Remove unneeded Finalize method from ImmutableRef.#2216
Merged
tonistiigi merged 1 commit intomoby:masterfrom Jul 1, 2021
Merged
Remove unneeded Finalize method from ImmutableRef.#2216tonistiigi merged 1 commit intomoby:masterfrom
tonistiigi merged 1 commit intomoby:masterfrom
Conversation
Finalize was only used outside the cache package in one place, which
called it with the commit arg set to false. The code path followed
when commit==false turned out to essentially be a no-op because
it set "retain cache" to true if it was already set to true.
It was thus safe to remove the only external call to it and remove it
from the interface. This should be helpful for future efforts to
simplify the equal{Mutable,Immutable} fields in cacheRecord, which exist
due to the "lazy commit" feature that Finalize is tied into.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
Member
|
I guess the code was supposed to be As I understand that |
Collaborator
Author
Isn't it just that the llb.Local snapshots always get created with Retain set? buildkit/source/local/local.go Line 129 in 521727e |
Member
|
But what keeps the top layer of the build result from not getting deleted. |
Collaborator
Author
My understanding is:
Am I missing anything here or misunderstanding the concern? |
Member
|
I understand how it happens for |
Collaborator
Author
There is also this relevant code block, which I just noticed and believe will be called by the solver after any vertex successfully executes? It only sets cache retain on immutable refs directly, which doesn't necessarily mean any equal mutable will have it set too. Additionally though, any top layer which is an immutable ref w/ an equalMutable that gets exported will be finalized during the export during the call to GetRemote. In terms of ops that create mutable refs (basically all except container image):
Overall, while convoluted, I think things behave as expected. |
tonistiigi
approved these changes
Jul 1, 2021
Member
|
@sipsma Thanks. Not sure if there would be any difference to use |
Member
|
Looks like it's still used on moby (saw that while vendoring buildkit): |
Member
|
@sipsma PTAL |
Collaborator
Author
|
@crazy-max @tonistiigi I see, I wasn't aware at the time this change was made how moby integrated w/ buildkit so I didn't think to look there, that's my bad. I can just send out a commit to re-add |
sipsma
added a commit
to sipsma/buildkit
that referenced
this pull request
Oct 25, 2021
It turns out that while Buildkit code did not need this method to be public, moby code does still use it, so we have to re-add it after its removal in moby#2216 (commit b85ef15). This commit is not a revert because some of the changes are still desireable, namely the removal of the "commit" parameter which didn't serve any purpose. Signed-off-by: Erik Sipsma <erik@sipsma.dev>
alexcb
pushed a commit
to earthly/buildkit-old-fork
that referenced
this pull request
Oct 26, 2021
* dockerfile: fix git version detection
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Add support for heredocs with ONBUILD
Signed-off-by: Justin Chadwell <me@jedevc.com>
* dockerfile: use none differ for dockerfile/dockerignore
This avoids wrong metadata matches on small files
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* progressui: print logs for failed step as summary in plain mode
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* grpcerrors: avoid rpc error wrapping in error messages
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* exec: improve error message on exec errors
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Improve heredoc parsing to allow more generic words
Previously, heredoc names were restricted to simple alphanumeric
strings. However, heredocs should support much more complex use-cases,
including quoting anywhere, as well as allowing special symbols like `.`
for easily expressing file extensions.
This patch adds support for these more complex cases, by using the shell
lexer to parse each heredoc name. Additionally, we include improvements
to the lexer to optionally preserve escape tokens to avoid problems when
lexing words that have already been lexed before.
Signed-off-by: Justin Chadwell <me@jedevc.com>
* Improve progress and history messages for heredoc-related commands
Signed-off-by: Justin Chadwell <me@jedevc.com>
* Remove unneeded Finalize method from ImmutableRef.
Finalize was only used outside the cache package in one place, which
called it with the commit arg set to false. The code path followed
when commit==false turned out to essentially be a no-op because
it set "retain cache" to true if it was already set to true.
It was thus safe to remove the only external call to it and remove it
from the interface. This should be helpful for future efforts to
simplify the equal{Mutable,Immutable} fields in cacheRecord, which exist
due to the "lazy commit" feature that Finalize is tied into.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* Fix ref leak if fileop ref fails to mount.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* add error suggest pkg
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* dockerfile: suggest mistyped flag names
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* dockerfile: provide suggestions for mount options
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* dockerfile: add tests for error suggestions
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* dockerfile: remove unnecessary error wrappings
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* enable riscv64 build
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Update QEMU emulators
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* dockerfile: move run network to stable channel
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Automatically detect default git branch
Instead of just assuming that the default branch is master, use ls-remote to find out. Also removed tests that didn't specifiy a branch but required authentication, because those will fail now that the repo is actually checked.
Signed-off-by: Levi Harrison <levisamuelharrison@gmail.com>
* Moved getDefaultBranch function to gitsource
It is my suspecion that the tests were failing on previous commits because of the lack of authentication and other stuff like that available in gitidentifier as compared to gitsource
Signed-off-by: Levi Harrison <levisamuelharrison@gmail.com>
* Fix tests
Unfortunately, further test cases will have to be removed because gitindentifier will now leave the branch blank instead of filling it in
Signed-off-by: Levi Harrison <levisamuelharrison@gmail.com>
* git: fix default branch detection
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Enable to forcefully specify compression type
Signed-off-by: ktock <ktokunaga.mail@gmail.com>
* Add full timestamp to logs
Signed-off-by: Yamazaki Masashi <masi19bw@gmail.com>
* Remove meaningless encode
Signed-off-by: Yamazaki Masashi <masi19bw@gmail.com>
* Ignore missing providers for blobs w/ same chainid.
GetByBlob checks to see if there are any other blobs with the same
(uncompressed) ChainID and, if so, reuses their unpacked snapshot if it
exists.
The problem is if this code finds a match, it was trying to get the
matching record, but couldn't do so when the match is lazy because the
caller doesn't necessarily have descriptor handlers setup for it.
This commit changes the behavior to just ignore any match with the same
ChainID that's also lazy as they just aren't usable for the
snapshot-reuse optimization.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* authprovider: handle eaccess on storing token seeds
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* log with traceID and spanID
Signed-off-by: Morlay <morlay.null@gmail.com>
* github: update CI buildkit to v0.9.0-rc1
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* initial version of github cache
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* vendor: add goactionscache
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* caps: add cap for gha cache backend
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* remove tracetransform package
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* resolver: increase default idle conns reuse
The current default were even lower than stdlib defaults.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* refactor to use util/bklog instead of using logurs directly
Signed-off-by: Morlay <morlay.null@gmail.com>
* GitHub Actions cache docs
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Skips getting UID/GUID if passwd/group file is not found
When running a WORKDIR instruction, buildkit will create that folder
and chown it to the currently set user. For this, it will try to read
the /etc/passwd file to get the proper UID, and if that user is not
found in the file, the root user will be considered as the owner.
However, Windows image do not have that file, which will result in
an error while building the image. We can consider not finding
the /etc/passwd file as the same as not finding the user in the file,
which would solve this issue.
Signed-off-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
* add per domain semaphore to limit concurrent connections
This is a safer alternative until we figure out why
http.Transport based limiting fails.
Some connections like cache export/import do not have a
domain key atm and these connections use global pool.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* update to github.com/containerd/containerd v1.5.3
Signed-off-by: coryb <cbennett@netflix.com>
* vendor: update go-actions-cache with custom client support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* tracing: update to otelhttp roundtripper
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Enhance test matrix
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* fix dropped pull progress output due to canceled context
fixes moby#2248
Signed-off-by: coryb <cbennett@netflix.com>
* Add span for layer export
This can be a significant amount of time that isn't currently accounted
for in traces.
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* new implementation for limiting tcp connections
The previous implementation had many issues. Eg. on fetch, even if
the data already existed and no remote connections were needed
the request would still be waiting in the queue. Or if two fetches
of same blob happened together they would take up two places in queue
although there was only one remote request.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* limited: allow extra high-priority connection for json requests
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* ensure wrappers support seeking to continue partial downloads
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* contentutil: change offset to int64 to simplify
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Exporter config digest typo
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* daemonless: wait for daemon to finish before exit
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* github: update CI buildkit to v0.9.0
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* add docs for new config options
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* add ktock and crazy-max to maintainers
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Update Dockerfile references to use 1.3
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* docs: update images-readme to v0.9
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Bump to codecov/codecov-action v2
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* build(deps): bump github.com/containerd/containerd from 1.5.3 to 1.5.4
Bumps [github.com/containerd/containerd](https://github.com/containerd/containerd) from 1.5.3 to 1.5.4.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v1.5.3...v1.5.4)
---
updated-dependencies:
- dependency-name: github.com/containerd/containerd
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
* util/tracing: remove incorrect import enforcing comment
This import comment caused compilation of buildx to fail if `GO111MODULE` was
set to `off`:
Without `GO111MODULE` set (but with `-mod=vendor`:
echo $GO111MODULE
export PKG=github.com/docker/buildx
export LDFLAGS="-X ${PKG}/version.Version=$(git describe --match 'v[0-9]*' --always --tags) -X ${PKG}/version.Revision=$(git rev-parse HEAD) -X ${PKG}/version.Package=${PKG}"
GOFLAGS=-mod=vendor go build -o bin/docker-buildx -ldflags "${LDFLAGS}" ./cmd/buildx
bin/docker-buildx version
github.com/docker/buildx v0.6.0 d9ee3b1
When setting `GO111MODULE=off`, it fails on the incorrect import path in the
vendored file (looks like GO111MODULE=on ignores import-path comments?):
export GO111MODULE=off
root@5a55ec1c1eed:/go/src/github.com/docker/buildx# GOFLAGS=-mod=vendor go build -o bin/docker-buildx -ldflags "${LDFLAGS}" ./cmd/buildx
vendor/github.com/moby/buildkit/client/client.go:20:2: code in directory /go/src/github.com/docker/buildx/vendor/github.com/moby/buildkit/util/tracing/otlptracegrpc expects import "go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc"
vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/connection/connection.go:33:2: found import comments "go.opentelemetry.io/otel/exporters/otlp/internal/otlpconfig" (options.go) and "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlpconfig" (optiontypes.go) in /go/src/github.com/docker/buildx/vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlpconfig
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Fix protoc link
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Allow ExitError type to be transmitted over GRPC
This will allow clients to retrieve exit error codes returned during a
solve without parsing the error messages.
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* Update to github.com/opencontainers/runc v1.0.1
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Split cache options doc for each exporter
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Set default socket permissions to 660
The systemd default is 666, it seems.
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
* fix SecurityMode being dropped on gateway container Start
Signed-off-by: Cory Bennett <cbennett@netflix.com>
* bump containerd from 1.5.4 to 1.5.5
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* go.mod: golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c
In preparation of replacing the deprecated github.com/docker/docker/pkg/signal,
which uses this version (updating it separately for easier review).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* replace use of deprecated github.com/docker/docker/pkg/signal
This package was moved to a separate module in github.com/moby/sys/signal
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Additional tests and cleanup for cache/contenthash
This adds a little extra testing around ** patterns, and adds a
(currently skipped) test for copying directories under symlinks (moby#2300).
It removes an extra call to `filepath.FromSlash` in `shouldIncludePath`
and an unused argument to that function.
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* all: remove duplicate imports
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* all: unify the specs-go package import alias to ocispecs
ocispecs means "O"pen "C"ontainer "I"nitiative image-spec/"specs"-go/v1
opencontainers /image-spec/specs-go/v1
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* hack/dockerfiles: upgrade golangci-lint version to v1.41.1
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* golangci-lint: enable importas and add settings for specs-go package
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* all: unify the go-digest package import alias to digest
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* golangci-lint: add go-digest importas setting
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* Fix IncludePattern/ExcludePattern matching
The transformation to rootedPatterns seems very wrong and inconsistent
with what the copy logic did. Change it to match the copy logic, and add
more testing.
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* dockerfile: fix parsing required key without value
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* generated files: use "go install" to install binaries
Now that this repository moved to go1.16, we can use 'go install' to install
these binaries.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* util/stack: update protoc options to work with newer versions
Generating the util/stack protos failed when updating protoc-gen-go to v1.5.2;
it looks like this is the only proto that's not generated using protoc-gen-gogo):
util/stack/generate.go
protoc-gen-go: unable to determine Go import path for "stack.proto"
Please specify either:
• a "go_package" option in the .proto source file, or
• a "M" argument on the command line.
See https://developers.google.com/protocol-buffers/docs/reference/go-generated#package for more information.
--go_out: protoc-gen-go: Plugin failed with status code 1.
util/stack/generate.go:3: running "protoc": exit status 1
Newer protobuf versions expect a go package to be set. Other .proto files in
this repository use the bare package name, but with protoc-gen-go v1.5.2, this
produces an error (package names must at least have a "/"). In addition to
including the option to the .proto file also changes the generated result
(`options go_package "<package name>"`).
Using the `-go_opt=M<package name>` option on the other hand, didn't change the
result (while still on protoc-gen-go v1.3.5), so I used that option instead.
protoc-gen-go v1.5.2 also changed the behavior where the generated file is stored,
seemingly relative to the `../../vendor` path specified. This coud be fixed either
by setting `--go_out=../../`, which was a bit counter-intuitive, or setting the
`--go_opt=paths=source_relative` option. The latter also prevented v1.5.2 from
storing the file in `utils/stack/github.com/moby/buildkit/utils/stack/` (sigh).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* add missing ExtraHosts to gateway exec
Also adding tests for ExtraHosts and NetMode via gateway exec
Signed-off-by: Cory Bennett <cbennett@netflix.com>
* add gateway.exec.extrahosts capability
Signed-off-by: Cory Bennett <cbennett@netflix.com>
* cache: Fix flightcontrol use in computeBlobChain.
Previously, the flightcontrol group was being given a key just set to
the ref's ID, which meant that concurrent calls using different values
of compressionType, createIfNeeded and forceCompression would
incorrectly be de-duplicated.
The change here splits up the flightcontrol group into a few separate
calls and ensures that all the correct input variables are put into the
flightcontrol keys.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* solver: include cachemap index in flightcontrol.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* pull: use resolvemode in flightcontrol key.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* util: remove outdated flightcontrol test assertion.
The test was making an assertion that is no longer expected to always be
true after moby#2195, which purposely made flightcontrol less deterministic.
This lead to occasional failures.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* update go to 1.17
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* gomod: update to go1.17
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Follow links in includedPaths to resolve incorrect caching when source path is behind symlink
As discussed in moby#2300, includedPaths does not resolve symlinks when
looking up the source path in the prefix tree. If the user requests a
path that involves symlinks (for example, /a/foo when a symlink /a -> /b
exists), includedPaths will not find it, and will expect nothing to be
copied. This does not match the actual copy behavior implemented in
fsutil, which will follow symlinks in prefix components of a given path,
so it can end up caching an empty result even though the copy will
produce a non-empty result, which is quite bad.
To fix this, use getFollowLinks to resolve the path before walking it.
In the wildcard case, this is done to the non-wildcard prefix of the
path (if any), which matches the behavior in fsutil.
Fixes the repro case here:
https://gist.github.com/aaronlehmann/64054c9a2cff0d27e200cc107bba3d69
Fixes moby#2300
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* cmd/buildkitd: replace BurntSushi/toml with pelletier/go-toml
The BurntSushi/toml project has been deprecated, and the ecosystem
is converging on using pelletier/go-toml as the "canonical" replacement.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* control: fix 64bit alignment for buildcount
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Use fixed fileutils matching functions
This is important for two reasons:
1) Keeps caching logic consistent with recent fsutil changes to use
these functions (also vendored here).
2) Allows us to move forward with removal of the original buggy Matches
implementation in moby/moby.
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* Add `estargz` compression type
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
* Refactor cache metadata interface.
There are a few goals with this refactor:
1. Remove external access to fields that no longer make sense and/or
won't make sense soon due to other potential changes. For example,
there can now be multiple blobs associated with a ref (for different
compression types), so the fact that you could access the "Blob"
field from the Info method on Ref incorrectly implied there was just
a single blob for the ref. This is on top of the fact that there is
no need for external access to blob digests.
2. Centralize use of cache metadata inside the cache package.
Previously, many parts of the code outside the cache package could
obtain the bolt storage item for any ref and read/write it directly.
This made it hard to understand what fields are used and when. Now,
the Metadata method has been removed from the Ref interface and
replaced with getters+setters for metadata fields we want to expose
outside the package, which makes it much easier to track and
understand. Similar changes have been made to the metadata search
interface.
3. Use a consistent getter+setter interface for metadata, replacing
the mix of interfaces like Metadata(), Size(), Info() and other
inconsistencies.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
* Use containerd/pkg/seccomp.IsEnabled()
This replaces the local SeccompSupported() utility for the implementation
in containerd, which performs the same check.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* Compute diff from the upper dir of overlayfs-based snapshotter
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
* go.mod: github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6
full diff: moby/term@bea5bbe...3f7ff69
updates Azure/go-ansiterm to fix integer overflow on arm
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
* go.mod: split the indirect packages
After go1.17, all indirect packages are listed in the go.mod file.
In addition, has been introduced the ability to list indirect packages separately.
Split the indirect packages to make the dependency packages clearer.
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* exporter: support creating blobs with zstd compression
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* update getremote test for zstd
Estargz support has been removed from this test as
implementation does not guarantee digest stability
and only reason it passed were the exceptions in the
test via variant map that ignored cases where timing
resulted the digest to go wrong. This needs to be
addressed in the follow up if we want to keep estargz
support.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Add test case for symlink which is not final path component before wildcard
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* hack: allow mounting in workdir in shell
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Handle the case of multiple path component symlinks (including last component) in wildcard prefix
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* Use getFollowLinksWalked
Signed-off-by: Aaron Lehmann <alehmann@netflix.com>
* bklog: only log tracing ids when span exporter not nil
Signed-off-by: Morlay <morlay.null@gmail.com>
* Refactor url redacting util
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Clean up old TODOs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Move config parsing to a dedicated pkg
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Generate and embed build sources
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* resolver: use different mutext for handlers and hosts
hosts mutex is called on initialization, meaning `GetResolver` might
block if it is in the middle of auth exchange. This is currently bad
in the case where Job initialization needs to register a name before
timeout is reached.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* resolver: make sure authorizer is not overwritten on other resolvers
Authorizer stores the current session.Group so if it is
overwritten for another resolver it means that session might
have been dropped and authentication will fail.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* solver: increase timeout for job registration
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* go.mod: sort and move self-managed indirect dependencies to first block
Signed-off-by: Koichi Shiraishi <zchee.io@gmail.com>
* Fix issues moby#1980 and moby#2198
Signed-off-by: Jonathan Giannuzzi <jonathan@giannuzzi.me>
* Add BUILDKIT_SANDBOX_HOSTNAME build-arg
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Fix estargz compression loses the original tar metadata
Currently, eStargz compression doesn't preserve the original tar metadata
(header bytes and their order). This causes failure of `TestGetRemote` because
an uncompressed blob converted from a gzip blob provides different digset
against the one converted from eStargz blob even if their original tar (computed
by differ) are the same.
This commit solves this issue by fixing eStargz to preserve original tar's
metadata that is modified by eStargz.
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
* Enhance ANSI color for progress ui
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Move resolver config to a dedicated package
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Standard user umask for git process
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* make sure ci runs on version branches
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* return an error instead of panicking when failing to get edge
Signed-off-by: Maxime Lagresle <maxime@angel.co>
* Add support for shm size
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* gha: handle already exist error on save
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* don't cast Value when pipe is errored
Signed-off-by: Maxime Lagresle <maxime@angel.co>
* gha: handle missing blob gracefully
FromRemote now calls CheckDescriptor to validate
if the blob still exists. Otherwise cache loading
fallback does not get triggered because cache is
actually lazily pulled in only on exporting phase.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* solver: make sure previous error gets reset
This happens for example when cache loading fails
but then fallback step execution succeeds.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* vendor: update go-actions-cache to 4d48f2ff
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* Differ: write diff to the content store over bufio writer
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
* Do not enable overlayfs differ for fuse-overlayfs-snapshotter
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
* Converter: make sure uncompressed digest annotation is set
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
* Use gha cache on CI
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Creating tcp socket without using go-connections.
Signed-off-by: Jacob MacElroy <jacob@okteto.com>
* limited: fix possible deadlock when pushhandler calls fetcher
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* README.md: improve "Building multi-platform images" section
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
* Add support for ulimit
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* solver: fix exporters unsafely sharing records
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* fix: provide only available capabilities to insecure environment
The problem this change is trying to fix are the environments where some
capabilities are already dropped, so they can't be granted to the
job with `--security=insecure`.
I know that probably fixed set of capabilities was implemented to
provide a stable build environment, but at the same time this breaks
environments with reduced capabilities.
Signed-off-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
* client: allow setting custom dialer for session endpoint
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
* add size to tmpfs mounts
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* deduplicate mounts
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* use bytes as given size for tmpfs mount
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* use `opts.MemBytes` for tmpfs size run mount instruction
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
* Re-add Finalize method to ImmutableRef.
It turns out that while Buildkit code did not need this method to
be public, moby code does still use it, so we have to re-add it
after its removal in moby#2216 (commit b85ef15).
This commit is not a revert because some of the changes are
still desireable, namely the removal of the "commit" parameter
which didn't serve any purpose.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
Co-authored-by: Tonis Tiigi <tonistiigi@gmail.com>
Co-authored-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Co-authored-by: Justin Chadwell <me@jedevc.com>
Co-authored-by: Erik Sipsma <erik@sipsma.dev>
Co-authored-by: Akihiro Suda <suda.kyoto@gmail.com>
Co-authored-by: CrazyMax <crazy-max@users.noreply.github.com>
Co-authored-by: Levi Harrison <levisamuelharrison@gmail.com>
Co-authored-by: ktock <ktokunaga.mail@gmail.com>
Co-authored-by: masibw <masi19bw@gmail.com>
Co-authored-by: Morlay <morlay.null@gmail.com>
Co-authored-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
Co-authored-by: Claudiu Belu <cbelu@cloudbasesolutions.com>
Co-authored-by: coryb <cbennett@netflix.com>
Co-authored-by: Aaron Lehmann <alehmann@netflix.com>
Co-authored-by: Sebastiaan van Stijn <thaJeztah@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Sebastiaan van Stijn <github@gone.nl>
Co-authored-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
Co-authored-by: CrazyMax <github@crazymax.dev>
Co-authored-by: Koichi Shiraishi <zchee.io@gmail.com>
Co-authored-by: Jonathan Giannuzzi <jonathan@giannuzzi.me>
Co-authored-by: Maxime Lagresle <maxime@angel.co>
Co-authored-by: Jacob MacElroy <jacob@okteto.com>
Co-authored-by: Andrey Smirnov <andrey.smirnov@talos-systems.com>
akhramov
pushed a commit
to akhramov/buildkit
that referenced
this pull request
May 15, 2022
It turns out that while Buildkit code did not need this method to be public, moby code does still use it, so we have to re-add it after its removal in moby#2216 (commit b85ef15). This commit is not a revert because some of the changes are still desireable, namely the removal of the "commit" parameter which didn't serve any purpose. Signed-off-by: Erik Sipsma <erik@sipsma.dev>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Finalize was only used outside the cache package in one place, which
called it with the commit arg set to false. The code path followed
when commit==false turned out to essentially be a no-op because
it set "retain cache" to true if it was already set to true.
It was thus safe to remove the only external call to it and remove it
from the interface. This should be helpful for future efforts to
simplify the equal{Mutable,Immutable} fields in cacheRecord, which exist
due to the "lazy commit" feature that Finalize is tied into.
Signed-off-by: Erik Sipsma erik@sipsma.dev