JohnHammond
/
buildkit
mirror of https://github.com/JohnHammond/buildkit.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

dockerfile: disable network for copy 

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
docker-18.09
Tonis Tiigi 2018-10-22 13:23:10 -07:00
parent 54cf2b136d
commit 945e100a8c
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
frontend/dockerfile/dockerfile2llb/convert.go
View File

@ -327,6 +327,7 @@ func Dockerfile2LLB(ctx context.Context, dt []byte, opt ConvertOpt) (*llb.State,
targetPlatform: platformOpt.targetPlatform, targetPlatform: platformOpt.targetPlatform,
extraHosts: opt.ExtraHosts, extraHosts: opt.ExtraHosts,
copyImage: opt.OverrideCopyImage, copyImage: opt.OverrideCopyImage,
llbCaps: opt.LLBCaps,
} }
if opt.copyImage == "" { if opt.copyImage == "" {
opt.copyImage = DefaultCopyImage opt.copyImage = DefaultCopyImage
@ -441,6 +442,7 @@ type dispatchOpt struct {
buildPlatforms []specs.Platform buildPlatforms []specs.Platform
extraHosts []llb.HostIP extraHosts []llb.HostIP
copyImage string copyImage string
llbCaps *apicaps.CapSet
} }
func dispatch(d *dispatchState, cmd command, opt dispatchOpt) error { func dispatch(d *dispatchState, cmd command, opt dispatchOpt) error {
@ -729,6 +731,13 @@ func dispatchCopy(d *dispatchState, c instructions.SourcesAndDest, sourceState l
if d.ignoreCache { if d.ignoreCache {
runOpt = append(runOpt, llb.IgnoreCache) runOpt = append(runOpt, llb.IgnoreCache)
} }
if opt.llbCaps != nil {
if err := opt.llbCaps.Supports(pb.CapExecMetaNetwork); err == nil {
runOpt = append(runOpt, llb.Network(llb.NetModeNone))
}
}
run := img.Run(append(runOpt, mounts...)...) run := img.Run(append(runOpt, mounts...)...)
d.state = run.AddMount("/dest", d.state).Platform(platform) d.state = run.AddMount("/dest", d.state).Platform(platform)