commit apko for openSUSE:Factory

Source-Sync Thu, 09 Jan 2025 06:13:20 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package apko for openSUSE:Factory checked in 
at 2025-01-09 15:11:40
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/apko (Old)
 and      /work/SRC/openSUSE:Factory/.apko.new.1881 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "apko"

Thu Jan  9 15:11:40 2025 rev:32 rq:1236094 version:0.22.6

Changes:
--------
--- /work/SRC/openSUSE:Factory/apko/apko.changes        2025-01-07 
20:54:28.851546674 +0100
+++ /work/SRC/openSUSE:Factory/.apko.new.1881/apko.changes      2025-01-09 
15:12:24.264659963 +0100
@@ -1,0 +2,12 @@
+Thu Jan 09 06:40:49 UTC 2025 - opensuse_buildserv...@ojkastl.de
+
+- Update to version 0.22.6:
+  * Base32-encode etag values (#1470)
+  * build(deps): bump docker/setup-qemu-action from 3.2.0 to 3.3.0
+    (#1469)
+  * Add the extra flags to `build-minirootfs` (#1467)
+  * Fix logging output of user.GID (#1466)
+  * build(deps): bump google.golang.org/api from 0.214.0 to 0.215.0
+    (#1465)
+
+-------------------------------------------------------------------

Old:
----
  apko-0.22.5.obscpio

New:
----
  apko-0.22.6.obscpio

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ apko.spec ++++++
--- /var/tmp/diff_new_pack.0YtJLi/_old  2025-01-09 15:12:26.352746457 +0100
+++ /var/tmp/diff_new_pack.0YtJLi/_new  2025-01-09 15:12:26.368747120 +0100
@@ -17,7 +17,7 @@
 
 
 Name:           apko
-Version:        0.22.5
+Version:        0.22.6
 Release:        0
 Summary:        Build OCI images from APK packages directly without Dockerfile
 License:        Apache-2.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.0YtJLi/_old  2025-01-09 15:12:26.572755570 +0100
+++ /var/tmp/diff_new_pack.0YtJLi/_new  2025-01-09 15:12:26.600756731 +0100
@@ -3,7 +3,7 @@
     <param name="url">https://github.com/chainguard-dev/apko</param>
     <param name="scm">git</param>
     <param name="exclude">.git</param>
-    <param name="revision">v0.22.5</param>
+    <param name="revision">v0.22.6</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.0YtJLi/_old  2025-01-09 15:12:26.724761867 +0100
+++ /var/tmp/diff_new_pack.0YtJLi/_new  2025-01-09 15:12:26.752763027 +0100
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param 
name="url">https://github.com/chainguard-dev/apko</param>
-              <param 
name="changesrevision">20bf90264a9720492d623322989284b938601a5d</param></service></servicedata>
+              <param 
name="changesrevision">995ee5a40608591b2c4d2e7893abdffeca93f6ff</param></service></servicedata>
 (No newline at EOF)
 

++++++ apko-0.22.5.obscpio -> apko-0.22.6.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/.github/workflows/build-samples.yml 
new/apko-0.22.6/.github/workflows/build-samples.yml
--- old/apko-0.22.5/.github/workflows/build-samples.yml 2025-01-07 
00:34:42.000000000 +0100
+++ new/apko-0.22.6/.github/workflows/build-samples.yml 2025-01-09 
00:03:56.000000000 +0100
@@ -31,7 +31,7 @@
           go-version-file: 'go.mod'
           check-latest: true
       - name: Setup QEMU
-        uses: 
docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+        uses: 
docker/setup-qemu-action@53851d14592bedcffcf25ea515637cff71ef929a # v3.3.0
       - run: |
           make apko
           ./apko build ./examples/nginx.yaml nginx:build /tmp/nginx-${{ 
matrix.arch }}.tar --arch ${{ matrix.arch }}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/go.mod new/apko-0.22.6/go.mod
--- old/apko-0.22.5/go.mod      2025-01-07 00:34:42.000000000 +0100
+++ new/apko-0.22.6/go.mod      2025-01-09 00:03:56.000000000 +0100
@@ -31,7 +31,7 @@
        golang.org/x/sync v0.10.0
        golang.org/x/sys v0.29.0
        golang.org/x/time v0.9.0
-       google.golang.org/api v0.214.0
+       google.golang.org/api v0.215.0
        gopkg.in/ini.v1 v1.67.0
        gopkg.in/yaml.v3 v3.0.1
        k8s.io/apimachinery v0.32.0
@@ -95,7 +95,7 @@
        github.com/google/s2a-go v0.1.8 // indirect
        github.com/google/uuid v1.6.0 // indirect
        github.com/googleapis/enterprise-certificate-proxy v0.3.4 // indirect
-       github.com/googleapis/gax-go/v2 v2.14.0 // indirect
+       github.com/googleapis/gax-go/v2 v2.14.1 // indirect
        github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 // indirect
        github.com/grpc-ecosystem/go-grpc-prometheus 
v1.2.1-0.20210315223345-82c243799c99 // indirect
        github.com/grpc-ecosystem/grpc-gateway/v2 v2.24.0 // indirect
@@ -158,10 +158,10 @@
        golang.org/x/oauth2 v0.24.0 // indirect
        golang.org/x/term v0.27.0 // indirect
        golang.org/x/text v0.21.0 // indirect
-       google.golang.org/genproto/googleapis/api 
v0.0.0-20241118233622-e639e219e697 // indirect
-       google.golang.org/genproto/googleapis/rpc 
v0.0.0-20241209162323-e6fa225c2576 // indirect
+       google.golang.org/genproto/googleapis/api 
v0.0.0-20241209162323-e6fa225c2576 // indirect
+       google.golang.org/genproto/googleapis/rpc 
v0.0.0-20241223144023-3abc09e42ca8 // indirect
        google.golang.org/grpc v1.69.0 // indirect
-       google.golang.org/protobuf v1.36.0 // indirect
+       google.golang.org/protobuf v1.36.1 // indirect
        gopkg.in/warnings.v0 v0.1.2 // indirect
        gotest.tools/v3 v3.5.1 // indirect
 )
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/go.sum new/apko-0.22.6/go.sum
--- old/apko-0.22.5/go.sum      2025-01-07 00:34:42.000000000 +0100
+++ new/apko-0.22.6/go.sum      2025-01-09 00:03:56.000000000 +0100
@@ -176,8 +176,8 @@
 github.com/google/uuid v1.6.0/go.mod 
h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/googleapis/enterprise-certificate-proxy v0.3.4 
h1:XYIDZApgAnrN1c855gTgghdIA6Stxb52D5RnLI1SLyw=
 github.com/googleapis/enterprise-certificate-proxy v0.3.4/go.mod 
h1:YKe7cfqYXjKGpGvmSg28/fFvhNzinZQm8DGnaburhGA=
-github.com/googleapis/gax-go/v2 v2.14.0 
h1:f+jMrjBPl+DL9nI4IQzLUxMq7XrAqFYB7hBPqMNIe8o=
-github.com/googleapis/gax-go/v2 v2.14.0/go.mod 
h1:lhBCnjdLrWRaPvLWhmc8IS24m9mr07qSYnHncrgo+zk=
+github.com/googleapis/gax-go/v2 v2.14.1 
h1:hb0FFeiPaQskmvakKu5EbCbpntQn48jyHuvrkurSS/Q=
+github.com/googleapis/gax-go/v2 v2.14.1/go.mod 
h1:Hb/NubMaVM88SrNkvl8X/o8XWwDJEPqouaLeN2IUxoA=
 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 
h1:UH//fgunKIs4JdUbpDl1VZCDaL56wXCB/5+wF6uHfaI=
 github.com/grpc-ecosystem/go-grpc-middleware v1.4.0/go.mod 
h1:g5qyo/la0ALbONm6Vbp88Yd8NsDy6rZz+RcrMPxvld8=
 github.com/grpc-ecosystem/go-grpc-prometheus 
v1.2.1-0.20210315223345-82c243799c99 
h1:JYghRBlGCZyCF2wNUJ8W0cwaQdtpcssJ4CgC406g+WU=
@@ -494,17 +494,17 @@
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod 
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod 
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod 
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-google.golang.org/api v0.214.0 h1:h2Gkq07OYi6kusGOaT/9rnNljuXmqPnaig7WGPmKbwA=
-google.golang.org/api v0.214.0/go.mod 
h1:bYPpLG8AyeMWwDU6NXoB00xC0DFkikVvd5MfwoxjLqE=
+google.golang.org/api v0.215.0 h1:jdYF4qnyczlEz2ReWIsosNLDuzXyvFHJtI5gcr0J7t0=
+google.golang.org/api v0.215.0/go.mod 
h1:fta3CVtuJYOEdugLNWm6WodzOS8KdFckABwN4I40hzY=
 google.golang.org/appengine v1.1.0/go.mod 
h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
 google.golang.org/appengine v1.4.0/go.mod 
h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod 
h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
 google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod 
h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
 google.golang.org/genproto v0.0.0-20200423170343-7949de9c1215/go.mod 
h1:55QSHmfGQM9UVYDPBsyGGes0y52j32PQ3BqQfXhyH3c=
-google.golang.org/genproto/googleapis/api v0.0.0-20241118233622-e639e219e697 
h1:pgr/4QbFyktUv9CtQ/Fq4gzEE6/Xs7iCXbktaGzLHbQ=
-google.golang.org/genproto/googleapis/api 
v0.0.0-20241118233622-e639e219e697/go.mod 
h1:+D9ySVjN8nY8YCVjc5O7PZDIdZporIDY3KaGfJunh88=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20241209162323-e6fa225c2576 
h1:8ZmaLZE4XWrtU3MyClkYqqtl6Oegr3235h7jxsDyqCY=
-google.golang.org/genproto/googleapis/rpc 
v0.0.0-20241209162323-e6fa225c2576/go.mod 
h1:5uTbfoYQed2U9p3KIj2/Zzm02PYhndfdmML0qC3q3FU=
+google.golang.org/genproto/googleapis/api v0.0.0-20241209162323-e6fa225c2576 
h1:CkkIfIt50+lT6NHAVoRYEyAvQGFM7xEwXUUywFvEb3Q=
+google.golang.org/genproto/googleapis/api 
v0.0.0-20241209162323-e6fa225c2576/go.mod 
h1:1R3kvZ1dtP3+4p4d3G8uJ8rFk/fWlScl38vanWACI08=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20241223144023-3abc09e42ca8 
h1:TqExAhdPaB60Ux47Cn0oLV07rGnxZzIsaRhQaqS666A=
+google.golang.org/genproto/googleapis/rpc 
v0.0.0-20241223144023-3abc09e42ca8/go.mod 
h1:lcTa1sDdWEIHMWlITnIczmw5w60CF9ffkb8Z+DVmmjA=
 google.golang.org/grpc v1.18.0/go.mod 
h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
 google.golang.org/grpc v1.19.0/go.mod 
h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
 google.golang.org/grpc v1.23.0/go.mod 
h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
@@ -513,8 +513,8 @@
 google.golang.org/grpc v1.29.1/go.mod 
h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
 google.golang.org/grpc v1.69.0 h1:quSiOM1GJPmPH5XtU+BCoVXcDVJJAzNcoyfC2cCjGkI=
 google.golang.org/grpc v1.69.0/go.mod 
h1:vyjdE6jLBI76dgpDojsFGNaHlxdjXN9ghpnd2o7JGZ4=
-google.golang.org/protobuf v1.36.0 
h1:mjIs9gYtt56AzC4ZaffQuh88TZurBGhIJMBZGSxNerQ=
-google.golang.org/protobuf v1.36.0/go.mod 
h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.1 
h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
+google.golang.org/protobuf v1.36.1/go.mod 
h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod 
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod 
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod 
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/internal/cli/build-minirootfs.go 
new/apko-0.22.6/internal/cli/build-minirootfs.go
--- old/apko-0.22.5/internal/cli/build-minirootfs.go    2025-01-07 
00:34:42.000000000 +0100
+++ new/apko-0.22.6/internal/cli/build-minirootfs.go    2025-01-09 
00:03:56.000000000 +0100
@@ -34,6 +34,10 @@
        var buildArch string
        var sbomPath string
        var ignoreSignatures bool
+       var extraKeys []string
+       var extraBuildRepos []string
+       var extraRuntimeRepos []string
+       var extraPackages []string
 
        cmd := &cobra.Command{
                Use:     "build-minirootfs",
@@ -44,6 +48,10 @@
                RunE: func(cmd *cobra.Command, args []string) error {
                        return BuildMinirootFSCmd(cmd.Context(),
                                build.WithConfig(args[0], []string{}),
+                               build.WithExtraKeys(extraKeys),
+                               build.WithExtraBuildRepos(extraBuildRepos),
+                               build.WithExtraRuntimeRepos(extraRuntimeRepos),
+                               build.WithExtraPackages(extraPackages),
                                build.WithTarball(args[1]),
                                build.WithBuildDate(buildDate),
                                build.WithSBOM(sbomPath),
@@ -57,6 +65,10 @@
        cmd.Flags().StringVar(&buildArch, "build-arch", runtime.GOARCH, 
"architecture to build for -- default is Go runtime architecture")
        cmd.Flags().StringVar(&sbomPath, "sbom-path", "", "generate an SBOM")
        cmd.Flags().BoolVar(&ignoreSignatures, "ignore-signatures", false, 
"ignore repository signature verification")
+       cmd.Flags().StringSliceVarP(&extraKeys, "keyring-append", "k", 
[]string{}, "path to extra keys to include in the keyring")
+       cmd.Flags().StringSliceVarP(&extraBuildRepos, 
"build-repository-append", "b", []string{}, "path to extra repositories to 
include")
+       cmd.Flags().StringSliceVarP(&extraRuntimeRepos, "repository-append", 
"r", []string{}, "path to extra repositories to include")
+       cmd.Flags().StringSliceVarP(&extraPackages, "package-append", "p", 
[]string{}, "extra packages to include")
 
        return cmd
 }
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/pkg/apk/apk/cache.go 
new/apko-0.22.6/pkg/apk/apk/cache.go
--- old/apko-0.22.5/pkg/apk/apk/cache.go        2025-01-07 00:34:42.000000000 
+0100
+++ new/apko-0.22.6/pkg/apk/apk/cache.go        2025-01-09 00:03:56.000000000 
+0100
@@ -16,6 +16,7 @@
 
 import (
        "context"
+       "encoding/base32"
        "fmt"
        "io"
        "net/http"
@@ -331,6 +332,11 @@
        }
        // When we get etags, they appear to be quoted.
        etag := strings.Trim(remoteEtag[0], `"`)
+
+       // To ensure these things are safe filenames, base32 encode them.
+       // (Avoiding base64 due to case sensitive filesystems.)
+       etag = base32.StdEncoding.EncodeToString([]byte(etag))
+
        return etag, etag != ""
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/pkg/apk/apk/repo_test.go 
new/apko-0.22.6/pkg/apk/apk/repo_test.go
--- old/apko-0.22.5/pkg/apk/apk/repo_test.go    2025-01-07 00:34:42.000000000 
+0100
+++ new/apko-0.22.6/pkg/apk/apk/repo_test.go    2025-01-09 00:03:56.000000000 
+0100
@@ -16,6 +16,7 @@
 
 import (
        "context"
+       "encoding/base32"
        "fmt"
        "io/fs"
        "net/http"
@@ -192,7 +193,7 @@
                require.NoErrorf(t, err, "unable to get indexes")
                require.Greater(t, len(indexes), 0, "no indexes found")
                // check that the contents are the same
-               index1, err := os.ReadFile(filepath.Join(repoDir, "APKINDEX", 
"an-etag.tar.gz"))
+               index1, err := os.ReadFile(filepath.Join(repoDir, "APKINDEX", 
base32.StdEncoding.EncodeToString([]byte("an-etag"))+".tar.gz"))
                require.NoError(t, err, "unable to read cache index file")
                index2, err := os.ReadFile(filepath.Join(testPrimaryPkgDir, 
indexFilename))
                require.NoError(t, err, "unable to read previous index file")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/pkg/build/types/image_configuration.go 
new/apko-0.22.6/pkg/build/types/image_configuration.go
--- old/apko-0.22.5/pkg/build/types/image_configuration.go      2025-01-07 
00:34:42.000000000 +0100
+++ new/apko-0.22.6/pkg/build/types/image_configuration.go      2025-01-09 
00:03:56.000000000 +0100
@@ -258,7 +258,7 @@
                log.Infof("    runas:  %s", ic.Accounts.RunAs)
                log.Infof("    users:")
                for _, u := range ic.Accounts.Users {
-                       log.Infof("      - uid=%d(%s) gid=%d", u.UID, 
u.UserName, u.GID)
+                       log.Infof("      - uid=%d(%s) gid=%d", u.UID, 
u.UserName, gidToInt(u.GID))
                }
                log.Infof("    groups:")
                for _, g := range ic.Accounts.Groups {
@@ -272,3 +272,10 @@
                }
        }
 }
+
+func gidToInt(gid GID) uint32 {
+       if gid == nil {
+               return 0
+       }
+       return *gid
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/apko-0.22.5/pkg/build/types/image_configuration_test.go 
new/apko-0.22.6/pkg/build/types/image_configuration_test.go
--- old/apko-0.22.5/pkg/build/types/image_configuration_test.go 2025-01-07 
00:34:42.000000000 +0100
+++ new/apko-0.22.6/pkg/build/types/image_configuration_test.go 2025-01-09 
00:03:56.000000000 +0100
@@ -60,6 +60,9 @@
 
        require.Equal(t, "/not/home", ic.Accounts.Users[0].HomeDir)
        require.Equal(t, "/home/user", ic.Accounts.Users[1].HomeDir)
+
+       // Ensure this does not cause panic when users[1].gid is empty 
(defaulting to 0)
+       ic.Summarize(ctx)
 }
 
 func TestMergeInto(t *testing.T) {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/apko-0.22.5/pkg/build/types/testdata/users.apko.yaml 
new/apko-0.22.6/pkg/build/types/testdata/users.apko.yaml
--- old/apko-0.22.5/pkg/build/types/testdata/users.apko.yaml    2025-01-07 
00:34:42.000000000 +0100
+++ new/apko-0.22.6/pkg/build/types/testdata/users.apko.yaml    2025-01-09 
00:03:56.000000000 +0100
@@ -12,6 +12,5 @@
       uid: 2
       homedir: "/not/home"
       username: "something-else"
-    - gid: 2
-      uid: 3
+    - uid: 3
       username: "user"

++++++ apko.obsinfo ++++++
--- /var/tmp/diff_new_pack.0YtJLi/_old  2025-01-09 15:12:28.336828643 +0100
+++ /var/tmp/diff_new_pack.0YtJLi/_new  2025-01-09 15:12:28.388830797 +0100
@@ -1,5 +1,5 @@
 name: apko
-version: 0.22.5
-mtime: 1736206482
-commit: 20bf90264a9720492d623322989284b938601a5d
+version: 0.22.6
+mtime: 1736377436
+commit: 995ee5a40608591b2c4d2e7893abdffeca93f6ff
 

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/apko/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.apko.new.1881/vendor.tar.gz differ: char 5, line 1

commit apko for openSUSE:Factory

Reply via email to