summaryrefslogtreecommitdiff
path: root/vendor
diff options
context:
space:
mode:
Diffstat (limited to 'vendor')
-rw-r--r--vendor/github.com/containers/buildah/imagebuildah/build.go31
-rw-r--r--vendor/github.com/containers/buildah/pkg/cli/common.go2
-rw-r--r--vendor/github.com/containers/buildah/pkg/parse/parse.go20
-rw-r--r--vendor/github.com/containers/buildah/run.go4
-rw-r--r--vendor/github.com/containers/buildah/vendor.conf7
-rw-r--r--vendor/github.com/openshift/imagebuilder/README.md19
-rw-r--r--vendor/github.com/openshift/imagebuilder/builder.go4
-rw-r--r--vendor/github.com/openshift/imagebuilder/dockerfile/NOTICE26
-rw-r--r--vendor/github.com/openshift/imagebuilder/dockerfile/command/command.go (renamed from vendor/github.com/docker/docker/builder/dockerfile/command/command.go)0
-rw-r--r--vendor/github.com/openshift/imagebuilder/dockerfile/parser/line_parsers.go (renamed from vendor/github.com/docker/docker/builder/dockerfile/parser/line_parsers.go)2
-rw-r--r--vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go (renamed from vendor/github.com/docker/docker/builder/dockerfile/parser/parser.go)31
-rw-r--r--vendor/github.com/openshift/imagebuilder/dockerfile/parser/split_command.go (renamed from vendor/github.com/docker/docker/builder/dockerfile/parser/split_command.go)0
-rw-r--r--vendor/github.com/openshift/imagebuilder/evaluator.go4
-rw-r--r--vendor/github.com/openshift/imagebuilder/vendor.conf21
14 files changed, 115 insertions, 56 deletions
diff --git a/vendor/github.com/containers/buildah/imagebuildah/build.go b/vendor/github.com/containers/buildah/imagebuildah/build.go
index 4f0ffac1c..f50b11f6c 100644
--- a/vendor/github.com/containers/buildah/imagebuildah/build.go
+++ b/vendor/github.com/containers/buildah/imagebuildah/build.go
@@ -27,11 +27,11 @@ import (
"github.com/containers/storage"
"github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/stringid"
- "github.com/docker/docker/builder/dockerfile/parser"
docker "github.com/fsouza/go-dockerclient"
"github.com/opencontainers/image-spec/specs-go/v1"
"github.com/opencontainers/runtime-spec/specs-go"
"github.com/openshift/imagebuilder"
+ "github.com/openshift/imagebuilder/dockerfile/parser"
"github.com/pkg/errors"
"github.com/sirupsen/logrus"
)
@@ -510,20 +510,21 @@ func (b *Executor) Run(run imagebuilder.Run, config docker.Config) error {
stdin = devNull
}
options := buildah.RunOptions{
- Hostname: config.Hostname,
- Runtime: b.runtime,
- Args: b.runtimeArgs,
- NoPivot: os.Getenv("BUILDAH_NOPIVOT") != "",
- Mounts: convertMounts(b.transientMounts),
- Env: config.Env,
- User: config.User,
- WorkingDir: config.WorkingDir,
- Entrypoint: config.Entrypoint,
- Cmd: config.Cmd,
- Stdin: stdin,
- Stdout: b.out,
- Stderr: b.err,
- Quiet: b.quiet,
+ Hostname: config.Hostname,
+ Runtime: b.runtime,
+ Args: b.runtimeArgs,
+ NoPivot: os.Getenv("BUILDAH_NOPIVOT") != "",
+ Mounts: convertMounts(b.transientMounts),
+ Env: config.Env,
+ User: config.User,
+ WorkingDir: config.WorkingDir,
+ Entrypoint: config.Entrypoint,
+ Cmd: config.Cmd,
+ Stdin: stdin,
+ Stdout: b.out,
+ Stderr: b.err,
+ Quiet: b.quiet,
+ NamespaceOptions: b.namespaceOptions,
}
if config.NetworkDisabled {
options.ConfigureNetwork = buildah.NetworkDisabled
diff --git a/vendor/github.com/containers/buildah/pkg/cli/common.go b/vendor/github.com/containers/buildah/pkg/cli/common.go
index f167353b8..da07545c7 100644
--- a/vendor/github.com/containers/buildah/pkg/cli/common.go
+++ b/vendor/github.com/containers/buildah/pkg/cli/common.go
@@ -156,7 +156,7 @@ func GetBudFlags(flags *BudResults) pflag.FlagSet {
fs.StringVar(&flags.Runtime, "runtime", util.Runtime(), "`path` to an alternate runtime. Use BUILDAH_RUNTIME environment variable to override.")
fs.StringSliceVar(&flags.RuntimeFlags, "runtime-flag", []string{}, "add global flags for the container runtime")
fs.StringVar(&flags.SignaturePolicy, "signature-policy", "", "`pathname` of signature policy file (not usually used)")
- fs.BoolVar(&flags.Squash, "squash", false, "Squash newly built layers into a single new layer. The build process does not currently support caching so this is a NOOP.")
+ fs.BoolVar(&flags.Squash, "squash", false, "Squash newly built layers into a single new layer.")
fs.StringSliceVarP(&flags.Tag, "tag", "t", []string{}, "tagged `name` to apply to the built image")
fs.StringVar(&flags.Target, "target", "", "set the target build stage to build")
fs.BoolVar(&flags.TlsVerify, "tls-verify", true, "require HTTPS and verify certificates when accessing the registry")
diff --git a/vendor/github.com/containers/buildah/pkg/parse/parse.go b/vendor/github.com/containers/buildah/pkg/parse/parse.go
index a26d15631..c309f686a 100644
--- a/vendor/github.com/containers/buildah/pkg/parse/parse.go
+++ b/vendor/github.com/containers/buildah/pkg/parse/parse.go
@@ -9,6 +9,7 @@ import (
"github.com/spf13/cobra"
"net"
"os"
+ "os/exec"
"path/filepath"
"strconv"
"strings"
@@ -319,7 +320,7 @@ func getDockerAuth(creds string) (*types.DockerAuthConfig, error) {
}
// IDMappingOptions parses the build options related to user namespaces and ID mapping.
-func IDMappingOptions(c *cobra.Command) (usernsOptions buildah.NamespaceOptions, idmapOptions *buildah.IDMappingOptions, err error) {
+func IDMappingOptions(c *cobra.Command, isolation buildah.Isolation) (usernsOptions buildah.NamespaceOptions, idmapOptions *buildah.IDMappingOptions, err error) {
user := c.Flag("userns-uid-map-user").Value.String()
group := c.Flag("userns-gid-map-group").Value.String()
// If only the user or group was specified, use the same value for the
@@ -391,11 +392,26 @@ func IDMappingOptions(c *cobra.Command) (usernsOptions buildah.NamespaceOptions,
if len(gidmap) == 0 && len(uidmap) != 0 {
gidmap = uidmap
}
+
+ useSlirp4netns := false
+
+ if isolation == buildah.IsolationOCIRootless {
+ _, err := exec.LookPath("slirp4netns")
+ if execerr, ok := err.(*exec.Error); ok && !strings.Contains(execerr.Error(), "not found") {
+ return nil, nil, errors.Wrapf(err, "cannot lookup slirp4netns %v", execerr)
+ }
+ if err == nil {
+ useSlirp4netns = true
+ } else {
+ logrus.Warningf("could not find slirp4netns. Using host network namespace")
+ }
+ }
+
// By default, having mappings configured means we use a user
// namespace. Otherwise, we don't.
usernsOption := buildah.NamespaceOption{
Name: string(specs.UserNamespace),
- Host: len(uidmap) == 0 && len(gidmap) == 0,
+ Host: len(uidmap) == 0 && len(gidmap) == 0 && !useSlirp4netns,
}
// If the user specifically requested that we either use or don't use
// user namespaces, override that default.
diff --git a/vendor/github.com/containers/buildah/run.go b/vendor/github.com/containers/buildah/run.go
index f56ce30b1..2fa3cd572 100644
--- a/vendor/github.com/containers/buildah/run.go
+++ b/vendor/github.com/containers/buildah/run.go
@@ -1765,7 +1765,9 @@ func runConfigureNetwork(isolation Isolation, options RunOptions, configureNetwo
var netconf, undo []*libcni.NetworkConfigList
if isolation == IsolationOCIRootless {
- return setupRootlessNetwork(pid)
+ if ns := options.NamespaceOptions.Find(string(specs.NetworkNamespace)); ns != nil && !ns.Host {
+ return setupRootlessNetwork(pid)
+ }
}
// Scan for CNI configuration files.
confdir := options.CNIConfigDir
diff --git a/vendor/github.com/containers/buildah/vendor.conf b/vendor/github.com/containers/buildah/vendor.conf
index 3cdb9c95f..53c2e673e 100644
--- a/vendor/github.com/containers/buildah/vendor.conf
+++ b/vendor/github.com/containers/buildah/vendor.conf
@@ -11,12 +11,13 @@ github.com/boltdb/bolt v1.3.1
github.com/containers/libpod v1.0
github.com/containers/storage v1.11
github.com/docker/distribution 5f6282db7d65e6d72ad7c2cc66310724a57be716
-github.com/docker/docker 86f080cff0914e9694068ed78d503701667c4c00
+github.com/docker/docker 54dddadc7d5d89fe0be88f76979f6f6ab0dede83
github.com/docker/docker-credential-helpers v0.6.1
github.com/docker/go-connections v0.4.0
github.com/docker/go-units v0.3.2
github.com/docker/libtrust aabc10ec26b754e797f9028f4589c5b7bd90dc20
-github.com/fsouza/go-dockerclient 29c1814d12c072344bb91aac5d2ff719db39c523
+github.com/docker/libnetwork 1a06131fb8a047d919f7deaf02a4c414d7884b83
+github.com/fsouza/go-dockerclient v1.3.0
github.com/ghodss/yaml v1.0.0
github.com/gogo/protobuf v1.2.0
github.com/gorilla/context v1.1.1
@@ -38,7 +39,7 @@ github.com/opencontainers/runc v1.0.0-rc6
github.com/opencontainers/runtime-spec v1.0.0
github.com/opencontainers/runtime-tools v0.8.0
github.com/opencontainers/selinux v1.1
-github.com/openshift/imagebuilder 36823496a6868f72bc36282cc475eb8a070c0934
+github.com/openshift/imagebuilder 705fe9255c57f8505efb9723a9ac4082b67973bc
github.com/ostreedev/ostree-go 9ab99253d365aac3a330d1f7281cf29f3d22820b
github.com/pkg/errors v0.8.1
github.com/pquerna/ffjson d49c2bc1aa135aad0c6f4fc2056623ec78f5d5ac
diff --git a/vendor/github.com/openshift/imagebuilder/README.md b/vendor/github.com/openshift/imagebuilder/README.md
index f26b4a7e0..fd96ed940 100644
--- a/vendor/github.com/openshift/imagebuilder/README.md
+++ b/vendor/github.com/openshift/imagebuilder/README.md
@@ -1,4 +1,4 @@
-Docker / OCI Image Builder
+OCI Image Builder
==========================
[![Go Report Card](https://goreportcard.com/badge/github.com/openshift/imagebuilder)](https://goreportcard.com/report/github.com/openshift/imagebuilder)
@@ -6,22 +6,22 @@ Docker / OCI Image Builder
[![Travis](https://travis-ci.org/openshift/imagebuilder.svg?branch=master)](https://travis-ci.org/openshift/imagebuilder)
[![Join the chat at freenode:openshift-dev](https://img.shields.io/badge/irc-freenode%3A%20%23openshift--dev-blue.svg)](http://webchat.freenode.net/?channels=%23openshift-dev)
-Note: this library is beta and may contain bugs that prevent images from being identical to Docker build. Test your images (and add to our conformance suite)!
+Please test your images (and add to our conformance suite)!
-This library supports using the Dockerfile syntax to build Docker
-compatible images, without invoking Docker build. It is intended to give
-clients more control over how a Docker build is run, including:
+This library supports using the Dockerfile syntax to build OCI & Docker
+compatible images, without invoking a container build command such as `buildah bud` or `docker build`. It is intended to give
+clients more control over how they build container images, including:
* Instead of building one layer per line, run all instructions in the
same container
-* Set Docker HostConfig settings like network and memory controls that
- are not available when running Docker builds
+* Set HostConfig settings like network and memory controls that
+ are not available when running container builds
* Mount external files into the build that are not persisted as part of
the final image (i.e. "secrets")
* If there are no RUN commands in the Dockerfile, the container is created
and committed, but never started.
-The final image should be 99.9% compatible with regular docker builds,
+The final image should be 99.9% compatible with regular container builds,
but bugs are always possible.
Future goals include:
@@ -54,9 +54,6 @@ $ imagebuilder --mount ~/secrets/private.key:/etc/keys/private.key path/to/my/co
Any processes in the Dockerfile will have access to `/etc/keys/private.key`, but that file will not be part of the committed image.
-Running `--mount` requires Docker 1.10 or newer, as it uses a Docker volume to hold the mounted files and the volume API was not
-available in earlier versions.
-
You can also customize which Dockerfile is run, or run multiple Dockerfiles in sequence (the FROM is ignored on
later files):
diff --git a/vendor/github.com/openshift/imagebuilder/builder.go b/vendor/github.com/openshift/imagebuilder/builder.go
index 16682af7d..86b139b65 100644
--- a/vendor/github.com/openshift/imagebuilder/builder.go
+++ b/vendor/github.com/openshift/imagebuilder/builder.go
@@ -13,8 +13,8 @@ import (
docker "github.com/fsouza/go-dockerclient"
- "github.com/docker/docker/builder/dockerfile/command"
- "github.com/docker/docker/builder/dockerfile/parser"
+ "github.com/openshift/imagebuilder/dockerfile/command"
+ "github.com/openshift/imagebuilder/dockerfile/parser"
)
// Copy defines a copy operation required on the container.
diff --git a/vendor/github.com/openshift/imagebuilder/dockerfile/NOTICE b/vendor/github.com/openshift/imagebuilder/dockerfile/NOTICE
new file mode 100644
index 000000000..519a7e995
--- /dev/null
+++ b/vendor/github.com/openshift/imagebuilder/dockerfile/NOTICE
@@ -0,0 +1,26 @@
+Source files in this directory and all sub-directories have been
+copied from github.com/docker/docker/builder/dockerfile and are
+Licensed under the Apache License Version 2.0.
+
+Note that the fork of github.com/docker/docker used commit
+b68221c37ee597950364788204546f9c9d0e46a1.
+
+Docker
+Copyright 2012-2017 Docker, Inc.
+
+This product includes software developed at Docker, Inc. (https://www.docker.com).
+
+This product contains software (https://github.com/kr/pty) developed
+by Keith Rarick, licensed under the MIT License.
+
+The following is courtesy of our legal counsel:
+
+
+Use and transfer of Docker may be subject to certain restrictions by the
+United States and other governments.
+It is your responsibility to ensure that your use and/or transfer does not
+violate applicable laws.
+
+For more information, please see https://www.bis.doc.gov
+
+See also https://www.apache.org/dev/crypto.html and/or seek legal counsel.
diff --git a/vendor/github.com/docker/docker/builder/dockerfile/command/command.go b/vendor/github.com/openshift/imagebuilder/dockerfile/command/command.go
index f23c6874b..f23c6874b 100644
--- a/vendor/github.com/docker/docker/builder/dockerfile/command/command.go
+++ b/vendor/github.com/openshift/imagebuilder/dockerfile/command/command.go
diff --git a/vendor/github.com/docker/docker/builder/dockerfile/parser/line_parsers.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/line_parsers.go
index 2c375b74e..82d912b26 100644
--- a/vendor/github.com/docker/docker/builder/dockerfile/parser/line_parsers.go
+++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/line_parsers.go
@@ -15,7 +15,7 @@ import (
"unicode"
"unicode/utf8"
- "github.com/docker/docker/builder/dockerfile/command"
+ "github.com/openshift/imagebuilder/dockerfile/command"
)
var (
diff --git a/vendor/github.com/docker/docker/builder/dockerfile/parser/parser.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go
index 822c42b41..0223963e1 100644
--- a/vendor/github.com/docker/docker/builder/dockerfile/parser/parser.go
+++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/parser.go
@@ -12,7 +12,7 @@ import (
"strings"
"unicode"
- "github.com/docker/docker/builder/dockerfile/command"
+ "github.com/openshift/imagebuilder/dockerfile/command"
"github.com/docker/docker/pkg/system"
"github.com/pkg/errors"
)
@@ -91,6 +91,9 @@ var (
// DefaultEscapeToken is the default escape token
const DefaultEscapeToken = '\\'
+// defaultPlatformToken is the platform assumed for the build if not explicitly provided
+var defaultPlatformToken = runtime.GOOS
+
// Directive is the structure used during a build run to hold the state of
// parsing directives.
type Directive struct {
@@ -140,7 +143,7 @@ func (d *Directive) possibleParserDirective(line string) error {
if len(tecMatch) != 0 {
for i, n := range tokenEscapeCommand.SubexpNames() {
if n == "escapechar" {
- if d.escapeSeen {
+ if d.escapeSeen == true {
return errors.New("only one escape parser directive can be used")
}
d.escapeSeen = true
@@ -149,13 +152,14 @@ func (d *Directive) possibleParserDirective(line string) error {
}
}
- // Only recognise a platform token if LCOW is supported
+ // TODO @jhowardmsft LCOW Support: Eventually this check can be removed,
+ // but only recognise a platform token if running in LCOW mode.
if system.LCOWSupported() {
tpcMatch := tokenPlatformCommand.FindStringSubmatch(strings.ToLower(line))
if len(tpcMatch) != 0 {
for i, n := range tokenPlatformCommand.SubexpNames() {
if n == "platform" {
- if d.platformSeen {
+ if d.platformSeen == true {
return errors.New("only one platform parser directive can be used")
}
d.platformSeen = true
@@ -173,6 +177,7 @@ func (d *Directive) possibleParserDirective(line string) error {
func NewDefaultDirective() *Directive {
directive := Directive{}
directive.setEscapeToken(string(DefaultEscapeToken))
+ directive.setPlatformToken(defaultPlatformToken)
return &directive
}
@@ -237,10 +242,8 @@ func newNodeFromLine(line string, directive *Directive) (*Node, error) {
type Result struct {
AST *Node
EscapeToken rune
- // TODO @jhowardmsft - see https://github.com/moby/moby/issues/34617
- // This next field will be removed in a future update for LCOW support.
- OS string
- Warnings []string
+ Platform string
+ Warnings []string
}
// PrintWarnings to the writer
@@ -287,10 +290,6 @@ func Parse(rwc io.Reader) (*Result, error) {
}
currentLine++
- if isComment(scanner.Bytes()) {
- // original line was a comment (processLine strips comments)
- continue
- }
if isEmptyContinuationLine(bytesRead) {
hasEmptyContinuationLine = true
continue
@@ -320,7 +319,7 @@ func Parse(rwc io.Reader) (*Result, error) {
AST: root,
Warnings: warnings,
EscapeToken: d.escapeToken,
- OS: d.platformToken,
+ Platform: d.platformToken,
}, nil
}
@@ -332,12 +331,8 @@ func trimWhitespace(src []byte) []byte {
return bytes.TrimLeftFunc(src, unicode.IsSpace)
}
-func isComment(line []byte) bool {
- return tokenComment.Match(trimWhitespace(line))
-}
-
func isEmptyContinuationLine(line []byte) bool {
- return len(trimWhitespace(line)) == 0
+ return len(trimComments(trimWhitespace(line))) == 0
}
var utf8bom = []byte{0xEF, 0xBB, 0xBF}
diff --git a/vendor/github.com/docker/docker/builder/dockerfile/parser/split_command.go b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/split_command.go
index 171f454f6..171f454f6 100644
--- a/vendor/github.com/docker/docker/builder/dockerfile/parser/split_command.go
+++ b/vendor/github.com/openshift/imagebuilder/dockerfile/parser/split_command.go
diff --git a/vendor/github.com/openshift/imagebuilder/evaluator.go b/vendor/github.com/openshift/imagebuilder/evaluator.go
index e1cd5d6d6..1ea358451 100644
--- a/vendor/github.com/openshift/imagebuilder/evaluator.go
+++ b/vendor/github.com/openshift/imagebuilder/evaluator.go
@@ -5,8 +5,8 @@ import (
"io"
"strings"
- "github.com/docker/docker/builder/dockerfile/command"
- "github.com/docker/docker/builder/dockerfile/parser"
+ "github.com/openshift/imagebuilder/dockerfile/command"
+ "github.com/openshift/imagebuilder/dockerfile/parser"
)
// ParseDockerfile parses the provided stream as a canonical Dockerfile
diff --git a/vendor/github.com/openshift/imagebuilder/vendor.conf b/vendor/github.com/openshift/imagebuilder/vendor.conf
new file mode 100644
index 000000000..39b216feb
--- /dev/null
+++ b/vendor/github.com/openshift/imagebuilder/vendor.conf
@@ -0,0 +1,21 @@
+github.com/Azure/go-ansiterm d6e3b3328b783f23731bc4d058875b0371ff8109
+github.com/containerd/continuity 004b46473808b3e7a4a3049c20e4376c91eb966d
+github.com/docker/docker b68221c37ee597950364788204546f9c9d0e46a1
+github.com/docker/go-connections 97c2040d34dfae1d1b1275fa3a78dbdd2f41cf7e
+github.com/docker/go-units 2fb04c6466a548a03cb009c5569ee1ab1e35398e
+github.com/fsouza/go-dockerclient openshift-4.0 https://github.com/openshift/go-dockerclient.git
+github.com/gogo/protobuf c5a62797aee0054613cc578653a16c6237fef080
+github.com/golang/glog 23def4e6c14b4da8ac2ed8007337bc5eb5007998
+github.com/golang/protobuf v1.3.0
+github.com/konsorten/go-windows-terminal-sequences f55edac94c9bbba5d6182a4be46d86a2c9b5b50e
+github.com/Microsoft/go-winio 1a8911d1ed007260465c3bfbbc785ac6915a0bb8
+github.com/Nvveen/Gotty cd527374f1e5bff4938207604a14f2e38a9cf512
+github.com/opencontainers/go-digest ac19fd6e7483ff933754af248d80be865e543d22
+github.com/opencontainers/image-spec 243ea084a44451d27322fed02b682d99e2af3ba9
+github.com/opencontainers/runc 923a8f8a9a07aceada5fc48c4d37e905d9b019b5
+github.com/pkg/errors 27936f6d90f9c8e1145f11ed52ffffbfdb9e0af7
+github.com/sirupsen/logrus d7b6bf5e4d26448fd977d07d745a2a66097ddecb
+golang.org/x/crypto ff983b9c42bc9fbf91556e191cc8efb585c16908
+golang.org/x/net 45ffb0cd1ba084b73e26dee67e667e1be5acce83
+golang.org/x/sync 37e7f081c4d4c64e13b10787722085407fe5d15f
+golang.org/x/sys 7fbe1cd0fcc20051e1fcb87fbabec4a1bacaaeba