Fix TLS issues

* buildkitd: `--tlscacert` had been ignored * buildctl: TLS flags had been ignored for `buildctl debug workers` Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-03-05 18:33:15 +09:00 · 2019-03-05 18:33:15 +09:00 · a08c4479d5
parent 038973d423
commit a08c4479d5
8 changed files with 62 additions and 54 deletions
--- a/cmd/buildctl/build.go
+++ b/cmd/buildctl/build.go
@ -11,6 +11,7 @@ import (
 	"github.com/containerd/console"
 	"github.com/moby/buildkit/client"
 	"github.com/moby/buildkit/client/llb"
 	bccommon "github.com/moby/buildkit/cmd/buildctl/common"
 	"github.com/moby/buildkit/session"
 	"github.com/moby/buildkit/session/auth/authprovider"
 	"github.com/moby/buildkit/session/secrets/secretsprovider"
@ -123,7 +124,7 @@ func openTraceFile(clicontext *cli.Context) (*os.File, error) {
 }
 func build(clicontext *cli.Context) error {
-	c, err := resolveClient(clicontext)
+	c, err := bccommon.ResolveClient(clicontext)
 	if err != nil {
 		return err
 	}
@ -177,7 +178,7 @@ func build(clicontext *cli.Context) error {
 	}
 	ch := make(chan *client.SolveStatus)
-	eg, ctx := errgroup.WithContext(commandContext(clicontext))
+	eg, ctx := errgroup.WithContext(bccommon.CommandContext(clicontext))
 	solveOpt := client.SolveOpt{
 		Exporter: clicontext.String("exporter"),
--- a/cmd/buildctl/common/common.go
+++ b/cmd/buildctl/common/common.go
@ -0,0 +1,45 @@
 package common
 import (
 	"context"
 	"net/url"
 	"time"
 	"github.com/moby/buildkit/client"
 	opentracing "github.com/opentracing/opentracing-go"
 	"github.com/urfave/cli"
 )
 // ResolveClient resolves a client from CLI args
 func ResolveClient(c *cli.Context) (*client.Client, error) {
 	serverName := c.GlobalString("tlsservername")
 	if serverName == "" {
 		// guess servername as hostname of target address
 		uri, err := url.Parse(c.GlobalString("addr"))
 		if err != nil {
 			return nil, err
 		}
 		serverName = uri.Hostname()
 	}
 	caCert := c.GlobalString("tlscacert")
 	cert := c.GlobalString("tlscert")
 	key := c.GlobalString("tlskey")
 	opts := []client.ClientOpt{client.WithFailFast()}
 	ctx := CommandContext(c)
 	if span := opentracing.SpanFromContext(ctx); span != nil {
 		opts = append(opts, client.WithTracer(span.Tracer()))
 	}
 	if caCert != "" || cert != "" || key != "" {
 		opts = append(opts, client.WithCredentials(serverName, caCert, cert, key))
 	}
 	timeout := time.Duration(c.GlobalInt("timeout"))
 	ctx, cancel := context.WithTimeout(ctx, timeout*time.Second)
 	defer cancel()
 	return client.New(ctx, c.GlobalString("addr"), opts...)
 }
--- a/cmd/buildctl/common/trace.go
+++ b/cmd/buildctl/common/trace.go
@ -1,4 +1,4 @@
-package main
+package common
 import (
 	"context"
@ -32,7 +32,7 @@ func getTracer() (opentracing.Tracer, io.Closer) {
 	return opentracing.NoopTracer{}, &nopCloser{}
 }
-func attachAppContext(app *cli.App) {
+func AttachAppContext(app *cli.App) {
 	ctx := appcontext.Context()
 	tracer, closer := getTracer()
@ -82,7 +82,7 @@ func attachAppContext(app *cli.App) {
 }
-func commandContext(c *cli.Context) context.Context {
+func CommandContext(c *cli.Context) context.Context {
 	return c.App.Metadata["context"].(context.Context)
 }
--- a/cmd/buildctl/debug/workers.go
+++ b/cmd/buildctl/debug/workers.go
@ -10,6 +10,7 @@ import (
 	"github.com/containerd/containerd/platforms"
 	"github.com/moby/buildkit/client"
 	bccommon "github.com/moby/buildkit/cmd/buildctl/common"
 	specs "github.com/opencontainers/image-spec/specs-go/v1"
 	"github.com/tonistiigi/units"
 	"github.com/urfave/cli"
@ -31,12 +32,8 @@ var WorkersCommand = cli.Command{
 	},
 }
 func resolveClient(c *cli.Context) (*client.Client, error) {
 	return client.New(commandContext(c), c.GlobalString("addr"), client.WithFailFast())
 }
 func listWorkers(clicontext *cli.Context) error {
-	c, err := resolveClient(clicontext)
+	c, err := bccommon.ResolveClient(clicontext)
 	if err != nil {
 		return err
 	}
--- a/cmd/buildctl/diskusage.go
+++ b/cmd/buildctl/diskusage.go
@ -7,6 +7,7 @@ import (
 	"text/tabwriter"
 	"github.com/moby/buildkit/client"
 	bccommon "github.com/moby/buildkit/cmd/buildctl/common"
 	"github.com/tonistiigi/units"
 	"github.com/urfave/cli"
 )
@ -28,12 +29,12 @@ var diskUsageCommand = cli.Command{
 }
 func diskUsage(clicontext *cli.Context) error {
-	c, err := resolveClient(clicontext)
+	c, err := bccommon.ResolveClient(clicontext)
 	if err != nil {
 		return err
 	}
-	du, err := c.DiskUsage(commandContext(clicontext), client.WithFilter(clicontext.StringSlice("filter")))
+	du, err := c.DiskUsage(bccommon.CommandContext(clicontext), client.WithFilter(clicontext.StringSlice("filter")))
 	if err != nil {
 		return err
 	}
--- a/cmd/buildctl/main.go
+++ b/cmd/buildctl/main.go
@ -1,18 +1,14 @@
 package main
 import (
 	"context"
 	"fmt"
 	"net/url"
 	"os"
 	"time"
-	"github.com/moby/buildkit/client"
+	bccommon "github.com/moby/buildkit/cmd/buildctl/common"
 	"github.com/moby/buildkit/util/apicaps"
 	"github.com/moby/buildkit/util/appdefaults"
 	"github.com/moby/buildkit/util/profiler"
 	"github.com/moby/buildkit/version"
 	opentracing "github.com/opentracing/opentracing-go"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 )
@ -89,7 +85,7 @@ func main() {
 		return nil
 	}
-	attachAppContext(app)
+	bccommon.AttachAppContext(app)
 	profiler.Attach(app)
@ -102,36 +98,3 @@ func main() {
 		os.Exit(1)
 	}
 }
 func resolveClient(c *cli.Context) (*client.Client, error) {
 	serverName := c.GlobalString("tlsservername")
 	if serverName == "" {
 		// guess servername as hostname of target address
 		uri, err := url.Parse(c.GlobalString("addr"))
 		if err != nil {
 			return nil, err
 		}
 		serverName = uri.Hostname()
 	}
 	caCert := c.GlobalString("tlscacert")
 	cert := c.GlobalString("tlscert")
 	key := c.GlobalString("tlskey")
 	opts := []client.ClientOpt{client.WithFailFast()}
 	ctx := commandContext(c)
 	if span := opentracing.SpanFromContext(ctx); span != nil {
 		opts = append(opts, client.WithTracer(span.Tracer()))
 	}
 	if caCert != "" || cert != "" || key != "" {
 		opts = append(opts, client.WithCredentials(serverName, caCert, cert, key))
 	}
 	timeout := time.Duration(c.GlobalInt("timeout"))
 	ctx, cancel := context.WithTimeout(ctx, timeout*time.Second)
 	defer cancel()
 	return client.New(ctx, c.GlobalString("addr"), opts...)
 }
--- a/cmd/buildctl/prune.go
+++ b/cmd/buildctl/prune.go
@ -6,6 +6,7 @@ import (
 	"text/tabwriter"
 	"github.com/moby/buildkit/client"
 	bccommon "github.com/moby/buildkit/cmd/buildctl/common"
 	"github.com/tonistiigi/units"
 	"github.com/urfave/cli"
 )
@ -39,7 +40,7 @@ var pruneCommand = cli.Command{
 }
 func prune(clicontext *cli.Context) error {
-	c, err := resolveClient(clicontext)
+	c, err := bccommon.ResolveClient(clicontext)
 	if err != nil {
 		return err
 	}
@ -77,7 +78,7 @@ func prune(clicontext *cli.Context) error {
 		opts = append(opts, client.PruneAll)
 	}
-	err = c.Prune(commandContext(clicontext), ch, opts...)
+	err = c.Prune(bccommon.CommandContext(clicontext), ch, opts...)
 	close(ch)
 	<-printed
 	if err != nil {
--- a/cmd/buildkitd/main.go
+++ b/cmd/buildkitd/main.go
@ -373,7 +373,7 @@ func applyMainFlags(c *cli.Context, cfg *config.Config, md *toml.MetaData) error
 	if tlskey := c.String("tlskey"); tlskey != "" {
 		cfg.GRPC.TLS.Key = tlskey
 	}
-	if tlsca := c.String("tlsca"); tlsca != "" {
+	if tlsca := c.String("tlscacert"); tlsca != "" {
 		cfg.GRPC.TLS.CA = tlsca
 	}
 	return nil