From 5cfda7ed148189c2b554b88b067cad260566a103 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Thu, 31 Aug 2023 15:39:35 +0200 Subject: [PATCH] build: update buildkit vendor Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .../docs/attestations/slsa-definitions.md | 48 ++++++++++++++----- _vendor/modules.txt | 2 +- go.mod | 2 +- go.sum | 2 + 4 files changed, 40 insertions(+), 14 deletions(-) diff --git a/_vendor/github.com/moby/buildkit/docs/attestations/slsa-definitions.md b/_vendor/github.com/moby/buildkit/docs/attestations/slsa-definitions.md index 46e198efc1..313d8114f4 100644 --- a/_vendor/github.com/moby/buildkit/docs/attestations/slsa-definitions.md +++ b/_vendor/github.com/moby/buildkit/docs/attestations/slsa-definitions.md @@ -9,7 +9,9 @@ The provenance format generated by BuildKit is defined by the This page describes how BuildKit populate each field, and whether the field gets included when you generate attestations `mode=min` and `mode=max`. -## `builder.id` [(SLSA)](https://slsa.dev/provenance/v0.2#builder.id) +## `builder.id` + +Corresponds to [SLSA `builder.id`](https://slsa.dev/provenance/v0.2#builder.id). Included with `mode=min` and `mode=max`. @@ -23,7 +25,9 @@ The `builder.id` field is set to the URL of the build, if available. This value can be set using the `builder-id` attestation parameter. -## `buildType` [(SLSA)](https://slsa.dev/provenance/v0.2#buildType) +## `buildType` + +Corresponds to [SLSA `buildType`](https://slsa.dev/provenance/v0.2#buildType). Included with `mode=min` and `mode=max`. @@ -34,7 +38,9 @@ used to determine the structure of the provenance content. "buildType": "https://mobyproject.org/buildkit@v1", ``` -## `invocation.configSource` [(SLSA)](https://slsa.dev/provenance/v0.2#invocation.configSource) +## `invocation.configSource` + +Corresponds to [SLSA `invocation.configSource`](https://slsa.dev/provenance/v0.2#invocation.configSource). Included with `mode=min` and `mode=max`. @@ -58,7 +64,9 @@ object defines the context URL and its immutable digest in the `uri` and `digest For builds using a local frontend, such as a Dockerfile, the `entryPoint` field defines the path for the frontend file that initialized the build (`filename` frontend option). -## `invocation.parameters` [(SLSA)](https://slsa.dev/provenance/v0.2#invocation.parameters) +## `invocation.parameters` + +Corresponds to [SLSA `invocation.parameters`](https://slsa.dev/provenance/v0.2#invocation.parameters). Partially included with `mode=min`. @@ -108,7 +116,9 @@ The following fields are only included with `mode=max`: values are not included. - `ssh` defines the ssh forwards used during the build. -## `invocation.environment` [(SLSA)](https://slsa.dev/provenance/v0.2#invocation.environment) +## `invocation.environment` + +Corresponds to [SLSA `invocation.environment`](https://slsa.dev/provenance/v0.2#invocation.environment). Included with `mode=min` and `mode=max`. @@ -125,7 +135,9 @@ The only value BuildKit currently sets is the `platform` of the current build machine. Note that this is not necessarily the platform of the build result that can be determined from the `in-toto` subject field. -## `materials` [(SLSA)](https://slsa.dev/provenance/v0.2#materials) +## `materials` + +Corresponds to [SLSA `materials`](https://slsa.dev/provenance/v0.2#materials). Included with `mode=min` and `mode=max`. @@ -162,7 +174,9 @@ determine if the artifact has been updated compared to when the build ran. ], ``` -## `buildConfig` [(SLSA)](https://slsa.dev/provenance/v0.2#buildConfig) +## `buildConfig` + +Corresponds to [SLSA `buildConfig`](https://slsa.dev/provenance/v0.2#buildConfig). Only included with `mode=max`. @@ -212,7 +226,9 @@ field for every step. }, ``` -## `metadata.buildInvocationId` [(SLSA)](https://slsa.dev/provenance/v0.2#metadata.buildIncocationId) +## `metadata.buildInvocationId` + +Corresponds to [SLSA `metadata.buildInvocationId`](https://slsa.dev/provenance/v0.2#metadata.buildIncocationId). Included with `mode=min` and `mode=max`. @@ -227,7 +243,9 @@ versions of the image. }, ``` -## `metadata.buildStartedOn` [(SLSA)](https://slsa.dev/provenance/v0.2#metadata.buildStartedOn) +## `metadata.buildStartedOn` + +Corresponds to [SLSA `metadata.buildStartedOn`](https://slsa.dev/provenance/v0.2#metadata.buildStartedOn). Included with `mode=min` and `mode=max`. @@ -240,7 +258,9 @@ Timestamp when the build started. }, ``` -## `metadata.buildFinishedOn` [(SLSA)](https://slsa.dev/provenance/v0.2#metadata.buildFinishedOn) +## `metadata.buildFinishedOn` + +Corresponds to [SLSA `metadata.buildFinishedOn`](https://slsa.dev/provenance/v0.2#metadata.buildFinishedOn). Included with `mode=min` and `mode=max`. @@ -253,7 +273,9 @@ Timestamp when the build finished. }, ``` -## `metadata.completeness` [(SLSA)](https://slsa.dev/provenance/v0.2#metadata.completeness) +## `metadata.completeness` + +Corresponds to [SLSA `metadata.completeness`](https://slsa.dev/provenance/v0.2#metadata.completeness). Included with `mode=min` and `mode=max`. @@ -284,7 +306,9 @@ is true. }, ``` -## `metadata.reproducible` [(SLSA)](https://slsa.dev/provenance/v0.2#metadata.reproducible) +## `metadata.reproducible` + +Corresponds to [SLSA `metadata.reproducible`](https://slsa.dev/provenance/v0.2#metadata.reproducible). Defines if the build result is supposed to be byte-by-byte reproducible. This value can be set by the user with the `reproducible=true` attestation parameter. diff --git a/_vendor/modules.txt b/_vendor/modules.txt index 83d786bf6b..18dfa353ee 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,5 +1,5 @@ # github.com/moby/moby v24.0.5+incompatible -# github.com/moby/buildkit v0.12.1-0.20230824004934-4376f3861b05 +# github.com/moby/buildkit v0.12.1-0.20230830200556-05eb7287534b # github.com/docker/buildx v0.11.2 # github.com/docker/scout-cli v0.20.0 # github.com/docker/cli v24.0.5+incompatible diff --git a/go.mod b/go.mod index a0f083acc3..fc7c6d0857 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/docker/compose-cli v1.0.35 // indirect github.com/docker/distribution v2.8.2+incompatible // indirect github.com/docker/scout-cli v0.20.0 // indirect - github.com/moby/buildkit v0.12.1-0.20230824004934-4376f3861b05 // indirect + github.com/moby/buildkit v0.12.1-0.20230830200556-05eb7287534b // indirect github.com/moby/moby v24.0.5+incompatible // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc4 // indirect diff --git a/go.sum b/go.sum index 7d7cf4c08f..06fcf8db1b 100644 --- a/go.sum +++ b/go.sum @@ -99,6 +99,8 @@ github.com/moby/buildkit v0.12.1-0.20230717122532-faa0cc7da353 h1:/ZIwqvOF3QKObJ github.com/moby/buildkit v0.12.1-0.20230717122532-faa0cc7da353/go.mod h1:+n9GmkxwBCjVz4u7wmiyh+oqvjIjQM+1zk3iJrWfdos= github.com/moby/buildkit v0.12.1-0.20230824004934-4376f3861b05 h1:oXcA1w1cswNzFW5TH5QoaAJ2zskZlFNsL8IHo28G3Os= github.com/moby/buildkit v0.12.1-0.20230824004934-4376f3861b05/go.mod h1:BIvNtlrvok2xTC734ZNhQVGayvMB1Dz8bFuArWTLnnM= +github.com/moby/buildkit v0.12.1-0.20230830200556-05eb7287534b h1:VzIGQGWGnrDbzcQSJ28qTUAbNEtmszzuhUrzoqE/52Q= +github.com/moby/buildkit v0.12.1-0.20230830200556-05eb7287534b/go.mod h1:7/l0VKIyp1hBcGZF2hRpfBgvc0beQ9/hBWw7S+1JM0s= github.com/moby/buildkit v0.12.1 h1:vvMG7EZYCiQZpTtXQkvyeyj7HzT1JHhDWj+/aiGIzLM= github.com/moby/buildkit v0.12.1/go.mod h1:adB4y0SxxX8trnrY+oEulb48ODLqPO6pKMF0ppGcCoI= github.com/moby/buildkit v0.12.2 h1:B7guBgY6sfk4dBlv/ORUxyYlp0UojYaYyATgtNwSCXc=