docker
/
buildx
mirror of https://github.com/docker/buildx.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

vendor: github.com/moby/buildkit 9b91d20 

Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2025-06-19 18:47:23 +02:00
parent d09eb752a5
commit 931e714919
No known key found for this signature in database
GPG Key ID: ADE44D8C9D44FBE4
4 changed files with 87 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@ -28,7 +28,7 @@ require (
github.com/hashicorp/hcl/v2 v2.23.0
github.com/in-toto/in-toto-golang v0.9.0
github.com/mitchellh/hashstructure/v2 v2.0.2
github.com/moby/buildkit v0.23.0
github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db // master
github.com/moby/go-archive v0.1.0
github.com/moby/sys/atomicwriter v0.1.0
github.com/moby/sys/mountinfo v0.7.2

4
go.sum
View File

@ -250,8 +250,8 @@ github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZX
github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
github.com/moby/buildkit v0.23.0 h1:HV+u7xM2IZhAjVautFR2l5FNhkxFR0jhF5ILXyc3398=
github.com/moby/buildkit v0.23.0/go.mod h1:v5jMDvQgUyidk3wu3NvVAAd5JJo83nfet9Gf/o0+EAQ=
github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db h1:ZzrDuG9G1A/RwJvuogNplxCEKsIUQh1CqEnqbOGFgKE=
github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db/go.mod h1:v5jMDvQgUyidk3wu3NvVAAd5JJo83nfet9Gf/o0+EAQ=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ=

120
vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go generated vendored
View File

@ -14,9 +14,20 @@ import (
)
const (
BuildKitBuildType = "https://mobyproject.org/buildkit@v1"
BuildKitBuildType1 = "https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md"
BuildKitBuildType02 = "https://mobyproject.org/buildkit@v1"
ProvenanceSLSA1 = ProvenanceSLSA("v1")
ProvenanceSLSA02 = ProvenanceSLSA("v0.2")
)
type ProvenanceSLSA string
var provenanceSLSAs = []ProvenanceSLSA{
ProvenanceSLSA1,
ProvenanceSLSA02,
}
type BuildConfig struct {
Definition []BuildStep `json:"llbDefinition,omitempty"`
DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
@ -80,18 +91,6 @@ type Sources struct {
Local []LocalSource
}
const (
ProvenanceSLSA1 = ProvenanceSLSA("v1")
ProvenanceSLSA02 = ProvenanceSLSA("v0.2")
)
type ProvenanceSLSA string
var provenanceSLSAs = []ProvenanceSLSA{
ProvenanceSLSA1,
ProvenanceSLSA02,
}
func (ps *ProvenanceSLSA) Validate() error {
if *ps == "" {
return errors.New("provenance SLSA version cannot be empty")
@ -188,16 +187,63 @@ type BuildKitComplete struct {
ResolvedDependencies bool `json:"resolvedDependencies"`
}
// ConvertSLSA02ToSLSA1 converts a SLSA 0.2 provenance predicate to a SLSA 1.0
// provenance predicate.
// FIXME: It should be the other way around when v1 is the default.
func ConvertSLSA02ToSLSA1(p02 *ProvenancePredicateSLSA02) *ProvenancePredicateSLSA1 {
if p02 == nil {
return nil
// ConvertToSLSA02 converts to a SLSA v0.2 provenance predicate.
func (p *ProvenancePredicateSLSA1) ConvertToSLSA02() *ProvenancePredicateSLSA02 {
var materials []slsa02.ProvenanceMaterial
for _, m := range p.BuildDefinition.ResolvedDependencies {
materials = append(materials, slsa02.ProvenanceMaterial{
URI: m.URI,
Digest: m.Digest,
})
}
var meta *ProvenanceMetadataSLSA02
if p.RunDetails.Metadata != nil {
meta = &ProvenanceMetadataSLSA02{
ProvenanceMetadata: slsa02.ProvenanceMetadata{
BuildInvocationID: p.RunDetails.Metadata.InvocationID,
BuildStartedOn: p.RunDetails.Metadata.StartedOn,
BuildFinishedOn: p.RunDetails.Metadata.FinishedOn,
Completeness: slsa02.ProvenanceComplete{
Parameters: p.RunDetails.Metadata.Completeness.Request,
Environment: true,
Materials: p.RunDetails.Metadata.Completeness.ResolvedDependencies,
},
Reproducible: p.RunDetails.Metadata.Reproducible,
},
BuildKitMetadata: p.RunDetails.Metadata.BuildKitMetadata,
Hermetic: p.RunDetails.Metadata.Hermetic,
}
}
return &ProvenancePredicateSLSA02{
ProvenancePredicate: slsa02.ProvenancePredicate{
Builder: slsa02.ProvenanceBuilder{
ID: p.RunDetails.Builder.ID,
},
BuildType: BuildKitBuildType02,
Materials: materials,
},
Invocation: ProvenanceInvocationSLSA02{
ConfigSource: slsa02.ConfigSource{
URI: p.BuildDefinition.ExternalParameters.ConfigSource.URI,
Digest: p.BuildDefinition.ExternalParameters.ConfigSource.Digest,
EntryPoint: p.BuildDefinition.ExternalParameters.ConfigSource.Path,
},
Parameters: p.BuildDefinition.ExternalParameters.Request,
Environment: Environment{
Platform: p.BuildDefinition.InternalParameters.BuilderPlatform,
},
},
BuildConfig: p.BuildDefinition.InternalParameters.BuildConfig,
Metadata: meta,
}
}
// ConvertToSLSA1 converts to a SLSA v1 provenance predicate.
func (p *ProvenancePredicateSLSA02) ConvertToSLSA1() *ProvenancePredicateSLSA1 {
var resolvedDeps []slsa1.ResourceDescriptor
for _, m := range p02.Materials {
for _, m := range p.Materials {
resolvedDeps = append(resolvedDeps, slsa1.ResourceDescriptor{
URI: m.URI,
Digest: m.Digest,
@ -206,45 +252,45 @@ func ConvertSLSA02ToSLSA1(p02 *ProvenancePredicateSLSA02) *ProvenancePredicateSL
buildDef := ProvenanceBuildDefinitionSLSA1{
ProvenanceBuildDefinition: slsa1.ProvenanceBuildDefinition{
BuildType: "https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md",
BuildType: BuildKitBuildType1,
ResolvedDependencies: resolvedDeps,
},
ExternalParameters: ProvenanceExternalParametersSLSA1{
ConfigSource: ProvenanceConfigSourceSLSA1{
URI: p02.Invocation.ConfigSource.URI,
Digest: p02.Invocation.ConfigSource.Digest,
Path: p02.Invocation.ConfigSource.EntryPoint,
URI: p.Invocation.ConfigSource.URI,
Digest: p.Invocation.ConfigSource.Digest,
Path: p.Invocation.ConfigSource.EntryPoint,
},
Request: p02.Invocation.Parameters,
Request: p.Invocation.Parameters,
},
InternalParameters: ProvenanceInternalParametersSLSA1{
BuildConfig: p02.BuildConfig,
BuilderPlatform: p02.Invocation.Environment.Platform,
BuildConfig: p.BuildConfig,
BuilderPlatform: p.Invocation.Environment.Platform,
},
}
var meta *ProvenanceMetadataSLSA1
if p02.Metadata != nil {
if p.Metadata != nil {
meta = &ProvenanceMetadataSLSA1{
BuildMetadata: slsa1.BuildMetadata{
InvocationID: p02.Metadata.BuildInvocationID,
StartedOn: p02.Metadata.BuildStartedOn,
FinishedOn: p02.Metadata.BuildFinishedOn,
InvocationID: p.Metadata.BuildInvocationID,
StartedOn: p.Metadata.BuildStartedOn,
FinishedOn: p.Metadata.BuildFinishedOn,
},
BuildKitMetadata: p02.Metadata.BuildKitMetadata,
Hermetic: p02.Metadata.Hermetic,
BuildKitMetadata: p.Metadata.BuildKitMetadata,
Hermetic: p.Metadata.Hermetic,
Completeness: BuildKitComplete{
Request: p02.Metadata.Completeness.Parameters,
ResolvedDependencies: p02.Metadata.Completeness.Materials,
Request: p.Metadata.Completeness.Parameters,
ResolvedDependencies: p.Metadata.Completeness.Materials,
},
Reproducible: p02.Metadata.Reproducible,
Reproducible: p.Metadata.Reproducible,
}
}
runDetails := ProvenanceRunDetailsSLSA1{
ProvenanceRunDetails: slsa1.ProvenanceRunDetails{
Builder: slsa1.Builder{
ID: p02.Builder.ID,
ID: p.Builder.ID,
// TODO: handle builder components versions
// Version: map[string]string{
// "buildkit": version.Version,

2
vendor/modules.txt vendored
View File

@ -447,7 +447,7 @@ github.com/mitchellh/go-wordwrap
# github.com/mitchellh/hashstructure/v2 v2.0.2
## explicit; go 1.14
github.com/mitchellh/hashstructure/v2
# github.com/moby/buildkit v0.23.0
# github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db
## explicit; go 1.23.0
github.com/moby/buildkit/api/services/control
github.com/moby/buildkit/api/types