Ignore symlinks during file extraction if link is whitelisted

integration_tests/dockerfiles/Dockerfile_test_copy

@@ -1,4 +1,4 @@
-FROM gcr.io/distroless/base
+FROM alpine:3.7
 COPY context/foo foo
 COPY context/foo /foodir/
 COPY context/bar/b* bar/

pkg/util/fs_util.go

@@ -94,6 +94,12 @@ func GetFSFromImage(img v1.Image) error {
 				logrus.Infof("Not adding %s because it is whitelisted", path)
 				continue
 			}
+			if hdr.Typeflag == tar.TypeSymlink {
+				if checkWhitelist(hdr.Linkname, whitelist) {
+					logrus.Debugf("skipping symlink from %s to %s because %s is whitelisted", hdr.Linkname, path, hdr.Linkname)
+					continue
+				}
+			}
 			fs[path] = struct{}{}
 
 			if err := extractFile("/", hdr, tr); err != nil {