While it would make sense to add "from file" to complement "from env,"
(in the common case of `--file` or using the default), it wouldn't
provide any real value.
A simpler solution would have been looking for the existence of the
variable at the point where printing happens. It felt wrong
duplicating the logic. Executing the same logic (if it was extracted)
wouldn't be as bad, but still not ideal.
A 'correct' solution would be to explicitly track the source of each
definition, which would be clearer and more future-proof. It didn't
seem like this feature warranted that amount of engineering (with no
known features that might make use of it).
This implementation seemed like a fair compromise; none of the functions
are exported, and all have only one caller.
I also considered converting prefixing environment values with `env://`
so they could be thought of (and processed like) `cmd://` values. I
didn't think it would be viewed as a good solution.
Co-authored-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
Signed-off-by: Roberto Villarreal <rrjjvv@yahoo.com>
The environment variable `BUILDX_BAKE_FILE` (and optional variable
`BUILDX_BAKE_FILE_SEPARATOR`) can be used to specify one or more bake
files (similar to `compose`). This is mutually exclusive with`--file`
(which takes precedence).
This is done very early to ensure the values are treated just like
`--file`, e.g., participate in telemetry. This includes leaving
relative paths as-is, which deviates from `compose` (which makes them
absolute).
Signed-off-by: Roberto Villarreal <rrjjvv@yahoo.com>
If a type was explicitly provided, it will be displayed in the variable
listing. Inferred type names are not displayed, as they likely would
not match the user's intent.
Previously only `string` and `bool` default values were displayed in the
listing. All default values, regardless of type, are now displayed.
Signed-off-by: Roberto Villarreal <rrjjvv@yahoo.com>
Prior to this change, the following command emits the wrong image ID when buildx
uses the "docker-container" driver and Docker is configured with the
containerd-snapshotter.
$ docker buildx build --load --iidfile=img.txt
$ docker run --rm "$(cat img.txt)" echo hello
docker: Error response from daemon: No such image: sha256:4ac37e81e00f242010e42f3251094e47de6100e01d25e9bd0feac6b8906976df.
See 'docker run --help'.
The problem is that buildx is outputing the incorrect image ID in this scenario
(it's outputing the container image config digest, instead of the container
image digest used by the containerd-snapshotter).
This commit fixes this. See https://github.com/moby/moby/issues/45458.
Signed-off-by: Cesar Talledo <cesar.talledo@docker.com>
Broken in 11c84973ef. The section to skip
an empty input was accidentally removed when some code was refactored to
fix a separate issue.
This skips empty cache entries which allows disabling the `cache-from` and
`cache-to` entries from the command line overrides.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
There was a mixup between fs.read and ssh entitlements check.
Corrected behavior is that if bake definition requires default
SSH forwarding then "ssh" entitlement is needed. If it requires
SSH forwarding via fixed file path then "fs.read" entitlement is
needed for that path.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
This changes how the composable attributes are implemented and provides
various fixes to the first iteration.
Cache-from and cache-to now no longer print sensitive values that are
automatically added. These automatically added attributes are added when
the protobuf is created rather than at the time of parsing so they will
no longer be printed. If they are part of the original configuration
file, they will still be printed.
Empty strings will now be skipped. This was the original behavior and
composable attributes removed this functionality accidentally. This
functionality is now restored.
This also expands the available syntax that works with each of the
composable attributes. It is now possible to interleave the csv syntax
with the object syntax without any problems. The canonical form is still
the object syntax and variables are resolved according to that syntax.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
Because the test checked for combinedoutput, it
could contain internal warning messages in stderr.
JSON output is guaranteed in stdout.
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
CrazyMax