InTotoRun inconsistency: handling symlink cycles

[joyliu-q]

Please fill in the fields below to submit an issue or feature request. The
more information that is provided, the better.

Description of issue or feature request:
When symlink cycles are detected, the Golang and Python implementations differ in how the symlink cycle error is handled.

In Python, the paths that are causing the symbolic link cycles are recorded but eventually skipped when reaching a certain depth, the warning is logged, and in_toto_run continues to record the artifacts.

In Golang, the symbolic link cycles are detected (very awesomely) and the InTotoRun function exits completely, returning an error (see line 147 in runlib.go here).

Since the Python implementation is the more canonical when there are differences in implementation, should we follow its method of handling symlink cycles and document the change? However, this may be because the Python version doesn't have symlink cycle detection implemented, and maybe we can change the Python implementation to match Golang's?

Current behavior:
Golang - When symlink cycles are detected, ErrSymCycle is returned and function exits.
Python - When symlink cycles are detected, the symlink is skipped and InTotoRun continues.

Expected behavior:

• Golang - When symlink cycles are detected, the symlink is skipped on first pass and InTotoRun continues. (Change: logs ErrSymCycle instead of returning it, and continue)
• Python - When symlink cycles are detected, the symlink is skipped on first pass and InTotoRun continues. (Change: either no change by continue having it skip when reaching a certain depth, or add change to detect symlink and skip on first pass)

OR

• Golang - When symlink cycles are detected, ErrSymCycle is returned and function exits. (No Change)
• Python - When symlink cycles are detected, ErrSymCycle is returned and function exits. (Change: detect symlink and emit error)