Remote build: nTar secrets with relative paths and ignore bypass

Honny1 · Honny1 · commit c7b127520da0 · 2026-03-24T11:02:42.000+01:00
When `podman-remote` tars the context, extra `podman-build-secret*` paths were either dropped by `.dockerignore` (#25314) or archived as absolute paths so `COPY . .` pulled host-shaped trees into the image (#28334). Use relative names under the primary context for extra sources and do not apply `.dockerignore` to those forced entries. Fixes: #25314 Fixes: #28334 Signed-off-by: Jan Rodák <hony.com@seznam.cz>
diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go
@@ -1095,6 +1095,10 @@ func build(ctx context.Context, containerFiles []string, options types.BuildOpti
 	return processBuildResponse(response, stdout, saveFormat)
 }
 
+// nTar builds a gzip-compressed tar of sources and returns it as a ReadCloser.
+// sources[0] is the build context directory (walked recursively). Remaining entries
+// are extra regular files (e.g. secrets) that are always archived; exclude patterns
+// apply only to the first source.
 func nTar(excludes []string, sources ...string) (io.ReadCloser, error) {
 	pm, err := fileutils.NewPatternMatcher(excludes)
 	if err != nil {
@@ -1115,13 +1119,17 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) {
 		defer gw.Close()
 		defer tw.Close()
 		seen := make(map[devino]string)
+		firstSourceAbs := ""
 		for i, src := range sources {
 			source, err := filepath.Abs(src)
 			if err != nil {
 				logrus.Errorf("Cannot stat one of source context: %v", err)
 				merr = multierror.Append(merr, err)
 				return
 			}
+			if i == 0 {
+				firstSourceAbs = source
+			}
 			err = filepath.WalkDir(source, func(path string, dentry fs.DirEntry, err error) error {
 				if err != nil {
 					return err
@@ -1149,17 +1157,24 @@ func nTar(excludes []string, sources ...string) (io.ReadCloser, error) {
 					}
 				}
 				var name string
+				skipExclude := false
 				if i == 0 {
 					name = filepath.ToSlash(strings.TrimPrefix(path, source+separator))
 				} else {
 					if !dentry.Type().IsRegular() {
 						return fmt.Errorf("path %s must be a regular file", path)
 					}
-					name = filepath.ToSlash(path)
+					fsSep := string(filepath.Separator)
+					if strings.HasPrefix(path, firstSourceAbs+fsSep) {
+						name = filepath.ToSlash(strings.TrimPrefix(path, firstSourceAbs+fsSep))
+					} else {
+						name = filepath.ToSlash(path)
+					}
+					skipExclude = true
 				}
 				// If name is absolute path, then it has to be containerfile outside of build context.
 				// If not, we should check it for being excluded via pattern matcher.
-				if !filepath.IsAbs(name) {
+				if !filepath.IsAbs(name) && !skipExclude {
 					excluded, err := pm.Matches(name) //nolint:staticcheck
 					if err != nil {
 						return fmt.Errorf("checking if %q is excluded: %w", name, err)
diff --git a/test/e2e/build/remote-secret-copy/Dockerfile b/test/e2e/build/remote-secret-copy/Dockerfile
@@ -0,0 +1,5 @@
+FROM alpine
+COPY . .
+RUN test -e hello
+RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret
+RUN sh -c 'test -z "$(find / -name '\''podman-build-secret*'\'' 2>/dev/null | head -n1)"'
diff --git a/test/e2e/build/remote-secret-copy/hello b/test/e2e/build/remote-secret-copy/hello
@@ -0,0 +1 @@
+hi
diff --git a/test/e2e/build/remote-secret-dockerignore-star/.dockerignore b/test/e2e/build/remote-secret-dockerignore-star/.dockerignore
@@ -0,0 +1 @@
+*
diff --git a/test/e2e/build/remote-secret-dockerignore-star/Dockerfile b/test/e2e/build/remote-secret-dockerignore-star/Dockerfile
@@ -0,0 +1,5 @@
+FROM alpine
+COPY . .
+RUN test ! -e ignored-by-dockerignore.txt
+RUN --mount=type=secret,id=MY_SECRET cat /run/secrets/MY_SECRET
+RUN sh -c 'test -z "$(find / -name '\''podman-build-secret*'\'' 2>/dev/null | head -n1)"'
diff --git a/test/e2e/build/remote-secret-dockerignore-star/host-secret.txt b/test/e2e/build/remote-secret-dockerignore-star/host-secret.txt
@@ -0,0 +1 @@
+Super Secret
diff --git a/test/e2e/build/remote-secret-dockerignore-star/ignored-by-dockerignore.txt b/test/e2e/build/remote-secret-dockerignore-star/ignored-by-dockerignore.txt
@@ -0,0 +1 @@
+this file must not appear in the image
diff --git a/test/e2e/build_test.go b/test/e2e/build_test.go
@@ -136,6 +136,22 @@ var _ = Describe("Podman build", func() {
 		Expect(session).Should(ExitCleanly())
 	})
 
+	It("podman remote build file secret with dockerignore that ignores all files", func() {
+		// Test for: https://github.com/containers/podman/issues/25314
+		session := podmanTest.PodmanExitCleanly("build", "-f", "build/remote-secret-dockerignore-star/Dockerfile", "--secret", "id=MY_SECRET,type=file,src=build/remote-secret-dockerignore-star/host-secret.txt", "build/remote-secret-dockerignore-star")
+		Expect(session.OutputToString()).To(ContainSubstring("Super Secret"))
+	})
+
+	It("podman remote build env secret with COPY does not leak podman-build-secret temp files", func() {
+		// Test for: https://github.com/containers/podman/issues/28334
+		secret := "somesecretvalue"
+		os.Setenv("MYSECRET", secret)
+		defer os.Unsetenv("MYSECRET")
+
+		session := podmanTest.PodmanExitCleanly("build", "-f", "build/remote-secret-copy/Dockerfile", "--secret", "id=mysecret,env=MYSECRET", "build/remote-secret-copy")
+		Expect(session.OutputToString()).To(ContainSubstring(secret))
+	})
+
 	It("podman build with not found Containerfile or Dockerfile", func() {
 		targetPath := filepath.Join(podmanTest.TempDir, "notfound")
 		err = os.Mkdir(targetPath, 0o755)
