Acb/upstream update #28
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Unlike .gitignore, `*.md` in .dockerignore doesn't match `subdir/foo.md`. While the logic is in github.com/moby/patternmatcher, it is worth to note the difference in the reference document. Signed-off-by: Kazuyoshi Kato <kaz@fly.io>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
We can't avoid squashing even after just fixing up whiteout timestamps; Squashing is still needed to apply the `touch`-ed timestamps across multiple `RUN` instructions. Squashing will no longer be needed if we can merge PR 3560. Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
This commit adds three test cases for the `WithUser` function in the client's `llb` package. These tests cover different use cases of the `WithUser` function: - "root:root": Tests the scenario where both the user and the group are root. - "foo:bar": Tests the scenario where a non-root user and group are specified. - "uid:gid": Tests the scenario where the user and group are specified by their numeric IDs. These run a few previously untested paths which increases code coverage a bit. Signed-off-by: Jakub Ciolek <jakub@ciolek.dev>
The os.RemoveAll() call returns nil if the path doesn't exist. When the rmPath function is called with allowNotFound set to false, it doesn't change the behaviour of the function. Change the code so if allowNotFound is set to false, we first check whether the file exists. If it doesn't exist, return an error. Add tests for three relevant cases. Signed-off-by: Jakub Ciolek <jakub@ciolek.dev>
Signed-off-by: Guilhem Charles <guilhem.charles@gmail.com>
Fix a potential denial of service in logrus.Writer() that could be triggered by logging text longer than 64kb without newlines. full diff: sirupsen/logrus@v1.9.0...v1.9.3 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: golang/sys@v0.7.0...v0.8.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
no changes in vendored files full diff: golang/text@v0.8.0...v0.9.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- http2: properly discard data received after request/response body is closed - http2: don't reuse connections that are experiencing errors - internal/socks: permit authenticating with an empty password full diff: golang/net@v0.8.0...v0.10.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Fix a panic when `auths: null` is found in the CLI config file. full diff: docker/cli@v24.0.4...v24.0.5 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
No other parts of the progress rendering modify the inputs, so we should avoid this as well. This actually fixes an edge case in pushWithMoby which writes the same VertexStatus multiple times, modifying the timestamps and similar. However, if the operation takes long enough the small time difference can accumulate, and move the Start time far into the past. Signed-off-by: Justin Chadwell <me@jedevc.com>
Before this, CopyFileWriter just used metadata.NewOutgoingContext to set metadata, which results in any pre-existing metadata from the provided context to be removed. Now, it gets the current metadata and then sets its own on top of that, so any pre-existing unrelated metadata is retained. Signed-off-by: Erik Sipsma <erik@sipsma.dev>
This avoids duplication of the AttemptUnpackDockerCompatability handling. Signed-off-by: Justin Chadwell <me@jedevc.com>
- don't use a temp-file for the test as all we need is a reader - use a const and string-literal for the test-content, which makes it slightly more readable - don't use hard-coded tests for each line, but use an "expected" slice - don't fail early if line-numbers don't match Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Use "doc links" where possible, and better describe the function. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
While this function would usually be used for read a `.dockerignore` file,
it accepts a Reader and can also be used to handle ignore patterns from
other files (e.g. `Dockerfile.dockerignore`) or other sources. The error
was also wrapped multiple times in some code-paths, which could lead to
an error being formatted as:
failed to parse dockerignore: error reading .dockerignore: <some error>
Let's remove mention of the `.dockerignore` filename from the error, and
leave it to the caller to include the filename.
This patch also brings the MainContext dockerignore error inline with the
NamedContext dockerignore error, now printing the exact name of the file.
Co-authored-by: Justin Chadwell <me@jedevc.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Justin Chadwell <me@jedevc.com>
Signed-off-by: Justin Chadwell <me@jedevc.com>
Signed-off-by: Justin Chadwell <me@jedevc.com>
We can't just add new build-tags, since this tests only the combination of all of the provided tags. For the instance of nydus, we need to test with *and* without the build tag. Signed-off-by: Justin Chadwell <me@jedevc.com>
vendor: github.com/docker/cli v24.0.5
Signed-off-by: Justin Chadwell <me@jedevc.com>
Signed-off-by: Justin Chadwell <me@jedevc.com>
chore: remove old `no_{oci,containerd}_worker` build tags
Buildkit code is mostly generic enough to support FreeBSD, however
there are some quirks / infrastructural pieces that need to be
addressed for full support, to name some
- contenthash.NewFromStat attempts to set Devmajor / Devminor for
regular files, assuming that RDev is zero for regular
files. Unlike on Linux, it's not the case for FreeBSD.
- containerdexecutor.Run uses bind mounts for rootfs. Bind mounts
are not supported in FreeBSD and we should use nullfs instead
- There is no CI job to run tests on FreeBSD
- Some dependencies weren't ported
This change ports buildkit to FreeBSD
Signed-off-by: Artem Khramov <akhramov@pm.me>
Co-authored-by: Akihiro Suda <suda.kyoto@gmail.com>
Signed-off-by: Justin Chadwell <me@jedevc.com>
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
…references Correctly set the content based selector when multiple bind mounts refer to the same source. Previously, a selector that referred to the root filesystem would be ignored. This is because a blank selector refers to the root filesystem. When two bind mounts referred to the same dependency, one mount would add a selector while the other would be skipped. This caused the cache key to be only computed based on the more narrow filesystem which caused erroneous cache hits. Now, the creation of the selector includes the root filesystem for consideration. It fills in `/` as the selector and then removes it later so that we don't narrow the selection in an invalid way. Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
diff: gzip with custom level should be compressed by BuildKit's differ
…d-mounts solver: correctly set the content selector with multiple bind mounts references
Bottlerocket favors API configurations instead of manual calls to configure sysctl knobs Signed-off-by: Arnaldo Garcia Rincon <agarrcia@amazon.com>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com> Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
docs/rootless: use Bottlerocket's API configurations
Co-authored-by: Marat Radchenko <marat@slonopotamus.org> Signed-off-by: Justin Chadwell <me@jedevc.com>
Co-authored-by: CrazyMax <github@crazymax.dev> Signed-off-by: Justin Chadwell <me@jedevc.com>
Add options to specify containerd runtime (alternative)
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This introduces a debug variant of the buildkit docker image. This version builds the binary in a way that disables optimizations so that it can be run properly with delve. It also builds and installs delve only in the debug variant of the image. For the debug variant, a shim `buildkitd` binary is created that execs with the proper arguments to delve and forwards to the underlying binary. In order to use this version, you can set `--build-arg BUILD_VARIANT=debug` and it will pick up this version of the image. The default is `release`. The debug variant is only available for linux and the variant is ignored for any other target os. Most other targets don't support `buildkitd` at all so the only os this affects is freebsd. delve is exposed on port 5000 by default and this can be accessed from the host by using `-p 5000:5000`. If there is a port conflict on the host, `-p XXXX:5000` can be used instead. It's also highly recommended that you do `-p 127.0.0.1:5000:5000` instead. This is because docker defaults to exposing ports to any interface which exposes the debug port to the open internet. This is generally a good practice for running buildkit on a tcp address anyway and the same applies to delve. Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
dockerfile: introduce a debug variant for the buildkit docker image
-ne comparison errors "[: : integer expression expected" on empty value. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
hack: update BUILDKIT_DEBUG handling
integration: set otel socket path through buildkit config
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
Signed-off-by: Justin Chadwell <me@jedevc.com>
mikejholly
approved these changes
Oct 16, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
upstream updates up to e5afd84
corresponding earthly PR: earthly/earthly#3347