diff --git a/go.mod b/go.mod index c8b0f4c4..e207b2e6 100644 --- a/go.mod +++ b/go.mod @@ -23,7 +23,7 @@ require ( github.com/google/uuid v1.3.0 github.com/hashicorp/go-cty-funcs v0.0.0-20200930094925-2721b1e36840 github.com/hashicorp/hcl/v2 v2.8.2 - github.com/moby/buildkit v0.12.1-0.20230717122532-faa0cc7da353 // v0.12.1-dev + github.com/moby/buildkit v0.12.1-0.20230804094609-b49a8873179b github.com/moby/sys/mountinfo v0.6.2 github.com/moby/sys/signal v0.7.0 github.com/morikuni/aec v1.0.0 diff --git a/go.sum b/go.sum index 5b1a1a5f..8f01e5f9 100644 --- a/go.sum +++ b/go.sum @@ -372,8 +372,8 @@ github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 h1:DpOJ2HYzC github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo= github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY= github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= -github.com/moby/buildkit v0.12.1-0.20230717122532-faa0cc7da353 h1:/ZIwqvOF3QKObJbjX96xVvAKtnWdw/AuEqysbbujaZA= -github.com/moby/buildkit v0.12.1-0.20230717122532-faa0cc7da353/go.mod h1:+n9GmkxwBCjVz4u7wmiyh+oqvjIjQM+1zk3iJrWfdos= +github.com/moby/buildkit v0.12.1-0.20230804094609-b49a8873179b h1:LUpEbvxcyM0NuWk54WwNjDVZ5YujyCm1CudzZpqaohE= +github.com/moby/buildkit v0.12.1-0.20230804094609-b49a8873179b/go.mod h1:bs0LeDdh7AQpYXLiPNUt+hzDjRxMg+QeLq1a1r0awFM= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M7DBo= diff --git a/tests/build.go b/tests/build.go index 70153554..34ad5920 100644 --- a/tests/build.go +++ b/tests/build.go @@ -141,7 +141,7 @@ func testImageIDOutput(t *testing.T, sb integration.Sandbox) { outFlag := "--output=type=docker" - if sb.Name() == "remote" { + if sb.DockerAddress() == "" { // there is no Docker atm to load the image outFlag += ",dest=" + targetDir + "/image.tar" } @@ -210,14 +210,15 @@ func testBuildMobyFromLocalImage(t *testing.T, sb integration.Sandbox) { require.NoError(t, cmd.Run()) // create local tag matching a remote one - cmd = dockerCmd(sb, withArgs("tag", "busybox:latest", "busybox:1.36")) + cmd = dockerCmd(sb, withArgs("tag", "busybox:latest", "busybox:1.35")) cmd.Stderr = os.Stderr require.NoError(t, cmd.Run()) // build image and check that it uses the local tag + // (note: the version check should match the version of busybox in pins.go) dockerfile = []byte(` -FROM busybox:1.36 -RUN busybox | head -1 | grep v1.35.0 +FROM busybox:1.35 +RUN busybox | head -1 | grep v1.36.1 `) dir = tmpdir(t, fstest.CreateFile("Dockerfile", dockerfile, 0600)) cmd = buildxCmd( diff --git a/tests/integration_test.go b/tests/integration_test.go index 0e7f9acd..332d28d2 100644 --- a/tests/integration_test.go +++ b/tests/integration_test.go @@ -7,10 +7,11 @@ import ( "github.com/docker/buildx/tests/workers" "github.com/docker/distribution/reference" "github.com/moby/buildkit/util/testutil/integration" + bkworkers "github.com/moby/buildkit/util/testutil/workers" ) func init() { - if integration.IsTestDockerd() { + if bkworkers.IsTestDockerd() { workers.InitDockerWorker() workers.InitDockerContainerWorker() } else { @@ -32,7 +33,7 @@ func TestIntegration(t *testing.T) { func testIntegration(t *testing.T, funcs ...func(t *testing.T, sb integration.Sandbox)) { mirroredImages := integration.OfficialImages("busybox:latest", "alpine:latest") buildkitImage := "docker.io/moby/buildkit:buildx-stable-1" - if integration.IsTestDockerd() { + if bkworkers.IsTestDockerd() { if img, ok := os.LookupEnv("TEST_BUILDKIT_IMAGE"); ok { ref, err := reference.ParseNormalizedNamed(img) if err == nil { diff --git a/tests/workers/backend.go b/tests/workers/backend.go index 80249a26..87eb5808 100644 --- a/tests/workers/backend.go +++ b/tests/workers/backend.go @@ -1,10 +1,20 @@ package workers +import ( + "os" + "strings" + + "github.com/moby/buildkit/util/testutil/integration" +) + type backend struct { - builder string - context string + builder string + context string + unsupportedFeatures []string } +var _ integration.Backend = &backend{} + func (s *backend) Address() string { return s.builder } @@ -24,3 +34,26 @@ func (s *backend) Snapshotter() string { func (s *backend) Rootless() bool { return false } + +func (s backend) Supports(feature string) bool { + if enabledFeatures := os.Getenv("BUILDKIT_TEST_ENABLE_FEATURES"); enabledFeatures != "" { + for _, enabledFeature := range strings.Split(enabledFeatures, ",") { + if feature == enabledFeature { + return true + } + } + } + if disabledFeatures := os.Getenv("BUILDKIT_TEST_DISABLE_FEATURES"); disabledFeatures != "" { + for _, disabledFeature := range strings.Split(disabledFeatures, ",") { + if feature == disabledFeature { + return false + } + } + } + for _, unsupportedFeature := range s.unsupportedFeatures { + if feature == unsupportedFeature { + return false + } + } + return true +} diff --git a/tests/workers/docker-container.go b/tests/workers/docker-container.go index de6a78bd..5035c7dc 100644 --- a/tests/workers/docker-container.go +++ b/tests/workers/docker-container.go @@ -20,6 +20,8 @@ func InitDockerContainerWorker() { type containerWorker struct { id string + unsupported []string + docker integration.Backend dockerClose func() error dockerErr error @@ -65,8 +67,9 @@ func (w *containerWorker) New(ctx context.Context, cfg *integration.BackendConfi } return &backend{ - context: w.docker.DockerAddress(), - builder: name, + context: w.docker.DockerAddress(), + builder: name, + unsupportedFeatures: w.unsupported, }, cl, nil } diff --git a/tests/workers/docker.go b/tests/workers/docker.go index 347ca87d..a48fcbab 100644 --- a/tests/workers/docker.go +++ b/tests/workers/docker.go @@ -7,6 +7,7 @@ import ( "github.com/moby/buildkit/identity" "github.com/moby/buildkit/util/testutil/integration" + bkworkers "github.com/moby/buildkit/util/testutil/workers" "github.com/pkg/errors" ) @@ -23,6 +24,7 @@ func InitDockerWorker() { type dockerWorker struct { id string containerdSnapshotter bool + unsupported []string } func (c dockerWorker) Name() string { @@ -34,7 +36,7 @@ func (c dockerWorker) Rootless() bool { } func (c dockerWorker) New(ctx context.Context, cfg *integration.BackendConfig) (b integration.Backend, cl func() error, err error) { - moby := integration.Moby{ + moby := bkworkers.Moby{ ID: c.id, ContainerdSnapshotter: c.containerdSnapshotter, } @@ -66,8 +68,9 @@ func (c dockerWorker) New(ctx context.Context, cfg *integration.BackendConfig) ( } return &backend{ - builder: name, - context: name, + builder: name, + context: name, + unsupportedFeatures: c.unsupported, }, cl, nil } diff --git a/tests/workers/features.go b/tests/workers/features.go new file mode 100644 index 00000000..b289d308 --- /dev/null +++ b/tests/workers/features.go @@ -0,0 +1,13 @@ +package workers + +import ( + "testing" + + "github.com/moby/buildkit/util/testutil/integration" +) + +var features = map[string]struct{}{} + +func CheckFeatureCompat(t *testing.T, sb integration.Sandbox, reason ...string) { + integration.CheckFeatureCompat(t, sb, features, reason...) +} diff --git a/tests/workers/remote.go b/tests/workers/remote.go index e1d08ab8..ab788487 100644 --- a/tests/workers/remote.go +++ b/tests/workers/remote.go @@ -7,6 +7,7 @@ import ( "github.com/moby/buildkit/identity" "github.com/moby/buildkit/util/testutil/integration" + bkworkers "github.com/moby/buildkit/util/testutil/workers" "github.com/pkg/errors" ) @@ -17,7 +18,8 @@ func InitRemoteWorker() { } type remoteWorker struct { - id string + id string + unsupported []string } func (w remoteWorker) Name() string { @@ -29,7 +31,7 @@ func (w remoteWorker) Rootless() bool { } func (w remoteWorker) New(ctx context.Context, cfg *integration.BackendConfig) (b integration.Backend, cl func() error, err error) { - oci := integration.OCI{ID: w.id} + oci := bkworkers.OCI{ID: w.id} bk, bkclose, err := oci.New(ctx, cfg) if err != nil { return bk, cl, err @@ -60,7 +62,8 @@ func (w remoteWorker) New(ctx context.Context, cfg *integration.BackendConfig) ( } return &backend{ - builder: name, + builder: name, + unsupportedFeatures: w.unsupported, }, cl, nil } diff --git a/vendor/github.com/moby/buildkit/AUTHORS b/vendor/github.com/moby/buildkit/AUTHORS index c1dce655..c5ae03bf 100644 --- a/vendor/github.com/moby/buildkit/AUTHORS +++ b/vendor/github.com/moby/buildkit/AUTHORS @@ -1,66 +1,284 @@ # This file lists all individuals having contributed content to the repository. -# For how it is generated, see `scripts/generate-authors.sh`. +# For how it is generated, see hack/dockerfiles/authors.Dockerfile. +a-palchikov Aaron L. Xu Aaron Lehmann +Aaron Lehmann +Abdur Rehman +Addam Hardy +Adrian Plata +Aidan Hobson Sayers Akihiro Suda +Alan Fregtman <941331+darkvertex@users.noreply.github.com> +Alex Couture-Beil +Alex Mayer +Alex Suraci Alexander Morozov +Alexis Murzeau Alice Frosi Allen Sun +Amen Belayneh +Anca Iordache Anda Xu +Anders F Björklund +Andrea Bolognani +Andrea Luzzardi +Andrew Chang +Andrey Smirnov +Andy Alt +Andy Caldwell +Ankush Agarwal Anthony Sottile +Anurag Goel +Anusha Ragunathan Arnaud Bailly +Avi Deitcher +Bastiaan Bakker +Ben Longo +Bertrand Paquet Bin Liu +Brandon Mitchell Brian Goff +Ce Gao +Chaerim Yeo +Changwei Ge +Chanhun Jeong +ChaosGramer +Charles Chan +Charles Korn +Charles Law +Chenbin +Chris Goller +Chris McKinnel +Christian Höltje +Christian Weichel +Ciro S. Costa +Claudiu Belu +Colin Chartier +Corey Larson +Cory Bennett +Cory Snider +coryb +CrazyMax +Csaba Apagyi +Dan Duvall +Daniel Cassidy Daniel Nephin +Darren Shepherd Dave Chen +Dave Henderson +Dave Tucker David Calavera +David Dooling +David Gageot +David Karlsson +Davis Schirmer Dennis Chen +dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Derek McGowan +Dharmit Shah +Ding Fei +dito Doug Davis -Edgar Lee +Edgar Lee Eli Uriegas +Elias Faxö +Eng Zer Jun +Eric Engestrom +Erik Sipsma +eyherabh f0 Fernando Miguel +Fiona Klute +Foysal Iqbal +Fred Cox +Frieder Bluemle +Gabriel +Gabriel Adrian Samfira +Gaetan de Villele +Gahl Saraf +genglu.gl +George +ggjulio +Govind Rai +Grant Reaber +Guilhem C +Hans van den Bogert Hao Hu +Hector S Helen Xie Himanshu Pandey Hiromu Nakamura +HowJMay +Hugo Santos Ian Campbell +Ilya Dmitrichenko Iskander (Alex) Sharipov +Jacob Gillespie +Jacob MacElroy Jean-Pierre Huynh +Jeffrey Huang +Jesse Rittner Jessica Frazelle +jgeiger +Jitender Kumar +jlecordier +joey John Howard +John Maguire +John Mulhausen +John Tims +Jon Zeolla +Jonathan Azoff +Jonathan Giannuzzi Jonathan Stoppani +Jonny Stoten +JordanGoasdoue +jroenf +Julian Goede Justas Brazauskas +Justin Chadwell Justin Cormack +Justin Garrison +Jörg Franke <359489+NewJorg@users.noreply.github.com> +Kang, Matthew +Kees Cook +Kevin Burke +kevinmeredith +Kir Kolyshkin +Kohei Tokunaga +Koichi Shiraishi +Kris-Mikael Krister Kunal Kushwaha +Kyle +l00397676 Lajos Papp +lalyos +Levi Harrison +liwenqi +lixiaobing10051267 +lomot +Lu Jingxiao +Luca Visentin +Maciej Kalisz +Madhav Puri +Manu Gupta +Marcus Comstedt +Mark Gordon +Marko Kohtala +Mary Anthony +masibw +Matias Insaurralde +Matt Kang Matt Rickard +Maxime Lagresle Michael Crosby +Michael Friis +Michael Irwin +Miguel Ángel Jimeno +Mihai Borobocea +Mike Brown +mikelinjie <294893458@qq.com> +Mikhail Vasin +Misty Stanley-Jones Miyachi Katsuya +Morgan Bauer +Morlay +msg Nao YONASHIRO Natasha Jarus +Nathan Sullivan +Nick Miyake +Nick Santos +Nikhil Pandeti Noel Georgi <18496730+frezbo@users.noreply.github.com> +Oliver Bristow +Omer Duchovne <79370724+od-cyera@users.noreply.github.com> +Omer Mizrahi Ondrej Fabry +Otto Kekäläinen +Pablo Chico de Guzman +Patrick Hemmer +Patrick Lang Patrick Van Stee +Paul "TBBle" Hampson +Paweł Gronowski +Peter Dave Hello +Petr Fedchenkov +Phil Estes +Pierre Fenoll +pieterdd +Pranav Pandit +Pratik Raj +Prayag Verma +Qiang Huang +Remy Suen Ri Xu +Rob Taylor +Robert Estelle +Rubens Figueiredo +Sam Whited +Sascha Schwarze +Sean P. Kane Sebastiaan van Stijn +Seiya Miyata +Serhat Gülçiçek +Sertac Ozercan Shev Yan +Shijiang Wei +Shingo Omura +Shiwei Zhang +Siebe Schaap +Silvin Lubecki <31478878+silvin-lubecki@users.noreply.github.com> Simon Ferquel +Slava Semushin +Solomon Hykes +squeegels <1674195+squeegels@users.noreply.github.com> +Stefan Scherer Stefan Weil +StefanSchoof +Stepan Blyshchak +Steve Lohr +sunchunming +Sven Dowideit +Takuya Noguchi Thomas Leonard +Thomas Riccardi Thomas Shaw +Tianon Gravi Tibor Vass Tiffany Jernigan +Tim Waugh +Tim Wraight Tino Rusch Tobias Klauser Tomas Tomecek +Tomasz Kopczynski Tomohiro Kusumoto +Troels Liebe Bentsen Tõnis Tiigi +Valentin Lorentz +Vasek - Tom C +Victor Vieux +Victoria Bialas Vincent Demeester +Vlad A. Ionescu +Vladislav Ivanov +Wang Yumu <37442693@qq.com> Wei Fu +Wei Zhang +wingkwong +Xiaofan Zhang +Ximo Guanter +Yamazaki Masashi +Yan Song Yong Tang Yuichiro Kaneko +Yurii Rashkovskii +Zach Badgett +zhangwenlong Ziv Tsarfati +岁丰 +沈陵 郑泽宇 diff --git a/vendor/github.com/moby/buildkit/client/llb/state.go b/vendor/github.com/moby/buildkit/client/llb/state.go index f15fad87..b40b450f 100644 --- a/vendor/github.com/moby/buildkit/client/llb/state.go +++ b/vendor/github.com/moby/buildkit/client/llb/state.go @@ -267,7 +267,7 @@ func (s State) WithImageConfig(c []byte) (State, error) { return s, nil } -// Run performs the command specified by the arguments within the contexst of the current [State]. +// Run performs the command specified by the arguments within the context of the current [State]. // The command is executed as a container with the [State]'s filesystem as the root filesystem. // As such any command you run must be present in the [State]'s filesystem. // Constraints such as [State.Ulimit], [State.ParentCgroup], [State.Network], etc. are applied to the container. diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerignore/dockerignore.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerignore/dockerignore.go index e7f29ae8..2bd9f1c9 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerignore/dockerignore.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerignore/dockerignore.go @@ -6,23 +6,31 @@ import ( "io" "path/filepath" "strings" - - "github.com/pkg/errors" ) -// ReadAll reads a .dockerignore file and returns the list of file patterns -// to ignore. Note this will trim whitespace from each line as well -// as use GO's "clean" func to get the shortest/cleanest path for each. +// ReadAll reads an ignore file from a reader and returns the list of file +// patterns to ignore, applying the following rules: +// +// - An UTF8 BOM header (if present) is stripped. +// - Lines starting with "#" are considered comments and are skipped. +// +// For remaining lines: +// +// - Leading and trailing whitespace is removed from each ignore pattern. +// - It uses [filepath.Clean] to get the shortest/cleanest path for +// ignore patterns. +// - Leading forward-slashes ("/") are removed from ignore patterns, +// so "/some/path" and "some/path" are considered equivalent. func ReadAll(reader io.Reader) ([]string, error) { if reader == nil { return nil, nil } - scanner := bufio.NewScanner(reader) var excludes []string currentLine := 0 - utf8bom := []byte{0xEF, 0xBB, 0xBF} + + scanner := bufio.NewScanner(reader) for scanner.Scan() { scannedBytes := scanner.Bytes() // We trim UTF8 BOM @@ -59,7 +67,7 @@ func ReadAll(reader io.Reader) ([]string, error) { excludes = append(excludes, pattern) } if err := scanner.Err(); err != nil { - return nil, errors.Wrap(err, "error reading .dockerignore") + return nil, err } return excludes, nil } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerui/config.go b/vendor/github.com/moby/buildkit/frontend/dockerui/config.go index 12ec2c68..a83c4994 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerui/config.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerui/config.go @@ -80,7 +80,8 @@ type Client struct { g flightcontrol.Group[*buildContext] bopts client.BuildOpts - dockerignore []byte + dockerignore []byte + dockerignoreName string } type SBOM struct { @@ -375,6 +376,7 @@ func (bc *Client) ReadEntrypoint(ctx context.Context, lang string, opts ...llb.L }) if err == nil { bc.dockerignore = dt + bc.dockerignoreName = bctx.filename + ".dockerignore" } return &Source{ @@ -435,13 +437,14 @@ func (bc *Client) MainContext(ctx context.Context, opts ...llb.LocalOption) (*ll dt = []byte{} } bc.dockerignore = dt + bc.dockerignoreName = DefaultDockerignoreName } var excludes []string if len(bc.dockerignore) != 0 { excludes, err = dockerignore.ReadAll(bytes.NewBuffer(bc.dockerignore)) if err != nil { - return nil, errors.Wrap(err, "failed to parse dockerignore") + return nil, errors.Wrapf(err, "failed parsing %s", bc.dockerignoreName) } } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerui/namedcontext.go b/vendor/github.com/moby/buildkit/frontend/dockerui/namedcontext.go index 6a441c50..8f004baa 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerui/namedcontext.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerui/namedcontext.go @@ -208,7 +208,7 @@ func (bc *Client) namedContextRecursive(ctx context.Context, name string, nameWi if len(dt) != 0 { excludes, err = dockerignore.ReadAll(bytes.NewBuffer(dt)) if err != nil { - return nil, nil, err + return nil, nil, errors.Wrapf(err, "failed parsing %s", DefaultDockerignoreName) } } } diff --git a/vendor/github.com/moby/buildkit/session/filesync/filesync.go b/vendor/github.com/moby/buildkit/session/filesync/filesync.go index 712469a9..a51b4908 100644 --- a/vendor/github.com/moby/buildkit/session/filesync/filesync.go +++ b/vendor/github.com/moby/buildkit/session/filesync/filesync.go @@ -21,7 +21,6 @@ import ( ) const ( - keyOverrideExcludes = "override-excludes" keyIncludePatterns = "include-patterns" keyExcludePatterns = "exclude-patterns" keyFollowPaths = "followpaths" @@ -36,9 +35,8 @@ type fsSyncProvider struct { } type SyncedDir struct { - Dir string - Excludes []string - Map func(string, *fstypes.Stat) fsutil.MapResult + Dir string + Map func(string, *fstypes.Stat) fsutil.MapResult } type DirSource interface { @@ -99,9 +97,6 @@ func (sp *fsSyncProvider) handle(method string, stream grpc.ServerStream) (retEr } excludes := opts[keyExcludePatterns] - if len(dir.Excludes) != 0 && (len(opts[keyOverrideExcludes]) == 0 || opts[keyOverrideExcludes][0] != "true") { - excludes = dir.Excludes - } includes := opts[keyIncludePatterns] followPaths := opts[keyFollowPaths] @@ -155,16 +150,15 @@ var supportedProtocols = []protocol{ // FSSendRequestOpt defines options for FSSend request type FSSendRequestOpt struct { - Name string - IncludePatterns []string - ExcludePatterns []string - FollowPaths []string - OverrideExcludes bool // deprecated: this is used by docker/cli for automatically loading .dockerignore from the directory - DestDir string - CacheUpdater CacheUpdater - ProgressCb func(int, bool) - Filter func(string, *fstypes.Stat) bool - Differ fsutil.DiffType + Name string + IncludePatterns []string + ExcludePatterns []string + FollowPaths []string + DestDir string + CacheUpdater CacheUpdater + ProgressCb func(int, bool) + Filter func(string, *fstypes.Stat) bool + Differ fsutil.DiffType } // CacheUpdater is an object capable of sending notifications for the cache hash changes @@ -188,9 +182,6 @@ func FSSync(ctx context.Context, c session.Caller, opt FSSendRequestOpt) error { } opts := make(map[string][]string) - if opt.OverrideExcludes { - opts[keyOverrideExcludes] = []string{"true"} - } if opt.IncludePatterns != nil { opts[keyIncludePatterns] = opt.IncludePatterns diff --git a/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_unix.go b/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_unix.go index 0084280c..41285447 100644 --- a/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_unix.go +++ b/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_unix.go @@ -70,3 +70,13 @@ func UserConfigDir() string { } return ConfigDir } + +func TraceSocketPath(inUserNS bool) string { + if inUserNS { + if xrd := os.Getenv("XDG_RUNTIME_DIR"); xrd != "" { + dirs := strings.Split(xrd, ":") + return filepath.Join(dirs[0], "buildkit", "otel-grpc.sock") + } + } + return "/run/buildkit/otel-grpc.sock" +} diff --git a/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_windows.go b/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_windows.go index 058789e4..92fb8574 100644 --- a/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_windows.go +++ b/vendor/github.com/moby/buildkit/util/appdefaults/appdefaults_windows.go @@ -31,3 +31,7 @@ func UserRoot() string { func UserConfigDir() string { return ConfigDir } + +func TraceSocketPath(inUserNS bool) string { + return `\\.\pipe\buildkit-otel-grpc` +} diff --git a/vendor/github.com/moby/buildkit/util/progress/progresswriter/reset.go b/vendor/github.com/moby/buildkit/util/progress/progresswriter/reset.go index a9ac9f6f..3f167559 100644 --- a/vendor/github.com/moby/buildkit/util/progress/progresswriter/reset.go +++ b/vendor/github.com/moby/buildkit/util/progress/progresswriter/reset.go @@ -27,7 +27,9 @@ func ResetTime(in Writer) Writer { } } if w.diff != nil { + vertexes := make([]*client.Vertex, 0, len(st.Vertexes)) for _, v := range st.Vertexes { + v := *v if v.Started != nil { d := v.Started.Add(-*w.diff) v.Started = &d @@ -36,8 +38,12 @@ func ResetTime(in Writer) Writer { d := v.Completed.Add(-*w.diff) v.Completed = &d } + vertexes = append(vertexes, &v) } + + statuses := make([]*client.VertexStatus, 0, len(st.Statuses)) for _, v := range st.Statuses { + v := *v if v.Started != nil { d := v.Started.Add(-*w.diff) v.Started = &d @@ -47,9 +53,21 @@ func ResetTime(in Writer) Writer { v.Completed = &d } v.Timestamp = v.Timestamp.Add(-*w.diff) + statuses = append(statuses, &v) } + + logs := make([]*client.VertexLog, 0, len(st.Logs)) for _, v := range st.Logs { + v := *v v.Timestamp = v.Timestamp.Add(-*w.diff) + logs = append(logs, &v) + } + + st = &client.SolveStatus{ + Vertexes: vertexes, + Statuses: statuses, + Logs: logs, + Warnings: st.Warnings, } } in.Status() <- st diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/azurite.go b/vendor/github.com/moby/buildkit/util/testutil/integration/azurite.go deleted file mode 100644 index 87a89cdc..00000000 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/azurite.go +++ /dev/null @@ -1,89 +0,0 @@ -package integration - -import ( - "fmt" - "net" - "net/http" - "os" - "os/exec" - "testing" - "time" - - "github.com/pkg/errors" -) - -const ( - azuriteBin = "azurite-blob" -) - -type AzuriteOpts struct { - AccountName string - AccountKey string -} - -func NewAzuriteServer(t *testing.T, sb Sandbox, opts AzuriteOpts) (address string, cl func() error, err error) { - t.Helper() - - if _, err := exec.LookPath(azuriteBin); err != nil { - return "", nil, errors.Wrapf(err, "failed to lookup %s binary", azuriteBin) - } - - deferF := &multiCloser{} - cl = deferF.F() - - defer func() { - if err != nil { - deferF.F()() - cl = nil - } - }() - - l, err := net.Listen("tcp", "localhost:0") - if err != nil { - return "", nil, err - } - - addr := l.Addr().String() - if err = l.Close(); err != nil { - return "", nil, err - } - host, port, err := net.SplitHostPort(addr) - if err != nil { - return "", nil, err - } - address = fmt.Sprintf("http://%s/%s", addr, opts.AccountName) - - // start server - cmd := exec.Command(azuriteBin, "--disableProductStyleUrl", "--blobHost", host, "--blobPort", port, "--location", t.TempDir()) - cmd.Env = append(os.Environ(), []string{ - "AZURITE_ACCOUNTS=" + opts.AccountName + ":" + opts.AccountKey, - }...) - azuriteStop, err := startCmd(cmd, sb.Logs()) - if err != nil { - return "", nil, err - } - if err = waitAzurite(address, 15*time.Second); err != nil { - azuriteStop() - return "", nil, errors.Wrapf(err, "azurite did not start up: %s", formatLogs(sb.Logs())) - } - deferF.append(azuriteStop) - - return -} - -func waitAzurite(address string, d time.Duration) error { - step := 1 * time.Second - i := 0 - for { - if resp, err := http.Get(fmt.Sprintf("%s?comp=list", address)); err == nil { - resp.Body.Close() - break - } - i++ - if time.Duration(i)*step > d { - return errors.Errorf("failed dialing: %s", address) - } - time.Sleep(step) - } - return nil -} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/minio.go b/vendor/github.com/moby/buildkit/util/testutil/integration/minio.go deleted file mode 100644 index 30bc7492..00000000 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/minio.go +++ /dev/null @@ -1,116 +0,0 @@ -package integration - -import ( - "fmt" - "net" - "net/http" - "os" - "os/exec" - "testing" - "time" - - "github.com/pkg/errors" -) - -const ( - minioBin = "minio" - mcBin = "mc" -) - -type MinioOpts struct { - Region string - AccessKeyID string - SecretAccessKey string -} - -func NewMinioServer(t *testing.T, sb Sandbox, opts MinioOpts) (address string, bucket string, cl func() error, err error) { - t.Helper() - bucket = randomString(10) - - if _, err := exec.LookPath(minioBin); err != nil { - return "", "", nil, errors.Wrapf(err, "failed to lookup %s binary", minioBin) - } - if _, err := exec.LookPath(mcBin); err != nil { - return "", "", nil, errors.Wrapf(err, "failed to lookup %s binary", mcBin) - } - - deferF := &multiCloser{} - cl = deferF.F() - - defer func() { - if err != nil { - deferF.F()() - cl = nil - } - }() - - l, err := net.Listen("tcp", "localhost:0") - if err != nil { - return "", "", nil, err - } - - addr := l.Addr().String() - if err = l.Close(); err != nil { - return "", "", nil, err - } - address = "http://" + addr - - // start server - cmd := exec.Command(minioBin, "server", "--json", "--address", addr, t.TempDir()) - cmd.Env = append(os.Environ(), []string{ - "MINIO_ROOT_USER=" + opts.AccessKeyID, - "MINIO_ROOT_PASSWORD=" + opts.SecretAccessKey, - }...) - minioStop, err := startCmd(cmd, sb.Logs()) - if err != nil { - return "", "", nil, err - } - if err = waitMinio(address, 15*time.Second); err != nil { - minioStop() - return "", "", nil, errors.Wrapf(err, "minio did not start up: %s", formatLogs(sb.Logs())) - } - deferF.append(minioStop) - - // create alias config - alias := randomString(10) - cmd = exec.Command(mcBin, "alias", "set", alias, address, opts.AccessKeyID, opts.SecretAccessKey) - if err := runCmd(cmd, sb.Logs()); err != nil { - return "", "", nil, err - } - deferF.append(func() error { - return exec.Command(mcBin, "alias", "rm", alias).Run() - }) - - // create bucket - cmd = exec.Command(mcBin, "mb", "--region", opts.Region, fmt.Sprintf("%s/%s", alias, bucket)) // #nosec G204 - if err := runCmd(cmd, sb.Logs()); err != nil { - return "", "", nil, err - } - - // trace - cmd = exec.Command(mcBin, "admin", "trace", "--json", alias) - traceStop, err := startCmd(cmd, sb.Logs()) - if err != nil { - return "", "", nil, err - } - deferF.append(traceStop) - - return -} - -func waitMinio(address string, d time.Duration) error { - step := 1 * time.Second - i := 0 - for { - if resp, err := http.Get(fmt.Sprintf("%s/minio/health/live", address)); err == nil { - resp.Body.Close() - break - } - i++ - if time.Duration(i)*step > d { - return errors.Errorf("failed dialing: %s", address) - } - time.Sleep(step) - } - return nil -} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/pins.go b/vendor/github.com/moby/buildkit/util/testutil/integration/pins.go index 32145f71..75236f02 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/pins.go +++ b/vendor/github.com/moby/buildkit/util/testutil/integration/pins.go @@ -1,15 +1,16 @@ package integration var pins = map[string]map[string]string{ - // busybox is pinned to 1.35. Newer produces has "illegal instruction" panic on some of Github infra on sha256sum + // busybox 1.36 "busybox:latest": { - "amd64": "sha256:0d5a701f0ca53f38723108687add000e1922f812d4187dea7feaee85d2f5a6c5", - "arm64v8": "sha256:ffe38d75e44d8ffac4cd6d09777ffc31e94ea0ded6a0164e825a325dc17a3b68", - "library": "sha256:f4ed5f2163110c26d42741fdc92bd1710e118aed4edb19212548e8ca4e5fca22", + "amd64": "sha256:023917ec6a886d0e8e15f28fb543515a5fcd8d938edb091e8147db4efed388ee", + "arm64v8": "sha256:1fa89c01cd0473cedbd1a470abb8c139eeb80920edf1bc55de87851bfb63ea11", + "library": "sha256:3fbc632167424a6d997e74f52b878d7cc478225cffac6bc977eedfe51c7f4e79", }, + // alpine 3.18 "alpine:latest": { - "amd64": "sha256:c0d488a800e4127c334ad20d61d7bc21b4097540327217dfab52262adc02380c", - "arm64v8": "sha256:af06af3514c44a964d3b905b498cf6493db8f1cde7c10e078213a89c87308ba0", - "library": "sha256:8914eb54f968791faf6a8638949e480fef81e697984fba772b3976835194c6d4", + "amd64": "sha256:25fad2a32ad1f6f510e528448ae1ec69a28ef81916a004d3629874104f8a7f70", + "arm64v8": "sha256:e3bd82196e98898cae9fe7fbfd6e2436530485974dc4fb3b7ddb69134eda2407", + "library": "sha256:82d1e9d7ed48a7523bdebc18cf6290bdb97b82302a8a9c27d4fe885949ea94d1", }, } diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/registry.go b/vendor/github.com/moby/buildkit/util/testutil/integration/registry.go index 32ed571f..b2111db0 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/registry.go +++ b/vendor/github.com/moby/buildkit/util/testutil/integration/registry.go @@ -15,11 +15,11 @@ import ( ) func NewRegistry(dir string) (url string, cl func() error, err error) { - if err := lookupBinary("registry"); err != nil { + if err := LookupBinary("registry"); err != nil { return "", nil, err } - deferF := &multiCloser{} + deferF := &MultiCloser{} cl = deferF.F() defer func() { @@ -34,7 +34,7 @@ func NewRegistry(dir string) (url string, cl func() error, err error) { if err != nil { return "", nil, err } - deferF.append(func() error { return os.RemoveAll(tmpdir) }) + deferF.Append(func() error { return os.RemoveAll(tmpdir) }) dir = tmpdir } @@ -61,11 +61,11 @@ http: if err != nil { return "", nil, err } - stop, err := startCmd(cmd, nil) + stop, err := StartCmd(cmd, nil) if err != nil { return "", nil, err } - deferF.append(stop) + deferF.Append(stop) ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second) defer cancel() diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/run.go b/vendor/github.com/moby/buildkit/util/testutil/integration/run.go index 2022e11e..3b009558 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/run.go +++ b/vendor/github.com/moby/buildkit/util/testutil/integration/run.go @@ -21,7 +21,6 @@ import ( "github.com/moby/buildkit/util/appcontext" "github.com/moby/buildkit/util/contentutil" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" - "github.com/pkg/errors" "github.com/stretchr/testify/require" "golang.org/x/sync/semaphore" ) @@ -37,8 +36,10 @@ type Backend interface { Address() string DockerAddress() string ContainerdAddress() string + Rootless() bool Snapshotter() string + Supports(feature string) bool } type Sandbox interface { @@ -422,44 +423,3 @@ func prepareValueMatrix(tc testConf) []matrixValue { } return m } - -func runStargzSnapshotter(cfg *BackendConfig) (address string, cl func() error, err error) { - binary := "containerd-stargz-grpc" - if err := lookupBinary(binary); err != nil { - return "", nil, err - } - - deferF := &multiCloser{} - cl = deferF.F() - - defer func() { - if err != nil { - deferF.F()() - cl = nil - } - }() - - tmpStargzDir, err := os.MkdirTemp("", "bktest_containerd_stargz_grpc") - if err != nil { - return "", nil, err - } - deferF.append(func() error { return os.RemoveAll(tmpStargzDir) }) - - address = filepath.Join(tmpStargzDir, "containerd-stargz-grpc.sock") - stargzRootDir := filepath.Join(tmpStargzDir, "root") - cmd := exec.Command(binary, - "--log-level", "debug", - "--address", address, - "--root", stargzRootDir) - snStop, err := startCmd(cmd, cfg.Logs) - if err != nil { - return "", nil, err - } - if err = waitUnix(address, 10*time.Second, cmd); err != nil { - snStop() - return "", nil, errors.Wrapf(err, "containerd-stargz-grpc did not start up: %s", formatLogs(cfg.Logs)) - } - deferF.append(snStop) - - return -} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox.go b/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox.go index c78e169b..21aa28f7 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox.go +++ b/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox.go @@ -8,76 +8,20 @@ import ( "os" "os/exec" "path/filepath" - "runtime" "strings" "testing" - "time" "github.com/google/shlex" "github.com/moby/buildkit/util/bklog" - "github.com/pkg/errors" ) const buildkitdConfigFile = "buildkitd.toml" -type backend struct { - address string - dockerAddress string - containerdAddress string - rootless bool - snapshotter string - unsupportedFeatures []string - isDockerd bool -} - -func (b backend) Address() string { - return b.address -} - -func (b backend) DockerAddress() string { - return b.dockerAddress -} - -func (b backend) ContainerdAddress() string { - return b.containerdAddress -} - -func (b backend) Rootless() bool { - return b.rootless -} - -func (b backend) Snapshotter() string { - return b.snapshotter -} - -func (b backend) isUnsupportedFeature(feature string) bool { - if enabledFeatures := os.Getenv("BUILDKIT_TEST_ENABLE_FEATURES"); enabledFeatures != "" { - for _, enabledFeature := range strings.Split(enabledFeatures, ",") { - if feature == enabledFeature { - return false - } - } - } - if disabledFeatures := os.Getenv("BUILDKIT_TEST_DISABLE_FEATURES"); disabledFeatures != "" { - for _, disabledFeature := range strings.Split(disabledFeatures, ",") { - if feature == disabledFeature { - return true - } - } - } - for _, unsupportedFeature := range b.unsupportedFeatures { - if feature == unsupportedFeature { - return true - } - } - return false -} - type sandbox struct { Backend logs map[string]*bytes.Buffer - cleanup *multiCloser + cleanup *MultiCloser mv matrixValue ctx context.Context name string @@ -96,7 +40,7 @@ func (sb *sandbox) Logs() map[string]*bytes.Buffer { } func (sb *sandbox) PrintLogs(t *testing.T) { - printLogs(sb.logs, t.Log) + PrintLogs(sb.logs, t.Log) } func (sb *sandbox) ClearLogs() { @@ -108,7 +52,7 @@ func (sb *sandbox) NewRegistry() (string, error) { if err != nil { return "", err } - sb.cleanup.append(cl) + sb.cleanup.Append(cl) return url, nil } @@ -144,7 +88,7 @@ func newSandbox(ctx context.Context, w Worker, mirror string, mv matrixValue) (s upt = append(upt, withMirrorConfig(mirror)) } - deferF := &multiCloser{} + deferF := &MultiCloser{} cl = deferF.F() defer func() { @@ -159,7 +103,7 @@ func newSandbox(ctx context.Context, w Worker, mirror string, mv matrixValue) (s if err != nil { return nil, nil, err } - deferF.append(func() error { + deferF.Append(func() error { return os.RemoveAll(dir) }) cfg.ConfigFile = filepath.Join(dir, buildkitdConfigFile) @@ -169,7 +113,7 @@ func newSandbox(ctx context.Context, w Worker, mirror string, mv matrixValue) (s if err != nil { return nil, nil, err } - deferF.append(closer) + deferF.Append(closer) return &sandbox{ Backend: b, @@ -181,95 +125,8 @@ func newSandbox(ctx context.Context, w Worker, mirror string, mv matrixValue) (s }, cl, nil } -func getBuildkitdAddr(tmpdir string) string { - address := "unix://" + filepath.Join(tmpdir, "buildkitd.sock") - if runtime.GOOS == "windows" { - address = "//./pipe/buildkitd-" + filepath.Base(tmpdir) - } - return address -} - -func runBuildkitd(ctx context.Context, conf *BackendConfig, args []string, logs map[string]*bytes.Buffer, uid, gid int, extraEnv []string) (address string, cl func() error, err error) { - deferF := &multiCloser{} - cl = deferF.F() - - defer func() { - if err != nil { - deferF.F()() - cl = nil - } - }() - - if conf.ConfigFile != "" { - args = append(args, "--config="+conf.ConfigFile) - } - - tmpdir, err := os.MkdirTemp("", "bktest_buildkitd") - if err != nil { - return "", nil, err - } - if err := os.Chown(tmpdir, uid, gid); err != nil { - return "", nil, err - } - if err := os.MkdirAll(filepath.Join(tmpdir, "tmp"), 0711); err != nil { - return "", nil, err - } - if err := os.Chown(filepath.Join(tmpdir, "tmp"), uid, gid); err != nil { - return "", nil, err - } - - deferF.append(func() error { return os.RemoveAll(tmpdir) }) - - address = getBuildkitdAddr(tmpdir) - - args = append(args, "--root", tmpdir, "--addr", address, "--debug") - cmd := exec.Command(args[0], args[1:]...) //nolint:gosec // test utility - cmd.Env = append(os.Environ(), "BUILDKIT_DEBUG_EXEC_OUTPUT=1", "BUILDKIT_DEBUG_PANIC_ON_ERROR=1", "TMPDIR="+filepath.Join(tmpdir, "tmp")) - cmd.Env = append(cmd.Env, extraEnv...) - cmd.SysProcAttr = getSysProcAttr() - - stop, err := startCmd(cmd, logs) - if err != nil { - return "", nil, err - } - deferF.append(stop) - - if err := waitUnix(address, 15*time.Second, cmd); err != nil { - return "", nil, err - } - - deferF.append(func() error { - f, err := os.Open("/proc/self/mountinfo") - if err != nil { - return errors.Wrap(err, "failed to open mountinfo") - } - defer f.Close() - s := bufio.NewScanner(f) - for s.Scan() { - if strings.Contains(s.Text(), tmpdir) { - return errors.Errorf("leaked mountpoint for %s", tmpdir) - } - } - return s.Err() - }) - - return address, cl, err -} - -func getBackend(sb Sandbox) (*backend, error) { - sbx, ok := sb.(*sandbox) - if !ok { - return nil, errors.Errorf("invalid sandbox type %T", sb) - } - b, ok := sbx.Backend.(backend) - if !ok { - return nil, errors.Errorf("invalid backend type %T", b) - } - return &b, nil -} - -func rootlessSupported(uid int) bool { - cmd := exec.Command("sudo", "-u", fmt.Sprintf("#%d", uid), "-i", "--", "exec", "unshare", "-U", "true") //nolint:gosec // test utility +func RootlessSupported(uid int) bool { + cmd := exec.Command("sudo", "-E", "-u", fmt.Sprintf("#%d", uid), "-i", "--", "exec", "unshare", "-U", "true") //nolint:gosec // test utility b, err := cmd.CombinedOutput() if err != nil { bklog.L.Warnf("rootless mode is not supported on this host: %v (%s)", err, string(b)) @@ -278,7 +135,7 @@ func rootlessSupported(uid int) bool { return true } -func printLogs(logs map[string]*bytes.Buffer, f func(args ...interface{})) { +func PrintLogs(logs map[string]*bytes.Buffer, f func(args ...interface{})) { for name, l := range logs { f(name) s := bufio.NewScanner(l) @@ -288,74 +145,25 @@ func printLogs(logs map[string]*bytes.Buffer, f func(args ...interface{})) { } } -const ( - FeatureCacheExport = "cache_export" - FeatureCacheImport = "cache_import" - FeatureCacheBackendAzblob = "cache_backend_azblob" - FeatureCacheBackendGha = "cache_backend_gha" - FeatureCacheBackendInline = "cache_backend_inline" - FeatureCacheBackendLocal = "cache_backend_local" - FeatureCacheBackendRegistry = "cache_backend_registry" - FeatureCacheBackendS3 = "cache_backend_s3" - FeatureDirectPush = "direct_push" - FeatureFrontendOutline = "frontend_outline" - FeatureFrontendTargets = "frontend_targets" - FeatureImageExporter = "image_exporter" - FeatureInfo = "info" - FeatureMergeDiff = "merge_diff" - FeatureMultiCacheExport = "multi_cache_export" - FeatureMultiPlatform = "multi_platform" - FeatureOCIExporter = "oci_exporter" - FeatureOCILayout = "oci_layout" - FeatureProvenance = "provenance" - FeatureSBOM = "sbom" - FeatureSecurityMode = "security_mode" - FeatureSourceDateEpoch = "source_date_epoch" - FeatureCNINetwork = "cni_network" -) - -var features = map[string]struct{}{ - FeatureCacheExport: {}, - FeatureCacheImport: {}, - FeatureCacheBackendAzblob: {}, - FeatureCacheBackendGha: {}, - FeatureCacheBackendInline: {}, - FeatureCacheBackendLocal: {}, - FeatureCacheBackendRegistry: {}, - FeatureCacheBackendS3: {}, - FeatureDirectPush: {}, - FeatureFrontendOutline: {}, - FeatureFrontendTargets: {}, - FeatureImageExporter: {}, - FeatureInfo: {}, - FeatureMergeDiff: {}, - FeatureMultiCacheExport: {}, - FeatureMultiPlatform: {}, - FeatureOCIExporter: {}, - FeatureOCILayout: {}, - FeatureProvenance: {}, - FeatureSBOM: {}, - FeatureSecurityMode: {}, - FeatureSourceDateEpoch: {}, - FeatureCNINetwork: {}, +func FormatLogs(m map[string]*bytes.Buffer) string { + var ss []string + for k, b := range m { + if b != nil { + ss = append(ss, fmt.Sprintf("%q:%q", k, b.String())) + } + } + return strings.Join(ss, ",") } -func CheckFeatureCompat(t *testing.T, sb Sandbox, reason ...string) { +func CheckFeatureCompat(t *testing.T, sb Sandbox, features map[string]struct{}, reason ...string) { t.Helper() if len(reason) == 0 { t.Fatal("no reason provided") } - b, err := getBackend(sb) - if err != nil { - t.Fatal(err) - } - if len(b.unsupportedFeatures) == 0 { - return - } var ereasons []string for _, r := range reason { if _, ok := features[r]; ok { - if b.isUnsupportedFeature(r) { + if !sb.Supports(r) { ereasons = append(ereasons, r) } } else { diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox_unix.go b/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox_unix.go deleted file mode 100644 index d734ac6a..00000000 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox_unix.go +++ /dev/null @@ -1,12 +0,0 @@ -//go:build !windows -// +build !windows - -package integration - -import "syscall" - -func getSysProcAttr() *syscall.SysProcAttr { - return &syscall.SysProcAttr{ - Setsid: true, // stretch sudo needs this for sigterm - } -} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox_windows.go b/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox_windows.go deleted file mode 100644 index 5f15449b..00000000 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/sandbox_windows.go +++ /dev/null @@ -1,10 +0,0 @@ -//go:build windows -// +build windows - -package integration - -import "syscall" - -func getSysProcAttr() *syscall.SysProcAttr { - return &syscall.SysProcAttr{} -} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/util.go b/vendor/github.com/moby/buildkit/util/testutil/integration/util.go index af61e74f..6a7979e4 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/util.go +++ b/vendor/github.com/moby/buildkit/util/testutil/integration/util.go @@ -3,7 +3,6 @@ package integration import ( "bytes" "context" - "crypto/rand" "fmt" "io" "net" @@ -21,20 +20,42 @@ import ( "golang.org/x/sync/errgroup" ) -func runCmd(cmd *exec.Cmd, logs map[string]*bytes.Buffer) error { +var ErrRequirements = errors.Errorf("missing requirements") + +func Tmpdir(t *testing.T, appliers ...fstest.Applier) string { + t.Helper() + + // We cannot use t.TempDir() to create a temporary directory here because + // appliers might contain fstest.CreateSocket. If the test name is too long, + // t.TempDir() could return a path that is longer than 108 characters. This + // would result in "bind: invalid argument" when we listen on the socket. + tmpdir, err := os.MkdirTemp("", "buildkit") + require.NoError(t, err) + + t.Cleanup(func() { + require.NoError(t, os.RemoveAll(tmpdir)) + }) + + err = fstest.Apply(appliers...).Apply(tmpdir) + require.NoError(t, err) + + return tmpdir +} + +func RunCmd(cmd *exec.Cmd, logs map[string]*bytes.Buffer) error { if logs != nil { setCmdLogs(cmd, logs) } - fmt.Fprintf(cmd.Stderr, "> runCmd %v %+v\n", time.Now(), cmd.String()) + fmt.Fprintf(cmd.Stderr, "> RunCmd %v %+v\n", time.Now(), cmd.String()) return cmd.Run() } -func startCmd(cmd *exec.Cmd, logs map[string]*bytes.Buffer) (func() error, error) { +func StartCmd(cmd *exec.Cmd, logs map[string]*bytes.Buffer) (func() error, error) { if logs != nil { setCmdLogs(cmd, logs) } - fmt.Fprintf(cmd.Stderr, "> startCmd %v %+v\n", time.Now(), cmd.String()) + fmt.Fprintf(cmd.Stderr, "> StartCmd %v %+v\n", time.Now(), cmd.String()) if err := cmd.Start(); err != nil { return nil, err @@ -79,16 +100,7 @@ func startCmd(cmd *exec.Cmd, logs map[string]*bytes.Buffer) (func() error, error }, nil } -func setCmdLogs(cmd *exec.Cmd, logs map[string]*bytes.Buffer) { - b := new(bytes.Buffer) - logs["stdout: "+cmd.String()] = b - cmd.Stdout = &lockingWriter{Writer: b} - b = new(bytes.Buffer) - logs["stderr: "+cmd.String()] = b - cmd.Stderr = &lockingWriter{Writer: b} -} - -func waitUnix(address string, d time.Duration, cmd *exec.Cmd) error { +func WaitUnix(address string, d time.Duration, cmd *exec.Cmd) error { address = strings.TrimPrefix(address, "unix://") addr, err := net.ResolveUnixAddr("unix", address) if err != nil { @@ -115,11 +127,19 @@ func waitUnix(address string, d time.Duration, cmd *exec.Cmd) error { return nil } -type multiCloser struct { +func LookupBinary(name string) error { + _, err := exec.LookPath(name) + if err != nil { + return errors.Wrapf(ErrRequirements, "failed to lookup %s binary", name) + } + return nil +} + +type MultiCloser struct { fns []func() error } -func (mc *multiCloser) F() func() error { +func (mc *MultiCloser) F() func() error { return func() error { var err error for i := range mc.fns { @@ -132,25 +152,17 @@ func (mc *multiCloser) F() func() error { } } -func (mc *multiCloser) append(f func() error) { +func (mc *MultiCloser) Append(f func() error) { mc.fns = append(mc.fns, f) } -var ErrRequirements = errors.Errorf("missing requirements") - -func lookupBinary(name string) error { - _, err := exec.LookPath(name) - if err != nil { - return errors.Wrapf(ErrRequirements, "failed to lookup %s binary", name) - } - return nil -} - -func requireRoot() error { - if os.Getuid() != 0 { - return errors.Wrap(ErrRequirements, "requires root") - } - return nil +func setCmdLogs(cmd *exec.Cmd, logs map[string]*bytes.Buffer) { + b := new(bytes.Buffer) + logs["stdout: "+cmd.String()] = b + cmd.Stdout = &lockingWriter{Writer: b} + b = new(bytes.Buffer) + logs["stderr: "+cmd.String()] = b + cmd.Stderr = &lockingWriter{Writer: b} } type lockingWriter struct { @@ -164,33 +176,3 @@ func (w *lockingWriter) Write(dt []byte) (int, error) { w.mu.Unlock() return n, err } - -func Tmpdir(t *testing.T, appliers ...fstest.Applier) (string, error) { - // We cannot use t.TempDir() to create a temporary directory here because - // appliers might contain fstest.CreateSocket. If the test name is too long, - // t.TempDir() could return a path that is longer than 108 characters. This - // would result in "bind: invalid argument" when we listen on the socket. - tmpdir, err := os.MkdirTemp("", "buildkit") - if err != nil { - return "", err - } - - t.Cleanup(func() { - require.NoError(t, os.RemoveAll(tmpdir)) - }) - - if err := fstest.Apply(appliers...).Apply(tmpdir); err != nil { - return "", err - } - return tmpdir, nil -} - -func randomString(n int) string { - chars := "abcdefghijklmnopqrstuvwxyz" - var b = make([]byte, n) - _, _ = rand.Read(b) - for k, v := range b { - b[k] = chars[v%byte(len(chars))] - } - return string(b) -} diff --git a/vendor/github.com/moby/buildkit/util/testutil/workers/backend.go b/vendor/github.com/moby/buildkit/util/testutil/workers/backend.go new file mode 100644 index 00000000..fabd32dd --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/backend.go @@ -0,0 +1,59 @@ +package workers + +import ( + "os" + "strings" +) + +type backend struct { + address string + dockerAddress string + containerdAddress string + rootless bool + snapshotter string + unsupportedFeatures []string + isDockerd bool +} + +func (b backend) Address() string { + return b.address +} + +func (b backend) DockerAddress() string { + return b.dockerAddress +} + +func (b backend) ContainerdAddress() string { + return b.containerdAddress +} + +func (b backend) Rootless() bool { + return b.rootless +} + +func (b backend) Snapshotter() string { + return b.snapshotter +} + +func (b backend) Supports(feature string) bool { + if enabledFeatures := os.Getenv("BUILDKIT_TEST_ENABLE_FEATURES"); enabledFeatures != "" { + for _, enabledFeature := range strings.Split(enabledFeatures, ",") { + if feature == enabledFeature { + return true + } + } + } + if disabledFeatures := os.Getenv("BUILDKIT_TEST_DISABLE_FEATURES"); disabledFeatures != "" { + for _, disabledFeature := range strings.Split(disabledFeatures, ",") { + if feature == disabledFeature { + return false + } + } + } + for _, unsupportedFeature := range b.unsupportedFeatures { + if feature == unsupportedFeature { + return false + } + } + return true +} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/containerd.go b/vendor/github.com/moby/buildkit/util/testutil/workers/containerd.go similarity index 72% rename from vendor/github.com/moby/buildkit/util/testutil/integration/containerd.go rename to vendor/github.com/moby/buildkit/util/testutil/workers/containerd.go index 26a6cabf..b81b6a87 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/containerd.go +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/containerd.go @@ -1,7 +1,6 @@ -package integration +package workers import ( - "bytes" "context" "fmt" "log" @@ -14,11 +13,12 @@ import ( "time" "github.com/moby/buildkit/util/bklog" + "github.com/moby/buildkit/util/testutil/integration" "github.com/pkg/errors" ) func InitContainerdWorker() { - Register(&Containerd{ + integration.Register(&Containerd{ ID: "containerd", Containerd: "containerd", }) @@ -32,7 +32,7 @@ func InitContainerdWorker() { panic(errors.Errorf("unexpected BUILDKIT_INTEGRATION_CONTAINERD_EXTRA: %q", s)) } name, bin := pair[0], pair[1] - Register(&Containerd{ + integration.Register(&Containerd{ ID: name, Containerd: filepath.Join(bin, "containerd"), // override PATH to make sure that the expected version of the shim binary is used @@ -47,8 +47,8 @@ func InitContainerdWorker() { if _, err := fmt.Sscanf(s, "%d:%d", &uid, &gid); err != nil { bklog.L.Fatalf("unexpected BUILDKIT_INTEGRATION_ROOTLESS_IDPAIR: %q", s) } - if rootlessSupported(uid) { - Register(&Containerd{ + if integration.RootlessSupported(uid) { + integration.Register(&Containerd{ ID: "containerd-rootless", Containerd: "containerd", UID: uid, @@ -59,7 +59,7 @@ func InitContainerdWorker() { } if s := os.Getenv("BUILDKIT_INTEGRATION_SNAPSHOTTER"); s != "" { - Register(&Containerd{ + integration.Register(&Containerd{ ID: fmt.Sprintf("containerd-snapshotter-%s", s), Containerd: "containerd", Snapshotter: s, @@ -84,18 +84,18 @@ func (c *Containerd) Rootless() bool { return c.UID != 0 } -func (c *Containerd) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() error, err error) { - if err := lookupBinary(c.Containerd); err != nil { +func (c *Containerd) New(ctx context.Context, cfg *integration.BackendConfig) (b integration.Backend, cl func() error, err error) { + if err := integration.LookupBinary(c.Containerd); err != nil { return nil, nil, err } - if err := lookupBinary("buildkitd"); err != nil { + if err := integration.LookupBinary("buildkitd"); err != nil { return nil, nil, err } if err := requireRoot(); err != nil { return nil, nil, err } - deferF := &multiCloser{} + deferF := &integration.MultiCloser{} cl = deferF.F() defer func() { @@ -123,7 +123,7 @@ func (c *Containerd) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl } } - deferF.append(func() error { return os.RemoveAll(tmpdir) }) + deferF.Append(func() error { return os.RemoveAll(tmpdir) }) address := filepath.Join(tmpdir, "containerd.sock") config := fmt.Sprintf(`root = %q @@ -149,7 +149,7 @@ disabled_plugins = ["cri"] if err != nil { return nil, nil, err } - deferF.append(snCl) + deferF.Append(snCl) config = fmt.Sprintf(`%s [proxy_plugins] @@ -168,7 +168,7 @@ disabled_plugins = ["cri"] containerdArgs := []string{c.Containerd, "--config", configFile} rootlessKitState := filepath.Join(tmpdir, "rootlesskit-containerd") if rootless { - containerdArgs = append(append([]string{"sudo", "-u", fmt.Sprintf("#%d", c.UID), "-i", + containerdArgs = append(append([]string{"sudo", "-E", "-u", fmt.Sprintf("#%d", c.UID), "-i", fmt.Sprintf("CONTAINERD_ROOTLESS_ROOTLESSKIT_STATE_DIR=%s", rootlessKitState), // Integration test requires the access to localhost of the host network namespace. // TODO: remove these configurations @@ -181,15 +181,15 @@ disabled_plugins = ["cri"] cmd := exec.Command(containerdArgs[0], containerdArgs[1:]...) //nolint:gosec // test utility cmd.Env = append(os.Environ(), c.ExtraEnv...) - ctdStop, err := startCmd(cmd, cfg.Logs) + ctdStop, err := integration.StartCmd(cmd, cfg.Logs) if err != nil { return nil, nil, err } - if err := waitUnix(address, 10*time.Second, cmd); err != nil { + if err := integration.WaitUnix(address, 10*time.Second, cmd); err != nil { ctdStop() - return nil, nil, errors.Wrapf(err, "containerd did not start up: %s", formatLogs(cfg.Logs)) + return nil, nil, errors.Wrapf(err, "containerd did not start up: %s", integration.FormatLogs(cfg.Logs)) } - deferF.append(ctdStop) + deferF.Append(ctdStop) buildkitdArgs := append([]string{"buildkitd", "--oci-worker=false", @@ -211,16 +211,16 @@ disabled_plugins = ["cri"] if err != nil { return nil, nil, err } - buildkitdArgs = append([]string{"sudo", "-u", fmt.Sprintf("#%d", c.UID), "-i", "--", "exec", + buildkitdArgs = append([]string{"sudo", "-E", "-u", fmt.Sprintf("#%d", c.UID), "-i", "--", "exec", "nsenter", "-U", "--preserve-credentials", "-m", "-t", fmt.Sprintf("%d", pid)}, append(buildkitdArgs, "--containerd-worker-snapshotter=native")...) } buildkitdSock, stop, err := runBuildkitd(ctx, cfg, buildkitdArgs, cfg.Logs, c.UID, c.GID, c.ExtraEnv) if err != nil { - printLogs(cfg.Logs, log.Println) + integration.PrintLogs(cfg.Logs, log.Println) return nil, nil, err } - deferF.append(stop) + deferF.Append(stop) return backend{ address: buildkitdSock, @@ -234,12 +234,43 @@ func (c *Containerd) Close() error { return nil } -func formatLogs(m map[string]*bytes.Buffer) string { - var ss []string - for k, b := range m { - if b != nil { - ss = append(ss, fmt.Sprintf("%q:%q", k, b.String())) +func runStargzSnapshotter(cfg *integration.BackendConfig) (address string, cl func() error, err error) { + binary := "containerd-stargz-grpc" + if err := integration.LookupBinary(binary); err != nil { + return "", nil, err + } + + deferF := &integration.MultiCloser{} + cl = deferF.F() + + defer func() { + if err != nil { + deferF.F()() + cl = nil } + }() + + tmpStargzDir, err := os.MkdirTemp("", "bktest_containerd_stargz_grpc") + if err != nil { + return "", nil, err + } + deferF.Append(func() error { return os.RemoveAll(tmpStargzDir) }) + + address = filepath.Join(tmpStargzDir, "containerd-stargz-grpc.sock") + stargzRootDir := filepath.Join(tmpStargzDir, "root") + cmd := exec.Command(binary, + "--log-level", "debug", + "--address", address, + "--root", stargzRootDir) + snStop, err := integration.StartCmd(cmd, cfg.Logs) + if err != nil { + return "", nil, err } - return strings.Join(ss, ",") + if err = integration.WaitUnix(address, 10*time.Second, cmd); err != nil { + snStop() + return "", nil, errors.Wrapf(err, "containerd-stargz-grpc did not start up: %s", integration.FormatLogs(cfg.Logs)) + } + deferF.Append(snStop) + + return } diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/dockerd.go b/vendor/github.com/moby/buildkit/util/testutil/workers/dockerd.go similarity index 86% rename from vendor/github.com/moby/buildkit/util/testutil/integration/dockerd.go rename to vendor/github.com/moby/buildkit/util/testutil/workers/dockerd.go index 9c743df1..7ed0d6f3 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/dockerd.go +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/dockerd.go @@ -1,4 +1,4 @@ -package integration +package workers import ( "context" @@ -13,13 +13,14 @@ import ( "github.com/docker/docker/client" "github.com/moby/buildkit/cmd/buildkitd/config" "github.com/moby/buildkit/util/testutil/dockerd" + "github.com/moby/buildkit/util/testutil/integration" "github.com/pkg/errors" "golang.org/x/sync/errgroup" ) // InitDockerdWorker registers a dockerd worker with the global registry. func InitDockerdWorker() { - Register(&Moby{ + integration.Register(&Moby{ ID: "dockerd", IsRootless: false, Unsupported: []string{ @@ -42,7 +43,7 @@ func InitDockerdWorker() { FeatureCNINetwork, }, }) - Register(&Moby{ + integration.Register(&Moby{ ID: "dockerd-containerd", IsRootless: false, ContainerdSnapshotter: true, @@ -70,7 +71,7 @@ func (c Moby) Rootless() bool { return c.IsRootless } -func (c Moby) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() error, err error) { +func (c Moby) New(ctx context.Context, cfg *integration.BackendConfig) (b integration.Backend, cl func() error, err error) { if err := requireRoot(); err != nil { return nil, nil, err } @@ -106,7 +107,7 @@ func (c Moby) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() return nil, nil, errors.Wrapf(err, "failed to marshal dockerd config") } - deferF := &multiCloser{} + deferF := &integration.MultiCloser{} cl = deferF.F() defer func() { @@ -117,7 +118,7 @@ func (c Moby) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() }() var proxyGroup errgroup.Group - deferF.append(proxyGroup.Wait) + deferF.Append(proxyGroup.Wait) workDir, err := os.MkdirTemp("", "integration") if err != nil { @@ -126,7 +127,7 @@ func (c Moby) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() d, err := dockerd.NewDaemon(workDir) if err != nil { - return nil, nil, errors.Errorf("new daemon error: %q, %s", err, formatLogs(cfg.Logs)) + return nil, nil, errors.Errorf("new daemon error: %q, %s", err, integration.FormatLogs(cfg.Logs)) } dockerdConfigFile := filepath.Join(workDir, "daemon.json") @@ -148,21 +149,21 @@ func (c Moby) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() if err != nil { return nil, nil, err } - deferF.append(d.StopWithError) + deferF.Append(d.StopWithError) - if err := waitUnix(d.Sock(), 5*time.Second, nil); err != nil { - return nil, nil, errors.Errorf("dockerd did not start up: %q, %s", err, formatLogs(cfg.Logs)) + if err := integration.WaitUnix(d.Sock(), 5*time.Second, nil); err != nil { + return nil, nil, errors.Errorf("dockerd did not start up: %q, %s", err, integration.FormatLogs(cfg.Logs)) } dockerAPI, err := client.NewClientWithOpts(client.WithHost(d.Sock())) if err != nil { return nil, nil, err } - deferF.append(dockerAPI.Close) + deferF.Append(dockerAPI.Close) err = waitForAPI(ctx, dockerAPI, 5*time.Second) if err != nil { - return nil, nil, errors.Wrapf(err, "dockerd client api timed out: %s", formatLogs(cfg.Logs)) + return nil, nil, errors.Wrapf(err, "dockerd client api timed out: %s", integration.FormatLogs(cfg.Logs)) } // Create a file descriptor to be used as a Unix domain socket. @@ -178,9 +179,9 @@ func (c Moby) New(ctx context.Context, cfg *BackendConfig) (b Backend, cl func() listener, err := net.Listen("unix", localPath) if err != nil { - return nil, nil, errors.Wrapf(err, "dockerd listener error: %s", formatLogs(cfg.Logs)) + return nil, nil, errors.Wrapf(err, "dockerd listener error: %s", integration.FormatLogs(cfg.Logs)) } - deferF.append(listener.Close) + deferF.Append(listener.Close) proxyGroup.Go(func() error { for { @@ -244,10 +245,6 @@ func IsTestDockerd() bool { return os.Getenv("TEST_DOCKERD") == "1" } -func IsTestDockerdMoby(sb Sandbox) bool { - b, err := getBackend(sb) - if err != nil { - return false - } - return b.isDockerd && sb.Name() == "dockerd" +func IsTestDockerdMoby(sb integration.Sandbox) bool { + return sb.DockerAddress() != "" && sb.Name() == "dockerd" } diff --git a/vendor/github.com/moby/buildkit/util/testutil/workers/features.go b/vendor/github.com/moby/buildkit/util/testutil/workers/features.go new file mode 100644 index 00000000..c53670d6 --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/features.go @@ -0,0 +1,63 @@ +package workers + +import ( + "testing" + + "github.com/moby/buildkit/util/testutil/integration" +) + +const ( + FeatureCacheExport = "cache_export" + FeatureCacheImport = "cache_import" + FeatureCacheBackendAzblob = "cache_backend_azblob" + FeatureCacheBackendGha = "cache_backend_gha" + FeatureCacheBackendInline = "cache_backend_inline" + FeatureCacheBackendLocal = "cache_backend_local" + FeatureCacheBackendRegistry = "cache_backend_registry" + FeatureCacheBackendS3 = "cache_backend_s3" + FeatureDirectPush = "direct_push" + FeatureFrontendOutline = "frontend_outline" + FeatureFrontendTargets = "frontend_targets" + FeatureImageExporter = "image_exporter" + FeatureInfo = "info" + FeatureMergeDiff = "merge_diff" + FeatureMultiCacheExport = "multi_cache_export" + FeatureMultiPlatform = "multi_platform" + FeatureOCIExporter = "oci_exporter" + FeatureOCILayout = "oci_layout" + FeatureProvenance = "provenance" + FeatureSBOM = "sbom" + FeatureSecurityMode = "security_mode" + FeatureSourceDateEpoch = "source_date_epoch" + FeatureCNINetwork = "cni_network" +) + +var features = map[string]struct{}{ + FeatureCacheExport: {}, + FeatureCacheImport: {}, + FeatureCacheBackendAzblob: {}, + FeatureCacheBackendGha: {}, + FeatureCacheBackendInline: {}, + FeatureCacheBackendLocal: {}, + FeatureCacheBackendRegistry: {}, + FeatureCacheBackendS3: {}, + FeatureDirectPush: {}, + FeatureFrontendOutline: {}, + FeatureFrontendTargets: {}, + FeatureImageExporter: {}, + FeatureInfo: {}, + FeatureMergeDiff: {}, + FeatureMultiCacheExport: {}, + FeatureMultiPlatform: {}, + FeatureOCIExporter: {}, + FeatureOCILayout: {}, + FeatureProvenance: {}, + FeatureSBOM: {}, + FeatureSecurityMode: {}, + FeatureSourceDateEpoch: {}, + FeatureCNINetwork: {}, +} + +func CheckFeatureCompat(t *testing.T, sb integration.Sandbox, reason ...string) { + integration.CheckFeatureCompat(t, sb, features, reason...) +} diff --git a/vendor/github.com/moby/buildkit/util/testutil/integration/oci.go b/vendor/github.com/moby/buildkit/util/testutil/workers/oci.go similarity index 74% rename from vendor/github.com/moby/buildkit/util/testutil/integration/oci.go rename to vendor/github.com/moby/buildkit/util/testutil/workers/oci.go index b08d81b2..f571aee0 100644 --- a/vendor/github.com/moby/buildkit/util/testutil/integration/oci.go +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/oci.go @@ -1,4 +1,4 @@ -package integration +package workers import ( "context" @@ -8,11 +8,12 @@ import ( "runtime" "github.com/moby/buildkit/util/bklog" + "github.com/moby/buildkit/util/testutil/integration" "github.com/pkg/errors" ) func InitOCIWorker() { - Register(&OCI{ID: "oci"}) + integration.Register(&OCI{ID: "oci"}) // the rootless uid is defined in Dockerfile if s := os.Getenv("BUILDKIT_INTEGRATION_ROOTLESS_IDPAIR"); s != "" { @@ -20,13 +21,13 @@ func InitOCIWorker() { if _, err := fmt.Sscanf(s, "%d:%d", &uid, &gid); err != nil { bklog.L.Fatalf("unexpected BUILDKIT_INTEGRATION_ROOTLESS_IDPAIR: %q", s) } - if rootlessSupported(uid) { - Register(&OCI{ID: "oci-rootless", UID: uid, GID: gid}) + if integration.RootlessSupported(uid) { + integration.Register(&OCI{ID: "oci-rootless", UID: uid, GID: gid}) } } if s := os.Getenv("BUILDKIT_INTEGRATION_SNAPSHOTTER"); s != "" { - Register(&OCI{ID: "oci-snapshotter-" + s, Snapshotter: s}) + integration.Register(&OCI{ID: "oci-snapshotter-" + s, Snapshotter: s}) } } @@ -45,8 +46,8 @@ func (s *OCI) Rootless() bool { return s.UID != 0 } -func (s *OCI) New(ctx context.Context, cfg *BackendConfig) (Backend, func() error, error) { - if err := lookupBinary("buildkitd"); err != nil { +func (s *OCI) New(ctx context.Context, cfg *integration.BackendConfig) (integration.Backend, func() error, error) { + if err := integration.LookupBinary("buildkitd"); err != nil { return nil, nil, err } if err := requireRoot(); err != nil { @@ -65,7 +66,7 @@ func (s *OCI) New(ctx context.Context, cfg *BackendConfig) (Backend, func() erro return nil, nil, errors.Errorf("unsupported id pair: uid=%d, gid=%d", s.UID, s.GID) } // TODO: make sure the user exists and subuid/subgid are configured. - buildkitdArgs = append([]string{"sudo", "-u", fmt.Sprintf("#%d", s.UID), "-i", "--", "exec", "rootlesskit"}, buildkitdArgs...) + buildkitdArgs = append([]string{"sudo", "-E", "-u", fmt.Sprintf("#%d", s.UID), "-i", "--", "exec", "rootlesskit"}, buildkitdArgs...) } var extraEnv []string @@ -74,7 +75,7 @@ func (s *OCI) New(ctx context.Context, cfg *BackendConfig) (Backend, func() erro } buildkitdSock, stop, err := runBuildkitd(ctx, cfg, buildkitdArgs, cfg.Logs, s.UID, s.GID, extraEnv) if err != nil { - printLogs(cfg.Logs, log.Println) + integration.PrintLogs(cfg.Logs, log.Println) return nil, nil, err } diff --git a/vendor/github.com/moby/buildkit/util/testutil/workers/sysprocattr_unix.go b/vendor/github.com/moby/buildkit/util/testutil/workers/sysprocattr_unix.go new file mode 100644 index 00000000..7f4db76e --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/sysprocattr_unix.go @@ -0,0 +1,23 @@ +//go:build !windows +// +build !windows + +package workers + +import ( + "path/filepath" + "syscall" +) + +func getSysProcAttr() *syscall.SysProcAttr { + return &syscall.SysProcAttr{ + Setsid: true, // stretch sudo needs this for sigterm + } +} + +func getBuildkitdAddr(tmpdir string) string { + return "unix://" + filepath.Join(tmpdir, "buildkitd.sock") +} + +func getTraceSocketPath(tmpdir string) string { + return filepath.Join(tmpdir, "otel-grpc.sock") +} diff --git a/vendor/github.com/moby/buildkit/util/testutil/workers/sysprocattr_windows.go b/vendor/github.com/moby/buildkit/util/testutil/workers/sysprocattr_windows.go new file mode 100644 index 00000000..9d67037f --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/sysprocattr_windows.go @@ -0,0 +1,21 @@ +//go:build windows +// +build windows + +package workers + +import ( + "path/filepath" + "syscall" +) + +func getSysProcAttr() *syscall.SysProcAttr { + return &syscall.SysProcAttr{} +} + +func getBuildkitdAddr(tmpdir string) string { + return "//./pipe/buildkitd-" + filepath.Base(tmpdir) +} + +func getTraceSocketPath(tmpdir string) string { + return `\\.\pipe\buildkit-otel-grpc-` + filepath.Base(tmpdir) +} diff --git a/vendor/github.com/moby/buildkit/util/testutil/workers/util.go b/vendor/github.com/moby/buildkit/util/testutil/workers/util.go new file mode 100644 index 00000000..6b6b2dcb --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/testutil/workers/util.go @@ -0,0 +1,89 @@ +package workers + +import ( + "bufio" + "bytes" + "context" + "os" + "os/exec" + "path/filepath" + "strings" + "time" + + "github.com/moby/buildkit/util/testutil/integration" + "github.com/pkg/errors" +) + +func requireRoot() error { + if os.Getuid() != 0 { + return errors.Wrap(integration.ErrRequirements, "requires root") + } + return nil +} + +func runBuildkitd(ctx context.Context, conf *integration.BackendConfig, args []string, logs map[string]*bytes.Buffer, uid, gid int, extraEnv []string) (address string, cl func() error, err error) { + deferF := &integration.MultiCloser{} + cl = deferF.F() + + defer func() { + if err != nil { + deferF.F()() + cl = nil + } + }() + + if conf.ConfigFile != "" { + args = append(args, "--config="+conf.ConfigFile) + } + + tmpdir, err := os.MkdirTemp("", "bktest_buildkitd") + if err != nil { + return "", nil, err + } + if err := os.Chown(tmpdir, uid, gid); err != nil { + return "", nil, err + } + if err := os.MkdirAll(filepath.Join(tmpdir, "tmp"), 0711); err != nil { + return "", nil, err + } + if err := os.Chown(filepath.Join(tmpdir, "tmp"), uid, gid); err != nil { + return "", nil, err + } + + deferF.Append(func() error { return os.RemoveAll(tmpdir) }) + + address = getBuildkitdAddr(tmpdir) + + args = append(args, "--root", tmpdir, "--addr", address, "--debug") + cmd := exec.Command(args[0], args[1:]...) //nolint:gosec // test utility + cmd.Env = append(os.Environ(), "BUILDKIT_DEBUG_EXEC_OUTPUT=1", "BUILDKIT_DEBUG_PANIC_ON_ERROR=1", "BUILDKIT_TRACE_SOCKET="+getTraceSocketPath(tmpdir), "TMPDIR="+filepath.Join(tmpdir, "tmp")) + cmd.Env = append(cmd.Env, extraEnv...) + cmd.SysProcAttr = getSysProcAttr() + + stop, err := integration.StartCmd(cmd, logs) + if err != nil { + return "", nil, err + } + deferF.Append(stop) + + if err := integration.WaitUnix(address, 15*time.Second, cmd); err != nil { + return "", nil, err + } + + deferF.Append(func() error { + f, err := os.Open("/proc/self/mountinfo") + if err != nil { + return errors.Wrap(err, "failed to open mountinfo") + } + defer f.Close() + s := bufio.NewScanner(f) + for s.Scan() { + if strings.Contains(s.Text(), tmpdir) { + return errors.Errorf("leaked mountpoint for %s", tmpdir) + } + } + return s.Err() + }) + + return address, cl, err +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 8481f8fa..5fa27738 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -501,7 +501,7 @@ github.com/mitchellh/go-wordwrap # github.com/mitchellh/mapstructure v1.5.0 ## explicit; go 1.14 github.com/mitchellh/mapstructure -# github.com/moby/buildkit v0.12.1-0.20230717122532-faa0cc7da353 +# github.com/moby/buildkit v0.12.1-0.20230804094609-b49a8873179b ## explicit; go 1.20 github.com/moby/buildkit/api/services/control github.com/moby/buildkit/api/types @@ -569,6 +569,7 @@ github.com/moby/buildkit/util/system github.com/moby/buildkit/util/testutil github.com/moby/buildkit/util/testutil/dockerd github.com/moby/buildkit/util/testutil/integration +github.com/moby/buildkit/util/testutil/workers github.com/moby/buildkit/util/tracing github.com/moby/buildkit/util/tracing/detect github.com/moby/buildkit/util/tracing/detect/delegated