This sets the platform prefix based on the `BUILDKIT_MULTI_PLATFORM`
value (if set). This is similar to the changes here in
docker/buildx@7f58ad45fa
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Set's an apparmor profile on the OCI spec if one is configred on the
worker.
Adds selinux labels to containers (only added if selinux is enabled on
the system).
This assumes that the specified apparmor profile is already loaded on
the system and does not try to load it or even check if it is loaded.
SELinux support requires the `selinux` build tag to be added.
Likewise, `runc` would require both the `apparmor` and `selinux` build
tags.
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
Vendored go-selinux to v1.8.0
Fixed tests
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit 68bb095353)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Cache mount instances are shared between multiple vertextes/builds
so if one of the cloned instance gets committed reference count
will get corrupted as other parts of the code still see reference as
mountable.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
The FlagsUsed contains a list of flags that were used, which allows the classic
(non-buildkit) builder in dockerd to produce an error when non-supported options
are used in a Dockerfile.
This is a short-term solution; a more permanent solution will be to keep track
of which version of the Dockerfile syntax is supported, and to have the classic
builder pass the maximum supported version of the syntax.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Used go-systemd code from moby/moby daemon
Only added `buildkitd --addr fd://` for now.
Don't do systemd fds for windows buildkitd
Add buildkit systemd units README/examples
Signed-off-by: Anders F Björklund <anders.f.bjorklund@gmail.com>
The git repo of github.com/containerd/stargz-snapshotter now has two go.mod modules:
- github.com/containerd/stargz-snapshotter
- github.com/containerd/stargz-snapshotter/estargz
So we need to have the following `replace` directive in `go.mod`:
```
github.com/containerd/stargz-snapshotter/estargz => github.com/containerd/stargz-snapshotter/estargz <VERSION>
```
Otherwise `go mod tidy` fails with the following error:
```
go: github.com/containerd/stargz-snapshotter@v0.2.1-0.20201217071531-2b97b583765b requires
github.com/containerd/stargz-snapshotter/estargz@v0.0.0-00010101000000-000000000000: invalid version: unknown revision 000000000000
```
ref: https://github.com/containerd/stargz-snapshotter/pull/195
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
DOCKER_BUILDKIT CLI is slightly different from buildx.
It is hard to maintain DOCKER_BUILDKIT as a buildx alternative.
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Tõnis Tiigi
Brian Goff
Akihiro Suda
Rob Taylor
zhangwenlong
Sebastiaan van Stijn
ktock
Alex Couture-Beil
Anders F Björklund
CrazyMax
Sebastiaan van Stijn
Tibor Vass