vendor: github.com/moby/buildkit 9b91d20

Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
2025-06-19 18:47:23 +02:00 · 2025-06-19 18:47:23 +02:00 · 931e714919
parent d09eb752a5
commit 931e714919
4 changed files with 87 additions and 41 deletions
--- a/go.mod
+++ b/go.mod
@ -28,7 +28,7 @@ require (
 	github.com/hashicorp/hcl/v2 v2.23.0
 	github.com/in-toto/in-toto-golang v0.9.0
 	github.com/mitchellh/hashstructure/v2 v2.0.2
-	github.com/moby/buildkit v0.23.0
+	github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db // master
 	github.com/moby/go-archive v0.1.0
 	github.com/moby/sys/atomicwriter v0.1.0
 	github.com/moby/sys/mountinfo v0.7.2
--- a/go.sum
+++ b/go.sum
@ -250,8 +250,8 @@ github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZX
 github.com/mitchellh/hashstructure/v2 v2.0.2 h1:vGKWl0YJqUNxE8d+h8f6NJLcCJrgbhC4NcD46KavDd4=
 github.com/mitchellh/hashstructure/v2 v2.0.2/go.mod h1:MG3aRVU/N29oo/V/IhBX8GR/zz4kQkprJgF2EVszyDE=
 github.com/mitchellh/mapstructure v0.0.0-20150613213606-2caf8efc9366/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
-github.com/moby/buildkit v0.23.0 h1:HV+u7xM2IZhAjVautFR2l5FNhkxFR0jhF5ILXyc3398=
+github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db h1:ZzrDuG9G1A/RwJvuogNplxCEKsIUQh1CqEnqbOGFgKE=
-github.com/moby/buildkit v0.23.0/go.mod h1:v5jMDvQgUyidk3wu3NvVAAd5JJo83nfet9Gf/o0+EAQ=
+github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db/go.mod h1:v5jMDvQgUyidk3wu3NvVAAd5JJo83nfet9Gf/o0+EAQ=
 github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
 github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
 github.com/moby/go-archive v0.1.0 h1:Kk/5rdW/g+H8NHdJW2gsXyZ7UnzvJNOy6VKJqueWdcQ=
--- a/vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go
+++ b/vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go
@ -14,9 +14,20 @@ import (
 )
 const (
-	BuildKitBuildType = "https://mobyproject.org/buildkit@v1"
+	BuildKitBuildType1  = "https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md"
 	BuildKitBuildType02 = "https://mobyproject.org/buildkit@v1"
 	ProvenanceSLSA1  = ProvenanceSLSA("v1")
 	ProvenanceSLSA02 = ProvenanceSLSA("v0.2")
 )
 type ProvenanceSLSA string
 var provenanceSLSAs = []ProvenanceSLSA{
 	ProvenanceSLSA1,
 	ProvenanceSLSA02,
 }
 type BuildConfig struct {
 	Definition    []BuildStep              `json:"llbDefinition,omitempty"`
 	DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
@ -80,18 +91,6 @@ type Sources struct {
 	Local  []LocalSource
 }
 const (
 	ProvenanceSLSA1  = ProvenanceSLSA("v1")
 	ProvenanceSLSA02 = ProvenanceSLSA("v0.2")
 )
 type ProvenanceSLSA string
 var provenanceSLSAs = []ProvenanceSLSA{
 	ProvenanceSLSA1,
 	ProvenanceSLSA02,
 }
 func (ps *ProvenanceSLSA) Validate() error {
 	if *ps == "" {
 		return errors.New("provenance SLSA version cannot be empty")
@ -188,16 +187,63 @@ type BuildKitComplete struct {
 	ResolvedDependencies bool `json:"resolvedDependencies"`
 }
-// ConvertSLSA02ToSLSA1 converts a SLSA 0.2 provenance predicate to a SLSA 1.0
+// ConvertToSLSA02 converts to a SLSA v0.2 provenance predicate.
-// provenance predicate.
+func (p *ProvenancePredicateSLSA1) ConvertToSLSA02() *ProvenancePredicateSLSA02 {
-// FIXME: It should be the other way around when v1 is the default.
+	var materials []slsa02.ProvenanceMaterial
-func ConvertSLSA02ToSLSA1(p02 *ProvenancePredicateSLSA02) *ProvenancePredicateSLSA1 {
+	for _, m := range p.BuildDefinition.ResolvedDependencies {
-	if p02 == nil {
+		materials = append(materials, slsa02.ProvenanceMaterial{
-		return nil
+			URI:    m.URI,
 			Digest: m.Digest,
 		})
 	}
 	var meta *ProvenanceMetadataSLSA02
 	if p.RunDetails.Metadata != nil {
 		meta = &ProvenanceMetadataSLSA02{
 			ProvenanceMetadata: slsa02.ProvenanceMetadata{
 				BuildInvocationID: p.RunDetails.Metadata.InvocationID,
 				BuildStartedOn:    p.RunDetails.Metadata.StartedOn,
 				BuildFinishedOn:   p.RunDetails.Metadata.FinishedOn,
 				Completeness: slsa02.ProvenanceComplete{
 					Parameters:  p.RunDetails.Metadata.Completeness.Request,
 					Environment: true,
 					Materials:   p.RunDetails.Metadata.Completeness.ResolvedDependencies,
 				},
 				Reproducible: p.RunDetails.Metadata.Reproducible,
 			},
 			BuildKitMetadata: p.RunDetails.Metadata.BuildKitMetadata,
 			Hermetic:         p.RunDetails.Metadata.Hermetic,
 		}
 	}
 	return &ProvenancePredicateSLSA02{
 		ProvenancePredicate: slsa02.ProvenancePredicate{
 			Builder: slsa02.ProvenanceBuilder{
 				ID: p.RunDetails.Builder.ID,
 			},
 			BuildType: BuildKitBuildType02,
 			Materials: materials,
 		},
 		Invocation: ProvenanceInvocationSLSA02{
 			ConfigSource: slsa02.ConfigSource{
 				URI:        p.BuildDefinition.ExternalParameters.ConfigSource.URI,
 				Digest:     p.BuildDefinition.ExternalParameters.ConfigSource.Digest,
 				EntryPoint: p.BuildDefinition.ExternalParameters.ConfigSource.Path,
 			},
 			Parameters: p.BuildDefinition.ExternalParameters.Request,
 			Environment: Environment{
 				Platform: p.BuildDefinition.InternalParameters.BuilderPlatform,
 			},
 		},
 		BuildConfig: p.BuildDefinition.InternalParameters.BuildConfig,
 		Metadata:    meta,
 	}
 }
 // ConvertToSLSA1 converts to a SLSA v1 provenance predicate.
 func (p *ProvenancePredicateSLSA02) ConvertToSLSA1() *ProvenancePredicateSLSA1 {
 	var resolvedDeps []slsa1.ResourceDescriptor
-	for _, m := range p02.Materials {
+	for _, m := range p.Materials {
 		resolvedDeps = append(resolvedDeps, slsa1.ResourceDescriptor{
 			URI:    m.URI,
 			Digest: m.Digest,
@ -206,45 +252,45 @@ func ConvertSLSA02ToSLSA1(p02 *ProvenancePredicateSLSA02) *ProvenancePredicateSL
 	buildDef := ProvenanceBuildDefinitionSLSA1{
 		ProvenanceBuildDefinition: slsa1.ProvenanceBuildDefinition{
-			BuildType:            "https://github.com/moby/buildkit/blob/master/docs/attestations/slsa-definitions.md",
+			BuildType:            BuildKitBuildType1,
 			ResolvedDependencies: resolvedDeps,
 		},
 		ExternalParameters: ProvenanceExternalParametersSLSA1{
 			ConfigSource: ProvenanceConfigSourceSLSA1{
-				URI:    p02.Invocation.ConfigSource.URI,
+				URI:    p.Invocation.ConfigSource.URI,
-				Digest: p02.Invocation.ConfigSource.Digest,
+				Digest: p.Invocation.ConfigSource.Digest,
-				Path:   p02.Invocation.ConfigSource.EntryPoint,
+				Path:   p.Invocation.ConfigSource.EntryPoint,
 			},
-			Request: p02.Invocation.Parameters,
+			Request: p.Invocation.Parameters,
 		},
 		InternalParameters: ProvenanceInternalParametersSLSA1{
-			BuildConfig:     p02.BuildConfig,
+			BuildConfig:     p.BuildConfig,
-			BuilderPlatform: p02.Invocation.Environment.Platform,
+			BuilderPlatform: p.Invocation.Environment.Platform,
 		},
 	}
 	var meta *ProvenanceMetadataSLSA1
-	if p02.Metadata != nil {
+	if p.Metadata != nil {
 		meta = &ProvenanceMetadataSLSA1{
 			BuildMetadata: slsa1.BuildMetadata{
-				InvocationID: p02.Metadata.BuildInvocationID,
+				InvocationID: p.Metadata.BuildInvocationID,
-				StartedOn:    p02.Metadata.BuildStartedOn,
+				StartedOn:    p.Metadata.BuildStartedOn,
-				FinishedOn:   p02.Metadata.BuildFinishedOn,
+				FinishedOn:   p.Metadata.BuildFinishedOn,
 			},
-			BuildKitMetadata: p02.Metadata.BuildKitMetadata,
+			BuildKitMetadata: p.Metadata.BuildKitMetadata,
-			Hermetic:         p02.Metadata.Hermetic,
+			Hermetic:         p.Metadata.Hermetic,
 			Completeness: BuildKitComplete{
-				Request:              p02.Metadata.Completeness.Parameters,
+				Request:              p.Metadata.Completeness.Parameters,
-				ResolvedDependencies: p02.Metadata.Completeness.Materials,
+				ResolvedDependencies: p.Metadata.Completeness.Materials,
 			},
-			Reproducible: p02.Metadata.Reproducible,
+			Reproducible: p.Metadata.Reproducible,
 		}
 	}
 	runDetails := ProvenanceRunDetailsSLSA1{
 		ProvenanceRunDetails: slsa1.ProvenanceRunDetails{
 			Builder: slsa1.Builder{
-				ID: p02.Builder.ID,
+				ID: p.Builder.ID,
 				// TODO: handle builder components versions
 				// Version: map[string]string{
 				// 	"buildkit": version.Version,
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -447,7 +447,7 @@ github.com/mitchellh/go-wordwrap
 # github.com/mitchellh/hashstructure/v2 v2.0.2
 ## explicit; go 1.14
 github.com/mitchellh/hashstructure/v2
-# github.com/moby/buildkit v0.23.0
+# github.com/moby/buildkit v0.23.0-rc1.0.20250618182037-9b91d20367db
 ## explicit; go 1.23.0
 github.com/moby/buildkit/api/services/control
 github.com/moby/buildkit/api/types