diff --git a/builder/dockerfile/copy.go b/builder/dockerfile/copy.go index 39abe76896..96cd8d5183 100644 --- a/builder/dockerfile/copy.go +++ b/builder/dockerfile/copy.go @@ -191,6 +191,9 @@ func (o *copier) Cleanup() { // TODO: allowWildcards can probably be removed by refactoring this function further. func (o *copier) calcCopyInfo(origPath string, allowWildcards bool) ([]copyInfo, error) { imageSource := o.imageSource + if err := validateCopySourcePath(imageSource, origPath); err != nil { + return nil, err + } // TODO: do this when creating copier. Requires validateCopySourcePath // (and other below) to be aware of the difference sources. Why is it only @@ -215,20 +218,13 @@ func (o *copier) calcCopyInfo(origPath string, allowWildcards bool) ([]copyInfo, return nil, errors.Errorf("missing build context") } - root := o.source.Root() - - if err := validateCopySourcePath(imageSource, origPath, root.OS()); err != nil { - return nil, err - } - - // Work in source OS specific filepath semantics - // For LCOW, this is NOT the daemon OS. - origPath = root.FromSlash(origPath) - origPath = strings.TrimPrefix(origPath, string(root.Separator())) - origPath = strings.TrimPrefix(origPath, "."+string(root.Separator())) + // Work in daemon-specific OS filepath semantics + origPath = filepath.FromSlash(origPath) + origPath = strings.TrimPrefix(origPath, string(os.PathSeparator)) + origPath = strings.TrimPrefix(origPath, "."+string(os.PathSeparator)) // Deal with wildcards - if allowWildcards && containsWildcards(origPath, root.OS()) { + if allowWildcards && containsWildcards(origPath) { return o.copyWithWildcards(origPath) } @@ -262,8 +258,8 @@ func (o *copier) calcCopyInfo(origPath string, allowWildcards bool) ([]copyInfo, return newCopyInfos(newCopyInfoFromSource(o.source, origPath, hash)), nil } -func containsWildcards(name, platform string) bool { - isWindows := platform == "windows" +func containsWildcards(name string) bool { + isWindows := runtime.GOOS == "windows" for i := 0; i < len(name); i++ { ch := name[i] if ch == '\\' && !isWindows { @@ -549,33 +545,23 @@ func copyDirectory(archiver Archiver, source, dest *copyEndpoint, identity *idto return errors.Wrapf(err, "failed to copy directory") } if identity != nil { - // TODO: @gupta-ak. Investigate how LCOW permission mappings will work. return fixPermissions(source.path, dest.path, *identity, !destExists) } return nil } func copyFile(archiver Archiver, source, dest *copyEndpoint, identity *idtools.Identity) error { - if runtime.GOOS == "windows" && dest.driver.OS() == "linux" { - // LCOW - if err := dest.driver.MkdirAll(dest.driver.Dir(dest.path), 0755); err != nil { - return errors.Wrapf(err, "failed to create new directory") + if identity == nil { + // Use system.MkdirAll here, which is a custom version of os.MkdirAll + // modified for use on Windows to handle volume GUID paths. These paths + // are of the form \\?\Volume{}\. An example would be: + // \\?\Volume{dae8d3ac-b9a1-11e9-88eb-e8554b2ba1db}\bin\busybox.exe + if err := system.MkdirAll(filepath.Dir(dest.path), 0755); err != nil { + return err } } else { - // Normal containers - if identity == nil { - // Use system.MkdirAll here, which is a custom version of os.MkdirAll - // modified for use on Windows to handle volume GUID paths. These paths - // are of the form \\?\Volume{}\. An example would be: - // \\?\Volume{dae8d3ac-b9a1-11e9-88eb-e8554b2ba1db}\bin\busybox.exe - - if err := system.MkdirAll(filepath.Dir(dest.path), 0755); err != nil { - return err - } - } else { - if err := idtools.MkdirAllAndChownNew(filepath.Dir(dest.path), 0755, *identity); err != nil { - return errors.Wrapf(err, "failed to create new directory") - } + if err := idtools.MkdirAllAndChownNew(filepath.Dir(dest.path), 0755, *identity); err != nil { + return errors.Wrapf(err, "failed to create new directory") } } @@ -583,7 +569,6 @@ func copyFile(archiver Archiver, source, dest *copyEndpoint, identity *idtools.I return errors.Wrapf(err, "failed to copy file") } if identity != nil { - // TODO: @gupta-ak. Investigate how LCOW permission mappings will work. return fixPermissions(source.path, dest.path, *identity, false) } return nil diff --git a/builder/dockerfile/copy_unix.go b/builder/dockerfile/copy_unix.go index d2a16e0220..ea3b182308 100644 --- a/builder/dockerfile/copy_unix.go +++ b/builder/dockerfile/copy_unix.go @@ -43,6 +43,6 @@ func fixPermissions(source, destination string, identity idtools.Identity, overr }) } -func validateCopySourcePath(imageSource *imageMount, origPath, platform string) error { +func validateCopySourcePath(imageSource *imageMount, origPath string) error { return nil } diff --git a/builder/dockerfile/copy_windows.go b/builder/dockerfile/copy_windows.go index 83640ebf42..00c624d67a 100644 --- a/builder/dockerfile/copy_windows.go +++ b/builder/dockerfile/copy_windows.go @@ -79,12 +79,10 @@ func fixPermissionsWindows(source, destination, SID string) error { return windows.SetNamedSecurityInfo(destination, windows.SE_FILE_OBJECT, windows.OWNER_SECURITY_INFORMATION|windows.DACL_SECURITY_INFORMATION, sid, nil, dacl, nil) } -func validateCopySourcePath(imageSource *imageMount, origPath, platform string) error { - // validate windows paths from other images + LCOW - if imageSource == nil || platform != "windows" { +func validateCopySourcePath(imageSource *imageMount, origPath string) error { + if imageSource == nil { return nil } - origPath = filepath.FromSlash(origPath) p := strings.ToLower(filepath.Clean(origPath)) if !filepath.IsAbs(p) { @@ -92,13 +90,13 @@ func validateCopySourcePath(imageSource *imageMount, origPath, platform string) if p[len(p)-2:] == ":." { // case where clean returns weird c:. paths p = p[:len(p)-1] } - p += "\\" + p += `\` } else { - p = filepath.Join("c:\\", p) + p = filepath.Join(`c:\`, p) } } if _, ok := pathDenyList[p]; ok { - return errors.New("copy from c:\\ or c:\\windows is not allowed on windows") + return errors.New(`copy from c:\ or c:\windows is not allowed on windows`) } return nil }