6921dbe0f6
snapshot: base for userns remapping
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-04-02 18:23:46 -07:00
758c61e873
Merge pull request #570 from kunalkushwaha/entirlement-revised
...
security entitlement support
2019-03-28 16:14:06 -07:00
a2bbb5ff39
security entitlement support
...
Signed-off-by: Kunal Kushwaha <kushwaha_kunal_v7@lab.ntt.co.jp>
2019-03-27 13:57:03 +09:00
33bb70c810
Merge pull request #896 from tonistiigi/config-load-err
...
buildkitd: error on config load error
2019-03-26 16:36:31 -07:00
aa31ff073f
Check the validity of the platforms
...
platforms can still be added but some warning message
will be emitted if the platform cannot pass the validity
check.
Signed-off-by: Dave Chen <dave.chen@arm.com>
2019-03-23 21:09:42 -07:00
1dd4a0ace1
buildkitd: error on config load error
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-22 11:20:08 -07:00
0d17ac323e
fileop: updates with new fsutil copy pkg
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-15 17:49:58 -07:00
7210bf6806
fileop: add chown support
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-15 17:49:50 -07:00
4ffd79735b
fileop: connect with contenthash
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-15 16:31:00 -07:00
227525ed13
buildkitd: fix default platforms conf
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-03-11 10:38:19 -07:00
a08c4479d5
Fix TLS issues
...
* buildkitd: `--tlscacert` had been ignored
* buildctl: TLS flags had been ignored for `buildctl debug workers`
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-03-05 18:33:43 +09:00
fb73a926c0
util: add binfmt_misc binary detection
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-02-28 11:00:04 -08:00
26010a4864
decouple SessionManager from Worker
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-02-23 22:55:17 +09:00
76be359fd1
Merge pull request #796 from tonistiigi/gc-controls
...
Allow quick config of GC
2019-01-27 13:51:39 -08:00
a7c6e9d465
buildkitd: add containerd worker gc flags
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-01-22 17:34:40 -08:00
a1f3f8462c
buildkitd: add oci worker gc flags
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-01-22 17:34:40 -08:00
cf31b501ba
buildkitd: add more gc config options
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-01-22 17:34:40 -08:00
97eff70c5e
inline remote cache support
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-01-21 19:39:15 -08:00
6e7617e889
support local cache exporter and importer
...
Export:
$ buildctl build ... --export-cache type=local,store=/path/to/output-dir
Import:
$ buildctl build ... --import-cache type=local,store=/path/to/input-dir
Impact on CLI:
* Old (deprecated but still effective): `--export-cache localhost:5000/myrepo:buildcache --export-cache-opt mode=max`
* New: `--export-cache type=registry,ref=localhost:5000/myrepo:buildcache,mode=max`
Impact on API:
* New fields are added to control.proto and gateway.proto. The daemon
internally translates old API calls to the new ones.
* While new API can be used for `registry` caches, the client continues
to use the legacy API for `registry` caches to ensure compatibility with
old daemons.
* To import `local` caches with a frontend, the frontend needs to support
a new frontend opt `cache-imports`.
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-01-19 02:38:26 +09:00
c54f4a986d
support --oci-worker-no-process-sandbox
...
Note that this mode allows build executor containers to kill (and potentially ptrace) an arbitrary process in the BuildKit host namespace.
This mode should be enabled only when the BuildKit is running in a container as an unprivileged user.
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2019-01-08 10:42:52 +09:00
9da7b50195
cmd: fix app version reporting
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-11 13:46:40 -07:00
ddfb7f77c9
hack: update test dockerfiles to buildkit
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-10-10 23:26:05 -07:00
1d2cc873a9
gc: fix build on 32bit
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-09-25 23:11:14 -07:00
2de2c04c8e
Revendoring to move boltdb to bbolt
...
Signed-off-by: John Howard <jhoward@microsoft.com>
2018-09-18 11:18:08 -07:00
907411c7e8
Merge pull request #605 from fuweid/feature_add_namespace_in_config
...
cmd,worker: support customize namespace for containerd worker
2018-09-11 11:56:24 +09:00
53aa4053bb
cmd,worker: support customize namespace for containerd worker
...
Allow user to customize containerd namespace, not just `buildkit`. It
can help user to integration with existing data easily.
Signed-off-by: Wei Fu <fuweid89@gmail.com>
2018-09-11 09:41:42 +08:00
ecd4a22546
resolver: add config support for mirrors/plainhttp
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-09-07 18:44:45 -07:00
756ca6cc6d
Merge pull request #602 from tonistiigi/gc
...
automatic GC
2018-09-05 10:47:21 +09:00
079c747c4e
ontrol: support calling automatic GC
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-09-04 18:13:29 -07:00
7cb70e1c31
Initialise workers' label maps before assigning.
...
Otherwise:
panic: assignment to entry in nil map
goroutine 1 [running]:
main.applyOCIFlags(0xc4200e71e0, 0xc420400000, 0x0, 0x0)
/go/src/github.com/moby/buildkit/cmd/buildkitd/main_oci_worker.go:97 +0x1ac
main.ociWorkerInitializer(0xc4200e71e0, 0xc4204104e0, 0xc420400000, 0x43409b, 0x12, 0xc42026b0f8, 0x4337fc, 0xc420000180)
/go/src/github.com/moby/buildkit/cmd/buildkitd/main_oci_worker.go:118 +0x50
main.newWorkerController(0xc4200e71e0, 0xc4204104e0, 0xc420400000, 0xc420422000, 0xe5dc54, 0x11)
/go/src/github.com/moby/buildkit/cmd/buildkitd/main.go:520 +0x324
main.newController(0xc4200e71e0, 0xc420400000, 0x1c0, 0x0, 0x0)
/go/src/github.com/moby/buildkit/cmd/buildkitd/main.go:489 +0xdc
main.main.func3(0xc4200e71e0, 0x0, 0x0)
/go/src/github.com/moby/buildkit/cmd/buildkitd/main.go:203 +0x3dd
github.com/moby/buildkit/vendor/github.com/urfave/cli.HandleAction(0xcdd420, 0xe93e98, 0xc4200e71e0, 0xc4200e71e0, 0xc42026b888)
/go/src/github.com/moby/buildkit/vendor/github.com/urfave/cli/app.go:502 +0xc8
github.com/moby/buildkit/vendor/github.com/urfave/cli.(*App).Run(0xc4201b6540, 0xc4200300a0, 0xa, 0xa, 0x0, 0x0)
/go/src/github.com/moby/buildkit/vendor/github.com/urfave/cli/app.go:268 +0x60c
main.main()
/go/src/github.com/moby/buildkit/cmd/buildkitd/main.go:238 +0xc64
Also add some random labels to the integration sandbox (which I have confirmed
is enough to trigger this issue before the fix).
Signed-off-by: Ian Campbell <ijc@docker.com>
2018-09-03 11:35:36 +01:00
c524709f4a
buildkitd: add config file support
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-08-30 16:11:55 -07:00
decb27618b
containerd: set timeout explicitly (60s)
...
The contained default value was shortened from 60s to 10s in containerd/containerd#2554
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-08-23 18:14:57 +09:00
fde47cc113
buildkitd: seed math rand
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-17 11:22:51 -07:00
d86efeb63a
buildkitd: allow custom worker platforms for containerd
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-16 13:54:59 -07:00
01b7a29e86
gateway: return result from solve
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-12 17:51:44 -07:00
9684362cb0
frontend: move forwarder under gateway
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-12 17:50:19 -07:00
d5c9d39128
apicaps: set exportedproduct from binary
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-09 16:32:39 -07:00
c8fa75ffc1
dockerfile: read default build platform from workers
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-09 16:32:39 -07:00
946a12eb42
gateway: expose worker information
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-07-09 16:32:39 -07:00
80d2f820f9
decopule cache/remotecache from registry
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-04 17:38:09 +09:00
8ef8a7c632
rootless: bail if euid != 0
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-02 15:47:57 +09:00
27b6ab4940
rootless: fix default path configuration
...
if buildkitd is being executed as the mapepd-root ($USER==root)
in a rootless container, we need to enable the rootless mode but
we don't want to honor $HOME.
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-07-02 15:47:57 +09:00
85e98104cf
worker: remove arch/os labels
...
Superceded by platforms array.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-24 22:49:06 -07:00
a1bafadfd5
worker: add platforms support
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-06-22 11:46:46 -07:00
b003c68521
oci-worker: resolve snapshotter label to real name
...
before: `org.mobyproject.buildkit.worker.snapshotter:auto`
after: `org.mobyproject.buildkit.worker.snapshotter:overlayfs`
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-06-05 17:38:16 +09:00
adef0dedef
oci-worker: experimental support for rootless mode
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-31 16:05:13 +09:00
f350cbeb53
hack: embed git revison into binaries
...
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-05-21 20:00:45 +09:00
71f5e6dd21
solver: rename solver-next to solver
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
f617d38aaa
rename cacheimport to remotecache
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
77c2793ebb
remove unused packages
...
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2018-05-14 09:53:34 -07:00
Tonis Tiigi
Kunal Kushwaha
Tibor Vass
Dave Chen
Akihiro Suda
John Howard
Akihiro Suda
Wei Fu
Ian Campbell