ci: update Dockerfile to fix broken tests

CHANGELOG.md

@@ -21,6 +21,8 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
   would not cause issues when building an image (as we only create a manifest
   of the final extracted rootfs), it would cause issues for other users of
   `umoci`. openSUSE/umoci#166 openSUSE/umoci#169
+- Updated to [v0.4.0 of `go-mtree`][gomtree-v0.4.0], which fixes several minor
+  bugs with manifest generation. openSUSE/umoci#176
 
 ### Changed
 - `umoci unpack`'s mapping options (`--uid-map` and `--gid-map`) have had an
@@ -30,6 +32,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/).
   openSUSE/umoci#167
 
 [cii]: https://bestpractices.coreinfrastructure.org/projects/1084
+[gomtree-v0.4.0]: https://github.com/vbatts/go-mtree/releases/tag/v0.4.0
 [user_namespaces]: http://man7.org/linux/man-pages/man7/user_namespaces.7.html
 
 ## [0.3.0] - 2017-07-20

Dockerfile

@@ -20,9 +20,8 @@ MAINTAINER "Aleksa Sarai <[email protected]>"
 # into openSUSE:Factory yet.
 RUN zypper ar -f -p 10 -g obs://Virtualization:containers obs-vc && \
     zypper ar -f -p 10 -g obs://devel:languages:go obs-dlg && \
-    zypper ar -f -p 10 -g obs://home:cyphar:containers obs-home-cyphar-containers && \
     zypper ar -f -p 15 -g obs://home:cyphar obs-home-cyphar && \
-    zypper ar -f -p 15 -g obs://devel:languages:python3 obs-py3k && \
+    zypper ar -f -p 15 -g obs://devel:languages:python obs-py && \
 	zypper --gpg-auto-import-keys -n ref && \
 	zypper -n up
 RUN zypper -n in \
@@ -36,8 +35,7 @@ RUN zypper -n in \
 		moreutils \
 		oci-image-tools \
 		oci-runtime-tools \
-		python3-setuptools \
-		python3-xattr \
+		python-setuptools python-xattr \
 		skopeo
 
 ENV GOPATH /go
@@ -51,7 +49,8 @@ RUN go get -u github.com/golang/lint/golint
 # Reinstall skopeo from source, since there's a bootstrapping issue because
 # packaging of skopeo in openSUSE is often blocked by umoci updates (since KIWI
 # uses both). XXX: This should no longer be necessary once we hit OCI v1.0.
-ENV SKOPEO_VERSION=v0.1.23 SKOPEO_PROJECT=github.com/projectatomic/skopeo
+# XXX: Switch to proper version once v0.1.24 is released.
+ENV SKOPEO_VERSION=875dd2e7a965adb92dfc97c69eaceba9d33b27ba SKOPEO_PROJECT=github.com/projectatomic/skopeo
 RUN zypper -n in \
 		device-mapper-devel \
 		glib2-devel \

hack/mtree-compare-correctly-use-.Prefix-during-comparisons.patch

@@ -0,0 +1,90 @@
+From 8e5c54f51dae35cd6c6f13afd664bef032a61030 Mon Sep 17 00:00:00 2001
+From: Aleksa Sarai <[email protected]>
+Date: Fri, 29 Sep 2017 20:33:41 +1000
+Subject: [PATCH] compare: correctly use .Prefix() during comparisons
+
+During the rework of how xattr fields are handled, the comparison code
+was not correctly updated. As a result, changes to xattrs would not be
+detected in any form. This was detected in the umoci integration suite.
+In addition, fix the dh.UsedKeywords logic so auto-detection works
+correctly with prefix-based xattrs.
+
+Fixes: ed464af779f0 ("*: xattr can Update()")
+Signed-off-by: Aleksa Sarai <[email protected]>
+---
+ compare.go        |  6 +++---
+ hierarchy.go      |  2 +-
+ hierarchy_test.go | 13 +++++++++++++
+ 3 files changed, 17 insertions(+), 4 deletions(-)
+
+diff --git a/compare.go b/compare.go
+index b45600fc483e..7f5514272987 100644
+--- a/compare.go
++++ b/compare.go
+@@ -197,7 +197,7 @@ func compareEntry(oldEntry, newEntry Entry) ([]KeyDelta, error) {
+ 	for _, kv := range oldKeys {
+ 		key := kv.Keyword()
+ 		// only add this diff if the new keys has this keyword
+-		if key != "tar_time" && key != "time" && key != "xattr" && len(HasKeyword(newKeys, key)) == 0 {
++		if key != "tar_time" && key != "time" && key.Prefix() != "xattr" && len(HasKeyword(newKeys, key)) == 0 {
+ 			continue
+ 		}
+
+@@ -216,7 +216,7 @@ func compareEntry(oldEntry, newEntry Entry) ([]KeyDelta, error) {
+ 	for _, kv := range newKeys {
+ 		key := kv.Keyword()
+ 		// only add this diff if the old keys has this keyword
+-		if key != "tar_time" && key != "time" && key != "xattr" && len(HasKeyword(oldKeys, key)) == 0 {
++		if key != "tar_time" && key != "time" && key.Prefix() != "xattr" && len(HasKeyword(oldKeys, key)) == 0 {
+ 			continue
+ 		}
+
+@@ -414,7 +414,7 @@ func Compare(oldDh, newDh *DirectoryHierarchy, keys []Keyword) ([]InodeDelta, er
+ 			if keys != nil {
+ 				var filterChanged []KeyDelta
+ 				for _, keyDiff := range changed {
+-					if InKeywordSlice(keyDiff.name, keys) {
++					if InKeywordSlice(keyDiff.name.Prefix(), keys) {
+ 						filterChanged = append(filterChanged, keyDiff)
+ 					}
+ 				}
+diff --git a/hierarchy.go b/hierarchy.go
+index 3a970cda9e9f..0c3b8953c050 100644
+--- a/hierarchy.go
++++ b/hierarchy.go
+@@ -36,7 +36,7 @@ func (dh DirectoryHierarchy) UsedKeywords() []Keyword {
+ 			if e.Type != SpecialType || e.Name == "/set" {
+ 				kvs := e.Keywords
+ 				for _, kv := range kvs {
+-					kw := KeyVal(kv).Keyword()
++					kw := KeyVal(kv).Keyword().Prefix()
+ 					if !InKeywordSlice(kw, usedkeywords) {
+ 						usedkeywords = append(usedkeywords, KeywordSynonym(string(kw)))
+ 					}
+diff --git a/hierarchy_test.go b/hierarchy_test.go
+index 7dee81ab3a77..6cc65704af5e 100644
+--- a/hierarchy_test.go
++++ b/hierarchy_test.go
+@@ -20,6 +20,19 @@ var checklist = []struct {
+   .COMMIT_EDITMSG.un~ size=1006 mode=0644 time=1479325423.450468662 sha1digest=dead0face
+   .TAG_EDITMSG.un~ size=1069 mode=0600 time=1471362316.801317529 sha256digest=dead0face
+ `, set: []Keyword{"size", "mode", "time", "sha256digest"}},
++	{blob: `
++#          user: cyphar
++#       machine: ryuk
++#          tree: xattr
++#          date: Fri Sep 29 21:00:41 2017
++#      keywords: size,type,uid,gid,mode,link,nlink,time,xattr
++
++# .
++/set type=file nlink=1 mode=0664 uid=1000 gid=100 xattr.user.kira=SSdsbCB0YWtlIGEgcG90YXRvIGNoaXAuLi4gYW5kIGVhdCBpdCE=
++. size=8 type=dir mode=0755 time=1506666472.255992830
++    file size=0 mode=0644 time=1506666472.255992830 xattr.user.something=dGVzdA==
++..
++`, set: []Keyword{"size", "type", "uid", "gid", "mode", "nlink", "time", "xattr"}},
+ }
+
+ func TestUsedKeywords(t *testing.T) {
+-- 
+2.14.1
+

hack/patch.sh

@@ -34,3 +34,6 @@ patch github.com/pkg/errors errors-0001-errors-add-Debug-function.patch
 
 # Backport https://github.com/opencontainers/runtime-tools/pull/359.
 patch github.com/opencontainers/runtime-tools runtime-tools-0001-generate-remove-validate-dependency.patch
+
+# Backport https://github.com/vbatts/go-mtree/pull/141.
+patch github.com/vbatts/go-mtree mtree-compare-correctly-use-.Prefix-during-comparisons.patch

hack/vendor.sh

@@ -129,9 +129,10 @@ clone golang.org/x/sys fb4cac33e3196ff7f507ab9b2d2a44b0142f5b5a https://github.c
 clone github.com/docker/go-units v0.3.1
 clone github.com/pkg/errors v0.8.0
 clone github.com/apex/log afb2e76037a5f36542c77e88ef8aef9f469b09f8
-clone github.com/urfave/cli v1.18.1
+clone github.com/urfave/cli v1.20.0
 clone github.com/cyphar/filepath-securejoin v0.2.1
-clone github.com/vbatts/go-mtree 711a89aa4c4a8f148d87eb915456eba8ee7c6a0b
+clone github.com/vbatts/go-mtree v0.4.0
+clone github.com/Sirupsen/logrus v1.0.3
 clone golang.org/x/net 45e771701b814666a7eb299e6c7a57d0b1799e91 https://github.com/golang/net
 # Used purely for testing.
 clone github.com/mohae/deepcopy 491d3605edfb866af34a48075bd4355ac1bf46ca

pkg/fseval/fseval_rootless.go

@@ -139,8 +139,8 @@ func (fs unprivFsEval) Lclearxattrs(path string) error {
 
 // KeywordFunc returns a wrapper around the given mtree.KeywordFunc.
 func (fs unprivFsEval) KeywordFunc(fn mtree.KeywordFunc) mtree.KeywordFunc {
-	return func(path string, info os.FileInfo, r io.Reader) (mtree.KeyVal, error) {
-		var kv mtree.KeyVal
+	return func(path string, info os.FileInfo, r io.Reader) ([]mtree.KeyVal, error) {
+		var kv []mtree.KeyVal
 		err := unpriv.Wrap(path, func(path string) error {
 			var err error
 			kv, err = fn(path, info, r)