Allow end users to remove default identity labels if they want to.
Since there are instances where images can be reproduced across version
hence users must have option to suppress default labels.
Closes: https://github.com/containers/buildah/issues/3826
Signed-off-by: Aditya R <arajan@redhat.com>
Enforce alphabetical ordering of command-line options in
man pages. Not as simple as with podman, because conventions
are different.
Reference: https://github.com/containers/podman/pull/13625
Signed-off-by: Ed Santiago <santiago@redhat.com>
Users want to turn off addition of /etc/hosts file while building
container images, this would allow them to customize the /etc/hosts
file within the image.
Fixes: https://github.com/containers/buildah/issues/3808
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
These where moved to buildah but because they are useful for podman and
the other tooling they are moved back into the common project.
Partially reverts a9e66ec72b
Signed-off-by: Morten Linderud <morten@linderud.pw>
allow to override the cgroup manager with a global option
--cgroup-manager=MANAGER that has the same semantic as Podman.
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
The backend logic already supports specifying custom network names. This
only adds the support for the frontend parsing.
Fixescontainers/podman#12282
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Per @edsantiago 's suggestion, make the pull commands consistent, always
accepting a value. Currently we have:
--pull
--pull=true
--pull=false
--pull-never
--pull-always
With this changes, we will only have pull with a variety of options,
ala:
--pull
--pull=true
--pull=false
--pull=never
--pull=always
For backward compatibility, the --pull-never and --pull-always
options will remain operational, however they are not documented
and are conisdered deprecated.
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
The current wording doesn't clearly state that volumes specified using
-v are only a factor when executing RUN instructions.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We need to use the default from containers.conf and not hardcode them in
buildah. This fixes an issue with the cni network backend since it would
try to access /etc/cni/net.d/ even as rootless user. This regression was
introduced in commit f9cff07b81.
Also hide the cni flags as we do not expect users to change this. The
recommended way is to change them in containers.conf.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Following commit adds buildkit like support for `from` field to `--mount=type=bind`
and `--mount=type=cache` so images and stage can be used as mount source.
Usage looks like
```dockerfile
RUN --mount=type=bind,source=.,from=<your-image>,target=/path ls /path
```
and
```dockerfile
RUN --mount=type=cache,from=<your-image>,target=/path ls /path
```
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Update tutorials to not expect `buildah run` to do anything if it isn't
given a command to run. In some cases (including when we need to listen
for incoming connections when we might well not be root) this means we
use `podman run` instead.
Try to avoid using the terms container and image as though they're
interchangeable, which just creates confusion.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Clarify that --manifest also prepends localhost if no registry name is
included in the value, and check for duplicate values between tags and
the manifest name, which doesn't end well.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add the variant field, along with methods for setting and querying it,
and expose them in the `buildah config` and `buildah inspect` commands.
When setting an initial architecture for a container based on an image
which doesn't contain an architecture, or from "scratch", normalize the
architecture name we've been given, and set both it and the variant
field at the same time.
Provide normalized architecture+variant values in `buildah info`.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Following PR inroduces a new mount type=cache in parity to buildkit
which allows users to share persistant cache between different builds.
Allowing users to cache content generated by bussiness logic or enhance
build performance by caching components across builds.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
This duplicates https://github.com/containers/podman/pull/11889 which is
annoying, but there seems no easy way to avoid it. The
commands/examples have been 'translated' for Buildah.
Signed-off-by: Chris Evich <cevich@redhat.com>
The Containerfile man page says FROM must be the first statement
in the file. However, that is not true as the ARG instruction can proceed it.
Addresses: #3555
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Following commit adds support for using buildkit like
`--mount=type=bind` with `RUN` statements. Mounts created by `--mount`
are transient in nature and only scoped to current RUN statements.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Link file was miscreated as .containerfile rather then .containerignore.
We want man .containerignore and eventually man .dockerignore to point
to the containerignore.5.md man page.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a --all-platforms that instructs the builder to build for the
intersection of all platforms for which the build's base images are
available. Returns an error if any of them aren't references to
manifest lists. We've learned that we can't really trust architecture
and OS information stored in image config blobs, so we don't try to
salvage that case.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
add two new flags to "buildah push" to allow tweaking the compression
format for the data layers.
The flag --compression-format allows users to specify the compression
algorithm to use.
With --compression-level it is possible to tweak the compression
level.
An image usage for partial pulls can be pushed with:
$ buildah push --compression-format zstd:chunked FOO
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Also do some minor re-formatting of the `LIMITATIONS` section. Reducing
the line-length, and formatting each paragraph into a bullet-item.
Signed-off-by: Chris Evich <cevich@redhat.com>
Currently buildah images does not have an easy way to get the epoch
creation time. This field is available in `podman images` as the
Created field. Adding to buildah images to make it consistent.
Fixes: https://github.com/containers/buildah/issues/3478
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
When we're told to add built images to a manifest list, manipulate the
list ourselves, so that if we're creating a list, we won't have a
partially-populated list if some of the builds fail.
This also lets us include all of the platform information (including
variant info, which we can't sniff out after the fact) that we were
given when we started building the images.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Move multiple-platform build juggling logic from the CLI wrapper
directly into the imagebuildah package, to make using it easier for
packages that consume us as a library.
This requires reading Dockerfiles into byte slices so that we can
re-parse them for each per-platform build, rather than parsing them
directly, as we used to, since building modifies the parsed tree.
When building for multiple platforms, prefix progress log messages with
the platform description.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Allow ssh socket from host or certain ssh keys to be exposed to a
certain RUN instruction, but not any other instructions, as well as not
showing up in the final image.
This is done by spawining a new agent from buildah and mounting
the listening socket inside the run. SSH_AUTH_SOCK inside the container
will be set to the socket mountpoint. The defualt mountpoint is
/run/buildkit/ssh_agent.{i}
Signed-off-by: Ashley Cui <acui@redhat.com>
Add a pkg/parse.PlatformsFromOptions() which understands a "variant"
value as an optional third value in an OS/ARCH[/VARIANT] argument value,
which accepts a comma-separated list of them, and which returns a list
of platforms.
Teach "from" and "pull" about the --platform option and add integration
tests for them, warning if --platform was given multiple values.
Add a define.BuildOptions.JobSemaphore which an imagebuildah executor
will use in preference to one that it might allocate for itself.
In main(), allocate a JobSemaphore if the number of jobs is not 0 (which
we treat as "unlimited", and continue to allow executors to do).
In addManifest(), take a lock on the manifest list's image ID so that we
don't overwrite changes that another thread might be making while we're
attempting to make changes to it. In main(), create an empty list if
the list doesn't already exist before we start down this path, so that
we don't get two threads trying to create that manifest list at the same
time later on. Two processes could still try to create the same list
twice, but it's an incremental improvement.
Finally, if we've been given multiple platforms to build for, run their
builds concurrently and gather up their results.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Aditya R
Ed Santiago
Daniel J Walsh
Morten Linderud
Giuseppe Scrivano
OpenShift Merge Robot
Erik Sjölund
Paul Holzinger
tomsweeneyredhat
Nalin Dahyabhai
Maximilien McDermott
Chris Evich
James Addison
Mario Loriedo
Reinhard Tartler
Reinhard Tartler
Kirill Shirinkin
openshift-ci[bot]
Ashley Cui