diff --git a/build/build.go b/build/build.go index 9d60695f..72e32c71 100644 --- a/build/build.go +++ b/build/build.go @@ -400,7 +400,7 @@ func toSolveOpt(d driver.Driver, multiDriver bool, opt Options, dl dockerLoadCal return nil, nil, err } defers = append(defers, cancel) - opt.Exports[i].Output = w + opt.Exports[i].Output = wrapWriteCloser(w) } } else if !d.Features()[driver.DockerExporter] { return nil, nil, notSupported(d, driver.DockerExporter) diff --git a/build/output.go b/build/output.go index ac4d0ff5..b27db14c 100644 --- a/build/output.go +++ b/build/output.go @@ -2,6 +2,7 @@ package build import ( "encoding/csv" + "io" "os" "strings" @@ -81,7 +82,7 @@ func ParseOutputs(inp []string) ([]client.ExportEntry, error) { if _, err := console.ConsoleFromFile(os.Stdout); err == nil { return nil, errors.Errorf("output file is required for %s exporter. refusing to write to console", out.Type) } - out.Output = os.Stdout + out.Output = wrapWriteCloser(os.Stdout) } else if dest != "" { fi, err := os.Stat(dest) if err != nil && !os.IsNotExist(err) { @@ -94,7 +95,7 @@ func ParseOutputs(inp []string) ([]client.ExportEntry, error) { if err != nil { return nil, errors.Errorf("failed to open %s", err) } - out.Output = f + out.Output = wrapWriteCloser(f) } delete(out.Attrs, "dest") case "registry": @@ -106,3 +107,9 @@ func ParseOutputs(inp []string) ([]client.ExportEntry, error) { } return outs, nil } + +func wrapWriteCloser(wc io.WriteCloser) func(map[string]string) (io.WriteCloser, error) { + return func(map[string]string) (io.WriteCloser, error) { + return wc, nil + } +} diff --git a/go.mod b/go.mod index f7f888c9..de827cb8 100644 --- a/go.mod +++ b/go.mod @@ -14,7 +14,7 @@ require ( github.com/cenkalti/backoff v2.1.1+incompatible // indirect github.com/cloudflare/cfssl v0.0.0-20181213083726-b94e044bb51e // indirect github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50 - github.com/containerd/containerd v1.3.0-0.20190426060238-3a3f0aac8819 + github.com/containerd/containerd v1.3.0-0.20190507210959-7c1e88399ec0 github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448 // indirect github.com/containerd/typeurl v0.0.0-20190228175220-2a93cfde8c20 // indirect github.com/denisenkom/go-mssqldb v0.0.0-20190315220205-a8ed825ac853 // indirect @@ -52,7 +52,7 @@ require ( github.com/mattn/go-sqlite3 v1.10.0 // indirect github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect github.com/miekg/pkcs11 v0.0.0-20190322140431-074fd7a1ed19 // indirect - github.com/moby/buildkit v0.5.2-0.20190513182223-f238f1efb04f + github.com/moby/buildkit v0.6.2-0.20190921002054-ae10b292fefb github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect github.com/modern-go/reflect2 v1.0.1 // indirect github.com/opencontainers/go-digest v1.0.0-rc1 diff --git a/go.sum b/go.sum index ff376acd..a80ad054 100644 --- a/go.sum +++ b/go.sum @@ -39,20 +39,22 @@ github.com/containerd/cgroups v0.0.0-20190226200435-dbea6f2bd416/go.mod h1:X9rLE github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50 h1:WMpHmC6AxwWb9hMqhudkqG7A/p14KiMnl6d3r1iUMjU= github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50/go.mod h1:Tj/on1eG8kiEhd0+fhSDzsPAFESxzBBvdyEgyryXffw= github.com/containerd/containerd v1.2.4/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= -github.com/containerd/containerd v1.3.0-0.20190426060238-3a3f0aac8819 h1:otmq8xNIzAo+2SjPURbYZXVW+B6hZBAWJ+JApzCYWDk= -github.com/containerd/containerd v1.3.0-0.20190426060238-3a3f0aac8819/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= +github.com/containerd/containerd v1.3.0-0.20190507210959-7c1e88399ec0 h1:enps1EZBEgR8QxwdrpsoSxcsCXWnMKchIQ/0dzC0eKw= +github.com/containerd/containerd v1.3.0-0.20190507210959-7c1e88399ec0/go.mod h1:bC6axHOhabU15QhwfG7w5PipXdVtMXFTttgp+kVtyUA= github.com/containerd/continuity v0.0.0-20181001140422-bd77b46c8352/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc h1:TP+534wVlf61smEIq1nwLLAjQVEK2EADoW3CX9AuT+8= -github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= +github.com/containerd/continuity v0.0.0-20190827140505-75bee3e2ccb6 h1:NmTXa/uVnDyp0TY5MKi197+3HWcnYWfnHGyaFthlnGw= +github.com/containerd/continuity v0.0.0-20190827140505-75bee3e2ccb6/go.mod h1:GL3xCUCBDV3CZiTSEKksMWbLE66hEyuu9qyDOOqM47Y= github.com/containerd/fifo v0.0.0-20180307165137-3d5202aec260/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448 h1:PUD50EuOMkXVcpBIA/R95d56duJR9VxhwncsFbNnxW4= github.com/containerd/fifo v0.0.0-20190226154929-a9fb20d87448/go.mod h1:ODA38xgv3Kuk8dQz2ZQXpnv/UZZUHUCL7pnLehbXgQI= -github.com/containerd/go-runc v0.0.0-20180907222934-5a6d9f37cfa3/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= +github.com/containerd/go-cni v0.0.0-20190610170741-5a4663dad645/go.mod h1:2wlRxCQdiBY+OcjNg5x8kI+5mEL1fGt25L4IzQHYJsM= +github.com/containerd/go-runc v0.0.0-20190911050354-e029b79d8cda/go.mod h1:IV7qH3hrUgRmyYrtgEeGWJfWbgcHL9CSRruz2Vqcph0= github.com/containerd/ttrpc v0.0.0-20190411181408-699c4e40d1e7 h1:SKDlsIhYxNE1LO0xwuOR+3QWj3zRibVQu5jWIMQmOfU= github.com/containerd/ttrpc v0.0.0-20190411181408-699c4e40d1e7/go.mod h1:PvCDdDGpgqzQIzDW1TphrGLssLDZp2GuS+X5DkEJB8o= github.com/containerd/typeurl v0.0.0-20180627222232-a93fcdb778cd/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= github.com/containerd/typeurl v0.0.0-20190228175220-2a93cfde8c20 h1:14r0i3IeJj6zkNLigAJiv/TWSR8EY+pxIjv5tFiT+n8= github.com/containerd/typeurl v0.0.0-20190228175220-2a93cfde8c20/go.mod h1:Cm3kwCdlkCfMSHURc+r6fwoGH6/F1hH3S4sg0rLFWPc= +github.com/containernetworking/cni v0.6.1-0.20180218032124-142cde0c766c/go.mod h1:LGwApLUm2FpoOfxTDEeq8T9ipbpZ61X79hmU3w8FmsY= github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE= github.com/coreos/go-etcd v2.0.0+incompatible/go.mod h1:Jez6KQU2B/sWsbdaef3ED8NzMklzPG4d5KIOhIy30Tk= github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk= @@ -89,7 +91,7 @@ github.com/docker/go-metrics v0.0.0-20170502235133-d466d4f6fd96 h1:HVQ/BC7Ze+bcV github.com/docker/go-metrics v0.0.0-20170502235133-d466d4f6fd96/go.mod h1:/u0gXw0Gay3ceNrsHubL3BtdOL2fHf93USgMTe0W5dI= github.com/docker/go-units v0.3.1 h1:QAFdsA6jLCnglbqE6mUsHuPcJlntY94DkxHf4deHKIU= github.com/docker/go-units v0.3.1/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk= -github.com/docker/libnetwork v0.0.0-20180913200009-36d3bed0e9f4/go.mod h1:93m0aTqz6z+g32wla4l4WxTrdtvBRmVzYRkYvasA5Z8= +github.com/docker/libnetwork v0.8.0-dev.2.0.20190604151032-3c26b4e7495e/go.mod h1:93m0aTqz6z+g32wla4l4WxTrdtvBRmVzYRkYvasA5Z8= github.com/docker/libtrust v0.0.0-20150526203908-9cbd2a1374f4 h1:k8TfKGeAcDQFFQOGCQMRN04N4a9YrPlRMMKnzAuvM9Q= github.com/docker/libtrust v0.0.0-20150526203908-9cbd2a1374f4/go.mod h1:cyGadeNEkKy96OOhEzfZl+yxihPEzKnqJwvfuSUqbZE= github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y= @@ -181,8 +183,8 @@ github.com/miekg/pkcs11 v0.0.0-20190322140431-074fd7a1ed19/go.mod h1:WCBAbTOdfhH github.com/mitchellh/hashstructure v0.0.0-20170609045927-2bca23e0e452/go.mod h1:QjSHrPWS+BGUVBYkbTZWEnOh3G1DutKwClXU/ABz6AQ= github.com/mitchellh/mapstructure v1.1.2 h1:fmNYVwqnSfB9mZU6OS2O6GsXM+wcskZDuKQzvN1EDeE= github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y= -github.com/moby/buildkit v0.5.2-0.20190513182223-f238f1efb04f h1:gNiytoQ3/71JJKWbLPtxoInde5kBRpvqH6EbUf12JDU= -github.com/moby/buildkit v0.5.2-0.20190513182223-f238f1efb04f/go.mod h1:RozsxlEOjPuX/zKKrd0ZS76dlVNZu4qAff+vj7hR/qs= +github.com/moby/buildkit v0.6.2-0.20190921002054-ae10b292fefb h1:enyviD1ZOxgo62sGpT2yQY1uTtruq84wYJPjFJwsbH0= +github.com/moby/buildkit v0.6.2-0.20190921002054-ae10b292fefb/go.mod h1:JKVImCzxztxvULr5P6ZiBfA/B2P+ZpR6UHxOXQn4KiU= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg= github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q= github.com/modern-go/reflect2 v1.0.1 h1:9f412s+6RmYXLWZSEzVVgPGK7C2PphHj5RJrvfx9AWI= @@ -197,8 +199,8 @@ github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQ github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/runc v1.0.0-rc6/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= -github.com/opencontainers/runc v1.0.1-0.20190307181833-2b18fe1d885e h1:+uPGJuuDl61O9GKN/rLHkUCf597mpxmJI06RqMQX81A= -github.com/opencontainers/runc v1.0.1-0.20190307181833-2b18fe1d885e/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= +github.com/opencontainers/runc v1.0.0-rc8 h1:dDCFes8Hj1r/i5qnypONo5jdOme/8HWZC/aNDyhECt0= +github.com/opencontainers/runc v1.0.0-rc8/go.mod h1:qT5XzbpPznkRYVz/mWwUaVBUv2rmF59PVA73FjuZG0U= github.com/opencontainers/runtime-spec v0.0.0-20180909173843-eba862dc2470/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= github.com/opencontainers/runtime-spec v1.0.1 h1:wY4pOY8fBdSIvs9+IDHC55thBuEulhzfSgKeC1yFvzQ= github.com/opencontainers/runtime-spec v1.0.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0= @@ -246,8 +248,8 @@ github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2 h1:b6uOv7YOFK0 github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2/go.mod h1:hkRG7XYTFWNJGYcbNJQlaLq0fg1yr4J4t/NcTQtrfww= github.com/theupdateframework/notary v0.6.1 h1:7wshjstgS9x9F5LuB1L5mBI2xNMObWqjz+cjWoom6l0= github.com/theupdateframework/notary v0.6.1/go.mod h1:MOfgIfmox8s7/7fduvB2xyPPMJCrjRLRizA8OFwpnKY= -github.com/tonistiigi/fsutil v0.0.0-20190327153851-3bbb99cdbd76 h1:eGfgYrNUSD448sa4mxH6nQpyZfN39QH0mLB7QaKIjus= -github.com/tonistiigi/fsutil v0.0.0-20190327153851-3bbb99cdbd76/go.mod h1:pzh7kdwkDRh+Bx8J30uqaKJ1M4QrSH/um8fcIXeM8rc= +github.com/tonistiigi/fsutil v0.0.0-20190819224149-3d2716dd0a4d h1:HJg27yqwTV7vFG9dWPDbUi373o/bmSDYGN9mZgVwdH0= +github.com/tonistiigi/fsutil v0.0.0-20190819224149-3d2716dd0a4d/go.mod h1:pzh7kdwkDRh+Bx8J30uqaKJ1M4QrSH/um8fcIXeM8rc= github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/v/cCndK0AMpt1wiVFb/YYmqB3/QG0= github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk= github.com/tonistiigi/vt100 v0.0.0-20190402012908-ad4c4a574305 h1:y/1cL5AL2oRcfzz8CAHHhR6kDDfIOT0WEyH5k40sccM= diff --git a/vendor/github.com/containerd/containerd/README.md b/vendor/github.com/containerd/containerd/README.md index 3d9947dd..9b2ba3de 100644 --- a/vendor/github.com/containerd/containerd/README.md +++ b/vendor/github.com/containerd/containerd/README.md @@ -1,4 +1,4 @@ -![containerd banner](https://raw.githubusercontent.com/cncf/artwork/master/containerd/horizontal/color/containerd-horizontal-color.png) +![containerd banner](https://raw.githubusercontent.com/cncf/artwork/master/projects/containerd/horizontal/color/containerd-horizontal-color.png) [![GoDoc](https://godoc.org/github.com/containerd/containerd?status.svg)](https://godoc.org/github.com/containerd/containerd) [![Build Status](https://travis-ci.org/containerd/containerd.svg?branch=master)](https://travis-ci.org/containerd/containerd) diff --git a/vendor/github.com/containerd/containerd/images/archive/importer.go b/vendor/github.com/containerd/containerd/images/archive/importer.go index da83275c..692c76b1 100644 --- a/vendor/github.com/containerd/containerd/images/archive/importer.go +++ b/vendor/github.com/containerd/containerd/images/archive/importer.go @@ -197,10 +197,7 @@ func onUntarJSON(r io.Reader, j interface{}) error { if err != nil { return err } - if err := json.Unmarshal(b, j); err != nil { - return err - } - return nil + return json.Unmarshal(b, j) } func onUntarBlob(ctx context.Context, r io.Reader, store content.Ingester, size int64, ref string) (digest.Digest, error) { diff --git a/vendor/github.com/containerd/containerd/mount/mount_linux.go b/vendor/github.com/containerd/containerd/mount/mount_linux.go index b5a16148..6bbc50bb 100644 --- a/vendor/github.com/containerd/containerd/mount/mount_linux.go +++ b/vendor/github.com/containerd/containerd/mount/mount_linux.go @@ -111,7 +111,18 @@ func unmount(target string, flags int) error { // UnmountAll repeatedly unmounts the given mount point until there // are no mounts remaining (EINVAL is returned by mount), which is // useful for undoing a stack of mounts on the same mount point. +// UnmountAll all is noop when the first argument is an empty string. +// This is done when the containerd client did not specify any rootfs +// mounts (e.g. because the rootfs is managed outside containerd) +// UnmountAll is noop when the mount path does not exist. func UnmountAll(mount string, flags int) error { + if mount == "" { + return nil + } + if _, err := os.Stat(mount); os.IsNotExist(err) { + return nil + } + for { if err := unmount(mount, flags); err != nil { // EINVAL is returned if the target is not a diff --git a/vendor/github.com/containerd/containerd/remotes/docker/handler.go b/vendor/github.com/containerd/containerd/remotes/docker/handler.go index 21872b5f..1a355783 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/handler.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/handler.go @@ -88,7 +88,7 @@ func appendDistributionSourceLabel(originLabel, repo string) string { } repos = append(repos, repo) - // use emtpy string to present duplicate items + // use empty string to present duplicate items for i := 1; i < len(repos); i++ { tmp, j := repos[i], i-1 for ; j >= 0 && repos[j] >= tmp; j-- { diff --git a/vendor/github.com/containerd/containerd/remotes/docker/resolver.go b/vendor/github.com/containerd/containerd/remotes/docker/resolver.go index 427052b7..00e1c855 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/resolver.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/resolver.go @@ -18,10 +18,10 @@ package docker import ( "context" + "io" "net/http" "net/url" "path" - "strconv" "strings" "github.com/containerd/containerd/errdefs" @@ -29,6 +29,7 @@ import ( "github.com/containerd/containerd/log" "github.com/containerd/containerd/reference" "github.com/containerd/containerd/remotes" + "github.com/containerd/containerd/remotes/docker/schema1" "github.com/containerd/containerd/version" digest "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" @@ -150,6 +151,32 @@ func NewResolver(options ResolverOptions) remotes.Resolver { } } +func getManifestMediaType(resp *http.Response) string { + // Strip encoding data (manifests should always be ascii JSON) + contentType := resp.Header.Get("Content-Type") + if sp := strings.IndexByte(contentType, ';'); sp != -1 { + contentType = contentType[0:sp] + } + + // As of Apr 30 2019 the registry.access.redhat.com registry does not specify + // the content type of any data but uses schema1 manifests. + if contentType == "text/plain" { + contentType = images.MediaTypeDockerSchema1Manifest + } + return contentType +} + +type countingReader struct { + reader io.Reader + bytesRead int64 +} + +func (r *countingReader) Read(p []byte) (int, error) { + n, err := r.reader.Read(p) + r.bytesRead += int64(n) + return n, err +} + var _ remotes.Resolver = &dockerResolver{} func (r *dockerResolver) Resolve(ctx context.Context, ref string) (string, ocispec.Descriptor, error) { @@ -220,40 +247,56 @@ func (r *dockerResolver) Resolve(ctx context.Context, ref string) (string, ocisp } return "", ocispec.Descriptor{}, errors.Errorf("unexpected status code %v: %v", u, resp.Status) } + size := resp.ContentLength // this is the only point at which we trust the registry. we use the // content headers to assemble a descriptor for the name. when this becomes // more robust, we mostly get this information from a secure trust store. dgstHeader := digest.Digest(resp.Header.Get("Docker-Content-Digest")) + contentType := getManifestMediaType(resp) - if dgstHeader != "" { + if dgstHeader != "" && size != -1 { if err := dgstHeader.Validate(); err != nil { return "", ocispec.Descriptor{}, errors.Wrapf(err, "%q in header not a valid digest", dgstHeader) } dgst = dgstHeader - } - - if dgst == "" { - return "", ocispec.Descriptor{}, errors.Errorf("could not resolve digest for %v", ref) - } + } else { + log.G(ctx).Debug("no Docker-Content-Digest header, fetching manifest instead") - var ( - size int64 - sizeHeader = resp.Header.Get("Content-Length") - ) - - size, err = strconv.ParseInt(sizeHeader, 10, 64) - if err != nil { + req, err := http.NewRequest(http.MethodGet, u, nil) + if err != nil { + return "", ocispec.Descriptor{}, err + } + req.Header = r.headers - return "", ocispec.Descriptor{}, errors.Wrapf(err, "invalid size header: %q", sizeHeader) - } - if size < 0 { - return "", ocispec.Descriptor{}, errors.Errorf("%q in header not a valid size", sizeHeader) + resp, err := fetcher.doRequestWithRetries(ctx, req, nil) + if err != nil { + return "", ocispec.Descriptor{}, err + } + defer resp.Body.Close() + + bodyReader := countingReader{reader: resp.Body} + + contentType = getManifestMediaType(resp) + if contentType == images.MediaTypeDockerSchema1Manifest { + b, err := schema1.ReadStripSignature(&bodyReader) + if err != nil { + return "", ocispec.Descriptor{}, err + } + + dgst = digest.FromBytes(b) + } else { + dgst, err = digest.FromReader(&bodyReader) + if err != nil { + return "", ocispec.Descriptor{}, err + } + } + size = bodyReader.bytesRead } desc := ocispec.Descriptor{ Digest: dgst, - MediaType: resp.Header.Get("Content-Type"), // need to strip disposition? + MediaType: contentType, Size: size, } diff --git a/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go b/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go index 766c24a2..29b41cc1 100644 --- a/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go +++ b/vendor/github.com/containerd/containerd/remotes/docker/schema1/converter.go @@ -227,6 +227,17 @@ func (c *Converter) Convert(ctx context.Context, opts ...ConvertOpt) (ocispec.De return desc, nil } +// ReadStripSignature reads in a schema1 manifest and returns a byte array +// with the "signatures" field stripped +func ReadStripSignature(schema1Blob io.Reader) ([]byte, error) { + b, err := ioutil.ReadAll(io.LimitReader(schema1Blob, manifestSizeLimit)) // limit to 8MB + if err != nil { + return nil, err + } + + return stripSignature(b) +} + func (c *Converter) fetchManifest(ctx context.Context, desc ocispec.Descriptor) error { log.G(ctx).Debug("fetch schema 1") @@ -235,17 +246,12 @@ func (c *Converter) fetchManifest(ctx context.Context, desc ocispec.Descriptor) return err } - b, err := ioutil.ReadAll(io.LimitReader(rc, manifestSizeLimit)) // limit to 8MB + b, err := ReadStripSignature(rc) rc.Close() if err != nil { return err } - b, err = stripSignature(b) - if err != nil { - return err - } - var m manifest if err := json.Unmarshal(b, &m); err != nil { return err diff --git a/vendor/github.com/containerd/containerd/vendor.conf b/vendor/github.com/containerd/containerd/vendor.conf index dd19f045..46df0000 100644 --- a/vendor/github.com/containerd/containerd/vendor.conf +++ b/vendor/github.com/containerd/containerd/vendor.conf @@ -20,7 +20,7 @@ github.com/gogo/protobuf v1.2.1 github.com/gogo/googleapis v1.2.0 github.com/golang/protobuf v1.2.0 github.com/opencontainers/runtime-spec 29686dbc5559d93fb1ef402eeda3e35c38d75af4 # v1.0.1-59-g29686db -github.com/opencontainers/runc 029124da7af7360afa781a0234d1b083550f797c +github.com/opencontainers/runc v1.0.0-rc8 github.com/konsorten/go-windows-terminal-sequences v1.0.1 github.com/sirupsen/logrus v1.4.1 github.com/urfave/cli 7bc6a0acffa589f415f88aca16cc1de5ffd66f9c @@ -37,15 +37,15 @@ github.com/Microsoft/go-winio 84b4ab48a50763fe7b3abcef38e5205c12027fac github.com/Microsoft/hcsshim 8abdbb8205e4192c68b5f84c31197156f31be517 google.golang.org/genproto d80a6e20e776b0b17a324d0ba1ab50a39c8e8944 golang.org/x/text 19e51611da83d6be54ddafce4a4af510cb3e9ea4 -github.com/containerd/ttrpc f02858b1457c5ca3aaec3a0803eb0d59f96e41d6 +github.com/containerd/ttrpc 699c4e40d1e7416e08bf7019c7ce2e9beced4636 github.com/syndtr/gocapability d98352740cb2c55f81556b63d4a1ec64c5a319c2 gotest.tools v2.3.0 github.com/google/go-cmp v0.2.0 go.etcd.io/bbolt v1.3.2 # cri dependencies -github.com/containerd/cri 6d353571e64417d80c9478ffaea793714dd539d0 # master -github.com/containerd/go-cni 40bcf8ec8acd7372be1d77031d585d5d8e561c90 +github.com/containerd/cri 2fc62db8146ce66f27b37306ad5fda34207835f3 # master +github.com/containerd/go-cni 891c2a41e18144b2d7921f971d6c9789a68046b2 github.com/containernetworking/cni v0.6.0 github.com/containernetworking/plugins v0.7.0 github.com/davecgh/go-spew v1.1.0 @@ -59,7 +59,7 @@ github.com/hashicorp/go-multierror ed905158d87462226a13fe39ddf685ea65f1c11f github.com/json-iterator/go 1.1.5 github.com/modern-go/reflect2 1.0.1 github.com/modern-go/concurrent 1.0.3 -github.com/opencontainers/selinux v1.2.1 +github.com/opencontainers/selinux v1.2.2 github.com/seccomp/libseccomp-golang 32f571b70023028bd57d9288c20efbcb237f3ce0 github.com/tchap/go-patricia v2.2.6 golang.org/x/crypto 88737f569e3a9c7ab309cdc09a07fe7fc87233c3 diff --git a/vendor/github.com/containerd/continuity/fs/copy.go b/vendor/github.com/containerd/continuity/fs/copy.go index ad61022a..97053d7e 100644 --- a/vendor/github.com/containerd/continuity/fs/copy.go +++ b/vendor/github.com/containerd/continuity/fs/copy.go @@ -80,7 +80,7 @@ func copyDirectory(dst, src string, inodes map[uint64]string, o *copyDirOpts) er return errors.Wrapf(err, "failed to stat %s", src) } if !stat.IsDir() { - return errors.Errorf("source is not directory") + return errors.Errorf("source %s is not directory", src) } if st, err := os.Stat(dst); err != nil { diff --git a/vendor/github.com/moby/buildkit/client/llb/exec.go b/vendor/github.com/moby/buildkit/client/llb/exec.go index 8e2d1d4c..ade99278 100644 --- a/vendor/github.com/moby/buildkit/client/llb/exec.go +++ b/vendor/github.com/moby/buildkit/client/llb/exec.go @@ -427,11 +427,13 @@ func Security(s pb.SecurityMode) RunOption { } func Shlex(str string) RunOption { - return Shlexf(str) + return runOptionFunc(func(ei *ExecInfo) { + ei.State = shlexf(str, false)(ei.State) + }) } func Shlexf(str string, v ...interface{}) RunOption { return runOptionFunc(func(ei *ExecInfo) { - ei.State = shlexf(str, v...)(ei.State) + ei.State = shlexf(str, true, v...)(ei.State) }) } @@ -442,7 +444,9 @@ func Args(a []string) RunOption { } func AddEnv(key, value string) RunOption { - return AddEnvf(key, value) + return runOptionFunc(func(ei *ExecInfo) { + ei.State = ei.State.AddEnv(key, value) + }) } func AddEnvf(key, value string, v ...interface{}) RunOption { @@ -458,7 +462,9 @@ func User(str string) RunOption { } func Dir(str string) RunOption { - return Dirf(str) + return runOptionFunc(func(ei *ExecInfo) { + ei.State = ei.State.Dir(str) + }) } func Dirf(str string, v ...interface{}) RunOption { return runOptionFunc(func(ei *ExecInfo) { diff --git a/vendor/github.com/moby/buildkit/client/llb/meta.go b/vendor/github.com/moby/buildkit/client/llb/meta.go index 78a24730..54b14c4c 100644 --- a/vendor/github.com/moby/buildkit/client/llb/meta.go +++ b/vendor/github.com/moby/buildkit/client/llb/meta.go @@ -24,19 +24,24 @@ var ( keySecurity = contextKeyT("llb.security") ) -func addEnvf(key, value string, v ...interface{}) StateOption { +func addEnvf(key, value string, replace bool, v ...interface{}) StateOption { + if replace { + value = fmt.Sprintf(value, v...) + } return func(s State) State { - return s.WithValue(keyEnv, getEnv(s).AddOrReplace(key, fmt.Sprintf(value, v...))) + return s.WithValue(keyEnv, getEnv(s).AddOrReplace(key, value)) } } func dir(str string) StateOption { - return dirf(str) + return dirf(str, false) } -func dirf(str string, v ...interface{}) StateOption { +func dirf(value string, replace bool, v ...interface{}) StateOption { + if replace { + value = fmt.Sprintf(value, v...) + } return func(s State) State { - value := fmt.Sprintf(str, v...) if !path.IsAbs(value) { prev := getDir(s) if prev == "" { @@ -100,9 +105,12 @@ func args(args ...string) StateOption { } } -func shlexf(str string, v ...interface{}) StateOption { +func shlexf(str string, replace bool, v ...interface{}) StateOption { + if replace { + str = fmt.Sprintf(str, v...) + } return func(s State) State { - arg, err := shlex.Split(fmt.Sprintf(str, v...)) + arg, err := shlex.Split(str) if err != nil { // TODO: handle error } diff --git a/vendor/github.com/moby/buildkit/client/llb/state.go b/vendor/github.com/moby/buildkit/client/llb/state.go index 928242af..ba8845e0 100644 --- a/vendor/github.com/moby/buildkit/client/llb/state.go +++ b/vendor/github.com/moby/buildkit/client/llb/state.go @@ -240,18 +240,18 @@ func (s State) File(a *FileAction, opts ...ConstraintsOpt) State { } func (s State) AddEnv(key, value string) State { - return s.AddEnvf(key, value) + return addEnvf(key, value, false)(s) } func (s State) AddEnvf(key, value string, v ...interface{}) State { - return addEnvf(key, value, v...)(s) + return addEnvf(key, value, true, v...)(s) } func (s State) Dir(str string) State { - return s.Dirf(str) + return dirf(str, false)(s) } func (s State) Dirf(str string, v ...interface{}) State { - return dirf(str, v...)(s) + return dirf(str, true, v...)(s) } func (s State) GetEnv(key string) (string, bool) { diff --git a/vendor/github.com/moby/buildkit/client/solve.go b/vendor/github.com/moby/buildkit/client/solve.go index 17b3810c..d09c5f76 100644 --- a/vendor/github.com/moby/buildkit/client/solve.go +++ b/vendor/github.com/moby/buildkit/client/solve.go @@ -46,8 +46,8 @@ type SolveOpt struct { type ExportEntry struct { Type string Attrs map[string]string - Output io.WriteCloser // for ExporterOCI and ExporterDocker - OutputDir string // for ExporterLocal + Output func(map[string]string) (io.WriteCloser, error) // for ExporterOCI and ExporterDocker + OutputDir string // for ExporterLocal } type CacheOptionsEntry struct { diff --git a/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go b/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go index b39b2808..1a1ff075 100644 --- a/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go +++ b/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go @@ -128,7 +128,7 @@ func (c *grpcClient) Run(ctx context.Context, f client.BuildFunc) (retError erro } } if retError != nil { - st, _ := status.FromError(retError) + st, _ := status.FromError(errors.Cause(retError)) stp := st.Proto() req.Error = &rpc.Status{ Code: stp.Code, diff --git a/vendor/github.com/moby/buildkit/session/auth/auth.go b/vendor/github.com/moby/buildkit/session/auth/auth.go index 2b96a7ce..5717455f 100644 --- a/vendor/github.com/moby/buildkit/session/auth/auth.go +++ b/vendor/github.com/moby/buildkit/session/auth/auth.go @@ -4,6 +4,7 @@ import ( "context" "github.com/moby/buildkit/session" + "github.com/pkg/errors" "google.golang.org/grpc/codes" "google.golang.org/grpc/status" ) @@ -16,10 +17,10 @@ func CredentialsFunc(ctx context.Context, c session.Caller) func(string) (string Host: host, }) if err != nil { - if st, ok := status.FromError(err); ok && st.Code() == codes.Unimplemented { + if st, ok := status.FromError(errors.Cause(err)); ok && st.Code() == codes.Unimplemented { return "", "", nil } - return "", "", err + return "", "", errors.WithStack(err) } return resp.Username, resp.Secret, nil } diff --git a/vendor/github.com/moby/buildkit/session/content/caller.go b/vendor/github.com/moby/buildkit/session/content/caller.go index ef7a24ec..70e82130 100644 --- a/vendor/github.com/moby/buildkit/session/content/caller.go +++ b/vendor/github.com/moby/buildkit/session/content/caller.go @@ -9,6 +9,7 @@ import ( "github.com/moby/buildkit/session" digest "github.com/opencontainers/go-digest" ocispec "github.com/opencontainers/image-spec/specs-go/v1" + "github.com/pkg/errors" "google.golang.org/grpc/metadata" ) @@ -31,47 +32,53 @@ func (cs *callerContentStore) choose(ctx context.Context) context.Context { func (cs *callerContentStore) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) { ctx = cs.choose(ctx) - return cs.store.Info(ctx, dgst) + info, err := cs.store.Info(ctx, dgst) + return info, errors.WithStack(err) } func (cs *callerContentStore) Update(ctx context.Context, info content.Info, fieldpaths ...string) (content.Info, error) { ctx = cs.choose(ctx) - return cs.store.Update(ctx, info, fieldpaths...) + info, err := cs.store.Update(ctx, info, fieldpaths...) + return info, errors.WithStack(err) } func (cs *callerContentStore) Walk(ctx context.Context, fn content.WalkFunc, fs ...string) error { ctx = cs.choose(ctx) - return cs.store.Walk(ctx, fn, fs...) + return errors.WithStack(cs.store.Walk(ctx, fn, fs...)) } func (cs *callerContentStore) Delete(ctx context.Context, dgst digest.Digest) error { ctx = cs.choose(ctx) - return cs.store.Delete(ctx, dgst) + return errors.WithStack(cs.store.Delete(ctx, dgst)) } func (cs *callerContentStore) ListStatuses(ctx context.Context, fs ...string) ([]content.Status, error) { ctx = cs.choose(ctx) - return cs.store.ListStatuses(ctx, fs...) + resp, err := cs.store.ListStatuses(ctx, fs...) + return resp, errors.WithStack(err) } func (cs *callerContentStore) Status(ctx context.Context, ref string) (content.Status, error) { ctx = cs.choose(ctx) - return cs.store.Status(ctx, ref) + st, err := cs.store.Status(ctx, ref) + return st, errors.WithStack(err) } func (cs *callerContentStore) Abort(ctx context.Context, ref string) error { ctx = cs.choose(ctx) - return cs.store.Abort(ctx, ref) + return errors.WithStack(cs.store.Abort(ctx, ref)) } func (cs *callerContentStore) Writer(ctx context.Context, opts ...content.WriterOpt) (content.Writer, error) { ctx = cs.choose(ctx) - return cs.store.Writer(ctx, opts...) + w, err := cs.store.Writer(ctx, opts...) + return w, errors.WithStack(err) } func (cs *callerContentStore) ReaderAt(ctx context.Context, desc ocispec.Descriptor) (content.ReaderAt, error) { ctx = cs.choose(ctx) - return cs.store.ReaderAt(ctx, desc) + ra, err := cs.store.ReaderAt(ctx, desc) + return ra, errors.WithStack(err) } // NewCallerStore creates content.Store from session.Caller with specified storeID diff --git a/vendor/github.com/moby/buildkit/session/filesync/diffcopy.go b/vendor/github.com/moby/buildkit/session/filesync/diffcopy.go index 6934f946..f1d7d78e 100644 --- a/vendor/github.com/moby/buildkit/session/filesync/diffcopy.go +++ b/vendor/github.com/moby/buildkit/session/filesync/diffcopy.go @@ -14,7 +14,7 @@ import ( ) func sendDiffCopy(stream grpc.Stream, fs fsutil.FS, progress progressCb) error { - return fsutil.Send(stream.Context(), stream, fs, progress) + return errors.WithStack(fsutil.Send(stream.Context(), stream, fs, progress)) } func newStreamWriter(stream grpc.ClientStream) io.WriteCloser { @@ -29,7 +29,7 @@ type bufferedWriteCloser struct { func (bwc *bufferedWriteCloser) Close() error { if err := bwc.Writer.Flush(); err != nil { - return err + return errors.WithStack(err) } return bwc.Closer.Close() } @@ -40,19 +40,25 @@ type streamWriterCloser struct { func (wc *streamWriterCloser) Write(dt []byte) (int, error) { if err := wc.ClientStream.SendMsg(&BytesMessage{Data: dt}); err != nil { - return 0, err + // SendMsg return EOF on remote errors + if errors.Cause(err) == io.EOF { + if err := errors.WithStack(wc.ClientStream.RecvMsg(struct{}{})); err != nil { + return 0, err + } + } + return 0, errors.WithStack(err) } return len(dt), nil } func (wc *streamWriterCloser) Close() error { if err := wc.ClientStream.CloseSend(); err != nil { - return err + return errors.WithStack(err) } // block until receiver is done var bm BytesMessage if err := wc.ClientStream.RecvMsg(&bm); err != io.EOF { - return err + return errors.WithStack(err) } return nil } @@ -69,19 +75,19 @@ func recvDiffCopy(ds grpc.Stream, dest string, cu CacheUpdater, progress progres cf = cu.HandleChange ch = cu.ContentHasher() } - return fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{ + return errors.WithStack(fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{ NotifyHashed: cf, ContentHasher: ch, ProgressCb: progress, Filter: fsutil.FilterFunc(filter), - }) + })) } func syncTargetDiffCopy(ds grpc.Stream, dest string) error { if err := os.MkdirAll(dest, 0700); err != nil { - return err + return errors.Wrapf(err, "failed to create synctarget dest dir %s", dest) } - return fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{ + return errors.WithStack(fsutil.Receive(ds.Context(), ds, dest, fsutil.ReceiveOpt{ Merge: true, Filter: func() func(string, *fstypes.Stat) bool { uid := os.Getuid() @@ -92,7 +98,7 @@ func syncTargetDiffCopy(ds grpc.Stream, dest string) error { return true } }(), - }) + })) } func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error { @@ -102,10 +108,10 @@ func writeTargetFile(ds grpc.Stream, wc io.WriteCloser) error { if errors.Cause(err) == io.EOF { return nil } - return err + return errors.WithStack(err) } if _, err := wc.Write(bm.Data); err != nil { - return err + return errors.WithStack(err) } } } diff --git a/vendor/github.com/moby/buildkit/session/filesync/filesync.go b/vendor/github.com/moby/buildkit/session/filesync/filesync.go index de5237b1..a45abe02 100644 --- a/vendor/github.com/moby/buildkit/session/filesync/filesync.go +++ b/vendor/github.com/moby/buildkit/session/filesync/filesync.go @@ -18,11 +18,12 @@ import ( ) const ( - keyOverrideExcludes = "override-excludes" - keyIncludePatterns = "include-patterns" - keyExcludePatterns = "exclude-patterns" - keyFollowPaths = "followpaths" - keyDirName = "dir-name" + keyOverrideExcludes = "override-excludes" + keyIncludePatterns = "include-patterns" + keyExcludePatterns = "exclude-patterns" + keyFollowPaths = "followpaths" + keyDirName = "dir-name" + keyExporterMetaPrefix = "exporter-md-" ) type fsSyncProvider struct { @@ -238,16 +239,16 @@ func NewFSSyncTargetDir(outdir string) session.Attachable { } // NewFSSyncTarget allows writing into an io.WriteCloser -func NewFSSyncTarget(w io.WriteCloser) session.Attachable { +func NewFSSyncTarget(f func(map[string]string) (io.WriteCloser, error)) session.Attachable { p := &fsSyncTarget{ - outfile: w, + f: f, } return p } type fsSyncTarget struct { - outdir string - outfile io.WriteCloser + outdir string + f func(map[string]string) (io.WriteCloser, error) } func (sp *fsSyncTarget) Register(server *grpc.Server) { @@ -258,11 +259,26 @@ func (sp *fsSyncTarget) DiffCopy(stream FileSend_DiffCopyServer) error { if sp.outdir != "" { return syncTargetDiffCopy(stream, sp.outdir) } - if sp.outfile == nil { + + if sp.f == nil { return errors.New("empty outfile and outdir") } - defer sp.outfile.Close() - return writeTargetFile(stream, sp.outfile) + opts, _ := metadata.FromIncomingContext(stream.Context()) // if no metadata continue with empty object + md := map[string]string{} + for k, v := range opts { + if strings.HasPrefix(k, keyExporterMetaPrefix) { + md[strings.TrimPrefix(k, keyExporterMetaPrefix)] = strings.Join(v, ",") + } + } + wc, err := sp.f(md) + if err != nil { + return err + } + if wc == nil { + return status.Errorf(codes.AlreadyExists, "target already exists") + } + defer wc.Close() + return writeTargetFile(stream, wc) } func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress func(int, bool)) error { @@ -275,13 +291,13 @@ func CopyToCaller(ctx context.Context, fs fsutil.FS, c session.Caller, progress cc, err := client.DiffCopy(ctx) if err != nil { - return err + return errors.WithStack(err) } return sendDiffCopy(cc, fs, progress) } -func CopyFileWriter(ctx context.Context, c session.Caller) (io.WriteCloser, error) { +func CopyFileWriter(ctx context.Context, md map[string]string, c session.Caller) (io.WriteCloser, error) { method := session.MethodURL(_FileSend_serviceDesc.ServiceName, "diffcopy") if !c.Supports(method) { return nil, errors.Errorf("method %s not supported by the client", method) @@ -289,9 +305,16 @@ func CopyFileWriter(ctx context.Context, c session.Caller) (io.WriteCloser, erro client := NewFileSendClient(c.Conn()) + opts := make(map[string][]string, len(md)) + for k, v := range md { + opts[keyExporterMetaPrefix+k] = []string{v} + } + + ctx = metadata.NewOutgoingContext(ctx, opts) + cc, err := client.DiffCopy(ctx) if err != nil { - return nil, err + return nil, errors.WithStack(err) } return newStreamWriter(cc), nil diff --git a/vendor/github.com/moby/buildkit/session/secrets/secrets.go b/vendor/github.com/moby/buildkit/session/secrets/secrets.go index 6cfda18b..3f3bb644 100644 --- a/vendor/github.com/moby/buildkit/session/secrets/secrets.go +++ b/vendor/github.com/moby/buildkit/session/secrets/secrets.go @@ -21,10 +21,10 @@ func GetSecret(ctx context.Context, c session.Caller, id string) ([]byte, error) ID: id, }) if err != nil { - if st, ok := status.FromError(err); ok && (st.Code() == codes.Unimplemented || st.Code() == codes.NotFound) { + if st, ok := status.FromError(errors.Cause(err)); ok && (st.Code() == codes.Unimplemented || st.Code() == codes.NotFound) { return nil, errors.Wrapf(ErrNotFound, "secret %s not found", id) } - return nil, err + return nil, errors.WithStack(err) } return resp.Data, nil } diff --git a/vendor/github.com/moby/buildkit/session/sshforward/copy.go b/vendor/github.com/moby/buildkit/session/sshforward/copy.go index c101f3b4..85366f19 100644 --- a/vendor/github.com/moby/buildkit/session/sshforward/copy.go +++ b/vendor/github.com/moby/buildkit/session/sshforward/copy.go @@ -3,23 +3,24 @@ package sshforward import ( io "io" + "github.com/pkg/errors" context "golang.org/x/net/context" "golang.org/x/sync/errgroup" "google.golang.org/grpc" ) -func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) error { +func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream, closeStream func() error) error { g, ctx := errgroup.WithContext(ctx) g.Go(func() (retErr error) { p := &BytesMessage{} for { if err := stream.RecvMsg(p); err != nil { + conn.Close() if err == io.EOF { return nil } - conn.Close() - return err + return errors.WithStack(err) } select { case <-ctx.Done(): @@ -29,7 +30,7 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro } if _, err := conn.Write(p.Data); err != nil { conn.Close() - return err + return errors.WithStack(err) } p.Data = p.Data[:0] } @@ -41,9 +42,12 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro n, err := conn.Read(buf) switch { case err == io.EOF: + if closeStream != nil { + closeStream() + } return nil case err != nil: - return err + return errors.WithStack(err) } select { case <-ctx.Done(): @@ -52,7 +56,7 @@ func Copy(ctx context.Context, conn io.ReadWriteCloser, stream grpc.Stream) erro } p := &BytesMessage{Data: buf[:n]} if err := stream.SendMsg(p); err != nil { - return err + return errors.WithStack(err) } } }) diff --git a/vendor/github.com/moby/buildkit/session/sshforward/ssh.go b/vendor/github.com/moby/buildkit/session/sshforward/ssh.go index a4effef6..0001f59b 100644 --- a/vendor/github.com/moby/buildkit/session/sshforward/ssh.go +++ b/vendor/github.com/moby/buildkit/session/sshforward/ssh.go @@ -7,6 +7,7 @@ import ( "path/filepath" "github.com/moby/buildkit/session" + "github.com/pkg/errors" context "golang.org/x/net/context" "golang.org/x/sync/errgroup" "google.golang.org/grpc/metadata" @@ -48,7 +49,7 @@ func (s *server) run(ctx context.Context, l net.Listener, id string) error { return err } - go Copy(ctx, conn, stream) + go Copy(ctx, conn, stream, stream.CloseSend) } }) @@ -65,7 +66,7 @@ type SocketOpt struct { func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockPath string, closer func() error, err error) { dir, err := ioutil.TempDir("", ".buildkit-ssh-sock") if err != nil { - return "", nil, err + return "", nil, errors.WithStack(err) } defer func() { @@ -78,16 +79,16 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP l, err := net.Listen("unix", sockPath) if err != nil { - return "", nil, err + return "", nil, errors.WithStack(err) } if err := os.Chown(sockPath, opt.UID, opt.GID); err != nil { l.Close() - return "", nil, err + return "", nil, errors.WithStack(err) } if err := os.Chmod(sockPath, os.FileMode(opt.Mode)); err != nil { l.Close() - return "", nil, err + return "", nil, errors.WithStack(err) } s := &server{caller: c} @@ -102,12 +103,12 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP return sockPath, func() error { err := l.Close() os.RemoveAll(sockPath) - return err + return errors.WithStack(err) }, nil } func CheckSSHID(ctx context.Context, c session.Caller, id string) error { client := NewSSHClient(c.Conn()) _, err := client.CheckAgent(ctx, &CheckAgentRequest{ID: id}) - return err + return errors.WithStack(err) } diff --git a/vendor/github.com/moby/buildkit/session/sshforward/sshprovider/agentprovider.go b/vendor/github.com/moby/buildkit/session/sshforward/sshprovider/agentprovider.go index 009a91b7..7aa3e3df 100644 --- a/vendor/github.com/moby/buildkit/session/sshforward/sshprovider/agentprovider.go +++ b/vendor/github.com/moby/buildkit/session/sshforward/sshprovider/agentprovider.go @@ -114,7 +114,7 @@ func (sp *socketProvider) ForwardAgent(stream sshforward.SSH_ForwardAgentServer) eg.Go(func() error { defer s1.Close() - return sshforward.Copy(ctx, s2, stream) + return sshforward.Copy(ctx, s2, stream, nil) }) return eg.Wait() diff --git a/vendor/github.com/moby/buildkit/session/upload/upload.go b/vendor/github.com/moby/buildkit/session/upload/upload.go index 8d69bde2..c739b92d 100644 --- a/vendor/github.com/moby/buildkit/session/upload/upload.go +++ b/vendor/github.com/moby/buildkit/session/upload/upload.go @@ -6,6 +6,7 @@ import ( "net/url" "github.com/moby/buildkit/session" + "github.com/pkg/errors" "google.golang.org/grpc/metadata" ) @@ -26,7 +27,7 @@ func New(ctx context.Context, c session.Caller, url *url.URL) (*Upload, error) { cc, err := client.Pull(ctx) if err != nil { - return nil, err + return nil, errors.WithStack(err) } return &Upload{cc: cc}, nil @@ -44,12 +45,12 @@ func (u *Upload) WriteTo(w io.Writer) (int, error) { if err == io.EOF { return n, nil } - return n, err + return n, errors.WithStack(err) } nn, err := w.Write(bm.Data) n += nn if err != nil { - return n, err + return n, errors.WithStack(err) } } } diff --git a/vendor/github.com/moby/buildkit/solver/pb/caps.go b/vendor/github.com/moby/buildkit/solver/pb/caps.go index 7ff0358e..7649ce7d 100644 --- a/vendor/github.com/moby/buildkit/solver/pb/caps.go +++ b/vendor/github.com/moby/buildkit/solver/pb/caps.go @@ -30,19 +30,20 @@ const ( CapBuildOpLLBFileName apicaps.CapID = "source.buildop.llbfilename" - CapExecMetaBase apicaps.CapID = "exec.meta.base" - CapExecMetaProxy apicaps.CapID = "exec.meta.proxyenv" - CapExecMetaNetwork apicaps.CapID = "exec.meta.network" - CapExecMetaSecurity apicaps.CapID = "exec.meta.security" - CapExecMetaSetsDefaultPath apicaps.CapID = "exec.meta.setsdefaultpath" - CapExecMountBind apicaps.CapID = "exec.mount.bind" - CapExecMountCache apicaps.CapID = "exec.mount.cache" - CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing" - CapExecMountSelector apicaps.CapID = "exec.mount.selector" - CapExecMountTmpfs apicaps.CapID = "exec.mount.tmpfs" - CapExecMountSecret apicaps.CapID = "exec.mount.secret" - CapExecMountSSH apicaps.CapID = "exec.mount.ssh" - CapExecCgroupsMounted apicaps.CapID = "exec.cgroup" + CapExecMetaBase apicaps.CapID = "exec.meta.base" + CapExecMetaProxy apicaps.CapID = "exec.meta.proxyenv" + CapExecMetaNetwork apicaps.CapID = "exec.meta.network" + CapExecMetaSecurity apicaps.CapID = "exec.meta.security" + CapExecMetaSetsDefaultPath apicaps.CapID = "exec.meta.setsdefaultpath" + CapExecMountBind apicaps.CapID = "exec.mount.bind" + CapExecMountBindReadWriteNoOuput apicaps.CapID = "exec.mount.bind.readwrite-nooutput" + CapExecMountCache apicaps.CapID = "exec.mount.cache" + CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing" + CapExecMountSelector apicaps.CapID = "exec.mount.selector" + CapExecMountTmpfs apicaps.CapID = "exec.mount.tmpfs" + CapExecMountSecret apicaps.CapID = "exec.mount.secret" + CapExecMountSSH apicaps.CapID = "exec.mount.ssh" + CapExecCgroupsMounted apicaps.CapID = "exec.cgroup" CapFileBase apicaps.CapID = "file.base" @@ -193,6 +194,12 @@ func init() { Status: apicaps.CapStatusExperimental, }) + Caps.Init(apicaps.Cap{ + ID: CapExecMountBindReadWriteNoOuput, + Enabled: true, + Status: apicaps.CapStatusExperimental, + }) + Caps.Init(apicaps.Cap{ ID: CapExecMountCache, Enabled: true, diff --git a/vendor/github.com/tonistiigi/fsutil/stat.go b/vendor/github.com/tonistiigi/fsutil/stat.go index 573894da..789dce3d 100644 --- a/vendor/github.com/tonistiigi/fsutil/stat.go +++ b/vendor/github.com/tonistiigi/fsutil/stat.go @@ -49,6 +49,9 @@ func mkstat(path, relpath string, fi os.FileInfo, inodemap map[uint64]string) (* stat.Mode = noPermPart | permPart } + // Clear the socket bit since archive/tar.FileInfoHeader does not handle it + stat.Mode &^= uint32(os.ModeSocket) + return stat, nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index 4ae93421..ea5ba552 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -27,7 +27,7 @@ github.com/agl/ed25519/edwards25519 github.com/beorn7/perks/quantile # github.com/containerd/console v0.0.0-20181022165439-0650fd9eeb50 github.com/containerd/console -# github.com/containerd/containerd v1.3.0-0.20190426060238-3a3f0aac8819 +# github.com/containerd/containerd v1.3.0-0.20190507210959-7c1e88399ec0 github.com/containerd/containerd/images github.com/containerd/containerd/platforms github.com/containerd/containerd/content @@ -40,6 +40,7 @@ github.com/containerd/containerd/containers github.com/containerd/containerd/oci github.com/containerd/containerd/labels github.com/containerd/containerd/reference +github.com/containerd/containerd/remotes/docker/schema1 github.com/containerd/containerd/version github.com/containerd/containerd/filters github.com/containerd/containerd/sys @@ -50,6 +51,7 @@ github.com/containerd/containerd/mount github.com/containerd/containerd/namespaces github.com/containerd/containerd/snapshots github.com/containerd/containerd +github.com/containerd/containerd/archive/compression github.com/containerd/containerd/api/services/containers/v1 github.com/containerd/containerd/api/services/diff/v1 github.com/containerd/containerd/api/services/events/v1 @@ -62,7 +64,6 @@ github.com/containerd/containerd/api/services/tasks/v1 github.com/containerd/containerd/api/services/version/v1 github.com/containerd/containerd/api/types github.com/containerd/containerd/archive -github.com/containerd/containerd/archive/compression github.com/containerd/containerd/cio github.com/containerd/containerd/defaults github.com/containerd/containerd/diff @@ -73,7 +74,6 @@ github.com/containerd/containerd/leases github.com/containerd/containerd/leases/proxy github.com/containerd/containerd/pkg/dialer github.com/containerd/containerd/plugin -github.com/containerd/containerd/remotes/docker/schema1 github.com/containerd/containerd/rootfs github.com/containerd/containerd/runtime/linux/runctypes github.com/containerd/containerd/runtime/v2/runc/options @@ -81,7 +81,7 @@ github.com/containerd/containerd/snapshots/proxy github.com/containerd/containerd/api/types/task github.com/containerd/containerd/events/exchange github.com/containerd/containerd/identifiers -# github.com/containerd/continuity v0.0.0-20190426062206-aaeac12a7ffc +# github.com/containerd/continuity v0.0.0-20190827140505-75bee3e2ccb6 github.com/containerd/continuity github.com/containerd/continuity/fs github.com/containerd/continuity/pathdriver @@ -259,7 +259,7 @@ github.com/matttproud/golang_protobuf_extensions/pbutil github.com/miekg/pkcs11 # github.com/mitchellh/mapstructure v1.1.2 github.com/mitchellh/mapstructure -# github.com/moby/buildkit v0.5.2-0.20190513182223-f238f1efb04f +# github.com/moby/buildkit v0.6.2-0.20190921002054-ae10b292fefb github.com/moby/buildkit/session/auth/authprovider github.com/moby/buildkit/client github.com/moby/buildkit/session @@ -303,7 +303,7 @@ github.com/opencontainers/go-digest github.com/opencontainers/image-spec/specs-go/v1 github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/identity -# github.com/opencontainers/runc v1.0.1-0.20190307181833-2b18fe1d885e +# github.com/opencontainers/runc v1.0.0-rc8 github.com/opencontainers/runc/libcontainer/user github.com/opencontainers/runc/libcontainer/system # github.com/opencontainers/runtime-spec v1.0.1 @@ -355,7 +355,7 @@ github.com/theupdateframework/notary/trustmanager/yubikey github.com/theupdateframework/notary/tuf github.com/theupdateframework/notary/tuf/utils github.com/theupdateframework/notary/tuf/validation -# github.com/tonistiigi/fsutil v0.0.0-20190327153851-3bbb99cdbd76 +# github.com/tonistiigi/fsutil v0.0.0-20190819224149-3d2716dd0a4d github.com/tonistiigi/fsutil/types github.com/tonistiigi/fsutil # github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea