vendor: update buildkit to v0.15.0-rc2

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2024-07-10 13:08:57 -07:00 · 2024-07-10 13:08:57 -07:00 · ac930bda69
parent 6791ecb628
commit ac930bda69
7 changed files with 139 additions and 76 deletions
--- a/go.mod
+++ b/go.mod
@ -29,7 +29,7 @@ require (
 	github.com/hashicorp/hcl/v2 v2.20.1
 	github.com/in-toto/in-toto-golang v0.5.0
 	github.com/mitchellh/hashstructure/v2 v2.0.2
-	github.com/moby/buildkit v0.15.0-rc1
+	github.com/moby/buildkit v0.15.0-rc2
 	github.com/moby/sys/mountinfo v0.7.1
 	github.com/moby/sys/signal v0.7.0
 	github.com/morikuni/aec v1.0.0
@ -43,7 +43,7 @@ require (
 	github.com/spf13/pflag v1.0.5
 	github.com/stretchr/testify v1.9.0
 	github.com/tonistiigi/fsutil v0.0.0-20240424095704-91a3fc46842c
-	github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2
+	github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4
 	github.com/zclconf/go-cty v1.14.4
 	go.opentelemetry.io/otel v1.21.0
 	go.opentelemetry.io/otel/metric v1.21.0
--- a/go.sum
+++ b/go.sum
@ -306,8 +306,8 @@ github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/z
 github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/moby/buildkit v0.15.0-rc1 h1:74cW+CaRhCX8b/0sTEwWM6zPxgHJb90imPZMf+E42TY=
-github.com/moby/buildkit v0.15.0-rc1/go.mod h1:ik25J3PkZrQc2dDquClV6jXMjjtoXDCLFySlfZDk5j0=
+github.com/moby/buildkit v0.15.0-rc2 h1:aHYfPGXcV4CiR4qZWZNVP/Khdgf7ftfSHZg4bhDkWjY=
+github.com/moby/buildkit v0.15.0-rc2/go.mod h1:oN9S+8I7wF26vrqn9NuAF6dFSyGTfXvtiu9o1NlnnH4=
 github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
 github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
 github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg=
@ -442,8 +442,8 @@ github.com/theupdateframework/notary v0.7.0 h1:QyagRZ7wlSpjT5N2qQAh/pN+DVqgekv4D
 github.com/theupdateframework/notary v0.7.0/go.mod h1:c9DRxcmhHmVLDay4/2fUYdISnHqbFDGRSlXPO0AhYWw=
 github.com/tonistiigi/fsutil v0.0.0-20240424095704-91a3fc46842c h1:+6wg/4ORAbnSoGDzg2Q1i3CeMcT/jjhye/ZfnBHy7/M=
 github.com/tonistiigi/fsutil v0.0.0-20240424095704-91a3fc46842c/go.mod h1:vbbYqJlnswsbJqWUcJN8fKtBhnEgldDrcagTgnBVKKM=
-github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2 h1:4dXTcm/McJMoXXFhqr+4rNL4WkLqMoHkdMhT4nU0Z28=
-github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2/go.mod h1:278M4p8WsNh3n4a1eqiFcV2FGk7wE5fwUpUom9mK9lE=
+github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 h1:7I5c2Ig/5FgqkYOh/N87NzoyI9U15qUPXhDD8uCupv8=
+github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4/go.mod h1:278M4p8WsNh3n4a1eqiFcV2FGk7wE5fwUpUom9mK9lE=
 github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea h1:SXhTLE6pb6eld/v/cCndK0AMpt1wiVFb/YYmqB3/QG0=
 github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea/go.mod h1:WPnis/6cRcDZSUvVmezrxJPkiO87ThFYsoUiMwWNDJk=
 github.com/tonistiigi/vt100 v0.0.0-20240514184818-90bafcd6abab h1:H6aJ0yKQ0gF49Qb2z5hI1UHxSQt4JMyxebFR15KnApw=
--- a/vendor/github.com/moby/buildkit/frontend/dockerfile/linter/ruleset.go
+++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/linter/ruleset.go
@ -148,4 +148,20 @@ var (
 			return fmt.Sprintf("Default value for ARG %v results in empty or invalid base image name", baseName)
 		},
 	}
+	RuleFromPlatformFlagConstDisallowed = LinterRule[func(string) string]{
+		Name:        "FromPlatformFlagConstDisallowed",
+		Description: "FROM --platform flag should not use a constant value",
+		URL:         "https://docs.docker.com/go/dockerfile/rule/from-platform-flag-const-disallowed/",
+		Format: func(platform string) string {
+			return fmt.Sprintf("FROM --platform flag should not use constant value %q", platform)
+		},
+	}
+	RuleCopyIgnoredFile = LinterRule[func(string, string) string]{
+		Name:        "CopyIgnoredFile",
+		Description: "Attempting to Copy file that is excluded by .dockerignore",
+		URL:         "https://docs.docker.com/go/dockerfile/rule/copy-ignored-file/",
+		Format: func(cmd, file string) string {
+			return fmt.Sprintf("Attempting to %s file %q that is excluded by .dockerignore", cmd, file)
+		},
+	}
 )
--- a/vendor/github.com/moby/buildkit/frontend/dockerui/config.go
+++ b/vendor/github.com/moby/buildkit/frontend/dockerui/config.go
@ -45,28 +45,30 @@ const (

 	// Don't forget to update frontend documentation if you add
 	// a new build-arg: frontend/dockerfile/docs/reference.md
-	keyCacheNSArg           = "build-arg:BUILDKIT_CACHE_MOUNT_NS"
-	keyMultiPlatformArg     = "build-arg:BUILDKIT_MULTI_PLATFORM"
-	keyHostnameArg          = "build-arg:BUILDKIT_SANDBOX_HOSTNAME"
-	keyDockerfileLintArg    = "build-arg:BUILDKIT_DOCKERFILE_CHECK"
-	keyContextKeepGitDirArg = "build-arg:BUILDKIT_CONTEXT_KEEP_GIT_DIR"
-	keySourceDateEpoch      = "build-arg:SOURCE_DATE_EPOCH"
+	keyCacheNSArg              = "build-arg:BUILDKIT_CACHE_MOUNT_NS"
+	keyMultiPlatformArg        = "build-arg:BUILDKIT_MULTI_PLATFORM"
+	keyHostnameArg             = "build-arg:BUILDKIT_SANDBOX_HOSTNAME"
+	keyDockerfileLintArg       = "build-arg:BUILDKIT_DOCKERFILE_CHECK"
+	keyContextKeepGitDirArg    = "build-arg:BUILDKIT_CONTEXT_KEEP_GIT_DIR"
+	keySourceDateEpoch         = "build-arg:SOURCE_DATE_EPOCH"
+	keyCopyIgnoredCheckEnabled = "build-arg:BUILDKIT_DOCKERFILE_CHECK_COPYIGNORED_EXPERIMENT"
 )

 type Config struct {
-	BuildArgs        map[string]string
-	CacheIDNamespace string
-	CgroupParent     string
-	Epoch            *time.Time
-	ExtraHosts       []llb.HostIP
-	Hostname         string
-	ImageResolveMode llb.ResolveMode
-	Labels           map[string]string
-	NetworkMode      pb.NetMode
-	ShmSize          int64
-	Target           string
-	Ulimits          []pb.Ulimit
-	LinterConfig     *linter.Config
+	BuildArgs               map[string]string
+	CacheIDNamespace        string
+	CgroupParent            string
+	Epoch                   *time.Time
+	ExtraHosts              []llb.HostIP
+	Hostname                string
+	ImageResolveMode        llb.ResolveMode
+	Labels                  map[string]string
+	NetworkMode             pb.NetMode
+	ShmSize                 int64
+	Target                  string
+	Ulimits                 []pb.Ulimit
+	LinterConfig            *linter.Config
+	CopyIgnoredCheckEnabled bool

 	CacheImports           []client.CacheOptionsEntry
 	TargetPlatforms        []ocispecs.Platform // nil means default
@ -286,6 +288,16 @@ func (bc *Client) init() error {
 			return errors.Wrapf(err, "failed to parse %s", keyDockerfileLintArg)
 		}
 	}
+
+	// CopyIgnoredCheckEnabled is an experimental feature to check if COPY is ignored by .dockerignore,
+	// and it is disabled by default. It is expected that this feature will be enabled by default in a future
+	// release, and this build-arg will be removed.
+	if v, ok := opts[keyCopyIgnoredCheckEnabled]; ok {
+		bc.CopyIgnoredCheckEnabled, err = strconv.ParseBool(v)
+		if err != nil {
+			return errors.Wrapf(err, "failed to parse %s", keyCopyIgnoredCheckEnabled)
+		}
+	}
 	return nil
 }

@ -410,44 +422,9 @@ func (bc *Client) MainContext(ctx context.Context, opts ...llb.LocalOption) (*ll
 		return bctx.context, nil
 	}

-	if bc.dockerignore == nil {
-		st := llb.Local(bctx.contextLocalName,
-			llb.SessionID(bc.bopts.SessionID),
-			llb.FollowPaths([]string{DefaultDockerignoreName}),
-			llb.SharedKeyHint(bctx.contextLocalName+"-"+DefaultDockerignoreName),
-			WithInternalName("load "+DefaultDockerignoreName),
-			llb.Differ(llb.DiffNone, false),
-		)
-		def, err := st.Marshal(ctx, bc.marshalOpts()...)
-		if err != nil {
-			return nil, err
-		}
-		res, err := bc.client.Solve(ctx, client.SolveRequest{
-			Definition: def.ToPB(),
-		})
-		if err != nil {
-			return nil, err
-		}
-		ref, err := res.SingleRef()
-		if err != nil {
-			return nil, err
-		}
-		dt, _ := ref.ReadFile(ctx, client.ReadRequest{ // ignore error
-			Filename: DefaultDockerignoreName,
-		})
-		if dt == nil {
-			dt = []byte{}
-		}
-		bc.dockerignore = dt
-		bc.dockerignoreName = DefaultDockerignoreName
-	}
-
-	var excludes []string
-	if len(bc.dockerignore) != 0 {
-		excludes, err = ignorefile.ReadAll(bytes.NewBuffer(bc.dockerignore))
-		if err != nil {
-			return nil, errors.Wrapf(err, "failed parsing %s", bc.dockerignoreName)
-		}
+	excludes, err := bc.dockerIgnorePatterns(ctx, bctx)
+	if err != nil {
+		return nil, errors.Wrapf(err, "failed to read dockerignore patterns")
 	}

 	opts = append([]llb.LocalOption{
@ -493,6 +470,21 @@ func (bc *Client) IsNoCache(name string) bool {
 	return false
 }

+func (bc *Client) DockerIgnorePatterns(ctx context.Context) ([]string, error) {
+	if bc == nil {
+		return nil, nil
+	}
+	bctx, err := bc.buildContext(ctx)
+	if err != nil {
+		return nil, err
+	}
+	if bctx.context != nil {
+		return nil, nil
+	}
+
+	return bc.dockerIgnorePatterns(ctx, bctx)
+}
+
 func DefaultMainContext(opts ...llb.LocalOption) *llb.State {
 	opts = append([]llb.LocalOption{
 		llb.SharedKeyHint(DefaultLocalNameContext),
@ -505,3 +497,46 @@ func DefaultMainContext(opts ...llb.LocalOption) *llb.State {
 func WithInternalName(name string) llb.ConstraintsOpt {
 	return llb.WithCustomName("[internal] " + name)
 }
+
+func (bc *Client) dockerIgnorePatterns(ctx context.Context, bctx *buildContext) ([]string, error) {
+	if bc.dockerignore == nil {
+		st := llb.Local(bctx.contextLocalName,
+			llb.SessionID(bc.bopts.SessionID),
+			llb.FollowPaths([]string{DefaultDockerignoreName}),
+			llb.SharedKeyHint(bctx.contextLocalName+"-"+DefaultDockerignoreName),
+			WithInternalName("load "+DefaultDockerignoreName),
+			llb.Differ(llb.DiffNone, false),
+		)
+		def, err := st.Marshal(ctx, bc.marshalOpts()...)
+		if err != nil {
+			return nil, err
+		}
+		res, err := bc.client.Solve(ctx, client.SolveRequest{
+			Definition: def.ToPB(),
+		})
+		if err != nil {
+			return nil, err
+		}
+		ref, err := res.SingleRef()
+		if err != nil {
+			return nil, err
+		}
+		dt, _ := ref.ReadFile(ctx, client.ReadRequest{ // ignore error
+			Filename: DefaultDockerignoreName,
+		})
+		if dt == nil {
+			dt = []byte{}
+		}
+		bc.dockerignore = dt
+		bc.dockerignoreName = DefaultDockerignoreName
+	}
+	var err error
+	var excludes []string
+	if len(bc.dockerignore) != 0 {
+		excludes, err = ignorefile.ReadAll(bytes.NewBuffer(bc.dockerignore))
+		if err != nil {
+			return nil, errors.Wrapf(err, "failed parsing %s", bc.dockerignoreName)
+		}
+	}
+	return excludes, nil
+}
--- a/vendor/github.com/moby/buildkit/util/testutil/integration/run.go
+++ b/vendor/github.com/moby/buildkit/util/testutil/integration/run.go
@ -13,6 +13,7 @@ import (
 	"runtime"
 	"sort"
 	"strings"
+	"sync"
 	"testing"
 	"time"

@ -161,10 +162,7 @@ func Run(t *testing.T, testCases []Test, opt ...TestOpt) {
 		o(&tc)
 	}

-	mirror, cleanup, err := runMirror(t, tc.mirroredImages)
-	require.NoError(t, err)
-
-	t.Cleanup(func() { _ = cleanup() })
+	getMirror := lazyMirrorRunnerFunc(t, tc.mirroredImages)

 	matrix := prepareValueMatrix(tc)

@ -200,7 +198,7 @@ func Run(t *testing.T, testCases []Test, opt ...TestOpt) {
 						ctx, cancel := context.WithCancelCause(ctx)
 						defer cancel(errors.WithStack(context.Canceled))

-						sb, closer, err := newSandbox(ctx, br, mirror, mv)
+						sb, closer, err := newSandbox(ctx, br, getMirror(), mv)
 						require.NoError(t, err)
 						t.Cleanup(func() { _ = closer() })
 						defer func() {
@ -238,6 +236,11 @@ func copyImagesLocal(t *testing.T, host string, images map[string]string) error
 		}
 		localImageCache[host][to] = struct{}{}

+		// already exists check
+		if _, _, err := docker.NewResolver(docker.ResolverOptions{}).Resolve(context.TODO(), host+"/"+to); err == nil {
+			continue
+		}
+
 		var desc ocispecs.Descriptor
 		var provider content.Provider
 		var err error
@ -257,12 +260,6 @@ func copyImagesLocal(t *testing.T, host string, images map[string]string) error
 			}
 		}

-		// already exists check
-		_, _, err = docker.NewResolver(docker.ResolverOptions{}).Resolve(context.TODO(), host+"/"+to)
-		if err == nil {
-			continue
-		}
-
 		ingester, err := contentutil.IngesterFromRef(host + "/" + to)
 		if err != nil {
 			return err
@ -329,6 +326,20 @@ func WriteConfig(updaters []ConfigUpdater) (string, error) {
 	return filepath.Join(tmpdir, buildkitdConfigFile), nil
 }

+func lazyMirrorRunnerFunc(t *testing.T, images map[string]string) func() string {
+	var once sync.Once
+	var mirror string
+	return func() string {
+		once.Do(func() {
+			host, cleanup, err := runMirror(t, images)
+			require.NoError(t, err)
+			t.Cleanup(func() { _ = cleanup() })
+			mirror = host
+		})
+		return mirror
+	}
+}
+
 func runMirror(t *testing.T, mirroredImages map[string]string) (host string, _ func() error, err error) {
 	mirrorDir := os.Getenv("BUILDKIT_REGISTRY_MIRROR_DIR")

--- a/vendor/github.com/tonistiigi/go-csvvalue/csvvalue.go
+++ b/vendor/github.com/tonistiigi/go-csvvalue/csvvalue.go
@ -126,6 +126,7 @@ parseField:
 					appendToLast(dst, "\"")
 					line = line[quoteLen:]
 					pos += quoteLen
+					halfOpen = true
 				case rn == r.Comma:
 					// `",` sequence (end of field).
 					line = line[commaLen:]
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -518,7 +518,7 @@ github.com/mitchellh/go-wordwrap
 github.com/mitchellh/hashstructure/v2
 # github.com/mitchellh/mapstructure v1.5.0
 ## explicit; go 1.14
-# github.com/moby/buildkit v0.15.0-rc1
+# github.com/moby/buildkit v0.15.0-rc2
 ## explicit; go 1.21.0
 github.com/moby/buildkit/api/services/control
 github.com/moby/buildkit/api/types
@ -728,7 +728,7 @@ github.com/theupdateframework/notary/tuf/validation
 ## explicit; go 1.20
 github.com/tonistiigi/fsutil
 github.com/tonistiigi/fsutil/types
-# github.com/tonistiigi/go-csvvalue v0.0.0-20240619222358-bb8dd5cba3c2
+# github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4
 ## explicit; go 1.16
 github.com/tonistiigi/go-csvvalue
 # github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea