Use digests of the added content in history entries that we create for
ADD and COPY instructions, tightening up cache checking just a little
bit more.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1792
Approved by: TomSweeneyRedHat
Add a DryRun flag to AddAndCopyOptions, so that we can "copy" content to
digest it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1792
Approved by: TomSweeneyRedHat
Teach copyFileWithTar() about symbolic links and directories, and use it
to produce tar data to feed to untar() instead of special-casing them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1785
Approved by: vrothberg
This commit enabled the `unparam` linter and applies all reported issues.
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
Closes: #1719
Approved by: rhatdan
when there are excludes defined (such as from .dockerignore), we take
a slow path and walk each file in the directory. If the files doesn't
match any exclusion pattern then it is copied into the container.
This is slow as each file requires buildah to re-exec and copy it from
a chroot environment.
When there are no excludes defined we can take a faster path and copy
the entire directory as a single re-exec operation.
Closes: https://github.com/containers/buildah/issues/1714
Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
Closes: #1715
Approved by: rhatdan
Fix handling of ID mapping for COPY: when copying from other containers,
use their mappings, and when copying from the host, use host mappings.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1630
Approved by: TomSweeneyRedHat
on 32-bit systems, we had type mismatches when creating a
syscall.timespec.
resolves#1629
Signed-off-by: baude <bbaude@redhat.com>
Closes: #1631
Approved by: rhatdan
Use a fileutiles.PatternMatcher, which works better for this case than
filepath.Match, to check if an item that we're copying is marked for
exclusion by .dockerignore.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1626
Approved by: TomSweeneyRedHat
If we fail to create a symbolic link because the destination already
exists, attempt to remove the destination.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1623
Approved by: giuseppe
Checks to see if the $HOME envvar has been set
and if not, trys to set it as best as possible.
Fixes: #1592
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1594
Approved by: rhatdan
When filtering copying/adding operations to comply with a .dockerignore
file, we should directly handle copying directories and symbolic links.
This update still returns an error when attempting to copy
non-directory, non-regular items.
Make DockerIgnoreHelper() private, since it's not being used by packages
that use us, and I expect it to be removed when this gets refactored.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1583
Approved by: rhatdan
Fix the destination file path if .dockerignore is not empty. Avoid copying the source directory level into the container.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1533
Approved by: rhatdan
my former PR #1403 didn't take into account the directory path in .dockerignore. `buildah bud` should be able to exclude the whole folder and keep
some files under the folder according to the patterns in .dockerignore.
```
// .dockerignore
test*
!*/test1*
```
should exclude `./testdir/test2.txt` but copy `./testdir/test1.txt`
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1478
Approved by: rhatdan
We don't want to vendor anything from libpod into Buildah.
We want to switch this around. Moving pkg content from libpod
to Buildah allows us to fix this.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1400
Approved by: giuseppe
export fields in DockerIgnore struct for implementing the dockerignore in libpod
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1431
Approved by: rhatdan
Exclude(or copy,add) files match with patterns in .dockerignore when bud with ADD or COPY in Dockerfile.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Closes: #1403
Approved by: TomSweeneyRedHat
Make sure that when attempting to diagnose an error, if we encounter an
error during the diagnostic attempt, we return the original error rather
than the error encountered in trying to diagnose it. Log that one.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1072
Approved by: rhatdan
Users expect to be able to use Symbolic links in the
ADD and COPY commands in Dockerfiles. We need to evaluate
these and pull in the correct content.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1007
Approved by: nalind
Break runSetupIntermediateMountNamespace() into its own package.
Move stringInSlice(), getHostIDs(), and getHostRootIDs() into the util
subdirectory and export them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #796
Approved by: rhatdan
Add a field to AddOrCopyOptions that can take an io.Writer, more often a
hash.Hash returned by digest.Digester's Hash() method, to calculate a
sum over what we add or copy.
Make the help output summarizing the arguments that "buildah add" and
"buildah copy" accept more closely match their man pages.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #766
Approved by: rhatdan
In Run(), when the userspec doesn't specify a group, if the specified
user has supplemental group memberships, pass them along to the runtime.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
Use ID mapping information when setting permissions on content that we
add to the container, and on secrets that we copy in, on pipes that we
use for stdio, and when extracting the whole filesystem as a "layer".
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
Add options to the CLI that specify which cgroups we execute "run"
commands under, and controlling how we set up namespaces for them.
Pass them down to Builders that we create, and allow them to be
overridden by options passed to Builder.Run().
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #700
Approved by: rhatdan
I have made a subpackage of libpod to handle chrootuser,
using the user code from buildah.
This patch removes user handling from buildah and uses
projectatomic/libpod/pkg/chrootuser
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #377
Approved by: nalind
buildah bud was not setting the mount label on the image
so SELinux in enforcing mode is blocking writing to the image
This patch also fixes a similar problem with the `buildah mount`
command
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #332
Approved by: TomSweeneyRedHat
Use Errorf() from 'errors' rather than 'fmt' to help with stack traces.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #130
Approved by: rhatdan
Impove error reporting by wrapping all returned err functions with
error.Wrapf
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #124
Approved by: nalind
Signed-off-by: Dan Walsh <dwalsh@redhat.com>
Closes: #125
Approved by: nalind
Maintain the container configuration in multiple formats in the Buildah
object, initializing one based on the other, depending on which format
the source image used for its configuration.
Replace directly manipulated fields in the Buildah object (Annotations,
CreatedBy, OS, Architecture, Maintainer, User, Workdir, Env, Cmd,
Entrypoint, Expose, Labels, and Volumes) with accessor functions which
update both configurations and which read from whichever one we consider
to be authoritative. Drop Args because we weren't using them.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #102
Approved by: rhatdan
When saving the contents of a URL to a local file, attempt to set mtime
based on the response's Last-Modified header, if there is one.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #58
Approved by: nalind
When the destination for an ADD or COPY operation ends with a path
separator, take that as an indicator that the destination should be a
directory, that we should create it if it doesn't already exist, and
that any files we're copying should be placed in the directory.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #56
Approved by: rhatdan
When copying or adding a source directory, copy the directory's contents
to the destination directory, to better match Dockerfile COPY behavior.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #50
Approved by: rhatdan
In Copy(), instead of flagging a container not being mounted as an
error, do what we do in Run(), which is to mount it first and then
unmount when we're done.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Change copy behavior so that the destination can be a file rather than a
directory if we're copying a single item.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Always make sure the working directory exists before attempting to run
anything inside of it, and before attempting to copy contents into it or
one of its subdirectories.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Use the chrootarchive package instead of the archive package in the
implementation of "add", in an attempt to avoid problems with tarballs
with unusual paths in their headers.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Simplify our implementation of copy/add to always assume that the
destination location will be a directory. Trying to be cleverer, like
cp is, would just be confusing.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add "add" and "copy" CLI commands, which end up calling the same buildah
method, differing only in whether or not they tell it to attempt to
extract local sources when those sources appear to be archive files
("add" does, "copy" does not).
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Nalin Dahyabhai
Sascha Grunert
Giuseppe Scrivano
Eric Hripko
baude
TomSweeneyRedHat
Qi Wang
Daniel J Walsh
Fabio Bertinatto