root
/
buildah
mirror of https://github.com/containers/buildah.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity
buildah/internal/util/util.go

138 lines
4.2 KiB
Go
Raw Normal View History

buildkit: add from field to bind and cache mounts so images can be used as source Following commit adds buildkit like support for `from` field to `--mount=type=bind` and `--mount=type=cache` so images and stage can be used as mount source. Usage looks like ```dockerfile RUN --mount=type=bind,source=.,from=<your-image>,target=/path ls /path ``` and ```dockerfile RUN --mount=type=cache,from=<your-image>,target=/path ls /path ``` Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-18 13:51:51 +08:00
package util
import (
buildkit: add support for custom build output with --output Allows end-users to export final build content or rootfs to external formats. By default, a local container image is created from the build result. The --output (or -o) flag allows you to override this behavior, and a specify a custom exporter. For example, custom exporters allow you to export the build artifacts as files on the local filesystem instead of a Container image, which can be useful for generating local binaries, code generation etc. The value for --output is a CSV-formatted string defining the exporter type and options. Currently, local and tar exporters are supported. The local exporter writes the resulting build files to a directory on the client side. The tar exporter is similar but writes the files as a single tarball (.tar). ```console buildah build --output type=local,dest=dir . buildah build --output type=tar,dest=rootfs.tar . buildah build -o dir . ``` Reference: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs Signed-off-by: Aditya R <arajan@redhat.com>
2022-04-29 21:39:42 +08:00
"io"
"os"
"path/filepath"
"github.com/containers/buildah/define"
buildkit: add from field to bind and cache mounts so images can be used as source Following commit adds buildkit like support for `from` field to `--mount=type=bind` and `--mount=type=cache` so images and stage can be used as mount source. Usage looks like ```dockerfile RUN --mount=type=bind,source=.,from=<your-image>,target=/path ls /path ``` and ```dockerfile RUN --mount=type=cache,from=<your-image>,target=/path ls /path ``` Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-18 13:51:51 +08:00
"github.com/containers/common/libimage"
"github.com/containers/image/v5/types"
Sort buildoptions and move cli/build functions to internal Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-06-07 20:51:57 +08:00
encconfig "github.com/containers/ocicrypt/config"
enchelpers "github.com/containers/ocicrypt/helpers"
buildkit: add from field to bind and cache mounts so images can be used as source Following commit adds buildkit like support for `from` field to `--mount=type=bind` and `--mount=type=cache` so images and stage can be used as mount source. Usage looks like ```dockerfile RUN --mount=type=bind,source=.,from=<your-image>,target=/path ls /path ``` and ```dockerfile RUN --mount=type=cache,from=<your-image>,target=/path ls /path ``` Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-18 13:51:51 +08:00
"github.com/containers/storage"
buildkit: add support for custom build output with --output Allows end-users to export final build content or rootfs to external formats. By default, a local container image is created from the build result. The --output (or -o) flag allows you to override this behavior, and a specify a custom exporter. For example, custom exporters allow you to export the build artifacts as files on the local filesystem instead of a Container image, which can be useful for generating local binaries, code generation etc. The value for --output is a CSV-formatted string defining the exporter type and options. Currently, local and tar exporters are supported. The local exporter writes the resulting build files to a directory on the client side. The tar exporter is similar but writes the files as a single tarball (.tar). ```console buildah build --output type=local,dest=dir . buildah build --output type=tar,dest=rootfs.tar . buildah build -o dir . ``` Reference: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs Signed-off-by: Aditya R <arajan@redhat.com>
2022-04-29 21:39:42 +08:00
"github.com/containers/storage/pkg/archive"
"github.com/containers/storage/pkg/chrootarchive"
"github.com/containers/storage/pkg/unshare"
"github.com/pkg/errors"
buildkit: add from field to bind and cache mounts so images can be used as source Following commit adds buildkit like support for `from` field to `--mount=type=bind` and `--mount=type=cache` so images and stage can be used as mount source. Usage looks like ```dockerfile RUN --mount=type=bind,source=.,from=<your-image>,target=/path ls /path ``` and ```dockerfile RUN --mount=type=cache,from=<your-image>,target=/path ls /path ``` Signed-off-by: Aditya Rajan <arajan@redhat.com>
2021-10-18 13:51:51 +08:00
)
// LookupImage returns *Image to corresponding imagename or id
func LookupImage(ctx *types.SystemContext, store storage.Store, image string) (*libimage.Image, error) {
systemContext := ctx
if systemContext == nil {
systemContext = &types.SystemContext{}
}
runtime, err := libimage.RuntimeFromStore(store, &libimage.RuntimeOptions{SystemContext: systemContext})
if err != nil {
return nil, err
}
localImage, _, err := runtime.LookupImage(image, nil)
if err != nil {
return nil, err
}
return localImage, nil
}
buildkit: add support for custom build output with --output Allows end-users to export final build content or rootfs to external formats. By default, a local container image is created from the build result. The --output (or -o) flag allows you to override this behavior, and a specify a custom exporter. For example, custom exporters allow you to export the build artifacts as files on the local filesystem instead of a Container image, which can be useful for generating local binaries, code generation etc. The value for --output is a CSV-formatted string defining the exporter type and options. Currently, local and tar exporters are supported. The local exporter writes the resulting build files to a directory on the client side. The tar exporter is similar but writes the files as a single tarball (.tar). ```console buildah build --output type=local,dest=dir . buildah build --output type=tar,dest=rootfs.tar . buildah build -o dir . ``` Reference: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs Signed-off-by: Aditya R <arajan@redhat.com>
2022-04-29 21:39:42 +08:00
buildkit: supports additionalBuildContext in builds via --build-context As builds got more complicated, the ability to only access files from one location became quite limiting. With `multi-stage` builds where you can `copy` files from other parts of the Containerfile by adding the `--from` flag and pointing it to the name of another Containerfile stage or a remote image. The new named build context feature is an extension of this pattern. You can now define additional build contexts when running the build command, give them a name, and then access them inside a Dockerfile the same way you previously did with build stages. Additional build contexts can be defined with a new `--build-context [name]=[value]` flag. The key component defines the name for your build context and the value can be: ```console Local directory – e.g. --build-context project2=../path/to/project2/src HTTP URL to a tarball – e.g. --build-context src=https://example.org/releases/src.tar Container image – Define with a docker-image:// prefix, e.g. --build-context alpine=docker-image://alpine:3.15, ( also supports docker://, container-image:// ) ``` On the Containerfile side, you can reference the build context on all commands that accept the “from” parameter. Here’s how that might look: ```Dockerfile FROM [name] COPY --from=[name] ... RUN --mount=from=[name] … ``` The value of [name] is matched with the following priority order: * Named build context defined with `--build-context [name]=..` * Stage defined with `AS [name]` inside Dockerfile * Remote image `[name]` in a container registry Added Features * Pinning images for `FROM` and `COPY` * Specifying multiple buildcontexts from different projects and using them with `--from` in `ADD` and `COPY` directive * Override a Remote Dependency with a Local One. * Using additional context from external `Tar` Signed-off-by: Aditya R <arajan@redhat.com>
2022-05-10 18:11:37 +08:00
// GetTempDir returns base for a temporary directory on host.
func GetTempDir() string {
if tmpdir, ok := os.LookupEnv("TMPDIR"); ok {
return tmpdir
}
return "/var/tmp"
}
buildkit: add support for custom build output with --output Allows end-users to export final build content or rootfs to external formats. By default, a local container image is created from the build result. The --output (or -o) flag allows you to override this behavior, and a specify a custom exporter. For example, custom exporters allow you to export the build artifacts as files on the local filesystem instead of a Container image, which can be useful for generating local binaries, code generation etc. The value for --output is a CSV-formatted string defining the exporter type and options. Currently, local and tar exporters are supported. The local exporter writes the resulting build files to a directory on the client side. The tar exporter is similar but writes the files as a single tarball (.tar). ```console buildah build --output type=local,dest=dir . buildah build --output type=tar,dest=rootfs.tar . buildah build -o dir . ``` Reference: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs Signed-off-by: Aditya R <arajan@redhat.com>
2022-04-29 21:39:42 +08:00
// ExportFromReader reads bytes from given reader and exports to external tar, directory or stdout.
func ExportFromReader(input io.Reader, opts define.BuildOutputOption) error {
var err error
if !filepath.IsAbs(opts.Path) {
opts.Path, err = filepath.Abs(opts.Path)
if err != nil {
return err
}
}
if opts.IsDir {
// In order to keep this feature as close as possible to
// buildkit it was decided to preserve ownership when
// invoked as root since caller already has access to artifacts
// therefore we can preserve ownership as is, however for rootless users
// ownership has to be changed so exported artifacts can still
// be accessible by unpriviledged users.
// See: https://github.com/containers/buildah/pull/3823#discussion_r829376633
noLChown := false
if unshare.IsRootless() {
noLChown = true
}
err = os.MkdirAll(opts.Path, 0700)
if err != nil {
return errors.Wrapf(err, "failed while creating the destination path %q", opts.Path)
}
err = chrootarchive.Untar(input, opts.Path, &archive.TarOptions{NoLchown: noLChown})
if err != nil {
return errors.Wrapf(err, "failed while performing untar at %q", opts.Path)
}
} else {
outFile := os.Stdout
if !opts.IsStdout {
outFile, err = os.Create(opts.Path)
if err != nil {
return errors.Wrapf(err, "failed while creating destination tar at %q", opts.Path)
}
defer outFile.Close()
}
_, err = io.Copy(outFile, input)
if err != nil {
return errors.Wrapf(err, "failed while performing copy to %q", opts.Path)
}
}
return nil
}
Sort buildoptions and move cli/build functions to internal Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2022-06-07 20:51:57 +08:00
// DecryptConfig translates decryptionKeys into a DescriptionConfig structure
func DecryptConfig(decryptionKeys []string) (*encconfig.DecryptConfig, error) {
decryptConfig := &encconfig.DecryptConfig{}
if len(decryptionKeys) > 0 {
// decryption
dcc, err := enchelpers.CreateCryptoConfig([]string{}, decryptionKeys)
if err != nil {
return nil, errors.Wrapf(err, "invalid decryption keys")
}
cc := encconfig.CombineCryptoConfigs([]encconfig.CryptoConfig{dcc})
decryptConfig = cc.DecryptConfig
}
return decryptConfig, nil
}
// EncryptConfig translates encryptionKeys into a EncriptionsConfig structure
func EncryptConfig(encryptionKeys []string, encryptLayers []int) (*encconfig.EncryptConfig, *[]int, error) {
var encLayers *[]int
var encConfig *encconfig.EncryptConfig
if len(encryptionKeys) > 0 {
// encryption
encLayers = &encryptLayers
ecc, err := enchelpers.CreateCryptoConfig(encryptionKeys, []string{})
if err != nil {
return nil, nil, errors.Wrapf(err, "invalid encryption keys")
}
cc := encconfig.CombineCryptoConfigs([]encconfig.CryptoConfig{ecc})
encConfig = cc.EncryptConfig
}
return encConfig, encLayers, nil
}
// GetFormat translates format string into either docker or OCI format constant
func GetFormat(format string) (string, error) {
switch format {
case define.OCI:
return define.OCIv1ImageManifest, nil
case define.DOCKER:
return define.Dockerv2ImageManifest, nil
default:
return "", errors.Errorf("unrecognized image type %q", format)
}
}