Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

integration: set mirrors and entitlements with dockerd worker #3482

Merged
merged 2 commits into from
Jan 10, 2023
Merged

integration: set mirrors and entitlements with dockerd worker #3482

merged 2 commits into from
Jan 10, 2023

Conversation

crazy-max
Copy link
Member

@crazy-max crazy-max commented Jan 9, 2023
edited
Loading

follow-up moby/moby#44772 (comment)

Verified on my fork: https://github.com/crazy-max/buildkit/actions/runs/3877830239/jobs/6613351059#step:8:1744

Also update dockerd workflow following changes on moby: moby/moby#44546

tonistiigi
tonistiigi reviewed Jan 9, 2023
View reviewed changes
util/testutil/integration/dockerd.go Outdated
return nil, nil, errors.Wrapf(err, "failed to load buildkit config file %s", cfg.ConfigFile)
}

var mirrors []string
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

could we set up the entitlements as well

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see we set:

buildkit/client/client_test.go

Lines 8582 to 8584 in 234dfca

func (*secModeInsecure) UpdateConfigFile(in string) string {
return in + "\n\ninsecure-entitlements = [\"security.insecure\"]\n"
}

buildkit/client/client_test.go

Lines 8591 to 8593 in 234dfca

func (*netModeHost) UpdateConfigFile(in string) string {
return in + "\n\ninsecure-entitlements = [\"network.host\"]\n"
}

I guess it's just for containerd snapshotter right?:

https://github.com/moby/moby/blob/214cd9d1e647373a27991f299a1bf05b758df05f/daemon/config/builder.go#L63-L67

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, it should work independently of snapshotter

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I guess it's just for containerd snapshotter right?:

Nevermind

tonistiigi
tonistiigi reviewed Jan 9, 2023
View reviewed changes
util/testutil/integration/dockerd.go Outdated
var mirrors []string
if reg, ok := bkcfg.Registries["docker.io"]; ok && len(reg.Mirrors) > 0 {
for _, m := range reg.Mirrors {
mirrors = append(mirrors, "http://"+m)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ideally the http comes from "localhost" name or "HTTP` property if it is set.

@crazy-max
integration: set mirrors and entitlements with dockerd worker
11d7e76 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
@crazy-max
ci: fix dockerd workflow with latest changes from moby
489c823 
related to moby/moby#44546

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
@crazy-max crazy-max changed the title integration: support registry mirror with dockerd worker integration: set mirrors and entitlements with dockerd worker Jan 9, 2023
@crazy-max crazy-max mentioned this pull request Jan 10, 2023
Merged
@crazy-max crazy-max merged commit 3428b6b into moby:master Jan 10, 2023
@crazy-max crazy-max deleted the integration-dockerd-mirror branch January 10, 2023 08:09
@crazy-max crazy-max mentioned this pull request Feb 4, 2023
Merged
@crazy-max crazy-max added this to the v0.11.3 milestone Feb 4, 2023
@thaJeztah thaJeztah mentioned this pull request Feb 4, 2023
Merged
@thaJeztah thaJeztah modified the milestones: v0.11.3, v0.12.0 Feb 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tonistiigi tonistiigi tonistiigi approved these changes

@neersighted neersighted neersighted approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v0.12.0
Development

Successfully merging this pull request may close these issues.
4 participants
@crazy-max @tonistiigi @neersighted @thaJeztah