From 8e6af8484540aff742fbe233e4d4b1469b8f3284 Mon Sep 17 00:00:00 2001 From: kruskall <99559985+kruskall@users.noreply.github.com> Date: Mon, 5 Aug 2024 17:15:53 +0200 Subject: [PATCH] refactor: update go-rpm library (#5215) Bump go-rpm to new version and update path go-rpm library was moved to github.com/cavaliergopher/rpm. The checksum assertion has been removed as the method doesn't actually return the checksum but it's hardcoded to return the string sha256. --- NOTICE.txt | 34 +++-------------------------- dev-tools/packaging/package_test.go | 19 ++++------------ go.mod | 3 +-- go.sum | 6 ++--- 4 files changed, 10 insertions(+), 52 deletions(-) diff --git a/NOTICE.txt b/NOTICE.txt index a17b631ead5..9269d25bd1b 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -139,12 +139,12 @@ THE SOFTWARE. -------------------------------------------------------------------------------- -Dependency : github.com/cavaliercoder/go-rpm -Version: v0.0.0-20190131055624-7a9c54e3d83e +Dependency : github.com/cavaliergopher/rpm +Version: v1.2.0 Licence type (autodetected): BSD-3-Clause -------------------------------------------------------------------------------- -Contents of probable licence file $GOMODCACHE/github.com/cavaliercoder/go-rpm@v0.0.0-20190131055624-7a9c54e3d83e/LICENSE: +Contents of probable licence file $GOMODCACHE/github.com/cavaliergopher/rpm@v1.2.0/LICENSE: Copyright (c) 2017 Ryan Armstrong. All rights reserved. @@ -20632,34 +20632,6 @@ SOFTWARE. --------------------------------------------------------------------------------- -Dependency : github.com/cavaliercoder/badio -Version: v0.0.0-20160213150051-ce5280129e9e -Licence type (autodetected): MIT --------------------------------------------------------------------------------- - -Contents of probable licence file $GOMODCACHE/github.com/cavaliercoder/badio@v0.0.0-20160213150051-ce5280129e9e/LICENSE: - -Copyright (c) 2015 Ryan Armstrong - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of -the Software, and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS -FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR -COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER -IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN -CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - - -------------------------------------------------------------------------------- Dependency : github.com/cespare/xxhash/v2 Version: v2.3.0 diff --git a/dev-tools/packaging/package_test.go b/dev-tools/packaging/package_test.go index f3dcfaf3d5e..91736aad479 100644 --- a/dev-tools/packaging/package_test.go +++ b/dev-tools/packaging/package_test.go @@ -30,7 +30,7 @@ import ( "testing" "github.com/blakesmith/ar" - "github.com/cavaliercoder/go-rpm" + "github.com/cavaliergopher/rpm" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "gopkg.in/yaml.v3" @@ -112,7 +112,7 @@ func TestDocker(t *testing.T) { // Sub-tests func checkRPM(t *testing.T, file string) { - p, rpmPkg, err := readRPM(file) + p, _, err := readRPM(file) if err != nil { t.Error(err) return @@ -130,7 +130,6 @@ func checkRPM(t *testing.T, file string) { checkLicensesPresent(t, "/usr/share", p) checkSystemdUnitPermissions(t, p) ensureNoBuildIDLinks(t, p) - checkRPMDigestTypeSHA256(t, rpmPkg) } func checkDeb(t *testing.T, file string, buf *bytes.Buffer) { @@ -580,16 +579,6 @@ func ensureNoBuildIDLinks(t *testing.T, p *packageFile) { }) } -// checkRPMDigestTypeSHA256 verifies that the RPM contains sha256 digests. -// https://github.com/elastic/beats/issues/23670 -func checkRPMDigestTypeSHA256(t *testing.T, rpmPkg *rpm.PackageFile) { - t.Run("rpm_digest_type_is_sha256", func(t *testing.T) { - if rpmPkg.ChecksumType() != "sha256" { - t.Errorf("expected SHA256 digest type but got %v", rpmPkg.ChecksumType()) - } - }) -} - // Helpers type packageFile struct { @@ -619,8 +608,8 @@ func getFiles(t *testing.T, pattern *regexp.Regexp) []string { return files } -func readRPM(rpmFile string) (*packageFile, *rpm.PackageFile, error) { - p, err := rpm.OpenPackageFile(rpmFile) +func readRPM(rpmFile string) (*packageFile, *rpm.Package, error) { + p, err := rpm.Open(rpmFile) if err != nil { return nil, nil, err } diff --git a/go.mod b/go.mod index 60598c766f2..0e744a2ecb2 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/Microsoft/go-winio v0.6.2 github.com/antlr4-go/antlr/v4 v4.13.0 github.com/blakesmith/ar v0.0.0-20150311145944-8bd4349a67f2 - github.com/cavaliercoder/go-rpm v0.0.0-20190131055624-7a9c54e3d83e + github.com/cavaliergopher/rpm v1.2.0 github.com/cenkalti/backoff/v4 v4.3.0 github.com/docker/docker v26.1.5+incompatible github.com/docker/go-units v0.5.0 @@ -89,7 +89,6 @@ require ( ) require ( - github.com/cavaliercoder/badio v0.0.0-20160213150051-ce5280129e9e // indirect github.com/distribution/reference v0.6.0 // indirect github.com/open-telemetry/opentelemetry-collector-contrib/connector/spanmetricsconnector v0.106.1 github.com/open-telemetry/opentelemetry-collector-contrib/exporter/elasticsearchexporter v0.106.1 diff --git a/go.sum b/go.sum index 766c7877cd8..8b233e2fd2b 100644 --- a/go.sum +++ b/go.sum @@ -709,10 +709,8 @@ github.com/bmatcuk/doublestar/v4 v4.6.1/go.mod h1:xBQ8jztBU6kakFMg+8WGxn0c6z1fTS github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/boombuler/barcode v1.0.1/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl3JlRe0mD8= github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= -github.com/cavaliercoder/badio v0.0.0-20160213150051-ce5280129e9e h1:YYUjy5BRwO5zPtfk+aa2gw255FIIoi93zMmuy19o0bc= -github.com/cavaliercoder/badio v0.0.0-20160213150051-ce5280129e9e/go.mod h1:V284PjgVwSk4ETmz84rpu9ehpGg7swlIH8npP9k2bGw= -github.com/cavaliercoder/go-rpm v0.0.0-20190131055624-7a9c54e3d83e h1:Gbx+iVCXG/1m5WSnidDGuHgN+vbIwl+6fR092ANU+Y8= -github.com/cavaliercoder/go-rpm v0.0.0-20190131055624-7a9c54e3d83e/go.mod h1:AZIh1CCnMrcVm6afFf96PBvE2MRpWFco91z8ObJtgDY= +github.com/cavaliergopher/rpm v1.2.0 h1:s0h+QeVK252QFTolkhGiMeQ1f+tMeIMhGl8B1HUmGUc= +github.com/cavaliergopher/rpm v1.2.0/go.mod h1:R0q3vTqa7RUvPofAZYrnjJ63hh2vngjFfphuXiExVos= github.com/cenkalti/backoff/v4 v4.3.0 h1:MyRJ/UdXutAwSAT+s3wNd7MfTIcy71VQueUuFK343L8= github.com/cenkalti/backoff/v4 v4.3.0/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE= github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=