chore: add hash errata for tarball headers

Add hash errata for tarball directory headers for installers. Signed-off-by: Noel Georgi <git@frezbo.dev>
siderolabs · Nov 28, 2024 · b7f7fd3 · b7f7fd3
1 parent 370c137
commit b7f7fd3
Show file tree

Hide file tree

Showing 4 changed files with 26 additions and 16 deletions.
diff --git a/go.mod b/go.mod
@@ -13,12 +13,12 @@ require (
 	github.com/siderolabs/gen v0.7.0
 	github.com/siderolabs/go-debug v0.4.0
 	github.com/siderolabs/go-pointer v1.0.0
-	github.com/siderolabs/talos v1.9.0-alpha.2.0.20241120140534-c4c1a0d7c73d
-	github.com/siderolabs/talos/pkg/machinery v1.9.0-alpha.2.0.20241120140534-c4c1a0d7c73d
+	github.com/siderolabs/talos v1.9.0-alpha.3.0.20241128105750-e9058461e41c
+	github.com/siderolabs/talos/pkg/machinery v1.9.0-alpha.3.0.20241128105750-e9058461e41c
 	github.com/sigstore/cosign/v2 v2.4.0
 	github.com/sigstore/sigstore v1.8.8
 	github.com/slok/go-http-metrics v0.12.0
-	github.com/stretchr/testify v1.9.0
+	github.com/stretchr/testify v1.10.0
 	github.com/u-root/u-root v0.14.0
 	github.com/ulikunitz/xz v0.5.12
 	go.uber.org/zap v1.27.0
@@ -116,7 +116,7 @@ require (
 	github.com/containernetworking/cni v1.2.3 // indirect
 	github.com/coreos/go-oidc/v3 v3.11.0 // indirect
 	github.com/coreos/go-systemd/v22 v22.5.0 // indirect
-	github.com/cosi-project/runtime v0.7.1 // indirect
+	github.com/cosi-project/runtime v0.7.2 // indirect
 	github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect
 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 	github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
@@ -222,6 +222,7 @@ require (
 	github.com/pin/tftp/v3 v3.1.0 // indirect
 	github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c // indirect
 	github.com/pkg/errors v0.9.1 // indirect
+	github.com/pkg/xattr v0.4.10 // indirect
 	github.com/planetscale/vtprotobuf v0.6.1-0.20240917153116-6f2963f01587 // indirect
 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 	github.com/prometheus/client_model v0.6.1 // indirect
@@ -239,7 +240,7 @@ require (
 	github.com/siderolabs/crypto v0.5.0 // indirect
 	github.com/siderolabs/go-api-signature v0.3.6 // indirect
 	github.com/siderolabs/go-blockdevice v0.4.8 // indirect
-	github.com/siderolabs/go-blockdevice/v2 v2.0.5 // indirect
+	github.com/siderolabs/go-blockdevice/v2 v2.0.6 // indirect
 	github.com/siderolabs/go-circular v0.2.1 // indirect
 	github.com/siderolabs/go-cmd v0.1.3 // indirect
 	github.com/siderolabs/go-copy v0.1.0 // indirect

diff --git a/go.sum b/go.sum
@@ -263,8 +263,8 @@ github.com/coreos/go-oidc/v3 v3.11.0 h1:Ia3MxdwpSw702YW0xgfmP1GVCMA9aEFWu12XUZ3/
 github.com/coreos/go-oidc/v3 v3.11.0/go.mod h1:gE3LgjOgFoHi9a4ce4/tJczr0Ai2/BoDhf0r5lltWI0=
 github.com/coreos/go-systemd/v22 v22.5.0 h1:RrqgGjYQKalulkV8NGVIfkXQf6YYmOyiJKk8iXXhfZs=
 github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc=
-github.com/cosi-project/runtime v0.7.1 h1:cOF2/ljLa0NPQV6/S1RZHcSUXM0UyOlD5F3fwwYSQEg=
-github.com/cosi-project/runtime v0.7.1/go.mod h1:EMLs8a55tJ6zA4UyDbRsTvXBd6UIlNwZfCVGvCyiXK8=
+github.com/cosi-project/runtime v0.7.2 h1:b8/v/YpP75LNYLyP5x0+EdqPWtNn6sfJggGGzkqZ0H4=
+github.com/cosi-project/runtime v0.7.2/go.mod h1:EMLs8a55tJ6zA4UyDbRsTvXBd6UIlNwZfCVGvCyiXK8=
 github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 h1:2Dx4IHfC1yHWI12AxQDJM1QbRCDfk6M+blLzlZCXdrc=
 github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
@@ -654,6 +654,8 @@ github.com/pkg/browser v0.0.0-20240102092130-5ac0b6a4141c/go.mod h1:7rwL4CYBLnjL
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/xattr v0.4.10 h1:Qe0mtiNFHQZ296vRgUjRCoPHPqH7VdTOrZx3g0T+pGA=
+github.com/pkg/xattr v0.4.10/go.mod h1:di8WF84zAKk8jzR1UBTEWh9AUlIZZ7M/JNt8e9B6ktU=
 github.com/planetscale/vtprotobuf v0.6.1-0.20240917153116-6f2963f01587 h1:xzZOeCMQLA/W198ZkdVdt4EKFKJtS26B773zNU377ZY=
 github.com/planetscale/vtprotobuf v0.6.1-0.20240917153116-6f2963f01587/go.mod h1:t/avpk3KcrXxUnYOhZhMXJlSEyie6gQbtLq5NM3loB8=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -707,8 +709,8 @@ github.com/siderolabs/go-api-signature v0.3.6 h1:wDIsXbpl7Oa/FXvxB6uz4VL9INA9fmr
 github.com/siderolabs/go-api-signature v0.3.6/go.mod h1:hoH13AfunHflxbXfh+NoploqV13ZTDfQ1mQJWNVSW9U=
 github.com/siderolabs/go-blockdevice v0.4.8 h1:KfdWvIx0Jft5YVuCsFIJFwjWEF1oqtzkgX9PeU9cX4c=
 github.com/siderolabs/go-blockdevice v0.4.8/go.mod h1:4PeOuk71pReJj1JQEXDE7kIIQJPVe8a+HZQa+qjxSEA=
-github.com/siderolabs/go-blockdevice/v2 v2.0.5 h1:VLmIdDB/1P30Inrpe94FQAz4WUpByGwun5ZeTekxIQc=
-github.com/siderolabs/go-blockdevice/v2 v2.0.5/go.mod h1:74htzCV913UzaLZ4H+NBXkwWlYnBJIq5m/379ZEcu8w=
+github.com/siderolabs/go-blockdevice/v2 v2.0.6 h1:/NAy3MbNZhjLWo28asZyS/hmf86PEPDMc9i6wIcgbwI=
+github.com/siderolabs/go-blockdevice/v2 v2.0.6/go.mod h1:74htzCV913UzaLZ4H+NBXkwWlYnBJIq5m/379ZEcu8w=
 github.com/siderolabs/go-circular v0.2.1 h1:a++iVCn9jyhICX3POQZZX8n72p2h5JGdGU6w1ulmpcA=
 github.com/siderolabs/go-circular v0.2.1/go.mod h1:ZDItzVyXK+B/XuqTBV5MtQtSv06VI+oCmWGRnNCATo8=
 github.com/siderolabs/go-cmd v0.1.3 h1:JrgZwqhJQeoec3QRON0LK+fv+0y7d0DyY7zsfkO6ciw=
@@ -731,10 +733,10 @@ github.com/siderolabs/net v0.4.0 h1:1bOgVay/ijPkJz4qct98nHsiB/ysLQU0KLoBC4qLm7I=
 github.com/siderolabs/net v0.4.0/go.mod h1:/ibG+Hm9HU27agp5r9Q3eZicEfjquzNzQNux5uEk0kM=
 github.com/siderolabs/protoenc v0.2.1 h1:BqxEmeWQeMpNP3R6WrPqDatX8sM/r4t97OP8mFmg6GA=
 github.com/siderolabs/protoenc v0.2.1/go.mod h1:StTHxjet1g11GpNAWiATgc8K0HMKiFSEVVFOa/H0otc=
-github.com/siderolabs/talos v1.9.0-alpha.2.0.20241120140534-c4c1a0d7c73d h1:bFoHQvYthYBXF9sTe7mzszQiHsrAMk4fjQtcmJvfO8M=
-github.com/siderolabs/talos v1.9.0-alpha.2.0.20241120140534-c4c1a0d7c73d/go.mod h1:34qMezrq7rcuVX/t32cokDkqgjEdBwYfzyggK1zBJq0=
-github.com/siderolabs/talos/pkg/machinery v1.9.0-alpha.2.0.20241120140534-c4c1a0d7c73d h1:4xyldh9QbUYl4TQLkcd8YF8yLhu03EKTt3+jv2BXkKg=
-github.com/siderolabs/talos/pkg/machinery v1.9.0-alpha.2.0.20241120140534-c4c1a0d7c73d/go.mod h1:qkzrBYvXkRA08ku/M51lKgJmIuieE9y7ORSzZMkkWcQ=
+github.com/siderolabs/talos v1.9.0-alpha.3.0.20241128105750-e9058461e41c h1:z0/SuG5qpNyIIpRToxC29rkmFmfBnm/1APKCeDhMLJI=
+github.com/siderolabs/talos v1.9.0-alpha.3.0.20241128105750-e9058461e41c/go.mod h1:D2xlXYtLxlPLx2nkwkj2FDefOlxdPbmui1E2Gkpm6b8=
+github.com/siderolabs/talos/pkg/machinery v1.9.0-alpha.3.0.20241128105750-e9058461e41c h1:r8JR8EuPf/oBnTlq8rA2HhY0mBcphF8+TEg3AmyQwV4=
+github.com/siderolabs/talos/pkg/machinery v1.9.0-alpha.3.0.20241128105750-e9058461e41c/go.mod h1:Zrgo78BgxAz1nUhzXTtjLr6h90wh/C7UR0tvJ5+fr14=
 github.com/sigstore/cosign/v2 v2.4.0 h1:2NdidNgClg+oXr/fDIr37E/BE6j00gqgUhSiBK2kjSQ=
 github.com/sigstore/cosign/v2 v2.4.0/go.mod h1:j+fH1DCUkcn92qp6ezDj4JbGMri6eG1nLJC+hs64rvc=
 github.com/sigstore/fulcio v1.5.1 h1:Iasy1zfNjaq8BV4S8o6pXspLDU28PQC2z07GmOu9zpM=
@@ -800,8 +802,8 @@ github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1F
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
-github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
+github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
 github.com/subosito/gotenv v1.6.0 h1:9NlTDc1FTs4qu0DDq7AEtTPNw6SVm7uBMsUCUjABIf8=
 github.com/subosito/gotenv v1.6.0/go.mod h1:Dk4QP5c2W3ibzajGcXpNraDfq2IrhjMIvMSWPKKo0FU=
 github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 h1:kdXcSzyDtseVEc4yCz2qF8ZrQvIDBJLl4S1c3GCXmoI=
@@ -984,6 +986,7 @@ golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.0.0-20220408201424-a24fb2fb8a0f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220412211240-33da011f77ad/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=

diff --git a/internal/profile/hash.go b/internal/profile/hash.go
@@ -60,6 +60,12 @@ func Hash(p profile.Profile) (string, error) {
 		hasher.Write([]byte("vmware build fix #164"))
 	}
 
+	// 6. Installer tarball missing directory headers
+	// - https://github.com/siderolabs/talos/pull/9772
+	if p.Output.Kind == profile.OutKindInstaller {
+		hasher.Write([]byte("installer tarball fix #9772"))
+	}
+
 	return hex.EncodeToString(hasher.Sum(nil)), nil
 }
 

diff --git a/internal/profile/hash_test.go b/internal/profile/hash_test.go
@@ -233,7 +233,7 @@ func TestHashProfile(t *testing.T) {
 				},
 			},
 
-			expected: "8648a631a8b749834dd6aff57447f67900d6bad7590db0a39e4dc19b32467a72",
+			expected: "d10010ec0b2f3a56b51d1314d067ac3d156034bee3a3eb3d999df68b863941c3",
 		},
 	} {
 		t.Run(test.name, func(t *testing.T) {
-Original file line number
+Diff line change
@@ Expand Up / @@ -233,7 +233,7 @@ func TestHashProfile(t *testing.T) { @@
     				},
     			},
-    			expected: "8648a631a8b749834dd6aff57447f67900d6bad7590db0a39e4dc19b32467a72",
+    			expected: "d10010ec0b2f3a56b51d1314d067ac3d156034bee3a3eb3d999df68b863941c3",
     		},
     	} {
     		t.Run(test.name, func(t *testing.T) {
@@ Expand Down @@