mirror of https://github.com/docker/cli.git
vendor: update buildkit to 10cef0c and fsutil 7f9f923
Signed-off-by: Tibor Vass <tibor@docker.com>
This commit is contained in:
parent
83751b9781
commit
0df5d6427e
|
@ -156,7 +156,8 @@ func runBuildBuildKit(dockerCli command.Cli, options buildOptions) error {
|
||||||
}
|
}
|
||||||
w = f
|
w = f
|
||||||
}
|
}
|
||||||
s.Allow(filesync.NewFSSyncTarget(w))
|
output := func(map[string]string) (io.WriteCloser, error) { return w, nil }
|
||||||
|
s.Allow(filesync.NewFSSyncTarget(output))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -53,7 +53,7 @@ github.com/Microsoft/go-winio 84b4ab48a50763fe7b3abcef38e5
|
||||||
github.com/Microsoft/hcsshim 672e52e9209d1e53718c1b6a7d68cc9272654ab5
|
github.com/Microsoft/hcsshim 672e52e9209d1e53718c1b6a7d68cc9272654ab5
|
||||||
github.com/miekg/pkcs11 cb39313ec884f2cd77f4762875fe96aecf68f8e3 # v1.0.2
|
github.com/miekg/pkcs11 cb39313ec884f2cd77f4762875fe96aecf68f8e3 # v1.0.2
|
||||||
github.com/mitchellh/mapstructure f15292f7a699fcc1a38a80977f80a046874ba8ac
|
github.com/mitchellh/mapstructure f15292f7a699fcc1a38a80977f80a046874ba8ac
|
||||||
github.com/moby/buildkit f238f1efb04f00bf0cc147141fda9ddb55c8bc49
|
github.com/moby/buildkit 10cef0c6e178bcaca1ad02b041a96b1091f52071
|
||||||
github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3
|
github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3
|
||||||
github.com/modern-go/reflect2 4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd # 1.0.1
|
github.com/modern-go/reflect2 4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd # 1.0.1
|
||||||
github.com/morikuni/aec 39771216ff4c63d11f5e604076f9c45e8be1067b
|
github.com/morikuni/aec 39771216ff4c63d11f5e604076f9c45e8be1067b
|
||||||
|
@ -74,7 +74,7 @@ github.com/spf13/cobra ef82de70bb3f60c65fb8eebacbb2
|
||||||
github.com/spf13/pflag 4cb166e4f25ac4e8016a3595bbf7ea2e9aa85a2c https://github.com/thaJeztah/pflag.git # temporary fork with https://github.com/spf13/pflag/pull/170 applied, which isn't merged yet upstream
|
github.com/spf13/pflag 4cb166e4f25ac4e8016a3595bbf7ea2e9aa85a2c https://github.com/thaJeztah/pflag.git # temporary fork with https://github.com/spf13/pflag/pull/170 applied, which isn't merged yet upstream
|
||||||
github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2
|
github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2
|
||||||
github.com/theupdateframework/notary d6e1431feb32348e0650bf7551ac5cffd01d857b # v0.6.1
|
github.com/theupdateframework/notary d6e1431feb32348e0650bf7551ac5cffd01d857b # v0.6.1
|
||||||
github.com/tonistiigi/fsutil 3bbb99cdbd76619ab717299830c60f6f2a533a6b
|
github.com/tonistiigi/fsutil 7f9f9232dd24c4c9c68ab3c8030c4edcaeac1c32
|
||||||
github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2
|
github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2
|
||||||
github.com/xeipuuv/gojsonpointer 4e3ac2762d5f479393488629ee9370b50873b3a6
|
github.com/xeipuuv/gojsonpointer 4e3ac2762d5f479393488629ee9370b50873b3a6
|
||||||
github.com/xeipuuv/gojsonreference bd5ef7bd5415a7ac448318e64f11a24cd21e594b
|
github.com/xeipuuv/gojsonreference bd5ef7bd5415a7ac448318e64f11a24cd21e594b
|
||||||
|
|
|
@ -1,16 +1,15 @@
|
||||||
[![asciicinema example](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU.png)](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU)
|
[![asciicinema example](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU.png)](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU)
|
||||||
|
|
||||||
|
|
||||||
## BuildKit
|
## BuildKit
|
||||||
|
|
||||||
[![GoDoc](https://godoc.org/github.com/moby/buildkit?status.svg)](https://godoc.org/github.com/moby/buildkit/client/llb)
|
[![GoDoc](https://godoc.org/github.com/moby/buildkit?status.svg)](https://godoc.org/github.com/moby/buildkit/client/llb)
|
||||||
[![Build Status](https://travis-ci.org/moby/buildkit.svg?branch=master)](https://travis-ci.org/moby/buildkit)
|
[![Build Status](https://travis-ci.org/moby/buildkit.svg?branch=master)](https://travis-ci.org/moby/buildkit)
|
||||||
[![Go Report Card](https://goreportcard.com/badge/github.com/moby/buildkit)](https://goreportcard.com/report/github.com/moby/buildkit)
|
[![Go Report Card](https://goreportcard.com/badge/github.com/moby/buildkit)](https://goreportcard.com/report/github.com/moby/buildkit)
|
||||||
|
|
||||||
|
|
||||||
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner.
|
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner.
|
||||||
|
|
||||||
Key features:
|
Key features:
|
||||||
|
|
||||||
- Automatic garbage collection
|
- Automatic garbage collection
|
||||||
- Extendable frontend formats
|
- Extendable frontend formats
|
||||||
- Concurrent dependency resolution
|
- Concurrent dependency resolution
|
||||||
|
@ -22,7 +21,6 @@ Key features:
|
||||||
- Pluggable architecture
|
- Pluggable architecture
|
||||||
- Execution without root privileges
|
- Execution without root privileges
|
||||||
|
|
||||||
|
|
||||||
Read the proposal from https://github.com/moby/moby/issues/32925
|
Read the proposal from https://github.com/moby/moby/issues/32925
|
||||||
|
|
||||||
Introductory blog post https://blog.mobyproject.org/introducing-buildkit-17e056cc5317
|
Introductory blog post https://blog.mobyproject.org/introducing-buildkit-17e056cc5317
|
||||||
|
@ -38,16 +36,17 @@ BuildKit is used by the following projects:
|
||||||
- [OpenFaaS Cloud](https://github.com/openfaas/openfaas-cloud)
|
- [OpenFaaS Cloud](https://github.com/openfaas/openfaas-cloud)
|
||||||
- [container build interface](https://github.com/containerbuilding/cbi)
|
- [container build interface](https://github.com/containerbuilding/cbi)
|
||||||
- [Knative Build Templates](https://github.com/knative/build-templates)
|
- [Knative Build Templates](https://github.com/knative/build-templates)
|
||||||
|
- [the Sanic build tool](https://github.com/distributed-containers-inc/sanic)
|
||||||
- [vab](https://github.com/stellarproject/vab)
|
- [vab](https://github.com/stellarproject/vab)
|
||||||
- [Rio](https://github.com/rancher/rio) (on roadmap)
|
- [Rio](https://github.com/rancher/rio)
|
||||||
|
|
||||||
### Quick start
|
### Quick start
|
||||||
|
|
||||||
Dependencies:
|
Dependencies:
|
||||||
|
|
||||||
- [runc](https://github.com/opencontainers/runc)
|
- [runc](https://github.com/opencontainers/runc)
|
||||||
- [containerd](https://github.com/containerd/containerd) (if you want to use containerd worker)
|
- [containerd](https://github.com/containerd/containerd) (if you want to use containerd worker)
|
||||||
|
|
||||||
|
|
||||||
The following command installs `buildkitd` and `buildctl` to `/usr/local/bin`:
|
The following command installs `buildkitd` and `buildctl` to `/usr/local/bin`:
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
|
@ -58,14 +57,13 @@ You can also use `make binaries-all` to prepare `buildkitd.containerd_only` and
|
||||||
|
|
||||||
#### Starting the buildkitd daemon:
|
#### Starting the buildkitd daemon:
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildkitd --debug --root /var/lib/buildkit
|
buildkitd --debug --root /var/lib/buildkit
|
||||||
```
|
```
|
||||||
|
|
||||||
The buildkitd daemon supports two worker backends: OCI (runc) and containerd.
|
The buildkitd daemon supports two worker backends: OCI (runc) and containerd.
|
||||||
|
|
||||||
By default, the OCI (runc) worker is used.
|
By default, the OCI (runc) worker is used. You can set `--oci-worker=false --containerd-worker=true` to use the containerd worker.
|
||||||
You can set `--oci-worker=false --containerd-worker=true` to use the containerd worker.
|
|
||||||
|
|
||||||
We are open to adding more backends.
|
We are open to adding more backends.
|
||||||
|
|
||||||
|
@ -91,13 +89,16 @@ For understanding the basics of LLB, `examples/buildkit*` directory contains scr
|
||||||
You can use `buildctl debug dump-llb` to see what data is in this definition. Add `--dot` to generate dot layout.
|
You can use `buildctl debug dump-llb` to see what data is in this definition. Add `--dot` to generate dot layout.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
go run examples/buildkit0/buildkit.go | buildctl debug dump-llb | jq .
|
go run examples/buildkit0/buildkit.go \
|
||||||
|
| buildctl debug dump-llb \
|
||||||
|
| jq .
|
||||||
```
|
```
|
||||||
|
|
||||||
To start building use `buildctl build` command. The example script accepts `--with-containerd` flag to choose if containerd binaries and support should be included in the end result as well.
|
To start building use `buildctl build` command. The example script accepts `--with-containerd` flag to choose if containerd binaries and support should be included in the end result as well.
|
||||||
|
|
||||||
```bash
|
```bash
|
||||||
go run examples/buildkit0/buildkit.go | buildctl build
|
go run examples/buildkit0/buildkit.go \
|
||||||
|
| buildctl build
|
||||||
```
|
```
|
||||||
|
|
||||||
`buildctl build` will show interactive progress bar by default while the build job is running. If the path to the trace file is specified, the trace file generated will contain all information about the timing of the individual steps and logs.
|
`buildctl build` will show interactive progress bar by default while the build job is running. If the path to the trace file is specified, the trace file generated will contain all information about the timing of the individual steps and logs.
|
||||||
|
@ -111,7 +112,6 @@ Different versions of the example scripts show different ways of describing the
|
||||||
- `./examples/dockerfile2llb` - can be used to convert a Dockerfile to LLB for debugging purposes
|
- `./examples/dockerfile2llb` - can be used to convert a Dockerfile to LLB for debugging purposes
|
||||||
- `./examples/gobuild` - shows how to use nested invocation to generate LLB for Go package internal dependencies
|
- `./examples/gobuild` - shows how to use nested invocation to generate LLB for Go package internal dependencies
|
||||||
|
|
||||||
|
|
||||||
#### Exploring Dockerfiles
|
#### Exploring Dockerfiles
|
||||||
|
|
||||||
Frontends are components that run inside BuildKit and convert any build definition to LLB. There is a special frontend called gateway (gateway.v0) that allows using any image as a frontend.
|
Frontends are components that run inside BuildKit and convert any build definition to LLB. There is a special frontend called gateway (gateway.v0) that allows using any image as a frontend.
|
||||||
|
@ -120,9 +120,18 @@ During development, Dockerfile frontend (dockerfile.v0) is also part of the Buil
|
||||||
|
|
||||||
##### Building a Dockerfile with `buildctl`
|
##### Building a Dockerfile with `buildctl`
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=.
|
buildctl build \
|
||||||
buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. --opt target=foo --opt build-arg:foo=bar
|
--frontend=dockerfile.v0 \
|
||||||
|
--local context=. \
|
||||||
|
--local dockerfile=.
|
||||||
|
# or
|
||||||
|
buildctl build \
|
||||||
|
--frontend=dockerfile.v0 \
|
||||||
|
--local context=. \
|
||||||
|
--local dockerfile=. \
|
||||||
|
--opt target=foo \
|
||||||
|
--opt build-arg:foo=bar
|
||||||
```
|
```
|
||||||
|
|
||||||
`--local` exposes local source files from client to the builder. `context` and `dockerfile` are the names Dockerfile frontend looks for build context and Dockerfile location.
|
`--local` exposes local source files from client to the builder. `context` and `dockerfile` are the names Dockerfile frontend looks for build context and Dockerfile location.
|
||||||
|
@ -131,8 +140,9 @@ buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. -
|
||||||
|
|
||||||
For people familiar with `docker build` command, there is an example wrapper utility in `./examples/build-using-dockerfile` that allows building Dockerfiles with BuildKit using a syntax similar to `docker build`.
|
For people familiar with `docker build` command, there is an example wrapper utility in `./examples/build-using-dockerfile` that allows building Dockerfiles with BuildKit using a syntax similar to `docker build`.
|
||||||
|
|
||||||
```
|
```bash
|
||||||
go build ./examples/build-using-dockerfile && sudo install build-using-dockerfile /usr/local/bin
|
go build ./examples/build-using-dockerfile \
|
||||||
|
&& sudo install build-using-dockerfile /usr/local/bin
|
||||||
|
|
||||||
build-using-dockerfile -t myimage .
|
build-using-dockerfile -t myimage .
|
||||||
build-using-dockerfile -t mybuildkit -f ./hack/dockerfiles/test.Dockerfile .
|
build-using-dockerfile -t mybuildkit -f ./hack/dockerfiles/test.Dockerfile .
|
||||||
|
@ -145,10 +155,18 @@ docker inspect myimage
|
||||||
|
|
||||||
External versions of the Dockerfile frontend are pushed to https://hub.docker.com/r/docker/dockerfile-upstream and https://hub.docker.com/r/docker/dockerfile and can be used with the gateway frontend. The source for the external frontend is currently located in `./frontend/dockerfile/cmd/dockerfile-frontend` but will move out of this repository in the future ([#163](https://github.com/moby/buildkit/issues/163)). For automatic build from master branch of this repository `docker/dockerfile-upsteam:master` or `docker/dockerfile-upstream:master-experimental` image can be used.
|
External versions of the Dockerfile frontend are pushed to https://hub.docker.com/r/docker/dockerfile-upstream and https://hub.docker.com/r/docker/dockerfile and can be used with the gateway frontend. The source for the external frontend is currently located in `./frontend/dockerfile/cmd/dockerfile-frontend` but will move out of this repository in the future ([#163](https://github.com/moby/buildkit/issues/163)). For automatic build from master branch of this repository `docker/dockerfile-upsteam:master` or `docker/dockerfile-upstream:master-experimental` image can be used.
|
||||||
|
|
||||||
|
```bash
|
||||||
|
buildctl build \
|
||||||
|
--frontend gateway.v0 \
|
||||||
|
--opt source=docker/dockerfile \
|
||||||
|
--local context=. \
|
||||||
|
--local dockerfile=.
|
||||||
|
buildctl build \
|
||||||
|
--frontend gateway.v0 \
|
||||||
|
--opt source=docker/dockerfile \
|
||||||
|
--opt context=git://github.com/moby/moby \
|
||||||
|
--opt build-arg:APT_MIRROR=cdn-fastly.deb.debian.org
|
||||||
```
|
```
|
||||||
buildctl build --frontend gateway.v0 --opt source=docker/dockerfile --local context=. --local dockerfile=.
|
|
||||||
buildctl build --frontend gateway.v0 --opt source=docker/dockerfile --opt context=git://github.com/moby/moby --opt build-arg:APT_MIRROR=cdn-fastly.deb.debian.org
|
|
||||||
````
|
|
||||||
|
|
||||||
##### Building a Dockerfile with experimental features like `RUN --mount=type=(bind|cache|tmpfs|secret|ssh)`
|
##### Building a Dockerfile with experimental features like `RUN --mount=type=(bind|cache|tmpfs|secret|ssh)`
|
||||||
|
|
||||||
|
@ -162,46 +180,58 @@ By default, the build result and intermediate cache will only remain internally
|
||||||
|
|
||||||
The containerd worker needs to be used
|
The containerd worker needs to be used
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --output type=image,name=docker.io/username/image
|
buildctl build ... --output type=image,name=docker.io/username/image
|
||||||
ctr --namespace=buildkit images ls
|
ctr --namespace=buildkit images ls
|
||||||
```
|
```
|
||||||
|
|
||||||
##### Push resulting image to registry
|
##### Push resulting image to registry
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --output type=image,name=docker.io/username/image,push=true
|
buildctl build ... --output type=image,name=docker.io/username/image,push=true
|
||||||
```
|
```
|
||||||
|
|
||||||
If credentials are required, `buildctl` will attempt to read Docker configuration file.
|
If credentials are required, `buildctl` will attempt to read Docker configuration file.
|
||||||
|
|
||||||
|
|
||||||
##### Exporting build result back to client
|
##### Exporting build result back to client
|
||||||
|
|
||||||
The local client will copy the files directly to the client. This is useful if BuildKit is being used for building something else than container images.
|
The local client will copy the files directly to the client. This is useful if BuildKit is being used for building something else than container images.
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --output type=local,dest=path/to/output-dir
|
buildctl build ... --output type=local,dest=path/to/output-dir
|
||||||
```
|
```
|
||||||
|
|
||||||
|
To export specific files use multi-stage builds with a scratch stage and copy the needed files into that stage with `COPY --from`.
|
||||||
|
|
||||||
|
```dockerfile
|
||||||
|
...
|
||||||
|
FROM scratch as testresult
|
||||||
|
|
||||||
|
COPY --from=builder /usr/src/app/testresult.xml .
|
||||||
|
...
|
||||||
|
```
|
||||||
|
|
||||||
|
```bash
|
||||||
|
buildctl build ... --opt target=testresult --output type=local,dest=path/to/output-dir
|
||||||
|
```
|
||||||
|
|
||||||
Tar exporter is similar to local exporter but transfers the files through a tarball.
|
Tar exporter is similar to local exporter but transfers the files through a tarball.
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --output type=tar,dest=out.tar
|
buildctl build ... --output type=tar,dest=out.tar
|
||||||
buildctl build ... --output type=tar > out.tar
|
buildctl build ... --output type=tar > out.tar
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
##### Exporting built image to Docker
|
##### Exporting built image to Docker
|
||||||
|
|
||||||
```
|
```bash
|
||||||
# exported tarball is also compatible with OCI spec
|
# exported tarball is also compatible with OCI spec
|
||||||
buildctl build ... --output type=docker,name=myimage | docker load
|
buildctl build ... --output type=docker,name=myimage | docker load
|
||||||
```
|
```
|
||||||
|
|
||||||
##### Exporting [OCI Image Format](https://github.com/opencontainers/image-spec) tarball to client
|
##### Exporting [OCI Image Format](https://github.com/opencontainers/image-spec) tarball to client
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --output type=oci,dest=path/to/output.tar
|
buildctl build ... --output type=oci,dest=path/to/output.tar
|
||||||
buildctl build ... --output type=oci > output.tar
|
buildctl build ... --output type=oci > output.tar
|
||||||
```
|
```
|
||||||
|
@ -210,14 +240,14 @@ buildctl build ... --output type=oci > output.tar
|
||||||
|
|
||||||
#### To/From registry
|
#### To/From registry
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --export-cache type=registry,ref=localhost:5000/myrepo:buildcache
|
buildctl build ... --export-cache type=registry,ref=localhost:5000/myrepo:buildcache
|
||||||
buildctl build ... --import-cache type=registry,ref=localhost:5000/myrepo:buildcache
|
buildctl build ... --import-cache type=registry,ref=localhost:5000/myrepo:buildcache
|
||||||
```
|
```
|
||||||
|
|
||||||
#### To/From local filesystem
|
#### To/From local filesystem
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl build ... --export-cache type=local,dest=path/to/output-dir
|
buildctl build ... --export-cache type=local,dest=path/to/output-dir
|
||||||
buildctl build ... --import-cache type=local,src=path/to/input-dir
|
buildctl build ... --import-cache type=local,src=path/to/input-dir
|
||||||
```
|
```
|
||||||
|
@ -225,27 +255,29 @@ buildctl build ... --import-cache type=local,src=path/to/input-dir
|
||||||
The directory layout conforms to OCI Image Spec v1.0.
|
The directory layout conforms to OCI Image Spec v1.0.
|
||||||
|
|
||||||
#### `--export-cache` options
|
#### `--export-cache` options
|
||||||
* `mode=min` (default): only export layers for the resulting image
|
|
||||||
* `mode=max`: export all the layers of all intermediate steps
|
- `mode=min` (default): only export layers for the resulting image
|
||||||
* `ref=docker.io/user/image:tag`: reference for `registry` cache exporter
|
- `mode=max`: export all the layers of all intermediate steps
|
||||||
* `dest=path/to/output-dir`: directory for `local` cache exporter
|
- `ref=docker.io/user/image:tag`: reference for `registry` cache exporter
|
||||||
|
- `dest=path/to/output-dir`: directory for `local` cache exporter
|
||||||
|
|
||||||
#### `--import-cache` options
|
#### `--import-cache` options
|
||||||
* `ref=docker.io/user/image:tag`: reference for `registry` cache importer
|
|
||||||
* `src=path/to/input-dir`: directory for `local` cache importer
|
- `ref=docker.io/user/image:tag`: reference for `registry` cache importer
|
||||||
* `digest=sha256:deadbeef`: digest of the manifest list to import for `local` cache importer. Defaults to the digest of "latest" tag in `index.json`
|
- `src=path/to/input-dir`: directory for `local` cache importer
|
||||||
|
- `digest=sha256:deadbeef`: digest of the manifest list to import for `local` cache importer. Defaults to the digest of "latest" tag in `index.json`
|
||||||
|
|
||||||
### Other
|
### Other
|
||||||
|
|
||||||
#### View build cache
|
#### View build cache
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl du -v
|
buildctl du -v
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Show enabled workers
|
#### Show enabled workers
|
||||||
|
|
||||||
```
|
```bash
|
||||||
buildctl debug workers -v
|
buildctl debug workers -v
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -255,31 +287,65 @@ BuildKit can also be used by running the `buildkitd` daemon inside a Docker cont
|
||||||
|
|
||||||
We provide `buildkitd` container images as [`moby/buildkit`](https://hub.docker.com/r/moby/buildkit/tags/):
|
We provide `buildkitd` container images as [`moby/buildkit`](https://hub.docker.com/r/moby/buildkit/tags/):
|
||||||
|
|
||||||
* `moby/buildkit:latest`: built from the latest regular [release](https://github.com/moby/buildkit/releases)
|
- `moby/buildkit:latest`: built from the latest regular [release](https://github.com/moby/buildkit/releases)
|
||||||
* `moby/buildkit:rootless`: same as `latest` but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md)
|
- `moby/buildkit:rootless`: same as `latest` but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md)
|
||||||
* `moby/buildkit:master`: built from the master branch
|
- `moby/buildkit:master`: built from the master branch
|
||||||
* `moby/buildkit:master-rootless`: same as master but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md)
|
- `moby/buildkit:master-rootless`: same as master but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md)
|
||||||
|
|
||||||
To run daemon in a container:
|
To run daemon in a container:
|
||||||
|
|
||||||
```
|
```bash
|
||||||
docker run -d --privileged -p 1234:1234 moby/buildkit:latest --addr tcp://0.0.0.0:1234
|
docker run -d --privileged -p 1234:1234 moby/buildkit:latest --addr tcp://0.0.0.0:1234
|
||||||
export BUILDKIT_HOST=tcp://0.0.0.0:1234
|
export BUILDKIT_HOST=tcp://0.0.0.0:1234
|
||||||
buildctl build --help
|
buildctl build --help
|
||||||
```
|
```
|
||||||
|
|
||||||
The images can be also built locally using `./hack/dockerfiles/test.Dockerfile` (or `./hack/dockerfiles/test.buildkit.Dockerfile` if you already have BuildKit).
|
To run client and an ephemeral daemon in a single container ("daemonless mode"):
|
||||||
Run `make images` to build the images as `moby/buildkit:local` and `moby/buildkit:local-rootless`.
|
|
||||||
|
```bash
|
||||||
|
docker run \
|
||||||
|
-it \
|
||||||
|
--rm \
|
||||||
|
--privileged \
|
||||||
|
-v /path/to/dir:/tmp/work \
|
||||||
|
--entrypoint buildctl-daemonless.sh \
|
||||||
|
moby/buildkit:master \
|
||||||
|
build \
|
||||||
|
--frontend dockerfile.v0 \
|
||||||
|
--local context=/tmp/work \
|
||||||
|
--local dockerfile=/tmp/work
|
||||||
|
```
|
||||||
|
|
||||||
|
or
|
||||||
|
|
||||||
|
```bash
|
||||||
|
docker run \
|
||||||
|
-it \
|
||||||
|
--rm \
|
||||||
|
--security-opt seccomp=unconfined \
|
||||||
|
--security-opt apparmor=unconfined \
|
||||||
|
-e BUILDKITD_FLAGS=--oci-worker-no-process-sandbox \
|
||||||
|
-v /path/to/dir:/tmp/work \
|
||||||
|
--entrypoint buildctl-daemonless.sh \
|
||||||
|
moby/buildkit:master-rootless \
|
||||||
|
build \
|
||||||
|
--frontend \
|
||||||
|
dockerfile.v0 \
|
||||||
|
--local context=/tmp/work \
|
||||||
|
--local dockerfile=/tmp/work
|
||||||
|
```
|
||||||
|
|
||||||
|
The images can be also built locally using `./hack/dockerfiles/test.Dockerfile` (or `./hack/dockerfiles/test.buildkit.Dockerfile` if you already have BuildKit). Run `make images` to build the images as `moby/buildkit:local` and `moby/buildkit:local-rootless`.
|
||||||
|
|
||||||
#### Connection helpers
|
#### Connection helpers
|
||||||
|
|
||||||
If you are running `moby/buildkit:master` or `moby/buildkit:master-rootless` as a Docker/Kubernetes container, you can use special `BUILDKIT_HOST` URL for connecting to the BuildKit daemon in the container:
|
If you are running `moby/buildkit:master` or `moby/buildkit:master-rootless` as a Docker/Kubernetes container, you can use special `BUILDKIT_HOST` URL for connecting to the BuildKit daemon in the container:
|
||||||
|
|
||||||
```
|
```bash
|
||||||
export BUILDKIT_HOST=docker://<container>
|
export BUILDKIT_HOST=docker-container://<container>
|
||||||
```
|
```
|
||||||
|
|
||||||
```
|
```bash
|
||||||
export BUILDKIT_HOST=kube-pod://<pod>
|
export BUILDKIT_HOST=kube-pod://<pod>
|
||||||
```
|
```
|
||||||
|
|
||||||
|
@ -287,15 +353,13 @@ export BUILDKIT_HOST=kube-pod://<pod>
|
||||||
|
|
||||||
BuildKit supports opentracing for buildkitd gRPC API and buildctl commands. To capture the trace to [Jaeger](https://github.com/jaegertracing/jaeger), set `JAEGER_TRACE` environment variable to the collection address.
|
BuildKit supports opentracing for buildkitd gRPC API and buildctl commands. To capture the trace to [Jaeger](https://github.com/jaegertracing/jaeger), set `JAEGER_TRACE` environment variable to the collection address.
|
||||||
|
|
||||||
|
```bash
|
||||||
```
|
|
||||||
docker run -d -p6831:6831/udp -p16686:16686 jaegertracing/all-in-one:latest
|
docker run -d -p6831:6831/udp -p16686:16686 jaegertracing/all-in-one:latest
|
||||||
export JAEGER_TRACE=0.0.0.0:6831
|
export JAEGER_TRACE=0.0.0.0:6831
|
||||||
# restart buildkitd and buildctl so they know JAEGER_TRACE
|
# restart buildkitd and buildctl so they know JAEGER_TRACE
|
||||||
# any buildctl command should be traced to http://127.0.0.1:16686/
|
# any buildctl command should be traced to http://127.0.0.1:16686/
|
||||||
```
|
```
|
||||||
|
|
||||||
|
|
||||||
### Supported runc version
|
### Supported runc version
|
||||||
|
|
||||||
During development, BuildKit is tested with the version of runc that is being used by the containerd repository. Please refer to [runc.md](https://github.com/containerd/containerd/blob/v1.2.1/RUNC.md) for more information.
|
During development, BuildKit is tested with the version of runc that is being used by the containerd repository. Please refer to [runc.md](https://github.com/containerd/containerd/blob/v1.2.1/RUNC.md) for more information.
|
||||||
|
@ -306,5 +370,4 @@ Please refer to [`docs/rootless.md`](docs/rootless.md).
|
||||||
|
|
||||||
### Contributing
|
### Contributing
|
||||||
|
|
||||||
Want to contribute to BuildKit? Awesome! You can find information about
|
Want to contribute to BuildKit? Awesome! You can find information about contributing to this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)
|
||||||
contributing to this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)
|
|
||||||
|
|
|
@ -427,11 +427,13 @@ func Security(s pb.SecurityMode) RunOption {
|
||||||
}
|
}
|
||||||
|
|
||||||
func Shlex(str string) RunOption {
|
func Shlex(str string) RunOption {
|
||||||
return Shlexf(str)
|
return runOptionFunc(func(ei *ExecInfo) {
|
||||||
|
ei.State = shlexf(str, false)(ei.State)
|
||||||
|
})
|
||||||
}
|
}
|
||||||
func Shlexf(str string, v ...interface{}) RunOption {
|
func Shlexf(str string, v ...interface{}) RunOption {
|
||||||
return runOptionFunc(func(ei *ExecInfo) {
|
return runOptionFunc(func(ei *ExecInfo) {
|
||||||
ei.State = shlexf(str, v...)(ei.State)
|
ei.State = shlexf(str, true, v...)(ei.State)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -442,7 +444,9 @@ func Args(a []string) RunOption {
|
||||||
}
|
}
|
||||||
|
|
||||||
func AddEnv(key, value string) RunOption {
|
func AddEnv(key, value string) RunOption {
|
||||||
return AddEnvf(key, value)
|
return runOptionFunc(func(ei *ExecInfo) {
|
||||||
|
ei.State = ei.State.AddEnv(key, value)
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
func AddEnvf(key, value string, v ...interface{}) RunOption {
|
func AddEnvf(key, value string, v ...interface{}) RunOption {
|
||||||
|
@ -458,7 +462,9 @@ func User(str string) RunOption {
|
||||||
}
|
}
|
||||||
|
|
||||||
func Dir(str string) RunOption {
|
func Dir(str string) RunOption {
|
||||||
return Dirf(str)
|
return runOptionFunc(func(ei *ExecInfo) {
|
||||||
|
ei.State = ei.State.Dir(str)
|
||||||
|
})
|
||||||
}
|
}
|
||||||
func Dirf(str string, v ...interface{}) RunOption {
|
func Dirf(str string, v ...interface{}) RunOption {
|
||||||
return runOptionFunc(func(ei *ExecInfo) {
|
return runOptionFunc(func(ei *ExecInfo) {
|
||||||
|
|
|
@ -24,19 +24,24 @@ var (
|
||||||
keySecurity = contextKeyT("llb.security")
|
keySecurity = contextKeyT("llb.security")
|
||||||
)
|
)
|
||||||
|
|
||||||
func addEnvf(key, value string, v ...interface{}) StateOption {
|
func addEnvf(key, value string, replace bool, v ...interface{}) StateOption {
|
||||||
|
if replace {
|
||||||
|
value = fmt.Sprintf(value, v...)
|
||||||
|
}
|
||||||
return func(s State) State {
|
return func(s State) State {
|
||||||
return s.WithValue(keyEnv, getEnv(s).AddOrReplace(key, fmt.Sprintf(value, v...)))
|
return s.WithValue(keyEnv, getEnv(s).AddOrReplace(key, value))
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func dir(str string) StateOption {
|
func dir(str string) StateOption {
|
||||||
return dirf(str)
|
return dirf(str, false)
|
||||||
}
|
}
|
||||||
|
|
||||||
func dirf(str string, v ...interface{}) StateOption {
|
func dirf(value string, replace bool, v ...interface{}) StateOption {
|
||||||
|
if replace {
|
||||||
|
value = fmt.Sprintf(value, v...)
|
||||||
|
}
|
||||||
return func(s State) State {
|
return func(s State) State {
|
||||||
value := fmt.Sprintf(str, v...)
|
|
||||||
if !path.IsAbs(value) {
|
if !path.IsAbs(value) {
|
||||||
prev := getDir(s)
|
prev := getDir(s)
|
||||||
if prev == "" {
|
if prev == "" {
|
||||||
|
@ -100,9 +105,12 @@ func args(args ...string) StateOption {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func shlexf(str string, v ...interface{}) StateOption {
|
func shlexf(str string, replace bool, v ...interface{}) StateOption {
|
||||||
|
if replace {
|
||||||
|
str = fmt.Sprintf(str, v...)
|
||||||
|
}
|
||||||
return func(s State) State {
|
return func(s State) State {
|
||||||
arg, err := shlex.Split(fmt.Sprintf(str, v...))
|
arg, err := shlex.Split(str)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
// TODO: handle error
|
// TODO: handle error
|
||||||
}
|
}
|
||||||
|
|
|
@ -240,18 +240,18 @@ func (s State) File(a *FileAction, opts ...ConstraintsOpt) State {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s State) AddEnv(key, value string) State {
|
func (s State) AddEnv(key, value string) State {
|
||||||
return s.AddEnvf(key, value)
|
return addEnvf(key, value, false)(s)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s State) AddEnvf(key, value string, v ...interface{}) State {
|
func (s State) AddEnvf(key, value string, v ...interface{}) State {
|
||||||
return addEnvf(key, value, v...)(s)
|
return addEnvf(key, value, true, v...)(s)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s State) Dir(str string) State {
|
func (s State) Dir(str string) State {
|
||||||
return s.Dirf(str)
|
return dirf(str, false)(s)
|
||||||
}
|
}
|
||||||
func (s State) Dirf(str string, v ...interface{}) State {
|
func (s State) Dirf(str string, v ...interface{}) State {
|
||||||
return dirf(str, v...)(s)
|
return dirf(str, true, v...)(s)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (s State) GetEnv(key string) (string, bool) {
|
func (s State) GetEnv(key string) (string, bool) {
|
||||||
|
|
|
@ -46,7 +46,7 @@ type SolveOpt struct {
|
||||||
type ExportEntry struct {
|
type ExportEntry struct {
|
||||||
Type string
|
Type string
|
||||||
Attrs map[string]string
|
Attrs map[string]string
|
||||||
Output io.WriteCloser // for ExporterOCI and ExporterDocker
|
Output func(map[string]string) (io.WriteCloser, error) // for ExporterOCI and ExporterDocker
|
||||||
OutputDir string // for ExporterLocal
|
OutputDir string // for ExporterLocal
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -128,7 +128,7 @@ func (c *grpcClient) Run(ctx context.Context, f client.BuildFunc) (retError erro
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if retError != nil {
|
if retError != nil {
|
||||||
st, _ := status.FromError(retError)
|
st, _ := status.FromError(errors.Cause(retError))
|
||||||
stp := st.Proto()
|
stp := st.Proto()
|
||||||
req.Error = &rpc.Status{
|
req.Error = &rpc.Status{
|
||||||
Code: stp.Code,
|
Code: stp.Code,
|
||||||
|
|
|
@ -4,36 +4,39 @@ go 1.11
|
||||||
|
|
||||||
require (
|
require (
|
||||||
github.com/BurntSushi/toml v0.3.1
|
github.com/BurntSushi/toml v0.3.1
|
||||||
github.com/Microsoft/go-winio v0.4.13-0.20190408173621-84b4ab48a507
|
github.com/Microsoft/go-winio v0.4.14
|
||||||
github.com/apache/thrift v0.0.0-20161221203622-b2a4d4ae21c7 // indirect
|
github.com/apache/thrift v0.0.0-20161221203622-b2a4d4ae21c7 // indirect
|
||||||
github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect
|
github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect
|
||||||
github.com/containerd/cgroups v0.0.0-20190226200435-dbea6f2bd416 // indirect
|
github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601 // indirect
|
||||||
github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50
|
github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50
|
||||||
github.com/containerd/containerd v1.3.0-0.20190426060238-3a3f0aac8819
|
github.com/containerd/containerd v1.3.0-rc.2
|
||||||
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc
|
github.com/containerd/continuity v0.0.0-20190827140505-75bee3e2ccb6
|
||||||
github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260 // indirect
|
github.com/containerd/fifo v0.0.0-20190816180239-bda0ff6ed73c // indirect
|
||||||
github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3
|
github.com/containerd/go-cni v0.0.0-20190813230227-49fbd9b210f3
|
||||||
github.com/containerd/ttrpc v0.0.0-20190411181408-699c4e40d1e7 // indirect
|
github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda
|
||||||
|
github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8 // indirect
|
||||||
github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd // indirect
|
github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd // indirect
|
||||||
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e
|
github.com/containernetworking/cni v0.7.1 // indirect
|
||||||
|
github.com/coreos/go-systemd v0.0.0-20190620071333-e64a0ec8b42a
|
||||||
github.com/docker/cli v0.0.0-20190321234815-f40f9c240ab0
|
github.com/docker/cli v0.0.0-20190321234815-f40f9c240ab0
|
||||||
github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible
|
github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible
|
||||||
github.com/docker/docker v1.14.0-0.20190319215453-e7b5f7dbe98c
|
github.com/docker/docker v1.14.0-0.20190319215453-e7b5f7dbe98c
|
||||||
github.com/docker/docker-credential-helpers v0.6.0 // indirect
|
github.com/docker/docker-credential-helpers v0.6.0 // indirect
|
||||||
github.com/docker/go-connections v0.3.0
|
github.com/docker/go-connections v0.3.0
|
||||||
github.com/docker/go-events v0.0.0-20170721190031-9461782956ad // indirect
|
github.com/docker/go-events v0.0.0-20170721190031-9461782956ad // indirect
|
||||||
github.com/docker/libnetwork v0.0.0-20180913200009-36d3bed0e9f4
|
github.com/docker/libnetwork v0.8.0-dev.2.0.20190604151032-3c26b4e7495e
|
||||||
github.com/godbus/dbus v4.1.0+incompatible // indirect
|
github.com/godbus/dbus v0.0.0-20181101234600-2ff6f7ffd60f // indirect
|
||||||
github.com/gofrs/flock v0.7.0
|
github.com/gofrs/flock v0.7.0
|
||||||
github.com/gogo/googleapis v1.1.0
|
github.com/gogo/googleapis v1.1.0
|
||||||
github.com/gogo/protobuf v1.2.0
|
github.com/gogo/protobuf v1.2.0
|
||||||
github.com/golang/protobuf v1.2.0
|
github.com/golang/protobuf v1.2.0
|
||||||
github.com/google/go-cmp v0.2.0
|
github.com/google/go-cmp v0.3.0
|
||||||
github.com/google/shlex v0.0.0-20150127133951-6f45313302b9
|
github.com/google/shlex v0.0.0-20150127133951-6f45313302b9
|
||||||
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645
|
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645
|
||||||
github.com/hashicorp/go-immutable-radix v1.0.0
|
github.com/hashicorp/go-immutable-radix v1.0.0
|
||||||
github.com/hashicorp/golang-lru v0.0.0-20160207214719-a0d98a5f2880
|
github.com/hashicorp/golang-lru v0.0.0-20160207214719-a0d98a5f2880
|
||||||
github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c // indirect
|
github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c // indirect
|
||||||
|
github.com/imdario/mergo v0.3.7 // indirect
|
||||||
github.com/ishidawataru/sctp v0.0.0-20180213033435-07191f837fed // indirect
|
github.com/ishidawataru/sctp v0.0.0-20180213033435-07191f837fed // indirect
|
||||||
github.com/jaguilar/vt100 v0.0.0-20150826170717-2703a27b14ea
|
github.com/jaguilar/vt100 v0.0.0-20150826170717-2703a27b14ea
|
||||||
github.com/kr/pretty v0.1.0 // indirect
|
github.com/kr/pretty v0.1.0 // indirect
|
||||||
|
@ -41,31 +44,32 @@ require (
|
||||||
github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c
|
github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c
|
||||||
github.com/opencontainers/go-digest v1.0.0-rc1
|
github.com/opencontainers/go-digest v1.0.0-rc1
|
||||||
github.com/opencontainers/image-spec v1.0.1
|
github.com/opencontainers/image-spec v1.0.1
|
||||||
github.com/opencontainers/runc v1.0.1-0.20190307181833-2b18fe1d885e
|
github.com/opencontainers/runc v1.0.0-rc8.0.20190621203724-f4982d86f7fd
|
||||||
github.com/opencontainers/runtime-spec v0.0.0-20180909173843-eba862dc2470
|
github.com/opencontainers/runtime-spec v0.0.0-20180909173843-eba862dc2470
|
||||||
github.com/opentracing-contrib/go-stdlib v0.0.0-20171029140428-b1a47cfbdd75
|
github.com/opentracing-contrib/go-stdlib v0.0.0-20171029140428-b1a47cfbdd75
|
||||||
github.com/opentracing/opentracing-go v0.0.0-20171003133519-1361b9cd60be
|
github.com/opentracing/opentracing-go v0.0.0-20171003133519-1361b9cd60be
|
||||||
github.com/pkg/errors v0.8.1
|
github.com/pkg/errors v0.8.1
|
||||||
github.com/pkg/profile v1.2.1
|
github.com/pkg/profile v1.2.1
|
||||||
|
github.com/prometheus/procfs v0.0.3 // indirect
|
||||||
github.com/serialx/hashring v0.0.0-20190422032157-8b2912629002
|
github.com/serialx/hashring v0.0.0-20190422032157-8b2912629002
|
||||||
github.com/sirupsen/logrus v1.3.0
|
github.com/sirupsen/logrus v1.4.1
|
||||||
github.com/stretchr/testify v1.3.0
|
github.com/stretchr/testify v1.3.0
|
||||||
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2 // indirect
|
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2 // indirect
|
||||||
github.com/tonistiigi/fsutil v0.0.0-20190327153851-3bbb99cdbd76
|
github.com/tonistiigi/fsutil v0.0.0-20190819224149-3d2716dd0a4d
|
||||||
github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea
|
github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea
|
||||||
github.com/uber/jaeger-client-go v0.0.0-20180103221425-e02c85f9069e
|
github.com/uber/jaeger-client-go v0.0.0-20180103221425-e02c85f9069e
|
||||||
github.com/uber/jaeger-lib v1.2.1 // indirect
|
github.com/uber/jaeger-lib v1.2.1 // indirect
|
||||||
github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5
|
github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5
|
||||||
github.com/vishvananda/netlink v1.0.0 // indirect
|
github.com/vishvananda/netlink v1.0.0 // indirect
|
||||||
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc // indirect
|
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc // indirect
|
||||||
go.etcd.io/bbolt v1.3.2
|
go.etcd.io/bbolt v1.3.3
|
||||||
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
|
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
|
||||||
golang.org/x/net v0.0.0-20190311183353-d8887717615a
|
golang.org/x/net v0.0.0-20190522155817-f3200d17e092
|
||||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
|
golang.org/x/sync v0.0.0-20190423024810-112230192c58
|
||||||
golang.org/x/sys v0.0.0-20190303122642-d455e41777fc
|
golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e
|
||||||
golang.org/x/time v0.0.0-20161028155119-f51c12702a4d
|
golang.org/x/time v0.0.0-20161028155119-f51c12702a4d
|
||||||
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
|
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
|
||||||
google.golang.org/grpc v1.20.1
|
google.golang.org/grpc v1.23.0
|
||||||
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
|
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
|
||||||
gotest.tools v2.2.0+incompatible
|
gotest.tools v2.2.0+incompatible
|
||||||
)
|
)
|
||||||
|
|
|
@ -4,6 +4,7 @@ import (
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
"github.com/moby/buildkit/session"
|
"github.com/moby/buildkit/session"
|
||||||
|
"github.com/pkg/errors"
|
||||||
"google.golang.org/grpc/codes"
|
"google.golang.org/grpc/codes"
|
||||||
"google.golang.org/grpc/status"
|
"google.golang.org/grpc/status"
|
||||||
)
|
)
|
||||||
|
@ -16,10 +17,10 @@ func CredentialsFunc(ctx context.Context, c session.Caller) func(string) (string
|
||||||
Host: host,
|
Host: host,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if st, ok := status.FromError(err); ok && st.Code() == codes.Unimplemented {
|
if st, ok := status.FromError(errors.Cause(err)); ok && st.Code() == codes.Unimplemented {
|
||||||
return "", "", nil
|
return "", "", nil
|
||||||
}
|
}
|
||||||
return "", "", err
|
return "", "", errors.WithStack(err)
|
||||||
}
|
}
|
||||||
return resp.Username, resp.Secret, nil
|
return resp.Username, resp.Secret, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -9,6 +9,7 @@ import (
|
||||||
"github.com/moby/buildkit/session"
|
"github.com/moby/buildkit/session"
|
||||||
digest "github.com/opencontainers/go-digest"
|
digest "github.com/opencontainers/go-digest"
|
||||||
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
|
ocispec "github.com/opencontainers/image-spec/specs-go/v1"
|
||||||
|
"github.com/pkg/errors"
|
||||||
"google.golang.org/grpc/metadata"
|
"google.golang.org/grpc/metadata"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -31,47 +32,53 @@ func (cs *callerContentStore) choose(ctx context.Context) context.Context {
|
||||||
|
|
||||||
func (cs *callerContentStore) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
|
func (cs *callerContentStore) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Info(ctx, dgst)
|
info, err := cs.store.Info(ctx, dgst)
|
||||||
|
return info, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) {
|
func (cs *callerContentStore) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Update(ctx, info, fieldpaths...)
|
info, err := cs.store.Update(ctx, info, fieldpaths...)
|
||||||
|
return info, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) Walk(ctx context.Context, fn content.WalkFunc, fs ...string) error {
|
func (cs *callerContentStore) Walk(ctx context.Context, fn content.WalkFunc, fs ...string) error {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Walk(ctx, fn, fs...)
|
return errors.WithStack(cs.store.Walk(ctx, fn, fs...))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) Delete(ctx context.Context, dgst digest.Digest) error {
|
func (cs *callerContentStore) Delete(ctx context.Context, dgst digest.Digest) error {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Delete(ctx, dgst)
|
return errors.WithStack(cs.store.Delete(ctx, dgst))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) ListStatuses(ctx context.Context, fs ...string) ([]content.Status, error) {
|
func (cs *callerContentStore) ListStatuses(ctx context.Context, fs ...string) ([]content.Status, error) {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.ListStatuses(ctx, fs...)
|
resp, err := cs.store.ListStatuses(ctx, fs...)
|
||||||
|
return resp, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) Status(ctx context.Context, ref string) (content.Status, error) {
|
func (cs *callerContentStore) Status(ctx context.Context, ref string) (content.Status, error) {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Status(ctx, ref)
|
st, err := cs.store.Status(ctx, ref)
|
||||||
|
return st, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) Abort(ctx context.Context, ref string) error {
|
func (cs *callerContentStore) Abort(ctx context.Context, ref string) error {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Abort(ctx, ref)
|
return errors.WithStack(cs.store.Abort(ctx, ref))
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) {
|
func (cs *callerContentStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.Writer(ctx, opts...)
|
w, err := cs.store.Writer(ctx, opts...)
|
||||||
|
return w, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (cs *callerContentStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) {
|
func (cs *callerContentStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) {
|
||||||
ctx = cs.choose(ctx)
|
ctx = cs.choose(ctx)
|
||||||
return cs.store.ReaderAt(ctx, desc)
|
ra, err := cs.store.ReaderAt(ctx, desc)
|
||||||
|
return ra, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewCallerStore creates content.Store from session.Caller with specified storeID
|
// NewCallerStore creates content.Store from session.Caller with specified storeID
|
||||||
|
|
|
@ -14,7 +14,7 @@ import (
|
||||||
)
|
)
|
||||||
|
|
||||||
func sendDiffCopy(stream grpc.Stream, fs fsutil.FS, progress progressCb) error {
|
func sendDiffCopy(stream grpc.Stream, fs fsutil.FS, progress progressCb) error {
|
||||||
return fsutil.Send(stream.Context(), stream, fs, progress)
|
return errors.WithStack(fsutil.Send(stream.Context(), stream, fs, progress))
|
||||||
}
|
}
|
||||||
|
|
||||||
func newStreamWriter(stream grpc.ClientStream) io.WriteCloser {
|
func newStreamWriter(stream grpc.ClientStream) io.WriteCloser {
|
||||||
|
@ -29,7 +29,7 @@ type bufferedWriteCloser struct {
|
||||||
|
|
||||||
func (bwc *bufferedWriteCloser) Close() error {
|
func (bwc *bufferedWriteCloser) Close() error {
|
||||||
if err := bwc.Writer.Flush(); err != nil {
|
if err := bwc.Writer.Flush(); err != nil {
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
return bwc.Closer.Close()
|
return bwc.Closer.Close()
|
||||||
}
|
}
|
||||||
|
@ -40,19 +40,25 @@ type streamWriterCloser struct {
|
||||||
|
|
||||||
func (wc *streamWriterCloser) Write(dt []byte) (int, error) {
|
func (wc *streamWriterCloser) Write(dt []byte) (int, error) {
|
||||||
if err := wc.ClientStream.SendMsg(&BytesMessage{Data: dt}); err != nil {
|
if err := wc.ClientStream.SendMsg(&BytesMessage{Data: dt}); err != nil {
|
||||||
|
// SendMsg return EOF on remote errors
|
||||||
|
if errors.Cause(err) == io.EOF {
|
||||||
|
if err := errors.WithStack(wc.ClientStream.RecvMsg(struct{}{})); err != nil {
|
||||||
return 0, err
|
return 0, err
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
return 0, errors.WithStack(err)
|
||||||
|
}
|
||||||
return len(dt), nil
|
return len(dt), nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (wc *streamWriterCloser) Close() error {
|
func (wc *streamWriterCloser) Close() error {
|
||||||
if err := wc.ClientStream.CloseSend(); err != nil {
|
if err := wc.ClientStream.CloseSend(); err != nil {
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
// block until receiver is done
|
// block until receiver is done
|
||||||
var bm BytesMessage
|
var bm BytesMessage
|
||||||
if err := wc.ClientStream.RecvMsg(&bm); err != io.EOF {
|
if err := wc.ClientStream.RecvMsg(&bm); err != io.EOF {
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
@ -69,19 +75,19 @@ func recvDiffCopy(ds grpc.Stream, dest string, cu CacheUpdater, progress progres
|
||||||
cf = cu.HandleChange
|
cf = cu.HandleChange
|
||||||
ch = cu.ContentHasher()
|
ch = cu.ContentHasher()
|
||||||
}
|
}
|
||||||
return fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{
|
return errors.WithStack(fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{
|
||||||
NotifyHashed: cf,
|
NotifyHashed: cf,
|
||||||
ContentHasher: ch,
|
ContentHasher: ch,
|
||||||
ProgressCb: progress,
|
ProgressCb: progress,
|
||||||
Filter: fsutil.FilterFunc(filter),
|
Filter: fsutil.FilterFunc(filter),
|
||||||
})
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
func syncTargetDiffCopy(ds grpc.Stream, dest string) error {
|
func syncTargetDiffCopy(ds grpc.Stream, dest string) error {
|
||||||
if err := os.MkdirAll(dest, 0700); err != nil {
|
if err := os.MkdirAll(dest, 0700); err != nil {
|
||||||
return err
|
return errors.Wrapf(err, "failed to create synctarget dest dir %s", dest)
|
||||||
}
|
}
|
||||||
return fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{
|
return errors.WithStack(fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{
|
||||||
Merge: true,
|
Merge: true,
|
||||||
Filter: func() func(string, *fstypes.Stat) bool {
|
Filter: func() func(string, *fstypes.Stat) bool {
|
||||||
uid := os.Getuid()
|
uid := os.Getuid()
|
||||||
|
@ -92,7 +98,7 @@ func syncTargetDiffCopy(ds grpc.Stream, dest string) error {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
}(),
|
}(),
|
||||||
})
|
}))
|
||||||
}
|
}
|
||||||
|
|
||||||
func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error {
|
func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error {
|
||||||
|
@ -102,10 +108,10 @@ func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error {
|
||||||
if errors.Cause(err) == io.EOF {
|
if errors.Cause(err) == io.EOF {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
if _, err := wc.Write(bm.Data); err != nil {
|
if _, err := wc.Write(bm.Data); err != nil {
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,6 +23,7 @@ const (
|
||||||
keyExcludePatterns = "exclude-patterns"
|
keyExcludePatterns = "exclude-patterns"
|
||||||
keyFollowPaths = "followpaths"
|
keyFollowPaths = "followpaths"
|
||||||
keyDirName = "dir-name"
|
keyDirName = "dir-name"
|
||||||
|
keyExporterMetaPrefix = "exporter-md-"
|
||||||
)
|
)
|
||||||
|
|
||||||
type fsSyncProvider struct {
|
type fsSyncProvider struct {
|
||||||
|
@ -238,16 +239,16 @@ func NewFSSyncTargetDir(outdir string) session.Attachable {
|
||||||
}
|
}
|
||||||
|
|
||||||
// NewFSSyncTarget allows writing into an io.WriteCloser
|
// NewFSSyncTarget allows writing into an io.WriteCloser
|
||||||
func NewFSSyncTarget(w io.WriteCloser) session.Attachable {
|
func NewFSSyncTarget(f func(map[string]string) (io.WriteCloser, error)) session.Attachable {
|
||||||
p := &fsSyncTarget{
|
p := &fsSyncTarget{
|
||||||
outfile: w,
|
f: f,
|
||||||
}
|
}
|
||||||
return p
|
return p
|
||||||
}
|
}
|
||||||
|
|
||||||
type fsSyncTarget struct {
|
type fsSyncTarget struct {
|
||||||
outdir string
|
outdir string
|
||||||
outfile io.WriteCloser
|
f func(map[string]string) (io.WriteCloser, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
func (sp *fsSyncTarget) Register(server *grpc.Server) {
|
func (sp *fsSyncTarget) Register(server *grpc.Server) {
|
||||||
|
@ -258,11 +259,26 @@ func (sp *fsSyncTarget) DiffCopy(stream FileSend_DiffCopyServer) error {
|
||||||
if sp.outdir != "" {
|
if sp.outdir != "" {
|
||||||
return syncTargetDiffCopy(stream, sp.outdir)
|
return syncTargetDiffCopy(stream, sp.outdir)
|
||||||
}
|
}
|
||||||
if sp.outfile == nil {
|
|
||||||
|
if sp.f == nil {
|
||||||
return errors.New("empty outfile and outdir")
|
return errors.New("empty outfile and outdir")
|
||||||
}
|
}
|
||||||
defer sp.outfile.Close()
|
opts, _ := metadata.FromIncomingContext(stream.Context()) // if no metadata continue with empty object
|
||||||
return writeTargetFile(stream, sp.outfile)
|
md := map[string]string{}
|
||||||
|
for k, v := range opts {
|
||||||
|
if strings.HasPrefix(k, keyExporterMetaPrefix) {
|
||||||
|
md[strings.TrimPrefix(k, keyExporterMetaPrefix)] = strings.Join(v, ",")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
wc, err := sp.f(md)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
if wc == nil {
|
||||||
|
return status.Errorf(codes.AlreadyExists, "target already exists")
|
||||||
|
}
|
||||||
|
defer wc.Close()
|
||||||
|
return writeTargetFile(stream, wc)
|
||||||
}
|
}
|
||||||
|
|
||||||
func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress func(int, bool)) error {
|
func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress func(int, bool)) error {
|
||||||
|
@ -275,13 +291,13 @@ func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress
|
||||||
|
|
||||||
cc, err := client.DiffCopy(ctx)
|
cc, err := client.DiffCopy(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return sendDiffCopy(cc, fs, progress)
|
return sendDiffCopy(cc, fs, progress)
|
||||||
}
|
}
|
||||||
|
|
||||||
func CopyFileWriter(ctx context.Context, c session.Caller) (io.WriteCloser, error) {
|
func CopyFileWriter(ctx context.Context, md map[string]string, c session.Caller) (io.WriteCloser, error) {
|
||||||
method := session.MethodURL(_FileSend_serviceDesc.ServiceName, "diffcopy")
|
method := session.MethodURL(_FileSend_serviceDesc.ServiceName, "diffcopy")
|
||||||
if !c.Supports(method) {
|
if !c.Supports(method) {
|
||||||
return nil, errors.Errorf("method %s not supported by the client", method)
|
return nil, errors.Errorf("method %s not supported by the client", method)
|
||||||
|
@ -289,9 +305,16 @@ func CopyFileWriter(ctx context.Context, c session.Caller) (io.WriteCloser, erro
|
||||||
|
|
||||||
client := NewFileSendClient(c.Conn())
|
client := NewFileSendClient(c.Conn())
|
||||||
|
|
||||||
|
opts := make(map[string][]string, len(md))
|
||||||
|
for k, v := range md {
|
||||||
|
opts[keyExporterMetaPrefix+k] = []string{v}
|
||||||
|
}
|
||||||
|
|
||||||
|
ctx = metadata.NewOutgoingContext(ctx, opts)
|
||||||
|
|
||||||
cc, err := client.DiffCopy(ctx)
|
cc, err := client.DiffCopy(ctx)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
return newStreamWriter(cc), nil
|
return newStreamWriter(cc), nil
|
||||||
|
|
|
@ -21,10 +21,10 @@ func GetSecret(ctx context.Context, c session.Caller, id string) ([]byte, error)
|
||||||
ID: id,
|
ID: id,
|
||||||
})
|
})
|
||||||
if err != nil {
|
if err != nil {
|
||||||
if st, ok := status.FromError(err); ok && (st.Code() == codes.Unimplemented || st.Code() == codes.NotFound) {
|
if st, ok := status.FromError(errors.Cause(err)); ok && (st.Code() == codes.Unimplemented || st.Code() == codes.NotFound) {
|
||||||
return nil, errors.Wrapf(ErrNotFound, "secret %s not found", id)
|
return nil, errors.Wrapf(ErrNotFound, "secret %s not found", id)
|
||||||
}
|
}
|
||||||
return nil, err
|
return nil, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
return resp.Data, nil
|
return resp.Data, nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -3,23 +3,24 @@ package sshforward
|
||||||
import (
|
import (
|
||||||
io "io"
|
io "io"
|
||||||
|
|
||||||
|
"github.com/pkg/errors"
|
||||||
context "golang.org/x/net/context"
|
context "golang.org/x/net/context"
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
"google.golang.org/grpc"
|
"google.golang.org/grpc"
|
||||||
)
|
)
|
||||||
|
|
||||||
func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) error {
|
func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream, closeStream func() error) error {
|
||||||
g, ctx := errgroup.WithContext(ctx)
|
g, ctx := errgroup.WithContext(ctx)
|
||||||
|
|
||||||
g.Go(func() (retErr error) {
|
g.Go(func() (retErr error) {
|
||||||
p := &BytesMessage{}
|
p := &BytesMessage{}
|
||||||
for {
|
for {
|
||||||
if err := stream.RecvMsg(p); err != nil {
|
if err := stream.RecvMsg(p); err != nil {
|
||||||
|
conn.Close()
|
||||||
if err == io.EOF {
|
if err == io.EOF {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
conn.Close()
|
return errors.WithStack(err)
|
||||||
return err
|
|
||||||
}
|
}
|
||||||
select {
|
select {
|
||||||
case <-ctx.Done():
|
case <-ctx.Done():
|
||||||
|
@ -29,7 +30,7 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro
|
||||||
}
|
}
|
||||||
if _, err := conn.Write(p.Data); err != nil {
|
if _, err := conn.Write(p.Data); err != nil {
|
||||||
conn.Close()
|
conn.Close()
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
p.Data = p.Data[:0]
|
p.Data = p.Data[:0]
|
||||||
}
|
}
|
||||||
|
@ -41,9 +42,12 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro
|
||||||
n, err := conn.Read(buf)
|
n, err := conn.Read(buf)
|
||||||
switch {
|
switch {
|
||||||
case err == io.EOF:
|
case err == io.EOF:
|
||||||
|
if closeStream != nil {
|
||||||
|
closeStream()
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
case err != nil:
|
case err != nil:
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
select {
|
select {
|
||||||
case <-ctx.Done():
|
case <-ctx.Done():
|
||||||
|
@ -52,7 +56,7 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro
|
||||||
}
|
}
|
||||||
p := &BytesMessage{Data: buf[:n]}
|
p := &BytesMessage{Data: buf[:n]}
|
||||||
if err := stream.SendMsg(p); err != nil {
|
if err := stream.SendMsg(p); err != nil {
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
|
@ -7,6 +7,7 @@ import (
|
||||||
"path/filepath"
|
"path/filepath"
|
||||||
|
|
||||||
"github.com/moby/buildkit/session"
|
"github.com/moby/buildkit/session"
|
||||||
|
"github.com/pkg/errors"
|
||||||
context "golang.org/x/net/context"
|
context "golang.org/x/net/context"
|
||||||
"golang.org/x/sync/errgroup"
|
"golang.org/x/sync/errgroup"
|
||||||
"google.golang.org/grpc/metadata"
|
"google.golang.org/grpc/metadata"
|
||||||
|
@ -48,7 +49,7 @@ func (s *server) run(ctx context.Context, l net.Listener, id string) error {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
go Copy(ctx, conn, stream)
|
go Copy(ctx, conn, stream, stream.CloseSend)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -65,7 +66,7 @@ type SocketOpt struct {
|
||||||
func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockPath string, closer func() error, err error) {
|
func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockPath string, closer func() error, err error) {
|
||||||
dir, err := ioutil.TempDir("", ".buildkit-ssh-sock")
|
dir, err := ioutil.TempDir("", ".buildkit-ssh-sock")
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", nil, err
|
return "", nil, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
defer func() {
|
defer func() {
|
||||||
|
@ -78,16 +79,16 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP
|
||||||
|
|
||||||
l, err := net.Listen("unix", sockPath)
|
l, err := net.Listen("unix", sockPath)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", nil, err
|
return "", nil, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
if err := os.Chown(sockPath, opt.UID, opt.GID); err != nil {
|
if err := os.Chown(sockPath, opt.UID, opt.GID); err != nil {
|
||||||
l.Close()
|
l.Close()
|
||||||
return "", nil, err
|
return "", nil, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
if err := os.Chmod(sockPath, os.FileMode(opt.Mode)); err != nil {
|
if err := os.Chmod(sockPath, os.FileMode(opt.Mode)); err != nil {
|
||||||
l.Close()
|
l.Close()
|
||||||
return "", nil, err
|
return "", nil, errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
||||||
s := &server{caller: c}
|
s := &server{caller: c}
|
||||||
|
@ -102,12 +103,12 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP
|
||||||
return sockPath, func() error {
|
return sockPath, func() error {
|
||||||
err := l.Close()
|
err := l.Close()
|
||||||
os.RemoveAll(sockPath)
|
os.RemoveAll(sockPath)
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func CheckSSHID(ctx context.Context, c session.Caller, id string) error {
|
func CheckSSHID(ctx context.Context, c session.Caller, id string) error {
|
||||||
client := NewSSHClient(c.Conn())
|
client := NewSSHClient(c.Conn())
|
||||||
_, err := client.CheckAgent(ctx, &CheckAgentRequest{ID: id})
|
_, err := client.CheckAgent(ctx, &CheckAgentRequest{ID: id})
|
||||||
return err
|
return errors.WithStack(err)
|
||||||
}
|
}
|
||||||
|
|
2
vendor/github.com/moby/buildkit/session/sshforward/sshprovider/agentprovider.go
generated
vendored
2
vendor/github.com/moby/buildkit/session/sshforward/sshprovider/agentprovider.go
generated
vendored
|
@ -114,7 +114,7 @@ func (sp *socketProvider) ForwardAgent(stream sshforward.SSH_ForwardAgentServer)
|
||||||
|
|
||||||
eg.Go(func() error {
|
eg.Go(func() error {
|
||||||
defer s1.Close()
|
defer s1.Close()
|
||||||
return sshforward.Copy(ctx, s2, stream)
|
return sshforward.Copy(ctx, s2, stream, nil)
|
||||||
})
|
})
|
||||||
|
|
||||||
return eg.Wait()
|
return eg.Wait()
|
||||||
|
|
|
@ -36,6 +36,7 @@ const (
|
||||||
CapExecMetaSecurity apicaps.CapID = "exec.meta.security"
|
CapExecMetaSecurity apicaps.CapID = "exec.meta.security"
|
||||||
CapExecMetaSetsDefaultPath apicaps.CapID = "exec.meta.setsdefaultpath"
|
CapExecMetaSetsDefaultPath apicaps.CapID = "exec.meta.setsdefaultpath"
|
||||||
CapExecMountBind apicaps.CapID = "exec.mount.bind"
|
CapExecMountBind apicaps.CapID = "exec.mount.bind"
|
||||||
|
CapExecMountBindReadWriteNoOuput apicaps.CapID = "exec.mount.bind.readwrite-nooutput"
|
||||||
CapExecMountCache apicaps.CapID = "exec.mount.cache"
|
CapExecMountCache apicaps.CapID = "exec.mount.cache"
|
||||||
CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing"
|
CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing"
|
||||||
CapExecMountSelector apicaps.CapID = "exec.mount.selector"
|
CapExecMountSelector apicaps.CapID = "exec.mount.selector"
|
||||||
|
@ -193,6 +194,12 @@ func init() {
|
||||||
Status: apicaps.CapStatusExperimental,
|
Status: apicaps.CapStatusExperimental,
|
||||||
})
|
})
|
||||||
|
|
||||||
|
Caps.Init(apicaps.Cap{
|
||||||
|
ID: CapExecMountBindReadWriteNoOuput,
|
||||||
|
Enabled: true,
|
||||||
|
Status: apicaps.CapStatusExperimental,
|
||||||
|
})
|
||||||
|
|
||||||
Caps.Init(apicaps.Cap{
|
Caps.Init(apicaps.Cap{
|
||||||
ID: CapExecMountCache,
|
ID: CapExecMountCache,
|
||||||
Enabled: true,
|
Enabled: true,
|
||||||
|
|
|
@ -19,7 +19,7 @@ require (
|
||||||
github.com/pkg/errors v0.8.1
|
github.com/pkg/errors v0.8.1
|
||||||
github.com/sirupsen/logrus v1.0.3 // indirect
|
github.com/sirupsen/logrus v1.0.3 // indirect
|
||||||
github.com/stretchr/testify v1.3.0
|
github.com/stretchr/testify v1.3.0
|
||||||
golang.org/x/crypto v0.0.0-20190129210102-0709b304e793 // indirect
|
golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 // indirect
|
||||||
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
|
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
|
||||||
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e
|
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e
|
||||||
gopkg.in/airbrake/gobrake.v2 v2.0.9 // indirect
|
gopkg.in/airbrake/gobrake.v2 v2.0.9 // indirect
|
||||||
|
|
|
@ -49,6 +49,9 @@ func mkstat(path, relpath string, fi os.FileInfo, inodemap map[uint64]string) (*
|
||||||
stat.Mode = noPermPart | permPart
|
stat.Mode = noPermPart | permPart
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Clear the socket bit since archive/tar.FileInfoHeader does not handle it
|
||||||
|
stat.Mode &^= uint32(os.ModeSocket)
|
||||||
|
|
||||||
return stat, nil
|
return stat, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue