Merge pull request #1415 from jedevc/cherry-pick-1383-to-0.9

[0.9] driver: don't create tracer delegate opt if tracer is nil
driver: don't create tracer delegate opt if tracer is nil
4 changed files with 39 additions and 8 deletions
--- a/driver/docker-container/driver.go
+++ b/driver/docker-container/driver.go
@ -357,11 +357,14 @@ func (d *Driver) Client(ctx context.Context) (*client.Client, error) {
 		return nil, err
 	}

-	td, _ := exp.(client.TracerDelegate)
-
-	return client.New(ctx, "", client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
+	var opts []client.ClientOpt
+	opts = append(opts, client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
 		return conn, nil
-	}), client.WithTracerDelegate(td))
+	}))
+	if td, ok := exp.(client.TracerDelegate); ok {
+		opts = append(opts, client.WithTracerDelegate(td))
+	}
+	return client.New(ctx, "", opts...)
 }

 func (d *Driver) Factory() driver.Factory {
--- a/driver/kubernetes/driver.go
+++ b/driver/kubernetes/driver.go
@ -215,11 +215,14 @@ func (d *Driver) Client(ctx context.Context) (*client.Client, error) {
 		return nil, err
 	}

-	td, _ := exp.(client.TracerDelegate)
-
-	return client.New(ctx, "", client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
+	var opts []client.ClientOpt
+	opts = append(opts, client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
 		return conn, nil
-	}), client.WithTracerDelegate(td))
+	}))
+	if td, ok := exp.(client.TracerDelegate); ok {
+		opts = append(opts, client.WithTracerDelegate(td))
+	}
+	return client.New(ctx, "", opts...)
 }

 func (d *Driver) Factory() driver.Factory {
--- a/driver/kubernetes/manifest/manifest.go
+++ b/driver/kubernetes/manifest/manifest.go
@ -213,6 +213,24 @@ func toRootless(d *appsv1.Deployment) error {
 		d.Spec.Template.ObjectMeta.Annotations = make(map[string]string, 1)
 	}
 	d.Spec.Template.ObjectMeta.Annotations["container.apparmor.security.beta.kubernetes.io/"+containerName] = "unconfined"
+
+	// Dockerfile has `VOLUME /home/user/.local/share/buildkit` by default too,
+	// but the default VOLUME does not work with rootless on Google's Container-Optimized OS
+	// as it is mounted with `nosuid,nodev`.
+	// https://github.com/moby/buildkit/issues/879#issuecomment-1240347038
+	// https://github.com/moby/buildkit/pull/3097
+	const emptyDirVolName = "buildkitd"
+	d.Spec.Template.Spec.Containers[0].VolumeMounts = append(d.Spec.Template.Spec.Containers[0].VolumeMounts, corev1.VolumeMount{
+		Name:      emptyDirVolName,
+		MountPath: "/home/user/.local/share/buildkit",
+	})
+	d.Spec.Template.Spec.Volumes = append(d.Spec.Template.Spec.Volumes, corev1.Volume{
+		Name: emptyDirVolName,
+		VolumeSource: corev1.VolumeSource{
+			EmptyDir: &corev1.EmptyDirVolumeSource{},
+		},
+	})
+
 	return nil
 }

--- a/util/imagetools/printers.go
+++ b/util/imagetools/printers.go
@ -8,6 +8,7 @@ import (
 	"os"
 	"sort"
 	"strings"
+	"sync"
 	"text/tabwriter"
 	"text/template"

@ -112,7 +113,9 @@ func (p *Printer) Print(raw bool, out io.Writer) error {
 	}

 	imageconfigs := make(map[string]*ocispecs.Image)
+	imageconfigsMutex := sync.Mutex{}
 	buildinfos := make(map[string]*binfotypes.BuildInfo)
+	buildinfosMutex := sync.Mutex{}

 	eg, _ := errgroup.WithContext(p.ctx)
 	for _, platform := range p.platforms {
@ -122,12 +125,16 @@ func (p *Printer) Print(raw bool, out io.Writer) error {
 				if err != nil {
 					return err
 				} else if img != nil {
+					imageconfigsMutex.Lock()
 					imageconfigs[platforms.Format(platform)] = img
+					imageconfigsMutex.Unlock()
 				}
 				if bi, err := imageutil.BuildInfo(dtic); err != nil {
 					return err
 				} else if bi != nil {
+					buildinfosMutex.Lock()
 					buildinfos[platforms.Format(platform)] = bi
+					buildinfosMutex.Unlock()
 				}
 				return nil
 			})
Author	SHA1	Message	Date
CrazyMax	2af40b75b7	Merge pull request #1415 from jedevc/cherry-pick-1383-to-0.9 [0.9] driver: don't create tracer delegate opt if tracer is nil	2 years ago
Justin Chadwell	83f3691c15	driver: don't create tracer delegate opt if tracer is nil The error handling for the cast to client.TracerDelegate was incorrect, and previously, a client would unconditionally append an opt. This results in the scenario that while the ClientOpt was not nil, the tracer delegate in the ClientOpt was, which isn't an error case explicitly handled by buildkit. Signed-off-by: Justin Chadwell <me@jedevc.com>	2 years ago
CrazyMax	4e93e87991	Merge pull request #1409 from jedevc/cherry-pick-1406-to-0.9 [0.9] Synchronise access to the map when printing	2 years ago
Felix de Souza	3f1516d3fe	Synchronise access to the map when printing. Signed-off-by: Felix de Souza <fdesouza@palantir.com>	2 years ago
Tõnis Tiigi	09d1e1ee99	Merge pull request #1348 from AkihiroSuda/gcos-rootless-0.9 [v0.9] kubernetes: rootless: support Google Container-Optimized OS	2 years ago
Akihiro Suda	2e9906ba20	kubernetes: rootless: support Google Container-Optimized OS Tested with GKE Autopilot 1.24.3-gke.200 (kernel 5.10.123+, containerd 1.6.6). ref: moby/buildkit PR 3097 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> (cherry picked from commit `33e5f47c6c`) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2 years ago