When executing a task with non-root user, inputs should be owned by that user #403
Labels
Projects
Comments
|
I am currently facing this problem as well and cannot, for example, run in |
vito
added a commit
that referenced
this issue
Aug 17, 2016
would not be surprised at all if this breaks things, but it's easiest to
see by trying
bump tail pat cli retryhttp jwt-go go-bindata-assetfs color tcpkeepalive protobuf go-github go-querystring websocket go-multierror tail go-update pty pq go-isatty mapstructure ginkgo remote_syslog2 link term agouti ansicolor ifrit go-interact go-sse gosub crypto net oauth2 pb.v1 yaml.v2
Submodule src/github.com/ActiveState/tail 05d326f..a30252c:
> Merge pull request #89 from hpcloud/adds-appveyor-badge
> Merge pull request #88 from hpcloud/add-appveyor-for-windows
> Merge pull request #85 from hpcloud/update-licensing
> Merge pull request #84 from hpcloud/fix-flaky-test
> Merge branch 'davidsansome-block-until-exists-relative-path'
> fix reader nil pointer
> Merge pull request #76 from aristanetworks/upstream
> watch: Fix prototype to be more restrictive.
> watch: Unsubscribe from fsnotify synchronously.
> Merge pull request #81 from hpcloud/fix-race-in-test
> Merge pull request #80 from hpcloud/v2-criteria
> Merge branch 'tcheneau-typo-fix'
> Merge pull request #79 from hpcloud/add-godep
> Merge branch 'ando-masaki-master'
> Merge branch 'flynn-stop-at-eof'
> Merge pull request #72 from miraclesu/fix/watch_create
> Update README.md
> Merge branch 'ajacoutot-openbsd'
> Merge pull request #66 from ober/master
> Merge branch '42wim-namedpipe'
> Merge pull request #58 from aristanetworks/upstream
> Merge pull request #63 from ekini/master
Submodule src/github.com/bmizerany/pat b8a3500..c068ca2:
> Refresh contributors list
> Style tweaks for PATCH code
> Merge remote-tracking branch 'nesv/http-patch'
> Handle slash redirects with variable substitution
> Don't store duplicate patterns
> Tweak and test for NotFound handler
> allow registering custom not found handler
> Merge pull request #39 from tcyrus/patch-1
> Test cleanup
Submodule src/github.com/codegangsta/cli aba9469..168c954:
> Ensure that EnvVar struct field exists before interrogating it
> Merge pull request #502 from urfave/fix-is-set-for-env
> Note TOML support in README and CHANGELOG
> Merge pull request #491 from ykanda/toml-support
> Merge pull request #500 from npcode/readme-remove-v
> Merge pull request #497 from urfave/error-behavior-changelog-mention
> Merge pull request #496 from urfave/write-non-nil-error-message-exit-nonzero
> Merge pull request #494 from urfave/bump-tested-versions
> Merge pull request #492 from urfave/goimports-iff-available
> Merge pull request #485 from urfave/switch-to-gfmrun
> Merge pull request #482 from urfave/runtests-gen-all
> Merge pull request #481 from urfave/fix-subcommand-help-flag
> Merge pull request #466 from urfave/flag-context-gen
> Merge pull request #479 from urfave/drop-go1.1.2-testing
> Merge pull request #480 from TimeIncOSS/f-metadata
> Release v1.18.0
> Add missing fixes to `CHANGELOG.md`
> Merge pull request #463 from urfave/help-command-categorization
> Merge pull request #462 from urfave/license-update
> Merge pull request #460 from urfave/v2-volatility-clarification
> Merge pull request #457 from urfave/readme-toc
> Merge pull request #456 from urfave/uint-flags
> Merge pull request #455 from urfave/bfreis-master
> Merge pull request #452 from urfave/handle-action-undiaper
> Merge pull request #450 from urfave/flag-value-changelog-mention
> Merge pull request #448 from urfave/merging-joshuarubin-master
> Merge pull request #446 from jamescun/master
> Merge pull request #445 from tianon/spaces-changelog
> Merge pull request #444 from urfave/more-v1-examples
> Merge pull request #441 from tianon/spaces-for-alignment
> Merge pull request #442 from urfave/appveyor-badge
> Merge pull request #440 from urfave/more-v1-examples
> Merge pull request #437 from urfave/formarlly
> Merge pull request #434 from urfave/update-gfmxr-ref
> Merge pull request #429 from urfave/travis-osx
> Merge pull request #425 from urfave/appveyor-badge
> Merge pull request #422 from urfave/update-references-to-codegangsta
> Merge pull request #417 from codegangsta/trim-go1.1-support
> TRIVIAL removal of extra "current"
> Merge pull request #411 from codegangsta/v2-docs
> Merge pull request #404 from codegangsta/runtests-argparse
> Updating coverage badges
> Merge pull request #407 from codegangsta/coverage-breakout
> Merge pull request #406 from codegangsta/command-alias-help
> Merge pull request #403 from codegangsta/changelog-tweak
> Merge pull request #400 from codegangsta/coverage
> Merge pull request #402 from codegangsta/v1.17.0-prep
> Merge pull request #401 from mattfarina/cleanup
> Merge pull request #399 from codegangsta/exit-nonzero-for-unknown-subcommand
> Merge pull request #397 from codegangsta/add-global-boolt
> Added Hidden command support to CHANGELOG
> Merge pull request #386 from codegangsta/psmit-hidden_command
> Merge pull request #393 from mattfarina/io-Writer
> Merge pull request #394 from mattfarina/travis-update
> Merge pull request #395 from mattfarina/goreportcard
> Merge pull request #390 from codegangsta/readme-example-touchup
> Merge pull request #381 from codegangsta/pluggable-flag-printer
> TRIVIAL the letter "a"
> Merge pull request #380 from codegangsta/readme-cli-refs
> Merge pull request #379 from codegangsta/v1.16.0-prep
> Merge pull request #378 from codegangsta/exit-error-bug-376
> Merge pull request #374 from codegangsta/kytrinyx-action-err
> Merge pull request #373 from codegangsta/doc-custom-help
> Merge pull request #372 from codegangsta/deprecation-cleanups
> Merge pull request #371 from codegangsta/harshavardhana-hidden-flags
> Merge pull request #369 from codegangsta/v1.15.0-prep
> Merge pull request #368 from codegangsta/yaml-nested-changelog
> Merge pull request #365 from roboll/nested-flags
> Merge pull request #367 from codegangsta/bryanl-bryanl-set-context-values
> Merge pull request #366 from codegangsta/metadata-note
> Merge pull request #339 from jack230230/master
> Merge pull request #361 from codegangsta/txgruppi-develop
> Merge pull request #364 from codegangsta/assert-before-command-after-ordering
> Merge pull request #363 from codegangsta/global-float64
> Update changelog with placeholder support
> Merge pull request #357 from kevin-cantwell/parse-usage-placeholders
> Merge pull request #360 from codegangsta/keep-a-changelog
> Merge pull request #349 from Felamande/master
> Merge pull request #346 from codegangsta/category_sort_2
> Merge pull request #343 from TimeIncOSS/f-hide-version
> Merge pull request #342 from korzonek/master
> Fix yaml file loader
> Drop support for Go 1.0.3
> Merge pull request #306 from ChrisPRobinson/inputfilesupport
> Merge pull request #336 from muraty/master
> Merge pull request #334 from djui/patch-1
> Merge pull request #332 from adamclerk/fix/spellingErrors
> Merge pull request #331 from blaubaer/windows-ci
> Merge pull request #289 from KSubedi/master
> Merge pull request #321 from blaubaer/master
> Merge pull request #322 from blaubaer/custom-error-handling
> Merge pull request #329 from leonardyp/master
> Merge pull request #323 from hpcloud/master
> Merge pull request #326 from tcyrus/patch-1
> Merge pull request #315 from blaubaer/master
> Merge pull request #320 from technosophos/master
> Merge pull request #311 from Jille/exportFlagNames
> Merge pull request #312 from ysh7/master
> Merge pull request #309 from dedalusj/check-completion-order
> Merge pull request #304 from osocurioso/silence-tests
> Merge pull request #283 from codegangsta/really-skip-flag-parsing
> Merge pull request #298 from codegangsta/use-correct-example-naming
> Merge pull request #295 from rosenhouse/update-travis-versions
> Merge pull request #297 from ston1th/master
> Merge pull request #292 from Jille/remove-unused-var
> Merge pull request #284 from rbjorklin/readme-update
> Merge pull request #286 from mktmpio/dedup-help-and-version
Submodule src/github.com/concourse/retryhttp 3248b7b..c1bda69:
> Merge pull request #2 from gkaur94/master
Submodule src/github.com/dgrijalva/jwt-go f62f64e..63734ea:
> Merge pull request #151 from zaichang/FixMigrationGuide
> Merge pull request #146 from pkieltyka/master
> Merge pull request #140 from kazhuravlev/patch-1
> Merge pull request #77 from dgrijalva/release_3_0_0
> v2.7.0
> notice about imminent 3.0.0
> Merge pull request #136 from bruston/keyfunc-typo
> fixes #135 copy/paste error in rsa decoding tools
> Merge pull request #132 from abourget/master
> Merge pull request #133 from johnlockwood-wf/expire-delta
> release notes
> expose inner error within ValidationError
> Merge branch 'master' of https://github.com/emanoelxavier/jwt-go-contr into dg/merge_112
> cleaned up style and added tests
> Merge branch 'master' of https://github.com/dakom/jwt-go into dg/pr_121
> version history update
> Merge pull request #79 from dgrijalva/dg/none
> Merge pull request #122 from appleboy/patch-1
> add 1.6 to travis.yml
> Merge pull request #107 from Snorlock/bearer-verification
> Merge pull request #111 from matm/master
> added supported signing methods
> Added some clarification and (hopefully) helpful documentation
> version history
> signature should be populated after parsing a valid token
> Merge pull request #98 from dgrijalva/dg/parser
> use cleaner version of prefix checking (thanks shurcooL)
> fix array OOB panic (#100)
> Merge pull request #93 from EnerfisTeam/master
> Merge branch 'master' of github.com:dgrijalva/jwt-go
> minor refactor of HMAC verify for legibility. no functional changes
> updated documenation of SigningMethod interface
Submodule src/github.com/elazarl/go-bindata-assetfs 8731e8b..e1a2a7e:
> Merge pull request #42 from imakewebthings/remove_extra_os_import
> Merge pull request #40 from hheld/master
> Merge pull request #29 from vCabbage/patch-1
Submodule src/github.com/fatih/color 76d4231..87d4004:
> Merge pull request #30 from fatih/remove-vendor
> Add tip to travis
> Merge pull request #27 from fatih/improvements
> Merge pull request #26 from harshavardhana/depend
> Merge pull request #25 from mattn/color256
> Merge pull request #24 from klaidliadon/master
Submodule src/github.com/felixge/tcpkeepalive c7641b5..5bb0b2d:
> Merge pull request #5 from jdeppe-pivotal/master
Submodule src/github.com/golang/protobuf deb4a5e..7390af9:
> Fix comment for Buffer.index field
> Update Go tests for C++ JSON name change
> README: add compatibility section
> proto: Prevent Any protos from being deserialized multiple times.
> protoc-gen-go: Make proto3 scalar repeated fields packed by default (per the proto3 spec).
> proto: don't panic when calling ExtensionDescs on an uninitialized message.
> regenerate .pb.go
> proto: check for required fields when unmarshalling groups
> jsonpb: sort numeric proto keys in numeric order
> fix compiler golden test
> jsonpb: add option to ignore unknown fields in a message
> proto: regenerate proto3.pb.go from .proto file
> net/proto2/go: add GetAllExtensionDescs returns a []*ExtensionDesc
> proto: import change from Google.
> protoc-gen-go/grpc: pass file descriptor for service as Metadata
> proto: s/Printf/Print/ where there's no format verb
> ptypes: regen and remove transforms from regen.sh
> protoc-gen-go: export the generated variable name of the FileDescriptor bytes
> Make proto.RegisterFile public for gRPC
> Fix marshalAny's handling of indentation.
> Add missing error check in jsonpb's marshal implementation.
> net/proto2/go: make a slight change to how we handle []byte fields
> proto: allow text proto map keys to be omitted or order swapped
> proto: fix equality to work with V1 generated format
> net/proto2: remove <message>.ExtensionMap() from generated messages
> proto: return error from Marshal if a message encodes to > 2GiB
> proto: clean up proto API for extensions
> Use grpcPkg for a bit of code gen that overlooked it.
> jsonpb: Marshal Any according to the spec.
> Correctly set OrigName for oneof fields.
> Update the grpc plugin to support the grpc-go interceptor implementation.
> jsonpb: Fix handling of repeated enums.
> Improve error message when text unmarshaling a nested message with a required field.
> Use reflection-driven field accesses under GopherJS.
> Add specific error for oneof with nil element.
> Add Any helper funcs to the ptypes package.
> Expose the gRPC code generation plugin.
> jsonpb: Accept both camelCase and orig_name as field names for oneof fields.
> Add support for decoding a stream of JSON objects.
> Switch use of strings.LastIndexByte to strings.LastIndex.
> A few small bits of style modernisation, such as using append where it makes the code shorter and more natural.
> Generate the new go_package options for the WKTs.
> Add compatibility markers to grpc generated code.
> Use the zero value when decoding a map element that is missing its key or value.
> Implement new semantics for `option go_package`.
> Support for google.protobuf.Any expansion in text marshaling and unmarshaling.
> jsonpb: Handle Struct and NullValue WKTs.
> Generate Descriptor method for groups.
> Generate a XXX_WellKnownType method for NullValue.
> jsonpb: Format and parse the WKTs in wrappers.proto.
> Add remaining Go-supported WKTs to the list of types to generate XXX_WellKnownType for.
> Generate XXX_WellKnownType method for recognised well-known types.
> Add Timestamp helper funcs to the ptypes package.
> Rearrange the well-known types package layout and API:
> Add initial well-known types support package.
> Configurable TextMarshaler for protos.
> Add more well-known types: Struct, Timestamp and Wrappers.
> Add well-known types.
> Switch jsonpb.Marshaler to use camelCase by default.
> Add support for plumbing json_name from protoc through to proto.Properties.
> Extend the text format parser to allow concatenation of string literals in single quotes.
> jsonpb: Don't emit zero value proto3 fields by default.
> Adding repeated field data population example
> Clarify jsonpb package docs.
> Add compatibility markers to proto generated code.
> Fix proto.Equal handling of proto3 bytes fields.
> Update docs to mention the proto3 API differences.
> Add some more Markdown annotations.
> By popular demand, rename README to README.md and make Markdown consistent.
> Generate sizer functions for oneofs.
> Regenerate protos.
> Fix unmarshaling code to properly handle multiple instances of the same extension appearing in the wire format. Prior to this change, multiple custom options would result in all but the first being discarded when processed using the proto.GetExtension() facilities.
> Document parameters in README
> Generate correct service name for gRPC services without a package name.
> Remove a test that has outlived its usefulness.
> Add compressed file descriptor code generation.
> Unexport proto.MessageSet, and remove a bunch of its support.
> Expand proto.RegisterType mapping to record both directions (name <-> reflect.Type), and add two functions to access the mapping.
> Merge pull request #91 from tswast/plain
> Always import non-weak imported proto packages.
> Register all proto message types with a centralised registry.
> jsonpb: Implementing marshaling of proto2 extensions.
> Another minor performance improvement to the code generator.
> Regenerate descriptor.pb.go to pick up FileDescriptorProto.json_name.
> Various optimisations to protoc-gen-go.
> Don't sort map keys when encoding a map field in wire format.
> Forward oneof marshal/unmarshal funcs through public imports.
> jsonpb: Remove Marshaler.EnumsAsString.
> jsonpb: Disable Marshaler.EnumsAsString; it is now the default.
> jsonpb: Introduce Marshaler.EnumsAsInts.
> Fix jsonpb parsing of enums as names for proto3.
Submodule src/github.com/google/go-github 9420d0f..b969816:
> Adding missing field to search results
> Add some missing fields
> add Juan Basso as author
> Fixed typo and removed unused vars
> Fixing some lint issues
> Set Content-Type to "application/json" for request bodies
> add Huy Tr as author
> Add Request a Page Build API
> Fix Mark{,Repository}NotificationsRead methods.
> Don't use Header.Add where Header.Set is sufficient.
> Stop using custom media type for Multiple Assignees.
> remove CONTRIBUTORS file
> Put sync.Mutex on top of variables it protects.
> Sync doc.go and README.md
> add Carlos Alexandro Becker as contributor
> Add missing ID fields to PullRequest and Issue structs
> add unit tests for #342 - CreateImpersonation and DeleteImpersonation
> add (AuthorizationsService) CreateImpersonation/DeleteImpersonation
> add missing license headers in a few files
> add Yannick Utard as contributor
> Add ReadOnly boolean field to deploy keys
> Avoid unnecessary FooService allocations
> add support for OAuth Grant Authorizations API
> add Beshr Kayali as contributor
> add support for list commits endpoint
> Add support for affiliation and visibility in RepositoryListOptions.
> Remove issue locking/unlocking preview media type.
> better support both Events API and Webhook events in PushEventCommit
> make integration tests pass even if already watching this repo
> add support for new repository invitations
> replace []Issue with []*Issue and for other large structs as well
> Remove leading slash from ReactionsService.DeleteReaction URL.
> remove unnecessary newlines
> add support for Issue Timeline API
> move examples to github_test package in examples_test.go
> document 'since' pagination for Users.ListAll
> add support for multiple issue assignees
> add utilities for processing payload messages
> add Message field for "custom" errors
> add support for git signing API methods
> add Ainsley Chong as contributor
> Added integration tests for Repositories.List.
> add Garrett Squire as contributor
> Add squashing capability to the pull request merge function.
> remove org permission content type
> Add missing ListOptions to various structs
> Update Reactions API (preview) for breaking change.
> add Joe Tsai as contributor
> fix unit tests for go1.7 release
> add support for Reactions API
> Add support for the Source Import API
> add more payloads to event.Payload
> Simplify Bool, Int, String helpers.
> Fix Int helper documentation.
> Deprecate Client.Rate() method in favor of Response.Rate.
> Predict *RateLimitError, return immediately without network call.
> Keep track of all rate limits in client.
> Fix formatting directive issues in tests.
> tests/integration: Turn into valid, empty Go package.
> Travis: Run gofmt -s, go vet, go test -race, add Go 1.6.
> Improve test error message.
> add Chris Roche as contributor
> Correctly handle API errors when downloading Release Assets
> add support for new webhook changes
> change custom accept header for support of commit reference SHA-1 API
> add Glenn Lewis as contributor
> add Hanno Hecker as contributor
> Add "assignee" field
> add Andrew Ryabchun as contributor
> Add support for Activities.ListStargazers response with timestamp.
> Add UsersService.GetByID method.
> Add RepositoriesService.GetByID method.
> Clarify use of RepositoryContent encoded content
> add support for Deployment and DeploymentStatus API enhancements
> add RepoContent.GetContent to replace Decode
> add Neil O'Toole as contributor
> Add integrations tests for Authorizations API
> Update AuthorizationsService
> Support OAuth Authrization API.
> clarify that CC-BY license only covers docs in source code
> move example inline where possible
> limit draining up to 512 bytes from response.Body
> add Georgy Buranov as contributor
> check options for nil
> add Filippo Valsorda as contributor
> Drain Response.Body to enable TCP/TLS connection reuse (4x speedup)
> add support for new list all orgs method
> Add support for Feeds API
> Add support for Migrations API
> change DownloadReleaseAsset API to additionally return a redirectURL
> Add support for 451 status code
> Block running integration tests by default
> Fixes path escaping for Repositories.GetContents
> add Isao Jonas as contributor
> add additional fields to Milestone struct
> go-github: add support for commit reference SHA-1 method
> go-github: add support for getting content of a repository's license
> go-github: fix PageBuildEvent unmarshaling
> add Luke Evers as contributor
> Add InReplyTo to PullRequestComment struct
> go-github: add useful fields to Webhooks
> go-github: add Event types for Webhooks
> CONTRIBUTING: remove paragraph that was rewritten
> update CONTRIBUTING file
> add David Deng (Googler) as contributor
> Do URL path escape composing the URL for GetContents
> add Luke Roberts as contributor
> add preview header to list branches request
> go-github: move event types into event_types.go
> go-github: add support for issue locking / unlocking
> add Pierre Carrier as contributor
> issues: add Repository
> Document specific errors returned by CheckResponse.
> Add RateLimitError type, detect and return it when appropriate.
> Minor Rate, RateLimits documentation fixes.
> add StatusUnprocessableEntity constant
> new repo struct for push events
> gofmt -s
> add saisi as contributor
> Fixed a couple of typos in comments
> RepositoryContentFileOptions: specify .Content as unencoded Fixes #263.
> add Julien Rostand as contributor
> Add Sender to WebHookPayload. Resolves #267.
> add John Engelman as contributor
> Add the Description field for organization teams.
> fix spelling in comment
> add griffin_stewie as contributor
> Add "SuspendedAt" field to User struct.
> update to 2048 bit key for user integration test
> update required go version to 1.4
> Edit branch protection
> add Björn Häuser as contributor
> Add initial support for protected branches
> bump minimum tested version to go 1.4
> add support for HTTP Basic Authentication
> fix typo
> add sona-tar as contributor
> Add ListOptions to ListWatched
> add Eric Paris (Red Hat, Inc.) as contributor
> Fix default comment for Direction in issue lists
> ignore EOF error when json decoding empty response
> add Brad Harris as contributor
> adding URL property to Hook struct
> Fix data race surrounding Client.Rate.
> github: Document all possible values for IssueList{,ByRepo}Options.State.
> add Russ Cox as contributor
> github: document and add support for all IssueEvent types
> Add support for 'renamed' issue events.
> use PUT verb when setting org membership
> add Maxime Bury as contributor
> Adding DownloadReleaseAsset
Submodule src/github.com/google/go-querystring 547ef5a..9235644:
> New array handling options (semicolon, numbered)
> Now checking if a field is not anonymous before skipping it when walking over values in an struct, to make sure that we don't skip validly accessible (exported) embedded values in an unexported field.
> Updating tests for the expected behavior
> Fix invalid call to value method with nil pointer
Submodule src/github.com/gorilla/websocket 5c91b59..a69d25b:
> Merge pull request #152 from sambooo/patch-1
> Improve chat example
> Merge pull request #150 from RHavar/patch-1
> Add description to the chat example readme
> Add hooks to support RFC 7692 (per-message compression extension)
> Implement RFC 6455, section 4.4
> Coalesce outbound messages in chat example
> Merge pull request #136 from reeze/add-handler-getter
> Add Sec-WebSocket-Extensions header parser
> Reduce memory allocations in NextReader, NextWriter
> Revert "Reduce memory allocations in NextReader, NextWriter"
> Merge branch 'varnames'
> Reduce memory allocations in NextReader, NextWriter
> Cleanup js in chat example
> Handle invalid close frames
> Test truncated frames at all positions
> Fix Read() to return errUnexpectedEOF when EOF is received before all bytes in the frame have been read
> Drop Go 1.3 from supported configurations
> Do not shallow copy crypto/tls.Config
> .travis.yml go vet fix.
> Fix filewatch example
> Document that default ping handler can block
> Add IsWebSocketUpgrade
> Remove Go 1.1 from Travis config
> Run 'go vet' instead of 'go tool vet' in Travis
> Merge pull request #113 from elithrar/patch-1
> Fix go vet warning
Submodule src/github.com/hashicorp/go-multierror d30f099..8c5f0ad:
> Add deps script
> Add travis stuff
Submodule src/github.com/hpcloud/tail 05d326f..a30252c:
> Merge pull request #89 from hpcloud/adds-appveyor-badge
> Merge pull request #88 from hpcloud/add-appveyor-for-windows
> Merge pull request #85 from hpcloud/update-licensing
> Merge pull request #84 from hpcloud/fix-flaky-test
> Merge branch 'davidsansome-block-until-exists-relative-path'
> fix reader nil pointer
> Merge pull request #76 from aristanetworks/upstream
> watch: Fix prototype to be more restrictive.
> watch: Unsubscribe from fsnotify synchronously.
> Merge pull request #81 from hpcloud/fix-race-in-test
> Merge pull request #80 from hpcloud/v2-criteria
> Merge branch 'tcheneau-typo-fix'
> Merge pull request #79 from hpcloud/add-godep
> Merge branch 'ando-masaki-master'
> Merge branch 'flynn-stop-at-eof'
> Merge pull request #72 from miraclesu/fix/watch_create
> Update README.md
> Merge branch 'ajacoutot-openbsd'
> Merge pull request #66 from ober/master
> Merge branch '42wim-namedpipe'
> Merge pull request #58 from aristanetworks/upstream
> Merge pull request #63 from ekini/master
Submodule src/github.com/inconshreveable/go-update 8455de1..8152e7e:
> Fix nondeterministic failure caused by parallel tests.
Submodule src/github.com/kr/pty f7ee69f..ce7fa45:
> Merge pull request #44 from cmarcelo/pr/dragonfly-gofmt
> Merge pull request #36 from keybase/master
> Merge pull request #41 from mneumann/fix_dragonfly
Submodule src/github.com/lib/pq ffe986a..80f8150:
> Add support for array Scanners and Valuers
> Dont assume . to be in PATH
> Skip pgpass tests if not running under Travis
> Re-format an awfully long line
> Fix typo
> Update README to reflect my current GitHub handle
> Merge remote-tracking branch 'origin/pr/469'
> encode: `decode` T_text into a string
> Export FormatTimestamp for emitting the postgres timestamp format
> sslmode=require compliance when root cert provided
> Merge pull request #468 from cbandy/travis-ci
> Use goimports instead of gofmt
> Fail Travis if code is not gofmted correctly
> Run go fmt
> Merge branch 'add-go-vet-to-travis'
> Move from /var/run/postgresql to /run/postgresql in examples
> Merge remote-tracking branch 'origin/pr/461'
> Support arbitrary network dialers in listeners
> Merge pull request #458 from vsukhin/master
> Expose ParseTimestamp for parsing the postgres timestamp format
> Drop antediluvian Postgres and Go versions
> Add 1.6 to travis for testing
> fix typo
> Remove unnecessary allocation
> Use `net.{Join,Split}HostPort` for proper ipv6 handling
> whitespace (gofmt)
> fix build on go1.6
> whitespace (gofmt)
> Add verify-ca to error message in conn
> TestCopyRespLoopConnectionError: Always ignore errors on stmt.Close()
> Fix intermittent test failure in TestCopyRespLoopConnectionError
> Fix intermittent test failure in TestCopyRespLoopConnectionError
> Merge pull request #418 from lib/9.5
> Document pgpass support
> Add Fazal Majid to contributors
> added unit-tests for pgpass
> proper handling of the "localhost" special case in .pgpass (it also matches the empty string and UNIX sockets) https://github.com/lib/pq/issues/75
> better .pgpass parser (escaped colons) derived from https://github.com/tg/pgpass https://github.com/lib/pq/issues/75
> implemented .pgpass support in lib/pq, see: https://github.com/lib/pq/issues/75
> Also test prepared queries in TestEmptyResultSetColumns
> Fix empty query `Columns()` handling
> Make copyin.Close() idempotent
Submodule src/github.com/mattn/go-isatty 7fcbc72..66b8e73:
> Merge pull request #10 from stuartnelson3/patch-1
> Merge pull request #5 from CaptainCodeman/appengine
> add example
> Merge pull request #4 from fazalmajid/Solaris
Submodule src/github.com/mitchellh/mapstructure 281073e..ca63d7c:
> Merge pull request #51 from jefferai/master
> returning untyped nil from decode hook will assign properly to interface
> Merge pull request #44 from grrtrr/master
> Merge pull request #45 from mitchellh/f-map-slice
Submodule src/github.com/onsi/ginkgo 74c678d..120efcf:
> Redo flags again, add a bunch of pass-throughs. (#282)
> Spelling fix (#283)
> Covermode flag (and reworked pass-through flags passing) (#281)
Submodule src/github.com/papertrail/remote_syslog2 d121b66..523d577:
> Merge pull request #160 from papertrail/add-armhf
> Merge pull request #163 from papertrail/clarify-config-example
> Merge pull request #159 from papertrail/update-help
> Merge pull request #149 from papertrail/systemd-dependency
> Merge pull request #152 from papertrail/update-comments
> Merge pull request #144 from papertrail/018-fsnotify-tail-additions
> Merge pull request #138 from papertrail/use-beanstalk-env-and-instanceid
> Merge pull request #143 from papertrail/close-connection-on-error
> Merge pull request #137 from papertrail/logging-directory-recreation
> Merge pull request #134 from papertrail/update-usage
> Merge pull request #125 from papertrail/version-flag
> Merge pull request #124 from papertrail/documenting-pr-51
> v0.17
> Merge pull request #51 from siavashs/application
> Merge pull request #123 from papertrail/document-debug-logging
> Update README.md
> Merge pull request #68 from dhoeric/master
> Merge pull request #116 from mlafeldt/gofmt
> Update remote_syslog.ebextensions.config
> Merge pull request #105 from u2mejc/u2mejc-ebextensions
> Merge pull request #121 from papertrail/tcp-limit
> Updated binary name to match #122
> Merge pull request #117 from mlafeldt/gitignore
> Merge pull request #122 from papertrail/build-binary
> Merge pull request #90 from bhechinger/status_codes
> Merge pull request #115 from papertrail/v0.16
> Merge pull request #114 from papertrail/new_cert
> Merge pull request #107 from papertrail/v0.15
> Merge pull request #104 from papertrail/clarify-log-help-text
> Merge pull request #97 from papertrail/connection-timeout
> Merge pull request #98 from papertrail/write-deadline
> Merge pull request #103 from papertrail/continue-on-connection-error
> Merge pull request #100 from papertrail/generate-stracetraces
> Merge pull request #101 from papertrail/explicitly-enable-cgo
> Merge pull request #92 from papertrail/troubleshooting
Submodule src/github.com/peterhellberg/link 1082c67..d1cebc7:
> Run the tests against 1.6 and 1.5.3
> Updated copyright year [skip ci]
> Changed rfc5988 to RFC 5988, rfc5987 to RFC 5987
Submodule src/github.com/pkg/term d7ef5fb..b1f72af:
> Merge pull request #19 from jdeppe-pivotal/master
> Merge pull request #18 from dumbbell/fix-freebsd-support
> convert from wercker to travis
> Merge pull request #17 from stuartrpearlman/tcflush-fix
> Merge pull request #16 from aitjcize/master
> Merge pull request #14 from liamstask/hw-flow-ctrl
> Merge pull request #13 from liamstask/read-timeout
Submodule src/github.com/sclevine/agouti ce62464..e5378e7:
> remove un-used tests
> fix failing tests
> Merge remote-tracking branch 'origin/master'
> rework TouchAction to make it "Repository" aware, and mimic the new Agouti API.
> Merge remote-tracking branch 'sclevine/master'
> Merge remote-tracking branch 'sclevine/master'
> Merge remote-tracking branch 'origin/feature/appium-replace-value'
> Merge pull request #2 from abourget/feature/appium-reset-app
> Merge pull request #1 from abourget/allByID
> TouchAction tests pass.
> Fix the touchaction code. Suite still failing..
> Most test suites restored. Appium in progress.
> Appium WIP
> First draft at implementing the TouchAction methods and chaining.
> Added debug output when command fails to start.
> Add more selectors, both to Agouti and Appium. Those compatible with standard WebDriver are in agouti, but they are used more in Appium (like FindByID), since it corresponds to the resource ID.
> Appium: Implemented All(), with MultiSelection
> Appium: Added meat around selection on appium.Device and appium.Selection
> TouchAction test updated, shows chaining in action.
> Fix tests and decouple from *mobile.Session.
> Moved TouchAction. Drafted first tests.
> Selectors ready to go + AgoutiOptions + comments
> Possible solution to unexported selector issues
> Refactor target package to have a single selectors#Append method
> RFC: Debug flag as options
> Added "AppendClass", and selectors for class-based selection. Appium uses classes to select component types.
> Drafting TouchAction
> Appium: First version to compile.
> A few design ideas for abourget - nothing functional
Submodule src/github.com/shiena/ansicolor d445752..a422bbe:
> Merge pull request #9 from techtonik/patch-1
Submodule src/github.com/tedsuo/ifrit 3a41de6..6711154:
> Merge pull request #16 from cwlbraa/master
> Merge pull request #15 from jvshahid/fix-early-interrupt-in-ordered-group
> Merge pull request #13 from lwoydziak/master
> Merge pull request #12 from lwoydziak/master
> Merge pull request #11 from cf-routing/handle-multiple-signals
> Invoke ffs
Submodule src/github.com/vito/go-interact 0eb3903..965b78f:
> add MIT license
Submodule src/github.com/vito/go-sse bfb56c5..fd69d27:
> Merge pull request #3 from cf-routing/max_retries
Submodule src/github.com/vito/gosub 2aa7c2b..84ac9df:
> Merge pull request #6 from concourse/master
> Merge pull request #5 from rosenhouse/actionfunc
Submodule src/golang.org/x/crypto c8b9e63..a8a4eed:
> acme/autocert: improve test speed on 386
> acme: improve http-01 challenge API
> acme/autocert: new high-level package for automatic cert management
> nacl/secretbox: add Seal, Open example
> acme: context-aware Client methods
> acme: build up full chain certs when requested
> acme: format Client and errors
> acme: preserve account URI on get and update
> acme: improve TLSSNI{01,02}ChallengeCert methods
> acme: simplify TLS-SNI challenge cert
> acme: support for ECDSA keys
> acme: TLS-SNI challenges implementation
> acme: specify which version exactly is implemented
> ssh: clarify error type if a SendRequest goes unanswered
> x/crypto/ssh/terminal: have MakeRaw mirror cfmakeraw.
> ssh: disable known-flaky test from the Go build dashboard
> x/crypto/ssh: add ed25519 certs to supportedHostKeyAlgos
> acme: prompt for terms agreement
> ocsp: fix default value of Version in ResponseData
> x/crypto/ssh/agent: ecdsa key/cert typo
> acme: default values and discovery
> x/crypto/ssh: handle missing exit status more gracefully.
> x/crypto: fix typos
> x/crypto/ssh: use BigEndian.Uint32 for decoding exit status.
> x/crypto/ssh: Add support for retryable authentication
> agent: add agent server support for ed25519 keys.
> crypto/ssh: minor comment change (trivial)
> go.crypto/blowfish: fix typo in docstring in cipher.go
> x/crypto/ssh: set constraints when adding certs to the agent
> ssh: allow adding ed25519 keys to the agent
> x/crypto/ssh: return msgNewKeys for a short-circuited first kex.
> x/crypto/ssh: add 3des-cbc as a non-default cipher
> x/crypto/ssh: add support for ed25519 keys
> x/crypto/ssh: hide msgNewKeys in the transport layer.
> ssh: fix compatibility with recent OpenSSH
> acme: format test data
> x/crypto/openpgp/s2k: fix misleading function comment
> x/crypto/ssh: also log data packets when debugHandshake is set
> x/crypto/ssh: fix subsequent key exchanges.
> x/crypto/ed25519: add package.
> x/crypto/ssh: support more keytypes in the agent.
> x/crypto/ssh: if debugMux is set, also log global messages.
> x/crypto/ssh: remove misleading comment, add example
> sha3: revert alignment optimization on ppc64
> x/crypto/ssh/agent: Support v1 remove all message
> x/crypto/ssh: omit empty fields in error message
> x/crypto/ssh: debug support for msgUserAuthSuccess and msgChannelData
> acme: initial import of ACME implementation
> x/crypto/ssh: make sure the initial key exchange happens once.
> x/crypto/ssh/terminal: ensure windows MakeRaw returns previous state
> x/crypto/ssh/terminal: create stubs for plan9 methods
> openpgp: Allow V3 signatures in messages
> x/crypto/ssh: interpret disconnect message as error in the transport layer.
> x/crypto/ssh: Add timeout for dialing
> golang/x/crypto/sha3: use better alignment
> openpgp: ECDSA key and signature support
> x/crypto/ocsp: correct OID for DSA-with-SHA-256.
> openpgp/clearsign: Handle truncated messages
> x/crypto/ssh/agent: add a client example and tweak package doc.
> x/crypto/ocsp: return errors to reflect OCSP errors.
> x/crypto/ssh: add function to parse known_hosts files.
> x/crypto/openpgp: add ElGamal support when writing GPG keys.
> x/crypto/ssh: allow a custom Config to specify CBC mode.
> x/crypto/pkcs12: fix typo in struct tag
> ocsp: add support for OCSP response extensions
> x/crypto/ssh/agent: Fix keyring removing the wrong key(s)
> x/crypto/ssh: run go fmt
> x/crypto/otr: reformat the libotr test harness with clang-format.
> x/crypto/otr: update libotr test code for version 4.
> x/crypto/otr: make errors fatal.
> x/crypto/otr: clear key slots when handshaking.
> crypto/ssh: fix typo in error string.
> x/crypto/openpgp/packet: fix message for errors resulting from an unknown cipher.
> otr: smpFailureError processing tlvTypeSMP3 prevents sending tlvTypeSMP4
> x/crypto/pkcs12: deal with short byte array in PBKDF
Submodule src/golang.org/x/net cd8c270..07b5174:
> publicsuffix: update table to latest list from publicsuffix.org
> http2: adjust flow control on open streams when processing SETTINGS
> http2: add missing import path declaration
> http2: add more Transport logging around why connections close
> http2: fix Transport.RoundTrip hang on stream error before headers
> http2: add more HEADERS and error logging in GODEBUG=http2debug=2 mode
> http2: make Transport work around mod_h2 bug
> http2: don't ignore DATA padding in flow control
> http2: return flow control for closed streams
> http2: fix data race on cc.singleUse
> route: don't crash or hang up with corrupted messages
> http2: make Transport prefer HTTP response header recv before body write error
> http2: make Transport treat "Connection: close" the same as Request.Close
> context/ctxhttp: if context is canceled, return its error
> http2: fix flaky TestTransportResPattern_* tests
> http2: make Transport honor Request.Close more aggressively
> http2: fix flaky TestTransportReqBodyAfterResponse_403
> context/ctxhttp: add a specialized minimal version for Go 1.7
> publicsuffix: update table to latest list from publicsuffix.org.
> http2: add additional blacklisted ciphersuites
> http2: merge multiple GOAWAY frames' contents into error message
> http2: make Transport return server's GOAWAY error back to the user
> webdav: skip test that fails with gccgo
> ipv4: add support for ppc (using gccgo)
> ipv6: add support for ppc (using gccgo)
> http2: fix typo in ReadFrame
> bpf: implement LoadExtension and ExtLen for VM
> bpf: fix a typo
> bpf: add Go implementation of virtual machine
> webdav: respect the Handler.Prefix in confirmLocks.
> publicsuffix: strip generated comments; automatically scrape git version.
> http2: fix data race on pipe
> http2: consider buffered data when doing stream flow control
> http2: GotFirstResponseByte hook should only fire once
> websocket: fix Read behaviour in hybiFrameReader.Read
> webdav: set 'getlastmodified' live property for directories
> http2: fix nits in test
> http2: allow http scheme for http2
> http2: prevent Server from sending status 100 header after anything else
> http2: let handlers close Request.Body without killing streams
> http2: fix Transport.CloseIdleConnections when http1+http2 are wired together
> http2: delay sending request body in Transport if 100-continue is set
> http2, lex/httplex: make Transport reject bogus headers before sending
> http2: reject more trailer values
> http2: with Go 1.7 set Request.Context in ServeHTTP handlers
> http2: when using Go 1.7, make Transport use httptrace hooks
> ipv6: add support for linux/s390x
> ipv4: add support for linux/s390x
> route: fix typos in test
> ipv6: support attaching packet filters to PacketConn.
> ipv4: support attaching packet filters to PacketConn/RawConn.
> route: new package
> http2/hpack: forbid excess and invalid padding in hpack decoder
> http2: make Transport use Request.Context, set Response.Uncompressed
> context: correct spelling of TODO in comment
> ipv4: don't fail test on big endian machine
> icmp: don't fail test on big endian machine
> net/trace: fix comment typo
> context: fix doc typo
> http2: allow StreamDep of 0 in HEADERS and PRIORITY frames
> http2: delete pre-Go1.5 request cancellation
> context/ctxhttp: remove pre-Go 1.5 support
> context: bump gccgo-specific alloc limit for WithTimeout test.
> http2: standardize RFC mention format
> ipv6: fix a typo
> ipv4: fix a typo
> icmp: fix a typo
> http2: fix typos
> http2/hpack: fix a typo
> webdav: have the exported API use the standard library's xml.Name type.
> webdav: rename the "etc/internal/xml" import.
> webdav: run "gofmt -s" to simplify some tests.
> webdav: fill in the package's doc comment.
> webdav: remove runtime check for Go 1.4 or earlier.
> http2: make Server reject connection-level headers with a 400 response
> websocket: remove redundant error handling
> context: implement in terms of the standard library for Go 1.7+
> http2: Ignore Keep-Alive header in requests
> bpf: rename LoadIPv4HeaderLen to the more generic LoadMemShift.
> ipv6: remove unnecessary sysSockoptLen type
> ipv4: remove unnecessary sysSockoptLen type
> http2: fix truncated comment
> bpf: correct spelling of marshaling in package doc.
> bpf: add package documentation describing the BPF virtual machine.
> bpf: simplify disasm state machine.
> bpf: new package to assemble and disassemble Berkeley Packet Filter programs.
> http2: revert part of e7da8eda to fix data race it introduced
> http2: make Transport handle HEAD responses with DATA frames
> http2: don't make garbage when sorting things
> http2: remove method value allocation per read frame
> http2: reduce alloc-heavy init
> context: Uniformly pass cancelCtx by pointer.
> trace: make AuthRequest robust to multiple RemoteAddr formats
> http2: reduce garbage in Server on requests with bodies
> websocket: Be explicit about goroutine safety
> http2: gofmt -w -s
> context/ctxhttp: fix data race in tests
> publicsuffix: Make gen.go faster.
> publicsuffix: update table to latest list from publicsuffix.org.
> http2: add Framer.ErrorDetail method
> http2: don't override user's Transport.TLSConfig.ServerName
> http2/h2i: Handle invalid usage more idiomatically.
> internal/iana: update protocol numbers
> http2: move merging of HEADERS and CONTINUATION into Framer
> ipv6: fix potential misaligned memory access
> ipv4: fix potential misaligned memory access
> icmp: fix potential misaligned memory access
> http2: fix crash in Transport on double Read of invalid gzip Response.Body
> publicsuffix: add some commentary on using "go run gen.go".
> http2: fix a nit
> http2: don't send Connection-level headers in Transport
> http2: export Server.ServeConn
> http2/h2demo: update bug link, add idle conn timeouts
> publicsuffix: update table to latest list from publicsuffix.org on 2016-01-30.
> http2: don't add *Response to activeRes in Transport on Headers.END_STREA
> http2: add mechanism to send undeclared Trailers mid handler
> http2: remove unused variable
> http2: reduce log spam, especially on Windows
> net/context/ctxhttp: fix case where Body could leak and not be closed
> http2: clarify field-value grammar in doc; reject DEL in field value
> http2: validate received header field values in Server and Transport
> publicsuffix: update table to latest list from publicsuffix.org
> http2: unmailed code review cleanups from previous commit
> http2: make Transport respect http1 Transport settings
> http2: make Transport send a Content-Length
> http2: make configureTransport return the new t2 transport as well
> http2: make Transport close unneeded connections after h1->h2 upgrade
> icmp: fix typo.
> http2: add Transport strictness, paranoia, logging for unwanted DATA frames
> context/ctxhttp: don't test on plan9
> http2/h2i: disable building h2i on plan9 and solaris
> http2: skip TestServer_RejectsLargeFrames on windows (fixes build)
> http2: log frame reads at log level http2debug=2 also, not just writes
> http2: fix channel double-close crash
> http2: add tests to verify the type of peer stream resets
> x/net/icmp: fix typos in comments
> http2: relax Trailer predeclaration requirement in Transport
> html/charset: replace EUC-KR test
> http2: clean up debugging, rename GODEBUG key
> http2: mix cleanups, TODOs, new tests, enforce header list size in Transport
> http2: make Transport ignore 100-continue responses, add comprehensive tests
> http2: fix nits found by vet
> http2: fix Transport cancelation problems
> http2: set default User-Agent if not otherwise specified
> http2: support CONNECT requests
> context/ctxhttp: allow cancellation after Do returns
> trace: properly set the content type when sending html
> http2: move HEADERS/CONTINUATION order checking into Framer
> http2: fix typo and simplify truncation of text in test
> http2: fix readFrames goroutine spin between ConnectionError and conn close
> http2: reset DebugGoroutines after testing it
> html/charset: verify correct UTF-8 behavior
> http2: make Transport's Response.Body.Close not wait for buffered data
> http2: send client trailers
> html/charset: handle unsupported code points for encoding
> html/charset: use x/text/encoding/htmlindex
> http2: add support for Transport reading trailers from the server
> http2: add server-side trailer support
> http2: add Server support for reading trailers from clients
> http2: add disabled start of tests for trailers, clean up, deflake some tests
> http2: catch panics server-side, respect RST_STREAM on the Transport side
> ipv6: update example for the use of dual stack listener
> ipv4: update example for the use of dual stack listener
> ipv6: add support for linux/{mips64,mips64le}
> ipv4: add support for linux/{mips64,mips64le}
> http2: fix build for Go 1.4 users
> http2: support Request.Cancel in Transport
> http2: send "http/1.1" ALPN in TLS dial in addition to "h2"
> html/charmap: update table with latest data
> netutil: Ditch go1.3 build tag.
> xsrftoken: fix lint error in Timeout's comment.
> webdav: fix props for directory
> xsrftoken: add package import comment
> xsrftoken: update token implementation
> html: remove license references from benchmark test data
> xsrftoken: copy from code.google.com/p/xsrftoken
> http2: fix two cases of Server behavior not matching HTTP/1
> http2: make the Transport write request body data as it's available
> publicsuffix: update table to latest list from publicsuffix.org.
> ipv6: simplify log message format
> ipv4: simplify log message format
> http2: merge duplicate Transport dials
> icmp: fix miscalculation on multipart message bodies
> x/net/webdav: percent-encode D:href in the XML.
> http2: add automatic gzip compression for the Transport
> http2: client & server fixes
> ipv6: move unexposed error values into helper.go
> ipv4: move unexposed error values into helper.go
> http2/h2demo: updates to text and Makefile to upload/deploy it
> context: fix typo in TODO documentation
> http2/h2i: add settings flag
> http2: minor transport code & docs cleanups
> http2: add ConfigureTransport, like ConfigureServer
> http2: handle pings in Transport
> http2: client conn pool abstraction
> http2: add Transport.RoundTripOpt, adds option to RoundTrip without new dials
> publicsuffix: update table to latest list from publicsuffix.org.
> http2: fix Server race with ResponseWriter.curWrite re-use
> http2: another Transport body-writing bug fix, and more tests
> http2: fix Transport's flow control control when writing request bodies
> http2: swallow io.EOF while reading body and flow fix
> http2: append query to :path pseudo-header
> http2: add DialTLS to Transport
> http2: push stream look up later in Transport, address some TODOs/cleanups
> http2: prevent deadlock channel send in server Handler if client disappears
> http2: send WINDOW_UPDATE frames while reading Transport Response bodies
> http2: add per-Response buffered response bodies with separate flow control
> http2: write Transport bodies
> http2: change the pipe and buffer code
> http2: remove Transport.Fallback
> http2: add Transport.AddIdleConn
> http2: quiet Transport logging
> http2: fix server race
> http2: update the curl and nghttp2 versions used in tests
> http2: fix broken test after ConfigureServer change
> http2: make ConfigureServer set PreferServerCipherSuites, return an errors
> context: attempt to deflake TestLayersTimeout with timer padding.
Submodule src/golang.org/x/oauth2 ef4eca6..4784bb8:
> uber: Add Uber API endpoints
> oauth2/google: change import paths
> oauth2: add reference to clientcredentials package
> oauth2: fix stale docs
> google: fix warnings from go vet
> oauth2: fix warning from go vet
> jws: use base64.RawURLEncoding
> google: fix the build when appengine isn't present
> internal: decapitalize the argument names
> google: support key ID in JWTAccessTokenSourceFromJSON
> Revert "passwordcredentials: add"
> passwordcredentials: add
> travis: always build against tip
> internal: fix transport_test use of nil Context
> jws: Fix typo in jws_test
> jws: add RS256 Verification for JWS
> google: Update godocs to reflect recent GCP front-end changes.
> hipchat: Generate Config for Connect integrations
> oauth2: remove mockCache since NewTransportFromTokenStore() removed.
> hipchat: Add endpoint function for HipChat server
> oauth2/internal: Add api.dropboxapi.com to broken providers.
> hipchat: Add HipChat API endpoints
> fitbit: add Fitbit API endpoints
> internal: add Patreon to the broken auth list
> internal: add Wunderlist to list of broken auth providers
> internal: add baidu.com to the broken auth list
> slack: new package with Slack's endpoints
> transport_test: added TestNilTokenSource + close res.Body per GET
> microsoft: add windows live endpoints
> internal: primarily use the HTTP client provided in the context
> oauth2: allow users to register broken OAuth2 implementations
> internal: add Salesforce to list of broken auth providers
> internal: add microsoftonline.com to list of broken providers
> jws: fix base64Decode for strings of length 1 (mod 4).
> jws: add EncodeWithSigner function.
> all: change copyright to 'Go Authors'
Submodule src/gopkg.in/cheggaaa/pb.v1 8808370..9453b2d:
> 1.0.5
> Merge branch 'A40in-master'
> Merge pull request #82 from hackintoshrao/create-getcurrent
> 1.0.4
> Reader implements io.Closer #80 #60
> bar.Finish in example #79
Submodule src/gopkg.in/yaml.v2 53feefa..e4d366f:
> Updated LICENSE to Apache License 2.0.
> Merge pull request #152 from mwhudson/go16-compat
> Merge master.
> Add .travis.yml
> More UTF-16 test cases by John.
> Fix UTF-16 LE and BE handling.
|
+1 having the same problem |
Outputs as well, unfortunately. So it's not possible to generate outputs either. |
|
+1 for us as well - with all the root escape bugs docker has had up to very recently, I think this is extra important |
|
@miromode the root-escape bugs in docker might not affect Concouse as it uses it's own container runtime (caled "garden") to run containers, not docker, so there's a chance that the same bugs won't exist here. (Or they could share the same code from libcontainer and might be vulnerable. I don't know at either way) |
|
This is a hard requirement for building OpenWRT as well. We can hack around it by wrapping commands with |
|
I have hit this issue trying to use gradle image to build a gradle project, can work around it by specifying root, but I don't like being forced to do so. I think this is a bug, you have different behaviour when running gradle via docker |
|
I'm currently stuck with docker-node and this Concourse limitation. Then write any Concourse task with something as simple as despite the earlier execution of I tried to make the The only solution I have found is to duplicate the entire node image and remove the creation of the non-root user. |
|
Here is a dumbed-down version of the task that actually fails in our pipeline ( |
|
As discussed on Slack yesterday, I also tried setting a specific user in the task and I still get |
|
@fbiville Are you on v3.4.0? That's the version where we fixed setuid permissions, which should fix You can also set So something like: # ...
run:
# ...
user: root |
|
@vito touché, we're on |
|
In one of my pipelines I needed to run as a non-root user (to make ChromeDriver work properly) but also needed that non-root user to own the inputs and outputs so it could install dependencies, write files during tests, etc. If someday I could use Concourse's task user setting like this: inputs:
- name: some-input
run:
user: nonrootuser
# ...and have |
|
Hey folks, here's a solution I came up with to workaround in the meanwhile incase you want something that's reusable (this is specific to my nodeJS scenario... modify as needed): perm-patch.sh #!/bin/bash
# This script will "patch" an issue with Concourse (https://github.com/concourse/concourse/issues/403)
# where the resources provided to a job/task are owned by the `root` user. However, it is best to run NodeJS
# with a non-root user as there are issues where it will refuse to run lifecycle scripts like `pre` and `post`.
if [ -z "$1" ]; then
echo ERROR: You must provide the script to run with permission-patch as a parameter.
exit 1
fi
chown -R node:node /tmp/build
exec sudo -u node $1task.yml inputs:
- name: ci-tasks
run:
path: ./ci-tasks/perm-patch.sh
args:
- ./ci-tasks/tasks/install-version-publish.shThis will run my actual task |
|
Hi This issue still persists even with the current build. I saw that this issue is closed. Has the issue been fixed? If so what needs to be done to run the builds as non user? |
|
This issue is not closed. |
|
add "sudo" before your command. |
|
@track0x1 hey, thanks for providing a workaround. I'm getting permission denied when trying to chown /tmp/build with your perm-patch script. Also it complains there's no "sudo" command. Is there a recent concourse upgrade that renders this workaround unusable perhaps? |
|
@testower You'll need to make sure you have
Also you need to make sure your image is not declaring a You can double check by running |
|
Thanks! It's also possible to add to the task definition, and keep the USER declaration in Dockerfile. Another tweak is to add -E to the sudo command to preserve any params (env variables) passed to the task. |
|
I figure I'd link the Docker issue that's perhaps most relevant to this work: moby/moby#2259 I'm assuming the Concourse team's stance (I'm not on the team) is to wait for upstream to fix the volume mount issue. I'm not certain there is a "fix" though. |
|
I also struggle with that and will have to go the chown & sudo-Way to run my stuff as non-root user. This is due to some dependencies in my cross compile scenario which check, that their configure scripts are not run as root. Another thing I think about is whether adding the non-root user to the group root inside the container would avoid chowning in some cases... |
|
I noticed that the caches also do not keep ownership, so I have to chown them too. As they become really big, the chown already eats up valuable resources. I would like to go so far to say, that this even is kind of a show-stopper for us. Edit: |
|
The description helped. |
|
This is a pretty serious issue. Is there no intent to fix this? Root containers don't really contain, so this makes the build machines pretty untrusted. |
|
I also am running into this problem when trying to get tests running with Chromedriver. The puppeteer images provided have a |
|
Is this still relevant? If so, what is blocking it? Is there anything you can do to help move it forward? This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. |
|
Yes is this issue is still relevant. No there's nothing I can do to move it forward. |
|
Sorry I never really replied to this. It's a kind of tough nut to crack, because in order to fix the permissions on the input we need to actually inspect the rootfs, figure out the UID for the user you're going to run as (which likely involves some cludgy file parsing), and then recursively Doing the recursive Could use some more ideas here. |
|
#5759 suggests potentially doing a Kinda seems like there's not much choice here and we should just recursively This would probably involve new APIs in Baggageclaim to do the recursive Maybe this could be accomplished through one API call that says something like, "change ownership of volume I'm not sure what the most durable way to resolve a username to a UID is - I suppose parsing Once the UID is found Baggageclaim would then walk the tree of What about the group? Should we change that too? What should the semantics of that be? Just set it to the same ID? |
|
Not sure if the group is that relevant, if the user is identical group becomes meaningless. If you imagine more complex build processes, then some sub processes might be run as distinct users, but you can not assume that every user has a default group associated. Complexity can be kept low, if you use the Trying to inspect internals of containers will get you in the weeds, i.e. what about non /etc/passwd based auth? Short term solution which clutters the ymal is |
|
Workaround suggested by @testower to run commands as @vito I think proper way to handle it is to create unprivileged user (or a number of users |
georgethebeatle
added a commit
to cloudfoundry/korifi-ci
that referenced
this issue
Jul 28, 2022
It does not work in concourse. See concourse/concourse#403 and concourse/concourse#5759. Co-authored-by: Georgi Sabev <[email protected]>
|
7 years since this issue has been opened and it's still outstanding? Considering the fact that nonroot containers are the standard nowadays, I'm still surprised (and concerned) that this hasn't had any attention for 2 years. I'm starting to get pushback from a lot more people now when trying to recommend Concourse as a product because of issues outstanding like this one that scares their security people. |
1 task
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
and others
We are using a Docker image with a non-root user (Dockerfile contains a "USER" command). All inputs (e.g. obtained by the git resource) are owned by root. Therefore, to make a commit we need to chown all files first. It seems like Concourse should do that for me when mounting the inputs.
The text was updated successfully, but these errors were encountered: