We now use the golang error wrapping format specifier `%w` instead of
the deprecated github.com/pkg/errors package.
Signed-off-by: Sascha Grunert <sgrunert@redhat.com>
Teach `buildah build` and `buildah config` about the OS version and
features fields. We don't tend to use them on Linux, but they're in the
OCI and Docker config structures, so we need to be able to preserve and
manipulate their values, much as we do for variant information.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add the variant field, along with methods for setting and querying it,
and expose them in the `buildah config` and `buildah inspect` commands.
When setting an initial architecture for a container based on an image
which doesn't contain an architecture, or from "scratch", normalize the
architecture name we've been given, and set both it and the variant
field at the same time.
Provide normalized architecture+variant values in `buildah info`.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Users are not seeing Warnings when doing podman --remote build.
We need to wire the logrus messages all the way through the system.
Fixes: https://github.com/containers/buildah/issues/3537
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
The Docker manifest format doesn't currently support listing layers
compressed using zstd, so we trigger an error when we try to convert an
in-memory OCI manifest to the Docker format as a preliminary step in
reading the image's config blob in the Docker format.
Instead, first create a temporary copy of the manifest, and then force
the MIME types for all layers in the temporary copy of the manifest to
appear to be compressed using gzip. Both OCI and Docker formats will
accept the resulting manifest without issue. We throw the copy away
after we've read the config blob, so the wackiness should be contained.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Add a pkg/parse.PlatformsFromOptions() which understands a "variant"
value as an optional third value in an OS/ARCH[/VARIANT] argument value,
which accepts a comma-separated list of them, and which returns a list
of platforms.
Teach "from" and "pull" about the --platform option and add integration
tests for them, warning if --platform was given multiple values.
Add a define.BuildOptions.JobSemaphore which an imagebuildah executor
will use in preference to one that it might allocate for itself.
In main(), allocate a JobSemaphore if the number of jobs is not 0 (which
we treat as "unlimited", and continue to allow executors to do).
In addManifest(), take a lock on the manifest list's image ID so that we
don't overwrite changes that another thread might be making while we're
attempting to make changes to it. In main(), create an empty list if
the list doesn't already exist before we start down this path, so that
we don't get two threads trying to create that manifest list at the same
time later on. Two processes could still try to create the same list
twice, but it's an incremental improvement.
Finally, if we've been given multiple platforms to build for, run their
builds concurrently and gather up their results.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Since opencontainers/image-spec/pull/822/ the OCI spec supports two new
annotations to set the fully-qualified name and the digest of the base
image.
Signed-off-by: Valentin Rothberg <rothberg@redhat.com>
We want Info, Warning and Debug logrus messages to be writen to the
buildah stderr. this way when podman-remote is using build, it will
get the messages back on the client side.
[NO TESTS NEEDED] Since this will be tested in Podman.
Fixes: https://github.com/containers/buildah/issues/3214
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This PR removes the pkg/auth which brings in docker/docker
since it really is not needed, and was only there to help users
discover the settings of where the authfile was, when the environment
variables were set. Would almost never be of any value.
Move imagebuildah.BuildOptions to define.BuildOptions
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
healthcheck only works in Docker format, so when healthcheck is set in OCI format, warn user that it will be discarded
Signed-off-by: Ashley Cui <acui@redhat.com>
The image returned by UpdatedImage() doesn't have a reference, so
attempting to include the result's name in an error message causes a
crash. Assign it to a temporary variable first so that we can use the
name of the un-updated version in an error message.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1960
Approved by: TomSweeneyRedHat
Do not check disk for existence of volume.
If volume that ends with `-` is set in config, remove it.
If not, add it into config.
Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
Closes: #1767
Approved by: rhatdan
When using the --volume flag, ojects ending in "-" are checked if they exist on disk. If they exist on disk they are added as a volume. Otherwise, if the volume is already config'd, that volume is removed
examples:
if /testvol exists:
"--volume /testvol-" removes /testvol from the config.
if /testvol- exists:
"--volume /testvol-" adds /testvol- from the config.
Signed-off-by: Ashley Cui <ashleycui16@gmail.com>
Closes: #1670
Approved by: rhatdan
Skip our own attempt to expand variables in the SetEnv API, since we
need to let the Dockerfile parser be the only place that happens when
we're building using a Dockerfile.
Move the expansion logic to the CLI, and have it log an error when it
encounters a variable that it can't expand.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1607
Approved by: TomSweeneyRedHat
We only need to expand the passed-in value once, not once for every variable
that is set in the environment.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1607
Approved by: TomSweeneyRedHat
Add configuration methods for adding entries which will show up in a
committed image's history, both before and after the new layer that we
add while committing the image. Expose them from the CLI in the form of
a new --add-history option for the "add", "config", "copy", and "run"
commands.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1300
Approved by: rhatdan
When we set the Hostname to match the container id, we don't want to print
the warning, since the user did not request the hostname being set.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #1253
Approved by: vrothberg
Handle healthcheck configuration that imagebuilder picks up, and add CLI
flags to `buildah config` that allow the values to be set on the command
line.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #943
Approved by: TomSweeneyRedHat
Make sure that when attempting to diagnose an error, if we encounter an
error during the diagnostic attempt, we return the original error rather
than the error encountered in trying to diagnose it. Log that one.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #1072
Approved by: rhatdan
Hostname should be set to a random name if not set.
Workdir should default to "" not to "/"
If Volumes and Entrypoint are not set they should return NULL not []
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #958
Approved by: TomSweeneyRedHat
Now that we have a types.Image available in Builder.initConfig, we can
let it do the heavy work of converting configs to the v2s2 and OCI formats.
This requires us to cheat a bit with c/image/types.InformationOnly, but it
works out fine.
AFAICS this should have equivalent effect to the previous implementation,
except:
- Conversion from OCI will no longer crash if "Created" timestamps are missing.
- Conversion from v2s2 to OCI only uses the Config field, not ContainerConfig.
Considering the Docker deamon only ever uses Config for populating the
configuration of newly created containers in (docker create), this seems
good enough. But, to be honest, I'm not quite clear on the purpose of the
Config/ContainerConfig distinction in v2s2.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
When loading the manifest using a types.Image.Manifest,
we also get a manifest MIME type; don't just throw it away
and then guess as if the data was never available, just use it
directly (now that the loading is close enough for the throwing
away to be noticeable).
[Ultimately, this loads the manifest from a c/image/storage
backend, which calls manifest.GuessMIMEType anyway, so this
does not change behavior right now, but if the c/image/storage
backend ever changed to record MIME types, it would make a
difference. At the very least, we now run the heuristic once
instead of twice.]
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
Both callers of initConfig contain exactly the same code
to load the manifest and config; move it inside initConfig
now that initConfig has the necessary types.Image available.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
Both callers of initConfig use a types.Image to get a manifest and
config; so, preserve the types.Image and pass it to Builder.initConfig.
This does not change behavior (except for making the lifetime of
a types.Image a bit longer in one case), but it will allow moving the
manifest/config load into Builder.initConfig in the future.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
Notably this will use the manifest mediaType field, instead of the
config docker_version field, to detect Docker v2s2 images; again,
docker_version is cleared by buildah itself, so it can't be relied
to decide on the image format.
Anyway, centralizing the tricky heuristic and using a single one
everywhere seems preferable for consistency.
This also allows only searching for OCI annotations on known OCI
images, and that in turn allows us not to silently ignore errors
when parsing OCI manifests.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
... instead of silently ignoring failures to parse the manifest.
This does not change behavior, but it clearly delineates the
existing/scratch cases, and that which will allow us to better
handle errors in the future.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
The code apparently intended to use the OCI data to generate
a v2s2 config, instead it only generates the v2s2 config
if OCI parsing fails (from the results of the failed parsing).
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
Drop error returns from makeDockerV2S2Image and makeOCIv1Image, they
are always nil. Then drop the code which "handles" the errors
by silently ignoring them.
Right now that does not matter, but if make*Image ever did start
returning errors, the existing caller would silently ignore them
and record useless empty data.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
buildah itself clears docker_version in Builder.fixupConfig; so,
buildah-created v2s1 images do not pass this test
(buildah from buildah-created-v2s1) creates an image with empty
history, which causes (buildah commit) to complain about the mismatch
between history and layer DiffID list.
Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Closes: #776
Approved by: rhatdan
Add options to "buildah config" for setting comment, domainname, and
hostname configuration bits, and the comment in history items which
describe layers that we add, and tests for them. Add a test for the
--shell option while we're at it.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #641
Approved by: rhatdan
Podman commit needs the ability to set a comment and stop signal
when committing a container to an image. Adding set/get functions
for each.
Signed-off-by: baude <bbaude@redhat.com>
Closes: #560
Approved by: nalind
Also vendor in the latest imagebuilder code and all the packages
that come with it.
Note: imagebuilder.NewBuilderForReader has been removed from imagebuilder
so I had to split the function up into two different calls.
Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
Closes: #517
Approved by: rhatdan
When a v2s1 image is stored to disk, some of the layer blobs listed in
its manifest may be discarded as. Account for this.
Start treating a failure to decode v1compat information as a fatal error
instead of trying to fake it.
Tweak how we build the created-by field in history when generating one
from v2s1 information to better match what we see in v2s2 images.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #383
Approved by: rhatdan
Update to adjust to new types and method signatures in just-updated
vendored code.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #174
Approved by: rhatdan
Don't overwrite an image configuration's information about the source
image unless we're intending to create a new working container.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #141
Approved by: rhatdan
Add CommitOption option that to allow a caller to specify a creation
timestamp to use in images.
Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
Closes: #141
Approved by: rhatdan
Sascha Grunert
Daniel J Walsh
Nalin Dahyabhai
Valentin Rothberg
Josh Soref
Ashley Cui
Miloslav Trmač
Ashley Cui
Sascha Grunert
Zhou Hao
baude
Boaz Shuster