Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[18.09 backport] builder / buildkit updates #1438

Merged
merged 4 commits into from Oct 11, 2018

Conversation

Projects
None yet
6 participants
@thaJeztah
Copy link
Member

thaJeztah commented Oct 11, 2018

backport of #1419, #1427, and some commits from #1393 for 18.09

git checkout -b 18.09_backport_hide-buildkit-flags-if-not-enabled upstream/18.09
git cherry-pick -s -S -x 8cfd24049f108cbe9c722acefe4c53988de5d66d
git cherry-pick -s -S -x 846c38cbd710c64fcbfd1876cfd90368bb46acde
git cherry-pick -s -S -x db7399a016bed833205a17129ed80fad4d15e48d
git cherry-pick -s -S -x bbd01fe3df1fd83aed57a8ba46c8f6e9e3976269

Took the buildkit-bump commit from #1393, but left out the other bumps

@thaJeztah

This comment has been minimized.

Copy link
Member Author

thaJeztah commented Oct 11, 2018

ping @tiborvass @tonistiigi PTAL (assuming this was intended to the 18.09 branch as well)

Also; #1419 won't be in 18.09, correct? (Otherwise it's better to cherry-pick that one before this one)

discussed with @tiborvass and we also need the buildkit updates from that PR, so included #1419

@codecov-io

This comment has been minimized.

Copy link

codecov-io commented Oct 11, 2018

Codecov Report

Merging #1438 into 18.09 will decrease coverage by 0.07%.
The diff coverage is 16.98%.

@@            Coverage Diff             @@
##            18.09    #1438      +/-   ##
==========================================
- Coverage   54.13%   54.05%   -0.08%     
==========================================
  Files         290      290              
  Lines       19344    19385      +41     
==========================================
+ Hits        10472    10479       +7     
- Misses       8203     8237      +34     
  Partials      669      669

@thaJeztah thaJeztah changed the title [18.09 backport] build: only show buildkit-specific flags if buildkit is enabled [18.09 backport] builder / buildkit updates Oct 11, 2018

@thaJeztah thaJeztah force-pushed the thaJeztah:18.09_backport_hide-buildkit-flags-if-not-enabled branch from 7e3829c to 840ce44 Oct 11, 2018

@thaJeztah thaJeztah requested a review from vdemeester as a code owner Oct 11, 2018

@tiborvass
Copy link
Contributor

tiborvass left a comment

LGTM

@thaJeztah

This comment was marked as resolved.

Copy link
Member Author

thaJeztah commented Oct 11, 2018

Dang; looks like I added some leftover vendor files;

scripts/validate/check-git-diff vendor

These files were changed:

 M vendor/golang.org/x/crypto/internal/chacha20/chacha_generic.go
 D vendor/golang.org/x/crypto/internal/chacha20/chacha_s390x.s
 M vendor/golang.org/x/crypto/ssh/keys.go
?? vendor/golang.org/x/crypto/internal/chacha20/asm_s390x.s

make[1]: Leaving directory '/go/src/github.com/docker/cli'
make[1]: *** [Makefile:52: vendor] Error 1

@thaJeztah thaJeztah force-pushed the thaJeztah:18.09_backport_hide-buildkit-flags-if-not-enabled branch from 840ce44 to 745134d Oct 11, 2018

@thaJeztah

This comment has been minimized.

Copy link
Member Author

thaJeztah commented Oct 11, 2018

Fixed the vendoring issues; looks like we didn't include some vendoring bumps in the 18.09 branch; adding those both made the cherry-pick clean, and brought the expected versions

thaJeztah and others added some commits Sep 26, 2018

Bump buildkit and dependencies to 39404586a50d1b9d0fb1c578cf0f4de7bdb…
…7afe5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 8cfd240)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
bump up buildkit
Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
(cherry picked from commit 846c38c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
build: add SSH agent socket forwarder (`docker build --ssh $SSHMOUNTI…
…D=$SSH_AUTH_SOCK`)

Unlike `docker build --secret`, `docker build --ssh` allows the build container to
use SSH keys with passphrases.

  $ eval $(ssh-agent)
  $ ssh-add ~/.ssh/id_rsa
  (Input your passphrase here)
  $ docker build --ssh default=$SSH_AUTH_SOCK ...

This feature requires the daemon with `CapExecMountSSH` build capability (moby/moby#37973) .

Currently, the official Dockerfile frontend does not provide the syntax for using the SSH forwarder.

However, the experimental `RUN --mount=type=ssh` syntax can be enabled by using
the Dockerfile frontend image built with the `BUILDTAGS="dfrunmount dfssh"`, via the `# syntax =` "shebang".

The Dockerfile for the Dockerfile frontend is available at  github.com/moby/buildkit/frontend/dockerfile/cmd/dockerfile-frontend)
The pre-built image is also available as `tonistiigi/dockerfile:ssh20181002` .

An example Dockerfile with `RUN --mount=type=ssh`:

  # syntax = tonistiigi/dockerfile:ssh20181002
  FROM alpine
  RUN apk add --no-cache openssh-client
  RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
  RUN --mount=type=ssh ssh git@gitlab.com | tee /hello
  # "Welcome to GitLab, @GITLAB_USERNAME_ASSOCIATED_WITH_SSHKEY" should be printed here

More info available at moby/buildkit#608, moby/buildkit#655

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
(cherry picked from commit db7399a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
build: only show buildkit-specific flags if buildkit is enabled
Signed-off-by: Tibor Vass <tibor@docker.com>
(cherry picked from commit bbd01fe)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

@thaJeztah thaJeztah force-pushed the thaJeztah:18.09_backport_hide-buildkit-flags-if-not-enabled branch from 745134d to 3dfacb5 Oct 11, 2018

@tiborvass tiborvass merged commit 39f1110 into docker:18.09 Oct 11, 2018

8 of 9 checks passed

codecov/patch 16.98% of diff hit (target 50%)
Details
ci/circleci: cross Your tests passed on CircleCI!
Details
ci/circleci: lint Your tests passed on CircleCI!
Details
ci/circleci: shellcheck Your tests passed on CircleCI!
Details
ci/circleci: test Your tests passed on CircleCI!
Details
ci/circleci: validate Your tests passed on CircleCI!
Details
codecov/project 54.05% (-0.08%) compared to 4280972
Details
continuous-integration/jenkins/pr-head This commit looks good
Details
dco-signed All commits are signed

@thaJeztah thaJeztah deleted the thaJeztah:18.09_backport_hide-buildkit-flags-if-not-enabled branch Oct 11, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.