Vendor in latest containers/buildah

Switch from projectatomic/buildah to containers/buildah

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>

3 files changed, 0 insertions, 1595 deletions

diff --git a/vendor/github.com/projectatomic/buildah/imagebuildah/build.go b/vendor/github.com/projectatomic/buildah/imagebuildah/build.go
deleted file mode 100644
index 08d0f6268..000000000
--- a/vendor/github.com/projectatomic/buildah/imagebuildah/build.go
+++ /dev/null
@@ -1,1337 +0,0 @@
-package imagebuildah
-
-import (
-	"bytes"
-	"context"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"os"
-	"os/exec"
-	"path/filepath"
-	"strconv"
-	"strings"
-	"time"
-
-	cp "github.com/containers/image/copy"
-	is "github.com/containers/image/storage"
-	"github.com/containers/image/transports"
-	"github.com/containers/image/transports/alltransports"
-	"github.com/containers/image/types"
-	"github.com/containers/storage"
-	"github.com/containers/storage/pkg/archive"
-	"github.com/containers/storage/pkg/stringid"
-	"github.com/docker/docker/builder/dockerfile/parser"
-	docker "github.com/fsouza/go-dockerclient"
-	"github.com/opencontainers/image-spec/specs-go/v1"
-	"github.com/opencontainers/runtime-spec/specs-go"
-	"github.com/openshift/imagebuilder"
-	"github.com/pkg/errors"
-	"github.com/projectatomic/buildah"
-	"github.com/projectatomic/buildah/util"
-	"github.com/sirupsen/logrus"
-)
-
-const (
-	PullIfMissing = buildah.PullIfMissing
-	PullAlways    = buildah.PullAlways
-	PullNever     = buildah.PullNever
-
-	Gzip         = archive.Gzip
-	Bzip2        = archive.Bzip2
-	Xz           = archive.Xz
-	Uncompressed = archive.Uncompressed
-)
-
-// Mount is a mountpoint for the build container.
-type Mount specs.Mount
-
-// BuildOptions can be used to alter how an image is built.
-type BuildOptions struct {
-	// ContextDirectory is the default source location for COPY and ADD
-	// commands.
-	ContextDirectory string
-	// PullPolicy controls whether or not we pull images.  It should be one
-	// of PullIfMissing, PullAlways, or PullNever.
-	PullPolicy buildah.PullPolicy
-	// Registry is a value which is prepended to the image's name, if it
-	// needs to be pulled and the image name alone can not be resolved to a
-	// reference to a source image.  No separator is implicitly added.
-	Registry string
-	// Transport is a value which is prepended to the image's name, if it
-	// needs to be pulled and the image name alone, or the image name and
-	// the registry together, can not be resolved to a reference to a
-	// source image.  No separator is implicitly added.
-	Transport string
-	// IgnoreUnrecognizedInstructions tells us to just log instructions we
-	// don't recognize, and try to keep going.
-	IgnoreUnrecognizedInstructions bool
-	// Quiet tells us whether or not to announce steps as we go through them.
-	Quiet bool
-	// Isolation controls how Run() runs things.
-	Isolation buildah.Isolation
-	// Runtime is the name of the command to run for RUN instructions when
-	// Isolation is either IsolationDefault or IsolationOCI.  It should
-	// accept the same arguments and flags that runc does.
-	Runtime string
-	// RuntimeArgs adds global arguments for the runtime.
-	RuntimeArgs []string
-	// TransientMounts is a list of mounts that won't be kept in the image.
-	TransientMounts []Mount
-	// Compression specifies the type of compression which is applied to
-	// layer blobs.  The default is to not use compression, but
-	// archive.Gzip is recommended.
-	Compression archive.Compression
-	// Arguments which can be interpolated into Dockerfiles
-	Args map[string]string
-	// Name of the image to write to.
-	Output string
-	// Additional tags to add to the image that we write, if we know of a
-	// way to add them.
-	AdditionalTags []string
-	// Log is a callback that will print a progress message.  If no value
-	// is supplied, the message will be sent to Err (or os.Stderr, if Err
-	// is nil) by default.
-	Log func(format string, args ...interface{})
-	// In is connected to stdin for RUN instructions.
-	In io.Reader
-	// Out is a place where non-error log messages are sent.
-	Out io.Writer
-	// Err is a place where error log messages should be sent.
-	Err io.Writer
-	// SignaturePolicyPath specifies an override location for the signature
-	// policy which should be used for verifying the new image as it is
-	// being written.  Except in specific circumstances, no value should be
-	// specified, indicating that the shared, system-wide default policy
-	// should be used.
-	SignaturePolicyPath string
-	// ReportWriter is an io.Writer which will be used to report the
-	// progress of the (possible) pulling of the source image and the
-	// writing of the new image.
-	ReportWriter io.Writer
-	// OutputFormat is the format of the output image's manifest and
-	// configuration data.
-	// Accepted values are buildah.OCIv1ImageManifest and buildah.Dockerv2ImageManifest.
-	OutputFormat string
-	// SystemContext holds parameters used for authentication.
-	SystemContext *types.SystemContext
-	// NamespaceOptions controls how we set up namespaces processes that we
-	// might need when handling RUN instructions.
-	NamespaceOptions []buildah.NamespaceOption
-	// ConfigureNetwork controls whether or not network interfaces and
-	// routing are configured for a new network namespace (i.e., when not
-	// joining another's namespace and not just using the host's
-	// namespace), effectively deciding whether or not the process has a
-	// usable network.
-	ConfigureNetwork buildah.NetworkConfigurationPolicy
-	// CNIPluginPath is the location of CNI plugin helpers, if they should be
-	// run from a location other than the default location.
-	CNIPluginPath string
-	// CNIConfigDir is the location of CNI configuration files, if the files in
-	// the default configuration directory shouldn't be used.
-	CNIConfigDir string
-	// ID mapping options to use if we're setting up our own user namespace
-	// when handling RUN instructions.
-	IDMappingOptions *buildah.IDMappingOptions
-	// AddCapabilities is a list of capabilities to add to the default set when
-	// handling RUN instructions.
-	AddCapabilities []string
-	// DropCapabilities is a list of capabilities to remove from the default set
-	// when handling RUN instructions. If a capability appears in both lists, it
-	// will be dropped.
-	DropCapabilities []string
-	CommonBuildOpts  *buildah.CommonBuildOptions
-	// DefaultMountsFilePath is the file path holding the mounts to be mounted in "host-path:container-path" format
-	DefaultMountsFilePath string
-	// IIDFile tells the builder to write the image ID to the specified file
-	IIDFile string
-	// Squash tells the builder to produce an image with a single layer
-	// instead of with possibly more than one layer.
-	Squash bool
-	// Labels metadata for an image
-	Labels []string
-	// Annotation metadata for an image
-	Annotations []string
-	// OnBuild commands to be run by images based on this image
-	OnBuild []string
-	// Layers tells the builder to create a cache of images for each step in the Dockerfile
-	Layers bool
-	// NoCache tells the builder to build the image from scratch without checking for a cache.
-	// It creates a new set of cached images for the build.
-	NoCache bool
-	// RemoveIntermediateCtrs tells the builder whether to remove intermediate containers used
-	// during the build process. Default is true.
-	RemoveIntermediateCtrs bool
-	// ForceRmIntermediateCtrs tells the builder to remove all intermediate containers even if
-	// the build was unsuccessful.
-	ForceRmIntermediateCtrs bool
-}
-
-// Executor is a buildah-based implementation of the imagebuilder.Executor
-// interface.
-type Executor struct {
-	index                          int
-	name                           string
-	named                          map[string]*Executor
-	store                          storage.Store
-	contextDir                     string
-	builder                        *buildah.Builder
-	pullPolicy                     buildah.PullPolicy
-	registry                       string
-	transport                      string
-	ignoreUnrecognizedInstructions bool
-	quiet                          bool
-	runtime                        string
-	runtimeArgs                    []string
-	transientMounts                []Mount
-	compression                    archive.Compression
-	output                         string
-	outputFormat                   string
-	additionalTags                 []string
-	log                            func(format string, args ...interface{})
-	in                             io.Reader
-	out                            io.Writer
-	err                            io.Writer
-	signaturePolicyPath            string
-	systemContext                  *types.SystemContext
-	mountPoint                     string
-	preserved                      int
-	volumes                        imagebuilder.VolumeSet
-	volumeCache                    map[string]string
-	volumeCacheInfo                map[string]os.FileInfo
-	reportWriter                   io.Writer
-	isolation                      buildah.Isolation
-	namespaceOptions               []buildah.NamespaceOption
-	configureNetwork               buildah.NetworkConfigurationPolicy
-	cniPluginPath                  string
-	cniConfigDir                   string
-	idmappingOptions               *buildah.IDMappingOptions
-	commonBuildOptions             *buildah.CommonBuildOptions
-	defaultMountsFilePath          string
-	iidfile                        string
-	squash                         bool
-	labels                         []string
-	annotations                    []string
-	onbuild                        []string
-	layers                         bool
-	topLayers                      []string
-	noCache                        bool
-	removeIntermediateCtrs         bool
-	forceRmIntermediateCtrs        bool
-	containerIDs                   []string // Stores the IDs of the successful intermediate containers used during layer build
-}
-
-// withName creates a new child executor that will be used whenever a COPY statement uses --from=NAME.
-func (b *Executor) withName(name string, index int) *Executor {
-	if b.named == nil {
-		b.named = make(map[string]*Executor)
-	}
-	copied := *b
-	copied.index = index
-	copied.name = name
-	child := &copied
-	b.named[name] = child
-	if idx := strconv.Itoa(index); idx != name {
-		b.named[idx] = child
-	}
-	return child
-}
-
-// Preserve informs the executor that from this point on, it needs to ensure
-// that only COPY and ADD instructions can modify the contents of this
-// directory or anything below it.
-// The Executor handles this by caching the contents of directories which have
-// been marked this way before executing a RUN instruction, invalidating that
-// cache when an ADD or COPY instruction sets any location under the directory
-// as the destination, and using the cache to reset the contents of the
-// directory tree after processing each RUN instruction.
-// It would be simpler if we could just mark the directory as a read-only bind
-// mount of itself during Run(), but the directory is expected to be remain
-// writeable, even if any changes within it are ultimately discarded.
-func (b *Executor) Preserve(path string) error {
-	logrus.Debugf("PRESERVE %q", path)
-	if b.volumes.Covers(path) {
-		// This path is already a subdirectory of a volume path that
-		// we're already preserving, so there's nothing new to be done
-		// except ensure that it exists.
-		archivedPath := filepath.Join(b.mountPoint, path)
-		if err := os.MkdirAll(archivedPath, 0755); err != nil {
-			return errors.Wrapf(err, "error ensuring volume path %q exists", archivedPath)
-		}
-		if err := b.volumeCacheInvalidate(path); err != nil {
-			return errors.Wrapf(err, "error ensuring volume path %q is preserved", archivedPath)
-		}
-		return nil
-	}
-	// Figure out where the cache for this volume would be stored.
-	b.preserved++
-	cacheDir, err := b.store.ContainerDirectory(b.builder.ContainerID)
-	if err != nil {
-		return errors.Errorf("unable to locate temporary directory for container")
-	}
-	cacheFile := filepath.Join(cacheDir, fmt.Sprintf("volume%d.tar", b.preserved))
-	// Save info about the top level of the location that we'll be archiving.
-	archivedPath := filepath.Join(b.mountPoint, path)
-
-	// Try and resolve the symlink (if one exists)
-	// Set archivedPath and path based on whether a symlink is found or not
-	if symLink, err := resolveSymLink(b.mountPoint, path); err == nil {
-		archivedPath = filepath.Join(b.mountPoint, symLink)
-		path = symLink
-	} else {
-		return errors.Wrapf(err, "error reading symbolic link to %q", path)
-	}
-
-	st, err := os.Stat(archivedPath)
-	if os.IsNotExist(err) {
-		if err = os.MkdirAll(archivedPath, 0755); err != nil {
-			return errors.Wrapf(err, "error ensuring volume path %q exists", archivedPath)
-		}
-		st, err = os.Stat(archivedPath)
-	}
-	if err != nil {
-		logrus.Debugf("error reading info about %q: %v", archivedPath, err)
-		return errors.Wrapf(err, "error reading info about volume path %q", archivedPath)
-	}
-	b.volumeCacheInfo[path] = st
-	if !b.volumes.Add(path) {
-		// This path is not a subdirectory of a volume path that we're
-		// already preserving, so adding it to the list should work.
-		return errors.Errorf("error adding %q to the volume cache", path)
-	}
-	b.volumeCache[path] = cacheFile
-	// Now prune cache files for volumes that are now supplanted by this one.
-	removed := []string{}
-	for cachedPath := range b.volumeCache {
-		// Walk our list of cached volumes, and check that they're
-		// still in the list of locations that we need to cache.
-		found := false
-		for _, volume := range b.volumes {
-			if volume == cachedPath {
-				// We need to keep this volume's cache.
-				found = true
-				break
-			}
-		}
-		if !found {
-			// We don't need to keep this volume's cache.  Make a
-			// note to remove it.
-			removed = append(removed, cachedPath)
-		}
-	}
-	// Actually remove the caches that we decided to remove.
-	for _, cachedPath := range removed {
-		archivedPath := filepath.Join(b.mountPoint, cachedPath)
-		logrus.Debugf("no longer need cache of %q in %q", archivedPath, b.volumeCache[cachedPath])
-		if err := os.Remove(b.volumeCache[cachedPath]); err != nil {
-			return errors.Wrapf(err, "error removing %q", b.volumeCache[cachedPath])
-		}
-		delete(b.volumeCache, cachedPath)
-	}
-	return nil
-}
-
-// Remove any volume cache item which will need to be re-saved because we're
-// writing to part of it.
-func (b *Executor) volumeCacheInvalidate(path string) error {
-	invalidated := []string{}
-	for cachedPath := range b.volumeCache {
-		if strings.HasPrefix(path, cachedPath+string(os.PathSeparator)) {
-			invalidated = append(invalidated, cachedPath)
-		}
-	}
-	for _, cachedPath := range invalidated {
-		if err := os.Remove(b.volumeCache[cachedPath]); err != nil {
-			return errors.Wrapf(err, "error removing volume cache %q", b.volumeCache[cachedPath])
-		}
-		archivedPath := filepath.Join(b.mountPoint, cachedPath)
-		logrus.Debugf("invalidated volume cache for %q from %q", archivedPath, b.volumeCache[cachedPath])
-		delete(b.volumeCache, cachedPath)
-	}
-	return nil
-}
-
-// Save the contents of each of the executor's list of volumes for which we
-// don't already have a cache file.
-func (b *Executor) volumeCacheSave() error {
-	for cachedPath, cacheFile := range b.volumeCache {
-		archivedPath := filepath.Join(b.mountPoint, cachedPath)
-		_, err := os.Stat(cacheFile)
-		if err == nil {
-			logrus.Debugf("contents of volume %q are already cached in %q", archivedPath, cacheFile)
-			continue
-		}
-		if !os.IsNotExist(err) {
-			return errors.Wrapf(err, "error checking for cache of %q in %q", archivedPath, cacheFile)
-		}
-		if err := os.MkdirAll(archivedPath, 0755); err != nil {
-			return errors.Wrapf(err, "error ensuring volume path %q exists", archivedPath)
-		}
-		logrus.Debugf("caching contents of volume %q in %q", archivedPath, cacheFile)
-		cache, err := os.Create(cacheFile)
-		if err != nil {
-			return errors.Wrapf(err, "error creating archive at %q", cacheFile)
-		}
-		defer cache.Close()
-		rc, err := archive.Tar(archivedPath, archive.Uncompressed)
-		if err != nil {
-			return errors.Wrapf(err, "error archiving %q", archivedPath)
-		}
-		defer rc.Close()
-		_, err = io.Copy(cache, rc)
-		if err != nil {
-			return errors.Wrapf(err, "error archiving %q to %q", archivedPath, cacheFile)
-		}
-	}
-	return nil
-}
-
-// Restore the contents of each of the executor's list of volumes.
-func (b *Executor) volumeCacheRestore() error {
-	for cachedPath, cacheFile := range b.volumeCache {
-		archivedPath := filepath.Join(b.mountPoint, cachedPath)
-		logrus.Debugf("restoring contents of volume %q from %q", archivedPath, cacheFile)
-		cache, err := os.Open(cacheFile)
-		if err != nil {
-			return errors.Wrapf(err, "error opening archive at %q", cacheFile)
-		}
-		defer cache.Close()
-		if err := os.RemoveAll(archivedPath); err != nil {
-			return errors.Wrapf(err, "error clearing volume path %q", archivedPath)
-		}
-		if err := os.MkdirAll(archivedPath, 0755); err != nil {
-			return errors.Wrapf(err, "error recreating volume path %q", archivedPath)
-		}
-		err = archive.Untar(cache, archivedPath, nil)
-		if err != nil {
-			return errors.Wrapf(err, "error extracting archive at %q", archivedPath)
-		}
-		if st, ok := b.volumeCacheInfo[cachedPath]; ok {
-			if err := os.Chmod(archivedPath, st.Mode()); err != nil {
-				return errors.Wrapf(err, "error restoring permissions on %q", archivedPath)
-			}
-			if err := os.Chown(archivedPath, 0, 0); err != nil {
-				return errors.Wrapf(err, "error setting ownership on %q", archivedPath)
-			}
-			if err := os.Chtimes(archivedPath, st.ModTime(), st.ModTime()); err != nil {
-				return errors.Wrapf(err, "error restoring datestamps on %q", archivedPath)
-			}
-		}
-	}
-	return nil
-}
-
-// Copy copies data into the working tree.  The "Download" field is how
-// imagebuilder tells us the instruction was "ADD" and not "COPY".
-func (b *Executor) Copy(excludes []string, copies ...imagebuilder.Copy) error {
-	for _, copy := range copies {
-		logrus.Debugf("COPY %#v, %#v", excludes, copy)
-		if err := b.volumeCacheInvalidate(copy.Dest); err != nil {
-			return err
-		}
-		sources := []string{}
-		for _, src := range copy.Src {
-			if strings.HasPrefix(src, "http://") || strings.HasPrefix(src, "https://") {
-				sources = append(sources, src)
-			} else if len(copy.From) > 0 {
-				if other, ok := b.named[copy.From]; ok && other.index < b.index {
-					sources = append(sources, filepath.Join(other.mountPoint, src))
-				} else {
-					return errors.Errorf("the stage %q has not been built", copy.From)
-				}
-			} else {
-				sources = append(sources, filepath.Join(b.contextDir, src))
-			}
-		}
-
-		options := buildah.AddAndCopyOptions{
-			Chown: copy.Chown,
-		}
-
-		if err := b.builder.Add(copy.Dest, copy.Download, options, sources...); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-func convertMounts(mounts []Mount) []specs.Mount {
-	specmounts := []specs.Mount{}
-	for _, m := range mounts {
-		s := specs.Mount{
-			Destination: m.Destination,
-			Type:        m.Type,
-			Source:      m.Source,
-			Options:     m.Options,
-		}
-		specmounts = append(specmounts, s)
-	}
-	return specmounts
-}
-
-// Run executes a RUN instruction using the working container as a root
-// directory.
-func (b *Executor) Run(run imagebuilder.Run, config docker.Config) error {
-	logrus.Debugf("RUN %#v, %#v", run, config)
-	if b.builder == nil {
-		return errors.Errorf("no build container available")
-	}
-	stdin := b.in
-	if stdin == nil {
-		devNull, err := os.Open(os.DevNull)
-		if err != nil {
-			return errors.Errorf("error opening %q for reading: %v", os.DevNull, err)
-		}
-		defer devNull.Close()
-		stdin = devNull
-	}
-	options := buildah.RunOptions{
-		Hostname:   config.Hostname,
-		Runtime:    b.runtime,
-		Args:       b.runtimeArgs,
-		Mounts:     convertMounts(b.transientMounts),
-		Env:        config.Env,
-		User:       config.User,
-		WorkingDir: config.WorkingDir,
-		Entrypoint: config.Entrypoint,
-		Cmd:        config.Cmd,
-		Stdin:      stdin,
-		Stdout:     b.out,
-		Stderr:     b.err,
-		Quiet:      b.quiet,
-	}
-	if config.NetworkDisabled {
-		options.ConfigureNetwork = buildah.NetworkDisabled
-	} else {
-		options.ConfigureNetwork = buildah.NetworkEnabled
-	}
-
-	args := run.Args
-	if run.Shell {
-		args = append([]string{"/bin/sh", "-c"}, args...)
-	}
-	if err := b.volumeCacheSave(); err != nil {
-		return err
-	}
-	err := b.builder.Run(args, options)
-	if err2 := b.volumeCacheRestore(); err2 != nil {
-		if err == nil {
-			return err2
-		}
-	}
-	return err
-}
-
-// UnrecognizedInstruction is called when we encounter an instruction that the
-// imagebuilder parser didn't understand.
-func (b *Executor) UnrecognizedInstruction(step *imagebuilder.Step) error {
-	errStr := fmt.Sprintf("Build error: Unknown instruction: %q ", step.Command)
-	err := fmt.Sprintf(errStr+"%#v", step)
-	if b.ignoreUnrecognizedInstructions {
-		logrus.Debugf(err)
-		return nil
-	}
-
-	switch logrus.GetLevel() {
-	case logrus.ErrorLevel:
-		logrus.Errorf(errStr)
-	case logrus.DebugLevel:
-		logrus.Debugf(err)
-	default:
-		logrus.Errorf("+(UNHANDLED LOGLEVEL) %#v", step)
-	}
-
-	return errors.Errorf(err)
-}
-
-// NewExecutor creates a new instance of the imagebuilder.Executor interface.
-func NewExecutor(store storage.Store, options BuildOptions) (*Executor, error) {
-	exec := Executor{
-		store:                          store,
-		contextDir:                     options.ContextDirectory,
-		pullPolicy:                     options.PullPolicy,
-		registry:                       options.Registry,
-		transport:                      options.Transport,
-		ignoreUnrecognizedInstructions: options.IgnoreUnrecognizedInstructions,
-		quiet:                   options.Quiet,
-		runtime:                 options.Runtime,
-		runtimeArgs:             options.RuntimeArgs,
-		transientMounts:         options.TransientMounts,
-		compression:             options.Compression,
-		output:                  options.Output,
-		outputFormat:            options.OutputFormat,
-		additionalTags:          options.AdditionalTags,
-		signaturePolicyPath:     options.SignaturePolicyPath,
-		systemContext:           options.SystemContext,
-		volumeCache:             make(map[string]string),
-		volumeCacheInfo:         make(map[string]os.FileInfo),
-		log:                     options.Log,
-		in:                      options.In,
-		out:                     options.Out,
-		err:                     options.Err,
-		reportWriter:            options.ReportWriter,
-		isolation:               options.Isolation,
-		namespaceOptions:        options.NamespaceOptions,
-		configureNetwork:        options.ConfigureNetwork,
-		cniPluginPath:           options.CNIPluginPath,
-		cniConfigDir:            options.CNIConfigDir,
-		idmappingOptions:        options.IDMappingOptions,
-		commonBuildOptions:      options.CommonBuildOpts,
-		defaultMountsFilePath:   options.DefaultMountsFilePath,
-		iidfile:                 options.IIDFile,
-		squash:                  options.Squash,
-		labels:                  append([]string{}, options.Labels...),
-		annotations:             append([]string{}, options.Annotations...),
-		layers:                  options.Layers,
-		noCache:                 options.NoCache,
-		removeIntermediateCtrs:  options.RemoveIntermediateCtrs,
-		forceRmIntermediateCtrs: options.ForceRmIntermediateCtrs,
-	}
-	if exec.err == nil {
-		exec.err = os.Stderr
-	}
-	if exec.out == nil {
-		exec.out = os.Stdout
-	}
-	if exec.log == nil {
-		stepCounter := 0
-		exec.log = func(format string, args ...interface{}) {
-			stepCounter++
-			prefix := fmt.Sprintf("STEP %d: ", stepCounter)
-			suffix := "\n"
-			fmt.Fprintf(exec.err, prefix+format+suffix, args...)
-		}
-	}
-	return &exec, nil
-}
-
-// Prepare creates a working container based on specified image, or if one
-// isn't specified, the first FROM instruction we can find in the parsed tree.
-func (b *Executor) Prepare(ctx context.Context, ib *imagebuilder.Builder, node *parser.Node, from string) error {
-	if from == "" {
-		base, err := ib.From(node)
-		if err != nil {
-			logrus.Debugf("Prepare(node.Children=%#v)", node.Children)
-			return errors.Wrapf(err, "error determining starting point for build")
-		}
-		from = base
-	}
-	logrus.Debugf("FROM %#v", from)
-	if !b.quiet {
-		b.log("FROM %s", from)
-	}
-	builderOptions := buildah.BuilderOptions{
-		Args:                  ib.Args,
-		FromImage:             from,
-		PullPolicy:            b.pullPolicy,
-		Registry:              b.registry,
-		Transport:             b.transport,
-		SignaturePolicyPath:   b.signaturePolicyPath,
-		ReportWriter:          b.reportWriter,
-		SystemContext:         b.systemContext,
-		Isolation:             b.isolation,
-		NamespaceOptions:      b.namespaceOptions,
-		ConfigureNetwork:      b.configureNetwork,
-		CNIPluginPath:         b.cniPluginPath,
-		CNIConfigDir:          b.cniConfigDir,
-		IDMappingOptions:      b.idmappingOptions,
-		CommonBuildOpts:       b.commonBuildOptions,
-		DefaultMountsFilePath: b.defaultMountsFilePath,
-		Format:                b.outputFormat,
-	}
-	builder, err := buildah.NewBuilder(ctx, b.store, builderOptions)
-	if err != nil {
-		return errors.Wrapf(err, "error creating build container")
-	}
-	volumes := map[string]struct{}{}
-	for _, v := range builder.Volumes() {
-		volumes[v] = struct{}{}
-	}
-	dConfig := docker.Config{
-		Hostname:   builder.Hostname(),
-		Domainname: builder.Domainname(),
-		User:       builder.User(),
-		Env:        builder.Env(),
-		Cmd:        builder.Cmd(),
-		Image:      from,
-		Volumes:    volumes,
-		WorkingDir: builder.WorkDir(),
-		Entrypoint: builder.Entrypoint(),
-		Labels:     builder.Labels(),
-		Shell:      builder.Shell(),
-		StopSignal: builder.StopSignal(),
-		OnBuild:    builder.OnBuild(),
-	}
-	var rootfs *docker.RootFS
-	if builder.Docker.RootFS != nil {
-		rootfs = &docker.RootFS{
-			Type: builder.Docker.RootFS.Type,
-		}
-		for _, id := range builder.Docker.RootFS.DiffIDs {
-			rootfs.Layers = append(rootfs.Layers, id.String())
-		}
-	}
-	dImage := docker.Image{
-		Parent:          builder.FromImage,
-		ContainerConfig: dConfig,
-		Container:       builder.Container,
-		Author:          builder.Maintainer(),
-		Architecture:    builder.Architecture(),
-		RootFS:          rootfs,
-	}
-	dImage.Config = &dImage.ContainerConfig
-	err = ib.FromImage(&dImage, node)
-	if err != nil {
-		if err2 := builder.Delete(); err2 != nil {
-			logrus.Debugf("error deleting container which we failed to update: %v", err2)
-		}
-		return errors.Wrapf(err, "error updating build context")
-	}
-	mountPoint, err := builder.Mount(builder.MountLabel)
-	if err != nil {
-		if err2 := builder.Delete(); err2 != nil {
-			logrus.Debugf("error deleting container which we failed to mount: %v", err2)
-		}
-		return errors.Wrapf(err, "error mounting new container")
-	}
-	b.mountPoint = mountPoint
-	b.builder = builder
-	// Add the top layer of this image to b.topLayers so we can keep track of them
-	// when building with cached images.
-	b.topLayers = append(b.topLayers, builder.TopLayer)
-	logrus.Debugln("Container ID:", builder.ContainerID)
-	return nil
-}
-
-// Delete deletes the working container, if we have one.  The Executor object
-// should not be used to build another image, as the name of the output image
-// isn't resettable.
-func (b *Executor) Delete() (err error) {
-	if b.builder != nil {
-		err = b.builder.Delete()
-		b.builder = nil
-	}
-	return err
-}
-
-// resolveNameToImageRef creates a types.ImageReference from b.output
-func (b *Executor) resolveNameToImageRef() (types.ImageReference, error) {
-	var (
-		imageRef types.ImageReference
-		err      error
-	)
-	if b.output != "" {
-		imageRef, err = alltransports.ParseImageName(b.output)
-		if err != nil {
-			candidates, err := util.ResolveName(b.output, "", b.systemContext, b.store)
-			if err != nil {
-				return nil, errors.Wrapf(err, "error parsing target image name %q: %v", b.output)
-			}
-			if len(candidates) == 0 {
-				return nil, errors.Errorf("error parsing target image name %q", b.output)
-			}
-			imageRef2, err2 := is.Transport.ParseStoreReference(b.store, candidates[0])
-			if err2 != nil {
-				return nil, errors.Wrapf(err, "error parsing target image name %q", b.output)
-			}
-			return imageRef2, nil
-		}
-		return imageRef, nil
-	}
-	imageRef, err = is.Transport.ParseStoreReference(b.store, "@"+stringid.GenerateRandomID())
-	if err != nil {
-		return nil, errors.Wrapf(err, "error parsing reference for image to be written")
-	}
-	return imageRef, nil
-}
-
-// Execute runs each of the steps in the parsed tree, in turn.
-func (b *Executor) Execute(ctx context.Context, ib *imagebuilder.Builder, node *parser.Node) error {
-	checkForLayers := true
-	children := node.Children
-	commitName := b.output
-	for i, node := range node.Children {
-		step := ib.Step()
-		if err := step.Resolve(node); err != nil {
-			return errors.Wrapf(err, "error resolving step %+v", *node)
-		}
-		logrus.Debugf("Parsed Step: %+v", *step)
-		if !b.quiet {
-			b.log("%s", step.Original)
-		}
-		requiresStart := false
-		if i < len(node.Children)-1 {
-			requiresStart = ib.RequiresStart(&parser.Node{Children: node.Children[i+1:]})
-		}
-
-		if !b.layers && !b.noCache {
-			err := ib.Run(step, b, requiresStart)
-			if err != nil {
-				return errors.Wrapf(err, "error building at step %+v", *step)
-			}
-			continue
-		}
-
-		if i < len(children)-1 {
-			b.output = ""
-		} else {
-			b.output = commitName
-		}
-
-		var (
-			cacheID string
-			err     error
-			imgID   string
-		)
-		// checkForLayers will be true if b.layers is true and a cached intermediate image is found.
-		// checkForLayers is set to false when either there is no cached image or a break occurs where
-		// the instructions in the Dockerfile change from a previous build.
-		// Don't check for cache if b.noCache is set to true.
-		if checkForLayers && !b.noCache {
-			cacheID, err = b.layerExists(ctx, node, children[:i])
-			if err != nil {
-				return errors.Wrap(err, "error checking if cached image exists from a previous build")
-			}
-		}
-
-		if cacheID != "" {
-			fmt.Fprintf(b.out, "--> Using cache %s\n", cacheID)
-		}
-
-		// If a cache is found for the last step, that means nothing in the
-		// Dockerfile changed. Just create a copy of the existing image and
-		// save it with the new name passed in by the user.
-		if cacheID != "" && i == len(children)-1 {
-			if err := b.copyExistingImage(ctx, cacheID); err != nil {
-				return err
-			}
-			break
-		}
-
-		if cacheID == "" || !checkForLayers {
-			checkForLayers = false
-			err := ib.Run(step, b, requiresStart)
-			if err != nil {
-				return errors.Wrapf(err, "error building at step %+v", *step)
-			}
-		}
-
-		// Commit if no cache is found
-		if cacheID == "" {
-			imgID, err = b.Commit(ctx, ib, getCreatedBy(node))
-			if err != nil {
-				return errors.Wrapf(err, "error committing container for step %+v", *step)
-			}
-			if i == len(children)-1 {
-				b.log("COMMIT %s", b.output)
-			}
-		} else {
-			// Cache is found, assign imgID the id of the cached image so
-			// it is used to create the container for the next step.
-			imgID = cacheID
-		}
-		// Add container ID of successful intermediate container to b.containerIDs
-		b.containerIDs = append(b.containerIDs, b.builder.ContainerID)
-		// Prepare for the next step with imgID as the new base image.
-		if i != len(children)-1 {
-			if err := b.Prepare(ctx, ib, node, imgID); err != nil {
-				return errors.Wrap(err, "error preparing container for next step")
-			}
-		}
-	}
-	return nil
-}
-
-// copyExistingImage creates a copy of an image already in store
-func (b *Executor) copyExistingImage(ctx context.Context, cacheID string) error {
-	// Get the destination Image Reference
-	dest, err := b.resolveNameToImageRef()
-	if err != nil {
-		return err
-	}
-
-	policyContext, err := util.GetPolicyContext(b.systemContext)
-	if err != nil {
-		return err
-	}
-	defer policyContext.Destroy()
-
-	// Look up the source image, expecting it to be in local storage
-	src, err := is.Transport.ParseStoreReference(b.store, cacheID)
-	if err != nil {
-		return errors.Wrapf(err, "error getting source imageReference for %q", cacheID)
-	}
-	if err := cp.Image(ctx, policyContext, dest, src, nil); err != nil {
-		return errors.Wrapf(err, "error copying image %q", cacheID)
-	}
-	b.log("COMMIT %s", b.output)
-	return nil
-}
-
-// layerExists returns true if an intermediate image of currNode exists in the image store from a previous build.
-// It verifies tihis by checking the parent of the top layer of the image and the history.
-func (b *Executor) layerExists(ctx context.Context, currNode *parser.Node, children []*parser.Node) (string, error) {
-	// Get the list of images available in the image store
-	images, err := b.store.Images()
-	if err != nil {
-		return "", errors.Wrap(err, "error getting image list from store")
-	}
-	for _, image := range images {
-		layer, err := b.store.Layer(image.TopLayer)
-		if err != nil {
-			return "", errors.Wrapf(err, "error getting top layer info")
-		}
-		// If the parent of the top layer of an image is equal to the last entry in b.topLayers
-		// it means that this image is potentially a cached intermediate image from a previous
-		// build. Next we double check that the history of this image is equivalent to the previous
-		// lines in the Dockerfile up till the point we are at in the build.
-		if layer.Parent == b.topLayers[len(b.topLayers)-1] {
-			history, err := b.getImageHistory(ctx, image.ID)
-			if err != nil {
-				return "", errors.Wrapf(err, "error getting history of %q", image.ID)
-			}
-			// children + currNode is the point of the Dockerfile we are currently at.
-			if historyMatches(append(children, currNode), history) {
-				// This checks if the files copied during build have been changed if the node is
-				// a COPY or ADD command.
-				filesMatch, err := b.copiedFilesMatch(currNode, history[len(history)-1].Created)
-				if err != nil {
-					return "", errors.Wrapf(err, "error checking if copied files match")
-				}
-				if filesMatch {
-					return image.ID, nil
-				}
-			}
-		}
-	}
-	return "", nil
-}
-
-// getImageHistory returns the history of imageID.
-func (b *Executor) getImageHistory(ctx context.Context, imageID string) ([]v1.History, error) {
-	imageRef, err := is.Transport.ParseStoreReference(b.store, "@"+imageID)
-	if err != nil {
-		return nil, errors.Wrapf(err, "error getting image reference %q", imageID)
-	}
-	ref, err := imageRef.NewImage(ctx, nil)
-	if err != nil {
-		return nil, errors.Wrap(err, "error creating new image from reference")
-	}
-	oci, err := ref.OCIConfig(ctx)
-	if err != nil {
-		return nil, errors.Wrapf(err, "error getting oci config of image %q", imageID)
-	}
-	return oci.History, nil
-}
-
-// getCreatedBy returns the command the image at node will be created by.
-func getCreatedBy(node *parser.Node) string {
-	if node.Value == "run" {
-		return "/bin/sh -c " + node.Original[4:]
-	}
-	return "/bin/sh -c #(nop) " + node.Original
-}
-
-// historyMatches returns true if the history of the image matches the lines
-// in the Dockerfile till the point of build we are at.
-// Used to verify whether a cache of the intermediate image exists and whether
-// to run the build again.
-func historyMatches(children []*parser.Node, history []v1.History) bool {
-	i := len(history) - 1
-	for j := len(children) - 1; j >= 0; j-- {
-		instruction := children[j].Original
-		if children[j].Value == "run" {
-			instruction = instruction[4:]
-		}
-		if !strings.Contains(history[i].CreatedBy, instruction) {
-			return false
-		}
-		i--
-	}
-	return true
-}
-
-// getFilesToCopy goes through node to get all the src files that are copied, added or downloaded.
-// It is possible for the Dockerfile to have src as hom*, which means all files that have hom as a prefix.
-// Another format is hom?.txt, which means all files that have that name format with the ? replaced by another character.
-func (b *Executor) getFilesToCopy(node *parser.Node) ([]string, error) {
-	currNode := node.Next
-	var src []string
-	for currNode.Next != nil {
-		if currNode.Next == nil {
-			break
-		}
-		if strings.HasPrefix(currNode.Value, "http://") || strings.HasPrefix(currNode.Value, "https://") {
-			src = append(src, currNode.Value)
-			currNode = currNode.Next
-			continue
-		}
-		matches, err := filepath.Glob(filepath.Join(b.contextDir, currNode.Value))
-		if err != nil {
-			return nil, errors.Wrapf(err, "error finding match for pattern %q", currNode.Value)
-		}
-		src = append(src, matches...)
-		currNode = currNode.Next
-	}
-	return src, nil
-}
-
-// copiedFilesMatch checks to see if the node instruction is a COPY or ADD.
-// If it is either of those two it checks the timestamps on all the files copied/added
-// by the dockerfile. If the host version has a time stamp greater than the time stamp
-// of the build, the build will not use the cached version and will rebuild.
-func (b *Executor) copiedFilesMatch(node *parser.Node, historyTime *time.Time) (bool, error) {
-	if node.Value != "add" && node.Value != "copy" {
-		return true, nil
-	}
-
-	src, err := b.getFilesToCopy(node)
-	if err != nil {
-		return false, err
-	}
-	for _, item := range src {
-		// for urls, check the Last-Modified field in the header.
-		if strings.HasPrefix(item, "http://") || strings.HasPrefix(item, "https://") {
-			urlContentNew, err := urlContentModified(item, historyTime)
-			if err != nil {
-				return false, err
-			}
-			if urlContentNew {
-				return false, nil
-			}
-			continue
-		}
-		// For local files, walk the file tree and check the time stamps.
-		timeIsGreater := false
-		err := filepath.Walk(item, func(path string, info os.FileInfo, err error) error {
-			if info.ModTime().After(*historyTime) {
-				timeIsGreater = true
-				return nil
-			}
-			return nil
-		})
-		if err != nil {
-			return false, errors.Wrapf(err, "error walking file tree %q", item)
-		}
-		if timeIsGreater {
-			return false, nil
-		}
-	}
-	return true, nil
-}
-
-// urlContentModified sends a get request to the url and checks if the header has a value in
-// Last-Modified, and if it does compares the time stamp to that of the history of the cached image.
-// returns true if there is no Last-Modified value in the header.
-func urlContentModified(url string, historyTime *time.Time) (bool, error) {
-	resp, err := http.Get(url)
-	if err != nil {
-		return false, errors.Wrapf(err, "error getting %q", url)
-	}
-	if lastModified := resp.Header.Get("Last-Modified"); lastModified != "" {
-		lastModifiedTime, err := time.Parse(time.RFC1123, lastModified)
-		if err != nil {
-			return false, errors.Wrapf(err, "error parsing time for %q", url)
-		}
-		return lastModifiedTime.After(*historyTime), nil
-	}
-	logrus.Debugf("Response header did not have Last-Modified %q, will rebuild.", url)
-	return true, nil
-}
-
-// Commit writes the container's contents to an image, using a passed-in tag as
-// the name if there is one, generating a unique ID-based one otherwise.
-func (b *Executor) Commit(ctx context.Context, ib *imagebuilder.Builder, createdBy string) (string, error) {
-	imageRef, err := b.resolveNameToImageRef()
-	if err != nil {
-		return "", err
-	}
-
-	if ib.Author != "" {
-		b.builder.SetMaintainer(ib.Author)
-	}
-	config := ib.Config()
-	b.builder.SetCreatedBy(createdBy)
-	b.builder.SetHostname(config.Hostname)
-	b.builder.SetDomainname(config.Domainname)
-	b.builder.SetUser(config.User)
-	b.builder.ClearPorts()
-	for p := range config.ExposedPorts {
-		b.builder.SetPort(string(p))
-	}
-	for _, envSpec := range config.Env {
-		spec := strings.SplitN(envSpec, "=", 2)
-		b.builder.SetEnv(spec[0], spec[1])
-	}
-	b.builder.SetCmd(config.Cmd)
-	b.builder.ClearVolumes()
-	for v := range config.Volumes {
-		b.builder.AddVolume(v)
-	}
-	b.builder.ClearOnBuild()
-	for _, onBuildSpec := range config.OnBuild {
-		b.builder.SetOnBuild(onBuildSpec)
-	}
-	b.builder.SetWorkDir(config.WorkingDir)
-	b.builder.SetEntrypoint(config.Entrypoint)
-	b.builder.SetShell(config.Shell)
-	b.builder.SetStopSignal(config.StopSignal)
-	b.builder.ClearLabels()
-	for k, v := range config.Labels {
-		b.builder.SetLabel(k, v)
-	}
-	for _, labelSpec := range b.labels {
-		label := strings.SplitN(labelSpec, "=", 2)
-		if len(label) > 1 {
-			b.builder.SetLabel(label[0], label[1])
-		} else {
-			b.builder.SetLabel(label[0], "")
-		}
-	}
-	for _, annotationSpec := range b.annotations {
-		annotation := strings.SplitN(annotationSpec, "=", 2)
-		if len(annotation) > 1 {
-			b.builder.SetAnnotation(annotation[0], annotation[1])
-		} else {
-			b.builder.SetAnnotation(annotation[0], "")
-		}
-	}
-	if imageRef != nil {
-		logName := transports.ImageName(imageRef)
-		logrus.Debugf("COMMIT %q", logName)
-		if !b.quiet && !b.layers && !b.noCache {
-			b.log("COMMIT %s", logName)
-		}
-	} else {
-		logrus.Debugf("COMMIT")
-		if !b.quiet && !b.layers && !b.noCache {
-			b.log("COMMIT")
-		}
-	}
-	writer := b.reportWriter
-	if b.layers || b.noCache {
-		writer = nil
-	}
-	options := buildah.CommitOptions{
-		Compression:           b.compression,
-		SignaturePolicyPath:   b.signaturePolicyPath,
-		AdditionalTags:        b.additionalTags,
-		ReportWriter:          writer,
-		PreferredManifestType: b.outputFormat,
-		IIDFile:               b.iidfile,
-		Squash:                b.squash,
-		Parent:                b.builder.FromImageID,
-	}
-	imgID, err := b.builder.Commit(ctx, imageRef, options)
-	if err != nil {
-		return "", err
-	}
-	if options.IIDFile == "" && imgID != "" {
-		fmt.Fprintf(b.out, "--> %s\n", imgID)
-	}
-	return imgID, nil
-}
-
-// Build takes care of the details of running Prepare/Execute/Commit/Delete
-// over each of the one or more parsed Dockerfiles and stages.
-func (b *Executor) Build(ctx context.Context, stages imagebuilder.Stages) error {
-	if len(stages) == 0 {
-		errors.New("error building: no stages to build")
-	}
-	var (
-		stageExecutor *Executor
-		lastErr       error
-	)
-	for _, stage := range stages {
-		stageExecutor = b.withName(stage.Name, stage.Position)
-		if err := stageExecutor.Prepare(ctx, stage.Builder, stage.Node, ""); err != nil {
-			return err
-		}
-		// Always remove the intermediate/build containers, even if the build was unsuccessful.
-		// If building with layers, remove all intermediate/build containers if b.forceRmIntermediateCtrs
-		// is true.
-		if b.forceRmIntermediateCtrs || (!b.layers && !b.noCache) {
-			defer stageExecutor.Delete()
-		}
-		if err := stageExecutor.Execute(ctx, stage.Builder, stage.Node); err != nil {
-			lastErr = err
-		}
-
-		// Delete the successful intermediate containers if an error in the build
-		// process occurs and b.removeIntermediateCtrs is true.
-		if lastErr != nil {
-			if b.removeIntermediateCtrs {
-				stageExecutor.deleteSuccessfulIntermediateCtrs()
-			}
-			return lastErr
-		}
-		b.containerIDs = append(b.containerIDs, stageExecutor.containerIDs...)
-	}
-
-	if !b.layers && !b.noCache {
-		_, err := stageExecutor.Commit(ctx, stages[len(stages)-1].Builder, "")
-		if err != nil {
-			return err
-		}
-	}
-	// If building with layers and b.removeIntermediateCtrs is true
-	// only remove intermediate container for each step if an error
-	// during the build process doesn't occur.
-	// If the build is unsuccessful, the container created at the step
-	// the failure happened will persist in the container store.
-	// This if condition will be false if not building with layers and
-	// the removal of intermediate/build containers will be handled by the
-	// defer statement above.
-	if b.removeIntermediateCtrs && (b.layers || b.noCache) {
-		if err := b.deleteSuccessfulIntermediateCtrs(); err != nil {
-			return errors.Errorf("Failed to cleanup intermediate containers")
-		}
-	}
-	return nil
-}
-
-// BuildDockerfiles parses a set of one or more Dockerfiles (which may be
-// URLs), creates a new Executor, and then runs Prepare/Execute/Commit/Delete
-// over the entire set of instructions.
-func BuildDockerfiles(ctx context.Context, store storage.Store, options BuildOptions, paths ...string) error {
-	if len(paths) == 0 {
-		return errors.Errorf("error building: no dockerfiles specified")
-	}
-	var dockerfiles []io.ReadCloser
-	defer func(dockerfiles ...io.ReadCloser) {
-		for _, d := range dockerfiles {
-			d.Close()
-		}
-	}(dockerfiles...)
-	for _, dfile := range paths {
-		var data io.ReadCloser
-
-		if strings.HasPrefix(dfile, "http://") || strings.HasPrefix(dfile, "https://") {
-			logrus.Debugf("reading remote Dockerfile %q", dfile)
-			resp, err := http.Get(dfile)
-			if err != nil {
-				return errors.Wrapf(err, "error getting %q", dfile)
-			}
-			if resp.ContentLength == 0 {
-				resp.Body.Close()
-				return errors.Errorf("no contents in %q", dfile)
-			}
-			data = resp.Body
-		} else {
-			// If the Dockerfile isn't found try prepending the
-			// context directory to it.
-			if _, err := os.Stat(dfile); os.IsNotExist(err) {
-				dfile = filepath.Join(options.ContextDirectory, dfile)
-			}
-			logrus.Debugf("reading local Dockerfile %q", dfile)
-			contents, err := os.Open(dfile)
-			if err != nil {
-				return errors.Wrapf(err, "error reading %q", dfile)
-			}
-			dinfo, err := contents.Stat()
-			if err != nil {
-				contents.Close()
-				return errors.Wrapf(err, "error reading info about %q", dfile)
-			}
-			if dinfo.Mode().IsRegular() && dinfo.Size() == 0 {
-				contents.Close()
-				return errors.Wrapf(err, "no contents in %q", dfile)
-			}
-			data = contents
-		}
-
-		// pre-process Dockerfiles with ".in" suffix
-		if strings.HasSuffix(dfile, ".in") {
-			pData, err := preprocessDockerfileContents(data, options.ContextDirectory)
-			if err != nil {
-				return err
-			}
-			data = *pData
-		}
-
-		dockerfiles = append(dockerfiles, data)
-	}
-	mainNode, err := imagebuilder.ParseDockerfile(dockerfiles[0])
-	if err != nil {
-		return errors.Wrapf(err, "error parsing main Dockerfile")
-	}
-	for _, d := range dockerfiles[1:] {
-		additionalNode, err := imagebuilder.ParseDockerfile(d)
-		if err != nil {
-			return errors.Wrapf(err, "error parsing additional Dockerfile")
-		}
-		mainNode.Children = append(mainNode.Children, additionalNode.Children...)
-	}
-	exec, err := NewExecutor(store, options)
-	if err != nil {
-		return errors.Wrapf(err, "error creating build executor")
-	}
-	b := imagebuilder.NewBuilder(options.Args)
-	stages := imagebuilder.NewStages(mainNode, b)
-	return exec.Build(ctx, stages)
-}
-
-// deleteSuccessfulIntermediateCtrs goes through the container IDs in b.containerIDs
-// and deletes the containers associated with that ID.
-func (b *Executor) deleteSuccessfulIntermediateCtrs() error {
-	var lastErr error
-	for _, ctr := range b.containerIDs {
-		if err := b.store.DeleteContainer(ctr); err != nil {
-			logrus.Errorf("error deleting build container %q: %v\n", ctr, err)
-			lastErr = err
-		}
-	}
-	return lastErr
-}
-
-// preprocessDockerfileContents runs CPP(1) in preprocess-only mode on the input
-// dockerfile content and will use ctxDir as the base include path.
-//
-// Note: we cannot use cmd.StdoutPipe() as cmd.Wait() closes it.
-func preprocessDockerfileContents(r io.ReadCloser, ctxDir string) (rdrCloser *io.ReadCloser, err error) {
-	cppPath := "/usr/bin/cpp"
-	if _, err = os.Stat(cppPath); err != nil {
-		if os.IsNotExist(err) {
-			err = errors.Errorf("error: Dockerfile.in support requires %s to be installed", cppPath)
-		}
-		return nil, err
-	}
-
-	stdout := bytes.Buffer{}
-	stderr := bytes.Buffer{}
-
-	cmd := exec.Command(cppPath, "-E", "-iquote", ctxDir, "-")
-	cmd.Stdout = &stdout
-	cmd.Stderr = &stderr
-
-	pipe, err := cmd.StdinPipe()
-	if err != nil {
-		return nil, err
-	}
-
-	defer func() {
-		if err != nil {
-			pipe.Close()
-		}
-	}()
-
-	if err = cmd.Start(); err != nil {
-		return nil, err
-	}
-
-	if _, err = io.Copy(pipe, r); err != nil {
-		return nil, err
-	}
-
-	pipe.Close()
-	if err = cmd.Wait(); err != nil {
-		if stderr.Len() > 0 {
-			err = fmt.Errorf("%v: %s", err, strings.TrimSpace(stderr.String()))
-		}
-		return nil, errors.Wrapf(err, "error pre-processing Dockerfile")
-	}
-
-	rc := ioutil.NopCloser(bytes.NewReader(stdout.Bytes()))
-	return &rc, nil
-}
diff --git a/vendor/github.com/projectatomic/buildah/imagebuildah/chroot_symlink.go b/vendor/github.com/projectatomic/buildah/imagebuildah/chroot_symlink.go
deleted file mode 100644
index f1fec7f70..000000000
--- a/vendor/github.com/projectatomic/buildah/imagebuildah/chroot_symlink.go
+++ /dev/null
@@ -1,145 +0,0 @@
-package imagebuildah
-
-import (
-	"flag"
-	"fmt"
-	"os"
-	"path/filepath"
-	"strings"
-
-	"github.com/containers/storage/pkg/reexec"
-	"github.com/pkg/errors"
-	"golang.org/x/sys/unix"
-)
-
-const (
-	symlinkChrootedCommand = "chrootsymlinks-resolve"
-	maxSymlinksResolved    = 40
-)
-
-func init() {
-	reexec.Register(symlinkChrootedCommand, resolveChrootedSymlinks)
-}
-
-func resolveChrootedSymlinks() {
-	status := 0
-	flag.Parse()
-	if len(flag.Args()) < 1 {
-		os.Exit(1)
-	}
-	// Our first parameter is the directory to chroot into.
-	if err := unix.Chdir(flag.Arg(0)); err != nil {
-		fmt.Fprintf(os.Stderr, "chdir(): %v\n", err)
-		os.Exit(1)
-	}
-	if err := unix.Chroot(flag.Arg(0)); err != nil {
-		fmt.Fprintf(os.Stderr, "chroot(): %v\n", err)
-		os.Exit(1)
-	}
-
-	// Our second parameter is the path name to evaluate for symbolic links
-	symLink, err := getSymbolicLink(flag.Arg(0), flag.Arg(1))
-	if err != nil {
-		fmt.Fprintf(os.Stderr, "error getting symbolic links: %v\n", err)
-		os.Exit(1)
-	}
-	if _, err := os.Stdout.WriteString(symLink); err != nil {
-		fmt.Fprintf(os.Stderr, "error writing string to stdout: %v\n", err)
-		os.Exit(1)
-	}
-	os.Exit(status)
-}
-
-func resolveSymLink(rootdir, filename string) (string, error) {
-	// The child process expects a chroot and one path that
-	// will be consulted relative to the chroot directory and evaluated
-	// for any symbolic links present.
-	cmd := reexec.Command(symlinkChrootedCommand, rootdir, filename)
-	output, err := cmd.CombinedOutput()
-	if err != nil {
-		return "", errors.Wrapf(err, string(output))
-	}
-
-	// Hand back the resolved symlink, will be "" if a symlink is not found
-	return string(output), nil
-}
-
-// getSymbolic link goes through each part of the path and continues resolving symlinks as they appear.
-// Returns what the whole target path for what "path" resolves to.
-func getSymbolicLink(rootdir, path string) (string, error) {
-	var (
-		symPath          string
-		symLinksResolved int
-	)
-
-	// Splitting path as we need to resolve each parth of the path at a time
-	splitPath := strings.Split(path, "/")
-	if splitPath[0] == "" {
-		splitPath = splitPath[1:]
-		symPath = "/"
-	}
-
-	for _, p := range splitPath {
-		// If we have resolved 40 symlinks, that means something is terribly wrong
-		// will return an error and exit
-		if symLinksResolved >= maxSymlinksResolved {
-			return "", errors.Errorf("have resolved %q symlinks, something is terribly wrong!", maxSymlinksResolved)
-		}
-
-		symPath = filepath.Join(symPath, p)
-		isSymlink, resolvedPath, err := hasSymlink(symPath)
-		if err != nil {
-			return "", errors.Wrapf(err, "error checking symlink for %q", symPath)
-		}
-		// if isSymlink is true, check if resolvedPath is potentially another symlink
-		// keep doing this till resolvedPath is not a symlink and isSymlink is false
-		for isSymlink == true {
-			// Need to keep track of number of symlinks resolved
-			// Will also return an error if the symlink points to itself as that will exceed maxSymlinksResolved
-			if symLinksResolved >= maxSymlinksResolved {
-				return "", errors.Errorf("have resolved %q symlinks, something is terribly wrong!", maxSymlinksResolved)
-			}
-			isSymlink, resolvedPath, err = hasSymlink(resolvedPath)
-			if err != nil {
-				return "", errors.Wrapf(err, "error checking symlink for %q", resolvedPath)
-			}
-			symLinksResolved++
-		}
-		// Assign resolvedPath to symPath. The next part of the loop will append the next part of the original path
-		// and continue resolving
-		symPath = resolvedPath
-		symLinksResolved++
-	}
-	return symPath, nil
-}
-
-// hasSymlink returns true and the target if path is symlink
-// otherwise it returns false and path
-func hasSymlink(path string) (bool, string, error) {
-	info, err := os.Lstat(path)
-	if os.IsNotExist(err) {
-		if err = os.MkdirAll(path, 0755); err != nil {
-			return false, "", errors.Wrapf(err, "error ensuring volume path %q exists", path)
-		}
-		info, err = os.Lstat(path)
-		if err != nil {
-			return false, "", errors.Wrapf(err, "error running lstat on %q", path)
-		}
-	}
-	// Return false and path as path is not a symlink
-	if info.Mode()&os.ModeSymlink != os.ModeSymlink {
-		return false, path, nil
-	}
-
-	// Read the symlink to get what it points to
-	targetDir, err := os.Readlink(path)
-	if err != nil {
-		return false, "", errors.Wrapf(err, "error reading link %q", path)
-	}
-	// if the symlink points to a relative path, prepend the path till now to the resolved path
-	if !filepath.IsAbs(targetDir) {
-		targetDir = filepath.Join(path, targetDir)
-	}
-	// run filepath.Clean to remove the ".." from relative paths
-	return true, filepath.Clean(targetDir), nil
-}
diff --git a/vendor/github.com/projectatomic/buildah/imagebuildah/util.go b/vendor/github.com/projectatomic/buildah/imagebuildah/util.go
deleted file mode 100644
index b437ea1cb..000000000
--- a/vendor/github.com/projectatomic/buildah/imagebuildah/util.go
+++ /dev/null
@@ -1,113 +0,0 @@
-package imagebuildah
-
-import (
-	"fmt"
-	"io/ioutil"
-	"net/http"
-	"os"
-	"os/exec"
-	"path"
-	"path/filepath"
-	"strings"
-
-	"github.com/containers/storage/pkg/chrootarchive"
-	"github.com/pkg/errors"
-	"github.com/projectatomic/buildah"
-	"github.com/sirupsen/logrus"
-)
-
-func cloneToDirectory(url, dir string) error {
-	if !strings.HasPrefix(url, "git://") {
-		url = "git://" + url
-	}
-	logrus.Debugf("cloning %q to %q", url, dir)
-	cmd := exec.Command("git", "clone", url, dir)
-	return cmd.Run()
-}
-
-func downloadToDirectory(url, dir string) error {
-	logrus.Debugf("extracting %q to %q", url, dir)
-	resp, err := http.Get(url)
-	if err != nil {
-		return errors.Wrapf(err, "error getting %q", url)
-	}
-	defer resp.Body.Close()
-	if resp.ContentLength == 0 {
-		return errors.Errorf("no contents in %q", url)
-	}
-	if err := chrootarchive.Untar(resp.Body, dir, nil); err != nil {
-		resp1, err := http.Get(url)
-		if err != nil {
-			return errors.Wrapf(err, "error getting %q", url)
-		}
-		defer resp1.Body.Close()
-		body, err := ioutil.ReadAll(resp1.Body)
-		if err != nil {
-			return errors.Wrapf(err, "Failed to read %q", url)
-		}
-		dockerfile := filepath.Join(dir, "Dockerfile")
-		// Assume this is a Dockerfile
-		if err := ioutil.WriteFile(dockerfile, body, 0600); err != nil {
-			return errors.Wrapf(err, "Failed to write %q to %q", url, dockerfile)
-		}
-	}
-	return nil
-}
-
-// TempDirForURL checks if the passed-in string looks like a URL.  If it is,
-// TempDirForURL creates a temporary directory, arranges for its contents to be
-// the contents of that URL, and returns the temporary directory's path, along
-// with the name of a subdirectory which should be used as the build context
-// (which may be empty or ".").  Removal of the temporary directory is the
-// responsibility of the caller.  If the string doesn't look like a URL,
-// TempDirForURL returns empty strings and a nil error code.
-func TempDirForURL(dir, prefix, url string) (name string, subdir string, err error) {
-	if !strings.HasPrefix(url, "http://") &&
-		!strings.HasPrefix(url, "https://") &&
-		!strings.HasPrefix(url, "git://") &&
-		!strings.HasPrefix(url, "github.com/") {
-		return "", "", nil
-	}
-	name, err = ioutil.TempDir(dir, prefix)
-	if err != nil {
-		return "", "", errors.Wrapf(err, "error creating temporary directory for %q", url)
-	}
-	if strings.HasPrefix(url, "git://") {
-		err = cloneToDirectory(url, name)
-		if err != nil {
-			if err2 := os.Remove(name); err2 != nil {
-				logrus.Debugf("error removing temporary directory %q: %v", name, err2)
-			}
-			return "", "", err
-		}
-		return name, "", nil
-	}
-	if strings.HasPrefix(url, "github.com/") {
-		ghurl := url
-		url = fmt.Sprintf("https://%s/archive/master.tar.gz", ghurl)
-		logrus.Debugf("resolving url %q to %q", ghurl, url)
-		subdir = path.Base(ghurl) + "-master"
-	}
-	if strings.HasPrefix(url, "http://") || strings.HasPrefix(url, "https://") {
-		err = downloadToDirectory(url, name)
-		if err != nil {
-			if err2 := os.Remove(name); err2 != nil {
-				logrus.Debugf("error removing temporary directory %q: %v", name, err2)
-			}
-			return "", subdir, err
-		}
-		return name, subdir, nil
-	}
-	logrus.Debugf("don't know how to retrieve %q", url)
-	if err2 := os.Remove(name); err2 != nil {
-		logrus.Debugf("error removing temporary directory %q: %v", name, err2)
-	}
-	return "", "", errors.Errorf("unreachable code reached")
-}
-
-// InitReexec is a wrapper for buildah.InitReexec().  It should be called at
-// the start of main(), and if it returns true, main() should return
-// immediately.
-func InitReexec() bool {
-	return buildah.InitReexec()
-}