vendor: update buildkit to 10cef0c and fsutil 7f9f923

Signed-off-by: Tibor Vass <tibor@docker.com>
This commit is contained in:
Tibor Vass 2019-09-21 00:42:32 +00:00
parent 83751b9781
commit 0df5d6427e
20 changed files with 325 additions and 191 deletions

View File

@ -156,7 +156,8 @@ func runBuildBuildKit(dockerCli command.Cli, options buildOptions) error {
} }
w = f w = f
} }
s.Allow(filesync.NewFSSyncTarget(w)) output := func(map[string]string) (io.WriteCloser, error) { return w, nil }
s.Allow(filesync.NewFSSyncTarget(output))
} }
} }

View File

@ -53,7 +53,7 @@ github.com/Microsoft/go-winio 84b4ab48a50763fe7b3abcef38e5
github.com/Microsoft/hcsshim 672e52e9209d1e53718c1b6a7d68cc9272654ab5 github.com/Microsoft/hcsshim 672e52e9209d1e53718c1b6a7d68cc9272654ab5
github.com/miekg/pkcs11 cb39313ec884f2cd77f4762875fe96aecf68f8e3 # v1.0.2 github.com/miekg/pkcs11 cb39313ec884f2cd77f4762875fe96aecf68f8e3 # v1.0.2
github.com/mitchellh/mapstructure f15292f7a699fcc1a38a80977f80a046874ba8ac github.com/mitchellh/mapstructure f15292f7a699fcc1a38a80977f80a046874ba8ac
github.com/moby/buildkit f238f1efb04f00bf0cc147141fda9ddb55c8bc49 github.com/moby/buildkit 10cef0c6e178bcaca1ad02b041a96b1091f52071
github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3 github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3
github.com/modern-go/reflect2 4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd # 1.0.1 github.com/modern-go/reflect2 4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd # 1.0.1
github.com/morikuni/aec 39771216ff4c63d11f5e604076f9c45e8be1067b github.com/morikuni/aec 39771216ff4c63d11f5e604076f9c45e8be1067b
@ -74,7 +74,7 @@ github.com/spf13/cobra ef82de70bb3f60c65fb8eebacbb2
github.com/spf13/pflag 4cb166e4f25ac4e8016a3595bbf7ea2e9aa85a2c https://github.com/thaJeztah/pflag.git # temporary fork with https://github.com/spf13/pflag/pull/170 applied, which isn't merged yet upstream github.com/spf13/pflag 4cb166e4f25ac4e8016a3595bbf7ea2e9aa85a2c https://github.com/thaJeztah/pflag.git # temporary fork with https://github.com/spf13/pflag/pull/170 applied, which isn't merged yet upstream
github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2 github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2
github.com/theupdateframework/notary d6e1431feb32348e0650bf7551ac5cffd01d857b # v0.6.1 github.com/theupdateframework/notary d6e1431feb32348e0650bf7551ac5cffd01d857b # v0.6.1
github.com/tonistiigi/fsutil 3bbb99cdbd76619ab717299830c60f6f2a533a6b github.com/tonistiigi/fsutil 7f9f9232dd24c4c9c68ab3c8030c4edcaeac1c32
github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2 github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2
github.com/xeipuuv/gojsonpointer 4e3ac2762d5f479393488629ee9370b50873b3a6 github.com/xeipuuv/gojsonpointer 4e3ac2762d5f479393488629ee9370b50873b3a6
github.com/xeipuuv/gojsonreference bd5ef7bd5415a7ac448318e64f11a24cd21e594b github.com/xeipuuv/gojsonreference bd5ef7bd5415a7ac448318e64f11a24cd21e594b

View File

@ -1,16 +1,15 @@
[![asciicinema example](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU.png)](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU) [![asciicinema example](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU.png)](https://asciinema.org/a/gPEIEo1NzmDTUu2bEPsUboqmU)
## BuildKit ## BuildKit
[![GoDoc](https://godoc.org/github.com/moby/buildkit?status.svg)](https://godoc.org/github.com/moby/buildkit/client/llb) [![GoDoc](https://godoc.org/github.com/moby/buildkit?status.svg)](https://godoc.org/github.com/moby/buildkit/client/llb)
[![Build Status](https://travis-ci.org/moby/buildkit.svg?branch=master)](https://travis-ci.org/moby/buildkit) [![Build Status](https://travis-ci.org/moby/buildkit.svg?branch=master)](https://travis-ci.org/moby/buildkit)
[![Go Report Card](https://goreportcard.com/badge/github.com/moby/buildkit)](https://goreportcard.com/report/github.com/moby/buildkit) [![Go Report Card](https://goreportcard.com/badge/github.com/moby/buildkit)](https://goreportcard.com/report/github.com/moby/buildkit)
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner.
Key features: Key features:
- Automatic garbage collection - Automatic garbage collection
- Extendable frontend formats - Extendable frontend formats
- Concurrent dependency resolution - Concurrent dependency resolution
@ -22,7 +21,6 @@ Key features:
- Pluggable architecture - Pluggable architecture
- Execution without root privileges - Execution without root privileges
Read the proposal from https://github.com/moby/moby/issues/32925 Read the proposal from https://github.com/moby/moby/issues/32925
Introductory blog post https://blog.mobyproject.org/introducing-buildkit-17e056cc5317 Introductory blog post https://blog.mobyproject.org/introducing-buildkit-17e056cc5317
@ -38,16 +36,17 @@ BuildKit is used by the following projects:
- [OpenFaaS Cloud](https://github.com/openfaas/openfaas-cloud) - [OpenFaaS Cloud](https://github.com/openfaas/openfaas-cloud)
- [container build interface](https://github.com/containerbuilding/cbi) - [container build interface](https://github.com/containerbuilding/cbi)
- [Knative Build Templates](https://github.com/knative/build-templates) - [Knative Build Templates](https://github.com/knative/build-templates)
- [the Sanic build tool](https://github.com/distributed-containers-inc/sanic)
- [vab](https://github.com/stellarproject/vab) - [vab](https://github.com/stellarproject/vab)
- [Rio](https://github.com/rancher/rio) (on roadmap) - [Rio](https://github.com/rancher/rio)
### Quick start ### Quick start
Dependencies: Dependencies:
- [runc](https://github.com/opencontainers/runc) - [runc](https://github.com/opencontainers/runc)
- [containerd](https://github.com/containerd/containerd) (if you want to use containerd worker) - [containerd](https://github.com/containerd/containerd) (if you want to use containerd worker)
The following command installs `buildkitd` and `buildctl` to `/usr/local/bin`: The following command installs `buildkitd` and `buildctl` to `/usr/local/bin`:
```bash ```bash
@ -58,14 +57,13 @@ You can also use `make binaries-all` to prepare `buildkitd.containerd_only` and
#### Starting the buildkitd daemon: #### Starting the buildkitd daemon:
``` ```bash
buildkitd --debug --root /var/lib/buildkit buildkitd --debug --root /var/lib/buildkit
``` ```
The buildkitd daemon supports two worker backends: OCI (runc) and containerd. The buildkitd daemon supports two worker backends: OCI (runc) and containerd.
By default, the OCI (runc) worker is used. By default, the OCI (runc) worker is used. You can set `--oci-worker=false --containerd-worker=true` to use the containerd worker.
You can set `--oci-worker=false --containerd-worker=true` to use the containerd worker.
We are open to adding more backends. We are open to adding more backends.
@ -91,13 +89,16 @@ For understanding the basics of LLB, `examples/buildkit*` directory contains scr
You can use `buildctl debug dump-llb` to see what data is in this definition. Add `--dot` to generate dot layout. You can use `buildctl debug dump-llb` to see what data is in this definition. Add `--dot` to generate dot layout.
```bash ```bash
go run examples/buildkit0/buildkit.go | buildctl debug dump-llb | jq . go run examples/buildkit0/buildkit.go \
| buildctl debug dump-llb \
| jq .
``` ```
To start building use `buildctl build` command. The example script accepts `--with-containerd` flag to choose if containerd binaries and support should be included in the end result as well. To start building use `buildctl build` command. The example script accepts `--with-containerd` flag to choose if containerd binaries and support should be included in the end result as well.
```bash ```bash
go run examples/buildkit0/buildkit.go | buildctl build go run examples/buildkit0/buildkit.go \
| buildctl build
``` ```
`buildctl build` will show interactive progress bar by default while the build job is running. If the path to the trace file is specified, the trace file generated will contain all information about the timing of the individual steps and logs. `buildctl build` will show interactive progress bar by default while the build job is running. If the path to the trace file is specified, the trace file generated will contain all information about the timing of the individual steps and logs.
@ -111,7 +112,6 @@ Different versions of the example scripts show different ways of describing the
- `./examples/dockerfile2llb` - can be used to convert a Dockerfile to LLB for debugging purposes - `./examples/dockerfile2llb` - can be used to convert a Dockerfile to LLB for debugging purposes
- `./examples/gobuild` - shows how to use nested invocation to generate LLB for Go package internal dependencies - `./examples/gobuild` - shows how to use nested invocation to generate LLB for Go package internal dependencies
#### Exploring Dockerfiles #### Exploring Dockerfiles
Frontends are components that run inside BuildKit and convert any build definition to LLB. There is a special frontend called gateway (gateway.v0) that allows using any image as a frontend. Frontends are components that run inside BuildKit and convert any build definition to LLB. There is a special frontend called gateway (gateway.v0) that allows using any image as a frontend.
@ -120,9 +120,18 @@ During development, Dockerfile frontend (dockerfile.v0) is also part of the Buil
##### Building a Dockerfile with `buildctl` ##### Building a Dockerfile with `buildctl`
``` ```bash
buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. buildctl build \
buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. --opt target=foo --opt build-arg:foo=bar --frontend=dockerfile.v0 \
--local context=. \
--local dockerfile=.
# or
buildctl build \
--frontend=dockerfile.v0 \
--local context=. \
--local dockerfile=. \
--opt target=foo \
--opt build-arg:foo=bar
``` ```
`--local` exposes local source files from client to the builder. `context` and `dockerfile` are the names Dockerfile frontend looks for build context and Dockerfile location. `--local` exposes local source files from client to the builder. `context` and `dockerfile` are the names Dockerfile frontend looks for build context and Dockerfile location.
@ -131,8 +140,9 @@ buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. -
For people familiar with `docker build` command, there is an example wrapper utility in `./examples/build-using-dockerfile` that allows building Dockerfiles with BuildKit using a syntax similar to `docker build`. For people familiar with `docker build` command, there is an example wrapper utility in `./examples/build-using-dockerfile` that allows building Dockerfiles with BuildKit using a syntax similar to `docker build`.
``` ```bash
go build ./examples/build-using-dockerfile && sudo install build-using-dockerfile /usr/local/bin go build ./examples/build-using-dockerfile \
&& sudo install build-using-dockerfile /usr/local/bin
build-using-dockerfile -t myimage . build-using-dockerfile -t myimage .
build-using-dockerfile -t mybuildkit -f ./hack/dockerfiles/test.Dockerfile . build-using-dockerfile -t mybuildkit -f ./hack/dockerfiles/test.Dockerfile .
@ -145,10 +155,18 @@ docker inspect myimage
External versions of the Dockerfile frontend are pushed to https://hub.docker.com/r/docker/dockerfile-upstream and https://hub.docker.com/r/docker/dockerfile and can be used with the gateway frontend. The source for the external frontend is currently located in `./frontend/dockerfile/cmd/dockerfile-frontend` but will move out of this repository in the future ([#163](https://github.com/moby/buildkit/issues/163)). For automatic build from master branch of this repository `docker/dockerfile-upsteam:master` or `docker/dockerfile-upstream:master-experimental` image can be used. External versions of the Dockerfile frontend are pushed to https://hub.docker.com/r/docker/dockerfile-upstream and https://hub.docker.com/r/docker/dockerfile and can be used with the gateway frontend. The source for the external frontend is currently located in `./frontend/dockerfile/cmd/dockerfile-frontend` but will move out of this repository in the future ([#163](https://github.com/moby/buildkit/issues/163)). For automatic build from master branch of this repository `docker/dockerfile-upsteam:master` or `docker/dockerfile-upstream:master-experimental` image can be used.
```bash
buildctl build \
--frontend gateway.v0 \
--opt source=docker/dockerfile \
--local context=. \
--local dockerfile=.
buildctl build \
--frontend gateway.v0 \
--opt source=docker/dockerfile \
--opt context=git://github.com/moby/moby \
--opt build-arg:APT_MIRROR=cdn-fastly.deb.debian.org
``` ```
buildctl build --frontend gateway.v0 --opt source=docker/dockerfile --local context=. --local dockerfile=.
buildctl build --frontend gateway.v0 --opt source=docker/dockerfile --opt context=git://github.com/moby/moby --opt build-arg:APT_MIRROR=cdn-fastly.deb.debian.org
````
##### Building a Dockerfile with experimental features like `RUN --mount=type=(bind|cache|tmpfs|secret|ssh)` ##### Building a Dockerfile with experimental features like `RUN --mount=type=(bind|cache|tmpfs|secret|ssh)`
@ -162,46 +180,58 @@ By default, the build result and intermediate cache will only remain internally
The containerd worker needs to be used The containerd worker needs to be used
``` ```bash
buildctl build ... --output type=image,name=docker.io/username/image buildctl build ... --output type=image,name=docker.io/username/image
ctr --namespace=buildkit images ls ctr --namespace=buildkit images ls
``` ```
##### Push resulting image to registry ##### Push resulting image to registry
``` ```bash
buildctl build ... --output type=image,name=docker.io/username/image,push=true buildctl build ... --output type=image,name=docker.io/username/image,push=true
``` ```
If credentials are required, `buildctl` will attempt to read Docker configuration file. If credentials are required, `buildctl` will attempt to read Docker configuration file.
##### Exporting build result back to client ##### Exporting build result back to client
The local client will copy the files directly to the client. This is useful if BuildKit is being used for building something else than container images. The local client will copy the files directly to the client. This is useful if BuildKit is being used for building something else than container images.
``` ```bash
buildctl build ... --output type=local,dest=path/to/output-dir buildctl build ... --output type=local,dest=path/to/output-dir
``` ```
To export specific files use multi-stage builds with a scratch stage and copy the needed files into that stage with `COPY --from`.
```dockerfile
...
FROM scratch as testresult
COPY --from=builder /usr/src/app/testresult.xml .
...
```
```bash
buildctl build ... --opt target=testresult --output type=local,dest=path/to/output-dir
```
Tar exporter is similar to local exporter but transfers the files through a tarball. Tar exporter is similar to local exporter but transfers the files through a tarball.
``` ```bash
buildctl build ... --output type=tar,dest=out.tar buildctl build ... --output type=tar,dest=out.tar
buildctl build ... --output type=tar > out.tar buildctl build ... --output type=tar > out.tar
``` ```
##### Exporting built image to Docker ##### Exporting built image to Docker
``` ```bash
# exported tarball is also compatible with OCI spec # exported tarball is also compatible with OCI spec
buildctl build ... --output type=docker,name=myimage | docker load buildctl build ... --output type=docker,name=myimage | docker load
``` ```
##### Exporting [OCI Image Format](https://github.com/opencontainers/image-spec) tarball to client ##### Exporting [OCI Image Format](https://github.com/opencontainers/image-spec) tarball to client
``` ```bash
buildctl build ... --output type=oci,dest=path/to/output.tar buildctl build ... --output type=oci,dest=path/to/output.tar
buildctl build ... --output type=oci > output.tar buildctl build ... --output type=oci > output.tar
``` ```
@ -210,14 +240,14 @@ buildctl build ... --output type=oci > output.tar
#### To/From registry #### To/From registry
``` ```bash
buildctl build ... --export-cache type=registry,ref=localhost:5000/myrepo:buildcache buildctl build ... --export-cache type=registry,ref=localhost:5000/myrepo:buildcache
buildctl build ... --import-cache type=registry,ref=localhost:5000/myrepo:buildcache buildctl build ... --import-cache type=registry,ref=localhost:5000/myrepo:buildcache
``` ```
#### To/From local filesystem #### To/From local filesystem
``` ```bash
buildctl build ... --export-cache type=local,dest=path/to/output-dir buildctl build ... --export-cache type=local,dest=path/to/output-dir
buildctl build ... --import-cache type=local,src=path/to/input-dir buildctl build ... --import-cache type=local,src=path/to/input-dir
``` ```
@ -225,27 +255,29 @@ buildctl build ... --import-cache type=local,src=path/to/input-dir
The directory layout conforms to OCI Image Spec v1.0. The directory layout conforms to OCI Image Spec v1.0.
#### `--export-cache` options #### `--export-cache` options
* `mode=min` (default): only export layers for the resulting image
* `mode=max`: export all the layers of all intermediate steps - `mode=min` (default): only export layers for the resulting image
* `ref=docker.io/user/image:tag`: reference for `registry` cache exporter - `mode=max`: export all the layers of all intermediate steps
* `dest=path/to/output-dir`: directory for `local` cache exporter - `ref=docker.io/user/image:tag`: reference for `registry` cache exporter
- `dest=path/to/output-dir`: directory for `local` cache exporter
#### `--import-cache` options #### `--import-cache` options
* `ref=docker.io/user/image:tag`: reference for `registry` cache importer
* `src=path/to/input-dir`: directory for `local` cache importer - `ref=docker.io/user/image:tag`: reference for `registry` cache importer
* `digest=sha256:deadbeef`: digest of the manifest list to import for `local` cache importer. Defaults to the digest of "latest" tag in `index.json` - `src=path/to/input-dir`: directory for `local` cache importer
- `digest=sha256:deadbeef`: digest of the manifest list to import for `local` cache importer. Defaults to the digest of "latest" tag in `index.json`
### Other ### Other
#### View build cache #### View build cache
``` ```bash
buildctl du -v buildctl du -v
``` ```
#### Show enabled workers #### Show enabled workers
``` ```bash
buildctl debug workers -v buildctl debug workers -v
``` ```
@ -255,31 +287,65 @@ BuildKit can also be used by running the `buildkitd` daemon inside a Docker cont
We provide `buildkitd` container images as [`moby/buildkit`](https://hub.docker.com/r/moby/buildkit/tags/): We provide `buildkitd` container images as [`moby/buildkit`](https://hub.docker.com/r/moby/buildkit/tags/):
* `moby/buildkit:latest`: built from the latest regular [release](https://github.com/moby/buildkit/releases) - `moby/buildkit:latest`: built from the latest regular [release](https://github.com/moby/buildkit/releases)
* `moby/buildkit:rootless`: same as `latest` but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md) - `moby/buildkit:rootless`: same as `latest` but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md)
* `moby/buildkit:master`: built from the master branch - `moby/buildkit:master`: built from the master branch
* `moby/buildkit:master-rootless`: same as master but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md) - `moby/buildkit:master-rootless`: same as master but runs as an unprivileged user, see [`docs/rootless.md`](docs/rootless.md)
To run daemon in a container: To run daemon in a container:
``` ```bash
docker run -d --privileged -p 1234:1234 moby/buildkit:latest --addr tcp://0.0.0.0:1234 docker run -d --privileged -p 1234:1234 moby/buildkit:latest --addr tcp://0.0.0.0:1234
export BUILDKIT_HOST=tcp://0.0.0.0:1234 export BUILDKIT_HOST=tcp://0.0.0.0:1234
buildctl build --help buildctl build --help
``` ```
The images can be also built locally using `./hack/dockerfiles/test.Dockerfile` (or `./hack/dockerfiles/test.buildkit.Dockerfile` if you already have BuildKit). To run client and an ephemeral daemon in a single container ("daemonless mode"):
Run `make images` to build the images as `moby/buildkit:local` and `moby/buildkit:local-rootless`.
```bash
docker run \
-it \
--rm \
--privileged \
-v /path/to/dir:/tmp/work \
--entrypoint buildctl-daemonless.sh \
moby/buildkit:master \
build \
--frontend dockerfile.v0 \
--local context=/tmp/work \
--local dockerfile=/tmp/work
```
or
```bash
docker run \
-it \
--rm \
--security-opt seccomp=unconfined \
--security-opt apparmor=unconfined \
-e BUILDKITD_FLAGS=--oci-worker-no-process-sandbox \
-v /path/to/dir:/tmp/work \
--entrypoint buildctl-daemonless.sh \
moby/buildkit:master-rootless \
build \
--frontend \
dockerfile.v0 \
--local context=/tmp/work \
--local dockerfile=/tmp/work
```
The images can be also built locally using `./hack/dockerfiles/test.Dockerfile` (or `./hack/dockerfiles/test.buildkit.Dockerfile` if you already have BuildKit). Run `make images` to build the images as `moby/buildkit:local` and `moby/buildkit:local-rootless`.
#### Connection helpers #### Connection helpers
If you are running `moby/buildkit:master` or `moby/buildkit:master-rootless` as a Docker/Kubernetes container, you can use special `BUILDKIT_HOST` URL for connecting to the BuildKit daemon in the container: If you are running `moby/buildkit:master` or `moby/buildkit:master-rootless` as a Docker/Kubernetes container, you can use special `BUILDKIT_HOST` URL for connecting to the BuildKit daemon in the container:
``` ```bash
export BUILDKIT_HOST=docker://<container> export BUILDKIT_HOST=docker-container://<container>
``` ```
``` ```bash
export BUILDKIT_HOST=kube-pod://<pod> export BUILDKIT_HOST=kube-pod://<pod>
``` ```
@ -287,15 +353,13 @@ export BUILDKIT_HOST=kube-pod://<pod>
BuildKit supports opentracing for buildkitd gRPC API and buildctl commands. To capture the trace to [Jaeger](https://github.com/jaegertracing/jaeger), set `JAEGER_TRACE` environment variable to the collection address. BuildKit supports opentracing for buildkitd gRPC API and buildctl commands. To capture the trace to [Jaeger](https://github.com/jaegertracing/jaeger), set `JAEGER_TRACE` environment variable to the collection address.
```bash
```
docker run -d -p6831:6831/udp -p16686:16686 jaegertracing/all-in-one:latest docker run -d -p6831:6831/udp -p16686:16686 jaegertracing/all-in-one:latest
export JAEGER_TRACE=0.0.0.0:6831 export JAEGER_TRACE=0.0.0.0:6831
# restart buildkitd and buildctl so they know JAEGER_TRACE # restart buildkitd and buildctl so they know JAEGER_TRACE
# any buildctl command should be traced to http://127.0.0.1:16686/ # any buildctl command should be traced to http://127.0.0.1:16686/
``` ```
### Supported runc version ### Supported runc version
During development, BuildKit is tested with the version of runc that is being used by the containerd repository. Please refer to [runc.md](https://github.com/containerd/containerd/blob/v1.2.1/RUNC.md) for more information. During development, BuildKit is tested with the version of runc that is being used by the containerd repository. Please refer to [runc.md](https://github.com/containerd/containerd/blob/v1.2.1/RUNC.md) for more information.
@ -306,5 +370,4 @@ Please refer to [`docs/rootless.md`](docs/rootless.md).
### Contributing ### Contributing
Want to contribute to BuildKit? Awesome! You can find information about Want to contribute to BuildKit? Awesome! You can find information about contributing to this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)
contributing to this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)

View File

@ -427,11 +427,13 @@ func Security(s pb.SecurityMode) RunOption {
} }
func Shlex(str string) RunOption { func Shlex(str string) RunOption {
return Shlexf(str) return runOptionFunc(func(ei *ExecInfo) {
ei.State = shlexf(str, false)(ei.State)
})
} }
func Shlexf(str string, v ...interface{}) RunOption { func Shlexf(str string, v ...interface{}) RunOption {
return runOptionFunc(func(ei *ExecInfo) { return runOptionFunc(func(ei *ExecInfo) {
ei.State = shlexf(str, v...)(ei.State) ei.State = shlexf(str, true, v...)(ei.State)
}) })
} }
@ -442,7 +444,9 @@ func Args(a []string) RunOption {
} }
func AddEnv(key, value string) RunOption { func AddEnv(key, value string) RunOption {
return AddEnvf(key, value) return runOptionFunc(func(ei *ExecInfo) {
ei.State = ei.State.AddEnv(key, value)
})
} }
func AddEnvf(key, value string, v ...interface{}) RunOption { func AddEnvf(key, value string, v ...interface{}) RunOption {
@ -458,7 +462,9 @@ func User(str string) RunOption {
} }
func Dir(str string) RunOption { func Dir(str string) RunOption {
return Dirf(str) return runOptionFunc(func(ei *ExecInfo) {
ei.State = ei.State.Dir(str)
})
} }
func Dirf(str string, v ...interface{}) RunOption { func Dirf(str string, v ...interface{}) RunOption {
return runOptionFunc(func(ei *ExecInfo) { return runOptionFunc(func(ei *ExecInfo) {

View File

@ -24,19 +24,24 @@ var (
keySecurity = contextKeyT("llb.security") keySecurity = contextKeyT("llb.security")
) )
func addEnvf(key, value string, v ...interface{}) StateOption { func addEnvf(key, value string, replace bool, v ...interface{}) StateOption {
if replace {
value = fmt.Sprintf(value, v...)
}
return func(s State) State { return func(s State) State {
return s.WithValue(keyEnv, getEnv(s).AddOrReplace(key, fmt.Sprintf(value, v...))) return s.WithValue(keyEnv, getEnv(s).AddOrReplace(key, value))
} }
} }
func dir(str string) StateOption { func dir(str string) StateOption {
return dirf(str) return dirf(str, false)
} }
func dirf(str string, v ...interface{}) StateOption { func dirf(value string, replace bool, v ...interface{}) StateOption {
if replace {
value = fmt.Sprintf(value, v...)
}
return func(s State) State { return func(s State) State {
value := fmt.Sprintf(str, v...)
if !path.IsAbs(value) { if !path.IsAbs(value) {
prev := getDir(s) prev := getDir(s)
if prev == "" { if prev == "" {
@ -100,9 +105,12 @@ func args(args ...string) StateOption {
} }
} }
func shlexf(str string, v ...interface{}) StateOption { func shlexf(str string, replace bool, v ...interface{}) StateOption {
if replace {
str = fmt.Sprintf(str, v...)
}
return func(s State) State { return func(s State) State {
arg, err := shlex.Split(fmt.Sprintf(str, v...)) arg, err := shlex.Split(str)
if err != nil { if err != nil {
// TODO: handle error // TODO: handle error
} }

View File

@ -240,18 +240,18 @@ func (s State) File(a *FileAction, opts ...ConstraintsOpt) State {
} }
func (s State) AddEnv(key, value string) State { func (s State) AddEnv(key, value string) State {
return s.AddEnvf(key, value) return addEnvf(key, value, false)(s)
} }
func (s State) AddEnvf(key, value string, v ...interface{}) State { func (s State) AddEnvf(key, value string, v ...interface{}) State {
return addEnvf(key, value, v...)(s) return addEnvf(key, value, true, v...)(s)
} }
func (s State) Dir(str string) State { func (s State) Dir(str string) State {
return s.Dirf(str) return dirf(str, false)(s)
} }
func (s State) Dirf(str string, v ...interface{}) State { func (s State) Dirf(str string, v ...interface{}) State {
return dirf(str, v...)(s) return dirf(str, true, v...)(s)
} }
func (s State) GetEnv(key string) (string, bool) { func (s State) GetEnv(key string) (string, bool) {

View File

@ -46,7 +46,7 @@ type SolveOpt struct {
type ExportEntry struct { type ExportEntry struct {
Type string Type string
Attrs map[string]string Attrs map[string]string
Output io.WriteCloser // for ExporterOCI and ExporterDocker Output func(map[string]string) (io.WriteCloser, error) // for ExporterOCI and ExporterDocker
OutputDir string // for ExporterLocal OutputDir string // for ExporterLocal
} }

View File

@ -128,7 +128,7 @@ func (c *grpcClient) Run(ctx context.Context, f client.BuildFunc) (retError erro
} }
} }
if retError != nil { if retError != nil {
st, _ := status.FromError(retError) st, _ := status.FromError(errors.Cause(retError))
stp := st.Proto() stp := st.Proto()
req.Error = &rpc.Status{ req.Error = &rpc.Status{
Code: stp.Code, Code: stp.Code,

View File

@ -4,36 +4,39 @@ go 1.11
require ( require (
github.com/BurntSushi/toml v0.3.1 github.com/BurntSushi/toml v0.3.1
github.com/Microsoft/go-winio v0.4.13-0.20190408173621-84b4ab48a507 github.com/Microsoft/go-winio v0.4.14
github.com/apache/thrift v0.0.0-20161221203622-b2a4d4ae21c7 // indirect github.com/apache/thrift v0.0.0-20161221203622-b2a4d4ae21c7 // indirect
github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect
github.com/containerd/cgroups v0.0.0-20190226200435-dbea6f2bd416 // indirect github.com/containerd/cgroups v0.0.0-20190717030353-c4b9ac5c7601 // indirect
github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50 github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50
github.com/containerd/containerd v1.3.0-0.20190426060238-3a3f0aac8819 github.com/containerd/containerd v1.3.0-rc.2
github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc github.com/containerd/continuity v0.0.0-20190827140505-75bee3e2ccb6
github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260 // indirect github.com/containerd/fifo v0.0.0-20190816180239-bda0ff6ed73c // indirect
github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3 github.com/containerd/go-cni v0.0.0-20190813230227-49fbd9b210f3
github.com/containerd/ttrpc v0.0.0-20190411181408-699c4e40d1e7 // indirect github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda
github.com/containerd/ttrpc v0.0.0-20190828172938-92c8520ef9f8 // indirect
github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd // indirect github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd // indirect
github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e github.com/containernetworking/cni v0.7.1 // indirect
github.com/coreos/go-systemd v0.0.0-20190620071333-e64a0ec8b42a
github.com/docker/cli v0.0.0-20190321234815-f40f9c240ab0 github.com/docker/cli v0.0.0-20190321234815-f40f9c240ab0
github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible github.com/docker/distribution v2.7.1-0.20190205005809-0d3efadf0154+incompatible
github.com/docker/docker v1.14.0-0.20190319215453-e7b5f7dbe98c github.com/docker/docker v1.14.0-0.20190319215453-e7b5f7dbe98c
github.com/docker/docker-credential-helpers v0.6.0 // indirect github.com/docker/docker-credential-helpers v0.6.0 // indirect
github.com/docker/go-connections v0.3.0 github.com/docker/go-connections v0.3.0
github.com/docker/go-events v0.0.0-20170721190031-9461782956ad // indirect github.com/docker/go-events v0.0.0-20170721190031-9461782956ad // indirect
github.com/docker/libnetwork v0.0.0-20180913200009-36d3bed0e9f4 github.com/docker/libnetwork v0.8.0-dev.2.0.20190604151032-3c26b4e7495e
github.com/godbus/dbus v4.1.0+incompatible // indirect github.com/godbus/dbus v0.0.0-20181101234600-2ff6f7ffd60f // indirect
github.com/gofrs/flock v0.7.0 github.com/gofrs/flock v0.7.0
github.com/gogo/googleapis v1.1.0 github.com/gogo/googleapis v1.1.0
github.com/gogo/protobuf v1.2.0 github.com/gogo/protobuf v1.2.0
github.com/golang/protobuf v1.2.0 github.com/golang/protobuf v1.2.0
github.com/google/go-cmp v0.2.0 github.com/google/go-cmp v0.3.0
github.com/google/shlex v0.0.0-20150127133951-6f45313302b9 github.com/google/shlex v0.0.0-20150127133951-6f45313302b9
github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645 github.com/grpc-ecosystem/grpc-opentracing v0.0.0-20180507213350-8e809c8a8645
github.com/hashicorp/go-immutable-radix v1.0.0 github.com/hashicorp/go-immutable-radix v1.0.0
github.com/hashicorp/golang-lru v0.0.0-20160207214719-a0d98a5f2880 github.com/hashicorp/golang-lru v0.0.0-20160207214719-a0d98a5f2880
github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c // indirect github.com/hashicorp/uuid v0.0.0-20160311170451-ebb0a03e909c // indirect
github.com/imdario/mergo v0.3.7 // indirect
github.com/ishidawataru/sctp v0.0.0-20180213033435-07191f837fed // indirect github.com/ishidawataru/sctp v0.0.0-20180213033435-07191f837fed // indirect
github.com/jaguilar/vt100 v0.0.0-20150826170717-2703a27b14ea github.com/jaguilar/vt100 v0.0.0-20150826170717-2703a27b14ea
github.com/kr/pretty v0.1.0 // indirect github.com/kr/pretty v0.1.0 // indirect
@ -41,31 +44,32 @@ require (
github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c github.com/morikuni/aec v0.0.0-20170113033406-39771216ff4c
github.com/opencontainers/go-digest v1.0.0-rc1 github.com/opencontainers/go-digest v1.0.0-rc1
github.com/opencontainers/image-spec v1.0.1 github.com/opencontainers/image-spec v1.0.1
github.com/opencontainers/runc v1.0.1-0.20190307181833-2b18fe1d885e github.com/opencontainers/runc v1.0.0-rc8.0.20190621203724-f4982d86f7fd
github.com/opencontainers/runtime-spec v0.0.0-20180909173843-eba862dc2470 github.com/opencontainers/runtime-spec v0.0.0-20180909173843-eba862dc2470
github.com/opentracing-contrib/go-stdlib v0.0.0-20171029140428-b1a47cfbdd75 github.com/opentracing-contrib/go-stdlib v0.0.0-20171029140428-b1a47cfbdd75
github.com/opentracing/opentracing-go v0.0.0-20171003133519-1361b9cd60be github.com/opentracing/opentracing-go v0.0.0-20171003133519-1361b9cd60be
github.com/pkg/errors v0.8.1 github.com/pkg/errors v0.8.1
github.com/pkg/profile v1.2.1 github.com/pkg/profile v1.2.1
github.com/prometheus/procfs v0.0.3 // indirect
github.com/serialx/hashring v0.0.0-20190422032157-8b2912629002 github.com/serialx/hashring v0.0.0-20190422032157-8b2912629002
github.com/sirupsen/logrus v1.3.0 github.com/sirupsen/logrus v1.4.1
github.com/stretchr/testify v1.3.0 github.com/stretchr/testify v1.3.0
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2 // indirect github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2 // indirect
github.com/tonistiigi/fsutil v0.0.0-20190327153851-3bbb99cdbd76 github.com/tonistiigi/fsutil v0.0.0-20190819224149-3d2716dd0a4d
github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea
github.com/uber/jaeger-client-go v0.0.0-20180103221425-e02c85f9069e github.com/uber/jaeger-client-go v0.0.0-20180103221425-e02c85f9069e
github.com/uber/jaeger-lib v1.2.1 // indirect github.com/uber/jaeger-lib v1.2.1 // indirect
github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5 github.com/urfave/cli v0.0.0-20171014202726-7bc6a0acffa5
github.com/vishvananda/netlink v1.0.0 // indirect github.com/vishvananda/netlink v1.0.0 // indirect
github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc // indirect github.com/vishvananda/netns v0.0.0-20180720170159-13995c7128cc // indirect
go.etcd.io/bbolt v1.3.2 go.etcd.io/bbolt v1.3.3
golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
golang.org/x/net v0.0.0-20190311183353-d8887717615a golang.org/x/net v0.0.0-20190522155817-f3200d17e092
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f golang.org/x/sync v0.0.0-20190423024810-112230192c58
golang.org/x/sys v0.0.0-20190303122642-d455e41777fc golang.org/x/sys v0.0.0-20190812073006-9eafafc0a87e
golang.org/x/time v0.0.0-20161028155119-f51c12702a4d golang.org/x/time v0.0.0-20161028155119-f51c12702a4d
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8 google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
google.golang.org/grpc v1.20.1 google.golang.org/grpc v1.23.0
gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 // indirect
gotest.tools v2.2.0+incompatible gotest.tools v2.2.0+incompatible
) )

View File

@ -4,6 +4,7 @@ import (
"context" "context"
"github.com/moby/buildkit/session" "github.com/moby/buildkit/session"
"github.com/pkg/errors"
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"
"google.golang.org/grpc/status" "google.golang.org/grpc/status"
) )
@ -16,10 +17,10 @@ func CredentialsFunc(ctx context.Context, c session.Caller) func(string) (string
Host: host, Host: host,
}) })
if err != nil { if err != nil {
if st, ok := status.FromError(err); ok && st.Code() == codes.Unimplemented { if st, ok := status.FromError(errors.Cause(err)); ok && st.Code() == codes.Unimplemented {
return "", "", nil return "", "", nil
} }
return "", "", err return "", "", errors.WithStack(err)
} }
return resp.Username, resp.Secret, nil return resp.Username, resp.Secret, nil
} }

View File

@ -9,6 +9,7 @@ import (
"github.com/moby/buildkit/session" "github.com/moby/buildkit/session"
digest "github.com/opencontainers/go-digest" digest "github.com/opencontainers/go-digest"
ocispec "github.com/opencontainers/image-spec/specs-go/v1" ocispec "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"google.golang.org/grpc/metadata" "google.golang.org/grpc/metadata"
) )
@ -31,47 +32,53 @@ func (cs *callerContentStore) choose(ctx context.Context) context.Context {
func (cs *callerContentStore) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) { func (cs *callerContentStore) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Info(ctx, dgst) info, err := cs.store.Info(ctx, dgst)
return info, errors.WithStack(err)
} }
func (cs *callerContentStore) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) { func (cs *callerContentStore) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Update(ctx, info, fieldpaths...) info, err := cs.store.Update(ctx, info, fieldpaths...)
return info, errors.WithStack(err)
} }
func (cs *callerContentStore) Walk(ctx context.Context, fn content.WalkFunc, fs ...string) error { func (cs *callerContentStore) Walk(ctx context.Context, fn content.WalkFunc, fs ...string) error {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Walk(ctx, fn, fs...) return errors.WithStack(cs.store.Walk(ctx, fn, fs...))
} }
func (cs *callerContentStore) Delete(ctx context.Context, dgst digest.Digest) error { func (cs *callerContentStore) Delete(ctx context.Context, dgst digest.Digest) error {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Delete(ctx, dgst) return errors.WithStack(cs.store.Delete(ctx, dgst))
} }
func (cs *callerContentStore) ListStatuses(ctx context.Context, fs ...string) ([]content.Status, error) { func (cs *callerContentStore) ListStatuses(ctx context.Context, fs ...string) ([]content.Status, error) {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.ListStatuses(ctx, fs...) resp, err := cs.store.ListStatuses(ctx, fs...)
return resp, errors.WithStack(err)
} }
func (cs *callerContentStore) Status(ctx context.Context, ref string) (content.Status, error) { func (cs *callerContentStore) Status(ctx context.Context, ref string) (content.Status, error) {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Status(ctx, ref) st, err := cs.store.Status(ctx, ref)
return st, errors.WithStack(err)
} }
func (cs *callerContentStore) Abort(ctx context.Context, ref string) error { func (cs *callerContentStore) Abort(ctx context.Context, ref string) error {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Abort(ctx, ref) return errors.WithStack(cs.store.Abort(ctx, ref))
} }
func (cs *callerContentStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) { func (cs *callerContentStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.Writer(ctx, opts...) w, err := cs.store.Writer(ctx, opts...)
return w, errors.WithStack(err)
} }
func (cs *callerContentStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { func (cs *callerContentStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) {
ctx = cs.choose(ctx) ctx = cs.choose(ctx)
return cs.store.ReaderAt(ctx, desc) ra, err := cs.store.ReaderAt(ctx, desc)
return ra, errors.WithStack(err)
} }
// NewCallerStore creates content.Store from session.Caller with specified storeID // NewCallerStore creates content.Store from session.Caller with specified storeID

View File

@ -14,7 +14,7 @@ import (
) )
func sendDiffCopy(stream grpc.Stream, fs fsutil.FS, progress progressCb) error { func sendDiffCopy(stream grpc.Stream, fs fsutil.FS, progress progressCb) error {
return fsutil.Send(stream.Context(), stream, fs, progress) return errors.WithStack(fsutil.Send(stream.Context(), stream, fs, progress))
} }
func newStreamWriter(stream grpc.ClientStream) io.WriteCloser { func newStreamWriter(stream grpc.ClientStream) io.WriteCloser {
@ -29,7 +29,7 @@ type bufferedWriteCloser struct {
func (bwc *bufferedWriteCloser) Close() error { func (bwc *bufferedWriteCloser) Close() error {
if err := bwc.Writer.Flush(); err != nil { if err := bwc.Writer.Flush(); err != nil {
return err return errors.WithStack(err)
} }
return bwc.Closer.Close() return bwc.Closer.Close()
} }
@ -40,19 +40,25 @@ type streamWriterCloser struct {
func (wc *streamWriterCloser) Write(dt []byte) (int, error) { func (wc *streamWriterCloser) Write(dt []byte) (int, error) {
if err := wc.ClientStream.SendMsg(&BytesMessage{Data: dt}); err != nil { if err := wc.ClientStream.SendMsg(&BytesMessage{Data: dt}); err != nil {
// SendMsg return EOF on remote errors
if errors.Cause(err) == io.EOF {
if err := errors.WithStack(wc.ClientStream.RecvMsg(struct{}{})); err != nil {
return 0, err return 0, err
} }
}
return 0, errors.WithStack(err)
}
return len(dt), nil return len(dt), nil
} }
func (wc *streamWriterCloser) Close() error { func (wc *streamWriterCloser) Close() error {
if err := wc.ClientStream.CloseSend(); err != nil { if err := wc.ClientStream.CloseSend(); err != nil {
return err return errors.WithStack(err)
} }
// block until receiver is done // block until receiver is done
var bm BytesMessage var bm BytesMessage
if err := wc.ClientStream.RecvMsg(&bm); err != io.EOF { if err := wc.ClientStream.RecvMsg(&bm); err != io.EOF {
return err return errors.WithStack(err)
} }
return nil return nil
} }
@ -69,19 +75,19 @@ func recvDiffCopy(ds grpc.Stream, dest string, cu CacheUpdater, progress progres
cf = cu.HandleChange cf = cu.HandleChange
ch = cu.ContentHasher() ch = cu.ContentHasher()
} }
return fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{ return errors.WithStack(fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{
NotifyHashed: cf, NotifyHashed: cf,
ContentHasher: ch, ContentHasher: ch,
ProgressCb: progress, ProgressCb: progress,
Filter: fsutil.FilterFunc(filter), Filter: fsutil.FilterFunc(filter),
}) }))
} }
func syncTargetDiffCopy(ds grpc.Stream, dest string) error { func syncTargetDiffCopy(ds grpc.Stream, dest string) error {
if err := os.MkdirAll(dest, 0700); err != nil { if err := os.MkdirAll(dest, 0700); err != nil {
return err return errors.Wrapf(err, "failed to create synctarget dest dir %s", dest)
} }
return fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{ return errors.WithStack(fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{
Merge: true, Merge: true,
Filter: func() func(string, *fstypes.Stat) bool { Filter: func() func(string, *fstypes.Stat) bool {
uid := os.Getuid() uid := os.Getuid()
@ -92,7 +98,7 @@ func syncTargetDiffCopy(ds grpc.Stream, dest string) error {
return true return true
} }
}(), }(),
}) }))
} }
func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error { func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error {
@ -102,10 +108,10 @@ func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error {
if errors.Cause(err) == io.EOF { if errors.Cause(err) == io.EOF {
return nil return nil
} }
return err return errors.WithStack(err)
} }
if _, err := wc.Write(bm.Data); err != nil { if _, err := wc.Write(bm.Data); err != nil {
return err return errors.WithStack(err)
} }
} }
} }

View File

@ -23,6 +23,7 @@ const (
keyExcludePatterns = "exclude-patterns" keyExcludePatterns = "exclude-patterns"
keyFollowPaths = "followpaths" keyFollowPaths = "followpaths"
keyDirName = "dir-name" keyDirName = "dir-name"
keyExporterMetaPrefix = "exporter-md-"
) )
type fsSyncProvider struct { type fsSyncProvider struct {
@ -238,16 +239,16 @@ func NewFSSyncTargetDir(outdir string) session.Attachable {
} }
// NewFSSyncTarget allows writing into an io.WriteCloser // NewFSSyncTarget allows writing into an io.WriteCloser
func NewFSSyncTarget(w io.WriteCloser) session.Attachable { func NewFSSyncTarget(f func(map[string]string) (io.WriteCloser, error)) session.Attachable {
p := &fsSyncTarget{ p := &fsSyncTarget{
outfile: w, f: f,
} }
return p return p
} }
type fsSyncTarget struct { type fsSyncTarget struct {
outdir string outdir string
outfile io.WriteCloser f func(map[string]string) (io.WriteCloser, error)
} }
func (sp *fsSyncTarget) Register(server *grpc.Server) { func (sp *fsSyncTarget) Register(server *grpc.Server) {
@ -258,11 +259,26 @@ func (sp *fsSyncTarget) DiffCopy(stream FileSend_DiffCopyServer) error {
if sp.outdir != "" { if sp.outdir != "" {
return syncTargetDiffCopy(stream, sp.outdir) return syncTargetDiffCopy(stream, sp.outdir)
} }
if sp.outfile == nil {
if sp.f == nil {
return errors.New("empty outfile and outdir") return errors.New("empty outfile and outdir")
} }
defer sp.outfile.Close() opts, _ := metadata.FromIncomingContext(stream.Context()) // if no metadata continue with empty object
return writeTargetFile(stream, sp.outfile) md := map[string]string{}
for k, v := range opts {
if strings.HasPrefix(k, keyExporterMetaPrefix) {
md[strings.TrimPrefix(k, keyExporterMetaPrefix)] = strings.Join(v, ",")
}
}
wc, err := sp.f(md)
if err != nil {
return err
}
if wc == nil {
return status.Errorf(codes.AlreadyExists, "target already exists")
}
defer wc.Close()
return writeTargetFile(stream, wc)
} }
func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress func(int, bool)) error { func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress func(int, bool)) error {
@ -275,13 +291,13 @@ func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress
cc, err := client.DiffCopy(ctx) cc, err := client.DiffCopy(ctx)
if err != nil { if err != nil {
return err return errors.WithStack(err)
} }
return sendDiffCopy(cc, fs, progress) return sendDiffCopy(cc, fs, progress)
} }
func CopyFileWriter(ctx context.Context, c session.Caller) (io.WriteCloser, error) { func CopyFileWriter(ctx context.Context, md map[string]string, c session.Caller) (io.WriteCloser, error) {
method := session.MethodURL(_FileSend_serviceDesc.ServiceName, "diffcopy") method := session.MethodURL(_FileSend_serviceDesc.ServiceName, "diffcopy")
if !c.Supports(method) { if !c.Supports(method) {
return nil, errors.Errorf("method %s not supported by the client", method) return nil, errors.Errorf("method %s not supported by the client", method)
@ -289,9 +305,16 @@ func CopyFileWriter(ctx context.Context, c session.Caller) (io.WriteCloser, erro
client := NewFileSendClient(c.Conn()) client := NewFileSendClient(c.Conn())
opts := make(map[string][]string, len(md))
for k, v := range md {
opts[keyExporterMetaPrefix+k] = []string{v}
}
ctx = metadata.NewOutgoingContext(ctx, opts)
cc, err := client.DiffCopy(ctx) cc, err := client.DiffCopy(ctx)
if err != nil { if err != nil {
return nil, err return nil, errors.WithStack(err)
} }
return newStreamWriter(cc), nil return newStreamWriter(cc), nil

View File

@ -21,10 +21,10 @@ func GetSecret(ctx context.Context, c session.Caller, id string) ([]byte, error)
ID: id, ID: id,
}) })
if err != nil { if err != nil {
if st, ok := status.FromError(err); ok && (st.Code() == codes.Unimplemented || st.Code() == codes.NotFound) { if st, ok := status.FromError(errors.Cause(err)); ok && (st.Code() == codes.Unimplemented || st.Code() == codes.NotFound) {
return nil, errors.Wrapf(ErrNotFound, "secret %s not found", id) return nil, errors.Wrapf(ErrNotFound, "secret %s not found", id)
} }
return nil, err return nil, errors.WithStack(err)
} }
return resp.Data, nil return resp.Data, nil
} }

View File

@ -3,23 +3,24 @@ package sshforward
import ( import (
io "io" io "io"
"github.com/pkg/errors"
context "golang.org/x/net/context" context "golang.org/x/net/context"
"golang.org/x/sync/errgroup" "golang.org/x/sync/errgroup"
"google.golang.org/grpc" "google.golang.org/grpc"
) )
func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) error { func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream, closeStream func() error) error {
g, ctx := errgroup.WithContext(ctx) g, ctx := errgroup.WithContext(ctx)
g.Go(func() (retErr error) { g.Go(func() (retErr error) {
p := &BytesMessage{} p := &BytesMessage{}
for { for {
if err := stream.RecvMsg(p); err != nil { if err := stream.RecvMsg(p); err != nil {
conn.Close()
if err == io.EOF { if err == io.EOF {
return nil return nil
} }
conn.Close() return errors.WithStack(err)
return err
} }
select { select {
case <-ctx.Done(): case <-ctx.Done():
@ -29,7 +30,7 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro
} }
if _, err := conn.Write(p.Data); err != nil { if _, err := conn.Write(p.Data); err != nil {
conn.Close() conn.Close()
return err return errors.WithStack(err)
} }
p.Data = p.Data[:0] p.Data = p.Data[:0]
} }
@ -41,9 +42,12 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro
n, err := conn.Read(buf) n, err := conn.Read(buf)
switch { switch {
case err == io.EOF: case err == io.EOF:
if closeStream != nil {
closeStream()
}
return nil return nil
case err != nil: case err != nil:
return err return errors.WithStack(err)
} }
select { select {
case <-ctx.Done(): case <-ctx.Done():
@ -52,7 +56,7 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro
} }
p := &BytesMessage{Data: buf[:n]} p := &BytesMessage{Data: buf[:n]}
if err := stream.SendMsg(p); err != nil { if err := stream.SendMsg(p); err != nil {
return err return errors.WithStack(err)
} }
} }
}) })

View File

@ -7,6 +7,7 @@ import (
"path/filepath" "path/filepath"
"github.com/moby/buildkit/session" "github.com/moby/buildkit/session"
"github.com/pkg/errors"
context "golang.org/x/net/context" context "golang.org/x/net/context"
"golang.org/x/sync/errgroup" "golang.org/x/sync/errgroup"
"google.golang.org/grpc/metadata" "google.golang.org/grpc/metadata"
@ -48,7 +49,7 @@ func (s *server) run(ctx context.Context, l net.Listener, id string) error {
return err return err
} }
go Copy(ctx, conn, stream) go Copy(ctx, conn, stream, stream.CloseSend)
} }
}) })
@ -65,7 +66,7 @@ type SocketOpt struct {
func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockPath string, closer func() error, err error) { func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockPath string, closer func() error, err error) {
dir, err := ioutil.TempDir("", ".buildkit-ssh-sock") dir, err := ioutil.TempDir("", ".buildkit-ssh-sock")
if err != nil { if err != nil {
return "", nil, err return "", nil, errors.WithStack(err)
} }
defer func() { defer func() {
@ -78,16 +79,16 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP
l, err := net.Listen("unix", sockPath) l, err := net.Listen("unix", sockPath)
if err != nil { if err != nil {
return "", nil, err return "", nil, errors.WithStack(err)
} }
if err := os.Chown(sockPath, opt.UID, opt.GID); err != nil { if err := os.Chown(sockPath, opt.UID, opt.GID); err != nil {
l.Close() l.Close()
return "", nil, err return "", nil, errors.WithStack(err)
} }
if err := os.Chmod(sockPath, os.FileMode(opt.Mode)); err != nil { if err := os.Chmod(sockPath, os.FileMode(opt.Mode)); err != nil {
l.Close() l.Close()
return "", nil, err return "", nil, errors.WithStack(err)
} }
s := &server{caller: c} s := &server{caller: c}
@ -102,12 +103,12 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP
return sockPath, func() error { return sockPath, func() error {
err := l.Close() err := l.Close()
os.RemoveAll(sockPath) os.RemoveAll(sockPath)
return err return errors.WithStack(err)
}, nil }, nil
} }
func CheckSSHID(ctx context.Context, c session.Caller, id string) error { func CheckSSHID(ctx context.Context, c session.Caller, id string) error {
client := NewSSHClient(c.Conn()) client := NewSSHClient(c.Conn())
_, err := client.CheckAgent(ctx, &CheckAgentRequest{ID: id}) _, err := client.CheckAgent(ctx, &CheckAgentRequest{ID: id})
return err return errors.WithStack(err)
} }

View File

@ -114,7 +114,7 @@ func (sp *socketProvider) ForwardAgent(stream sshforward.SSH_ForwardAgentServer)
eg.Go(func() error { eg.Go(func() error {
defer s1.Close() defer s1.Close()
return sshforward.Copy(ctx, s2, stream) return sshforward.Copy(ctx, s2, stream, nil)
}) })
return eg.Wait() return eg.Wait()

View File

@ -36,6 +36,7 @@ const (
CapExecMetaSecurity apicaps.CapID = "exec.meta.security" CapExecMetaSecurity apicaps.CapID = "exec.meta.security"
CapExecMetaSetsDefaultPath apicaps.CapID = "exec.meta.setsdefaultpath" CapExecMetaSetsDefaultPath apicaps.CapID = "exec.meta.setsdefaultpath"
CapExecMountBind apicaps.CapID = "exec.mount.bind" CapExecMountBind apicaps.CapID = "exec.mount.bind"
CapExecMountBindReadWriteNoOuput apicaps.CapID = "exec.mount.bind.readwrite-nooutput"
CapExecMountCache apicaps.CapID = "exec.mount.cache" CapExecMountCache apicaps.CapID = "exec.mount.cache"
CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing" CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing"
CapExecMountSelector apicaps.CapID = "exec.mount.selector" CapExecMountSelector apicaps.CapID = "exec.mount.selector"
@ -193,6 +194,12 @@ func init() {
Status: apicaps.CapStatusExperimental, Status: apicaps.CapStatusExperimental,
}) })
Caps.Init(apicaps.Cap{
ID: CapExecMountBindReadWriteNoOuput,
Enabled: true,
Status: apicaps.CapStatusExperimental,
})
Caps.Init(apicaps.Cap{ Caps.Init(apicaps.Cap{
ID: CapExecMountCache, ID: CapExecMountCache,
Enabled: true, Enabled: true,

View File

@ -19,7 +19,7 @@ require (
github.com/pkg/errors v0.8.1 github.com/pkg/errors v0.8.1
github.com/sirupsen/logrus v1.0.3 // indirect github.com/sirupsen/logrus v1.0.3 // indirect
github.com/stretchr/testify v1.3.0 github.com/stretchr/testify v1.3.0
golang.org/x/crypto v0.0.0-20190129210102-0709b304e793 // indirect golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 // indirect
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e
gopkg.in/airbrake/gobrake.v2 v2.0.9 // indirect gopkg.in/airbrake/gobrake.v2 v2.0.9 // indirect

View File

@ -49,6 +49,9 @@ func mkstat(path, relpath string, fi os.FileInfo, inodemap map[uint64]string) (*
stat.Mode = noPermPart | permPart stat.Mode = noPermPart | permPart
} }
// Clear the socket bit since archive/tar.FileInfoHeader does not handle it
stat.Mode &^= uint32(os.ModeSocket)
return stat, nil return stat, nil
} }