From 8352a207128b9fe3bdd307d0029874cdf25342e9 Mon Sep 17 00:00:00 2001 From: David Karlsson <35727626+dvdksn@users.noreply.github.com> Date: Wed, 11 Oct 2023 12:23:40 +0200 Subject: [PATCH] vendor: github.com/moby/buildkit c444964c2e8fd3001facea5fcf29b8e8f1d6e18b Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com> --- .../moby/buildkit/docs/buildkitd.toml.md | 15 ++- .../frontend/dockerfile/docs/reference.md | 101 +----------------- _vendor/modules.txt | 2 +- go.mod | 2 +- go.sum | 4 + 5 files changed, 23 insertions(+), 101 deletions(-) diff --git a/_vendor/github.com/moby/buildkit/docs/buildkitd.toml.md b/_vendor/github.com/moby/buildkit/docs/buildkitd.toml.md index e3551af756..4650852ebf 100644 --- a/_vendor/github.com/moby/buildkit/docs/buildkitd.toml.md +++ b/_vendor/github.com/moby/buildkit/docs/buildkitd.toml.md @@ -22,6 +22,11 @@ insecure-entitlements = [ "network.host", "security.insecure" ] # log formatter: json or text format = "text" +[dns] + nameservers=["1.1.1.1","8.8.8.8"] + options=["edns0"] + searchDomains=["example.com"] + [grpc] address = [ "tcp://0.0.0.0:1234" ] # debugAddress is address for attaching go profiles and debuggers. @@ -54,6 +59,9 @@ insecure-entitlements = [ "network.host", "security.insecure" ] # running rootless buildkit inside a container. noProcessSandbox = false gc = true + # gckeepstorage can be an integer number of bytes (e.g. 512000000), a string + # with a unit (e.g. "512MB"), or a string percentage of the total disk + # space (e.g. "10%") gckeepstorage = 9000 # alternate OCI worker binary name(example 'crun'), by default either # buildkit-runc or runc binary is used @@ -89,7 +97,7 @@ insecure-entitlements = [ "network.host", "security.insecure" ] platforms = [ "linux/amd64", "linux/arm64" ] namespace = "buildkit" gc = true - # gckeepstorage sets storage limit for default gc profile, in MB. + # gckeepstorage sets storage limit for default gc profile, in bytes. gckeepstorage = 9000 # maintain a pool of reusable CNI network namespaces to amortize the overhead # of allocating and releasing the namespaces @@ -98,6 +106,11 @@ insecure-entitlements = [ "network.host", "security.insecure" ] [worker.containerd.labels] "foo" = "bar" + # configure the containerd runtime + [worker.containerd.runtime] + name = "io.containerd.runc.v2" + options = { BinaryName = "runc" } + [[worker.containerd.gcpolicy]] keepBytes = 512000000 keepDuration = 172800 diff --git a/_vendor/github.com/moby/buildkit/frontend/dockerfile/docs/reference.md b/_vendor/github.com/moby/buildkit/frontend/dockerfile/docs/reference.md index 8cb99da1a1..d4b34f3f98 100644 --- a/_vendor/github.com/moby/buildkit/frontend/dockerfile/docs/reference.md +++ b/_vendor/github.com/moby/buildkit/frontend/dockerfile/docs/reference.md @@ -334,104 +334,9 @@ that set `abc` to `bye`. ## .dockerignore file -Before the docker CLI sends the context to the docker daemon, it looks -for a file named `.dockerignore` in the root directory of the context. -If this file exists, the CLI modifies the context to exclude files and -directories that match patterns in it. This helps to avoid -unnecessarily sending large or sensitive files and directories to the -daemon and potentially adding them to images using `ADD` or `COPY`. - -The CLI interprets the `.dockerignore` file as a newline-separated -list of patterns similar to the file globs of Unix shells. For the -purposes of matching, the root of the context is considered to be both -the working and the root directory. For example, the patterns -`/foo/bar` and `foo/bar` both exclude a file or directory named `bar` -in the `foo` subdirectory of `PATH` or in the root of the git -repository located at `URL`. Neither excludes anything else. - -If a line in `.dockerignore` file starts with `#` in column 1, then this line is -considered as a comment and is ignored before interpreted by the CLI. - -Here is an example `.dockerignore` file: - -```gitignore -# comment -*/temp* -*/*/temp* -temp? -``` - -This file causes the following build behavior: - -| Rule | Behavior | -|:------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `# comment` | Ignored. | -| `*/temp*` | Exclude files and directories whose names start with `temp` in any immediate subdirectory of the root. For example, the plain file `/somedir/temporary.txt` is excluded, as is the directory `/somedir/temp`. | -| `*/*/temp*` | Exclude files and directories starting with `temp` from any subdirectory that is two levels below the root. For example, `/somedir/subdir/temporary.txt` is excluded. | -| `temp?` | Exclude files and directories in the root directory whose names are a one-character extension of `temp`. For example, `/tempa` and `/tempb` are excluded. | - - -Matching is done using Go's -[filepath.Match](https://golang.org/pkg/path/filepath#Match) rules. A -preprocessing step removes leading and trailing whitespace and -eliminates `.` and `..` elements using Go's -[filepath.Clean](https://golang.org/pkg/path/filepath/#Clean). Lines -that are blank after preprocessing are ignored. - -Beyond Go's filepath.Match rules, Docker also supports a special -wildcard string `**` that matches any number of directories (including -zero). For example, `**/*.go` will exclude all files that end with `.go` -that are found in all directories, including the root of the build context. - -Lines starting with `!` (exclamation mark) can be used to make exceptions -to exclusions. The following is an example `.dockerignore` file that -uses this mechanism: - -```gitignore -*.md -!README.md -``` - -All markdown files right under the context directory *except* `README.md` -are excluded from the context. Note that markdown files under subdirectories -are still included. - -The placement of `!` exception rules influences the behavior: the last -line of the `.dockerignore` that matches a particular file determines -whether it is included or excluded. Consider the following example: - -```gitignore -*.md -!README*.md -README-secret.md -``` - -No markdown files are included in the context except README files other than -`README-secret.md`. - -Now consider this example: - -```gitignore -*.md -README-secret.md -!README*.md -``` - -All of the README files are included. The middle line has no effect because -`!README*.md` matches `README-secret.md` and comes last. - -You can even use the `.dockerignore` file to exclude the `Dockerfile` -and `.dockerignore` files. These files are still sent to the daemon -because it needs them to do its job. But the `ADD` and `COPY` instructions -do not copy them to the image. - -Finally, you may want to specify which files to include in the -context, rather than which to exclude. To achieve this, specify `*` as -the first pattern, followed by one or more `!` exception patterns. - -> **Note** -> -> For historical reasons, the pattern `.` is ignored. +You can use `.dockerignore` file to exclude files and directories from the +build context. For more information, see +[.dockerignore file](https://docs.docker.com/build/building/context#dockerignore-files/). ## FROM diff --git a/_vendor/modules.txt b/_vendor/modules.txt index 12f60f2643..cd44b0dc8c 100644 --- a/_vendor/modules.txt +++ b/_vendor/modules.txt @@ -1,5 +1,5 @@ # github.com/moby/moby v24.0.5+incompatible -# github.com/moby/buildkit v0.12.1-0.20230830200556-05eb7287534b +# github.com/moby/buildkit v0.13.0-beta1.0.20231011101155-c444964c2e8f # github.com/docker/buildx v0.11.2 # github.com/docker/scout-cli v1.0.2 # github.com/docker/cli v24.0.5+incompatible diff --git a/go.mod b/go.mod index ed46c70783..bcf6f6aeda 100644 --- a/go.mod +++ b/go.mod @@ -11,7 +11,7 @@ require ( github.com/docker/compose-cli v1.0.35 // indirect github.com/docker/distribution v2.8.2+incompatible // indirect github.com/docker/scout-cli v1.0.2 // indirect - github.com/moby/buildkit v0.12.1-0.20230830200556-05eb7287534b // indirect + github.com/moby/buildkit v0.13.0-beta1.0.20231011101155-c444964c2e8f // indirect github.com/moby/moby v24.0.5+incompatible // indirect github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/image-spec v1.1.0-rc5 // indirect diff --git a/go.sum b/go.sum index 0058a14b0f..a8f74d91e4 100644 --- a/go.sum +++ b/go.sum @@ -119,6 +119,10 @@ github.com/moby/buildkit v0.12.1 h1:vvMG7EZYCiQZpTtXQkvyeyj7HzT1JHhDWj+/aiGIzLM= github.com/moby/buildkit v0.12.1/go.mod h1:adB4y0SxxX8trnrY+oEulb48ODLqPO6pKMF0ppGcCoI= github.com/moby/buildkit v0.12.2 h1:B7guBgY6sfk4dBlv/ORUxyYlp0UojYaYyATgtNwSCXc= github.com/moby/buildkit v0.12.2/go.mod h1:adB4y0SxxX8trnrY+oEulb48ODLqPO6pKMF0ppGcCoI= +github.com/moby/buildkit v0.13.0-beta1.0.20231011042751-9ef1ed946118 h1:pqpcLt3wJTqBEY8Va3QQvd+taaBTEmK2+1kV7LKc69k= +github.com/moby/buildkit v0.13.0-beta1.0.20231011042751-9ef1ed946118/go.mod h1:oSHnUZH7sNtAFLyeN1syf46SuzMThKsCQaioNEqJVUk= +github.com/moby/buildkit v0.13.0-beta1.0.20231011101155-c444964c2e8f h1:CEiXZq08D7vLOnEDl7XY95zbupdWOJrRLb1VeZ+Hxq8= +github.com/moby/buildkit v0.13.0-beta1.0.20231011101155-c444964c2e8f/go.mod h1:oSHnUZH7sNtAFLyeN1syf46SuzMThKsCQaioNEqJVUk= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/moby v24.0.2+incompatible h1:yH+5dRHH1x3XRKzl1THA2aGTy6CHYnkt5N924ADMax8= github.com/moby/moby v24.0.2+incompatible/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=