fix: Non Zero Exit code for no upgradable packages causes build fail (#1274)

Signed-off-by: amanycodes <amanycodes@gmail.com>
Signed-off-by: Aman <95525722+amanycodes@users.noreply.github.com>
Co-authored-by: Robbie Cronin <robert.owen.cronin@gmail.com>
Co-authored-by: Ashna Mehrotra <ashnamehrotra@gmail.com>

Author: 3 people

main.go

@@ -1,11 +1,13 @@
 package main
 
 import (
+	"errors"
 	"os"
 	"strings"
 
 	"github.com/project-copacetic/copacetic/pkg/generate"
 	"github.com/project-copacetic/copacetic/pkg/patch"
+	"github.com/project-copacetic/copacetic/pkg/types"
 	log "github.com/sirupsen/logrus"
 	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
@@ -51,7 +53,12 @@ func initConfig() {
 func main() {
 	cobra.OnInitialize(initConfig)
 	rootCmd := newRootCmd()
+
 	if err := rootCmd.Execute(); err != nil {
+		if errors.Is(err, types.ErrNoUpdatesFound) {
+			log.Info("Image is already up-to-date. No patch was applied.")
+			os.Exit(0)
+		}
 		os.Exit(1)
 	}
 }

pkg/patch/multi.go

@@ -2,19 +2,20 @@ package patch
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"runtime"
 	"strings"
 	"sync"
 	"text/tabwriter"
 
 	"github.com/distribution/reference"
+	"github.com/project-copacetic/copacetic/pkg/common"
+	"github.com/project-copacetic/copacetic/pkg/types"
 	log "github.com/sirupsen/logrus"
 	"golang.org/x/sync/errgroup"
 
 	"github.com/project-copacetic/copacetic/pkg/buildkit"
-	"github.com/project-copacetic/copacetic/pkg/common"
-	"github.com/project-copacetic/copacetic/pkg/types"
 )
 
 // patchMultiPlatformImage patches a multi-platform image across all discovered platforms.
@@ -207,16 +208,32 @@ func patchMultiPlatformImage(
 			mu.Lock()
 			defer mu.Unlock()
 			if err != nil {
+				if errors.Is(err, types.ErrNoUpdatesFound) {
+					patchResults = append(patchResults, *res)
+					summaryMap[platformKey] = &types.MultiPlatformSummary{
+						Platform: platformKey,
+						Status:   "Up-to-date",
+						Ref:      res.OriginalRef.String() + " (original)",
+						Message:  "Image is already up-to-date",
+					}
+					return nil
+				}
+
+				status := "Error"
+				if ignoreError {
+					status = "Ignored"
+				}
 				summaryMap[platformKey] = &types.MultiPlatformSummary{
 					Platform: platformKey,
-					Status:   "Error",
+					Status:   status,
 					Ref:      "",
 					Message:  err.Error(),
 				}
 				hasErrors = true
 				// Continue processing other platforms
 				return nil
-			} else if res == nil {
+			}
+			if res == nil {
 				summaryMap[platformKey] = &types.MultiPlatformSummary{
 					Platform: platformKey,
 					Status:   "Error",
@@ -338,6 +355,16 @@ func patchMultiPlatformImage(
 	w.Flush()
 	log.Info("\nMulti-arch patch summary:\n" + b.String())
 
+	anyPatchesApplied := false
+	for _, summary := range summaryMap {
+		if summary.Status == "Patched" {
+			anyPatchesApplied = true
+			break
+		}
+	}
+	if !anyPatchesApplied && len(summaryMap) > 0 {
+		return types.ErrNoUpdatesFound
+	}
 	// Create OCI layout if requested and not pushing to registry
 	if opts.OCIDir != "" && !opts.Push {
 		if err := buildkit.CreateOCILayoutFromResults(opts.OCIDir, patchResults, platforms); err != nil {

pkg/patch/single.go

@@ -2,6 +2,7 @@ package patch
 
 import (
 	"context"
+	"errors"
 	"fmt"
 	"io"
 	"maps"
@@ -224,6 +225,10 @@ func patchSingleArchImage(
 
 	// Wait for completion
 	if err := eg.Wait(); err != nil {
+		if errors.Is(err, types.ErrNoUpdatesFound) {
+			res, _ := createOriginalImageResult(imageName, &targetPlatform, image)
+			return res, types.ErrNoUpdatesFound
+		}
 		return nil, err
 	}
 
@@ -578,3 +583,16 @@ func parsePkgTypes(pkgTypesStr string) ([]string, error) {
 
 	return validTypes, nil
 }
+
+func createOriginalImageResult(imageName reference.Named, targetPlatform *types.PatchPlatform, originalImageRef string) (*types.PatchResult, error) {
+	originalDesc, err := getPlatformDescriptorFromManifest(originalImageRef, targetPlatform)
+	if err != nil {
+		log.Warnf("Could not get original descriptor for up-to-date platform %s/%s: %v", targetPlatform.OS, targetPlatform.Architecture, err)
+	}
+
+	return &types.PatchResult{
+		OriginalRef: imageName,
+		PatchedRef:  imageName,
+		PatchedDesc: originalDesc,
+	}, nil
+}

pkg/pkgmgr/apk.go

@@ -12,6 +12,7 @@ import (
 	apkVer "github.com/knqyf263/go-apk-version"
 	"github.com/moby/buildkit/client/llb"
 	"github.com/project-copacetic/copacetic/pkg/buildkit"
+	"github.com/project-copacetic/copacetic/pkg/types"
 	"github.com/project-copacetic/copacetic/pkg/types/unversioned"
 	"github.com/project-copacetic/copacetic/pkg/utils"
 	log "github.com/sirupsen/logrus"
@@ -168,9 +169,15 @@ func (am *apkManager) upgradePackages(ctx context.Context, updates unversioned.U
 
 	// If updating all packages, check for upgrades before proceeding with patch
 	if updates == nil {
-		checkUpgradable := `sh -c "apk list 2>/dev/null | grep -q "upgradable" || exit 1"`
-		apkUpdated = apkUpdated.Run(llb.Shlex(checkUpgradable),
-			llb.WithCustomName("Checking for available updates")).Root()
+		const updatesAvailableMarker = "/updates.txt"
+		checkUpgradable := fmt.Sprintf(`sh -c 'if apk list 2>/dev/null | grep -q "upgradable"; then touch %s; fi'`, updatesAvailableMarker)
+		stateWithCheck := apkUpdated.Run(llb.Shlex(checkUpgradable)).Root()
+
+		_, err := buildkit.ExtractFileFromState(ctx, am.config.Client, &stateWithCheck, updatesAvailableMarker)
+		if err != nil {
+			log.Info("No upgradable packages found for this image.")
+			return nil, nil, types.ErrNoUpdatesFound
+		}
 	}
 
 	var apkInstalled llb.State

pkg/pkgmgr/dpkg.go

@@ -17,6 +17,7 @@ import (
 	"github.com/moby/buildkit/client/llb"
 	ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/project-copacetic/copacetic/pkg/buildkit"
+	"github.com/project-copacetic/copacetic/pkg/types"
 	"github.com/project-copacetic/copacetic/pkg/types/unversioned"
 	"github.com/project-copacetic/copacetic/pkg/utils"
 	log "github.com/sirupsen/logrus"
@@ -345,9 +346,18 @@ func (dm *dpkgManager) installUpdates(ctx context.Context, updates unversioned.U
 		llb.WithCustomName("Updating package database"),
 	).Root()
 
-	checkUpgradable := `sh -c "apt-get -s upgrade 2>/dev/null | grep -q "^Inst" || exit 1"`
-	aptGetUpdated = aptGetUpdated.Run(llb.Shlex(checkUpgradable),
-		llb.WithCustomName("Checking for available updates")).Root()
+	// Only check for upgradable packages when updating all (no specific updates list).
+	if updates == nil {
+		const updatesAvailableMarker = "/updates.txt"
+		checkUpgradable := fmt.Sprintf(`sh -c 'if apt-get -s upgrade 2>/dev/null | grep -q "^Inst"; then touch %s; fi'`, updatesAvailableMarker)
+		aptGetUpdated = aptGetUpdated.Run(llb.Shlex(checkUpgradable)).Root()
+
+		_, err := buildkit.ExtractFileFromState(ctx, dm.config.Client, &aptGetUpdated, updatesAvailableMarker)
+		if err != nil {
+			log.Info("No upgradable packages found for this image.")
+			return nil, nil, types.ErrNoUpdatesFound
+		}
+	}
 
 	// detect held packages and log them
 	checkHeldCmd := `sh -c "apt-mark showhold | tee /held.txt"`
@@ -464,29 +474,31 @@ func (dm *dpkgManager) unpackAndMergeUpdates(ctx context.Context, updates unvers
 			llb.AddEnv("PACKAGES_PRESENT", string(jsonPackageData)),
 			llb.Args([]string{
 				`bash`, `-c`, `
-							json_str=$PACKAGES_PRESENT
-							update_packages=""
-
-							while IFS=':' read -r package version; do
-								pkg_name=$(echo "$package" | sed 's/^"\(.*\)"$/\1/')
-								pkg_version=$(echo "$version" | sed 's/^"\(.*\)"$/\1/')
-								latest_version=$(apt show $pkg_name 2>/dev/null | awk -F ': ' '/Version:/{print $2}')
-
-								if [ "$latest_version" != "$pkg_version" ]; then
-									update_packages="$update_packages $pkg_name"
-								fi
-							done <<< "$(echo "$json_str" | tr -d '{}\n' | tr ',' '\n')"
-
-							if [ -z "$update_packages" ]; then
-								echo "No packages to update"
-								exit 1
-							fi
-
-							mkdir /var/cache/apt/archives
-							cd /var/cache/apt/archives
-							echo "$update_packages" > packages.txt
-					`,
+                            json_str=$PACKAGES_PRESENT
+                            update_packages=""
+
+                            while IFS=':' read -r package version; do
+                                pkg_name=$(echo "$package" | sed 's/^"\(.*\)"$/\1/')
+                                pkg_version=$(echo "$version" | sed 's/^"\(.*\)"$/\1/')
+                                latest_version=$(apt show $pkg_name 2>/dev/null | awk -F ': ' '/Version:/{print $2}')
+
+                                if [ "$latest_version" != "$pkg_version" ]; then
+                                    update_packages="$update_packages $pkg_name"
+                                fi
+                            done <<< "$(echo "$json_str" | tr -d '{}\n' | tr ',' '\n')"
+
+                            if [ -n "$update_packages" ]; then
+                                mkdir -p /var/cache/apt/archives
+                                cd /var/cache/apt/archives
+                                echo "$update_packages" > packages.txt
+                                touch /updates.txt
+                            fi
+                    `,
 			})).Root()
+		if _, err := buildkit.ExtractFileFromState(ctx, dm.config.Client, &updated, "/updates.txt"); err != nil {
+			log.Info("No upgradable packages found for this image (distroless path).")
+			return nil, nil, types.ErrNoUpdatesFound
+		}
 	}
 
 	// Replace status file in tooling image with new status file with relevant pacakges from image to be patched.

pkg/pkgmgr/rpm.go

@@ -17,6 +17,7 @@ import (
 	"github.com/moby/buildkit/client/llb"
 	ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/project-copacetic/copacetic/pkg/buildkit"
+	"github.com/project-copacetic/copacetic/pkg/types"
 	"github.com/project-copacetic/copacetic/pkg/types/unversioned"
 	"github.com/project-copacetic/copacetic/pkg/utils"
 	log "github.com/sirupsen/logrus"
@@ -489,25 +490,31 @@ func (rm *rpmManager) installUpdates(ctx context.Context, updates unversioned.Up
 		if dnfTooling == "" {
 			dnfTooling = rm.rpmTools["dnf"]
 		}
-		checkUpdateTemplate := `sh -c '%[1]s clean all && %[1]s makecache --refresh -y; if [ "$(%[1]s -q check-update | wc -l)" -ne 0 ]; then echo >> /updates.txt; fi'`
-		if !rm.checkForUpgrades(ctx, dnfTooling, checkUpdateTemplate) {
-			return nil, nil, fmt.Errorf("no patchable packages found")
+		if updates == nil {
+			checkUpdateTemplate := `sh -c '%[1]s clean all && %[1]s makecache --refresh -y; if [ "$(%[1]s -q check-update | wc -l)" -ne 0 ]; then echo >> /updates.txt; fi'`
+			if !rm.checkForUpgrades(ctx, dnfTooling, checkUpdateTemplate) {
+				return nil, nil, types.ErrNoUpdatesFound
+			}
 		}
 
 		const dnfInstallTemplate = `sh -c '%[1]s upgrade --refresh %[2]s -y && %[1]s clean all'`
 		installCmd = fmt.Sprintf(dnfInstallTemplate, dnfTooling, pkgs)
 	case rm.rpmTools["yum"] != "":
-		checkUpdateTemplate := `sh -c '%[1]s clean all && %[1]s makecache fast; if [ "$(%[1]s -q check-update | wc -l)" -ne 0 ]; then echo >> /updates.txt; fi'`
-		if !rm.checkForUpgrades(ctx, rm.rpmTools["yum"], checkUpdateTemplate) {
-			return nil, nil, fmt.Errorf("no patchable packages found")
+		if updates == nil {
+			checkUpdateTemplate := `sh -c '%[1]s clean all && %[1]s makecache fast; if [ "$(%[1]s -q check-update | wc -l)" -ne 0 ]; then echo >> /updates.txt; fi'`
+			if !rm.checkForUpgrades(ctx, rm.rpmTools["yum"], checkUpdateTemplate) {
+				return nil, nil, types.ErrNoUpdatesFound
+			}
 		}
 
 		const yumInstallTemplate = `sh -c '%[1]s upgrade %[2]s -y && %[1]s clean all'`
 		installCmd = fmt.Sprintf(yumInstallTemplate, rm.rpmTools["yum"], pkgs)
 	case rm.rpmTools["microdnf"] != "":
-		checkUpdateTemplate := `sh -c "%[1]s install dnf -y; dnf clean all && dnf makecache --refresh -y;  dnf check-update -y; if [ $? -ne 0 ]; then echo >> /updates.txt; fi;"`
-		if !rm.checkForUpgrades(ctx, rm.rpmTools["microdnf"], checkUpdateTemplate) {
-			return nil, nil, fmt.Errorf("no patchable packages found")
+		if updates == nil {
+			checkUpdateTemplate := `sh -c "%[1]s install dnf -y; dnf clean all && dnf makecache --refresh -y;  dnf check-update -y; if [ $? -ne 0 ]; then echo >> /updates.txt; fi;"`
+			if !rm.checkForUpgrades(ctx, rm.rpmTools["microdnf"], checkUpdateTemplate) {
+				return nil, nil, types.ErrNoUpdatesFound
+			}
 		}
 
 		const microdnfInstallTemplate = `sh -c '%[1]s update %[2]s -y && %[1]s clean all'`
@@ -619,28 +626,30 @@ func (rm *rpmManager) unpackAndMergeUpdates(ctx context.Context, updates unversi
 			llb.AddEnv("PACKAGES_PRESENT", string(jsonPackageData)),
 			llb.Args([]string{
 				`bash`, `-c`, `
-								json_str=$PACKAGES_PRESENT
-								update_packages=""
-
-								while IFS=':' read -r package version; do
-									pkg_name=$(echo "$package" | sed 's/^"\(.*\)"$/\1/')
+                                json_str=$PACKAGES_PRESENT
+                                update_packages=""
 
-									pkg_version=$(echo "$version" | sed 's/^"\(.*\)"$/\1/')
-									latest_version=$(yum list available $pkg_name 2>/dev/null | grep $pkg_name | tail -n 1 | tr -s ' ' | cut -d ' ' -f 2)
+                                while IFS=':' read -r package version; do
+                                    pkg_name=$(echo "$package" | sed 's/^"\(.*\)"$/\1/')
 
-									if [ "$latest_version" != "$pkg_version" ]; then
-										update_packages="$update_packages $pkg_name"
-									fi
-								done <<< "$(echo "$json_str" | tr -d '{}\n' | tr ',' '\n')"
+                                    pkg_version=$(echo "$version" | sed 's/^"\(.*\)"$/\1/')
+                                    latest_version=$(yum list available $pkg_name 2>/dev/null | grep $pkg_name | tail -n 1 | tr -s ' ' | cut -d ' ' -f 2)
 
-								if [ -z "$update_packages" ]; then
-									echo "No packages to update"
-									exit 1
-								fi
+                                    if [ "$latest_version" != "$pkg_version" ]; then
+                                        update_packages="$update_packages $pkg_name"
+                                    fi
+                                done <<< "$(echo "$json_str" | tr -d '{}\n' | tr ',' '\n')"
 
-								echo "$update_packages" > packages.txt
-						`,
+                                if [ -n "$update_packages" ]; then
+                                    echo "$update_packages" > packages.txt
+                                    touch /updates.txt
+                                fi
+                        `,
 			})).Root()
+		if _, err := buildkit.ExtractFileFromState(ctx, rm.config.Client, &busyboxCopied, "/updates.txt"); err != nil {
+			log.Info("No upgradable packages found for this image (RPM distroless path).")
+			return nil, nil, types.ErrNoUpdatesFound
+		}
 	}
 
 	// Create a new state for tooling image with all the packages from the image we are trying to patch

pkg/types/errors.go

@@ -0,0 +1,6 @@
+package types
+
+import "errors"
+
+// ErrNoUpdatesFound indicates that no package updates are available for the image.
+var ErrNoUpdatesFound = errors.New("no package updates found for image")