diff --git a/rhel/dockerfile/dockerfile.go b/rhel/dockerfile/dockerfile.go index e49a3688a..3e24df4e0 100644 --- a/rhel/dockerfile/dockerfile.go +++ b/rhel/dockerfile/dockerfile.go @@ -100,9 +100,9 @@ func (p *labelParser) Run() error { if strings.Contains(v, `escape=`) { eq := strings.IndexByte(v, '=') if eq == -1 { - return fmt.Errorf("botched parser directive: %#q", i.val) + panic("string changed while parsing?") } - esc, _ := utf8.DecodeRuneInString(v[:eq+1]) + esc, _ := utf8.DecodeRuneInString(v[eq+1:]) p.lex.Escape(esc) p.unquote.Escape(esc) p.vars.Escape(esc) diff --git a/rhel/dockerfile/dockerfile_test.go b/rhel/dockerfile/dockerfile_test.go index 419c19eae..7db19f5a1 100644 --- a/rhel/dockerfile/dockerfile_test.go +++ b/rhel/dockerfile/dockerfile_test.go @@ -4,60 +4,56 @@ import ( "bytes" "context" "encoding/json" - "io/fs" - "os" + "path/filepath" "strings" "testing" "github.com/google/go-cmp/cmp" + "golang.org/x/tools/txtar" ) func TestGetLabels(t *testing.T) { + var errPrefix = []byte("error:") ctx := context.Background() - td := os.DirFS("testdata") - de, err := fs.ReadDir(td, ".") + + ms, err := filepath.Glob("testdata/*.txtar") if err != nil { t.Fatal(err) } - for _, de := range de { - n := de.Name() - if !strings.HasPrefix(n, "Dockerfile") || - strings.HasSuffix(n, ".want") || - strings.HasSuffix(n, ".want.err") { - continue - } - t.Run(n, func(t *testing.T) { - f, err := td.Open(n) + for _, m := range ms { + t.Run(strings.TrimSuffix(filepath.Base(m), filepath.Ext(m)), func(t *testing.T) { + ar, err := txtar.ParseFile(m) if err != nil { - t.Fatal(err) + t.Fatalf("error parsing archive: %v", err) } - defer f.Close() - w, err := td.Open(n + ".want") - if err != nil { - t.Fatal(err) - } - defer w.Close() - wantErr, _ := fs.ReadFile(td, n+".want.err") - want := make(map[string]string) - if err := json.NewDecoder(w).Decode(&want); err != nil { - t.Error(err) - } - got, err := GetLabels(ctx, f) - if len(wantErr) == 0 { - if err != nil { - t.Error(err) - } - } else { - if err == nil { - t.Error("got nil, wanted error") - } else { - if got, want := err.Error(), string(bytes.TrimSpace(wantErr)); got != want { - t.Errorf("got: %+#q, want: %+#q", got, want) + var got, want map[string]string + wantErr := bytes.HasPrefix(ar.Comment, errPrefix) + for _, f := range ar.Files { + switch f.Name { + case "Dockerfile": + got, err = GetLabels(ctx, bytes.NewReader(f.Data)) + case "Want": + want = make(map[string]string) + if err := json.Unmarshal(f.Data, &want); err != nil { + t.Fatalf("unmarshaling wanted values: %v", err) } + default: + t.Logf("skipping unknown file: %s", f.Name) } } + if wantErr { + got := err.Error() + want := string(bytes.TrimSpace(bytes.TrimPrefix(ar.Comment, errPrefix))) + if got != want { + t.Error(cmp.Diff(got, want)) + } + return + } + if err != nil { + t.Errorf("error parsing labels: %v", err) + } if !cmp.Equal(got, want) { t.Error(cmp.Diff(got, want)) } diff --git a/rhel/dockerfile/fuzz_test.go b/rhel/dockerfile/fuzz_test.go index b1afce4f1..8b5dfe9dc 100644 --- a/rhel/dockerfile/fuzz_test.go +++ b/rhel/dockerfile/fuzz_test.go @@ -2,10 +2,31 @@ package dockerfile import ( "bytes" + "path/filepath" "testing" + + "golang.org/x/tools/txtar" ) func FuzzLex(f *testing.F) { + ms, err := filepath.Glob("testdata/*.txtar") + if err != nil { + f.Fatal(err) + } + for _, m := range ms { + ar, err := txtar.ParseFile(m) + if err != nil { + f.Fatalf("error parsing archive: %v", err) + } + File: + for _, af := range ar.Files { + if af.Name == "Dockerfile" { + f.Add(af.Data) + break File + } + } + } + f.Fuzz(func(t *testing.T, b []byte) { l := newLexer() l.Reset(bytes.NewReader(b)) @@ -22,4 +43,6 @@ func FuzzLex(f *testing.F) { }) } -//go:generate sh -c "go run golang.org/x/tools/cmd/file2fuzz -o testdata/fuzz/FuzzLex $(ls -1 testdata/Dockerfile* | grep -v [.]want)" +// To add new files to the fuzz corpus: +// +// go run golang.org/x/tools/cmd/file2fuzz -o testdata/fuzz/FuzzLex [FILE] diff --git a/rhel/dockerfile/generate.go b/rhel/dockerfile/generate.go new file mode 100644 index 000000000..1828cfc68 --- /dev/null +++ b/rhel/dockerfile/generate.go @@ -0,0 +1,5 @@ +package dockerfile + +//go:generate -command stringer go run golang.org/x/tools/cmd/stringer +//go:generate stringer -type itemKind +//go:generate stringer -type varExpand -linecomment diff --git a/rhel/dockerfile/lex.go b/rhel/dockerfile/lex.go index 7182ed725..aabd68186 100644 --- a/rhel/dockerfile/lex.go +++ b/rhel/dockerfile/lex.go @@ -58,9 +58,6 @@ type item struct { type itemKind int -//go:generate -command stringer go run golang.org/x/tools/cmd/stringer -//go:generate stringer -type itemKind - const ( itemError itemKind = iota itemComment diff --git a/rhel/dockerfile/testdata/Colon.txtar b/rhel/dockerfile/testdata/Colon.txtar new file mode 100644 index 000000000..9b04b91da --- /dev/null +++ b/rhel/dockerfile/testdata/Colon.txtar @@ -0,0 +1,3 @@ +error: dockerfile: bad expansion of "error": rogue colon +-- Dockerfile -- +LABEL a ${error::} diff --git a/rhel/dockerfile/testdata/Dockerfile-Comments b/rhel/dockerfile/testdata/Comments.txtar similarity index 76% rename from rhel/dockerfile/testdata/Dockerfile-Comments rename to rhel/dockerfile/testdata/Comments.txtar index c49db4575..38b6c4373 100644 --- a/rhel/dockerfile/testdata/Dockerfile-Comments +++ b/rhel/dockerfile/testdata/Comments.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- # Normal comments are fine FROM scratch @@ -7,3 +8,8 @@ LABEL \ C=D # This comment is stripped despite the apparent continuation +-- Want -- +{ + "A": "B", + "C": "D" +} diff --git a/rhel/dockerfile/testdata/Default.txtar b/rhel/dockerfile/testdata/Default.txtar new file mode 100644 index 000000000..7beec5608 --- /dev/null +++ b/rhel/dockerfile/testdata/Default.txtar @@ -0,0 +1,15 @@ +-- Dockerfile -- +LABEL a ${unset} +LABEL b ${unset=set} +LABEL c ${unset} + +LABEL null= +LABEL d ${null:=reset} +-- Want -- +{ + "a": "", + "b": "set", + "c": "set", + "d": "reset", + "null": "" +} diff --git a/rhel/dockerfile/testdata/Dockerfile-Comments.want b/rhel/dockerfile/testdata/Dockerfile-Comments.want deleted file mode 100644 index 6a87d4ec9..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-Comments.want +++ /dev/null @@ -1,4 +0,0 @@ -{ - "A": "B", - "C": "D" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-InvalidLabel b/rhel/dockerfile/testdata/Dockerfile-InvalidLabel deleted file mode 100644 index aac0f91bf..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-InvalidLabel +++ /dev/null @@ -1,2 +0,0 @@ -LABEL A=B \ - C=D # Comments not allowed in this position diff --git a/rhel/dockerfile/testdata/Dockerfile-InvalidLabel.want b/rhel/dockerfile/testdata/Dockerfile-InvalidLabel.want deleted file mode 100644 index 6a87d4ec9..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-InvalidLabel.want +++ /dev/null @@ -1,4 +0,0 @@ -{ - "A": "B", - "C": "D" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-InvalidLabel.want.err b/rhel/dockerfile/testdata/Dockerfile-InvalidLabel.want.err deleted file mode 100644 index cd81a4f82..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-InvalidLabel.want.err +++ /dev/null @@ -1 +0,0 @@ -invalid assignment syntax: `A=B C=D # Comments not allowed in this position` diff --git a/rhel/dockerfile/testdata/Dockerfile-etcd-rhel7.want b/rhel/dockerfile/testdata/Dockerfile-etcd-rhel7.want deleted file mode 100644 index 81fc0db41..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-etcd-rhel7.want +++ /dev/null @@ -1,15 +0,0 @@ -{ - "com.redhat.component": "etcd-container", - "description": "etcd is a distributed reliable key-value store for the most critical data of a distributed system.", - "install": "/usr/bin/docker run --rm $OPT1 --privileged -v /:/host -e HOST=/host -e NAME=$NAME -e IMAGE=$IMAGE $IMAGE $OPT2 /usr/bin/install.sh $OPT3", - "io.k8s.description": "etcd is a distributed reliable key-value store for the most critical data of a distributed system.", - "io.k8s.display-name": "etcd", - "io.openshift.expose-services": "2379:tcp,2380:tcp", - "io.openshift.tags": "etcd", - "name": "rhel7/etcd", - "run": "/usr/bin/docker run -d $OPT1 -p 4001:4001 -p 7001:7001 -p 2379:2379 -p 2380:2380 --name $NAME $IMAGE $OPT2 $OPT3", - "summary": "A highly-available key value store for shared configuration", - "uninstall": "/usr/bin/docker run --rm $OPT1 --privileged -v /:/host -e HOST=/host -e NAME=$NAME -e IMAGE=$IMAGE $IMAGE $OPT2 /usr/bin/uninstall.sh $OPT3", - "usage": "etcd -help ", - "version": "3.2.32" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-issue526.want b/rhel/dockerfile/testdata/Dockerfile-issue526.want deleted file mode 100644 index f702dd2d5..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-issue526.want +++ /dev/null @@ -1,3 +0,0 @@ -{ - "label": "B C E" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-nodejs10.want b/rhel/dockerfile/testdata/Dockerfile-nodejs10.want deleted file mode 100644 index 476bdb249..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-nodejs10.want +++ /dev/null @@ -1,20 +0,0 @@ -{ - "com.redhat.component": "nodejs-10-container", - "com.redhat.deployments-dir": "/src", - "com.redhat.dev-mode": "DEV_MODE:false", - "com.redhat.dev-mode.port": "DEBUG_PORT:5858", - "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", - "description": "Node.js 10 available as container is a base platform for building and running various Node.js 10 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.", - "help": "For more information visit https://github.com/sclorg/s2i-nodejs-container", - "io.k8s.description": "Node.js 10 available as container is a base platform for building and running various Node.js 10 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.", - "io.k8s.display-name": "Node.js 10", - "io.openshift.expose-services": "8080:http", - "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", - "io.openshift.tags": "builder,nodejs,nodejs10", - "io.s2i.scripts-url": "image:///usr/libexec/s2i", - "maintainer": "SoftwareCollections.org ", - "name": "ubi8/10", - "summary": "Platform for building and running Node.js 10 applications", - "usage": "s2i build ubi8/10:latest ", - "version": "1" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-quay-quay-rhel8-v3.5.6-4.want b/rhel/dockerfile/testdata/Dockerfile-quay-quay-rhel8-v3.5.6-4.want deleted file mode 100644 index 4bd0587b1..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-quay-quay-rhel8-v3.5.6-4.want +++ /dev/null @@ -1,21 +0,0 @@ -{ - "com.redhat.component": "quay-registry-container", - "name": "quay/quay-rhel8", - "version": "v3.5.6", - "io.k8s.display-name": "Red Hat Quay", - "io.k8s.description": "Red Hat Quay", - "summary": "Red Hat Quay", - "maintainer": "support@redhat.com", - "io.openshift.tags": "quay", - "release": "4", - "com.redhat.license_terms": "https://www.redhat.com/agreements", - "distribution-scope": "public", - "vendor": "Red Hat, Inc.", - "build-date": "2021-08-17T21:16:14.144538", - "architecture": "x86_64", - "vcs-type": "git", - "vcs-ref": "0e033c625b6a775f5be730ce5a938aa91cc46d29", - "com.redhat.build-host": "example.com", - "description": "Red Hat Quay", - "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/quay/quay-rhel8/images/v3.5.6-4" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-rhscl-redis-5-rhel7-5-53.1634738116.want b/rhel/dockerfile/testdata/Dockerfile-rhscl-redis-5-rhel7-5-53.1634738116.want deleted file mode 100644 index 79ea68de6..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-rhscl-redis-5-rhel7-5-53.1634738116.want +++ /dev/null @@ -1,23 +0,0 @@ -{ - "architecture": "x86_64", - "build-date": "2021-10-20T13:56:03.899740", - "com.redhat.build-host": "cpt-1007.osbs.prod.upshift.rdu2.redhat.com", - "com.redhat.component": "rh-redis5-container", - "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel", - "description": "Redis 5 available as container, is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log.", - "distribution-scope": "public", - "io.k8s.description": "Redis 5 available as container, is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log.", - "io.k8s.display-name": "Redis 5", - "io.openshift.expose-services": "6379:redis", - "io.openshift.tags": "database,redis,redis5,rh-redis5", - "maintainer": "SoftwareCollections.org ", - "name": "rhscl/redis-5-rhel7", - "release": "53.1634738116", - "summary": "Redis in-memory data structure store, used as database, cache and message broker", - "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/redis-5-rhel7/images/5-53.1634738116", - "usage": "podman run -d --name redis_database -p 6379:6379 rhscl/redis-5-rhel7", - "vcs-ref": "1ca08b535089c4828147120ead2699d9f237260a", - "vcs-type": "git", - "vendor": "Red Hat, Inc.", - "version": "5" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-rhscl-s2i-core-rhel7-1-235.want b/rhel/dockerfile/testdata/Dockerfile-rhscl-s2i-core-rhel7-1-235.want deleted file mode 100644 index 05be1b3da..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-rhscl-s2i-core-rhel7-1-235.want +++ /dev/null @@ -1,21 +0,0 @@ -{ - "architecture": "x86_64", - "build-date": "2021-10-06T13:08:17.304497", - "com.redhat.build-host": "cpt-1005.osbs.prod.upshift.rdu2.redhat.com", - "com.redhat.component": "s2i-core-container", - "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", - "description": "The s2i-core image provides any images layered on top of it with all the tools needed to use source-to-image functionality while keeping the image size as small as possible.", - "distribution-scope": "public", - "io.k8s.description": "The s2i-core image provides any images layered on top of it with all the tools needed to use source-to-image functionality while keeping the image size as small as possible.", - "io.k8s.display-name": "s2i core", - "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", - "io.s2i.scripts-url": "image:///usr/libexec/s2i", - "name": "rhscl/s2i-core-rhel7", - "release": "235", - "summary": "Base image which allows using of source-to-image.", - "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/s2i-core-rhel7/images/1-235", - "vcs-ref": "7fb31fe42247120f04b5e2d94f1719411f1037e8", - "vcs-type": "git", - "vendor": "Red Hat, Inc.", - "version": "1" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-ubi7-7.9-516.want b/rhel/dockerfile/testdata/Dockerfile-ubi7-7.9-516.want deleted file mode 100644 index e71036221..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-ubi7-7.9-516.want +++ /dev/null @@ -1,20 +0,0 @@ -{ - "architecture": "x86_64", - "build-date": "2021-10-05T10:17:02.802845", - "com.redhat.build-host": "cpt-1007.osbs.prod.upshift.rdu2.redhat.com", - "com.redhat.component": "ubi7-container", - "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", - "description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", - "distribution-scope": "public", - "io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", - "io.k8s.display-name": "Red Hat Universal Base Image 7", - "io.openshift.tags": "base rhel7", - "name": "ubi7", - "release": "516", - "summary": "Provides the latest release of the Red Hat Universal Base Image 7.", - "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi7/images/7.9-516", - "vcs-ref": "a4e710a688a6374670ecdd56637c3f683d11cbe3", - "vcs-type": "git", - "vendor": "Red Hat, Inc.", - "version": "7.9" -} diff --git a/rhel/dockerfile/testdata/Dockerfile-ubi8-minimal-8.4-208.want b/rhel/dockerfile/testdata/Dockerfile-ubi8-minimal-8.4-208.want deleted file mode 100644 index ab1b3fc65..000000000 --- a/rhel/dockerfile/testdata/Dockerfile-ubi8-minimal-8.4-208.want +++ /dev/null @@ -1,22 +0,0 @@ -{ - "architecture": "x86_64", - "build-date": "2021-08-03T16:57:21.054109", - "com.redhat.build-host": "cpt-1002.osbs.prod.upshift.rdu2.redhat.com", - "distribution-scope": "public", - "io.k8s.description": "The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", - "release": "208", - "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8-minimal/images/8.4-208", - "vcs-ref": "7256039d3c371a38cf13906dcf5688c19700c73b", - "vcs-type": "git", - "vendor": "Red Hat, Inc.", - "com.redhat.component": "ubi8-minimal-container", - "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", - "description": "The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", - "io.k8s.display-name": "Red Hat Universal Base Image 8 Minimal", - "io.openshift.expose-services": "", - "io.openshift.tags": "minimal rhel8", - "maintainer": "Red Hat, Inc.", - "name": "ubi8-minimal", - "summary": "Provides the latest release of the minimal Red Hat Universal Base Image 8.", - "version": "8.4" -} diff --git a/rhel/dockerfile/testdata/Error.txtar b/rhel/dockerfile/testdata/Error.txtar new file mode 100644 index 000000000..27ce45e82 --- /dev/null +++ b/rhel/dockerfile/testdata/Error.txtar @@ -0,0 +1,3 @@ +error: dockerfile: bad expansion of "unset": should error (error if unset or null) +-- Dockerfile -- +LABEL a ${unset:?should error} diff --git a/rhel/dockerfile/testdata/Escape.txtar b/rhel/dockerfile/testdata/Escape.txtar new file mode 100644 index 000000000..3e9bb865b --- /dev/null +++ b/rhel/dockerfile/testdata/Escape.txtar @@ -0,0 +1,8 @@ +-- Dockerfile -- +# escape=ꙮ +LABEL a ꙮ +ꙮ$b +-- Want -- +{ + "a": "$b" +} diff --git a/rhel/dockerfile/testdata/InvalidLabel.txtar b/rhel/dockerfile/testdata/InvalidLabel.txtar new file mode 100644 index 000000000..96958a192 --- /dev/null +++ b/rhel/dockerfile/testdata/InvalidLabel.txtar @@ -0,0 +1,4 @@ +error: invalid assignment syntax: `A=B C=D # Comments not allowed in this position` +-- Dockerfile -- +LABEL A=B \ + C=D # Comments not allowed in this position diff --git a/rhel/dockerfile/testdata/Dockerfile-issue526 b/rhel/dockerfile/testdata/Issue526.txtar similarity index 52% rename from rhel/dockerfile/testdata/Dockerfile-issue526 rename to rhel/dockerfile/testdata/Issue526.txtar index 063f88e6a..350dde74e 100644 --- a/rhel/dockerfile/testdata/Dockerfile-issue526 +++ b/rhel/dockerfile/testdata/Issue526.txtar @@ -1,6 +1,11 @@ +-- Dockerfile -- FROM scratch ENV A="B C" \ D=E LABEL label="$A $D" +-- Want -- +{ + "label": "B C E" +} diff --git a/rhel/dockerfile/testdata/Quoting.txtar b/rhel/dockerfile/testdata/Quoting.txtar new file mode 100644 index 000000000..2beece49f --- /dev/null +++ b/rhel/dockerfile/testdata/Quoting.txtar @@ -0,0 +1,11 @@ +-- Dockerfile -- +ARG a=\" +ARG a=\' +ARG a=\\ +ARG a=\b +LABEL s='single\' quote: \\\b' d="double\" quote: \\\b\e" +-- Want -- +{ + "s": "single' quote: \\\\b", + "d": "double\" quote: \\\b\\e" +} diff --git a/rhel/dockerfile/testdata/Vars.txtar b/rhel/dockerfile/testdata/Vars.txtar new file mode 100644 index 000000000..90e117747 --- /dev/null +++ b/rhel/dockerfile/testdata/Vars.txtar @@ -0,0 +1,37 @@ +-- Dockerfile -- +ARG null='' +LABEL dash_a ${unset-default} +LABEL dash_b ${unset:-default} +LABEL dash_c ${null-default} +LABEL dash_d ${null:-default} +LABEL plus_a ${unset+default} +LABEL plus_b ${unset:+default} +LABEL plus_c ${null+default} +LABEL plus_d ${null:+default} + +ARG var=some-pattern. +LABEL prefix ${var#*e} +LABEL greedyprefix ${var##*e} +LABEL suffix ${var%e*.} +LABEL greedysuffix ${var%%e*.} +LABEL singlechar ${var%?} +LABEL greedysinglechar ${var%%?} +LABEL noreplace ${var#\?} +-- Want -- +{ + "dash_a": "default", + "dash_b": "default", + "dash_c": "", + "dash_d": "default", + "plus_a": "", + "plus_b": "", + "plus_c": "default", + "plus_d": "", + "prefix": "-pattern.", + "greedyprefix": "rn.", + "suffix": "some-patt", + "greedysuffix": "som", + "singlechar": "some-pattern", + "greedysinglechar": "some-pattern", + "noreplace": "some-pattern." +} diff --git a/rhel/dockerfile/testdata/Dockerfile-etcd-rhel7 b/rhel/dockerfile/testdata/etcd-rhel7.txtar similarity index 60% rename from rhel/dockerfile/testdata/Dockerfile-etcd-rhel7 rename to rhel/dockerfile/testdata/etcd-rhel7.txtar index 13727a546..7fb4ddbba 100644 --- a/rhel/dockerfile/testdata/Dockerfile-etcd-rhel7 +++ b/rhel/dockerfile/testdata/etcd-rhel7.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- FROM registry.stage.redhat.io/rhel7/rhel:7.9 ENV container=docker @@ -29,4 +30,19 @@ EXPOSE 4001 7001 2379 2380 ADD tmpfiles.template config.json.template service.template manifest.json /exports/ CMD ["/usr/bin/etcd-env.sh", "/usr/bin/etcd"] - +-- Want -- +{ + "com.redhat.component": "etcd-container", + "description": "etcd is a distributed reliable key-value store for the most critical data of a distributed system.", + "install": "/usr/bin/docker run --rm $OPT1 --privileged -v /:/host -e HOST=/host -e NAME=$NAME -e IMAGE=$IMAGE $IMAGE $OPT2 /usr/bin/install.sh $OPT3", + "io.k8s.description": "etcd is a distributed reliable key-value store for the most critical data of a distributed system.", + "io.k8s.display-name": "etcd", + "io.openshift.expose-services": "2379:tcp,2380:tcp", + "io.openshift.tags": "etcd", + "name": "rhel7/etcd", + "run": "/usr/bin/docker run -d $OPT1 -p 4001:4001 -p 7001:7001 -p 2379:2379 -p 2380:2380 --name $NAME $IMAGE $OPT2 $OPT3", + "summary": "A highly-available key value store for shared configuration", + "uninstall": "/usr/bin/docker run --rm $OPT1 --privileged -v /:/host -e HOST=/host -e NAME=$NAME -e IMAGE=$IMAGE $IMAGE $OPT2 /usr/bin/uninstall.sh $OPT3", + "usage": "etcd -help ", + "version": "3.2.32" +} diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/1f3dc577a1373f0294c8c914cac1d07507ec629a0b510b694efbb77bf06aedbc b/rhel/dockerfile/testdata/fuzz/FuzzLex/1f3dc577a1373f0294c8c914cac1d07507ec629a0b510b694efbb77bf06aedbc deleted file mode 100644 index bf2e58e1d..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/1f3dc577a1373f0294c8c914cac1d07507ec629a0b510b694efbb77bf06aedbc +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("FROM ubi8/s2i-base:rhel8.1\n\n# This image provides a Node.JS environment you can use to run your Node.JS\n# applications.\n\nEXPOSE 8080\n\n# Add $HOME/node_modules/.bin to the $PATH, allowing user to make npm scripts\n# available on the CLI without using npm's --global installation mode\n# This image will be initialized with \"npm run $NPM_RUN\"\n# See https://docs.npmjs.com/misc/scripts, and your repo's package.json\n# file for possible values of NPM_RUN\n# Description\n# Environment:\n# * $NPM_RUN - Select an alternate / custom runtime mode, defined in your package.json files' scripts section (default: npm run \"start\").\n# Expose ports:\n# * 8080 - Unprivileged port used by nodejs application\n\nENV NODEJS_VERSION=10 \\\n NPM_RUN=start \\\n NAME=nodejs \\\n NPM_CONFIG_PREFIX=$HOME/.npm-global \\\n PATH=$HOME/node_modules/.bin/:$HOME/.npm-global/bin/:$PATH\n\nENV SUMMARY=\"Platform for building and running Node.js $NODEJS_VERSION applications\" \\\n DESCRIPTION=\"Node.js $NODEJS_VERSION available as container is a base platform for \\\nbuilding and running various Node.js $NODEJS_VERSION applications and frameworks. \\\nNode.js is a platform built on Chrome's JavaScript runtime for easily building \\\nfast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model \\\nthat makes it lightweight and efficient, perfect for data-intensive real-time applications \\\nthat run across distributed devices.\"\n\nLABEL summary=\"$SUMMARY\" \\\n description=\"$DESCRIPTION\" \\\n io.k8s.description=\"$DESCRIPTION\" \\\n io.k8s.display-name=\"Node.js $NODEJS_VERSION\" \\\n io.openshift.expose-services=\"8080:http\" \\\n io.openshift.tags=\"builder,$NAME,${NAME}${NODEJS_VERSION}\" \\\n io.openshift.s2i.scripts-url=\"image:///usr/libexec/s2i\" \\\n io.s2i.scripts-url=\"image:///usr/libexec/s2i\" \\\n com.redhat.dev-mode=\"DEV_MODE:false\" \\\n com.redhat.deployments-dir=\"${APP_ROOT}/src\" \\\n com.redhat.dev-mode.port=\"DEBUG_PORT:5858\" \\\n com.redhat.component=\"${NAME}-${NODEJS_VERSION}-container\" \\\n name=\"ubi8/$NAME-$NODEJS_VERSION\" \\\n version=\"1\" \\\n com.redhat.license_terms=\"https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI\" \\\n maintainer=\"SoftwareCollections.org \" \\\n help=\"For more information visit https://github.com/sclorg/s2i-nodejs-container\" \\\n usage=\"s2i build ubi8/$NAME-$NODEJS_VERSION:latest \"\n\nRUN yum -y module enable nodejs:$NODEJS_VERSION && \\\n INSTALL_PKGS=\"nodejs npm nodejs-nodemon nss_wrapper\" && \\\n ln -s /usr/lib/node_modules/nodemon/bin/nodemon.js /usr/bin/nodemon && \\\n yum remove -y $INSTALL_PKGS && \\\n yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \\\n rpm -V $INSTALL_PKGS && \\\n yum clean all -y\n\n# Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH\nCOPY ./s2i/bin/ $STI_SCRIPTS_PATH\n\n# Copy extra files to the image.\nCOPY ./root/ /\n\n# Drop the root user and make the content of /opt/app-root owned by user 1001\nRUN chown -R 1001:0 ${APP_ROOT} && chmod -R ug+rwx ${APP_ROOT} && \\\n rpm-file-permissions\n\nUSER 1001\n\n# Set the default CMD to print the usage of the language image\nCMD $STI_SCRIPTS_PATH/usage\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/44d812f0623961c44832d76d3d8c03cf65d66ea4da27266e7d71c203d6aa7757 b/rhel/dockerfile/testdata/fuzz/FuzzLex/44d812f0623961c44832d76d3d8c03cf65d66ea4da27266e7d71c203d6aa7757 deleted file mode 100644 index 452612aeb..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/44d812f0623961c44832d76d3d8c03cf65d66ea4da27266e7d71c203d6aa7757 +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("# Normal comments are fine\nFROM scratch\n\nLABEL \\\n\t# This style of comment is buck wild, but allowed.\n\tA=B \\\n\tC=D\n\t# This comment is stripped despite the apparent continuation\n\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/5d9409a7fb62c67dc82a7ec3af76fb2f3a6cf8d18aa86f32d8ac1f0e10a13941 b/rhel/dockerfile/testdata/fuzz/FuzzLex/5d9409a7fb62c67dc82a7ec3af76fb2f3a6cf8d18aa86f32d8ac1f0e10a13941 deleted file mode 100644 index 1c1c430df..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/5d9409a7fb62c67dc82a7ec3af76fb2f3a6cf8d18aa86f32d8ac1f0e10a13941 +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("FROM scratch\n\nENV A=\"B C\" \\\n D=E\n\nLABEL label=\"$A $D\"\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/7d0554d5c273741f5c70d45a79fc6cb5e9fd4078a4564f6bf41e3dff6db41d2f b/rhel/dockerfile/testdata/fuzz/FuzzLex/7d0554d5c273741f5c70d45a79fc6cb5e9fd4078a4564f6bf41e3dff6db41d2f deleted file mode 100644 index d80530d49..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/7d0554d5c273741f5c70d45a79fc6cb5e9fd4078a4564f6bf41e3dff6db41d2f +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("FROM sha256:80f381f67fab035e7df9e0714aca8a13b49af52f40482fadcfb893b50740272c\n\n# Redis image based on Software Collections packages\n#\n# Volumes:\n# * /var/lib/redis/data - Datastore for Redis\n# Environment:\n# * $REDIS_PASSWORD - Database password\n\nENV REDIS_VERSION=5 \\\n HOME=/var/lib/redis\n\nENV SUMMARY=\"Redis in-memory data structure store, used as database, cache and message broker\" \\\n DESCRIPTION=\"Redis $REDIS_VERSION available as container, is an advanced key-value store. \\\nIt is often referred to as a data structure server since keys can contain strings, hashes, lists, \\\nsets and sorted sets. You can run atomic operations on these types, like appending to a string; \\\nincrementing the value in a hash; pushing to a list; computing set intersection, union and difference; \\\nor getting the member with highest ranking in a sorted set. In order to achieve its outstanding \\\nperformance, Redis works with an in-memory dataset. Depending on your use case, you can persist \\\nit either by dumping the dataset to disk every once in a while, or by appending each command to a log.\"\n\nLABEL summary=\"$SUMMARY\" \\\n description=\"$DESCRIPTION\" \\\n io.k8s.description=\"$DESCRIPTION\" \\\n io.k8s.display-name=\"Redis 5\" \\\n io.openshift.expose-services=\"6379:redis\" \\\n io.openshift.tags=\"database,redis,redis5,rh-redis5\" \\\n com.redhat.component=\"rh-redis5-container\" \\\n name=\"rhscl/redis-5-rhel7\" \\\n version=\"5\" \\\n com.redhat.license_terms=\"https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel\" \\\n usage=\"podman run -d --name redis_database -p 6379:6379 rhscl/redis-5-rhel7\" \\\n maintainer=\"SoftwareCollections.org \"\n\nEXPOSE 6379\n\n# Create user for redis that has known UID\n# We need to do this before installing the RPMs which would create user with random UID\n# The UID is the one used by the default user from the parent layer (1001),\n# and since the user exists already, do not create a new one, but only rename\n# the existing\n# This image must forever use UID 1001 for redis user so our volumes are\n# safe in the future. This should *never* change, the last test is there\n# to make sure of that.\nRUN getent group redis &> /dev/null || groupadd -r redis &> /dev/null && \\\n usermod -l redis -aG redis -c 'Redis Server' default &> /dev/null && \\\n# Install gettext for envsubst command\n yum install -y yum-utils gettext && \\\n prepare-yum-repositories rhel-server-rhscl-7-rpms && \\\n INSTALL_PKGS=\"rh-redis5\" && \\\n yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \\\n rpm -V $INSTALL_PKGS && \\\n yum -y clean all --enablerepo='*' && \\\n mkdir -p /var/lib/redis/data && chown -R redis.0 /var/lib/redis && \\\n [[ \"$(id redis)\" == \"uid=1001(redis)\"* ]]\n\n# Get prefix path and path to scripts rather than hard-code them in scripts\nENV CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/redis \\\n REDIS_PREFIX=/opt/rh/rh-redis5/root/usr \\\n ENABLED_COLLECTIONS=rh-redis5\n\n# When bash is started non-interactively, to run a shell script, for example it\n# looks for this variable and source the content of this file. This will enable\n# the SCL for all scripts without need to do 'scl enable'.\nENV BASH_ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \\\n ENV=${CONTAINER_SCRIPTS_PATH}/scl_enable \\\n PROMPT_COMMAND=\". ${CONTAINER_SCRIPTS_PATH}/scl_enable\"\n\nCOPY root /\n\n# this is needed due to issues with squash\n# when this directory gets rm'd by the container-setup\n# script.\nRUN /usr/libexec/container-setup\n\nVOLUME [\"/var/lib/redis/data\"]\n\n# Using a numeric value because of a comment in [1]:\n# If your S2I image does not include a USER declaration with a numeric user,\n# your builds will fail by default.\n# [1] https://docs.openshift.com/container-platform/4.4/openshift_images/create-images.html#images-create-guide-openshift_create-images\nUSER 1001\n\nENTRYPOINT [\"container-entrypoint\"]\nCMD [\"run-redis\"]\n\nADD help.1 /help.1\nADD rh-redis5-container-5-53.1634738116.json /root/buildinfo/content_manifests/rh-redis5-container-5-53.1634738116.json\nLABEL \"release\"=\"53.1634738116\" \"distribution-scope\"=\"public\" \"vendor\"=\"Red Hat, Inc.\" \"build-date\"=\"2021-10-20T13:56:03.899740\" \"architecture\"=\"x86_64\" \"vcs-type\"=\"git\" \"vcs-ref\"=\"1ca08b535089c4828147120ead2699d9f237260a\" \"com.redhat.build-host\"=\"cpt-1007.osbs.prod.upshift.rdu2.redhat.com\" \"url\"=\"https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/redis-5-rhel7/images/5-53.1634738116\"\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/8a4f9ec44aa389844ede8344443ce80aba4c870749a8646e569e0ed7aa5f0edb b/rhel/dockerfile/testdata/fuzz/FuzzLex/8a4f9ec44aa389844ede8344443ce80aba4c870749a8646e569e0ed7aa5f0edb deleted file mode 100644 index 33ff204fb..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/8a4f9ec44aa389844ede8344443ce80aba4c870749a8646e569e0ed7aa5f0edb +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("FROM sha256:434a2388fbeb26e01bcd776e5c9de4ff73473f33013952ee34209e8b5259d927\n\nMAINTAINER Red Hat, Inc.\n\nLABEL com.redhat.component=\"ubi7-container\"\nLABEL name=\"ubi7\"\nLABEL version=\"7.9\"\n\nLABEL com.redhat.license_terms=\"https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI\"\n\n#labels for container catalog\nLABEL summary=\"Provides the latest release of the Red Hat Universal Base Image 7.\"\nLABEL description=\"The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.\"\nLABEL io.k8s.display-name=\"Red Hat Universal Base Image 7\"\nLABEL io.openshift.tags=\"base rhel7\"\n\nENV container oci\nENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\n\nCMD [\"/bin/bash\"]\n\nADD ubi7-container-7.9-516.json /root/buildinfo/content_manifests/ubi7-container-7.9-516.json\nLABEL \"release\"=\"516\" \"distribution-scope\"=\"public\" \"vendor\"=\"Red Hat, Inc.\" \"build-date\"=\"2021-10-05T10:17:02.802845\" \"architecture\"=\"x86_64\" \"vcs-type\"=\"git\" \"vcs-ref\"=\"a4e710a688a6374670ecdd56637c3f683d11cbe3\" \"com.redhat.build-host\"=\"cpt-1007.osbs.prod.upshift.rdu2.redhat.com\" \"io.k8s.description\"=\"The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.\" \"url\"=\"https://access.redhat.com/containers/#/registry.access.redhat.com/ubi7/images/7.9-516\"\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/a80c4576f57f0126dcd6877223a48df920edcd7d9eb22eb85f26b81f853675a3 b/rhel/dockerfile/testdata/fuzz/FuzzLex/a80c4576f57f0126dcd6877223a48df920edcd7d9eb22eb85f26b81f853675a3 deleted file mode 100644 index 4ce346e1c..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/a80c4576f57f0126dcd6877223a48df920edcd7d9eb22eb85f26b81f853675a3 +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("FROM sha256:b3749cc58242c3fda50fb4541cd23144d42a85054d70bfe1e79eb719d212ac6f\r\n\r\nLABEL maintainer=\"Red Hat, Inc.\"\r\n\r\nLABEL com.redhat.component=\"ubi8-minimal-container\" \\\r\n name=\"ubi8-minimal\" \\\r\n version=\"8.4\"\r\n\r\n#label for EULA \r\nLABEL com.redhat.license_terms=\"https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI\"\r\n\r\n#labels for container catalog\r\nLABEL summary=\"Provides the latest release of the minimal Red Hat Universal Base Image 8.\"\r\nLABEL description=\"The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.\"\r\nLABEL io.k8s.display-name=\"Red Hat Universal Base Image 8 Minimal\"\r\nLABEL io.openshift.expose-services=\"\"\r\nLABEL io.openshift.tags=\"minimal rhel8\"\r\n\r\nENV container oci\r\nENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\r\n\r\nCMD [\"/bin/bash\"]\r\n\r\nRUN rm -rf /var/log/*\r\n\r\nADD ubi8-minimal-container-8.4-208.json /root/buildinfo/content_manifests/ubi8-minimal-container-8.4-208.json\r\nLABEL \"release\"=\"208\" \"distribution-scope\"=\"public\" \"vendor\"=\"Red Hat, Inc.\" \"build-date\"=\"2021-08-03T16:57:21.054109\" \"architecture\"=\"x86_64\" \"vcs-type\"=\"git\" \"vcs-ref\"=\"7256039d3c371a38cf13906dcf5688c19700c73b\" \"com.redhat.build-host\"=\"cpt-1002.osbs.prod.upshift.rdu2.redhat.com\" \"io.k8s.description\"=\"The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.\" \"url\"=\"https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8-minimal/images/8.4-208\"\r\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/cf56de3b7b19f8820b18632df14923bfd386fbc800b4cf21ac8033761770cf04 b/rhel/dockerfile/testdata/fuzz/FuzzLex/cf56de3b7b19f8820b18632df14923bfd386fbc800b4cf21ac8033761770cf04 deleted file mode 100644 index 69cc88be4..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/cf56de3b7b19f8820b18632df14923bfd386fbc800b4cf21ac8033761770cf04 +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("# This image is the base image for all s2i configurable container images.\nFROM sha256:6f683d6ef7a8199fdabf203f98cce97d628e40eefa42b7085f1f151d384a97fc\n\nENV SUMMARY=\"Base image which allows using of source-to-image.\"\t\\\n DESCRIPTION=\"The s2i-core image provides any images layered on top of it \\\nwith all the tools needed to use source-to-image functionality while keeping \\\nthe image size as small as possible.\"\n\nLABEL summary=\"$SUMMARY\" \\\n description=\"$DESCRIPTION\" \\\n io.k8s.description=\"$DESCRIPTION\" \\\n io.k8s.display-name=\"s2i core\" \\\n io.openshift.s2i.scripts-url=image:///usr/libexec/s2i \\\n io.s2i.scripts-url=image:///usr/libexec/s2i \\\n com.redhat.component=\"s2i-core-container\" \\\n name=\"rhscl/s2i-core-rhel7\" \\\n version=\"1\" \\\n com.redhat.license_terms=\"https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI\"\n\nENV \\\n # DEPRECATED: Use above LABEL instead, because this will be removed in future versions.\n STI_SCRIPTS_URL=image:///usr/libexec/s2i \\\n # Path to be used in other layers to place s2i scripts into\n STI_SCRIPTS_PATH=/usr/libexec/s2i \\\n APP_ROOT=/opt/app-root \\\n # The $HOME is not set by default, but some applications needs this variable\n # TODO: There is a bug in rhel7.1 image where the PATH variable is not exported\n # properly as container image metadata, which causes the $PATH variable do not\n # expand properly.\n HOME=/opt/app-root/src \\\n PATH=/opt/app-root/src/bin:/opt/app-root/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin \\\n PLATFORM=\"el7\"\n\n# When bash is started non-interactively, to run a shell script, for example it\n# looks for this variable and source the content of this file. This will enable\n# the SCL for all scripts without need to do 'scl enable'.\nENV BASH_ENV=${APP_ROOT}/etc/scl_enable \\\n ENV=${APP_ROOT}/etc/scl_enable \\\n PROMPT_COMMAND=\". ${APP_ROOT}/etc/scl_enable\"\n\n# Copy just prepare-yum-repositories that is needed for packages install step,\n# other files might be added later so changing them does not cause packages\n# to be installed again, which takes long time\nCOPY ./root/usr/bin/prepare-yum-repositories /usr/bin/prepare-yum-repositories\n\n# This is the list of basic dependencies that all language container image can\n# consume.\n# Also setup the 'openshift' user that is used for the build execution and for the\n# application runtime execution.\n# TODO: Use better UID and GID values\nRUN prepare-yum-repositories && \\\n INSTALL_PKGS=\"bsdtar \\\n findutils \\\n gettext \\\n groff-base \\\n rsync \\\n scl-utils \\\n tar \\\n unzip \\\n yum-utils\" && \\\n mkdir -p ${HOME}/.pki/nssdb && \\\n chown -R 1001:0 ${HOME}/.pki && \\\n yum install -y --setopt=tsflags=nodocs $INSTALL_PKGS && \\\n rpm -V $INSTALL_PKGS && \\\n yum -y clean all --enablerepo='*'\n\n# Copy extra files to the image.\nCOPY ./root/ /\n\n# Directory with the sources is set as the working directory so all STI scripts\n# can execute relative to this path.\nWORKDIR ${HOME}\n\nENTRYPOINT [\"container-entrypoint\"]\nCMD [\"base-usage\"]\n\n# Reset permissions of modified directories and add default user\nRUN rpm-file-permissions && \\\n useradd -u 1001 -r -g 0 -d ${HOME} -s /sbin/nologin \\\n -c \"Default Application User\" default && \\\n chown -R 1001:0 ${APP_ROOT}\n\nADD help.1 /help.1\nADD s2i-core-container-1-235.json /root/buildinfo/content_manifests/s2i-core-container-1-235.json\nLABEL \"release\"=\"235\" \"distribution-scope\"=\"public\" \"vendor\"=\"Red Hat, Inc.\" \"build-date\"=\"2021-10-06T13:08:17.304497\" \"architecture\"=\"x86_64\" \"vcs-type\"=\"git\" \"vcs-ref\"=\"7fb31fe42247120f04b5e2d94f1719411f1037e8\" \"com.redhat.build-host\"=\"cpt-1005.osbs.prod.upshift.rdu2.redhat.com\" \"url\"=\"https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/s2i-core-rhel7/images/1-235\"\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/fuzz/FuzzLex/d552ebffd8434d619cd4f4011e8943d313f8c1dcbbc3689b9b20dcc97ea3814d b/rhel/dockerfile/testdata/fuzz/FuzzLex/d552ebffd8434d619cd4f4011e8943d313f8c1dcbbc3689b9b20dcc97ea3814d deleted file mode 100644 index 13a3c88f1..000000000 --- a/rhel/dockerfile/testdata/fuzz/FuzzLex/d552ebffd8434d619cd4f4011e8943d313f8c1dcbbc3689b9b20dcc97ea3814d +++ /dev/null @@ -1,2 +0,0 @@ -go test fuzz v1 -[]byte("LABEL A=B \\\n\tC=D # Comments not allowed in this position\n") \ No newline at end of file diff --git a/rhel/dockerfile/testdata/Dockerfile-nodejs10 b/rhel/dockerfile/testdata/nodejs10.txtar similarity index 64% rename from rhel/dockerfile/testdata/Dockerfile-nodejs10 rename to rhel/dockerfile/testdata/nodejs10.txtar index a7d349580..cf3415d57 100644 --- a/rhel/dockerfile/testdata/Dockerfile-nodejs10 +++ b/rhel/dockerfile/testdata/nodejs10.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- FROM ubi8/s2i-base:rhel8.1 # This image provides a Node.JS environment you can use to run your Node.JS @@ -71,3 +72,24 @@ USER 1001 # Set the default CMD to print the usage of the language image CMD $STI_SCRIPTS_PATH/usage +-- Want -- +{ + "com.redhat.component": "nodejs-10-container", + "com.redhat.deployments-dir": "/src", + "com.redhat.dev-mode": "DEV_MODE:false", + "com.redhat.dev-mode.port": "DEBUG_PORT:5858", + "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", + "description": "Node.js 10 available as container is a base platform for building and running various Node.js 10 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.", + "help": "For more information visit https://github.com/sclorg/s2i-nodejs-container", + "io.k8s.description": "Node.js 10 available as container is a base platform for building and running various Node.js 10 applications and frameworks. Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices.", + "io.k8s.display-name": "Node.js 10", + "io.openshift.expose-services": "8080:http", + "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", + "io.openshift.tags": "builder,nodejs,nodejs10", + "io.s2i.scripts-url": "image:///usr/libexec/s2i", + "maintainer": "SoftwareCollections.org ", + "name": "ubi8/10", + "summary": "Platform for building and running Node.js 10 applications", + "usage": "s2i build ubi8/10:latest ", + "version": "1" +} diff --git a/rhel/dockerfile/testdata/Dockerfile-quay-quay-rhel8-v3.5.6-4 b/rhel/dockerfile/testdata/quay-quay-rhel8-v3.5.6-4.txtar similarity index 87% rename from rhel/dockerfile/testdata/Dockerfile-quay-quay-rhel8-v3.5.6-4 rename to rhel/dockerfile/testdata/quay-quay-rhel8-v3.5.6-4.txtar index 5a4dc7657..7c78e09ff 100644 --- a/rhel/dockerfile/testdata/Dockerfile-quay-quay-rhel8-v3.5.6-4 +++ b/rhel/dockerfile/testdata/quay-quay-rhel8-v3.5.6-4.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- FROM sha256:ad42391b9b4670e68a759d4cdb8780896071a1cb1ed519b474f901e597bf3b3d AS build-npm COPY $REMOTE_SOURCE $REMOTE_SOURCE_DIR @@ -153,3 +154,25 @@ CMD ["registry"] ADD quay-registry-container-v3.5.6-4.json /root/buildinfo/content_manifests/quay-registry-container-v3.5.6-4.json LABEL "release"="4" "com.redhat.license_terms"="https://www.redhat.com/agreements" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2021-08-17T21:16:14.144538" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="0e033c625b6a775f5be730ce5a938aa91cc46d29" "com.redhat.build-host"="example.com" "description"="Red Hat Quay" "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/quay/quay-rhel8/images/v3.5.6-4" +-- Want -- +{ + "architecture": "x86_64", + "build-date": "2021-08-17T21:16:14.144538", + "com.redhat.build-host": "example.com", + "com.redhat.component": "quay-registry-container", + "com.redhat.license_terms": "https://www.redhat.com/agreements", + "description": "Red Hat Quay", + "distribution-scope": "public", + "io.k8s.description": "Red Hat Quay", + "io.k8s.display-name": "Red Hat Quay", + "io.openshift.tags": "quay", + "maintainer": "support@redhat.com", + "name": "quay/quay-rhel8", + "release": "4", + "summary": "Red Hat Quay", + "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/quay/quay-rhel8/images/v3.5.6-4", + "vcs-ref": "0e033c625b6a775f5be730ce5a938aa91cc46d29", + "vcs-type": "git", + "vendor": "Red Hat, Inc.", + "version": "v3.5.6" +} diff --git a/rhel/dockerfile/testdata/Dockerfile-rhscl-redis-5-rhel7-5-53.1634738116 b/rhel/dockerfile/testdata/rhscl-redis-5-rhel7-5-53.1634738116.txtar similarity index 64% rename from rhel/dockerfile/testdata/Dockerfile-rhscl-redis-5-rhel7-5-53.1634738116 rename to rhel/dockerfile/testdata/rhscl-redis-5-rhel7-5-53.1634738116.txtar index c14e2b496..fd4fcd867 100644 --- a/rhel/dockerfile/testdata/Dockerfile-rhscl-redis-5-rhel7-5-53.1634738116 +++ b/rhel/dockerfile/testdata/rhscl-redis-5-rhel7-5-53.1634738116.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- FROM sha256:80f381f67fab035e7df9e0714aca8a13b49af52f40482fadcfb893b50740272c # Redis image based on Software Collections packages @@ -87,3 +88,27 @@ CMD ["run-redis"] ADD help.1 /help.1 ADD rh-redis5-container-5-53.1634738116.json /root/buildinfo/content_manifests/rh-redis5-container-5-53.1634738116.json LABEL "release"="53.1634738116" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2021-10-20T13:56:03.899740" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="1ca08b535089c4828147120ead2699d9f237260a" "com.redhat.build-host"="cpt-1007.osbs.prod.upshift.rdu2.redhat.com" "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/redis-5-rhel7/images/5-53.1634738116" +-- Want -- +{ + "architecture": "x86_64", + "build-date": "2021-10-20T13:56:03.899740", + "com.redhat.build-host": "cpt-1007.osbs.prod.upshift.rdu2.redhat.com", + "com.redhat.component": "rh-redis5-container", + "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#rhel", + "description": "Redis 5 available as container, is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log.", + "distribution-scope": "public", + "io.k8s.description": "Redis 5 available as container, is an advanced key-value store. It is often referred to as a data structure server since keys can contain strings, hashes, lists, sets and sorted sets. You can run atomic operations on these types, like appending to a string; incrementing the value in a hash; pushing to a list; computing set intersection, union and difference; or getting the member with highest ranking in a sorted set. In order to achieve its outstanding performance, Redis works with an in-memory dataset. Depending on your use case, you can persist it either by dumping the dataset to disk every once in a while, or by appending each command to a log.", + "io.k8s.display-name": "Redis 5", + "io.openshift.expose-services": "6379:redis", + "io.openshift.tags": "database,redis,redis5,rh-redis5", + "maintainer": "SoftwareCollections.org ", + "name": "rhscl/redis-5-rhel7", + "release": "53.1634738116", + "summary": "Redis in-memory data structure store, used as database, cache and message broker", + "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/redis-5-rhel7/images/5-53.1634738116", + "usage": "podman run -d --name redis_database -p 6379:6379 rhscl/redis-5-rhel7", + "vcs-ref": "1ca08b535089c4828147120ead2699d9f237260a", + "vcs-type": "git", + "vendor": "Red Hat, Inc.", + "version": "5" +} diff --git a/rhel/dockerfile/testdata/Dockerfile-rhscl-s2i-core-rhel7-1-235 b/rhel/dockerfile/testdata/rhscl-s2i-core-rhel7-1-235.txtar similarity index 74% rename from rhel/dockerfile/testdata/Dockerfile-rhscl-s2i-core-rhel7-1-235 rename to rhel/dockerfile/testdata/rhscl-s2i-core-rhel7-1-235.txtar index b4f4aa535..56071dc4a 100644 --- a/rhel/dockerfile/testdata/Dockerfile-rhscl-s2i-core-rhel7-1-235 +++ b/rhel/dockerfile/testdata/rhscl-s2i-core-rhel7-1-235.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- # This image is the base image for all s2i configurable container images. FROM sha256:6f683d6ef7a8199fdabf203f98cce97d628e40eefa42b7085f1f151d384a97fc @@ -83,3 +84,25 @@ RUN rpm-file-permissions && \ ADD help.1 /help.1 ADD s2i-core-container-1-235.json /root/buildinfo/content_manifests/s2i-core-container-1-235.json LABEL "release"="235" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2021-10-06T13:08:17.304497" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="7fb31fe42247120f04b5e2d94f1719411f1037e8" "com.redhat.build-host"="cpt-1005.osbs.prod.upshift.rdu2.redhat.com" "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/s2i-core-rhel7/images/1-235" +-- Want -- +{ + "architecture": "x86_64", + "build-date": "2021-10-06T13:08:17.304497", + "com.redhat.build-host": "cpt-1005.osbs.prod.upshift.rdu2.redhat.com", + "com.redhat.component": "s2i-core-container", + "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", + "description": "The s2i-core image provides any images layered on top of it with all the tools needed to use source-to-image functionality while keeping the image size as small as possible.", + "distribution-scope": "public", + "io.k8s.description": "The s2i-core image provides any images layered on top of it with all the tools needed to use source-to-image functionality while keeping the image size as small as possible.", + "io.k8s.display-name": "s2i core", + "io.openshift.s2i.scripts-url": "image:///usr/libexec/s2i", + "io.s2i.scripts-url": "image:///usr/libexec/s2i", + "name": "rhscl/s2i-core-rhel7", + "release": "235", + "summary": "Base image which allows using of source-to-image.", + "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/rhscl/s2i-core-rhel7/images/1-235", + "vcs-ref": "7fb31fe42247120f04b5e2d94f1719411f1037e8", + "vcs-type": "git", + "vendor": "Red Hat, Inc.", + "version": "1" +} diff --git a/rhel/dockerfile/testdata/Dockerfile-ubi7-7.9-516 b/rhel/dockerfile/testdata/ubi7-7.9.txtar similarity index 54% rename from rhel/dockerfile/testdata/Dockerfile-ubi7-7.9-516 rename to rhel/dockerfile/testdata/ubi7-7.9.txtar index 6364c375b..5de40851d 100644 --- a/rhel/dockerfile/testdata/Dockerfile-ubi7-7.9-516 +++ b/rhel/dockerfile/testdata/ubi7-7.9.txtar @@ -1,3 +1,4 @@ +-- Dockerfile -- FROM sha256:434a2388fbeb26e01bcd776e5c9de4ff73473f33013952ee34209e8b5259d927 MAINTAINER Red Hat, Inc. @@ -21,3 +22,24 @@ CMD ["/bin/bash"] ADD ubi7-container-7.9-516.json /root/buildinfo/content_manifests/ubi7-container-7.9-516.json LABEL "release"="516" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2021-10-05T10:17:02.802845" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="a4e710a688a6374670ecdd56637c3f683d11cbe3" "com.redhat.build-host"="cpt-1007.osbs.prod.upshift.rdu2.redhat.com" "io.k8s.description"="The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly." "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/ubi7/images/7.9-516" +-- Want -- +{ + "architecture": "x86_64", + "build-date": "2021-10-05T10:17:02.802845", + "com.redhat.build-host": "cpt-1007.osbs.prod.upshift.rdu2.redhat.com", + "com.redhat.component": "ubi7-container", + "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", + "description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", + "distribution-scope": "public", + "io.k8s.description": "The Universal Base Image is designed and engineered to be the base layer for all of your containerized applications, middleware and utilities. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", + "io.k8s.display-name": "Red Hat Universal Base Image 7", + "io.openshift.tags": "base rhel7", + "name": "ubi7", + "release": "516", + "summary": "Provides the latest release of the Red Hat Universal Base Image 7.", + "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi7/images/7.9-516", + "vcs-ref": "a4e710a688a6374670ecdd56637c3f683d11cbe3", + "vcs-type": "git", + "vendor": "Red Hat, Inc.", + "version": "7.9" +} diff --git a/rhel/dockerfile/testdata/Dockerfile-ubi8-minimal-8.4-208 b/rhel/dockerfile/testdata/ubi8-minimal-8.4-208.txtar similarity index 54% rename from rhel/dockerfile/testdata/Dockerfile-ubi8-minimal-8.4-208 rename to rhel/dockerfile/testdata/ubi8-minimal-8.4-208.txtar index 9380e6cef..243d1ca23 100644 --- a/rhel/dockerfile/testdata/Dockerfile-ubi8-minimal-8.4-208 +++ b/rhel/dockerfile/testdata/ubi8-minimal-8.4-208.txtar @@ -1,27 +1,51 @@ -FROM sha256:b3749cc58242c3fda50fb4541cd23144d42a85054d70bfe1e79eb719d212ac6f - -LABEL maintainer="Red Hat, Inc." - -LABEL com.redhat.component="ubi8-minimal-container" \ - name="ubi8-minimal" \ - version="8.4" - -#label for EULA -LABEL com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI" - -#labels for container catalog -LABEL summary="Provides the latest release of the minimal Red Hat Universal Base Image 8." -LABEL description="The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly." -LABEL io.k8s.display-name="Red Hat Universal Base Image 8 Minimal" -LABEL io.openshift.expose-services="" -LABEL io.openshift.tags="minimal rhel8" - -ENV container oci -ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin - -CMD ["/bin/bash"] - -RUN rm -rf /var/log/* - -ADD ubi8-minimal-container-8.4-208.json /root/buildinfo/content_manifests/ubi8-minimal-container-8.4-208.json -LABEL "release"="208" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2021-08-03T16:57:21.054109" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="7256039d3c371a38cf13906dcf5688c19700c73b" "com.redhat.build-host"="cpt-1002.osbs.prod.upshift.rdu2.redhat.com" "io.k8s.description"="The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly." "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8-minimal/images/8.4-208" +-- Dockerfile -- +FROM sha256:b3749cc58242c3fda50fb4541cd23144d42a85054d70bfe1e79eb719d212ac6f + +LABEL maintainer="Red Hat, Inc." + +LABEL com.redhat.component="ubi8-minimal-container" \ + name="ubi8-minimal" \ + version="8.4" + +#label for EULA +LABEL com.redhat.license_terms="https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI" + +#labels for container catalog +LABEL summary="Provides the latest release of the minimal Red Hat Universal Base Image 8." +LABEL description="The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly." +LABEL io.k8s.display-name="Red Hat Universal Base Image 8 Minimal" +LABEL io.openshift.expose-services="" +LABEL io.openshift.tags="minimal rhel8" + +ENV container oci +ENV PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin + +CMD ["/bin/bash"] + +RUN rm -rf /var/log/* + +ADD ubi8-minimal-container-8.4-208.json /root/buildinfo/content_manifests/ubi8-minimal-container-8.4-208.json +LABEL "release"="208" "distribution-scope"="public" "vendor"="Red Hat, Inc." "build-date"="2021-08-03T16:57:21.054109" "architecture"="x86_64" "vcs-type"="git" "vcs-ref"="7256039d3c371a38cf13906dcf5688c19700c73b" "com.redhat.build-host"="cpt-1002.osbs.prod.upshift.rdu2.redhat.com" "io.k8s.description"="The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly." "url"="https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8-minimal/images/8.4-208" +-- Want -- +{ + "architecture": "x86_64", + "build-date": "2021-08-03T16:57:21.054109", + "com.redhat.build-host": "cpt-1002.osbs.prod.upshift.rdu2.redhat.com", + "com.redhat.component": "ubi8-minimal-container", + "com.redhat.license_terms": "https://www.redhat.com/en/about/red-hat-end-user-license-agreements#UBI", + "description": "The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", + "distribution-scope": "public", + "io.k8s.description": "The Universal Base Image Minimal is a stripped down image that uses microdnf as a package manager. This base image is freely redistributable, but Red Hat only supports Red Hat technologies through subscriptions for Red Hat products. This image is maintained by Red Hat and updated regularly.", + "io.k8s.display-name": "Red Hat Universal Base Image 8 Minimal", + "io.openshift.expose-services": "", + "io.openshift.tags": "minimal rhel8", + "maintainer": "Red Hat, Inc.", + "name": "ubi8-minimal", + "release": "208", + "summary": "Provides the latest release of the minimal Red Hat Universal Base Image 8.", + "url": "https://access.redhat.com/containers/#/registry.access.redhat.com/ubi8-minimal/images/8.4-208", + "vcs-ref": "7256039d3c371a38cf13906dcf5688c19700c73b", + "vcs-type": "git", + "vendor": "Red Hat, Inc.", + "version": "8.4" +} diff --git a/rhel/dockerfile/varexpand_string.go b/rhel/dockerfile/varexpand_string.go new file mode 100644 index 000000000..dd382fa3f --- /dev/null +++ b/rhel/dockerfile/varexpand_string.go @@ -0,0 +1,35 @@ +// Code generated by "stringer -type varExpand -linecomment"; DO NOT EDIT. + +package dockerfile + +import "strconv" + +func _() { + // An "invalid array index" compiler error signifies that the constant values have changed. + // Re-run the stringer command to generate them again. + var x [1]struct{} + _ = x[varExpandSimple-0] + _ = x[varExpandDefault-1] + _ = x[varExpandDefaultNull-2] + _ = x[varSetDefault-3] + _ = x[varSetDefaultNull-4] + _ = x[varExpandAlternate-5] + _ = x[varExpandAlternateNull-6] + _ = x[varErrIfUnset-7] + _ = x[varErrIfUnsetNull-8] + _ = x[varTrimSuffix-9] + _ = x[varTrimSuffixGreedy-10] + _ = x[varTrimPrefix-11] + _ = x[varTrimPrefixGreedy-12] +} + +const _varExpand_name = "simple expansiondefault expansiondefault+null expansionset defaultset default, incl. nullalternate expansionalternate expanxion, incl. nullerror if unseterror if unset or nulltrim suffixgreedy trim suffixtrim prefixgreedy trim prefix" + +var _varExpand_index = [...]uint8{0, 16, 33, 55, 66, 89, 108, 139, 153, 175, 186, 204, 215, 233} + +func (i varExpand) String() string { + if i >= varExpand(len(_varExpand_index)-1) { + return "varExpand(" + strconv.FormatInt(int64(i), 10) + ")" + } + return _varExpand_name[_varExpand_index[i]:_varExpand_index[i+1]] +} diff --git a/rhel/dockerfile/vars.go b/rhel/dockerfile/vars.go index ba9cbc18b..3308c68ee 100644 --- a/rhel/dockerfile/vars.go +++ b/rhel/dockerfile/vars.go @@ -4,6 +4,7 @@ import ( "bytes" "errors" "fmt" + "regexp" "strings" "unicode" "unicode/utf8" @@ -27,6 +28,7 @@ type Vars struct { state varState expand varExpand esc bool + nullMod bool varName strings.Builder varExpand strings.Builder } @@ -68,15 +70,15 @@ var _ transform.Transformer = (*Vars)(nil) // expansions. func (v *Vars) Reset() { v.state = varConsume - v.expand = varExNone + v.expand = varExpandSimple v.esc = false + v.nullMod = false v.varName.Reset() v.varExpand.Reset() } // Transform implements transform.Transformer. func (v *Vars) Transform(dst, src []byte, atEOF bool) (nDst, nSrc int, err error) { - varStart := -1 r, sz := rune(0), 0 if v.state == varEmit { // If we're here, we need to emit first thing. @@ -112,18 +114,16 @@ func (v *Vars) Transform(dst, src []byte, atEOF bool) (nDst, nSrc int, err error v.esc = false nDst += utf8.EncodeRune(dst[nDst:], v.escchar) case r == VarMeta: - // Record current position in case the destination is too small - // and the process backs out. - varStart = nSrc + sz v.varName.Reset() v.varExpand.Reset() v.state = varBegin + v.nullMod = false continue } nDst += utf8.EncodeRune(dst[nDst:], r) case varBegin: // This arm is one rune beyond the metacharacter. - v.expand = varExNone + v.expand = varExpandSimple if r == '{' { v.state = varBraceName continue @@ -150,21 +150,32 @@ func (v *Vars) Transform(dst, src []byte, atEOF bool) (nDst, nSrc int, err error // This arm begins on the rune after the opening brace. switch r { case ':': - // POSIX variable expansion has ':' as a modifier on the forms - // of expansion ('-', '=', '+'), but the Dockerfile reference - // only mentions ':-' and ':+'. - peek, psz := utf8.DecodeRune(src[nSrc+sz:]) - switch peek { - case '-': - v.expand = varExDefault - case '+': - v.expand = varExIfSet + v.nullMod = true + continue + case '/': // Non-POSIX: substitutions + return nDst, nSrc, fmt.Errorf("dockerfile: bad expansion of %q: pattern substitution unsupported", v.varName.String()) + case '=': + v.expand = varSetDefault + case '-': + v.expand = varExpandDefault + case '+': + v.expand = varExpandAlternate + case '?': + v.expand = varErrIfUnset + case '%', '#': + switch r { + case '%': // suffix + v.expand = varTrimSuffix + case '#': // prefix + v.expand = varTrimPrefix default: - nSrc = varStart - return nDst, nSrc, fmt.Errorf("bad default spec at %d", nSrc+sz) + panic("unreachable") + } + // If doubled, consume the next rune as well and set greedy mode. + if peek, psz := utf8.DecodeRune(src[nSrc+sz:]); peek == r { + sz += psz + v.expand++ } - sz += psz - v.state = varBraceExpand case '}': n, done := v.emit(dst[nDst:]) if !done { @@ -177,6 +188,19 @@ func (v *Vars) Transform(dst, src []byte, atEOF bool) (nDst, nSrc int, err error default: v.varName.WriteRune(r) } + // Check if the expansion mode should have the modified null handling. + if (r == '-' || r == '+' || r == '?' || r == '=') && v.nullMod { + v.expand++ + v.nullMod = false + } + // If one of the valid expansion modifiers, jump to the next state. + if r == '-' || r == '+' || r == '?' || r == '=' || r == '%' || r == '#' { + v.state = varBraceExpand + } + // If the code ever gets here, there's a rogue colon. + if v.nullMod { + return nDst, nSrc, fmt.Errorf("dockerfile: bad expansion of %q: rogue colon", v.varName.String()) + } case varBraceExpand: // This arm begins on the rune after the expansion specifier. if r != '}' { @@ -184,10 +208,17 @@ func (v *Vars) Transform(dst, src []byte, atEOF bool) (nDst, nSrc int, err error continue } n, done := v.emit(dst[nDst:]) - if !done { + switch { + case !done: nSrc += sz v.state = varEmit return nDst, nSrc, transform.ErrShortDst + case v.state == varError: + return nDst, nSrc, fmt.Errorf("dockerfile: bad expansion of %q: %s (%v)", + v.varName.String(), + v.varExpand.String(), + v.expand, + ) } nDst += n v.state = varConsume @@ -195,6 +226,10 @@ func (v *Vars) Transform(dst, src []byte, atEOF bool) (nDst, nSrc int, err error panic("state botch") } } + if v.esc { + // Ended in a "bare" escape character. Just pass it through. + nDst += utf8.EncodeRune(dst[nDst:], v.escchar) + } if v.state == varBareword && atEOF { // Hit EOF, so variable name is complete. n, done := v.emit(dst[nDst:]) @@ -217,31 +252,154 @@ func validName(r rune) bool { // enough space in dst. func (v *Vars) emit(dst []byte) (int, bool) { dstSz := len(dst) - var w string - res, ok := v.v[v.varName.String()] + // Names from the POSIX explanation of shell parameter expansion. + param := v.varName.String() + word := v.varExpand.String() + val, ok := v.v[param] switch v.expand { - case varExNone: // Use what's returned from the lookup. - w = res - case varExDefault: // Use lookup or default. - if ok { - w = res - break + case varExpandSimple: // Use what's returned from the lookup. + case varExpandDefault: // Use "parameter" if set, "word" if not. + if !ok { + val = word + } + case varExpandDefaultNull: // Use "parameter" if set, "word" if not or set to null. + if !ok || val == "" { + val = word } - w = v.varExpand.String() - case varExIfSet: // Use the expando or nothing. + case varExpandAlternate: // Use "word" if set. if ok { - w = v.varExpand.String() + val = word + } + case varExpandAlternateNull: // Use "word" if set and not null. + if ok && val != "" { + val = word + } + case varErrIfUnset: // Report an error if unset. + if !ok { + v.state = varError + return 0, true + } + case varErrIfUnsetNull: // Report an error if unset or null. + if !ok || val == "" { + v.state = varError + return 0, true + } + case varSetDefault, varSetDefaultNull: + switch v.expand { + case varSetDefault: // Set param if unset. + if !ok { + v.v[param] = word + } + case varSetDefaultNull: // Set "param" if unset or null. + if !ok || val == "" { + v.v[param] = word + } + default: + panic("unreachable") + } + v.expand = varExpandSimple + return v.emit(dst) + case varTrimPrefix, varTrimPrefixGreedy, varTrimSuffix, varTrimSuffixGreedy: + greedy := v.expand == varTrimPrefixGreedy || v.expand == varTrimSuffixGreedy + suffix := v.expand == varTrimSuffix || v.expand == varTrimSuffixGreedy + re, err := convertPattern([]byte(word), greedy, suffix) + if err != nil { + v.state = varError + return 0, true + } + ms := re.FindStringSubmatch(val) + switch len(ms) { + case 0, 1: + // No match, do nothing. + case 2: + if suffix { + val = strings.TrimSuffix(val, ms[1]) + } else { + val = strings.TrimPrefix(val, ms[1]) + } + default: + panic(fmt.Sprintf("pattern compiler is acting up; got: %#v", ms)) } default: panic("expand state botch") } - if dstSz < len(w) { + if dstSz < len(val) { return 0, false } - n := copy(dst, w) + n := copy(dst, val) return n, true } +// ConvertPattern transforms "pat" from (something like) the POSIX sh pattern +// language to a regular expression, then returns the compiled regexp. +// +// The resulting regexp reports the prefix/suffix to be removed as the first +// submatch when executed. +// +// This conversion is tricky, because extra hoops are needed to work around the +// leftmost-first behavior. +func convertPattern(pat []byte, greedy bool, suffix bool) (_ *regexp.Regexp, err error) { + var rePat strings.Builder + rePat.Grow(len(pat) * 2) // 🤷 + // This is needed to "push" a suffix pattern to the correct place. Note that + // the "greediness" is backwards: this is the input that's _not_ the + // pattern. + pad := `(?:.*)` + if greedy { + pad = `(?:.*?)` + } + + rePat.WriteByte('^') + if suffix { + rePat.WriteString(pad) + } + rePat.WriteByte('(') + off := 0 + r, sz := rune(0), 0 + for ; off < len(pat); off += sz { + r, sz = utf8.DecodeRune(pat[off:]) + if r == utf8.RuneError { + err = fmt.Errorf("dockerfile: bad pattern %q", pat) + return + } + switch r { + case '*': // Kleene star + rePat.WriteString(`.*`) + if !suffix && !greedy { + rePat.WriteByte('?') + } + case '?': // Single char + rePat.WriteByte('.') + case '\\': + peek, psz := utf8.DecodeRune(pat[off+sz:]) + switch peek { + case '*', '?', '\\': + // These are metacharacters in both languages, so the escapes should be passed through. + rePat.WriteRune(r) + rePat.WriteRune(peek) + sz += psz + case '}', '/': + // For these escapes, just skip the escape char: we want the literal. + // Handle slash-escapes, even though we don't support unanchored replacements. + default: + return nil, fmt.Errorf(`dockerfile: bad escape '\%c' in pattern %q`, peek, pat) + } + case '$', '(', ')', '+', '.', '[', ']', '^', '{', '|', '}': // Regexp metacharacters + rePat.WriteByte('\\') + fallthrough + default: + rePat.WriteRune(r) + } + } + rePat.WriteByte(')') + if !suffix { + rePat.WriteString(pad) + } + rePat.WriteByte('$') + + return regexp.Compile(rePat.String()) +} + // Assert that this is a SpanningTransformer. var _ transform.SpanningTransformer = (*Vars)(nil) @@ -303,16 +461,24 @@ const ( varBraceName varBraceExpand varEmit + varError ) // VarExpand tracks how the current brace expression expects to be expanded. type varExpand uint8 const ( - // Expand to the named variable or the empty string. - varExNone varExpand = iota - // Expand to the named variable or the provided word. - varExDefault - // Expand to the provided word or the empty string. - varExIfSet + varExpandSimple varExpand = iota // simple expansion + varExpandDefault // default expansion + varExpandDefaultNull // default+null expansion + varSetDefault // set default + varSetDefaultNull // set default, incl. null + varExpandAlternate // alternate expansion + varExpandAlternateNull // alternate expanxion, incl. null + varErrIfUnset // error if unset + varErrIfUnsetNull // error if unset or null + varTrimSuffix // trim suffix + varTrimSuffixGreedy // greedy trim suffix + varTrimPrefix // trim prefix + varTrimPrefixGreedy // greedy trim prefix )