 11:45:29 +02:00
dependabot[bot]
67727d1e5c build(deps): bump github.com/google/go-cmp from 0.5.7 to 0.5.8 
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/google/go-cmp/releases)
- [Commits](https://github.com/google/go-cmp/compare/v0.5.7...v0.5.8)

---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-04 13:29:07 +02:00
dependabot[bot]
22da2e307f build(deps): bump github.com/Azure/azure-sdk-for-go 
Bumps [github.com/Azure/azure-sdk-for-go](https://github.com/Azure/azure-sdk-for-go) from 63.1.0+incompatible to 63.4.0+incompatible.
- [Release notes](https://github.com/Azure/azure-sdk-for-go/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/Azure/azure-sdk-for-go/compare/v63.1.0...v63.4.0)

---
updated-dependencies:
- dependency-name: github.com/Azure/azure-sdk-for-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-04 13:28:09 +02:00
dependabot[bot]
a040467de5 build(deps): bump cloud.google.com/go/compute from 1.6.0 to 1.6.1 
Bumps [cloud.google.com/go/compute](https://github.com/googleapis/google-cloud-go) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases)
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.6.0...pubsub/v1.6.1)

---
updated-dependencies:
- dependency-name: cloud.google.com/go/compute
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-04 13:05:10 +02:00
dependabot[bot]
5028b19a71 build(deps): bump github.com/aws/aws-sdk-go from 1.43.42 to 1.44.4 
Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.43.42 to 1.44.4.
- [Release notes](https://github.com/aws/aws-sdk-go/releases)
- [Changelog](https://github.com/aws/aws-sdk-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws/aws-sdk-go/compare/v1.43.42...v1.44.4)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-05-02 10:01:01 +02:00
dependabot[bot]
0eff6c3de7 build(deps): bump google.golang.org/api from 0.74.0 to 0.75.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.74.0 to 0.75.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.74.0...v0.75.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-25 15:05:03 +02:00
dependabot[bot]
a4434666d1 build(deps): bump github.com/hashicorp/go-retryablehttp 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.0 to 0.7.1.
- [Release notes](https://github.com/hashicorp/go-retryablehttp/releases)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.0...v0.7.1)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-04-25 12:06:02 +02:00