vendor: add local copy of archive/tar

This version avoids doing name lookups on creating tarball that
should be avoided in to not hit loading glibc shared libraries.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Upstream-commit: aa6a9891b09cce3d9004121294301a30d45d998d
Component: engine

Author: tonistiigi

components/engine/Dockerfile

@@ -25,6 +25,7 @@
 #
 
 ARG CROSS="false"
+# IMPORTANT: When updating this please note that stdlib archive/tar pkg is vendored
 ARG GO_VERSION=1.12.17
 ARG DEBIAN_FRONTEND=noninteractive
 

components/engine/hack/validate/vendor

@@ -10,7 +10,7 @@ validate_vendor_diff(){
 
 	if [ ${#files[@]} -gt 0 ]; then
 		# recreate vendor/
-		vndr
+		vndr -whitelist=^archive/tar
 		# check if any files have changed
 		diffs="$(git status --porcelain -- vendor 2>/dev/null)"
 		if [ "$diffs" ]; then

components/engine/hack/vendor.sh

@@ -12,4 +12,4 @@ if ! hash vndr; then
 	exit 1
 fi
 
-vndr "$@"
+vndr -whitelist=^archive/tar "$@"

components/engine/patches/0001-archive-tar-do-not-populate-user-group-names.patch

@@ -0,0 +1,79 @@
+From bc0de86b495ae014b209431ed7cb90fc3d5e4d1f Mon Sep 17 00:00:00 2001
+From: Kir Kolyshkin <kolyshkin@gmail.com>
+Date: Mon, 9 Apr 2018 15:58:40 -0700
+Subject: [PATCH] archive/tar: do not populate user/group names
+
+This reverts part of commit 29a18899379c ("archive/tar: populate
+uname/gname/devmajor/devminor in FileInfoHeader"). The reason is
+using os/user functions to resolved uids/gids to names breaks
+the static build for Linux/glibc case (the resulting binary panics
+on NULL pointer dereference).
+
+For much more details, see https://github.com/golang/go/issues/23265
+
+This is ultimately fixed in Go 1.11 (provided that "osusergo" build tag
+is set (see https://github.com/golang/go/commit/62f0127d81). In the
+meantime, let's use this fork.
+
+Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
+---
+ src/archive/tar/stat_unix.go | 26 +++-----------------------
+ 1 file changed, 3 insertions(+), 23 deletions(-)
+
+diff --git a/src/archive/tar/stat_unix.go b/src/archive/tar/stat_unix.go
+index 868105f338..9640ed4bab 100644
+--- a/src/archive/tar/stat_unix.go
++++ b/src/archive/tar/stat_unix.go
+@@ -8,10 +8,7 @@ package tar
+ 
+ import (
+ 	"os"
+-	"os/user"
+ 	"runtime"
+-	"strconv"
+-	"sync"
+ 	"syscall"
+ )
+ 
+@@ -19,10 +16,6 @@ func init() {
+ 	sysStat = statUnix
+ }
+ 
+-// userMap and groupMap caches UID and GID lookups for performance reasons.
+-// The downside is that renaming uname or gname by the OS never takes effect.
+-var userMap, groupMap sync.Map // map[int]string
+-
+ func statUnix(fi os.FileInfo, h *Header) error {
+ 	sys, ok := fi.Sys().(*syscall.Stat_t)
+ 	if !ok {
+@@ -31,22 +24,9 @@ func statUnix(fi os.FileInfo, h *Header) error {
+ 	h.Uid = int(sys.Uid)
+ 	h.Gid = int(sys.Gid)
+ 
+-	// Best effort at populating Uname and Gname.
+-	// The os/user functions may fail for any number of reasons
+-	// (not implemented on that platform, cgo not enabled, etc).
+-	if u, ok := userMap.Load(h.Uid); ok {
+-		h.Uname = u.(string)
+-	} else if u, err := user.LookupId(strconv.Itoa(h.Uid)); err == nil {
+-		h.Uname = u.Username
+-		userMap.Store(h.Uid, h.Uname)
+-	}
+-	if g, ok := groupMap.Load(h.Gid); ok {
+-		h.Gname = g.(string)
+-	} else if g, err := user.LookupGroupId(strconv.Itoa(h.Gid)); err == nil {
+-		h.Gname = g.Name
+-		groupMap.Store(h.Gid, h.Gname)
+-	}
+-
++	// TODO(bradfitz): populate username & group.  os/user
++	// doesn't cache LookupId lookups, and lacks group
++	// lookup functions.
+ 	h.AccessTime = statAtime(sys)
+ 	h.ChangeTime = statCtime(sys)
+ 
+
+base-commit: 4af1337d1e9eb9e7b766c9deb787c78413bb25c4
+-- 
+2.24.1
+

components/engine/vendor.conf

@@ -163,4 +163,13 @@ github.com/docker/go-metrics                        d466d4f6fd960e01820085bd7e1a
 
 github.com/opencontainers/selinux                   4defb1c884d2f4f9c890c615380f20f7fc215cf3 # v1.3.1
 
+
+# archive/tar
+# mkdir -p ./vendor/archive
+# git clone -b go1.12.16 --depth=1 git://github.com/golang/go.git ./go
+# git --git-dir ./go/.git --work-tree ./go am ../patches/0001-archive-tar-do-not-populate-user-group-names.patch
+# cp -a go/src/archive/tar ./vendor/archive/tar
+# rm -rf ./go
+# vndr
+
 # DO NOT EDIT BELOW THIS LINE -------- reserved for downstream projects --------