Skip to content

Fix dockerfile parser failing silently on long tokens#35429

Merged
thaJeztah merged 2 commits intomoby:masterfrom
dnephin:build-fails-on-long-label
Nov 15, 2017
Merged

Fix dockerfile parser failing silently on long tokens#35429
thaJeztah merged 2 commits intomoby:masterfrom
dnephin:build-fails-on-long-label

Conversation

@dnephin
Copy link
Member

@dnephin dnephin commented Nov 7, 2017
edited
Loading

Fixes docker/for-linux#157
Fixes docker/for-mac#2208

Report errors when the scanner fails. The error message should include enough details for the user to fix the problem.

Fixing the first problem revealed another problem with handling remote urls that point at Dockerfiles, which is fixed in the second and third commits.

@dnephin dnephin requested a review from tonistiigi as a code owner November 7, 2017 23:29
vrothberg
vrothberg reviewed Nov 8, 2017
View reviewed changes
builder/dockerfile/parser/parser_test.go Outdated
Copy link

@vrothberg vrothberg Nov 8, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the sake of consistency, I suggest using bufio.MaxScanTokenSize instead.

Copy link

@dest2013 dest2013 Nov 15, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

F

vrothberg
vrothberg reviewed Nov 8, 2017
View reviewed changes
builder/dockerfile/parser/parser.go Outdated
Copy link

@vrothberg vrothberg Nov 8, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error occurs when size is greater or equal.

@dnephin dnephin force-pushed the build-fails-on-long-label branch from a70fa48 to 8bae107 Compare November 8, 2017 18:41
@dnephin dnephin force-pushed the build-fails-on-long-label branch from c0c7524 to dd91b78 Compare November 8, 2017 22:38
@tonistiigi tonistiigi self-assigned this Nov 9, 2017
tonistiigi
tonistiigi reviewed Nov 9, 2017
View reviewed changes
Copy link
Member

@tonistiigi tonistiigi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you squash 2nd and 3rd commit

builder/remotecontext/remote.go Outdated
Copy link
Member

@tonistiigi tonistiigi Nov 9, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would it be cleaner for this function just to take a ReadCloser and return ReadCloser so caller doesn't need to do any wrapping?

Copy link
Member Author

@dnephin dnephin Nov 9, 2017
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess you mean move the ioutils.NewReadCloserWrapper() into inspectResponse() ? I think either way it needs to be wrapped, it's just about where it happens.

That could work. It would mean that the two four error returns in this function would have to call r.Close() instead of the one error case in the caller calling closer.

It also seems like it is more the responsibility of downloadRemote() since it is aware that it's a response body, where as inspectResponse only cares about a reader.

I have a very slight preference for the current implementation, but if you think it's cleaner to move it to inspectResponse I can do that.

I can also remove closer() that doesn't need to exist anymore, it can just be response.Body.Close

Copy link
Member

@tonistiigi tonistiigi Nov 9, 2017

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok, lets leave it like it is atm

@dnephin
Copy link
Member Author

dnephin commented Nov 9, 2017

Could you squash 2nd and 3rd commit

Yes, definitely. Just wanted to make sure you were happy with the final result before squashing. Will do that now.

@dnephin
Fix dockerfile parser failing silently on long tokens
59ad3a3 
Signed-off-by: Daniel Nephin <dnephin@docker.com>
@dnephin
Fix remote build target as Dockerfile
a74cc83 
The test was passing previously because the preamble was already buffered. After
the change to return Scanner.Err() the final read error on the buffer was no
longer being ignored.

Signed-off-by: Daniel Nephin <dnephin@docker.com>
@dnephin dnephin force-pushed the build-fails-on-long-label branch from dd91b78 to a74cc83 Compare November 9, 2017 20:06
tonistiigi
tonistiigi approved these changes Nov 9, 2017
View reviewed changes
Copy link
Member

@tonistiigi tonistiigi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tonistiigi tonistiigi removed their assignment Nov 9, 2017
thaJeztah
thaJeztah approved these changes Nov 11, 2017
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@thaJeztah
Copy link
Member

thaJeztah commented Nov 11, 2017

ping @tiborvass

@dnephin
Copy link
Member Author

dnephin commented Nov 15, 2017

Ok to merge this?

@thaJeztah
Copy link
Member

thaJeztah commented Nov 15, 2017

Ah, yes, I think so 👍

@thaJeztah thaJeztah merged commit 7c53e73 into moby:master Nov 15, 2017
@thaJeztah thaJeztah added the area/builder Build label Nov 15, 2017
@dnephin dnephin deleted the build-fails-on-long-label branch November 15, 2017 17:50
@disarticulate disarticulate mentioned this pull request Jan 2, 2018
Closed
@disarticulate
Copy link

disarticulate commented Jan 2, 2018

Is this bug elsewhere?

I'm getting a null response on something like

"Entrypoint":[
	"/gnatsd",
	"-DV",
	"--tls",
	"--tlskey=/run/secrets/meleorkey",
	"--tlscert=/run/secrets/meleorcrt",
	"--tlscacert=/run/secrets/rootca",
	"--auth=SuperSecretAuthorizationIsForFoolsAndFillers"
],

@thaJeztah
Copy link
Member

thaJeztah commented Jan 2, 2018

@disarticulate this fix is included in Docker 17.12 and up

@lowenna lowenna mentioned this pull request Jan 9, 2018
Merged
@thaJeztah thaJeztah mentioned this pull request Jan 26, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tonistiigi tonistiigi tonistiigi approved these changes

@thaJeztah thaJeztah thaJeztah approved these changes

@tiborvass tiborvass Awaiting requested review from tiborvass

+2 more reviewers

@vrothberg vrothberg vrothberg left review comments

@dest2013 dest2013 dest2013 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

area/builder Build status/2-code-review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

docker build silently fails to create layers if a Label is too long. docker build silently fails to create layers if a Label is too long.

7 participants

@dnephin @thaJeztah @disarticulate @tonistiigi @vrothberg @dest2013 @GordonTheTurtle