github.com/buildpacks/pack@v0.33.3-0.20240516162812-884dd1837311/pkg/client/process_volumes.go

github.com/buildpacks/pack@v0.33.3-0.20240516162812-884dd1837311/pkg/client/process_volumes.go (about)

     1  //go:build linux || windows
     2  
     3  package client
     4  
     5  import (
     6  	"fmt"
     7  	"runtime"
     8  	"strings"
     9  
    10  	"github.com/docker/docker/volume/mounts"
    11  	"github.com/pkg/errors"
    12  
    13  	"github.com/buildpacks/pack/internal/style"
    14  )
    15  
    16  func processVolumes(imgOS string, volumes []string) (processed []string, warnings []string, err error) {
    17  	var parser mounts.Parser
    18  	switch "windows" {
    19  	case imgOS:
    20  		parser = mounts.NewWindowsParser()
    21  	case runtime.GOOS:
    22  		parser = mounts.NewLCOWParser()
    23  	default:
    24  		parser = mounts.NewLinuxParser()
    25  	}
    26  	for _, v := range volumes {
    27  		volume, err := parser.ParseMountRaw(v, "")
    28  		if err != nil {
    29  			return nil, nil, errors.Wrapf(err, "platform volume %q has invalid format", v)
    30  		}
    31  
    32  		sensitiveDirs := []string{"/cnb", "/layers"}
    33  		if imgOS == "windows" {
    34  			sensitiveDirs = []string{`c:/cnb`, `c:\cnb`, `c:/layers`, `c:\layers`}
    35  		}
    36  		for _, p := range sensitiveDirs {
    37  			if strings.HasPrefix(strings.ToLower(volume.Spec.Target), p) {
    38  				warnings = append(warnings, fmt.Sprintf("Mounting to a sensitive directory %s", style.Symbol(volume.Spec.Target)))
    39  			}
    40  		}
    41  
    42  		processed = append(processed, fmt.Sprintf("%s:%s:%s", volume.Spec.Source, volume.Spec.Target, processMode(volume.Mode)))
    43  	}
    44  	return processed, warnings, nil
    45  }
    46  
    47  func processMode(mode string) string {
    48  	if mode == "" {
    49  		return "ro"
    50  	}
    51  
    52  	return mode
    53  }