Support splitting build logs for multi-arch builds ( `--platform` ) by
using `--logfile` and `--logsplit` which splits generated log file in the
convention `${file}_${platform_os}_${platform_arch}`.
Closes: https://github.com/containers/buildah/issues/3960
Signed-off-by: Aditya R <arajan@redhat.com>
As per `OCI` `image-spec` setting history is optional so buildah must
support these use-cases via `--omit-history=true` some of the use-cases
are discussed below.
* There are use-cases when image-spec contributes to the image size by
adding build history to image-spec in certain use-cases this image
history is not required by the end-users but there is no way to remove
it. See: https://github.com/containers/buildah/issues/3513
* Certain build tools don't honor setting build history in image spec
however buildah does not allow processing images without build history
since setting build history is still optional as per `OCI` image-spec
( https://github.com/opencontainers/image-spec/blob/main/config.md#properties)
so buildah must support such use-cases.
Closes: https://github.com/containers/buildah/issues/4025
Closes: https://github.com/containers/buildah/issues/3513
Signed-off-by: Aditya R <arajan@redhat.com>
As builds got more complicated, the ability to only access files from one location became quite limiting. With `multi-stage` builds where you can `copy` files from other parts of the Containerfile by adding the `--from` flag and pointing it to the name of another Containerfile stage or a remote image.
The new named build context feature is an extension of this pattern. You can now define additional build contexts when running the build command, give them a name, and then access them inside a Dockerfile the same way you previously did with build stages.
Additional build contexts can be defined with a new `--build-context [name]=[value]` flag. The key component defines the name for your build context and the value can be:
```console
Local directory – e.g. --build-context project2=../path/to/project2/src
HTTP URL to a tarball – e.g. --build-context src=https://example.org/releases/src.tar
Container image – Define with a docker-image:// prefix, e.g. --build-context alpine=docker-image://alpine:3.15, ( also supports docker://, container-image:// )
```
On the Containerfile side, you can reference the build context on all commands that accept the “from” parameter. Here’s how that might look:
```Dockerfile
FROM [name]
COPY --from=[name] ...
RUN --mount=from=[name] …
```
The value of [name] is matched with the following priority order:
* Named build context defined with `--build-context [name]=..`
* Stage defined with `AS [name]` inside Dockerfile
* Remote image `[name]` in a container registry
Added Features
* Pinning images for `FROM` and `COPY`
* Specifying multiple buildcontexts from different projects
and using them with `--from` in `ADD` and `COPY` directive
* Override a Remote Dependency with a Local One.
* Using additional context from external `Tar`
Signed-off-by: Aditya R <arajan@redhat.com>
Render the progress bar on stdout by default. Add a --quiet/-q option
to re-silence if desired.
Signed-off-by: Valentin Rothberg <vrothberg@redhat.com>
When using `build -t <tag> <some-url-to-git-repo>` buildah does not
accepts syntax `url#branch:subdir` following commit allows end users to
switch context to any subdirectory in the git repo.
Usage
```console
buildah build -t test 'https://github.com/containers/podman.git#main:contrib/hello'
```
Signed-off-by: Aditya R <arajan@redhat.com>
Restore podman's CLI compatibility with `docker build` by making its
`--label` and `--annotate` options create empty labels and annotations
when they're given a name but no `=` or value.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Make more of our usage information in --help output consistent with
itself, i.e., initial lower case.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Teach `buildah build` and `buildah config` about the OS version and
features fields. We don't tend to use them on Linux, but they're in the
OCI and Docker config structures, so we need to be able to preserve and
manipulate their values, much as we do for variant information.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Have the handling of the `--annotation` and `--label` options for
`buildah build` explicitly remove values when they're not given an "="
before an empty value, instead of setting them to empty values. The
final result doesn't seem to care about the distinction.
Allow the value of the `io.buildah.version` label to be manually
specified on the `buildah build` command line if someone really wants to
override the value that we would otherwise set by default.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a `--env` option to `buildah build` that functions similarly to the
`buildah config --env` option, to complement `buildah build`'s
`--unsetenv` option.
Document that `buildah config`'s `--env` function fetches the current
value for a variable when the name is supplied, but no `=` or value
follows it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Allows end-users to export final build content or rootfs to external formats.
By default, a local container image is created from the build result. The --output (or -o) flag allows you to override this behavior, and a specify a custom exporter. For example, custom exporters allow you to export the build artifacts as files on the local filesystem instead of a Container image, which can be useful for generating local binaries, code generation etc.
The value for --output is a CSV-formatted string defining the exporter type and options. Currently, local and tar exporters are supported. The local exporter writes the resulting build files to a directory on the client side. The tar exporter is similar but writes the files as a single tarball (.tar).
```console
buildah build --output type=local,dest=dir .
buildah build --output type=tar,dest=rootfs.tar .
buildah build -o dir .
```
Reference: https://docs.docker.com/engine/reference/commandline/build/#custom-build-outputs
Signed-off-by: Aditya R <arajan@redhat.com>
The sed implementation has a strict interpretation of posix 'basic'
regular expressions. It would be better to re-implement this using
'extended' regular expressions but for now, just use GNU sed.
Signed-off-by: Doug Rabson <dfr@rabson.org>
Allow end users to remove default identity labels if they want to.
Since there are instances where images can be reproduced across version
hence users must have option to suppress default labels.
Closes: https://github.com/containers/buildah/issues/3826
Signed-off-by: Aditya R <arajan@redhat.com>
Enforce alphabetical ordering of command-line options in
man pages. Not as simple as with podman, because conventions
are different.
Reference: https://github.com/containers/podman/pull/13625
Signed-off-by: Ed Santiago <santiago@redhat.com>
Users want to turn off addition of /etc/hosts file while building
container images, this would allow them to customize the /etc/hosts
file within the image.
Fixes: https://github.com/containers/buildah/issues/3808
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
These where moved to buildah but because they are useful for podman and
the other tooling they are moved back into the common project.
Partially reverts a9e66ec72b
Signed-off-by: Morten Linderud <morten@linderud.pw>
allow to override the cgroup manager with a global option
--cgroup-manager=MANAGER that has the same semantic as Podman.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The backend logic already supports specifying custom network names. This
only adds the support for the frontend parsing.
Fixescontainers/podman#12282
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Per @edsantiago 's suggestion, make the pull commands consistent, always
accepting a value. Currently we have:
--pull
--pull=true
--pull=false
--pull-never
--pull-always
With this changes, we will only have pull with a variety of options,
ala:
--pull
--pull=true
--pull=false
--pull=never
--pull=always
For backward compatibility, the --pull-never and --pull-always
options will remain operational, however they are not documented
and are conisdered deprecated.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
The current wording doesn't clearly state that volumes specified using
-v are only a factor when executing RUN instructions.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We need to use the default from containers.conf and not hardcode them in
buildah. This fixes an issue with the cni network backend since it would
try to access /etc/cni/net.d/ even as rootless user. This regression was
introduced in commit f9cff07b81.
Also hide the cni flags as we do not expect users to change this. The
recommended way is to change them in containers.conf.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Following commit adds buildkit like support for `from` field to `--mount=type=bind`
and `--mount=type=cache` so images and stage can be used as mount source.
Usage looks like
```dockerfile
RUN --mount=type=bind,source=.,from=<your-image>,target=/path ls /path
```
and
```dockerfile
RUN --mount=type=cache,from=<your-image>,target=/path ls /path
```
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Update tutorials to not expect `buildah run` to do anything if it isn't
given a command to run. In some cases (including when we need to listen
for incoming connections when we might well not be root) this means we
use `podman run` instead.
Try to avoid using the terms container and image as though they're
interchangeable, which just creates confusion.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Clarify that --manifest also prepends localhost if no registry name is
included in the value, and check for duplicate values between tags and
the manifest name, which doesn't end well.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add the variant field, along with methods for setting and querying it,
and expose them in the `buildah config` and `buildah inspect` commands.
When setting an initial architecture for a container based on an image
which doesn't contain an architecture, or from "scratch", normalize the
architecture name we've been given, and set both it and the variant
field at the same time.
Provide normalized architecture+variant values in `buildah info`.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Following PR inroduces a new mount type=cache in parity to buildkit
which allows users to share persistant cache between different builds.
Allowing users to cache content generated by bussiness logic or enhance
build performance by caching components across builds.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
This duplicates https://github.com/containers/podman/pull/11889 which is
annoying, but there seems no easy way to avoid it. The
commands/examples have been 'translated' for Buildah.
Signed-off-by: Chris Evich <cevich@redhat.com>
The Containerfile man page says FROM must be the first statement
in the file. However, that is not true as the ARG instruction can proceed it.
Addresses: #3555
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Following commit adds support for using buildkit like
`--mount=type=bind` with `RUN` statements. Mounts created by `--mount`
are transient in nature and only scoped to current RUN statements.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Link file was miscreated as .containerfile rather then .containerignore.
We want man .containerignore and eventually man .dockerignore to point
to the containerignore.5.md man page.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a --all-platforms that instructs the builder to build for the
intersection of all platforms for which the build's base images are
available. Returns an error if any of them aren't references to
manifest lists. We've learned that we can't really trust architecture
and OS information stored in image config blobs, so we don't try to
salvage that case.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Lokesh Mandvekar
Aditya R
Valentin Rothberg
OpenShift Merge Robot
Daniel J Walsh
Nalin Dahyabhai
Doug Rabson
Ed Santiago
Morten Linderud
Giuseppe Scrivano
Erik Sjölund
Paul Holzinger
tomsweeneyredhat
Maximilien McDermott
Chris Evich
James Addison