protected void execute() throws ArchiverException, IOException {
if (!checkForced()) {
return;
}
ResourceIterator iter = getResources();
if (!iter.hasNext()) {
throw new ArchiverException("You must set at least one file.");
}
File tarFile = getDestFile();
if (tarFile == null) {
throw new ArchiverException("You must set the destination tar file.");
}
if (tarFile.exists() && !tarFile.isFile()) {
throw new ArchiverException(tarFile + " isn't a file.");
}
if (tarFile.exists() && !tarFile.canWrite()) {
throw new ArchiverException(tarFile + " is read-only.");
}
getLogger().info("Building tar: " + tarFile.getAbsolutePath());
final OutputStream bufferedOutputStream = bufferedOutputStream(new FileOutputStream(tarFile));
tOut = new TarArchiveOutputStream(compress(compression, bufferedOutputStream), "UTF8");
if (longFileMode.isTruncateMode()) {
tOut.setLongFileMode(TarArchiveOutputStream.LONGFILE_TRUNCATE);
} else if (longFileMode.isPosixMode() || longFileMode.isPosixWarnMode()) {
tOut.setLongFileMode(TarArchiveOutputStream.LONGFILE_POSIX);
// Todo: Patch 2.5.1 for this fix. Also make closeable fix on 2.5.1
tOut.setBigNumberMode(TarArchiveOutputStream.BIGNUMBER_POSIX);
} else if (longFileMode.isFailMode() || longFileMode.isOmitMode()) {
tOut.setLongFileMode(TarArchiveOutputStream.LONGFILE_ERROR);
} else {
// warn or GNU
tOut.setLongFileMode(TarArchiveOutputStream.LONGFILE_GNU);
}
longWarningGiven = false;
try {
while (iter.hasNext()) {
ArchiveEntry entry = iter.next();
// Check if we don't add tar file in itself
if (ResourceUtils.isSame(entry.getResource(), tarFile)) {
throw new ArchiverException("A tar file cannot include itself.");
}
String fileName = entry.getName();
String name = StringUtils.replace(fileName, File.separatorChar, '/');
tarFile(entry, tOut, name);
}
} finally {
IOUtil.close(tOut);
}
}
protected void execute() throws ArchiverException, IOException {
if (!checkForced()) {
return;
}
ResourceIterator iter = getResources();
if (!iter.hasNext()) {
throw new ArchiverException("You must set at least one file.");
}
File tarFile = getDestFile();
if (tarFile == null) {
throw new ArchiverException("You must set the destination tar file.");
}
if (tarFile.exists() && !tarFile.isFile()) {
throw new ArchiverException(tarFile + " isn't a file.");
}
if (tarFile.exists() && !tarFile.canWrite()) {
throw new ArchiverException(tarFile + " is read-only.");
}
getLogger().info("Building tar: " + tarFile.getAbsolutePath());
tOut =
new TarOutputStream(
compression.compress(new BufferedOutputStream(new FileOutputStream(tarFile))));
tOut.setDebug(true);
if (longFileMode.isTruncateMode()) {
tOut.setLongFileMode(TarOutputStream.LONGFILE_TRUNCATE);
} else if (longFileMode.isFailMode() || longFileMode.isOmitMode()) {
tOut.setLongFileMode(TarOutputStream.LONGFILE_ERROR);
} else {
// warn or GNU
tOut.setLongFileMode(TarOutputStream.LONGFILE_GNU);
}
longWarningGiven = false;
while (iter.hasNext()) {
ArchiveEntry entry = iter.next();
// Check if we don't add tar file in inself
if (ResourceUtils.isSame(entry.getResource(), tarFile)) {
throw new ArchiverException("A tar file cannot include itself.");
}
String fileName = entry.getName();
String name = StringUtils.replace(fileName, File.separatorChar, '/');
tarFile(entry, tOut, name);
}
}
@Override
public TarArchiver customize(TarArchiver archiver) throws IOException {
log.warn("/--------------------- SECURITY WARNING ---------------------\\");
log.warn("|You are building a Docker image with normalized permissions.|");
log.warn("|All files and directories added to build context will have |");
log.warn("|'-rwxr-xr-x' permissions. It is recommended to double check |");
log.warn("|and reset permissions for sensitive files and directories. |");
log.warn("\\------------------------------------------------------------/");
if (innerCustomizer != null) {
archiver = innerCustomizer.customize(archiver);
}
TarArchiver newArchiver = new TarArchiver();
newArchiver.setDestFile(archiver.getDestFile());
newArchiver.setLongfile(TarLongFileMode.posix);
ResourceIterator resources = archiver.getResources();
while (resources.hasNext()) {
ArchiveEntry ae = resources.next();
String fileName = ae.getName();
PlexusIoResource resource = ae.getResource();
String name = StringUtils.replace(fileName, File.separatorChar, '/');
// See docker source:
// https://github.com/docker/docker/blob/3d13fddd2bc4d679f0eaa68b0be877e5a816ad53/pkg/archive/archive_windows.go#L45
int mode = ae.getMode() & 0777;
int newMode = mode;
newMode &= 0755;
newMode |= 0111;
if (newMode != mode) {
log.debug("Changing permissions of '%s' from %o to %o.", name, mode, newMode);
}
newArchiver.addResource(resource, name, newMode);
}
archiver = newArchiver;
return archiver;
}
