Don't start digesting the contents of any file that we end up skipping.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #2072
Approved by: giuseppe
When generating the list of exclusions to process .dockerignore
contents, don't include .dockerignore if we don't have a .dockerignore
file in the context directory. That way, if the file doesn't exist, and
the caller didn't pass in any patterns, we get no patterns instead of
just one ".dockerignore" pattern, and we can hit the faster copy path.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #2072
Approved by: giuseppe
We are always adding .dockerignore to the pattern list, if this is the only pattern
then no patterns we added to the list, and we should return nil.
This is causing a major slowdown in buildah, since it is not using the optimized tar for
copying.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #2070
Approved by: saschagrunert
fix bug that buildah does not check .dockerignore file if source of COPY instruction is a filepath. This patch will skip the path if the overall result of the dockerignore matcher is true.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #2064
Approved by: rhatdan
In #1715 we added an additional valid path for `!excludes.Exclusions()`
when considering a full copy of the source directory to the destination
via `ADD`/`COPY`. This breaks the functionality of the `.dockerignore`
file, because `PatternMatcher.Exclusions` is true if any of the defined
patterns contain an exclusion (the pattern starts with `!`). This means
if we have no Exclusions defined at all, the `.dockerignore` behavior
does not work any more.
To still have the optimization in, we now skip whole directories if the
patterns to exclude match in a pure way.
Introduced by: https://github.com/containers/buildah/pull/1715
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Closes: #1914
Approved by: rhatdan
Use digests of the added content in history entries that we create for
ADD and COPY instructions, tightening up cache checking just a little
bit more.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1792
Approved by: TomSweeneyRedHat
Add a DryRun flag to AddAndCopyOptions, so that we can "copy" content to
digest it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1792
Approved by: TomSweeneyRedHat
Teach copyFileWithTar() about symbolic links and directories, and use it
to produce tar data to feed to untar() instead of special-casing them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1785
Approved by: vrothberg
This commit enabled the `unparam` linter and applies all reported issues.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Closes: #1719
Approved by: rhatdan
when there are excludes defined (such as from .dockerignore), we take
a slow path and walk each file in the directory. If the files doesn't
match any exclusion pattern then it is copied into the container.
This is slow as each file requires buildah to re-exec and copy it from
a chroot environment.
When there are no excludes defined we can take a faster path and copy
the entire directory as a single re-exec operation.
Closes: https://github.com/containers/buildah/issues/1714
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1715
Approved by: rhatdan
Fix handling of ID mapping for COPY: when copying from other containers,
use their mappings, and when copying from the host, use host mappings.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1630
Approved by: TomSweeneyRedHat
on 32-bit systems, we had type mismatches when creating a
syscall.timespec.
resolves#1629
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1631
Approved by: rhatdan
Use a fileutiles.PatternMatcher, which works better for this case than
filepath.Match, to check if an item that we're copying is marked for
exclusion by .dockerignore.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1626
Approved by: TomSweeneyRedHat
If we fail to create a symbolic link because the destination already
exists, attempt to remove the destination.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1623
Approved by: giuseppe
Checks to see if the $HOME envvar has been set
and if not, trys to set it as best as possible.
Fixes: #1592
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1594
Approved by: rhatdan
When filtering copying/adding operations to comply with a .dockerignore
file, we should directly handle copying directories and symbolic links.
This update still returns an error when attempting to copy
non-directory, non-regular items.
Make DockerIgnoreHelper() private, since it's not being used by packages
that use us, and I expect it to be removed when this gets refactored.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1583
Approved by: rhatdan
Fix the destination file path if .dockerignore is not empty. Avoid copying the source directory level into the container.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1533
Approved by: rhatdan
my former PR #1403 didn't take into account the directory path in .dockerignore. `buildah bud` should be able to exclude the whole folder and keep
some files under the folder according to the patterns in .dockerignore.
```
// .dockerignore
test*
!*/test1*
```
should exclude `./testdir/test2.txt` but copy `./testdir/test1.txt`
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1478
Approved by: rhatdan
We don't want to vendor anything from libpod into Buildah.
We want to switch this around. Moving pkg content from libpod
to Buildah allows us to fix this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1400
Approved by: giuseppe
export fields in DockerIgnore struct for implementing the dockerignore in libpod
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1431
Approved by: rhatdan
Exclude(or copy,add) files match with patterns in .dockerignore when bud with ADD or COPY in Dockerfile.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1403
Approved by: TomSweeneyRedHat
Make sure that when attempting to diagnose an error, if we encounter an
error during the diagnostic attempt, we return the original error rather
than the error encountered in trying to diagnose it. Log that one.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1072
Approved by: rhatdan
Users expect to be able to use Symbolic links in the
ADD and COPY commands in Dockerfiles. We need to evaluate
these and pull in the correct content.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1007
Approved by: nalind
Break runSetupIntermediateMountNamespace() into its own package.
Move stringInSlice(), getHostIDs(), and getHostRootIDs() into the util
subdirectory and export them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #796
Approved by: rhatdan
Add a field to AddOrCopyOptions that can take an io.Writer, more often a
hash.Hash returned by digest.Digester's Hash() method, to calculate a
sum over what we add or copy.
Make the help output summarizing the arguments that "buildah add" and
"buildah copy" accept more closely match their man pages.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #766
Approved by: rhatdan
In Run(), when the userspec doesn't specify a group, if the specified
user has supplemental group memberships, pass them along to the runtime.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
Use ID mapping information when setting permissions on content that we
add to the container, and on secrets that we copy in, on pipes that we
use for stdio, and when extracting the whole filesystem as a "layer".
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
Add options to the CLI that specify which cgroups we execute "run"
commands under, and controlling how we set up namespaces for them.
Pass them down to Builders that we create, and allow them to be
overridden by options passed to Builder.Run().
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
I have made a subpackage of libpod to handle chrootuser,
using the user code from buildah.
This patch removes user handling from buildah and uses
projectatomic/libpod/pkg/chrootuser
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #377
Approved by: nalind
buildah bud was not setting the mount label on the image
so SELinux in enforcing mode is blocking writing to the image
This patch also fixes a similar problem with the `buildah mount`
command
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #332
Approved by: TomSweeneyRedHat
Use Errorf() from 'errors' rather than 'fmt' to help with stack traces.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #130
Approved by: rhatdan
Impove error reporting by wrapping all returned err functions with
error.Wrapf
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #124
Approved by: nalind
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #125
Approved by: nalind
Maintain the container configuration in multiple formats in the Buildah
object, initializing one based on the other, depending on which format
the source image used for its configuration.
Replace directly manipulated fields in the Buildah object (Annotations,
CreatedBy, OS, Architecture, Maintainer, User, Workdir, Env, Cmd,
Entrypoint, Expose, Labels, and Volumes) with accessor functions which
update both configurations and which read from whichever one we consider
to be authoritative. Drop Args because we weren't using them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #102
Approved by: rhatdan
When saving the contents of a URL to a local file, attempt to set mtime
based on the response's Last-Modified header, if there is one.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #58
Approved by: nalind
When the destination for an ADD or COPY operation ends with a path
separator, take that as an indicator that the destination should be a
directory, that we should create it if it doesn't already exist, and
that any files we're copying should be placed in the directory.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #56
Approved by: rhatdan
When copying or adding a source directory, copy the directory's contents
to the destination directory, to better match Dockerfile COPY behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #50
Approved by: rhatdan
In Copy(), instead of flagging a container not being mounted as an
error, do what we do in Run(), which is to mount it first and then
unmount when we're done.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Change copy behavior so that the destination can be a file rather than a
directory if we're copying a single item.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Always make sure the working directory exists before attempting to run
anything inside of it, and before attempting to copy contents into it or
one of its subdirectories.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Nalin Dahyabhai
Daniel J Walsh
Qi Wang
Sascha Grunert
Giuseppe Scrivano
Eric Hripko
baude
TomSweeneyRedHat
Fabio Bertinatto