From b7b5a3a1ccfc451a1bfbc302f6bbbe5fe99fee1e Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 10 Apr 2025 09:24:51 +0200 Subject: [PATCH] migrate to use github.com/moby/sys/atomicwriter The github.com/docker/docker/pkg/atomicwriter package was moved to a separate module. Signed-off-by: Sebastiaan van Stijn --- commands/build.go | 2 +- go.mod | 1 + go.sum | 2 + util/confutil/config.go | 2 +- .../github.com/moby/sys/atomicwriter/LICENSE | 202 +++++++++++++++ .../moby/sys/atomicwriter/atomicwriter.go | 245 ++++++++++++++++++ vendor/modules.txt | 3 + 7 files changed, 455 insertions(+), 2 deletions(-) create mode 100644 vendor/github.com/moby/sys/atomicwriter/LICENSE create mode 100644 vendor/github.com/moby/sys/atomicwriter/atomicwriter.go diff --git a/commands/build.go b/commands/build.go index 9c3ae280..e7c31f0f 100644 --- a/commands/build.go +++ b/commands/build.go @@ -42,7 +42,6 @@ import ( "github.com/docker/cli/cli/command" dockeropts "github.com/docker/cli/opts" "github.com/docker/docker/api/types/versions" - "github.com/docker/docker/pkg/atomicwriter" "github.com/moby/buildkit/client" "github.com/moby/buildkit/exporter/containerimage/exptypes" "github.com/moby/buildkit/frontend/subrequests" @@ -53,6 +52,7 @@ import ( solverpb "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/grpcerrors" "github.com/moby/buildkit/util/progress/progressui" + "github.com/moby/sys/atomicwriter" "github.com/morikuni/aec" "github.com/pkg/errors" "github.com/sirupsen/logrus" diff --git a/go.mod b/go.mod index 75f250c9..7f4de69f 100644 --- a/go.mod +++ b/go.mod @@ -31,6 +31,7 @@ require ( github.com/mitchellh/hashstructure/v2 v2.0.2 github.com/moby/buildkit v0.21.0-rc1 github.com/moby/go-archive v0.0.0-20250404171912-21f3f3385ab7 + github.com/moby/sys/atomicwriter v0.1.0 github.com/moby/sys/mountinfo v0.7.2 github.com/moby/sys/signal v0.7.1 github.com/morikuni/aec v1.0.0 diff --git a/go.sum b/go.sum index 6f5f30f2..38ba6dc0 100644 --- a/go.sum +++ b/go.sum @@ -291,6 +291,8 @@ github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkV github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc= github.com/moby/spdystream v0.4.0 h1:Vy79D6mHeJJjiPdFEL2yku1kl0chZpJfZcPpb16BRl8= github.com/moby/spdystream v0.4.0/go.mod h1:xBAYlnt/ay+11ShkdFKNAG7LsyK/tmNBVvVOwrfMgdI= +github.com/moby/sys/atomicwriter v0.1.0 h1:kw5D/EqkBwsBFi0ss9v1VG3wIkVhzGvLklJ+w3A14Sw= +github.com/moby/sys/atomicwriter v0.1.0/go.mod h1:Ul8oqv2ZMNHOceF643P6FKPXeCmYtlQMvpizfsSoaWs= github.com/moby/sys/mountinfo v0.7.2 h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg= github.com/moby/sys/mountinfo v0.7.2/go.mod h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4= github.com/moby/sys/sequential v0.6.0 h1:qrx7XFUd/5DxtqcoH1h438hF5TmOvzC/lspjy7zgvCU= diff --git a/util/confutil/config.go b/util/confutil/config.go index a0e26de2..31f773fd 100644 --- a/util/confutil/config.go +++ b/util/confutil/config.go @@ -8,8 +8,8 @@ import ( "sync" "github.com/docker/cli/cli/command" - "github.com/docker/docker/pkg/atomicwriter" "github.com/moby/buildkit/cmd/buildkitd/config" + "github.com/moby/sys/atomicwriter" "github.com/pelletier/go-toml" "github.com/pkg/errors" fs "github.com/tonistiigi/fsutil/copy" diff --git a/vendor/github.com/moby/sys/atomicwriter/LICENSE b/vendor/github.com/moby/sys/atomicwriter/LICENSE new file mode 100644 index 00000000..d6456956 --- /dev/null +++ b/vendor/github.com/moby/sys/atomicwriter/LICENSE @@ -0,0 +1,202 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/moby/sys/atomicwriter/atomicwriter.go b/vendor/github.com/moby/sys/atomicwriter/atomicwriter.go new file mode 100644 index 00000000..d0d3be88 --- /dev/null +++ b/vendor/github.com/moby/sys/atomicwriter/atomicwriter.go @@ -0,0 +1,245 @@ +// Package atomicwriter provides utilities to perform atomic writes to a +// file or set of files. +package atomicwriter + +import ( + "errors" + "fmt" + "io" + "os" + "path/filepath" + "syscall" + + "github.com/moby/sys/sequential" +) + +func validateDestination(fileName string) error { + if fileName == "" { + return errors.New("file name is empty") + } + if dir := filepath.Dir(fileName); dir != "" && dir != "." && dir != ".." { + di, err := os.Stat(dir) + if err != nil { + return fmt.Errorf("invalid output path: %w", err) + } + if !di.IsDir() { + return fmt.Errorf("invalid output path: %w", &os.PathError{Op: "stat", Path: dir, Err: syscall.ENOTDIR}) + } + } + + // Deliberately using Lstat here to match the behavior of [os.Rename], + // which is used when completing the write and does not resolve symlinks. + fi, err := os.Lstat(fileName) + if err != nil { + if os.IsNotExist(err) { + return nil + } + return fmt.Errorf("failed to stat output path: %w", err) + } + + switch mode := fi.Mode(); { + case mode.IsRegular(): + return nil // Regular file + case mode&os.ModeDir != 0: + return errors.New("cannot write to a directory") + case mode&os.ModeSymlink != 0: + return errors.New("cannot write to a symbolic link directly") + case mode&os.ModeNamedPipe != 0: + return errors.New("cannot write to a named pipe (FIFO)") + case mode&os.ModeSocket != 0: + return errors.New("cannot write to a socket") + case mode&os.ModeDevice != 0: + if mode&os.ModeCharDevice != 0 { + return errors.New("cannot write to a character device file") + } + return errors.New("cannot write to a block device file") + case mode&os.ModeSetuid != 0: + return errors.New("cannot write to a setuid file") + case mode&os.ModeSetgid != 0: + return errors.New("cannot write to a setgid file") + case mode&os.ModeSticky != 0: + return errors.New("cannot write to a sticky bit file") + default: + return fmt.Errorf("unknown file mode: %[1]s (%#[1]o)", mode) + } +} + +// New returns a WriteCloser so that writing to it writes to a +// temporary file and closing it atomically changes the temporary file to +// destination path. Writing and closing concurrently is not allowed. +// NOTE: umask is not considered for the file's permissions. +// +// New uses [sequential.CreateTemp] to use sequential file access on Windows, +// avoiding depleting the standby list un-necessarily. On Linux, this equates to +// a regular [os.CreateTemp]. Refer to the [Win32 API documentation] for details +// on sequential file access. +// +// [Win32 API documentation]: https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-createfilea#FILE_FLAG_SEQUENTIAL_SCAN +func New(filename string, perm os.FileMode) (io.WriteCloser, error) { + if err := validateDestination(filename); err != nil { + return nil, err + } + abspath, err := filepath.Abs(filename) + if err != nil { + return nil, err + } + + f, err := sequential.CreateTemp(filepath.Dir(abspath), ".tmp-"+filepath.Base(filename)) + if err != nil { + return nil, err + } + return &atomicFileWriter{ + f: f, + fn: abspath, + perm: perm, + }, nil +} + +// WriteFile atomically writes data to a file named by filename and with the +// specified permission bits. The given filename is created if it does not exist, +// but the destination directory must exist. It can be used as a drop-in replacement +// for [os.WriteFile], but currently does not allow the destination path to be +// a symlink. WriteFile is implemented using [New] for its implementation. +// +// NOTE: umask is not considered for the file's permissions. +func WriteFile(filename string, data []byte, perm os.FileMode) error { + f, err := New(filename, perm) + if err != nil { + return err + } + n, err := f.Write(data) + if err == nil && n < len(data) { + err = io.ErrShortWrite + f.(*atomicFileWriter).writeErr = err + } + if err1 := f.Close(); err == nil { + err = err1 + } + return err +} + +type atomicFileWriter struct { + f *os.File + fn string + writeErr error + written bool + perm os.FileMode +} + +func (w *atomicFileWriter) Write(dt []byte) (int, error) { + w.written = true + n, err := w.f.Write(dt) + if err != nil { + w.writeErr = err + } + return n, err +} + +func (w *atomicFileWriter) Close() (retErr error) { + defer func() { + if err := os.Remove(w.f.Name()); !errors.Is(err, os.ErrNotExist) && retErr == nil { + retErr = err + } + }() + if err := w.f.Sync(); err != nil { + _ = w.f.Close() + return err + } + if err := w.f.Close(); err != nil { + return err + } + if err := os.Chmod(w.f.Name(), w.perm); err != nil { + return err + } + if w.writeErr == nil && w.written { + return os.Rename(w.f.Name(), w.fn) + } + return nil +} + +// WriteSet is used to atomically write a set +// of files and ensure they are visible at the same time. +// Must be committed to a new directory. +type WriteSet struct { + root string +} + +// NewWriteSet creates a new atomic write set to +// atomically create a set of files. The given directory +// is used as the base directory for storing files before +// commit. If no temporary directory is given the system +// default is used. +func NewWriteSet(tmpDir string) (*WriteSet, error) { + td, err := os.MkdirTemp(tmpDir, "write-set-") + if err != nil { + return nil, err + } + + return &WriteSet{ + root: td, + }, nil +} + +// WriteFile writes a file to the set, guaranteeing the file +// has been synced. +func (ws *WriteSet) WriteFile(filename string, data []byte, perm os.FileMode) error { + f, err := ws.FileWriter(filename, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, perm) + if err != nil { + return err + } + n, err := f.Write(data) + if err == nil && n < len(data) { + err = io.ErrShortWrite + } + if err1 := f.Close(); err == nil { + err = err1 + } + return err +} + +type syncFileCloser struct { + *os.File +} + +func (w syncFileCloser) Close() error { + err := w.File.Sync() + if err1 := w.File.Close(); err == nil { + err = err1 + } + return err +} + +// FileWriter opens a file writer inside the set. The file +// should be synced and closed before calling commit. +// +// FileWriter uses [sequential.OpenFile] to use sequential file access on Windows, +// avoiding depleting the standby list un-necessarily. On Linux, this equates to +// a regular [os.OpenFile]. Refer to the [Win32 API documentation] for details +// on sequential file access. +// +// [Win32 API documentation]: https://learn.microsoft.com/en-us/windows/win32/api/fileapi/nf-fileapi-createfilea#FILE_FLAG_SEQUENTIAL_SCAN +func (ws *WriteSet) FileWriter(name string, flag int, perm os.FileMode) (io.WriteCloser, error) { + f, err := sequential.OpenFile(filepath.Join(ws.root, name), flag, perm) + if err != nil { + return nil, err + } + return syncFileCloser{f}, nil +} + +// Cancel cancels the set and removes all temporary data +// created in the set. +func (ws *WriteSet) Cancel() error { + return os.RemoveAll(ws.root) +} + +// Commit moves all created files to the target directory. The +// target directory must not exist and the parent of the target +// directory must exist. +func (ws *WriteSet) Commit(target string) error { + return os.Rename(ws.root, target) +} + +// String returns the location the set is writing to. +func (ws *WriteSet) String() string { + return ws.root +} diff --git a/vendor/modules.txt b/vendor/modules.txt index e71e670c..48e1208a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -580,6 +580,9 @@ github.com/moby/patternmatcher/ignorefile ## explicit; go 1.13 github.com/moby/spdystream github.com/moby/spdystream/spdy +# github.com/moby/sys/atomicwriter v0.1.0 +## explicit; go 1.18 +github.com/moby/sys/atomicwriter # github.com/moby/sys/mountinfo v0.7.2 ## explicit; go 1.17 github.com/moby/sys/mountinfo