From ac930bda691fdc50c587c5cd7ca0ed1b7d166d74 Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Wed, 10 Jul 2024 13:08:57 -0700 Subject: [PATCH] vendor: update buildkit to v0.15.0-rc2 Signed-off-by: Tonis Tiigi --- go.mod | 4 +- go.sum | 8 +- .../frontend/dockerfile/linter/ruleset.go | 16 ++ .../moby/buildkit/frontend/dockerui/config.go | 149 +++++++++++------- .../buildkit/util/testutil/integration/run.go | 33 ++-- .../tonistiigi/go-csvvalue/csvvalue.go | 1 + vendor/modules.txt | 4 +- 7 files changed, 139 insertions(+), 76 deletions(-) diff --git a/go.mod b/go.mod index 1246a25450f..2209df61038 100644 --- a/go.mod +++ b/go.mod @@ -29,7 +29,7 @@ require ( github.com/hashicorp/hcl/v2 v2.20.1 github.com/in-toto/in-toto-golang v0.5.0 github.com/mitchellh/hashstructure/v2 v2.0.2 - github.com/moby/buildkit v0.15.0-rc1 + github.com/moby/buildkit v0.15.0-rc2 github.com/moby/sys/mountinfo v0.7.1 github.com/moby/sys/signal v0.7.0 github.com/morikuni/aec v1.0.0 @@ -43,7 +43,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 github.com/tonistiigi/fsutil v0.0.0-20240424095704-91a3fc46842c - github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2 + github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 github.com/zclconf/go-cty v1.14.4 go.opentelemetry.io/otel v1.21.0 go.opentelemetry.io/otel/metric v1.21.0 diff --git a/go.sum b/go.sum index 1958ac9d006..6bf5cb1ec3d 100644 --- a/go.sum +++ b/go.sum @@ -306,8 +306,8 @@ github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/z github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/moby/buildkit v0.15.0-rc1 h1:74cW+CaRhCX8b/0sTEwWM6zPxgHJb90imPZMf+E42TY= -github.com/moby/buildkit v0.15.0-rc1/go.mod h1:ik25J3PkZrQc2dDquClV6jXMjjtoXDCLFySlfZDk5j0= +github.com/moby/buildkit v0.15.0-rc2 h1:aHYfPGXcV4CiR4qZWZNVP/Khdgf7ftfSHZg4bhDkWjY= +github.com/moby/buildkit v0.15.0-rc2/go.mod h1:oN9S+8I7wF26vrqn9NuAF6dFSyGTfXvtiu9o1NlnnH4= github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= @@ -442,8 +442,8 @@ github.com/theupdateframework/notary v0.7.0 h1:QyagRZ7wlSpjT5N2qQAh/pN+DVqgekv4D github.com/theupdateframework/notary v0.7.0/go.mod h1:c9DRxcmhHmVLDay4/2fUYdISnHqbFDGRSlXPO0AhYWw= github.com/tonistiigi/fsutil v0.0.0-20240424095704-91a3fc46842c h1:+6wg/4ORAbnSoGDzg2Q1i3CeMcT/jjhye/ZfnBHy7/M= github.com/tonistiigi/fsutil v0.0.0-20240424095704-91a3fc46842c/go.mod h1:vbbYqJlnswsbJqWUcJN8fKtBhnEgldDrcagTgnBVKKM= -github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2 h1:4dXTcm/McJMoXXFhqr+4rNL4WkLqMoHkdMhT4nU0Z28= -github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2/go.mod h1:278M4p8WsNh3n4a1eqiFcV2FGk7wE5fwUpUom9mK9lE= +github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 h1:7I5c2Ig/5FgqkYOh/N87NzoyI9U15qUPXhDD8uCupv8= +github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4/go.mod h1:278M4p8WsNh3n4a1eqiFcV2FGk7wE5fwUpUom9mK9lE= github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/v/cCndK0AMpt1wiVFb/YYmqB3/QG0= github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab h1:H6aJ0yKQ0gF49Qb2z5hI1UHxSQt4JMyxebFR15KnApw= diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/linter/ruleset.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/linter/ruleset.go index b333c4c7c22..d94c32c53ce 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/linter/ruleset.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/linter/ruleset.go @@ -148,4 +148,20 @@ var ( return fmt.Sprintf("Default value for ARG %v results in empty or invalid base image name", baseName) }, } + RuleFromPlatformFlagConstDisallowed = LinterRule[func(string) string]{ + Name: "FromPlatformFlagConstDisallowed", + Description: "FROM --platform flag should not use a constant value", + URL: "https://docs.docker.com/go/dockerfile/rule/from-platform-flag-const-disallowed/", + Format: func(platform string) string { + return fmt.Sprintf("FROM --platform flag should not use constant value %q", platform) + }, + } + RuleCopyIgnoredFile = LinterRule[func(string, string) string]{ + Name: "CopyIgnoredFile", + Description: "Attempting to Copy file that is excluded by .dockerignore", + URL: "https://docs.docker.com/go/dockerfile/rule/copy-ignored-file/", + Format: func(cmd, file string) string { + return fmt.Sprintf("Attempting to %s file %q that is excluded by .dockerignore", cmd, file) + }, + } ) diff --git a/vendor/github.com/moby/buildkit/frontend/dockerui/config.go b/vendor/github.com/moby/buildkit/frontend/dockerui/config.go index ea87c4a56cb..e0f9658aaa2 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerui/config.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerui/config.go @@ -45,28 +45,30 @@ const ( // Don't forget to update frontend documentation if you add // a new build-arg: frontend/dockerfile/docs/reference.md - keyCacheNSArg = "build-arg:BUILDKIT_CACHE_MOUNT_NS" - keyMultiPlatformArg = "build-arg:BUILDKIT_MULTI_PLATFORM" - keyHostnameArg = "build-arg:BUILDKIT_SANDBOX_HOSTNAME" - keyDockerfileLintArg = "build-arg:BUILDKIT_DOCKERFILE_CHECK" - keyContextKeepGitDirArg = "build-arg:BUILDKIT_CONTEXT_KEEP_GIT_DIR" - keySourceDateEpoch = "build-arg:SOURCE_DATE_EPOCH" + keyCacheNSArg = "build-arg:BUILDKIT_CACHE_MOUNT_NS" + keyMultiPlatformArg = "build-arg:BUILDKIT_MULTI_PLATFORM" + keyHostnameArg = "build-arg:BUILDKIT_SANDBOX_HOSTNAME" + keyDockerfileLintArg = "build-arg:BUILDKIT_DOCKERFILE_CHECK" + keyContextKeepGitDirArg = "build-arg:BUILDKIT_CONTEXT_KEEP_GIT_DIR" + keySourceDateEpoch = "build-arg:SOURCE_DATE_EPOCH" + keyCopyIgnoredCheckEnabled = "build-arg:BUILDKIT_DOCKERFILE_CHECK_COPYIGNORED_EXPERIMENT" ) type Config struct { - BuildArgs map[string]string - CacheIDNamespace string - CgroupParent string - Epoch *time.Time - ExtraHosts []llb.HostIP - Hostname string - ImageResolveMode llb.ResolveMode - Labels map[string]string - NetworkMode pb.NetMode - ShmSize int64 - Target string - Ulimits []pb.Ulimit - LinterConfig *linter.Config + BuildArgs map[string]string + CacheIDNamespace string + CgroupParent string + Epoch *time.Time + ExtraHosts []llb.HostIP + Hostname string + ImageResolveMode llb.ResolveMode + Labels map[string]string + NetworkMode pb.NetMode + ShmSize int64 + Target string + Ulimits []pb.Ulimit + LinterConfig *linter.Config + CopyIgnoredCheckEnabled bool CacheImports []client.CacheOptionsEntry TargetPlatforms []ocispecs.Platform // nil means default @@ -286,6 +288,16 @@ func (bc *Client) init() error { return errors.Wrapf(err, "failed to parse %s", keyDockerfileLintArg) } } + + // CopyIgnoredCheckEnabled is an experimental feature to check if COPY is ignored by .dockerignore, + // and it is disabled by default. It is expected that this feature will be enabled by default in a future + // release, and this build-arg will be removed. + if v, ok := opts[keyCopyIgnoredCheckEnabled]; ok { + bc.CopyIgnoredCheckEnabled, err = strconv.ParseBool(v) + if err != nil { + return errors.Wrapf(err, "failed to parse %s", keyCopyIgnoredCheckEnabled) + } + } return nil } @@ -410,44 +422,9 @@ func (bc *Client) MainContext(ctx context.Context, opts ...llb.LocalOption) (*ll return bctx.context, nil } - if bc.dockerignore == nil { - st := llb.Local(bctx.contextLocalName, - llb.SessionID(bc.bopts.SessionID), - llb.FollowPaths([]string{DefaultDockerignoreName}), - llb.SharedKeyHint(bctx.contextLocalName+"-"+DefaultDockerignoreName), - WithInternalName("load "+DefaultDockerignoreName), - llb.Differ(llb.DiffNone, false), - ) - def, err := st.Marshal(ctx, bc.marshalOpts()...) - if err != nil { - return nil, err - } - res, err := bc.client.Solve(ctx, client.SolveRequest{ - Definition: def.ToPB(), - }) - if err != nil { - return nil, err - } - ref, err := res.SingleRef() - if err != nil { - return nil, err - } - dt, _ := ref.ReadFile(ctx, client.ReadRequest{ // ignore error - Filename: DefaultDockerignoreName, - }) - if dt == nil { - dt = []byte{} - } - bc.dockerignore = dt - bc.dockerignoreName = DefaultDockerignoreName - } - - var excludes []string - if len(bc.dockerignore) != 0 { - excludes, err = ignorefile.ReadAll(bytes.NewBuffer(bc.dockerignore)) - if err != nil { - return nil, errors.Wrapf(err, "failed parsing %s", bc.dockerignoreName) - } + excludes, err := bc.dockerIgnorePatterns(ctx, bctx) + if err != nil { + return nil, errors.Wrapf(err, "failed to read dockerignore patterns") } opts = append([]llb.LocalOption{ @@ -493,6 +470,21 @@ func (bc *Client) IsNoCache(name string) bool { return false } +func (bc *Client) DockerIgnorePatterns(ctx context.Context) ([]string, error) { + if bc == nil { + return nil, nil + } + bctx, err := bc.buildContext(ctx) + if err != nil { + return nil, err + } + if bctx.context != nil { + return nil, nil + } + + return bc.dockerIgnorePatterns(ctx, bctx) +} + func DefaultMainContext(opts ...llb.LocalOption) *llb.State { opts = append([]llb.LocalOption{ llb.SharedKeyHint(DefaultLocalNameContext), @@ -505,3 +497,46 @@ func DefaultMainContext(opts ...llb.LocalOption) *llb.State { func WithInternalName(name string) llb.ConstraintsOpt { return llb.WithCustomName("[internal] " + name) } + +func (bc *Client) dockerIgnorePatterns(ctx context.Context, bctx *buildContext) ([]string, error) { + if bc.dockerignore == nil { + st := llb.Local(bctx.contextLocalName, + llb.SessionID(bc.bopts.SessionID), + llb.FollowPaths([]string{DefaultDockerignoreName}), + llb.SharedKeyHint(bctx.contextLocalName+"-"+DefaultDockerignoreName), + WithInternalName("load "+DefaultDockerignoreName), + llb.Differ(llb.DiffNone, false), + ) + def, err := st.Marshal(ctx, bc.marshalOpts()...) + if err != nil { + return nil, err + } + res, err := bc.client.Solve(ctx, client.SolveRequest{ + Definition: def.ToPB(), + }) + if err != nil { + return nil, err + } + ref, err := res.SingleRef() + if err != nil { + return nil, err + } + dt, _ := ref.ReadFile(ctx, client.ReadRequest{ // ignore error + Filename: DefaultDockerignoreName, + }) + if dt == nil { + dt = []byte{} + } + bc.dockerignore = dt + bc.dockerignoreName = DefaultDockerignoreName + } + var err error + var excludes []string + if len(bc.dockerignore) != 0 { + excludes, err = ignorefile.ReadAll(bytes.NewBuffer(bc.dockerignore)) + if err != nil { + return nil, errors.Wrapf(err, "failed parsing %s", bc.dockerignoreName) + } + } + return excludes, nil +} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/run.go b/vendor/github.com/moby/buildkit/util/testutil/integration/run.go index 2c180480657..b6b634e3be6 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/run.go +++ b/vendor/github.com/moby/buildkit/util/testutil/integration/run.go @@ -13,6 +13,7 @@ import ( "runtime" "sort" "strings" + "sync" "testing" "time" @@ -161,10 +162,7 @@ func Run(t *testing.T, testCases []Test, opt ...TestOpt) { o(&tc) } - mirror, cleanup, err := runMirror(t, tc.mirroredImages) - require.NoError(t, err) - - t.Cleanup(func() { _ = cleanup() }) + getMirror := lazyMirrorRunnerFunc(t, tc.mirroredImages) matrix := prepareValueMatrix(tc) @@ -200,7 +198,7 @@ func Run(t *testing.T, testCases []Test, opt ...TestOpt) { ctx, cancel := context.WithCancelCause(ctx) defer cancel(errors.WithStack(context.Canceled)) - sb, closer, err := newSandbox(ctx, br, mirror, mv) + sb, closer, err := newSandbox(ctx, br, getMirror(), mv) require.NoError(t, err) t.Cleanup(func() { _ = closer() }) defer func() { @@ -238,6 +236,11 @@ func copyImagesLocal(t *testing.T, host string, images map[string]string) error } localImageCache[host][to] = struct{}{} + // already exists check + if _, _, err := docker.NewResolver(docker.ResolverOptions{}).Resolve(context.TODO(), host+"/"+to); err == nil { + continue + } + var desc ocispecs.Descriptor var provider content.Provider var err error @@ -257,12 +260,6 @@ func copyImagesLocal(t *testing.T, host string, images map[string]string) error } } - // already exists check - _, _, err = docker.NewResolver(docker.ResolverOptions{}).Resolve(context.TODO(), host+"/"+to) - if err == nil { - continue - } - ingester, err := contentutil.IngesterFromRef(host + "/" + to) if err != nil { return err @@ -329,6 +326,20 @@ func WriteConfig(updaters []ConfigUpdater) (string, error) { return filepath.Join(tmpdir, buildkitdConfigFile), nil } +func lazyMirrorRunnerFunc(t *testing.T, images map[string]string) func() string { + var once sync.Once + var mirror string + return func() string { + once.Do(func() { + host, cleanup, err := runMirror(t, images) + require.NoError(t, err) + t.Cleanup(func() { _ = cleanup() }) + mirror = host + }) + return mirror + } +} + func runMirror(t *testing.T, mirroredImages map[string]string) (host string, _ func() error, err error) { mirrorDir := os.Getenv("BUILDKIT_REGISTRY_MIRROR_DIR") diff --git a/vendor/github.com/tonistiigi/go-csvvalue/csvvalue.go b/vendor/github.com/tonistiigi/go-csvvalue/csvvalue.go index 727129298d0..32d392e4ce8 100644 --- a/vendor/github.com/tonistiigi/go-csvvalue/csvvalue.go +++ b/vendor/github.com/tonistiigi/go-csvvalue/csvvalue.go @@ -126,6 +126,7 @@ parseField: appendToLast(dst, "\"") line = line[quoteLen:] pos += quoteLen + halfOpen = true case rn == r.Comma: // `",` sequence (end of field). line = line[commaLen:] diff --git a/vendor/modules.txt b/vendor/modules.txt index 5edda40cfa7..65b1156b0c5 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -518,7 +518,7 @@ github.com/mitchellh/go-wordwrap github.com/mitchellh/hashstructure/v2 # github.com/mitchellh/mapstructure v1.5.0 ## explicit; go 1.14 -# github.com/moby/buildkit v0.15.0-rc1 +# github.com/moby/buildkit v0.15.0-rc2 ## explicit; go 1.21.0 github.com/moby/buildkit/api/services/control github.com/moby/buildkit/api/types @@ -728,7 +728,7 @@ github.com/theupdateframework/notary/tuf/validation ## explicit; go 1.20 github.com/tonistiigi/fsutil github.com/tonistiigi/fsutil/types -# github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2 +# github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 ## explicit; go 1.16 github.com/tonistiigi/go-csvvalue # github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea