Commit Graph

247 Commits (bc07b2b81b1c6a62d29981ac564b16a15ce2bfa7)

Author SHA1 Message Date
Tonis Tiigi a1094c61f9 contenthash: include basename in content checksum for wildcards
While we generally ignore the basename in this layer, for wildcards
there in no other place to add the basename to the checksum as they
can not be resolved earlier. Before the basename that was in the
checksum was the wildcard itself, so if the wildcard remained same,
content remained same but the file where wildcard pointed to was
renamed, the cache was not invalidated.

Unfortunately, this change breaks cache for all copy commands that
use a wildcard.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 1982e1e285)
2021-04-21 23:26:58 -07:00
Tonis Tiigi 3a270318fc allow skipping empty layer detection on cache export
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
(cherry picked from commit 29af1397e2)
Signed-off-by: Tibor Vass <tibor@docker.com>
2021-02-24 20:27:18 +00:00
Tibor Vass 717a4c72ae
Merge pull request #1825 from tonistiigi/prepareRemoteSnapshots-panic-fix
cache: handle nil result from flightcontrol
2020-11-25 15:27:04 -08:00
ktock 0bd43aa1dc Check remote snapshot availability only for stargz
Signed-off-by: ktock <ktokunaga.mail@gmail.com>
2020-11-21 15:05:12 +09:00
Tonis Tiigi 54908ec03f cache: handle nil result from flightcontrol
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-11-20 20:35:26 -08:00
Akihiro Suda a846452fa1
Merge pull request #1791 from tonistiigi/push-pull-retry
add retry handlers to push/pull
2020-11-16 13:28:07 +09:00
Tonis Tiigi cf8babde54 progress: refactor logger handler to better reuse
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-11-15 13:33:58 -08:00
Tibor Vass fad612e748 Allow worker to override GetRemote(), needed in moby integration
This fixes panics in the moby integration of buildkit when using cache.
Panics come from nil Differ in computeBlobChain which is called in GetRemote().

GetRemote() got moved from Worker to ImmutableRef during the lazy-pull refactor.
However, the ability to easily override GetRemote() got lost with that refactor.

This patch attempts to allow for the override while keeping changes minimal.

Signed-off-by: Tibor Vass <tibor@docker.com>
2020-11-13 21:30:35 +00:00
Tibor Vass ce283f39b5
Merge pull request #1773 from tonistiigi/preprocess
solver: add input preprocess capability
2020-11-12 21:07:00 -08:00
Tibor Vass 9dabe0545f Fixes needed to vendor buildkit into moby
Signed-off-by: Tibor Vass <tibor@docker.com>
2020-11-13 01:51:55 +00:00
Tonis Tiigi aa29e77294 fix import cycle in integration test pulls
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-11-11 21:21:08 -08:00
Tonis Tiigi e86356ddf8 solver: add input preprocess capability
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-11-03 14:49:44 -08:00
Tonis Tiigi e3b05289d8 add session injection to remote loading
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-11-02 22:20:44 -08:00
Sebastiaan van Stijn fbe1346912
replace github.com/docker/docker/pkg/locker with moby/locker v1.0.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-10-30 09:25:05 +01:00
Tonis Tiigi 8adf951bc7 remotecache: allow oci mediatypes on exporting to registry
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-10-23 00:20:59 -07:00
Tonis Tiigi c8b8d6ce63 exptypes: define empty gz layer digest
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-10-18 23:39:23 -07:00
Tonis Tiigi 85dd12d875 remotecache: don’t export cache for empty layers
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-10-18 23:39:23 -07:00
Tõnis Tiigi 4f3fb6155a
Merge pull request #1659 from tonistiigi/loop-export-fix
remotecache: validate out broken links from loops
2020-10-18 22:01:54 -07:00
Tonis Tiigi c95dd17ffe remotecache: validate out broken links from loops
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-08-30 18:59:15 -07:00
ktock c975424deb Enable to use remote snapshots for refs
Signed-off-by: ktock <ktokunaga.mail@gmail.com>
2020-08-24 08:44:00 +09:00
Tonis Tiigi b474dbf55f resolver: clean up unused resolver pool
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-08-13 17:27:18 -07:00
Tonis Tiigi f1cd79bf65 resolver: add better pooling and custom authenticator
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-08-13 17:27:11 -07:00
Erik Sipsma 1b30fd146b cache: Remove ImageRef from DescHandlers
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
2020-08-05 17:18:43 -07:00
Erik Sipsma cdcf49fd18 Fix progress in schema1 pull.
Signed-off-by: Erik Sipsma <erik@sipsma.dev>
2020-08-05 17:18:43 -07:00
Erik Sipsma 55cbd19dec Add support for lazily-pulled blobs in cache manager.
This allows the layers of images to only be pulled if/once they are actually
required.

Signed-off-by: Erik Sipsma <erik@sipsma.dev>
2020-08-05 17:18:43 -07:00
Paul "TBBle" Hampson 6c824d68f1 Use filesystem-supplied modes for checksumming content
The existing code was spuriously failing unit tests, because it was
stripping non-permission bits off the file mode.

On examination, the behaviour was inherited from similar code in
moby/moby, which was intended to affect the resulting filemodes inside
a Linux-based container built from Windows. However, this code path does
have that effect in BuildKit as we are only calculating checksums here.

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-07-29 02:50:24 +10:00
Paul "TBBle" Hampson 46995ec794 Don't silently ignore failed wildcard expansion
This was letting mount-related errors slip by, and instead returning
an empty hash.

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-07-29 02:50:20 +10:00
Paul "TBBle" Hampson b2d3473cba Skip tests on Windows that attempt to bind-mount read-only
Containerd's mounter doesn't yet support bind-mounts on Windows.
BuildKit short-cuts this for read-write mounts, but not read-only
mounts.

Signed-off-by: Paul "TBBle" Hampson <Paul.Hampson@Pobox.com>
2020-07-28 18:07:20 +10:00
Tõnis Tiigi a67af5b10c
Merge pull request #1581 from alexcb/tar-exporter-with-socket-copy-reproduce-error
fix socket handling during copy
2020-07-23 12:07:15 -07:00
Alex Couture-Beil 5382a2056e Treat unix sockets as regular files
This fix is similar to the fix in #1144; but was hit in a different code
path.

Signed-off-by: Alex Couture-Beil <alex@earthly.dev>
2020-07-23 11:25:48 -07:00
Tonis Tiigi 5da4a40ae8 lint: enable more linters
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-19 09:28:36 -07:00
Tonis Tiigi 0ed9eb77ce contenthash: fix buffer reuse pool
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-19 09:28:36 -07:00
Tonis Tiigi 57abacc68d contenthash: avoid deprecated Xattrs header
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-19 09:28:36 -07:00
Tonis Tiigi c8190b1518 lint: enable golint
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-19 09:28:24 -07:00
Tonis Tiigi 57a88b0afb lint: add misspell and unused
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-18 08:13:57 -07:00
Erik Sipsma 806fddd7f7 remotecache: Only visit each item once when walking results.
Before this change, walkAllResults did not skip an item if it had already been
visited, so walking the graph of results actually followed every single possible
path in the graph instead of just visiting each item once.

On small graphs this wasn't noticeable, but on sufficiently large remote cache
imports this rapidly scaled out of control. For example, I first encountered
this when importing a max-cache from a build of a full linux rootfs from source
(which takes about 30 minutes to build w/out cache on an 18-core machine) and
after 30 minutes the cache import was still running with all CPUs pegged at 100%

To fix this, walkAllResults now keeps a map of already visited items (keyed by
their pointer) and skips visiting an item if it's already been visited, making
it usable on large remote cache imports.

Signed-off-by: Erik Sipsma <erik@sipsma.dev>
2020-07-16 17:49:36 -07:00
Akihiro Suda b2336d60bf
Merge pull request #1568 from tonistiigi/inline-fix
inline cache: fix handling of duplicate blobs
2020-07-16 18:20:02 +09:00
Tonis Tiigi be1a6aaa7a inline cache: fix handling of duplicate blobs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-15 15:45:32 -07:00
Tonis Tiigi 214aa5dbcf pull: allow separate sessions for different parts of pull
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-05 00:15:33 -07:00
Tonis Tiigi 2e9987ad16 session: track sessions with a group construct
Avoid hidden session passing and allow one session to drop when
multiple builds share a vertex.

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-07-05 00:15:25 -07:00
Erik Sipsma 61bd44337b image export: Use correct media type when creating new layer blobs.
There are a few bugs in the image export related code being fixed here.
GetMediaTypeForLayers was iterating over diffPairs in the wrong order, resulting
in it always returning nil for images with more than one layer. This actually
worked most of the time because it accidentally triggered a separate codepath
meant to handle v0.6 migrations where mediatypes left empty get filled in.
However, fixing that bug revealed another existing bug where the "oci" parameter
in the image exporter was not being honored except when the v0.6 codepath got
followed, resulting in images to always have oci layer media types even when
docker types are used for the rest of the image descriptors.

Due to the interaction between these various bugs, the only practical end effect
previously was that single-layer images could use the wrong layer media type. An
existing test has been expanded to cover that case in a previous commit.

Signed-off-by: Erik Sipsma <erik@sipsma.dev>
2020-06-24 12:07:00 -07:00
Tonis Tiigi 99e77a889e cache: avoid snapshot migration on shallow refs
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-06-12 17:59:30 -07:00
Tonis Tiigi b0d3737627 contenthash: allow security.capability in cache checksum
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-06-07 22:16:56 -07:00
Tonis Tiigi 8cd41468c0 cache: avoid nil dereference
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-05-27 14:58:16 -07:00
Sebastiaan van Stijn 3ddd1fc23c
Fix goimports linting
```
[5/5] RUN --mount=target=/go/src/github.com/moby/buildkit 	gometalinter ...
0.435 util/rootless/specconv/specconv_linux.go:1:⚠️ file is not goimported (goimports)
1.320 cache/manager.go:1:⚠️ file is not goimported (goimports)
1.335 cache/manager_test.go:1:⚠️ file is not goimported (goimports)
1.337 cache/migrate_v2.go:1:⚠️ file is not goimported (goimports)
1.342 cache/refs.go:1:⚠️ file is not goimported (goimports)
1.454 cache/remotecache/registry/registry.go:1:⚠️ file is not goimported (goimports)
2.285 cmd/buildctl/build.go:1:⚠️ file is not goimported (goimports)
3.082 executor/oci/user.go:1:⚠️ file is not goimported (goimports)
4.333 session/content/content_test.go:1:⚠️ file is not goimported (goimports)
4.614 snapshot/containerd/content.go:1:⚠️ file is not goimported (goimports)
4.721 solver/errdefs/vertex.go:1:⚠️ file is not goimported (goimports)
6.066 util/network/cniprovider/cni.go:1:⚠️ file is not goimported (goimports)
ERROR: executor failed running [/bin/sh -c gometalinter --config=gometalinter.json ./...]: buildkit-runc did not terminate successfully
```

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-13 17:38:56 +02:00
Tonis Tiigi 37b8832d00 upgrade errors checks to Is()
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-04-18 22:53:38 -07:00
Tonis Tiigi 2c3cf11fde resolver: update to new registryhosts based config
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-03-05 19:56:43 -08:00
Tonis Tiigi 81e711302a contenthash: ignore system and security xattrs in calculation
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2020-03-03 19:37:28 -08:00
Akihiro Suda 7b579cdb98 vendor: update containerd (and various packages)
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2020-02-28 10:24:10 +09:00
HowJMay b19698c4fc fix: Fix typo
fix typo in code

Signed-off-by: HowJMay <vulxj0j8j8@gmail.com>
2020-01-25 15:53:07 +08:00