If errors for which os.IsExist() or os.IsNotExist() would have returned
true have been wrapped using fmt.Errorf()'s "%w" verb, os.IsExist() and
os.IsNotExist(), not having been retrofitted to use errors.Is(), will
return false.
Use errors.Is() to check if an error is an os.ErrExist or os.ErrNotExist
error instead of calling os.IsExist() or os.IsNotExist().
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
Any `buildah.BuilderOptions.DefaultEnv` values have been ignored since
the libary was changed to read them from the server-side configuration,
for the sake of podman remote builds. Update its godoc to note that and
stop setting it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Buildah `builds` are composed of various `stages`. That is each `stage` in a build is a `container`.
As of now buildah does not provides any `processLabel` and `mountLabel` to the stage containers which
results in `c/storage` assigning random generated `selinux` labels to each stage.
If each stage has its own unqiue `processLabel` and `mountLabel` stages cannot be mounted across each other
in the same build as `selinux` prevents that.
We get the `processLabel` and `mountLabel` of the first stage created by the executor ( label assigned by `c/stoage` )
and share it with all the other subsequent stages of the same build.
Signed-off-by: Aditya Rajan <arajan@redhat.com>
Podman uses the new netavark network stack. Buildah should be able to do
the same. Both projects should use the same networking code which was
move to c/common/libnetwork. The new network interface can use either
CNI or netvavark. Using the same code for podman and buildah is
important to ensure that both use the same backend. Mixing CNI and
netavark is not supported.
This also fixes some outstanding CNI issues, e.g. buildah trying to
connect all cni networks.
[NO NEW TESTS NEEDED]
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
This idea of this PR is to allow Podman to add a Podman
prefix to containers. This would allow it to keep track
of containers created by Podman and make it easier to remove
them when it wants to remove all.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Currently we are only wiring the logger into run_linux.go
Not into the Config section.
This PR is needed in order to update vendor in Podman.
https://github.com/containers/podman/pull/12375
[NO NEW TESTS NEEDED] Tests will be done in Podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a pkg/parse.PlatformsFromOptions() which understands a "variant"
value as an optional third value in an OS/ARCH[/VARIANT] argument value,
which accepts a comma-separated list of them, and which returns a list
of platforms.
Teach "from" and "pull" about the --platform option and add integration
tests for them, warning if --platform was given multiple values.
Add a define.BuildOptions.JobSemaphore which an imagebuildah executor
will use in preference to one that it might allocate for itself.
In main(), allocate a JobSemaphore if the number of jobs is not 0 (which
we treat as "unlimited", and continue to allow executors to do).
In addManifest(), take a lock on the manifest list's image ID so that we
don't overwrite changes that another thread might be making while we're
attempting to make changes to it. In main(), create an empty list if
the list doesn't already exist before we start down this path, so that
we don't get two threads trying to create that manifest list at the same
time later on. Two processes could still try to create the same list
twice, but it's an incremental improvement.
Finally, if we've been given multiple platforms to build for, run their
builds concurrently and gather up their results.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We want Info, Warning and Debug logrus messages to be writen to the
buildah stderr. this way when podman-remote is using build, it will
get the messages back on the client side.
[NO TESTS NEEDED] Since this will be tested in Podman.
Fixes: https://github.com/containers/buildah/issues/3214
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Add a --from option to `buildah add` and `buildah copy`, mirroring the
option for the Dockerfile instruction.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
We want to shrink the size of the import when importing pkg from
buildah. This should help us shrink the size of the golang bindings
in podman.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Reset back to v1.20.0-dev for the upstream branch.
Any 1.19.* releases should come out of that release branch.
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Golang built in functions like os.Create and others print the name of
the file system object when they fail. Wrapping them a second time
with the file system object, makes the error message look like crap
when reported to the user.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
refeactor the pullpollicy to its own package so that it can be imported on its own without deps like containers/storage, etc. this will help consuming podman's go bindings.
Signed-off-by: baude <bbaude@redhat.com>
What `go tool dist list` says the toolchain supports changes, so this
change removes these attempted cross-compile build targets.
* GOOS=darwin, GOARCH unspecified
* GOOS=darwin, GOARCH=386
Replace our use of slices of
github.com/opencontainers/runc/libcontainer/configs.Device structures
with a locally-defined type alias so that we can avoid importing the
package on non-Unixy systems. The result is not going to be a very
useful binary on non-Linux systems, but it helps ensure that our
subpackages won't break compilation for other projects who consume us as
a library.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Currently you can only do deterministic builds with commit command
this change will cause the metadata in the container image to be
epoch 0.
Next step is to save the data in the tar balls as 0.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
If PullOptions/BuilderOptions/CommitOptions/PushOptions includes a
MaxRetries value other than 0, retry operations except for (currently)
connection-refused, authentication, and no-such-repository/no-such-tag
errors, at a default-but-configurable interval of 5 seconds.
Set the default for `buildah pull/from/commit/push` to 3 retries at 2
second intervals.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
This is a rework of Qi Wang's patches.
Import package pkg/config from containers/common to read containers.conf
This patch allows users to specify default values stored in containers.conf
that will modify the behaviour of buildah tool.
Signed-off-by: Qi Wang <qiwan@redhat.com>
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #2011
Approved by: TomSweeneyRedHat
Thanks to Dmitry Smirnov @onlyjob for suggesting this tool.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1985
Approved by: TomSweeneyRedHat
(Replaces #1873 as it had lint issues that were timing out tests that I couldn't
track down easily)
Prior to this fix, if someone did `buildah bud --pull=false .` and the image in
the Containerfile's FROM statement was not local, the build would fail. The same
build on Docker will succeed. In Docker, when `--pull` is set to false, it only
pulls the image from the registry if there was not one locally. Buildah would never
pull the image and if the image was not locally available, it would throw an error.
In certain Kubernetes environments, this was especially troublesome.
To retain the old `--pull=false` functionality, I've created a new `--pull-never`
option that fails if an image is not locally available just like the old
`--pull=false` option used to do.
In addition, if there was a newer version of the image on the repository than
the one locally, the `--pull=true` option would not pull the image as it should
have, this corrects that.
Changes both the from and bud commands.
Addresses: #1675
Signed-off-by: TomSweeneyRedHat <tsweeney@redhat.com>
Closes: #1959
Approved by: rhatdan
Nalin Dahyabhai
Sascha Grunert
Aditya Rajan
Paul Holzinger
Daniel J Walsh
Kirill Shirinkin
TomSweeneyRedHat
baude
Brandon Lum