Commit Graph

102 Commits (1ec543e38404d80f1670c816f9a0b4389c345796)

Author SHA1 Message Date
Akihiro Suda c54f4a986d support --oci-worker-no-process-sandbox
Note that this mode allows build executor containers to kill (and potentially ptrace) an arbitrary process in the BuildKit host namespace.
This mode should be enabled only when the BuildKit is running in a container as an unprivileged user.

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-01-08 10:42:52 +09:00
Akihiro Suda a62e7cf1e0 worker/base: allow running without `git` installed
genuinetools/img#195

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-11-28 18:43:43 +09:00
Tonis Tiigi ddfb7f77c9 hack: update test dockerfiles to buildkit
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-10 23:26:05 -07:00
Tonis Tiigi 89e8097d4c fix setting uncompressed label on content
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-08 23:11:25 -07:00
Edgar Lee 688972691f Fix typo in error getting diff pairs 2018-09-21 13:56:05 -07:00
Akihiro Suda aa73951164
Merge pull request #631 from jhowardmsft/boltdb
Revendoring to move boltdb to bbolt
2018-09-19 13:59:08 +09:00
John Howard 2de2c04c8e Revendoring to move boltdb to bbolt
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-09-18 11:18:08 -07:00
Tonis Tiigi 757795e556 cache: fix usage counters
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-09-14 18:44:44 -07:00
Akihiro Suda 907411c7e8
Merge pull request #605 from fuweid/feature_add_namespace_in_config
cmd,worker: support customize namespace for containerd worker
2018-09-11 11:56:24 +09:00
Wei Fu 53aa4053bb cmd,worker: support customize namespace for containerd worker
Allow user to customize containerd namespace, not just `buildkit`. It
can help user to integration with existing data easily.

Signed-off-by: Wei Fu <fuweid89@gmail.com>
2018-09-11 09:41:42 +08:00
Tonis Tiigi ecd4a22546 resolver: add config support for mirrors/plainhttp
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-09-07 18:44:45 -07:00
Tibor Vass a9fe50acf1
Merge pull request #580 from AntaresS/handle-cgroups
allow customized cgroup-parent for runcexecutor
2018-09-06 11:15:51 -07:00
Anda Xu b0677e7ef1 allow customized cgroup-parent for runcexecutor
Signed-off-by: Anda Xu <anda.xu@docker.com>
2018-09-05 12:53:57 -07:00
Tonis Tiigi 079c747c4e ontrol: support calling automatic GC
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-09-04 18:13:29 -07:00
Michael Crosby b97bc71adb Refactor networking with ns paths
This fixes the issues where buildkit and callers do not have to be a
subpreaper in order to use networking.  I can add CNI provider later,
with a hidden sub command to create a new network namespace and bind
mount it to buildkit's state dir.

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2018-08-21 13:37:47 -04:00
Tonis Tiigi f8dd602282 runc: improve canceling
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-08-07 11:51:56 -07:00
Kunal Kushwaha 765f1b64b9 executor: allow network providers
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-08-07 11:51:56 -07:00
Tonis Tiigi d1ad6961e3 cache: detect refs shared with image store
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-27 14:08:50 -07:00
Tibor Vass aa81807f1c
Merge pull request #542 from tonistiigi/resolvemode
llb: add resolvemode to image source
2018-07-26 14:04:27 -07:00
Tonis Tiigi 87f43efda5 cache: implementation for prune filtering
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-25 19:35:49 -07:00
Tonis Tiigi 9f5e5c7dc7 metaresolver: refactor to option struct and resolvemode
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-25 18:22:15 -07:00
Tonis Tiigi a7fedd9c9f control: clean up cache metadata after prune
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-23 16:27:01 -07:00
Tonis Tiigi 2da2aff164 llbsolver: add secret mounts
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-19 22:02:05 -07:00
Tonis Tiigi bc765861be diff: implement windows layer support for linux
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-16 16:33:21 -07:00
Tonis Tiigi 946a12eb42 gateway: expose worker information
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-09 16:32:39 -07:00
Tõnis Tiigi f3b743bd13
Merge pull request #467 from dmcgowan/export-oci-media-types
Support creating and pushing OCI types
2018-06-28 14:46:34 -07:00
Derek McGowan 618f34a1f9 Support creating and pushing OCI types
Adds image and oci exporter option "oci-mediatypes"
Ensures that the images created in the content store
have the correct type which matches the manifest.
Sets the correct media type on the descriptor in push from
reading the type specified in the manifest.
Removes use of distribution manifest packages.

Signed-off-by: Derek McGowan <derek@mcgstyle.net>
2018-06-28 11:23:35 -07:00
Tonis Tiigi f9383c48a3 source: image source platform support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-25 10:39:17 -07:00
Akihiro Suda 19612b901f
Merge pull request #462 from tonistiigi/llbconstraints
llb: force platform in llb and allow constraints
2018-06-26 01:03:38 +09:00
Tonis Tiigi 85e98104cf worker: remove arch/os labels
Superceded by platforms array.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-24 22:49:06 -07:00
Tonis Tiigi 242697af59 llb: add marshal roundtrip tests for platform
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-22 17:55:36 -07:00
Tonis Tiigi a1bafadfd5 worker: add platforms support
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-22 11:46:46 -07:00
Kunal Kushwaha e991a846be Default mounts set for buildkit
containerd/oci_specs mounts /run, which is not
required by buildkit.

Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
2018-06-07 14:43:44 +09:00
Akihiro Suda adef0dedef oci-worker: experimental support for rootless mode
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-31 16:05:13 +09:00
Tonis Tiigi 8084e8cde9 llbsolver: allow empty returns for opts
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-22 15:46:32 -07:00
Tonis Tiigi 2bd78c3c6e llbsolver: add support for cached mount type
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-15 12:24:20 -07:00
Tonis Tiigi 71f5e6dd21 solver: rename solver-next to solver
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
Tonis Tiigi f00ba89a30 llbsolver: support detecting existing remotes
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
Tonis Tiigi a7bc9b9fd2 cache: maintain creation time with remote cache
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
Tonis Tiigi 77c2793ebb remove unused packages
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
Tonis Tiigi b6c782d53e control: switch to use solver-next
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
Tonis Tiigi e24e194078 remove net/context references
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-04-30 18:10:54 -07:00
Tonis Tiigi 2dba0488c8 runc: make command name configurable
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-04-17 20:39:19 -07:00
Tõnis Tiigi 89f8bc1c02
Merge pull request #329 from AkihiroSuda/containerd-20180403
update containerd (binary: v1.0.3, library: Apr 3, 2018)
2018-04-04 10:05:42 -07:00
Akihiro Suda 126f91dea7 update containerd (binary: v1.0.3, library: Apr 3, 2018)
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-04-04 17:22:20 +09:00
Ian Campbell 4bae684e32 Invert tags on runc worker test so they run by default.
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-04-03 11:01:46 +01:00
Tõnis Tiigi a0a7301ea0
Merge pull request #312 from tonistiigi/throttle-gc
worker: throttle calls to gc
2018-03-26 09:34:35 -07:00
Jess Frazelle b0f34cb8cd
export cache
Signed-off-by: Jess Frazelle <acidburn@microsoft.com>
2018-03-21 12:34:05 -04:00
Tonis Tiigi da633a8e6b worker: throttle calls to gc
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-03-19 10:40:31 -07:00
Tõnis Tiigi 18280e73cc
Merge pull request #289 from ijc/allow-local-image-for-gateway-fe
Use local images if pull fails
2018-03-06 09:59:17 -08:00