.dockerignore chokes on comments with open parenthesis

[vorburger]

Description

https://issues.apache.org/jira/browse/FINERACT-1195 records a podman build . of https://github.com/apache/fineract/ which following a Podman update was suddenly broken:

error during bulk transfer for copier.request{Request:"GET", Root:"/", preservedRoot:"/home/vorburger/dev/Mifos/fineract", rootPrefix:"/home/vorburger/dev/Mifos/fineract", Directory:"/", preservedDirectory:"/home/vorburger/dev/Mifos/fineract", Globs:[]string{"/"}, preservedGlobs:[]string{"/home/vorburger/dev/Mifos/fineract"}, StatOptions:copier.StatOptions{CheckForArchives:false, Excludes:[]string(nil)}, GetOptions:copier.GetOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), Excludes:[]string{"# Licensed to the Apache Software Foundation (ASF) under one", "# or more contributor license agreements. See the NOTICE file", "# distributed with this work for additional information", "# regarding copyright ownership. The ASF licenses this file", "# to you under the Apache License, Version 2.0 (the", "# \"License\"); you may not use this file except in compliance", "# with the License. You may obtain a copy of the License at", "#", "# http://www.apache.org/licenses/LICENSE-2.0", "#", "# Unless required by applicable law or agreed to in writing,", "# software distributed under the License is distributed on an", "# \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY", "# KIND, either express or implied. See the License for the", "# specific language governing permissions and limitations", "# under the License.", "#", "build/*", ".gradle/*", "", "*.jar", "*.war", "", "# Incremental \"docker build\" is faster if we can modify the Dockerfile", "# without \"COPY .\" re-transferring everything into the builder container.", "Dockerfile", ""}, ExpandArchives:false, StripSetuidBit:true, StripSetgidBit:true, StripStickyBit:false, StripXattrs:false, KeepDirectoryNames:false}, PutOptions:copier.PutOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), ChownDirs:(*idtools.IDPair)(nil), ChmodDirs:(*os.FileMode)(nil), ChownFiles:(*idtools.IDPair)(nil), ChmodFiles:(*os.FileMode)(nil), StripXattrs:false, IgnoreXattrErrors:false}, MkdirOptions:copier.MkdirOptions{UIDMap:[]idtools.IDMap(nil), GIDMap:[]idtools.IDMap(nil), ChownNew:(*idtools.IDPair)(nil), ChmodNew:(*os.FileMode)(nil)}}: copier: get: "/"("/"): copier: error checking if ".dockerignore" is excluded: syntax error in pattern

At first I suspected that you are simply not handling # comment lines in .dockerignore, but of course you do... the problem is more subtle than that, and took some trial and error to narrow down - one very particular line from a ASF ASL header made it fail:

to you under the Apache License, Version 2.0 (the

So it seems like you are (something is) somehow "processing" comments in .dockerignore files? It clearly chokes e.g. for open but not closed parenthesis in a single line. Perhaps other such effects, this is only what I bumped into. https://docs.docker.com/engine/reference/builder/#dockerignore-file says to simply, quote: If a line in .dockerignore file starts with # in column 1, then this line is considered as a comment and is ignored before interpreted by the CLI. as on

Steps to reproduce the issue:

1. cd into any directory with any Dockerfile that uses ADD (e.g. simple FROM fedora:latest \n ADD Dockerfile .)
2. echo "# (" >>.dockerignore
3. podman build --no-cache .

Describe the results you received:

Error: error building at STEP "ADD Dockerfile .": error adding sources [/tmp/test-dockerignore/Dockerfile]: error checking if "/tmp/test-dockerignore/Dockerfile"("Dockerfile") is excluded: syntax error in pattern

Describe the results you expected:

Working podman build.

Output of podman version if reporting a podman build issue:

$ rpm -q podman
podman-2.1.1-7.fc32.x86_64

$ podman version
Version:      2.1.1
API Version:  2.0.0
Go Version:   go1.14.9
Built:        Wed Sep 30 21:31:11 2020
OS/Arch:      linux/amd64

@rhatdan

[TomSweeneyRedHat]

@nalind another .dockerignore issue. Maybe related to : https://github.com/containers/buildah/pull/2681?

[nalind]

It appears not. We're using imagebuilder.ParseDockerignore() to load the file's contents, but while we assume that it's stripping out commented lines for us, it isn't. A quick spot-check suggests that imagebuilder has the same problem. Self-assigning.