05ccbce8f5
bump up runc (CVE-2019-5736)
...
0a8e4117e7https://groups.google.com/a/opencontainers.org/forum/#!topic/dev/Tc1ELm-8oDI
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-02-11 23:41:25 +09:00
175506ff7f
hack: update scripts to be go mod compatible
...
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-01-31 22:44:47 +00:00
b42582793a
bump up runc
...
Including critical security fix for `runc run --no-pivot` (unlikely to
affect BuildKit): https://github.com/opencontainers/runc/pull/1962
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-01-15 16:23:21 +09:00
c471ab81af
Merge pull request #761 from AkihiroSuda/containerd-121
...
update containerd to v1.2.1, runc to v1.0.0-rc6
2018-12-28 14:46:53 +02:00
6ed72d683f
update containerd to v1.2.1, runc to v1.0.0-rc6
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-12-26 19:48:01 +09:00
1803138c38
update shadow to 20181125
...
shadow-maint/shadow@52c081b (20181028) caused a regression that results in
`newuidmap: open of uid_map failed: Permission denied`.
The regression was fixed in shadow-maint/shadow@59c2dab (20181125).
Note that docker.io/moby/buildkit images are not affected by the
regression, because we forgot to update the rootless-base-external
image when we updated the shadow package before.
Related: genuinetools/img#191 genuinetools/img#196
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-11-30 13:38:34 +09:00
a008ce3ccd
Set GOARCH=amd64 for building stage for darwin/windows
...
Signed-off-by: Alice Frosi <afrosi@de.ibm.com>
2018-11-08 12:50:22 +01:00
3a7209cde2
unfork newuidmap/newgidmap
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-29 16:01:04 +09:00
0d80bd17a3
Merge pull request #687 from tonistiigi/dockerfile-testing
...
dockerfile: add testing external dockerfile features
2018-10-16 15:58:55 +09:00
ed64652d71
rootless: use Giuseppe's newuidmap/newgidmap
...
Apply https://github.com/shadow-maint/shadow/pull/132 so that newuidmap/newgidmap
doesn't require CAP_SYS_ADMIN
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-16 15:11:05 +09:00
706fa2556a
dockerfile: add testing external dockerfile features
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-15 22:27:07 -07:00
048130d1d0
simplify rootless
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-16 14:05:58 +09:00
fb9e2c1030
vendor: update containerd to v1.2.0-rc.1
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-12 15:27:54 -07:00
a74027cb41
hack: add release script
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-11 10:23:15 -07:00
ddfb7f77c9
hack: update test dockerfiles to buildkit
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-10 23:26:05 -07:00
40c8b4828a
update rootlesskit
...
For fix subgid interpretation (rootless-containers/rootlesskit@7c48b83f9c )
Full changes: https://github.com/rootless-containers/rootlesskit/compare/20b0fc...d843aa
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-03 14:57:25 +09:00
bf571a519e
update Go to 1.11
...
For consistency with Moby (moby/moby#37358 )
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-09-15 14:25:11 +09:00
2fa4c37854
update containerd (binary: v1.1.3, library: Aug 23, 2018)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-08-23 16:21:55 +09:00
864fa7465e
integration: rename "/opt/containerd-1.0/bin/containerd" worker to "containerd-1.0"
...
Having '/' in a worker name is confusing.
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-06 15:32:02 +09:00
580dbe08b9
rootless: add integration tests
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-04 19:27:54 +09:00
7bddb1d268
rootless: update Dockerfile
...
* AkihiroSuda/rootlesskit -> rootless-containers/rootlesskit
* /home/user/.local/run -> /run/user/1000
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-04 16:11:52 +09:00
9302734deb
Fix "cat: can't open '.tmp/ldflags': No such file or directory" errors
...
The error appears in
```
RUN go build -ldflags "$(cat .tmp/ldflags)" -o /buildctl.exe ./cmd/buildctl
```
and
```
RUN go build -ldflags "$(cat .tmp/ldflags)" -o /buildkitd.exe ./cmd/buildkitd
```
We ignore ".tmp" by ".dockerignore" file, so `COPY . .`
does not copy ".tmp".
This commit changes the image for "cross-windows" and removes
not needed instructions which are done by "buildkit-base".
This is follow up of https://github.com/moby/buildkit/pull/398
Signed-off-by: Yuichiro Kaneko <spiketeika@gmail.com>
2018-06-30 18:52:03 +09:00
347b6a3d74
hack: mitigate bug in old docker version
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-04 23:54:44 -07:00
18ac6e2d9a
test.Dockerfile: new target: "rootless"
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-06-04 23:17:03 +09:00
f350cbeb53
hack: embed git revison into binaries
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-21 20:00:45 +09:00
72c08b5cb9
update containerd (binary: v1.1.0, library: May 11, 2018)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-11 15:46:15 +09:00
062c2e8432
integration: add containerd v1.1
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-10 19:10:16 +09:00
126f91dea7
update containerd (binary: v1.0.3, library: Apr 3, 2018)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-04-04 17:22:20 +09:00
4158ef3851
add seccomp to binary building
...
Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
2018-03-23 12:59:15 -04:00
7906fb3085
vendor: update containerd to v1.0.2
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-02-13 16:00:09 -08:00
e2f4777103
update containerd (binary: v1.0.2-rc.0, library: Feb 1, 2018)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-02-01 18:38:32 +09:00
a39256e9bf
update containerd (binary: v1.0.1, library: Jan 23, 2018)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-01-23 12:55:45 +09:00
b8dc00de71
vendor: update containerd to 1.0.1-rc0
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-01-11 17:49:09 -08:00
2f2b72989c
*: buildd -> buildkitd
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-12-19 13:23:27 +09:00
2a33b2e822
*: update build tags (`containerd` -> `no_oci_worker`)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-12-18 15:47:56 +09:00
c6690523eb
Makefile: add `install` and `clean`
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-12-13 16:03:02 +09:00
c3aa849014
multi-worker daemon
...
- [X] put multiples workers in a single binary ("-tags containerd standalone")
- [X] add worker selector to LLB vertex metadata
- [X] s/worker/executor/g
- [X] introduce the new "worker" concept https://github.com/moby/buildkit/pull/176#discussion_r153693928
- [X] fix up CLI
- [X] fix up tests
- allow using multiples workers (requires inter-vertex cache copier, HUGE!) --> will be separate PR
Implementation notes:
- "Workers" are renamed to "executors" now
- The new "worker" instance holds an "executor" instance and its
related stuffs such as the snapshotter
- The default worker is "runc-overlay"
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-12-12 15:17:58 +09:00
e5771e2830
integration: support local registry
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-12-08 14:23:17 -08:00
0cce3a7b8e
hack: update test dockerfile
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-12-06 15:49:05 -08:00
fdfa6bcb59
vendor: update containerd to 1.0.0
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-12-04 23:34:25 -08:00
9450a8b714
hack: update test script
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-11-29 17:42:58 -08:00
a65691d075
Update test.Dockerfile (bump containerd version)
...
bunp containerd version to match the needed one
2017-11-26 09:08:08 +01:00
df81b2b666
vendor: update containerd to 9649a428e8c470cddc0d5a3c394f36111f940adc
...
changes:
9649a428e8...4af5f65752
2017-11-24 08:17:06 +00:00
7699b1a1eb
vendor: update containerd to 9649a428e
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-11-17 19:43:55 -08:00
c71a1ca768
bump up containerd (v1.0.0-beta.3)
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-11-13 05:36:59 +00:00
473346d1a5
update to go1.9
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-11-01 18:22:56 -07:00
5a2bedb683
Update state directory defaults
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-10-18 12:52:51 +02:00
01aaf130e5
solver: refactor to a shared vertex solver model
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-09-18 13:58:33 -07:00
279940b60d
vendor containerd d1e11f17ec7b325f89608dd46c128300b8727d50
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-09-14 19:06:31 +00:00
a0c9d7c690
vendor containerd v1.0.0-beta.0
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2017-09-09 11:13:02 +00:00
Akihiro Suda
Tibor Vass
Tõnis Tiigi
Alice Frosi
Akihiro Suda
Yuichiro Kaneko
Jess Frazelle
f0