feat: use HistoryTimestamp, if set, for oci-archive entries#6023
Conversation
openshift-ci
Bot
added
the
kind/feature
|
This is the 3rd part of 3 PRs - it relies on the following already merged PRs in dependent libraries, which is why it bumps the versions of each: |
Yeah, normally a bot opens those when it spots a new upstream release, and I try to discourage updating to non-tagged versions of dependencies that tag their releases. Are you sure a version bump was necessary here? That new Undoing the dependency bumps will cut the number of files this PR touches down significantly, making this much easier to review. I'm pretty sure the validation hooks will complain about there not being a new test to ensure that the new change produces the desired effect, but you've got most of what that test would need to do already written in the description. |
aeijdenberg
force-pushed
the
usehistorytimestampinociarchive
branch
from
91f0fe8 to
aaad080
Compare
|
Ephemeral COPR build failed. @containers/packit-build please check. |
I didn't see it in v5.34.1 (at least it didn't build for me). While that release was cut chronologically after
Yep, it's a 3 line change without the dependency bump. I've added a test (first time seeing First time contributing to this project, so figured I'd get the PR open and in shape while we wait for the upstream library's next release. Appreciate your time in looking at it. |
Ugh, you're right, I must've been misreading the git history.
Nope, the test looks good. Thanks! |
openshift-merge-robot
added
the
needs-rebase
|
Will wait to rebase until v5.35 (presumably) is released for https://github.com/containers/image |
|
It looks like #6073 bumped us to using a commit on |
Signed-off-by: Adam Eijdenberg <adam@continusec.com>
aeijdenberg
force-pushed
the
usehistorytimestampinociarchive
branch
from
aaad080 to
9b41f3c
Compare
openshift-merge-robot
removed
the
needs-rebase
Done, thanks. |
| run_buildah build -f <(echo 'FROM scratch') --tag=oci-archive:${outpath}.c --timestamp 1 | ||
|
|
||
| # should be different | ||
| ! diff "${outpath}.a" "${outpath}.b" |
There was a problem hiding this comment.
There is a warning reported by OpenScanHub. Is it a real bug?
There was a problem hiding this comment.
Thanks, you're quite right. I'd tested the 2nd part (which was the main test) but didn't notice this failed to fail. I've fixed as per one of the suggestions in https://bats-core.readthedocs.io/en/stable/gotchas.html#my-negated-statement-e-g-true-does-not-fail-the-test-even-when-it-should
There was a problem hiding this comment.
No problem. In the future please check the results from osh-diff-scan job submitted through Packit.
Signed-off-by: Adam Eijdenberg <adam@continusec.com>
|
Thanks! |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: aeijdenberg, nalind The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
4 participants
What type of PR is this?
/kind feature
What this PR does / why we need it:
This PR passes the existing HistoryTimetamp option, if set, to the
CopyOptionspassed to theimage/v5library, which in turn uses this for timestamps for some destinations, specifically oci-archive.How to verify it
Before this change, this command will produce different output on each run (provided each run is at least 1 second apart):
After this change, the same output is produced each time:
Which issue(s) this PR fixes:
None
Special notes for your reviewer:
I'm guessing we would normally wait for a new version of github.com/containers/image/v5 to be released before bumping?
Does this PR introduce a user-facing change?