-
Notifications
You must be signed in to change notification settings - Fork 23
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
lock: update lock change resolution to fix mutating image collision #337
Conversation
2f7b23d
to
55855c6
Compare
fn eq(&self, other: &Self) -> bool { | ||
self.source == other.source && self.digest == other.digest | ||
} | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the image digest should be sufficient for equivalency, no?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The source could change with vendor but the digest could theoretically be the same
pub(crate) async fn create(project: &Project) -> Result<Self> { | ||
let lock_file_path = project.project_dir().join(TWOLITER_LOCK); | ||
if lock_file_path.exists() { | ||
remove_file(&lock_file_path).await?; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
do we need to remove the existing lockfile when create == true
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah, I just noticed I never clicked "submit" on this review. Sorry!
pub schema_version: SchemaVersion<1>, | ||
/// The workspace release version | ||
pub release_version: String, | ||
/// The resolved bottlerocket sdk |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this require a SchemaVersion
change?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
No not really the schema version here is more to track the schema version of Twoliter.toml
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm imagining that it could also be a problem if you update twoliter and the lockfile no longer matches, despite the contents being the same. I believe that shouldn't be the case here, though.
55855c6
to
7a70969
Compare
7a70969
to
777878d
Compare
The format changed after bottlerocket-os/twoliter#337
Description of changes:
Testing done:
Tested that Twoliter.lock collision still correctly occurs including remote digest change.
Terms of contribution:
By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.