summaryrefslogtreecommitdiff
path: root/cmd/podman/images/build.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/podman/images/build.go')
-rw-r--r--cmd/podman/images/build.go492
1 files changed, 492 insertions, 0 deletions
diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go
new file mode 100644
index 000000000..2efc795cd
--- /dev/null
+++ b/cmd/podman/images/build.go
@@ -0,0 +1,492 @@
+package images
+
+import (
+ "os"
+ "path/filepath"
+ "strings"
+
+ "github.com/containers/buildah"
+ "github.com/containers/buildah/imagebuildah"
+ buildahCLI "github.com/containers/buildah/pkg/cli"
+ "github.com/containers/buildah/pkg/parse"
+ "github.com/containers/libpod/cmd/podman/registry"
+ "github.com/containers/libpod/cmd/podman/utils"
+ "github.com/containers/libpod/pkg/domain/entities"
+ "github.com/docker/go-units"
+ "github.com/opencontainers/runtime-spec/specs-go"
+ "github.com/pkg/errors"
+ "github.com/sirupsen/logrus"
+ "github.com/spf13/cobra"
+ "github.com/spf13/pflag"
+)
+
+// buildFlagsWrapper are local to cmd/ as the build code is using Buildah-internal
+// types. Hence, after parsing, we are converting buildFlagsWrapper to the entities'
+// options which essentially embed the Buildah types.
+type buildFlagsWrapper struct {
+ // Buildah stuff first
+ buildahCLI.BudResults
+ buildahCLI.LayerResults
+ buildahCLI.FromAndBudResults
+ buildahCLI.NameSpaceResults
+ buildahCLI.UserNSResults
+
+ // SquashAll squashes all layers into a single layer.
+ SquashAll bool
+}
+
+var (
+ // Command: podman _diff_ Object_ID
+ buildDescription = "Builds an OCI or Docker image using instructions from one or more Containerfiles and a specified build context directory."
+ buildCmd = &cobra.Command{
+ Use: "build [flags] [CONTEXT]",
+ Short: "Build an image using instructions from Containerfiles",
+ Long: buildDescription,
+ TraverseChildren: true,
+ RunE: build,
+ Example: `podman build .
+ podman build --creds=username:password -t imageName -f Containerfile.simple .
+ podman build --layers --force-rm --tag imageName .`,
+ }
+
+ imageBuildCmd = &cobra.Command{
+ Args: buildCmd.Args,
+ Use: buildCmd.Use,
+ Short: buildCmd.Short,
+ Long: buildCmd.Long,
+ RunE: buildCmd.RunE,
+ Example: `podman image build .
+ podman image build --creds=username:password -t imageName -f Containerfile.simple .
+ podman image build --layers --force-rm --tag imageName .`,
+ }
+
+ buildOpts = buildFlagsWrapper{}
+)
+
+// useLayers returns false if BUILDAH_LAYERS is set to "0" or "false"
+// otherwise it returns true
+func useLayers() string {
+ layers := os.Getenv("BUILDAH_LAYERS")
+ if strings.ToLower(layers) == "false" || layers == "0" {
+ return "false"
+ }
+ return "true"
+}
+
+func init() {
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: buildCmd,
+ })
+ buildFlags(buildCmd.Flags())
+
+ registry.Commands = append(registry.Commands, registry.CliCommand{
+ Mode: []entities.EngineMode{entities.ABIMode, entities.TunnelMode},
+ Command: imageBuildCmd,
+ Parent: imageCmd,
+ })
+ buildFlags(imageBuildCmd.Flags())
+}
+
+func buildFlags(flags *pflag.FlagSet) {
+ // Podman flags
+ flags.BoolVarP(&buildOpts.SquashAll, "squash-all", "", false, "Squash all layers into a single layer")
+
+ // Bud flags
+ budFlags := buildahCLI.GetBudFlags(&buildOpts.BudResults)
+ // --pull flag
+ flag := budFlags.Lookup("pull")
+ if err := flag.Value.Set("true"); err != nil {
+ logrus.Errorf("unable to set --pull to true: %v", err)
+ }
+ flag.DefValue = "true"
+ flags.AddFlagSet(&budFlags)
+
+ // Layer flags
+ layerFlags := buildahCLI.GetLayerFlags(&buildOpts.LayerResults)
+ // --layers flag
+ flag = layerFlags.Lookup("layers")
+ useLayersVal := useLayers()
+ if err := flag.Value.Set(useLayersVal); err != nil {
+ logrus.Errorf("unable to set --layers to %v: %v", useLayersVal, err)
+ }
+ flag.DefValue = useLayersVal
+ // --force-rm flag
+ flag = layerFlags.Lookup("force-rm")
+ if err := flag.Value.Set("true"); err != nil {
+ logrus.Errorf("unable to set --force-rm to true: %v", err)
+ }
+ flag.DefValue = "true"
+ flags.AddFlagSet(&layerFlags)
+
+ // FromAndBud flags
+ fromAndBudFlags, err := buildahCLI.GetFromAndBudFlags(&buildOpts.FromAndBudResults, &buildOpts.UserNSResults, &buildOpts.NameSpaceResults)
+ if err != nil {
+ logrus.Errorf("error setting up build flags: %v", err)
+ os.Exit(1)
+ }
+ flags.AddFlagSet(&fromAndBudFlags)
+ _ = flags.MarkHidden("signature-policy")
+}
+
+// build executes the build command.
+func build(cmd *cobra.Command, args []string) error {
+ if (cmd.Flags().Changed("squash") && cmd.Flags().Changed("layers")) ||
+ (cmd.Flags().Changed("squash-all") && cmd.Flags().Changed("layers")) ||
+ (cmd.Flags().Changed("squash-all") && cmd.Flags().Changed("squash")) {
+ return errors.New("cannot specify --squash, --squash-all and --layers options together")
+ }
+
+ contextDir, containerFiles, err := extractContextAndFiles(args, buildOpts.File)
+ if err != nil {
+ return err
+ }
+
+ ie, err := registry.NewImageEngine(cmd, args)
+ if err != nil {
+ return err
+ }
+
+ apiBuildOpts, err := buildFlagsWrapperToOptions(cmd, contextDir, &buildOpts)
+ if err != nil {
+ return err
+ }
+
+ _, err = ie.Build(registry.GetContext(), containerFiles, *apiBuildOpts)
+ return err
+}
+
+// extractContextAndFiles parses args and files to extract a context directory
+// and {Container,Docker}files.
+//
+// TODO: this was copied and altered from the v1 client which in turn was
+// copied and altered from the Buildah code. Ideally, all of this code should
+// be cleanly consolidated into a package that is shared between Buildah and
+// Podman.
+func extractContextAndFiles(args, files []string) (string, []string, error) {
+ // Extract container files from the CLI (i.e., --file/-f) first.
+ var containerFiles []string
+ for _, f := range files {
+ if f == "-" {
+ containerFiles = append(containerFiles, "/dev/stdin")
+ } else {
+ containerFiles = append(containerFiles, f)
+ }
+ }
+
+ // Determine context directory.
+ var contextDir string
+ if len(args) > 0 {
+ // The context directory could be a URL. Try to handle that.
+ tempDir, subDir, err := imagebuildah.TempDirForURL("", "buildah", args[0])
+ if err != nil {
+ return "", nil, errors.Wrapf(err, "error prepping temporary context directory")
+ }
+ if tempDir != "" {
+ // We had to download it to a temporary directory.
+ // Delete it later.
+ defer func() {
+ if err = os.RemoveAll(tempDir); err != nil {
+ logrus.Errorf("error removing temporary directory %q: %v", contextDir, err)
+ }
+ }()
+ contextDir = filepath.Join(tempDir, subDir)
+ } else {
+ // Nope, it was local. Use it as is.
+ absDir, err := filepath.Abs(args[0])
+ if err != nil {
+ return "", nil, errors.Wrapf(err, "error determining path to directory %q", args[0])
+ }
+ contextDir = absDir
+ }
+ } else {
+ // No context directory or URL was specified. Try to use the home of
+ // the first locally-available Containerfile.
+ for i := range containerFiles {
+ if strings.HasPrefix(containerFiles[i], "http://") ||
+ strings.HasPrefix(containerFiles[i], "https://") ||
+ strings.HasPrefix(containerFiles[i], "git://") ||
+ strings.HasPrefix(containerFiles[i], "github.com/") {
+ continue
+ }
+ absFile, err := filepath.Abs(containerFiles[i])
+ if err != nil {
+ return "", nil, errors.Wrapf(err, "error determining path to file %q", containerFiles[i])
+ }
+ contextDir = filepath.Dir(absFile)
+ break
+ }
+ }
+
+ if contextDir == "" {
+ return "", nil, errors.Errorf("no context directory and no Containerfile specified")
+ }
+ if !utils.IsDir(contextDir) {
+ return "", nil, errors.Errorf("context must be a directory: %q", contextDir)
+ }
+ if len(containerFiles) == 0 {
+ if utils.FileExists(filepath.Join(contextDir, "Containerfile")) {
+ containerFiles = append(containerFiles, filepath.Join(contextDir, "Containerfile"))
+ } else {
+ containerFiles = append(containerFiles, filepath.Join(contextDir, "Dockerfile"))
+ }
+ }
+
+ return contextDir, containerFiles, nil
+}
+
+// buildFlagsWrapperToOptions converts the local build flags to the build options used
+// in the API which embed Buildah types used across the build code. Doing the
+// conversion here prevents the API from doing that (redundantly).
+//
+// TODO: this code should really be in Buildah.
+func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buildFlagsWrapper) (*entities.BuildOptions, error) {
+ output := ""
+ tags := []string{}
+ if c.Flag("tag").Changed {
+ tags = flags.Tag
+ if len(tags) > 0 {
+ output = tags[0]
+ tags = tags[1:]
+ }
+ }
+
+ pullPolicy := imagebuildah.PullNever
+ if flags.Pull {
+ pullPolicy = imagebuildah.PullIfMissing
+ }
+ if flags.PullAlways {
+ pullPolicy = imagebuildah.PullAlways
+ }
+
+ args := make(map[string]string)
+ if c.Flag("build-arg").Changed {
+ for _, arg := range flags.BuildArg {
+ av := strings.SplitN(arg, "=", 2)
+ if len(av) > 1 {
+ args[av[0]] = av[1]
+ } else {
+ delete(args, av[0])
+ }
+ }
+ }
+ // Check to see if the BUILDAH_LAYERS environment variable is set and
+ // override command-line.
+ if _, ok := os.LookupEnv("BUILDAH_LAYERS"); ok {
+ flags.Layers = true
+ }
+
+ // `buildah bud --layers=false` acts like `docker build --squash` does.
+ // That is all of the new layers created during the build process are
+ // condensed into one, any layers present prior to this build are
+ // retained without condensing. `buildah bud --squash` squashes both
+ // new and old layers down into one. Translate Podman commands into
+ // Buildah. Squash invoked, retain old layers, squash new layers into
+ // one.
+ if c.Flags().Changed("squash") && buildOpts.Squash {
+ flags.Squash = false
+ flags.Layers = false
+ }
+ // Squash-all invoked, squash both new and old layers into one.
+ if c.Flags().Changed("squash-all") {
+ flags.Squash = true
+ flags.Layers = false
+ }
+
+ var stdin, stdout, stderr, reporter *os.File
+ stdin = os.Stdin
+ stdout = os.Stdout
+ stderr = os.Stderr
+ reporter = os.Stderr
+
+ if c.Flag("logfile").Changed {
+ f, err := os.OpenFile(flags.Logfile, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0600)
+ if err != nil {
+ return nil, errors.Errorf("error opening logfile %q: %v", flags.Logfile, err)
+ }
+ defer f.Close()
+ logrus.SetOutput(f)
+ stdout = f
+ stderr = f
+ reporter = f
+ }
+
+ var memoryLimit, memorySwap int64
+ var err error
+ if c.Flags().Changed("memory") {
+ memoryLimit, err = units.RAMInBytes(flags.Memory)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ if c.Flags().Changed("memory-swap") {
+ memorySwap, err = units.RAMInBytes(flags.MemorySwap)
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ nsValues, err := getNsValues(flags)
+ if err != nil {
+ return nil, err
+ }
+
+ networkPolicy := buildah.NetworkDefault
+ for _, ns := range nsValues {
+ if ns.Name == "none" {
+ networkPolicy = buildah.NetworkDisabled
+ break
+ } else if !filepath.IsAbs(ns.Path) {
+ networkPolicy = buildah.NetworkEnabled
+ break
+ }
+ }
+
+ // `buildah bud --layers=false` acts like `docker build --squash` does.
+ // That is all of the new layers created during the build process are
+ // condensed into one, any layers present prior to this build are retained
+ // without condensing. `buildah bud --squash` squashes both new and old
+ // layers down into one. Translate Podman commands into Buildah.
+ // Squash invoked, retain old layers, squash new layers into one.
+ if c.Flags().Changed("squash") && flags.Squash {
+ flags.Squash = false
+ flags.Layers = false
+ }
+ // Squash-all invoked, squash both new and old layers into one.
+ if c.Flags().Changed("squash-all") {
+ flags.Squash = true
+ flags.Layers = false
+ }
+
+ compression := imagebuildah.Gzip
+ if flags.DisableCompression {
+ compression = imagebuildah.Uncompressed
+ }
+
+ isolation, err := parse.IsolationOption(flags.Isolation)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error parsing ID mapping options")
+ }
+
+ usernsOption, idmappingOptions, err := parse.IDMappingOptions(c, isolation)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error parsing ID mapping options")
+ }
+ nsValues = append(nsValues, usernsOption...)
+
+ systemContext, err := parse.SystemContextFromOptions(c)
+ if err != nil {
+ return nil, errors.Wrapf(err, "error building system context")
+ }
+
+ format := ""
+ flags.Format = strings.ToLower(flags.Format)
+ switch {
+ case strings.HasPrefix(flags.Format, buildah.OCI):
+ format = buildah.OCIv1ImageManifest
+ case strings.HasPrefix(flags.Format, buildah.DOCKER):
+ format = buildah.Dockerv2ImageManifest
+ default:
+ return nil, errors.Errorf("unrecognized image type %q", flags.Format)
+ }
+
+ runtimeFlags := []string{}
+ for _, arg := range flags.RuntimeFlags {
+ runtimeFlags = append(runtimeFlags, "--"+arg)
+ }
+
+ // FIXME: the code below needs to be enabled (and adjusted) once the
+ // global/root flags are supported.
+
+ // conf, err := runtime.GetConfig()
+ // if err != nil {
+ // return err
+ // }
+ // if conf != nil && conf.Engine.CgroupManager == config.SystemdCgroupsManager {
+ // runtimeFlags = append(runtimeFlags, "--systemd-cgroup")
+ // }
+
+ opts := imagebuildah.BuildOptions{
+ AddCapabilities: flags.CapAdd,
+ AdditionalTags: tags,
+ Annotations: flags.Annotation,
+ Architecture: flags.Arch,
+ Args: args,
+ BlobDirectory: flags.BlobCache,
+ CNIConfigDir: flags.CNIConfigDir,
+ CNIPluginPath: flags.CNIPlugInPath,
+ CommonBuildOpts: &buildah.CommonBuildOptions{
+ AddHost: flags.AddHost,
+ CgroupParent: flags.CgroupParent,
+ CPUPeriod: flags.CPUPeriod,
+ CPUQuota: flags.CPUQuota,
+ CPUShares: flags.CPUShares,
+ CPUSetCPUs: flags.CPUSetCPUs,
+ CPUSetMems: flags.CPUSetMems,
+ Memory: memoryLimit,
+ MemorySwap: memorySwap,
+ ShmSize: flags.ShmSize,
+ Ulimit: flags.Ulimit,
+ Volumes: flags.Volumes,
+ },
+ Compression: compression,
+ ConfigureNetwork: networkPolicy,
+ ContextDirectory: contextDir,
+ // DefaultMountsFilePath: FIXME: this requires global flags to be working!
+ Devices: flags.Devices,
+ DropCapabilities: flags.CapDrop,
+ Err: stderr,
+ ForceRmIntermediateCtrs: flags.ForceRm,
+ IDMappingOptions: idmappingOptions,
+ IIDFile: flags.Iidfile,
+ In: stdin,
+ Isolation: isolation,
+ Labels: flags.Label,
+ Layers: flags.Layers,
+ NamespaceOptions: nsValues,
+ NoCache: flags.NoCache,
+ OS: flags.OS,
+ Out: stdout,
+ Output: output,
+ OutputFormat: format,
+ PullPolicy: pullPolicy,
+ Quiet: flags.Quiet,
+ RemoveIntermediateCtrs: flags.Rm,
+ ReportWriter: reporter,
+ RuntimeArgs: runtimeFlags,
+ SignBy: flags.SignBy,
+ SignaturePolicyPath: flags.SignaturePolicy,
+ Squash: flags.Squash,
+ SystemContext: systemContext,
+ Target: flags.Target,
+ TransientMounts: flags.Volumes,
+ }
+
+ return &entities.BuildOptions{BuildOptions: opts}, nil
+}
+
+func getNsValues(flags *buildFlagsWrapper) ([]buildah.NamespaceOption, error) {
+ var ret []buildah.NamespaceOption
+ if flags.Network != "" {
+ switch {
+ case flags.Network == "host":
+ ret = append(ret, buildah.NamespaceOption{
+ Name: string(specs.NetworkNamespace),
+ Host: true,
+ })
+ case flags.Network == "container":
+ ret = append(ret, buildah.NamespaceOption{
+ Name: string(specs.NetworkNamespace),
+ })
+ case flags.Network[0] == '/':
+ ret = append(ret, buildah.NamespaceOption{
+ Name: string(specs.NetworkNamespace),
+ Path: flags.Network,
+ })
+ default:
+ return nil, errors.Errorf("unsupported configuration network=%s", flags.Network)
+ }
+ }
+ return ret, nil
+}