Merge pull request #4 from moby/20.10_update_vendor

[20.10] update BuildKit and Docker vendor
This commit is contained in:
Sebastiaan van Stijn 2022-10-18 19:43:24 +02:00 committed by GitHub
commit 9fdeb9c3de
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
19 changed files with 80 additions and 36 deletions

View File

@ -13,7 +13,7 @@ github.com/creack/pty 2a38352e8b4d7ab6c336eef107e4
github.com/davecgh/go-spew 8991bc29aa16c548c550c7ff78260e27b9ab7c73 # v1.1.1
github.com/docker/compose-on-kubernetes 1f9b5b8cb6aca13deee947511801cf89447c1bfe # v0.5.0
github.com/docker/distribution b5ca020cfbe998e5af3457fda087444cf5116496 # v2.8.1
github.com/docker/docker e42327a6d3c55ceda3bd5475be7aae6036d02db3 # v20.10.18
github.com/docker/docker 03df974ae9e6c219862907efdd76ec2e77ec930b # v20.10.20
github.com/docker/docker-credential-helpers fc9290adbcf1594e78910e2f0334090eaee0e1ee # v0.6.4
github.com/docker/go d30aec9fd63c35133f8f79c3412ad91a3b08be06 # Contains a customized version of canonical/json and is used by Notary. The package is periodically rebased on current Go versions.
github.com/docker/go-connections 7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0
@ -46,7 +46,7 @@ github.com/Microsoft/go-winio 5b44b70ab3ab4d291a7c1d28afe7
github.com/Microsoft/hcsshim 5bc557dd210ff2caf615e6e22d398123de77fc11 # v0.8.9
github.com/miekg/pkcs11 210dc1e16747c5ba98a03bcbcf728c38086ea357 # v1.0.3
github.com/mitchellh/mapstructure d16e9488127408e67948eb43b6d3fbb9f222da10 # v1.3.2
github.com/moby/buildkit 8142d66b5ebde79846b869fba30d9d30633e74aa # v0.8.1
github.com/moby/buildkit c014937225cba29cfb1d5161fd134316c0e9bdaa # v0.8.3-31-gc0149372
github.com/moby/sys 1bc8673b57550ddf85262eb0fed0aac651a37dab # symlink/v0.1.0 (latest tag, either mount/vXXX, mountinfo/vXXX or symlink/vXXX)
github.com/moby/term 3f7ff695adc6a35abc925370dd0a4dafb48ec64d
github.com/modern-go/concurrent bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3

View File

@ -17,21 +17,37 @@ type gitRepo struct {
remote string
ref string
subdir string
isolateConfig bool
}
type CloneOption func(*gitRepo)
// WithIsolatedConfig disables reading the user or system gitconfig files when
// performing Git operations.
func WithIsolatedConfig(v bool) CloneOption {
return func(gr *gitRepo) {
gr.isolateConfig = v
}
}
// Clone clones a repository into a newly created directory which
// will be under "docker-build-git"
func Clone(remoteURL string) (string, error) {
func Clone(remoteURL string, opts ...CloneOption) (string, error) {
repo, err := parseRemoteURL(remoteURL)
if err != nil {
return "", err
}
return cloneGitRepo(repo)
for _, opt := range opts {
opt(&repo)
}
return repo.clone()
}
func cloneGitRepo(repo gitRepo) (checkoutDir string, err error) {
func (repo gitRepo) clone() (checkoutDir string, err error) {
fetch := fetchArgs(repo.remote, repo.ref)
root, err := ioutil.TempDir("", "docker-build-git")
@ -45,21 +61,21 @@ func cloneGitRepo(repo gitRepo) (checkoutDir string, err error) {
}
}()
if out, err := gitWithinDir(root, "init"); err != nil {
if out, err := repo.gitWithinDir(root, "init"); err != nil {
return "", errors.Wrapf(err, "failed to init repo at %s: %s", root, out)
}
// Add origin remote for compatibility with previous implementation that
// used "git clone" and also to make sure local refs are created for branches
if out, err := gitWithinDir(root, "remote", "add", "origin", repo.remote); err != nil {
if out, err := repo.gitWithinDir(root, "remote", "add", "origin", repo.remote); err != nil {
return "", errors.Wrapf(err, "failed add origin repo at %s: %s", repo.remote, out)
}
if output, err := gitWithinDir(root, fetch...); err != nil {
if output, err := repo.gitWithinDir(root, fetch...); err != nil {
return "", errors.Wrapf(err, "error fetching: %s", output)
}
checkoutDir, err = checkoutGit(root, repo.ref, repo.subdir)
checkoutDir, err = repo.checkout(root)
if err != nil {
return "", err
}
@ -163,20 +179,20 @@ func supportsShallowClone(remoteURL string) bool {
return true
}
func checkoutGit(root, ref, subdir string) (string, error) {
func (repo gitRepo) checkout(root string) (string, error) {
// Try checking out by ref name first. This will work on branches and sets
// .git/HEAD to the current branch name
if output, err := gitWithinDir(root, "checkout", ref); err != nil {
if output, err := repo.gitWithinDir(root, "checkout", repo.ref); err != nil {
// If checking out by branch name fails check out the last fetched ref
if _, err2 := gitWithinDir(root, "checkout", "FETCH_HEAD"); err2 != nil {
return "", errors.Wrapf(err, "error checking out %s: %s", ref, output)
if _, err2 := repo.gitWithinDir(root, "checkout", "FETCH_HEAD"); err2 != nil {
return "", errors.Wrapf(err, "error checking out %s: %s", repo.ref, output)
}
}
if subdir != "" {
newCtx, err := symlink.FollowSymlinkInScope(filepath.Join(root, subdir), root)
if repo.subdir != "" {
newCtx, err := symlink.FollowSymlinkInScope(filepath.Join(root, repo.subdir), root)
if err != nil {
return "", errors.Wrapf(err, "error setting git context, %q not within git root", subdir)
return "", errors.Wrapf(err, "error setting git context, %q not within git root", repo.subdir)
}
fi, err := os.Stat(newCtx)
@ -192,13 +208,21 @@ func checkoutGit(root, ref, subdir string) (string, error) {
return root, nil
}
func gitWithinDir(dir string, args ...string) ([]byte, error) {
a := []string{"--work-tree", dir, "--git-dir", filepath.Join(dir, ".git")}
return git(append(a, args...)...)
}
func (repo gitRepo) gitWithinDir(dir string, args ...string) ([]byte, error) {
args = append([]string{"-c", "protocol.file.allow=never"}, args...) // Block sneaky repositories from using repos from the filesystem as submodules.
cmd := exec.Command("git", args...)
cmd.Dir = dir
// Disable unsafe remote protocols.
cmd.Env = append(cmd.Env, "GIT_PROTOCOL_FROM_USER=0")
func git(args ...string) ([]byte, error) {
return exec.Command("git", args...).CombinedOutput()
if repo.isolateConfig {
cmd.Env = append(cmd.Env,
"GIT_CONFIG_NOSYSTEM=1", // Disable reading from system gitconfig.
"HOME=/dev/null", // Disable reading from user gitconfig.
)
}
return cmd.CombinedOutput()
}
// isGitTransport returns true if the provided str is a git transport by inspecting

View File

@ -33,7 +33,7 @@ github.com/imdario/mergo 1afb36080aec31e0d1528973ebe6
golang.org/x/sync cd5d95a43a6e21273425c7ae415d3df9ea832eeb
# buildkit
github.com/moby/buildkit bc07b2b81b1c6a62d29981ac564b16a15ce2bfa7 # v0.8.3-4-gbc07b2b8
github.com/moby/buildkit c014937225cba29cfb1d5161fd134316c0e9bdaa # v0.8.3-31-gc0149372
github.com/tonistiigi/fsutil 0834f99b7b85462efb69b4f571a4fa3ca7da5ac9
github.com/tonistiigi/units 6950e57a87eaf136bbe44ef2ec8e75b9e3569de2
github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746
@ -50,9 +50,10 @@ github.com/grpc-ecosystem/go-grpc-middleware 3c51f7f332123e8be5a157c0802a
github.com/docker/libnetwork 0dde5c895075df6e3630e76f750a447cf63f4789
github.com/docker/go-events e31b211e4f1cd09aa76fe4ac244571fab96ae47f
github.com/armon/go-radix e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
github.com/armon/go-metrics eb0af217e5e9747e41dd5303755356b62d28e3ec
github.com/armon/go-metrics f0300d1749da6fa982027e449ec0c7a145510c3c # v0.4.1
github.com/hashicorp/go-msgpack 71c2886f5a673a35f909803f38ece5810165097b
github.com/hashicorp/memberlist 3d8438da9589e7b608a83ffac1ef8211486bcb7c
github.com/hashicorp/memberlist e6ff9b2d87a3f0f3f04abb5672ada3ac2a640223 # v0.4.0
github.com/google/btree 4030bb1f1f0c35b30ca7009e9ebd06849dd45306 # v1.1.2
github.com/sean-/seed e2103e2c35297fb7e17febb81e49b312087a2372
github.com/hashicorp/errwrap 8a6fb523712970c966eefc6b39ed2c5e74880354 # v1.0.0
github.com/hashicorp/go-sockaddr c7188e74f6acae5a989bdc959aa779f8b9f42faf # v1.0.2
@ -136,7 +137,7 @@ github.com/containerd/containerd 96c5ae04b6784e180aaeee50fba7
github.com/containerd/fifo 0724c46b320cf96bb172a0550c19a4b1fca4dacb
github.com/containerd/continuity 5ad51c7aca47b8e742f5e6e7dc841d50f5f6affd # v0.3.0
github.com/containerd/cgroups b9de8a2212026c07cec67baf3323f1fc0121e048 # v1.0.1
github.com/containerd/console 5d7e1412f07b502a01029ea20e20e0d2be31fa7c # v1.0.1
github.com/containerd/console 2f1e3d2b6afd18e8b2077816c711205a0b4d8769 # v1.0.2
github.com/containerd/go-runc 16b287bc67d069a60fa48db15f330b790b74365b
github.com/containerd/typeurl cd3ce7159eae562a4f60ceff37dada11a939d247 # v1.0.1
github.com/containerd/ttrpc bfba540dc45464586c106b1f31c8547933c1eb41 # v1.0.2

View File

@ -189,7 +189,7 @@ buildctl build \
buildctl build \
--frontend gateway.v0 \
--opt source=docker/dockerfile \
--opt context=git://github.com/moby/moby \
--opt context=https://github.com/moby/moby.git \
--opt build-arg:APT_MIRROR=cdn-fastly.deb.debian.org
```

View File

@ -1,3 +1,3 @@
package moby_buildkit_v1 //nolint:golint
package moby_buildkit_v1 //nolint:revive
//go:generate protoc -I=. -I=../../../vendor/ -I=../../../../../../ --gogo_out=plugins=grpc:. control.proto

View File

@ -1,3 +1,3 @@
package moby_buildkit_v1_types //nolint:golint
package moby_buildkit_v1_types //nolint:revive
//go:generate protoc -I=. -I=../../vendor/ -I=../../../../../ --gogo_out=plugins=grpc:. worker.proto

View File

@ -1,3 +1,4 @@
//go:build !windows
// +build !windows
package client

View File

@ -1,4 +1,4 @@
package moby_buildkit_v1_frontend //nolint:golint
package moby_buildkit_v1_frontend //nolint:revive
import "github.com/moby/buildkit/util/apicaps"

View File

@ -1,3 +1,3 @@
package moby_buildkit_v1_frontend //nolint:golint
package moby_buildkit_v1_frontend //nolint:revive
//go:generate protoc -I=. -I=../../../vendor/ -I=../../../../../../ --gogo_out=plugins=grpc:. gateway.proto

View File

@ -9,7 +9,7 @@ require (
github.com/Microsoft/hcsshim v0.8.10
github.com/codahale/hdrhistogram v0.0.0-20160425231609-f8ad88b59a58 // indirect
github.com/containerd/console v1.0.1
github.com/containerd/containerd v1.4.1-0.20201117152358-0edc412565dc
github.com/containerd/containerd v1.4.1-0.20201117152358-0edc412565dc // the actual version is replaced in replace()
github.com/containerd/continuity v0.0.0-20200710164510-efbc4488d8fe
github.com/containerd/go-cni v1.0.1
github.com/containerd/go-runc v0.0.0-20201020171139-16b287bc67d0
@ -46,6 +46,7 @@ require (
github.com/opencontainers/image-spec v1.0.1
github.com/opencontainers/runc v1.0.0-rc92
github.com/opencontainers/runtime-spec v1.0.3-0.20200728170252-4d89ac9fbff6
github.com/opencontainers/selinux v1.8.0
github.com/opentracing-contrib/go-stdlib v1.0.0
github.com/opentracing/opentracing-go v1.2.0
github.com/pkg/errors v0.9.1
@ -62,7 +63,7 @@ require (
golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9
golang.org/x/net v0.0.0-20200707034311-ab3426394381
golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208
golang.org/x/sys v0.0.0-20201013081832-0aaa2718063a
golang.org/x/sys v0.0.0-20210507161434-a76c4d0a0096
golang.org/x/time v0.0.0-20200416051211-89c76fbcd5d1
// genproto: the actual version is replaced in replace()
google.golang.org/genproto v0.0.0-20200527145253-8367513e4ece
@ -70,6 +71,16 @@ require (
)
replace (
// containerd: vendoring from the docker/20.10 branch in https://github.com/moby/containerd
//
// Forked from 0edc412565dcc6e3d6125ff9e4b009ad4b89c638 (20201117) with:
// - `images: validate document type before unmarshal` (eb9ba7ed8d46d48fb22362f9d91fff6fb837e37e)
// - `schema1: reject ambiguous documents` (70c88f507579277ab7af23b06666e3b57d4b4f2d)
// - `Fix the Inheritable capability defaults` (6906b57c721f9114377ceb069662b196876915c0)
// - `Adjust overlay tests to expect "index=off"` (#4719, for ease of cherry-picking #5076)
// - `overlay: support "userxattr" option (kernel 5.11)` (#5076)
// - `docker: avoid concurrent map access panic` (#4855)
github.com/containerd/containerd => github.com/moby/containerd v0.0.0-20220901192706-96c5ae04b678
// protobuf: corresponds to containerd
github.com/golang/protobuf => github.com/golang/protobuf v1.3.5
github.com/hashicorp/go-immutable-radix => github.com/tonistiigi/go-immutable-radix v0.0.0-20170803185627-826af9ccf0fe

View File

@ -14,7 +14,7 @@ func init() {
typeurl.Register((*Solve)(nil), "github.com/moby/buildkit", "errdefs.Solve+json")
}
//nolint:golint
//nolint:revive
type IsSolve_Subject isSolve_Subject
// SolveError will be returned when an error is encountered during a solve that

View File

@ -1,3 +1,3 @@
package moby_buildkit_v1_apicaps //nolint:golint
package moby_buildkit_v1_apicaps //nolint:revive
//go:generate protoc -I=. -I=../../../vendor/ -I=../../../../../../ --gogo_out=plugins=grpc:. caps.proto

View File

@ -1,3 +1,4 @@
//go:build !windows
// +build !windows
package appcontext

View File

@ -1,3 +1,4 @@
//go:build !windows
// +build !windows
package appdefaults

View File

@ -1,3 +1,4 @@
//go:build !windows
// +build !windows
package system

View File

@ -1,3 +1,4 @@
//go:build windows
// +build windows
package system

View File

@ -1,3 +1,4 @@
//go:build linux && seccomp
// +build linux,seccomp
package system

View File

@ -1,3 +1,4 @@
//go:build !linux && seccomp
// +build !linux,seccomp
package system

View File

@ -1,3 +1,4 @@
//go:build !seccomp
// +build !seccomp
package system