Commit Graph

180 Commits (4abff3ce1200b761cebd5aaa8493e2befc0cb1e6)

Author SHA1 Message Date
Justin Chadwell 69a9c6609a
Merge pull request #1699 from jedevc/bake-attestation-override 2 years ago
Justin Chadwell 90c849f5ef bake: merge attest entries
This ensures that `target.attest=["type=sbom,<value>"]` can be
appropriately merged when `--sbom=true` or `--set
target.attest=type=sbom`.

To merge, we simply naively take the last valid value.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell e61a1da7fc
Merge pull request #1748 from dvdksn/docs/bake-reference
docs: move and rewrite bake reference
2 years ago
David Karlsson f8483d7243 docs: refactor bake file reference
Signed-off-by: David Karlsson <david.karlsson@docker.com>
2 years ago
Justin Chadwell fdcb4e2fb9
Merge pull request #1784 from jedevc/support-new-compose-features
Support new compose features in bake
2 years ago
Justin Chadwell 4a0a67d7a2
Merge pull request #1783 from jedevc/fix-bake-sub-dir-context
bake: copy remote context contents to root
2 years ago
Justin Chadwell e228c398f4 bake: support compose additional contexts
compose-go v1.13.0 supports the new additional_contexts to allow passing
additional build context during build, so we should map this to bake's
contexts property.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 5d06406f26 bake: support compose inline dockerfile
compose-go v1.13.0 supports the new dockerfile_inline to allow including
a dockerfile inline in the compose definition, so we should map this to
bake's dockerfile-inline property.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell cb061b684c
Merge pull request #1753 from nicksieger/compose-go-v1.13.4
compose go v1.13.4
2 years ago
Justin Chadwell 12b6a3ad9a bake: copy remote context contents to root
When resolving remote contexts locally in bake, then we need to ensure
that we properly unpack the contents of that context to the root
directory, instead of leaving it in the subdirectory.

Otherwise, any files will be found in the wrong location. Along with
this change, we also need a change to the dockerfile location lookup to
ensure that it is found at the root instead of in the subdirectory.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 22e1901581 bake: reorganize input creation together
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell ae3299d9d4
Merge pull request #1628 from cpuguy83/policy_file
Support for passing through raw buildkit policies
2 years ago
CrazyMax 621b07c799
Merge pull request #1727 from crazy-max/cmd-completion
cli: add shell completion
2 years ago
Brian Goff 98efe7af10 Support for passing through raw buildkit policies
This adds an env var which can be used to pass in a path to a file to
read a buildkit source poliy from.

This is applied to any build is executed with the env set.
It is also applied to bakes (which are calling build behind the scenes).

Signed-off-by: Brian Goff <cpuguy83@gmail.com>
2 years ago
Nick Sieger 956a1be656
vendor: update to compose-go 1.13.4
Signed-off-by: Nick Sieger <nick@nicksieger.com>
2 years ago
Nick Sieger 12885c01ad
bake: use default filenames from compose-go
Signed-off-by: Nick Sieger <nick@nicksieger.com>
2 years ago
Justin Chadwell b716e48926
Merge pull request #1734 from jedevc/more-ssh-context-fixes
Various context fixups
2 years ago
Justin Chadwell 6c0547e7e6 bake: ensure remote files behind ssh expose agent
The updateContext function may make modifications to the build inputs,
creating either an SSH URL, or an SSH llb.State. In these cases, we need
to ensure that we appropriately expose the client's default agent.

Previously, we would only expose it if the remote context was a git URL,
however, we need to also ensure that if the input was used to override
the context (in the case of ReadRemoteFiles), that we expose the agent
here as well.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 871f865ac8 bake: update ReadRemoteFiles to use buildkit api
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
CrazyMax af011d6ca3
bake: add completion to list targets
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
Justin Chadwell 9827abbf76 bake: fix map type checking to detect matrix property set to list
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell a3293cdaaa
Merge pull request #1720 from jedevc/bake-replace-func
Add `replace` function to bake stdlib
2 years ago
Justin Chadwell f7d8bd2055
Merge pull request #1690 from jedevc/bake-matrix
Implement matrix for bake targets
2 years ago
Justin Chadwell 5d33a3af22 bake: add replace func to stdlib
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 87f900ce77 chore: sort bake stdlib map
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 5c21e80a83
Merge pull request #1711 from jedevc/bake-remote-file-git
bake: forward default ssh agent for remote bake file
2 years ago
Justin Chadwell 387ce5be7c bake: forward default ssh agent for remote bake file
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 87a120e8e3 bake: use build.IsRemoteURL
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 589d4e4cf5 build: use buildkit's gitutil package to detect remote files
BuildKit's gitutil package behaves slightly differently than moby's
urlutil, so we should rely on BuildKit's gitutil when detecting URLs to
avoid cases of accidentally producing invalid build requests that can
confuse users.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell a1520ea1b2 bake: additional validation for matrixes
This adds the following constraints to the new features:
- Explicit renaming with the `name` property is *only* permitted when
  used with the `matrix` property.
- Group does not support either `name` or `matrix` (we may choose to
  relax this constraint over time).
- All generated names must be unique.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell d699d08399 bake: add additional tests for matrix behavior
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 0806870261 bake: generate implicit groups for matrixes
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 77252f161c bake: add matrix to target block
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 4437802e63 bake: allow overriding name property
Previously, the name property could not be set in the body of a bake
target and could only be set for a label. This patch allows the body to
override the values of label fields, though the default is still the
label.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 1613fde55c bake: allow interception to create derived contexts
This patch allows high level clients to define an EvalContext method
which can derive a new context given a block and the base parent
context.

This allows users of the package to intercept evaluation before it
begins, and define additional variables and functions that are bound to
a single block.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 780531425b bake: move SOURCE_DATE_EPOCH parsing to overrides
Previously, when directly modifying the args map when reading targets,
we could end up in a scenario where bake tests that compare arg maps
would fail if SOURCE_DATE_EPOCH was set in the environment.

This patch prevents this failure by setting the SOURCE_DATE_EPOCH at the
command level (which isn't injected into tests as well), ensuring that
we test correctly even when SOURCE_DATE_EPOCH is set in the environment.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell c2e11196dd controller: handle attestation options across api
We can perform all attestation processing, handling how the sbom and
provenance arguments interact on the client, while applying defaults on
the server.

Additionally, this allows us to start pulling fields out of CommonOpts.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 90d7fb5e77 controller: strongly type the controller api
Strongly typing the API allows us to perform all command line parsing
fully on the client-side, where we have access to the client local
directory and all the client environment variables, which may not be
available on the remote server.

Additionally, the controller api starts to look a lot like
build.Options, so at some point in the future there may be an
oppportunity to merge the two, which would allow both build and bake to
execute through the controller, instead of needing to maintain multiple
code paths.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
CrazyMax 7888fdee58
fix lint issue
should drop = nil from declaration of var n; it is the zero value

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
CrazyMax fb61fde581
fix cannot set environment variables in parallel tests
> FAIL: TestReadTargets/ArgsOverrides/leaf (0.00s)
> panic: testing: t.Setenv called after t.Parallel; cannot set environment variables in parallel tests

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
Justin Chadwell fbb4f4dec8 bake: avoid nesting error diagnostics
With changes to the lazy evaluation, the evaluation order is no longer
fixed - this means that we can follow long and confusing paths to get to
an error.

Because of the co-recursive nature of the lazy evaluation, we need to
take special care that the original HCL diagnostics are not discarded
and are preserved so that the original source of the error can be
detected. Preserving the full trace is not necessary, and probably not
useful to the user - all of the file that is not lazily loaded will be
eagerly loaded after all struct blocks are loaded - so the error would
be found regardless.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell dc8a2b0398 bake: avoid early-exit for resolution failures
With changes made to allow lazy evaluation, we were early exiting if an
undefined name was detected, either for a variable or a function.

This had two key implications:

1. The error messages changed, and became significantly less
   informative.

   For example, we went from:

   > Unknown variable; There is no variable named "FO". Did you mean "FOO"?, and 1 other diagnostic(s)

   To

   > Invalid expression; undefined variable "FO"

2. Any issues in our function detection from funcCalls which cause JSON
   functions to be erroneously detected cause invalid functions to be
   resolved, which causes new name resolution errors.

To avoid the above problems, we can defer the error from an undefined
name until HCL evaluation - which produces the more informative errors,
and does not suffer from incorrectly detecting JSON functions.

Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
CrazyMax 21ac4c34fb
update github.com/compose-spec/compose-go to v1.9.0
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
Justin Chadwell 4bdf98cf20 lint: ban fmt.Errorf in preference of errors.Errorf
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Justin Chadwell 48357ee0c6 bake: fix loop references
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago
Akihiro Suda 1f56f51740
bake: SOURCE_DATE_EPOCH: fix `panic: assignment to entry in nil map`
Fix issue 1562

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2 years ago
Akihiro Suda 0e6f5a155e
Propagate SOURCE_DATE_EPOCH from the client env
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2 years ago
CrazyMax fe76a1b179
bake: support null label value
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
CrazyMax df4957307f
bake: support null arg value
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2 years ago
Justin Chadwell e51b55e03c
bake: add tests for block interpolation
Signed-off-by: Justin Chadwell <me@jedevc.com>
2 years ago