Commit Graph

218 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 0e4bd30cfe
cli/command/image/build: G107: Potential HTTP request made with variable url (gosec)
cli/command/image/build/context.go:235: G107: Potential HTTP request made with variable url (gosec)
    	if resp, err = http.Get(url); err != nil {

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-31 19:22:28 +01:00
Silvin Lubecki b83545ebbc
cli/command/image/build/context_test.go:244:38: `createTestTempDir` - `prefix` always receives `"builder-context-test"` (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:25 +01:00
Silvin Lubecki 75c60c1af7
cli/command/image/build_session.go:133:45: getBuildSharedKey - result 1 (error) is always nil (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:18 +01:00
Silvin Lubecki 28ac2f82c6
cli/command/image/build_buildkit.go:450:56: parseSSH - result 1 (error) is always nil (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:18 +01:00
Silvin Lubecki 0ce2eae5a2
cli/command/image/build/context_test.go:252:71: `createTestTempFile` - `perm` always receives `0777` (`511`) (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:17 +01:00
Silvin Lubecki 70bd64d037
cli/command/image/build/context_test.go:244:38: `createTestTempDir` - `dir` always receives `""` (unparam)
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-10-31 19:22:17 +01:00
Sebastiaan van Stijn 2eb5cdba46
Merge pull request #2087 from shahzzzam/sam/fix-print
fix formatting issue of encoded url
2019-10-29 12:28:09 +01:00
Sebastiaan van Stijn 7eecbb96af
Annotate flags that are not supported by Buildkit
Before this patch:

```

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --cgroup-parent string    Optional parent cgroup for the container
      --cpu-period int          Limit the CPU CFS (Completely Fair Scheduler) period
      --cpu-quota int           Limit the CPU CFS (Completely Fair Scheduler) quota
  -c, --cpu-shares int          CPU shares (relative weight)
      --cpuset-cpus string      CPUs in which to allow execution (0-3, 0,1)
      --cpuset-mems string      MEMs in which to allow execution (0-3, 0,1)
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --force-rm                Always remove intermediate containers
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
  -m, --memory bytes            Memory limit
      --memory-swap bytes       Swap limit equal to memory plus swap: '-1' to enable unlimited swap
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --rm                      Remove intermediate containers after a successful build (default true)
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --security-opt strings    Security options
      --shm-size bytes          Size of /dev/shm
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
      --ulimit ulimit           Ulimit options (default [])
```

With this patch applied:

```
DOCKER_BUILDKIT=1 docker build --help

Usage:	docker build [OPTIONS] PATH | URL | -

Build an image from a Dockerfile

Options:
      --add-host list           Add a custom host-to-IP mapping (host:ip)
      --build-arg list          Set build-time variables
      --cache-from strings      Images to consider as cache sources
      --disable-content-trust   Skip image verification (default true)
  -f, --file string             Name of the Dockerfile (Default is 'PATH/Dockerfile')
      --iidfile string          Write the image ID to the file
      --isolation string        Container isolation technology
      --label list              Set metadata for an image
      --network string          Set the networking mode for the RUN instructions during build (default "default")
      --no-cache                Do not use cache when building the image
  -o, --output stringArray      Output destination (format: type=local,dest=path)
      --platform string         Set platform if server is multi-platform capable
      --progress string         Set type of progress output (auto, plain, tty). Use plain to show container output (default "auto")
      --pull                    Always attempt to pull a newer version of the image
  -q, --quiet                   Suppress the build output and print image ID on success
      --secret stringArray      Secret file to expose to the build (only if BuildKit enabled): id=mysecret,src=/local/secret
      --squash                  Squash newly built layers into a single new layer
      --ssh stringArray         SSH agent socket or keys to expose to the build (only if BuildKit enabled) (format: default|<id>[=<socket>|<key>[,<key>]])
  -t, --tag list                Name and optionally a tag in the 'name:tag' format
      --target string           Set the target build stage to build.
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-10-04 15:55:04 +02:00
Tibor Vass c3990f3ba6 build: remove --stream
--stream was always experimental and this patch removes the functionality.

Users should enable BuildKit with DOCKER_BUILDKIT=1

Signed-off-by: Tibor Vass <tibor@docker.com>
2019-10-01 18:30:46 +00:00
Sam ee76ac8f93 fix formatting issue of encoded urlSigned-off-by: Sam <samashah@microsoft.com> 2019-09-25 22:58:04 +00:00
Tibor Vass 0df5d6427e vendor: update buildkit to 10cef0c and fsutil 7f9f923
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-09-24 00:11:38 +00:00
knqyf263 7634872a39 fix(pull_test): for quiet option
Signed-off-by: Teppei Fukuda <knqyf263@gmail.com>
2019-08-27 18:23:24 +09:00
Tibor Vass 529ef6e89a vendor buildkit to f238f1e
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-14 01:29:18 +00:00
Tibor Vass daca70d820 build: add --platform local
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:25:40 +00:00
Tibor Vass 8adcedd658 build: honor BUILDKIT_PROGRESS env config
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-05-07 22:16:01 +00:00
Tibor Vass 45ec86b10f vendor github.com/docker/docker to bcaa613d823
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-03 20:57:18 +00:00
Sebastiaan van Stijn 7ad850e58d
Merge pull request #1800 from tonistiigi/update-buildkit
vendor: update buildkit to 62e55427
2019-04-03 16:56:05 +02:00
Tonis Tiigi 198407c56b vendor: update buildkit to 62e55427
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-02 23:40:56 -07:00
Nao YONASHIRO 446762dc19 test: add filepathMatches test
Signed-off-by: Nao YONASHIRO <owan.orisano@gmail.com>
2019-03-28 01:22:11 +09:00
Nao YONASHIRO b41ddc6058 feat: improves ValidateContextDirectory performance
Signed-off-by: Nao YONASHIRO <owan.orisano@gmail.com>
2019-03-28 01:20:42 +09:00
Lifubang 06e250d37b add test case for DetectArchiveReader
Signed-off-by: Lifubang <lifubang@acmcoder.com>
2019-03-21 15:38:31 -07:00
Kir Kolyshkin 0c20554f69 image build: fix archive detection
As pointed out in #1459, docker cli fails to detect that the input is a tarball,
in case it is generated by `git archive --format=tgz`.

This happens because `git archive` adds some metadata to the initial tar header,
and so it is more than 1 block (of 512 bytes) long, while we only provide 1 block
to archive/tar.Next() and it fails.

To fix, give it 2 blocks :)

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2019-03-21 15:38:07 -07:00
Tonis Tiigi ca6eb5049b build: allow setting buildkit outputs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-21 10:27:59 -07:00
Sebastiaan van Stijn f2424bd375
Fix labels copying value from environment variables
This patch fixes a bug where labels use the same behavior as `--env`, resulting
in a value to be copied from environment variables with the same name as the
label if no value is set (i.e. a simple key, no `=` sign, no value).

An earlier pull request addressed similar cases for `docker run`;
2b17f4c8a8, but this did not address the
same situation for (e.g.) `docker service create`.

Digging in history for this bug, I found that use of the `ValidateEnv`
function for  labels was added in the original implementation of the labels feature in
abb5e9a077 (diff-ae476143d40e21ac0918630f7365ed3cR34)

However, the design never intended it to expand environment variables,
and use of this function was either due to either a "copy/paste" of the
equivalent `--env` flags, or a misunderstanding (the name `ValidateEnv` does
not communicate that it also expands environment variables), and the existing
`ValidateLabel` was designed for _engine_ labels (which required a value to
be set).

Following the initial implementation, other parts of the code followed
the same (incorrect) approach, therefore leading the bug to be introduced
in services as well.

This patch:

- updates the `ValidateLabel` to match the expected validation
  rules (this function is no longer used since 31dc5c0a9a),
  and the daemon has its own implementation)
- corrects various locations in the code where `ValidateEnv` was used instead of `ValidateLabel`.

Before this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker service inspect --format '{{json .Spec.Labels}}' test
{"SOME_ENV_VAR":"I_AM_SOME_ENV_VAR"}
```

After this patch:

```bash
export SOME_ENV_VAR=I_AM_SOME_ENV_VAR
docker service create --label SOME_ENV_VAR --tty --name test busybox

docker container inspect --format '{{json .Config.Labels}}' test
{"SOME_ENV_VAR":""}
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 03:01:57 +01:00
Tonis Tiigi 2caffb12c7 build: enable platform flag for build if buildkit
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-18 10:37:08 -07:00
Silvin Lubecki b1d27091e5
Merge pull request #1515 from sw-pschmied/1514-prevent-replacing-irregular-files
Prevent overwriting irregular files (cp, save, export commands)
2019-02-07 10:05:02 +01:00
Philipp Schmied 7632776b35 Prevent overwriting irregular files (cp, save, export commands)
Signed-off-by: Philipp Schmied <pschmied@schutzwerk.com>
2019-02-07 09:17:35 +01:00
Tonis Tiigi 27b2797f7d Remove docker api dependency from cli/config
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-01-31 21:25:43 +00:00
Silvin Lubecki eb0ba4f8d5 Extract streams helpers from command package to their own package to remove a cyclic dependency from command to internal/containerizedengine
Aliasing old types
* streams.InStream -> streams.In
* streams.NewInStream -> streams.NewIn
* streams.OutStream -> streams.Out
* streams.NewOutStream -> streams.NewOut

Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2019-01-28 14:36:00 +01:00
Vincent Demeester dd3407b6cc
Add option to pull images quietly
Add `--quiet` to the `docker image pull` subcommand that will not pull
the image quietly.

```
$ docker pull -q golang
Using default tag: latest
```

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-12-19 13:48:41 +01:00
Tibor Vass b991b6236a prune: use filters.Args.Clone()
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-12-10 16:48:59 +00:00
Sebastiaan van Stijn 1e1dd5bca4
Fix panic when pruning images with label-filter
Before this change:

    docker image prune --force --filter "label=foobar"
    panic: assignment to entry in nil map

    goroutine 1 [running]:
    github.com/docker/cli/vendor/github.com/docker/docker/api/types/filters.Args.Add(...)
    /go/src/github.com/docker/cli/vendor/github.com/docker/docker/api/types/filters/parse.go:167
    github.com/docker/cli/cli/command/image.runPrune(0x1db3a20, 0xc000344cf0, 0x16e0001, 0xc00015e600, 0x4, 0x3, 0xc00024e160, 0xc000545c70, 0x5ab4b5)
    /go/src/github.com/docker/cli/cli/command/image/prune.go:79 +0xbaf
    github.com/docker/cli/cli/command/image.NewPruneCommand.func1(0xc00029ef00, 0xc0004a8180, 0x0, 0x3, 0x0, 0x0)
    /go/src/github.com/docker/cli/cli/command/image/prune.go:32 +0x64
    github.com/docker/cli/vendor/github.com/spf13/cobra.(*Command).execute(0xc00029ef00, 0xc000038210, 0x3, 0x3, 0xc00029ef00, 0xc000038210)
    /go/src/github.com/docker/cli/vendor/github.com/spf13/cobra/command.go:762 +0x473
    github.com/docker/cli/vendor/github.com/spf13/cobra.(*Command).ExecuteC(0xc000127180, 0xc000272770, 0x1836ce0, 0xc000272780)
    /go/src/github.com/docker/cli/vendor/github.com/spf13/cobra/command.go:852 +0x2fd
    github.com/docker/cli/vendor/github.com/spf13/cobra.(*Command).Execute(0xc000127180, 0xc000127180, 0x1d60880)
    /go/src/github.com/docker/cli/vendor/github.com/spf13/cobra/command.go:800 +0x2b
    main.main()
    /go/src/github.com/docker/cli/cmd/docker/docker.go:180 +0xdc

With this patch applied:

    docker image prune --force --filter "label=foobar"
    Total reclaimed space: 0B

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-12-07 17:56:31 +01:00
Tibor Vass 6c10abb247 prune: move image pruning before build cache pruning
This is cleaner because running system prune twice in a row
now results in a no-op the second time.

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-11-21 05:33:36 +00:00
Vincent Demeester 69fdd2a4ad
formatter package heavy refactoring
- make it possible to extract the formatter implementation from the
  "common" code, that way, the formatter package stays small
- extract some formatter into their own packages

This is essentially moving the "formatter" implementation of each type
in their respective packages. The *main* reason to do that, is to be
able to depend on `cli/command/formatter` without depending of the
implementation detail of the formatter. As of now, depending on
`cli/command/formatter` means we depend on `docker/docker/api/types`,
`docker/licensing`, … — that should not be the case. `formatter`
should hold the common code (or helpers) to easily create formatter,
not all formatter implementations.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-10-23 17:05:44 +02:00
Tibor Vass 3e8c41beb0 build: update session support detection
Avoid testing for session support in non-buildkit builder to support
servers that falsely report as `1.39` compatible

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-10-22 20:52:56 +00:00
Tibor Vass bbd01fe3df build: only show buildkit-specific flags if buildkit is enabled
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-10-10 21:09:22 +00:00
Tibor Vass ab50c2f2b2
Merge pull request #1419 from AkihiroSuda/dfssh
build: add SSH agent socket forwarder (`docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK`)
2018-10-09 13:43:27 -07:00
Li Yi 814ced4b30 Using strings.Builder instead of string appending
Signed-off-by: Li Yi <denverdino@gmail.com>
2018-10-09 10:38:21 +08:00
Akihiro Suda db7399a016 build: add SSH agent socket forwarder (`docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK`)
Unlike `docker build --secret`, `docker build --ssh` allows the build container to
use SSH keys with passphrases.

  $ eval $(ssh-agent)
  $ ssh-add ~/.ssh/id_rsa
  (Input your passphrase here)
  $ docker build --ssh default=$SSH_AUTH_SOCK ...

This feature requires the daemon with `CapExecMountSSH` build capability (moby/moby#37973) .

Currently, the official Dockerfile frontend does not provide the syntax for using the SSH forwarder.

However, the experimental `RUN --mount=type=ssh` syntax can be enabled by using
the Dockerfile frontend image built with the `BUILDTAGS="dfrunmount dfssh"`, via the `# syntax =` "shebang".

The Dockerfile for the Dockerfile frontend is available at  github.com/moby/buildkit/frontend/dockerfile/cmd/dockerfile-frontend)
The pre-built image is also available as `tonistiigi/dockerfile:ssh20181002` .

An example Dockerfile with `RUN --mount=type=ssh`:

  # syntax = tonistiigi/dockerfile:ssh20181002
  FROM alpine
  RUN apk add --no-cache openssh-client
  RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
  RUN --mount=type=ssh ssh git@gitlab.com | tee /hello
  # "Welcome to GitLab, @GITLAB_USERNAME_ASSOCIATED_WITH_SSHKEY" should be printed here

More info available at moby/buildkit#608, moby/buildkit#655

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-05 19:56:32 +09:00
Akihiro Suda 846c38cbd7 bump up buildkit
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-05 18:14:03 +09:00
John Howard b55a0b681f LCOW: --platform on import (already in API)
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-09-13 15:04:04 -07:00
Sebastiaan van Stijn a500c394df
Move "session" support out of experimental for API 1.39 and up
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-08-22 00:51:19 +02:00
Sebastiaan van Stijn 60c75fda67
Remove "experimental" annotations for buildkit
BuildKit can now be enabled without the daemon having
experimental features enabled.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-08-22 00:38:59 +02:00
Anda Xu acf43b62b5 vendor dependency
Signed-off-by: Anda Xu <anda.xu@docker.com>
2018-08-20 15:32:25 -07:00
Anda Xu ef09ca8987 enable buildkit as builder from daemon; no env var needs to be set
Signed-off-by: Anda Xu <anda.xu@docker.com>
2018-08-20 11:59:39 -07:00
Tibor Vass 50f918801f build: Remove API requirement for --progress as it is CLI only
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-08-17 16:24:02 +00:00
Tibor Vass c4c4825591 build: implement build secrets with buildkit
This patch implements `docker build --secret id=mysecret,src=/secret/file`
for buildkit frontends that request the mysecret secret.

It is currently implemented in the tonistiigi/dockerfile:secrets20180808
frontend via RUN --mount=type=secret,id=mysecret

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-08-17 14:01:32 +00:00
Tibor Vass faeb8bb571 build: change --console=[auto,false,true] to --progress=[auto,plain,tty]
This changes the experimental --console flag to --progress following
feedback indicating avoidable confusion.

In addition to naming changes, the help output now has an additional
clarification, specifically: container output during builds are only
shown when progress output is set to plain. Not mentioning this was also
a big cause of confusion.

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-08-07 18:18:13 +00:00
Silvin f285fe67e9
Merge pull request #1163 from thaJeztah/bump_engine
bump docker and dependencies
2018-07-04 16:17:12 +02:00
Sebastiaan van Stijn 5f6d5c7328 Bump docker and dependencies
Updates docker/docker to 1436dc8f8d0f6f60b6e335fbd918d6b22ee6574d,
matching 18.06.0-rc1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-07-04 01:14:40 +00:00
Tibor Vass 721000e6c9 build: use strconv.ParseBool to parse DOCKER_BUILDKIT to allow value "0"
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-07-03 23:14:06 +00:00
Tibor Vass c7e85c09d2 build: --iidfile support with buildkit
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-07-03 19:11:11 +00:00
Vincent Demeester e43c7920ea
Export Push and Save
As we did for `Pull`, it will be helpful to expose the push and save
implementation.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-14 15:48:21 +02:00
Andrew Hsu 2daec78609
Merge pull request #1111 from tiborvass/experimental-buildkit
Support for experimental BuildKit
2018-06-13 18:21:41 -07:00
Tibor Vass b3a5c153d5 build: address some review nits
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 22:40:31 +00:00
Tibor Vass 5a103e1844 build: change --no-console to --console=[true|false|auto]
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 21:07:11 +00:00
Tibor Vass 00792d1704 build: ensure temporary folder is removed in error case
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:29 +00:00
Tibor Vass aef42093b8 build: skip moby.buildkit.trace Aux message to be future proof
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Tibor Vass 5919e8a30f build: fix lint issues + refactor
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Tibor Vass 15674d9ee9 build: simplify Close logic in WriteTempDockerfile
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Tibor Vass ed75f6202b build: add experimental --no-console flag to support non-tty human-readable output with buildkit
Unfortunately, this is for now the only way to see the output of RUN commands when using buildkit.
It is equivalent to `DOCKER_BUILDKIT=1 docker build . 2>&1 | cat`

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Tibor Vass b2b3f9c461 build: setting DOCKER_BUILDKIT environment variable to any non-empty string enables the use of buildkit
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Tibor Vass 640cbb8d2f build: fix output handling with buildkit (quiet option, redirects)
With this patch the following become true even with buildkit enabled:
1. `docker build -q .` only outputs the created image's sha256 ID.
2. `docker build -q .` outputs as if no `-q` was specified, if error occurred
3. `docker build . &> out` outputs JSON (instead of TTY characters)

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Tibor Vass 82f0e1e5d8 build: fix `-f` handling with buildkit
This commit brings a more pedantic change in the following ambiguous case:
cat Dockerfile | docker build -f otherDockerfile -

The legacy builder does not error out and prefers the Dockerfile from stdin
while the buildkit-based one errors out.

Note that this is only in the case where stdin is a Dockerfile (not an archive)

Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-13 18:32:28 +00:00
Silvin 4cb3c70f36
Merge pull request #1121 from vdemeester/gotestyourself-with-tools
Update gotestyourself to gotest.tools
2018-06-11 14:49:20 +02:00
Tibor Vass 89e102474c build: error out if buildkit is on and stdin is used for both dockerfile and context
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-09 20:51:34 +00:00
Tibor Vass 5314a8fc06 build: Add support for using dockerfile from stdin with buildkit
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-09 20:51:34 +00:00
Tibor Vass e0b3921a03 build: Add support for using context from stdin with buildkit
Signed-off-by: Tibor Vass <tibor@docker.com>
2018-06-09 20:51:34 +00:00
Tonis Tiigi 8cf213bd0c build: use a separate upload request for early progress
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-09 20:51:34 +00:00
Tonis Tiigi 0f97642915 build: basic buildkit progress support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-09 20:51:34 +00:00
Tonis Tiigi 656fe85c74 build: add experimental buildkit base
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-09 20:51:30 +00:00
Vincent Demeester 2c4de4fb5e
Update tests to use gotest.tools 👼
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 18:24:26 +02:00
Vincent Demeester b1065767cd
Bump moby version (and its dependencies)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 11:26:10 +02:00
Vincent Demeester 8b3dc39fce
Fix panics when --compress and --stream are used together
Warns that `-compress` has no effect when used together with the
expremintal `--stream` flag.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-01 18:34:00 +02:00
Zachary Romero b6cf6d87ae Add String method so quieted output displays properly
Fixes #1089

Signed-off-by: Zachary Romero <zacromero3@gmail.com>
2018-05-29 05:30:17 +03:00
Sebastiaan van Stijn 9a89c32e9a
Merge pull request #1053 from justyntemme/patch-3
Change error message for unreadable files
2018-05-22 00:12:46 +02:00
Mathieu Champlon 5d54584f03 Bump moby to d37f5c6bdf788a6cb82c07fb707e31a240eff5f9
Also bringing:
. golang.org/x/net 5561cd9b4330353950f399814f427425c0a26fd2
. github.com/docker/distribution 83389a148052d74ac602f5f1d62f86ff2f3c4aa5
. github.com/docker/swarmkit bd69f6e8e301645afd344913fa1ede53a0a111fb
. github.com/docker/go-metrics d466d4f6fd960e01820085bd7e1a24426ee7ef18
. github.com/prometheus/client_golang 52437c81da6b127a9925d17eb3a382a2e5fd395e
. github.com/beorn7/perks 4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9
. github.com/prometheus/client_model fa8ad6fec33561be4280a8f0514318c79d7f6cb6
. github.com/prometheus/common ebdfc6da46522d58825777cf1f90490a5b1ef1d8
. github.com/prometheus/procfs abf152e5f3e97f2fafac028d2cc06c1feb87ffa5
. github.com/matttproud/golang_protobuf_extensions v1.0.0

Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>
2018-05-18 11:44:14 +02:00
Kir Kolyshkin 6f8070deb2 Switch from x/net/context to context
Since go 1.7, "context" is a standard package. Since go 1.9,
x/net/context merely provides some types aliased to those in
the standard context package.

The changes were performed by the following script:

for f in $(git ls-files \*.go | grep -v ^vendor/); do
	sed -i 's|golang.org/x/net/context|context|' $f
	goimports -w $f
	for i in 1 2; do
		awk '/^$/ {e=1; next;}
			/\t"context"$/ {e=0;}
			{if (e) {print ""; e=0}; print;}' < $f > $f.new && \
				mv $f.new $f
		goimports -w $f
	done
done

[v2: do awk/goimports fixup twice]
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2018-05-11 16:49:43 -07:00
Justyn Temme c2a35cfa1a Change error message for unreadable files
Fix for https://github.com/docker/for-linux/issues/44

Signed-off-by: Justyn Temme <justyntemme@gmail.com>
2018-05-11 13:03:19 -05:00
Daniel Hiltgen 812f113685 Export pull as a public function
It will be helpful to expose the pull implementation which supports
pulling private images for other CLI commands that rely on helper images.

Signed-off-by: Daniel Hiltgen <daniel.hiltgen@docker.com>
2018-04-27 12:21:19 -07:00
Tonis Tiigi a1cbaa827b vendor: update moby to ed7b6428
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-03-27 14:11:29 -07:00
Daniel Nephin 0f1bb35342 Refactor build tests to re-use more code and not require root
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-26 14:27:52 -04:00
Sebastiaan van Stijn c0ffb9491c
Merge pull request #924 from vdemeester/trust-suite-tests
Add some content trust tests
2018-03-19 11:24:00 +01:00
Vincent Demeester 8b00c5cfd8
Add more content trust tests
Importing from moby's DockerTrustSuite tests.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-03-19 10:02:40 +01:00
Vincent Demeester 63ebcae382
Small content trust enhancement
- `replaceDockerfileForContentTrust` is only used when content trust is
  enabled, so remove the boolean.
- rename `isContentTrustEnabled` to `contentTrustEnabled`

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-03-14 17:55:19 +01:00
Daniel Nephin feae0e9756 Only read trust setting from options
Rename IsTrusted to ContentTrustEnabled

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-08 16:46:30 -05:00
Vincent Demeester 6e21829af4 Refactor content_trust cli/flags handling
Remove the global variable used. Allows easier unit testing.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-03-08 15:00:43 -05:00
Sebastiaan van Stijn 82f325ed81
Merge pull request #925 from dnephin/add-build-test-symlink
Add a build unit test for symlinked context
2018-03-08 18:52:43 +01:00
Daniel Nephin 00b803b2d8 Add a build unit test for symlinked context
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-07 13:04:33 -05:00
Vincent Demeester 0cf2e6353a
Fixes some unit tests to be able to run them on windows
Some of them are skipped for now (because the feature is not supported
or needs more work), some of them are fixed.

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-03-07 18:18:13 +01:00
Daniel Nephin e15b208e96 Convert assert.Check(t, is.Error()) to assert.Error
git grep -l -P '^\s+assert\.Check\(t, is\.Error\(' | \
    xargs perl -pi -e 's/^(\s+assert\.)Check\(t, is\.Error\((.*)\)$/\1Error(t, \2/'

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 16:00:28 -05:00
Daniel Nephin 078cbc9c4b Convert assert.Check with
git grep -l -P '^\s+assert\.Check\(t, ' | \
    xargs perl -pi -e 's/^(\s+assert)\.Check(\(t, (?!is).*(\.Execute\(|\.Set\(|\.Write\(|\.Close\(|\.Untar\(|\.WriteFile\(|Validate\().*\)$)/\1.NilError\2/'

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 15:43:53 -05:00
Daniel Nephin baf65a5502 Convert to assert.NilError
Using:

  git grep -l '^\s\+assert\.Check(t, err)$' | \
    xargs sed -i -e 's/^\(\s\+assert\)\.Check(t, err)$/\1.NilError(t, err)/'

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 15:27:34 -05:00
Daniel Nephin 0f11a310fd dont prompt for github creds in unit test
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 15:27:09 -05:00
Daniel Nephin 681c921528 Remove testutil
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-06 14:38:35 -05:00
Daniel Nephin 5155cda716 Post migration fixes
Fix tests that failed when using cmp.Compare()
internal/test/testutil/assert
InDelta
Fix DeepEqual with kube metav1.Time
Convert some ErrorContains to assert

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-05 19:41:17 -05:00
Daniel Nephin 39c2ca57c1 Automated migration
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-05 19:41:17 -05:00
Daniel Nephin 93615dd967 Update some assertions.
and fix some tests

Signed-off-by: Daniel Nephin <dnephin@docker.com>
2018-03-05 17:15:24 -05:00
Sebastiaan van Stijn a1048523d2
Allow Dockerfile from outside build-context
Historically, the Dockerfile had to be insde the build-context, because it was
sent as part of the build-context.

3f6dc81e10
added support for passing the Dockerfile through stdin, in which case the
contents of the Dockerfile is injected into the build-context.

This patch uses the same mechanism for situations where the location of the
Dockerfile is passed, and its path is outside of the build-context.

Before this change:

    $ mkdir -p myproject/context myproject/dockerfiles && cd myproject
    $ echo "hello" > context/hello
    $ echo -e "FROM busybox\nCOPY /hello /\nRUN cat /hello" > dockerfiles/Dockerfile
    $ docker build --no-cache -f $PWD/dockerfiles/Dockerfile $PWD/context

    unable to prepare context: the Dockerfile (/Users/sebastiaan/projects/test/dockerfile-outside/myproject/dockerfiles/Dockerfile) must be within the build context

After this change:

    $ mkdir -p myproject/context myproject/dockerfiles && cd myproject
    $ echo "hello" > context/hello
    $ echo -e "FROM busybox\nCOPY /hello /\nRUN cat /hello" > dockerfiles/Dockerfile
    $ docker build --no-cache -f $PWD/dockerfiles/Dockerfile $PWD/context

    Sending build context to Docker daemon  2.607kB
    Step 1/3 : FROM busybox
     ---> 6ad733544a63
    Step 2/3 : COPY /hello /
     ---> 9a5ae1c7be9e
    Step 3/3 : RUN cat /hello
     ---> Running in 20dfef2d180f
    hello
    Removing intermediate container 20dfef2d180f
     ---> ce1748f91bb2
    Successfully built ce1748f91bb2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-02-20 16:50:49 +01:00
Akim Demaille f83aa7b705 Remove: add missing eol when --force is passed
Signed-off-by: Akim Demaille <akim.demaille@docker.com>
2018-01-16 09:29:53 +01:00