From 781cff50784435e82ffb54073f6ac6dba44e0ad8 Mon Sep 17 00:00:00 2001 From: crazy-max <1951866+crazy-max@users.noreply.github.com> Date: Wed, 6 Mar 2024 15:30:43 +0000 Subject: [PATCH] vendor: github.com/docker/buildx v0.13.0 Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .../docker/buildx/docs/bake-reference.md | 53 ++++++++++++- _vendor/modules.txt | 6 +- data/buildx/docker_buildx.yaml | 2 + data/buildx/docker_buildx_build.yaml | 29 ++++++- data/buildx/docker_buildx_create.yaml | 75 ++++++++++++------- data/buildx/docker_buildx_debug_build.yaml | 2 +- data/buildx/docker_buildx_dial-stdio.yaml | 70 +++++++++++++++++ data/buildx/docker_buildx_rm.yaml | 6 +- go.mod | 8 +- go.sum | 2 + 10 files changed, 212 insertions(+), 41 deletions(-) create mode 100644 data/buildx/docker_buildx_dial-stdio.yaml diff --git a/_vendor/github.com/docker/buildx/docs/bake-reference.md b/_vendor/github.com/docker/buildx/docs/bake-reference.md index ef3ee44640..c10e8c1320 100644 --- a/_vendor/github.com/docker/buildx/docs/bake-reference.md +++ b/_vendor/github.com/docker/buildx/docs/bake-reference.md @@ -213,7 +213,7 @@ target "webapp" { The following table shows the complete list of attributes that you can assign to a target: | Name | Type | Description | -| ----------------------------------------------- | ------- | -------------------------------------------------------------------- | +|-------------------------------------------------|---------|----------------------------------------------------------------------| | [`args`](#targetargs) | Map | Build arguments | | [`annotations`](#targetannotations) | List | Exporter annotations | | [`attest`](#targetattest) | List | Build attestations | @@ -233,9 +233,11 @@ The following table shows the complete list of attributes that you can assign to | [`platforms`](#targetplatforms) | List | Target platforms | | [`pull`](#targetpull) | Boolean | Always pull images | | [`secret`](#targetsecret) | List | Secrets to expose to the build | +| [`shm-size`](#targetshm-size) | List | Size of `/dev/shm` | | [`ssh`](#targetssh) | List | SSH agent sockets or keys to expose to the build | | [`tags`](#targettags) | List | Image names and tags | | [`target`](#targettarget) | String | Target build stage | +| [`ulimits`](#targetulimits) | List | Ulimit options | ### `target.args` @@ -832,6 +834,29 @@ RUN --mount=type=secret,id=KUBECONFIG \ KUBECONFIG=$(cat /run/secrets/KUBECONFIG) helm upgrade --install ``` +### `target.shm-size` + +Sets the size of the shared memory allocated for build containers when using +`RUN` instructions. + +The format is ``. `number` must be greater than `0`. Unit is +optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` +(gigabytes). If you omit the unit, the system uses bytes. + +This is the same as the `--shm-size` flag for `docker build`. + +```hcl +target "default" { + shm-size = "128m" +} +``` + +> **Note** +> +> In most cases, it is recommended to let the builder automatically determine +> the appropriate configurations. Manual adjustments should only be considered +> when specific performance tuning is required for complex build scenarios. + ### `target.ssh` Defines SSH agent sockets or keys to expose to the build. @@ -878,6 +903,32 @@ target "default" { } ``` +### `target.ulimits` + +Ulimits overrides the default ulimits of build's containers when using `RUN` +instructions and are specified with a soft and hard limit as such: +`=[:]`, for example: + +```hcl +target "app" { + ulimits = [ + "nofile=1024:1024" + ] +} +``` + +> **Note** +> +> If you do not provide a `hard limit`, the `soft limit` is used +> for both values. If no `ulimits` are set, they are inherited from +> the default `ulimits` set on the daemon. + +> **Note** +> +> In most cases, it is recommended to let the builder automatically determine +> the appropriate configurations. Manual adjustments should only be considered +> when specific performance tuning is required for complex build scenarios. + ## Group Groups allow you to invoke multiple builds (targets) at once. diff --git a/_vendor/modules.txt b/_vendor/modules.txt index b496461ff2..1ad141cd35 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,6 +1,6 @@ # github.com/moby/moby v25.0.3-0.20240203133757-341a7978a541+incompatible -# github.com/moby/buildkit v0.13.0-beta3.0.20240201135300-d906167d0b34 -# github.com/docker/buildx v0.12.2-0.20240220084849-89154c7d3303 +# github.com/moby/buildkit v0.13.0 +# github.com/docker/buildx v0.13.0 # github.com/docker/scout-cli v1.4.1 -# github.com/docker/cli v25.0.4-0.20240221083216-f67e569a8fb9+incompatible +# github.com/docker/cli v26.0.0-rc1+incompatible # github.com/docker/compose/v2 v2.24.6 diff --git a/data/buildx/docker_buildx.yaml b/data/buildx/docker_buildx.yaml index 96a48e5cd6..972132ec77 100644 --- a/data/buildx/docker_buildx.yaml +++ b/data/buildx/docker_buildx.yaml @@ -8,6 +8,7 @@ cname: - docker buildx build - docker buildx create - docker buildx debug + - docker buildx dial-stdio - docker buildx du - docker buildx imagetools - docker buildx inspect @@ -22,6 +23,7 @@ clink: - docker_buildx_build.yaml - docker_buildx_create.yaml - docker_buildx_debug.yaml + - docker_buildx_dial-stdio.yaml - docker_buildx_du.yaml - docker_buildx_imagetools.yaml - docker_buildx_inspect.yaml diff --git a/data/buildx/docker_buildx_build.yaml b/data/buildx/docker_buildx_build.yaml index 73f60ea76a..bdfc4d9c24 100644 --- a/data/buildx/docker_buildx_build.yaml +++ b/data/buildx/docker_buildx_build.yaml @@ -453,7 +453,7 @@ options: - option: shm-size value_type: bytes default_value: "0" - description: Size of `/dev/shm` + description: Shared memory size for build containers details_url: '#shm-size' deprecated: false hidden: false @@ -613,7 +613,7 @@ examples: |- - `security.insecure` - Allows executions without sandbox. See [related Dockerfile extensions](/reference/dockerfile/#run---securitysandbox). - For entitlements to be enabled, the `buildkitd` daemon also needs to allow them + For entitlements to be enabled, the BuildKit daemon also needs to allow them with `--allow-insecure-entitlement` (see [`create --buildkitd-flags`](/reference/cli/docker/buildx/create/#buildkitd-flags)). ```console @@ -786,6 +786,7 @@ examples: |- ```json { + "buildx.build.ref": "mybuilder/mybuilder0/0fjb6ubs52xx3vygf6fgdl611", "containerimage.config.digest": "sha256:2937f66a9722f7f4a2df583de2f8cb97fc9196059a410e7f00072fc918930e66", "containerimage.descriptor": { "annotations": { @@ -882,6 +883,10 @@ examples: |- $ docker buildx build -t tonistiigi/foo -o type=registry ``` + > **Note ** + > + > Since BuildKit v0.13.0 multiple outputs can be specified by repeating the flag. + Supported exported types are: #### `local` @@ -1112,12 +1117,21 @@ examples: |- $ SECRET_TOKEN=token docker buildx build --secret id=SECRET_TOKEN . ``` - ### Size of /dev/shm (--shm-size) {#shm-size} + ### Shared memory size for build containers (--shm-size) {#shm-size} + + Sets the size of the shared memory allocated for build containers when using + `RUN` instructions. The format is ``. `number` must be greater than `0`. Unit is optional and can be `b` (bytes), `k` (kilobytes), `m` (megabytes), or `g` (gigabytes). If you omit the unit, the system uses bytes. + > **Note** + > + > In most cases, it is recommended to let the builder automatically determine + > the appropriate configurations. Manual adjustments should only be considered + > when specific performance tuning is required for complex build scenarios. + ### SSH agent socket or keys to expose to the build (--ssh) {#ssh} ```text @@ -1151,7 +1165,8 @@ examples: |- ### Set ulimits (--ulimit) {#ulimit} - `--ulimit` is specified with a soft and hard limit as such: + `--ulimit` overrides the default ulimits of build's containers when using `RUN` + instructions and are specified with a soft and hard limit as such: `=[:]`, for example: ```console @@ -1163,6 +1178,12 @@ examples: |- > If you don't provide a `hard limit`, the `soft limit` is used > for both values. If no `ulimits` are set, they're inherited from > the default `ulimits` set on the daemon. + + > **Note** + > + > In most cases, it is recommended to let the builder automatically determine + > the appropriate configurations. Manual adjustments should only be considered + > when specific performance tuning is required for complex build scenarios. deprecated: false hidden: false experimental: false diff --git a/data/buildx/docker_buildx_create.yaml b/data/buildx/docker_buildx_create.yaml index 09f00c44a1..a81f9f5a9c 100644 --- a/data/buildx/docker_buildx_create.yaml +++ b/data/buildx/docker_buildx_create.yaml @@ -43,9 +43,19 @@ options: experimentalcli: false kubernetes: false swarm: false + - option: buildkitd-config + value_type: string + description: BuildKit daemon config file + details_url: '#buildkitd-config' + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false - option: buildkitd-flags value_type: string - description: Flags for buildkitd daemon + description: BuildKit daemon flags details_url: '#buildkitd-flags' deprecated: false hidden: false @@ -55,10 +65,9 @@ options: swarm: false - option: config value_type: string - description: BuildKit config file - details_url: '#config' + description: BuildKit daemon config file deprecated: false - hidden: false + hidden: true experimental: false experimentalcli: false kubernetes: false @@ -153,29 +162,15 @@ examples: |- eager_beaver ``` - ### Specify options for the buildkitd daemon (--buildkitd-flags) {#buildkitd-flags} + ### Specify a configuration file for the BuildKit daemon (--buildkitd-config) {#buildkitd-config} ```text - --buildkitd-flags FLAGS + --buildkitd-config FILE ``` - Adds flags when starting the buildkitd daemon. They take precedence over the - configuration file specified by [`--config`](#config). See `buildkitd --help` - for the available flags. - - ```text - --buildkitd-flags '--debug --debugaddr 0.0.0.0:6666' - ``` - - ### Specify a configuration file for the buildkitd daemon (--config) {#config} - - ```text - --config FILE - ``` - - Specifies the configuration file for the buildkitd daemon to use. The configuration - can be overridden by [`--buildkitd-flags`](#buildkitd-flags). - See an [example buildkitd configuration file](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). + Specifies the configuration file for the BuildKit daemon to use. The + configuration can be overridden by [`--buildkitd-flags`](#buildkitd-flags). + See an [example BuildKit daemon configuration file](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). If you don't specify a configuration file, Buildx looks for one by default in: @@ -188,6 +183,36 @@ examples: |- will be copied into the container under `/etc/buildkit/certs` and configuration will be updated to reflect that. + ### Specify options for the BuildKit daemon (--buildkitd-flags) {#buildkitd-flags} + + ```text + --buildkitd-flags FLAGS + ``` + + Adds flags when starting the BuildKit daemon. They take precedence over the + configuration file specified by [`--buildkitd-config`](#buildkitd-config). See + `buildkitd --help` for the available flags. + + ```text + --buildkitd-flags '--debug --debugaddr 0.0.0.0:6666' + ``` + + #### BuildKit daemon network mode + + You can specify the network mode for the BuildKit daemon with either the + configuration file specified by [`--buildkitd-config`](#buildkitd-config) using the + `worker.oci.networkMode` option or `--oci-worker-net` flag here. The default + value is `auto` and can be one of `bridge`, `cni`, `host`: + + ```text + --buildkitd-flags '--oci-worker-net bridge' + ``` + + > **Note** + > + > Network mode "bridge" is supported since BuildKit v0.13 and will become the + > default in next v0.14. + ### Set the builder driver to use (--driver) {#driver} ```text @@ -231,8 +256,8 @@ examples: |- #### `remote` driver - Uses a remote instance of buildkitd over an arbitrary connection. With this - driver, you manually create and manage instances of buildkit yourself, and + Uses a remote instance of BuildKit daemon over an arbitrary connection. With + this driver, you manually create and manage instances of buildkit yourself, and configure buildx to point at it. Unlike `docker` driver, built images will not automatically appear in diff --git a/data/buildx/docker_buildx_debug_build.yaml b/data/buildx/docker_buildx_debug_build.yaml index 471ffd47cf..baf0d91bf0 100644 --- a/data/buildx/docker_buildx_debug_build.yaml +++ b/data/buildx/docker_buildx_debug_build.yaml @@ -430,7 +430,7 @@ options: - option: shm-size value_type: bytes default_value: "0" - description: Size of `/dev/shm` + description: Shared memory size for build containers deprecated: false hidden: false experimental: false diff --git a/data/buildx/docker_buildx_dial-stdio.yaml b/data/buildx/docker_buildx_dial-stdio.yaml new file mode 100644 index 0000000000..40a339ddc7 --- /dev/null +++ b/data/buildx/docker_buildx_dial-stdio.yaml @@ -0,0 +1,70 @@ +command: docker buildx dial-stdio +short: Proxy current stdio streams to builder instance +long: |- + dial-stdio uses the stdin and stdout streams of the command to proxy to the configured builder instance. + It is not intended to be used by humans, but rather by other tools that want to interact with the builder instance via BuildKit API. +usage: docker buildx dial-stdio +pname: docker buildx +plink: docker_buildx.yaml +options: + - option: platform + value_type: string + description: 'Target platform: this is used for node selection' + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false + - option: progress + value_type: string + default_value: quiet + description: Set type of progress output (auto, plain, tty). + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false +inherited_options: + - option: builder + value_type: string + description: Override the configured builder instance + deprecated: false + hidden: false + experimental: false + experimentalcli: false + kubernetes: false + swarm: false +examples: |- + Example go program that uses the dial-stdio command wire up a buildkit client. + This is for example use only and may not be suitable for production use. + + ```go + client.New(ctx, "", client.WithContextDialer(func(context.Context, string) (net.Conn, error) { + c1, c2 := net.Pipe() + cmd := exec.Command("docker", "buildx", "dial-stdio") + cmd.Stdin = c1 + cmd.Stdout = c1 + + if err := cmd.Start(); err != nil { + c1.Close() + c2.Close() + return nil, err + } + + go func() { + cmd.Wait() + c2.Close() + }() + + return c2 + })) + ``` +deprecated: false +hidden: false +experimental: false +experimentalcli: false +kubernetes: false +swarm: false + diff --git a/data/buildx/docker_buildx_rm.yaml b/data/buildx/docker_buildx_rm.yaml index 41566d6403..87892c3ed1 100644 --- a/data/buildx/docker_buildx_rm.yaml +++ b/data/buildx/docker_buildx_rm.yaml @@ -33,7 +33,7 @@ options: - option: keep-daemon value_type: bool default_value: "false" - description: Keep the buildkitd daemon running + description: Keep the BuildKit daemon running details_url: '#keep-daemon' deprecated: false hidden: false @@ -85,10 +85,10 @@ examples: |- $ docker buildx rm --all-inactive --force ``` - ### Keep the buildkitd daemon running (--keep-daemon) {#keep-daemon} + ### Keep the BuildKit daemon running (--keep-daemon) {#keep-daemon} Keep the BuildKit daemon running after the buildx context is removed. This is - useful when you manage buildkitd daemons and buildx contexts independently. + useful when you manage BuildKit daemons and buildx contexts independently. Only supported by the [`docker-container`](/build/drivers/docker-container/) and [`kubernetes`](/build/drivers/kubernetes/) drivers. diff --git a/go.mod b/go.mod index e1721106f2..578f2cb9a3 100644 --- a/go.mod +++ b/go.mod @@ -5,16 +5,16 @@ go 1.21 toolchain go1.21.1 require ( - github.com/docker/buildx v0.12.2-0.20240220084849-89154c7d3303 // indirect - github.com/docker/cli v25.0.4-0.20240221083216-f67e569a8fb9+incompatible // indirect + github.com/docker/buildx v0.13.0 // indirect + github.com/docker/cli v26.0.0-rc1+incompatible // indirect github.com/docker/compose/v2 v2.24.6 // indirect github.com/docker/scout-cli v1.4.1 // indirect - github.com/moby/buildkit v0.13.0-beta3.0.20240201135300-d906167d0b34 // indirect + github.com/moby/buildkit v0.13.0 // indirect github.com/moby/moby v25.0.3-0.20240203133757-341a7978a541+incompatible // indirect ) replace ( - github.com/docker/buildx => github.com/docker/buildx v0.12.2-0.20240220084849-89154c7d3303 + github.com/docker/buildx => github.com/docker/buildx v0.13.0 github.com/docker/cli => github.com/docker/cli v25.0.4-0.20240221083216-f67e569a8fb9+incompatible github.com/docker/compose/v2 => github.com/docker/compose/v2 v2.24.6 github.com/docker/scout-cli => github.com/docker/scout-cli v1.4.1 diff --git a/go.sum b/go.sum index 9d96f2ab30..795831b451 100644 --- a/go.sum +++ b/go.sum @@ -60,6 +60,8 @@ github.com/docker/buildx v0.12.2-0.20240126114058-d43cf8c2c6b4 h1:aEFpoxTw5LIRjN github.com/docker/buildx v0.12.2-0.20240126114058-d43cf8c2c6b4/go.mod h1:SBLnQH9q+77aVvpvS5LLIly9+nHVlwscl5GEegGMD5g= github.com/docker/buildx v0.12.2-0.20240220084849-89154c7d3303 h1:J34paheV5gSKezhnVzwT5WwRQgPzBLYAdCYAFPoEYfU= github.com/docker/buildx v0.12.2-0.20240220084849-89154c7d3303/go.mod h1:OoLv85M5U/p8TWyCINtEilyy0A0XTN9COQgmuE0bWhw= +github.com/docker/buildx v0.13.0 h1:nNbkgaxsWEZPX1P8yXN6dibAv7ADRMVqi0aohDFhLJY= +github.com/docker/buildx v0.13.0/go.mod h1:f2n6vggoX4sNNZ0XoRZ0Wtv6J1/rbDTabgdHtpW9NNM= github.com/docker/cli v24.0.2+incompatible h1:QdqR7znue1mtkXIJ+ruQMGQhpw2JzMJLRXp6zpzF6tM= github.com/docker/cli v24.0.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v24.0.4+incompatible h1:Y3bYF9ekNTm2VFz5U/0BlMdJy73D+Y1iAAZ8l63Ydzw=