- back out changes to changing the git url
- fix gid
- ignore global ssh config option when specifying known hosts
Signed-off-by: Alex Couture-Beil <alex@earthly.dev>
- fixes assumption that ssh git clones must be via the `git` user.
- allows passing the SSH_AUTH_SOCK from the client to GitSource
- allows passing a known_host entry for ssh
Signed-off-by: Alex Couture-Beil <alex@earthly.dev>
In containerd, there is a size limit for label size (4096 chars).
If an image has many layers (> (4096-43)/72 > 55),
`containerd.io/snapshot/remote/stargz.layers` will hit the limit of
label size and the remote snapshot preparation will fail.
This commit fixes this by limiting the size of the label.
Signed-off-by: ktock <ktokunaga.mail@gmail.com>
These were previously failing due to use of sh.exe on Windows, and with
that fixed, have been revealed to depend on bind-mounts.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
Containerd's mounter doesn't yet support bind-mounts on Windows.
BuildKit short-cuts this for read-write mounts, but not read-only
mounts.
Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
Otherwise a 200 response without an ETag could be incorrectly associated
to previous content in the following scenario:
* The remote server had in the past responded with an ETag for this
resource, which was cached.
- (Otherwise, onlyETag would be empty)
* That was the only ETag cached for this resource.
- (Otherwise, onlyETag would be empty)
* The remote server then stopped supporting ETag/If-None-Match for this
resource at all.
- (Otherwise, it would respond with a 304 or a 200+ETag)
Signed-off-by: Robert Estelle <robertestelle@gmail.com>
If a single ETag is requested in `If-None-Match`, some servers do not
include that (unambiguous) ETag header in the response.
For detailed description, see:
https://github.com/moby/buildkit/issues/905#issuecomment-528058142
Signed-off-by: Robert Estelle <robertestelle@gmail.com>
It is enhancement which allows to unpack image into containerd
snapshotter storage by `--output type=image,<.>=<.>,unpack=true`.
In order to support this feature, we needs to extend the Snapshotter
witwh `Name() string` function. Because we needs to set gc label for
snapshotter which need snapshotter name.
fix: #908
Signed-off-by: Wei Fu <fuweid89@gmail.com>
Out of the two ResolveMode types in buildkit, only the lower-level one in client/llb
had a String() method. This patch makes the ResolveMode type from the source package
also have a String() method.
Signed-off-by: Tibor Vass <tibor@docker.com>
This needs to be plumbed through to `imageutil.Config` which is also used from
the `containerimage` package. Since that is used in the context of a Worker the
`platforms.Default()` (corresponding to the platform of the worker itself) is
appropriate so apply a default at that level.
Signed-off-by: Ian Campbell <ijc@docker.com>
When using `--frontend=gateway.v0` in order to use a tagged image as the
frontend it is currently required to push the tag to a registry, so that
buildkit can pull it. One can use the `image@sha256:digest` form but this is
inconvenient for the development cycle.
Instead, introduce a proxy `Resolver` which if the pull fails checks the local
image store (if there is one, which is worker dependent) for a suitable image
and if so uses that.
With this I can now:
buildctl build --frontend=dockerfile.v0 --local context=. --local dockerfile=. --exporter=image --exporter-opt=name=docker.io/ijc25/fe:dev
builtctl build --frontend=gateway.v0 --frontend-opt=source=ijc25/fe:dev --exporter=image --exporter-opt=name=hello-world:dev
Without any push to a registry.
I am using the containerd worker.
Signed-off-by: Ian Campbell <ijc@docker.com>
The previous code had 3 issues:
- The original schema 1 manifest remained in `ongoing.added` but was not added
to the content store by the conversion. #296 tried to address this in an
incorrect way and was reverted by the previous commit. Instead switch in the
schema2 manifest, which was otherwise missed.
- Empty layers in the schema 1 manifest are not propagated to the schema 2
version, meaning they are not referenced by anything and hence are never
freed up and therefore leak
- The new schema 2 image config is generated by the converter and not fetched,
so it never passes through the `HandlerFunc` which adds things to
`ongoing.added`.
Two address these last two bullets when processing a schema 1 image walk over
the converted image and together with `ongoing.added` produce lists of used and
unused blobs, use the list of used blobs to perform the GC updates and simply
delete everything on the unused list.
Closes: #301.
Signed-off-by: Ian Campbell <ijc@docker.com>
This reverts commit 92101de156 from #296.
This was the wrong approach a subsequent commit will fix this properly.
Signed-off-by: Ian Campbell <ijc@docker.com>
The behaviour of `github.com/containerd/containerd/remotes/docker/schema1` is
such that the manifest is not actually in the content store, so attempting to
delete it fails with `NotFound`, which with the `gateway.v0` frontend results
in:
time="2018-02-26T17:01:15Z" level=error msg="fatal error: rpc error: code = Unknown desc = content digest sha256:178598e51a26abbc958b8a2e48825c90bc22e641de3d31e18aaf55f3258ba93b: not found"
panic: rpc error: code = Unknown desc = content digest sha256:178598e51a26abbc958b8a2e48825c90bc22e641de3d31e18aaf55f3258ba93b: not found
It seems safe to just ignore these errors, since `NotFound` is what we wanted
after delete anyway.
This allows support for e.g. `llb.Image("docker.io/docker/whalesay:latest")`
Signed-off-by: Ian Campbell <ijc@docker.com>
Alex Couture-Beil
Tonis Tiigi
Sebastiaan van Stijn
ktock
Erik Sipsma
Paul "TBBle" Hampson
Vlad A. Ionescu
Vlad A. Ionescu
Edgar Lee
Robert Estelle
Tibor Vass
Wei Fu
Akihiro Suda
Akihiro Suda
John Howard
Tibor Vass
Ian Campbell
Vincent Demeester