full diff: f1615facb1...418ca3b4d4
relevant changes;
- cli/command: remove unused args from ResolveDefaultContext()
- consider empty DOCKER_HOST and DOCKER_CONTEXT env-vars equivalent to "not set"
- cli: set timeout connection ping on sockets as well
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This prevents the fall-through to the panic from division by zero in the
modulus below, and presents a neater error to the user.
Signed-off-by: Justin Chadwell <me@jedevc.com>
This patch completes the work started in creating a remote driver:
- Renames the env driver to the remote driver (an alternative suggestion
that should be more user-friendly)
- Adds support for TLS to encrypt connections with buildkitd
- Fixes outstanding review comments
- Reworks the buildx create command endpoint construction to be clearer
and include better support for this new driver.
Signed-off-by: Justin Chadwell <me@jedevc.com>
Only change the image to the default rootless image when using the
--rootless option if the image has not already customized with the
--image option.
Fix#938
Signed-off-by: Doug Borg <dougborg@apple.com>
Kubernetes added the official `securityContext.seccompProfile` support in Kubernetes 1.19.
Seccomp is still disabled by default.
The legacy `container.seccomp.security.alpha.kubernetes.io/<PODNAME>` annotation has been deprecated and will be unsupported in Kubernetes 1.25.
https://kubernetes.io/docs/tutorials/security/seccomp/
A test cluster can be created with the following minikube command:
```
minikube start --feature-gates SeccompDefault=true --extra-config kubelet.seccomp-default=true
```
Related to moby/buildkit PR 2782
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Add --keep-daemon to the `rm` command option to preserve the buildkitd daemon after the buildx context is deleted.
Signed-off-by: Mayeul Blanzat <mayeul.blanzat@datadoghq.com>
Addresses https://github.com/docker/setup-buildx-action/issues/45
Simple repro:
```
$ buildx create --platform linux/amd64 --use
$ buildx build - <<EOF
from scratch
EOF
```
Since https://github.com/docker/buildx/pull/370 a `platform` driver-opt was automatically inserted with the value specified by `--platform` flag on regardless of the type of driver, even though it was only used in the kubernetes driver. However, because the docker-container driver is pedantic about the options being passed, it errored out.
Another side-effect I suspect is that with the kubernetes driver it was now possible to specify the platforms in two different ways: `--driver-opt platform=...` and `--platform`.
This patch reverts completely the `platform` driver-opt and instead ensures the platforms information is passed onto the kubernetes driver via variables.
Signed-off-by: Tibor Vass <tibor@docker.com>
Tested with `kind` and GKE.
Note: "nodes" shown in `docker buildx ls` are unrelated to Kubernetes "nodes".
Probably buildx should come up with an alternative term.
Usage:
$ kind create cluster
$ export KUBECONFIG="$(kind get kubeconfig-path --name="kind")"
$ docker buildx create --driver kubernetes --driver-opt replicas=3 --use
$ docker buildx build -t foo --load .
`--load` loads the image into the local Docker.
Driver opts:
- `image=IMAGE` - Sets the container image to be used for running buildkit.
- `namespace=NS` - Sets the Kubernetes namespace. Defaults to the current namespace.
- `replicas=N` - Sets the number of `Pod` replicas. Defaults to 1.
- `rootless=(true|false)` - Run the container as a non-root user without `securityContext.privileged`. Defaults to false.
- `loadbalance=(sticky|random)` - Load-balancing strategy. If set to "sticky", the pod is chosen using the hash of the context path. Defaults to "sticky"
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
Akihiro Suda