diff --git a/builder/builder-next/builder.go b/builder/builder-next/builder.go index 6876f8f0c0..97cdfc62d2 100644 --- a/builder/builder-next/builder.go +++ b/builder/builder-next/builder.go @@ -3,6 +3,7 @@ package buildkit import ( "context" "io" + "net" "strings" "sync" "time" @@ -15,21 +16,29 @@ import ( "github.com/docker/docker/daemon/images" "github.com/docker/docker/pkg/streamformatter" "github.com/docker/docker/pkg/system" + "github.com/docker/libnetwork" controlapi "github.com/moby/buildkit/api/services/control" "github.com/moby/buildkit/control" "github.com/moby/buildkit/identity" "github.com/moby/buildkit/session" + "github.com/moby/buildkit/solver/llbsolver" + "github.com/moby/buildkit/util/entitlements" "github.com/moby/buildkit/util/tracing" "github.com/pkg/errors" "golang.org/x/sync/errgroup" grpcmetadata "google.golang.org/grpc/metadata" ) +func init() { + llbsolver.AllowNetworkHostUnstable = true +} + // Opt is option struct required for creating the builder type Opt struct { - SessionManager *session.Manager - Root string - Dist images.DistributionServices + SessionManager *session.Manager + Root string + Dist images.DistributionServices + NetworkController libnetwork.NetworkController } // Builder can build using BuildKit backend @@ -228,6 +237,20 @@ func (b *Builder) Build(ctx context.Context, opt backend.BuildConfig) (*builder. frontendAttrs["platform"] = opt.Options.Platform } + switch opt.Options.NetworkMode { + case "host", "none": + frontendAttrs["force-network-mode"] = opt.Options.NetworkMode + case "", "default": + default: + return nil, errors.Errorf("network mode %q not supported by buildkit", opt.Options.NetworkMode) + } + + extraHosts, err := toBuildkitExtraHosts(opt.Options.ExtraHosts) + if err != nil { + return nil, err + } + frontendAttrs["add-hosts"] = extraHosts + exporterAttrs := map[string]string{} if len(opt.Options.Tags) > 0 { @@ -243,6 +266,10 @@ func (b *Builder) Build(ctx context.Context, opt backend.BuildConfig) (*builder. Session: opt.Options.SessionID, } + if opt.Options.NetworkMode == "host" { + req.Entitlements = append(req.Entitlements, entitlements.EntitlementNetworkHost) + } + aux := streamformatter.AuxFormatter{Writer: opt.ProgressWriter.Output} eg, ctx := errgroup.WithContext(ctx) @@ -424,3 +451,19 @@ func (j *buildJob) SetUpload(ctx context.Context, rc io.ReadCloser) error { return fn(rc) } } + +// toBuildkitExtraHosts converts hosts from docker key:value format to buildkit's csv format +func toBuildkitExtraHosts(inp []string) (string, error) { + if len(inp) == 0 { + return "", nil + } + hosts := make([]string, 0, len(inp)) + for _, h := range inp { + parts := strings.Split(h, ":") + if len(parts) != 2 || parts[0] == "" || net.ParseIP(parts[1]) == nil { + return "", errors.Errorf("invalid host %s", h) + } + hosts = append(hosts, parts[0]+"="+parts[1]) + } + return strings.Join(hosts, ","), nil +} diff --git a/builder/builder-next/controller.go b/builder/builder-next/controller.go index c97f941bad..9794f5f5c7 100644 --- a/builder/builder-next/controller.go +++ b/builder/builder-next/controller.go @@ -90,7 +90,7 @@ func newController(rt http.RoundTripper, opt Opt) (*control.Controller, error) { return nil, err } - exec, err := newExecutor(root) + exec, err := newExecutor(root, opt.NetworkController) if err != nil { return nil, err } diff --git a/builder/builder-next/executor_unix.go b/builder/builder-next/executor_unix.go index da54473dd1..8ca1f85de0 100644 --- a/builder/builder-next/executor_unix.go +++ b/builder/builder-next/executor_unix.go @@ -3,15 +3,113 @@ package buildkit import ( + "fmt" "path/filepath" + "sync" + "github.com/docker/libnetwork" "github.com/moby/buildkit/executor" "github.com/moby/buildkit/executor/runcexecutor" + "github.com/moby/buildkit/identity" + "github.com/moby/buildkit/util/network" + "github.com/pkg/errors" + "github.com/sirupsen/logrus" ) -func newExecutor(root string) (executor.Executor, error) { +const networkName = "bridge" + +func init() { + // FIXME: https://github.com/moby/moby/issues/37676 + runcexecutor.DisableSubReaper() +} + +func newExecutor(root string, net libnetwork.NetworkController) (executor.Executor, error) { return runcexecutor.New(runcexecutor.Opt{ Root: filepath.Join(root, "executor"), CommandCandidates: []string{"docker-runc", "runc"}, - }) + }, &bridgeProvider{NetworkController: net}) +} + +type bridgeProvider struct { + libnetwork.NetworkController +} + +func (p *bridgeProvider) NewInterface() (network.Interface, error) { + n, err := p.NetworkByName(networkName) + if err != nil { + return nil, err + } + + iface := &lnInterface{ready: make(chan struct{})} + iface.Once.Do(func() { + go iface.init(p.NetworkController, n) + }) + + return iface, nil +} + +func (p *bridgeProvider) Release(iface network.Interface) error { + go func() { + if err := p.release(iface); err != nil { + logrus.Errorf("%s", err) + } + }() + return nil +} + +func (p *bridgeProvider) release(iface network.Interface) error { + li, ok := iface.(*lnInterface) + if !ok { + return errors.Errorf("invalid interface %T", iface) + } + err := li.sbx.Delete() + if err1 := li.ep.Delete(true); err1 != nil && err == nil { + err = err1 + } + return err +} + +type lnInterface struct { + ep libnetwork.Endpoint + sbx libnetwork.Sandbox + sync.Once + err error + ready chan struct{} +} + +func (iface *lnInterface) init(c libnetwork.NetworkController, n libnetwork.Network) { + defer close(iface.ready) + id := identity.NewID() + + ep, err := n.CreateEndpoint(id) + if err != nil { + iface.err = err + return + } + + sbx, err := c.NewSandbox(id) + if err != nil { + iface.err = err + return + } + + if err := ep.Join(sbx); err != nil { + iface.err = err + return + } + + iface.sbx = sbx + iface.ep = ep +} + +func (iface *lnInterface) Set(pid int) error { + <-iface.ready + if iface.err != nil { + return iface.err + } + return iface.sbx.SetKey(fmt.Sprintf("/proc/%d/ns/net", pid)) +} + +func (iface *lnInterface) Remove(pid int) error { + return nil } diff --git a/builder/builder-next/executor_windows.go b/builder/builder-next/executor_windows.go index 7b0c6e64c8..e3b5aba829 100644 --- a/builder/builder-next/executor_windows.go +++ b/builder/builder-next/executor_windows.go @@ -5,11 +5,12 @@ import ( "errors" "io" + "github.com/docker/libnetwork" "github.com/moby/buildkit/cache" "github.com/moby/buildkit/executor" ) -func newExecutor(_ string) (executor.Executor, error) { +func newExecutor(_ string, _ libnetwork.NetworkController) (executor.Executor, error) { return &winExecutor{}, nil } diff --git a/cmd/dockerd/daemon.go b/cmd/dockerd/daemon.go index 128630cddf..199bba0285 100644 --- a/cmd/dockerd/daemon.go +++ b/cmd/dockerd/daemon.go @@ -286,9 +286,10 @@ func newRouterOptions(config *config.Config, daemon *daemon.Daemon) (routerOptio return opts, err } bk, err := buildkit.New(buildkit.Opt{ - SessionManager: sm, - Root: filepath.Join(config.Root, "buildkit"), - Dist: daemon.DistributionServices(), + SessionManager: sm, + Root: filepath.Join(config.Root, "buildkit"), + Dist: daemon.DistributionServices(), + NetworkController: daemon.NetworkController(), }) if err != nil { return opts, err diff --git a/daemon/network.go b/daemon/network.go index c524f01e7f..f7675a6568 100644 --- a/daemon/network.go +++ b/daemon/network.go @@ -49,6 +49,11 @@ func (daemon *Daemon) NetworkControllerEnabled() bool { return daemon.netController != nil } +// NetworkController returns the network controller created by the daemon. +func (daemon *Daemon) NetworkController() libnetwork.NetworkController { + return daemon.netController +} + // FindNetwork returns a network based on: // 1. Full ID // 2. Full Name diff --git a/vendor.conf b/vendor.conf index cad8d3aeba..86596bc425 100644 --- a/vendor.conf +++ b/vendor.conf @@ -26,7 +26,7 @@ github.com/imdario/mergo v0.3.6 golang.org/x/sync 1d60e4601c6fd243af51cc01ddf169918a5407ca # buildkit -github.com/moby/buildkit e57eed420c7573ae44875be98fa877175b4677a1 +github.com/moby/buildkit 46f9075ab68a07df2c40ae6e240ce4f9392b3a66 git://github.com/tiborvass/buildkit.git github.com/tonistiigi/fsutil b19464cd1b6a00773b4f2eb7acf9c30426f9df42 github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 github.com/opentracing/opentracing-go 1361b9cd60be79c4c3a7fa9841b3c132e40066a7 diff --git a/vendor/github.com/moby/buildkit/api/services/control/control.pb.go b/vendor/github.com/moby/buildkit/api/services/control/control.pb.go index c5ac357860..a5bfa63dce 100644 --- a/vendor/github.com/moby/buildkit/api/services/control/control.pb.go +++ b/vendor/github.com/moby/buildkit/api/services/control/control.pb.go @@ -35,6 +35,7 @@ import pb "github.com/moby/buildkit/solver/pb" import moby_buildkit_v1_types "github.com/moby/buildkit/api/types" import time "time" +import github_com_moby_buildkit_util_entitlements "github.com/moby/buildkit/util/entitlements" import github_com_opencontainers_go_digest "github.com/opencontainers/go-digest" import context "golang.org/x/net/context" @@ -57,8 +58,10 @@ var _ = time.Kitchen const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package type PruneRequest struct { - Filter []string `protobuf:"bytes,1,rep,name=filter" json:"filter,omitempty"` - All bool `protobuf:"varint,2,opt,name=all,proto3" json:"all,omitempty"` + Filter []string `protobuf:"bytes,1,rep,name=filter" json:"filter,omitempty"` + All bool `protobuf:"varint,2,opt,name=all,proto3" json:"all,omitempty"` + KeepDuration int64 `protobuf:"varint,3,opt,name=keepDuration,proto3" json:"keepDuration,omitempty"` + KeepBytes int64 `protobuf:"varint,4,opt,name=keepBytes,proto3" json:"keepBytes,omitempty"` } func (m *PruneRequest) Reset() { *m = PruneRequest{} } @@ -80,6 +83,20 @@ func (m *PruneRequest) GetAll() bool { return false } +func (m *PruneRequest) GetKeepDuration() int64 { + if m != nil { + return m.KeepDuration + } + return 0 +} + +func (m *PruneRequest) GetKeepBytes() int64 { + if m != nil { + return m.KeepBytes + } + return 0 +} + type DiskUsageRequest struct { Filter []string `protobuf:"bytes,1,rep,name=filter" json:"filter,omitempty"` } @@ -209,14 +226,15 @@ func (m *UsageRecord) GetShared() bool { } type SolveRequest struct { - Ref string `protobuf:"bytes,1,opt,name=Ref,proto3" json:"Ref,omitempty"` - Definition *pb.Definition `protobuf:"bytes,2,opt,name=Definition" json:"Definition,omitempty"` - Exporter string `protobuf:"bytes,3,opt,name=Exporter,proto3" json:"Exporter,omitempty"` - ExporterAttrs map[string]string `protobuf:"bytes,4,rep,name=ExporterAttrs" json:"ExporterAttrs,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - Session string `protobuf:"bytes,5,opt,name=Session,proto3" json:"Session,omitempty"` - Frontend string `protobuf:"bytes,6,opt,name=Frontend,proto3" json:"Frontend,omitempty"` - FrontendAttrs map[string]string `protobuf:"bytes,7,rep,name=FrontendAttrs" json:"FrontendAttrs,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` - Cache CacheOptions `protobuf:"bytes,8,opt,name=Cache" json:"Cache"` + Ref string `protobuf:"bytes,1,opt,name=Ref,proto3" json:"Ref,omitempty"` + Definition *pb.Definition `protobuf:"bytes,2,opt,name=Definition" json:"Definition,omitempty"` + Exporter string `protobuf:"bytes,3,opt,name=Exporter,proto3" json:"Exporter,omitempty"` + ExporterAttrs map[string]string `protobuf:"bytes,4,rep,name=ExporterAttrs" json:"ExporterAttrs,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + Session string `protobuf:"bytes,5,opt,name=Session,proto3" json:"Session,omitempty"` + Frontend string `protobuf:"bytes,6,opt,name=Frontend,proto3" json:"Frontend,omitempty"` + FrontendAttrs map[string]string `protobuf:"bytes,7,rep,name=FrontendAttrs" json:"FrontendAttrs,omitempty" protobuf_key:"bytes,1,opt,name=key,proto3" protobuf_val:"bytes,2,opt,name=value,proto3"` + Cache CacheOptions `protobuf:"bytes,8,opt,name=Cache" json:"Cache"` + Entitlements []github_com_moby_buildkit_util_entitlements.Entitlement `protobuf:"bytes,9,rep,name=Entitlements,customtype=github.com/moby/buildkit/util/entitlements.Entitlement" json:"Entitlements,omitempty"` } func (m *SolveRequest) Reset() { *m = SolveRequest{} } @@ -955,6 +973,16 @@ func (m *PruneRequest) MarshalTo(dAtA []byte) (int, error) { } i++ } + if m.KeepDuration != 0 { + dAtA[i] = 0x18 + i++ + i = encodeVarintControl(dAtA, i, uint64(m.KeepDuration)) + } + if m.KeepBytes != 0 { + dAtA[i] = 0x20 + i++ + i = encodeVarintControl(dAtA, i, uint64(m.KeepBytes)) + } return i, nil } @@ -1212,6 +1240,21 @@ func (m *SolveRequest) MarshalTo(dAtA []byte) (int, error) { return 0, err } i += n4 + if len(m.Entitlements) > 0 { + for _, s := range m.Entitlements { + dAtA[i] = 0x4a + i++ + l = len(s) + for l >= 1<<7 { + dAtA[i] = uint8(uint64(l)&0x7f | 0x80) + l >>= 7 + i++ + } + dAtA[i] = uint8(l) + i++ + i += copy(dAtA[i:], s) + } + } return i, nil } @@ -1690,6 +1733,12 @@ func (m *PruneRequest) Size() (n int) { if m.All { n += 2 } + if m.KeepDuration != 0 { + n += 1 + sovControl(uint64(m.KeepDuration)) + } + if m.KeepBytes != 0 { + n += 1 + sovControl(uint64(m.KeepBytes)) + } return n } @@ -1801,6 +1850,12 @@ func (m *SolveRequest) Size() (n int) { } l = m.Cache.Size() n += 1 + l + sovControl(uint64(l)) + if len(m.Entitlements) > 0 { + for _, s := range m.Entitlements { + l = len(s) + n += 1 + l + sovControl(uint64(l)) + } + } return n } @@ -2089,6 +2144,44 @@ func (m *PruneRequest) Unmarshal(dAtA []byte) error { } } m.All = bool(v != 0) + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field KeepDuration", wireType) + } + m.KeepDuration = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowControl + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.KeepDuration |= (int64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + case 4: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field KeepBytes", wireType) + } + m.KeepBytes = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowControl + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.KeepBytes |= (int64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } default: iNdEx = preIndex skippy, err := skipControl(dAtA[iNdEx:]) @@ -3041,6 +3134,35 @@ func (m *SolveRequest) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 9: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Entitlements", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowControl + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthControl + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Entitlements = append(m.Entitlements, github_com_moby_buildkit_util_entitlements.Entitlement(dAtA[iNdEx:postIndex])) + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipControl(dAtA[iNdEx:]) @@ -4709,81 +4831,85 @@ var ( func init() { proto.RegisterFile("control.proto", fileDescriptorControl) } var fileDescriptorControl = []byte{ - // 1206 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x56, 0x4f, 0x6f, 0x1b, 0x45, - 0x14, 0x67, 0x6d, 0xc7, 0x7f, 0x9e, 0x9d, 0x2a, 0x0c, 0x50, 0xad, 0x16, 0x48, 0xcc, 0x02, 0x92, - 0x55, 0xb5, 0xbb, 0x6d, 0xa0, 0x52, 0x15, 0xa1, 0xaa, 0x75, 0x5c, 0x44, 0xaa, 0x44, 0x94, 0x75, - 0x42, 0x25, 0x6e, 0x6b, 0x7b, 0xe2, 0xac, 0xb2, 0xde, 0x59, 0x66, 0x66, 0x43, 0xcd, 0xa7, 0xe0, - 0xc0, 0x37, 0xe1, 0xc0, 0x27, 0x40, 0xea, 0x91, 0x33, 0x87, 0x14, 0xe5, 0x0e, 0x77, 0x6e, 0x68, - 0xfe, 0xac, 0x3d, 0x8e, 0x9d, 0x38, 0x49, 0x4f, 0x99, 0x37, 0xf9, 0xbd, 0x9f, 0xdf, 0x7b, 0xbf, - 0xb7, 0xf3, 0x1e, 0xac, 0xf6, 0x49, 0xc2, 0x29, 0x89, 0xbd, 0x94, 0x12, 0x4e, 0xd0, 0xda, 0x88, - 0xf4, 0xc6, 0x5e, 0x2f, 0x8b, 0xe2, 0xc1, 0x71, 0xc4, 0xbd, 0x93, 0x07, 0xce, 0xbd, 0x61, 0xc4, - 0x8f, 0xb2, 0x9e, 0xd7, 0x27, 0x23, 0x7f, 0x48, 0x86, 0xc4, 0x97, 0xc0, 0x5e, 0x76, 0x28, 0x2d, - 0x69, 0xc8, 0x93, 0x22, 0x70, 0x36, 0x86, 0x84, 0x0c, 0x63, 0x3c, 0x45, 0xf1, 0x68, 0x84, 0x19, - 0x0f, 0x47, 0xa9, 0x06, 0xdc, 0x35, 0xf8, 0xc4, 0x8f, 0xf9, 0xf9, 0x8f, 0xf9, 0x8c, 0xc4, 0x27, - 0x98, 0xfa, 0x69, 0xcf, 0x27, 0x29, 0xd3, 0x68, 0xff, 0x42, 0x74, 0x98, 0x46, 0x3e, 0x1f, 0xa7, - 0x98, 0xf9, 0x3f, 0x11, 0x7a, 0x8c, 0xa9, 0x72, 0x70, 0x1f, 0x41, 0xe3, 0x05, 0xcd, 0x12, 0x1c, - 0xe0, 0x1f, 0x33, 0xcc, 0x38, 0xba, 0x0d, 0xe5, 0xc3, 0x28, 0xe6, 0x98, 0xda, 0x56, 0xb3, 0xd8, - 0xaa, 0x05, 0xda, 0x42, 0x6b, 0x50, 0x0c, 0xe3, 0xd8, 0x2e, 0x34, 0xad, 0x56, 0x35, 0x10, 0x47, - 0xf7, 0x0e, 0xac, 0x75, 0x22, 0x76, 0x7c, 0xc0, 0xc2, 0xe1, 0x32, 0x6f, 0xf7, 0x39, 0xbc, 0x6b, - 0x60, 0x59, 0x4a, 0x12, 0x86, 0xd1, 0x43, 0x28, 0x53, 0xdc, 0x27, 0x74, 0x20, 0xc1, 0xf5, 0xcd, - 0x8f, 0xbd, 0xf3, 0xc5, 0xf4, 0xb4, 0x83, 0x00, 0x05, 0x1a, 0xec, 0xfe, 0x57, 0x80, 0xba, 0x71, - 0x8f, 0x6e, 0x41, 0x61, 0xa7, 0x63, 0x5b, 0x4d, 0xab, 0x55, 0x0b, 0x0a, 0x3b, 0x1d, 0x64, 0x43, - 0x65, 0x2f, 0xe3, 0x61, 0x2f, 0xc6, 0x3a, 0xda, 0xdc, 0x44, 0xef, 0xc3, 0xca, 0x4e, 0x72, 0xc0, - 0xb0, 0x5d, 0x94, 0xf7, 0xca, 0x40, 0x08, 0x4a, 0xdd, 0xe8, 0x67, 0x6c, 0x97, 0x9a, 0x56, 0xab, - 0x18, 0xc8, 0xb3, 0xc8, 0xe3, 0x45, 0x48, 0x71, 0xc2, 0xed, 0x15, 0xc9, 0xab, 0x2d, 0xd4, 0x86, - 0xda, 0x36, 0xc5, 0x21, 0xc7, 0x83, 0xa7, 0xdc, 0x2e, 0x37, 0xad, 0x56, 0x7d, 0xd3, 0xf1, 0x94, - 0x82, 0x5e, 0xae, 0xa0, 0xb7, 0x9f, 0x2b, 0xd8, 0xae, 0xbe, 0x3e, 0xdd, 0x78, 0xe7, 0x97, 0x37, - 0x1b, 0x56, 0x30, 0x75, 0x43, 0x4f, 0x00, 0x76, 0x43, 0xc6, 0x0f, 0x98, 0x24, 0xa9, 0x2c, 0x25, - 0x29, 0x49, 0x02, 0xc3, 0x07, 0xad, 0x03, 0xc8, 0x02, 0x6c, 0x93, 0x2c, 0xe1, 0x76, 0x55, 0xc6, - 0x6d, 0xdc, 0xa0, 0x26, 0xd4, 0x3b, 0x98, 0xf5, 0x69, 0x94, 0xf2, 0x88, 0x24, 0x76, 0x4d, 0xa6, - 0x60, 0x5e, 0x09, 0x06, 0x55, 0xbd, 0xfd, 0x71, 0x8a, 0x6d, 0x90, 0x00, 0xe3, 0x46, 0xe4, 0xdf, - 0x3d, 0x0a, 0x29, 0x1e, 0xd8, 0x75, 0x59, 0x2a, 0x6d, 0xb9, 0xbf, 0x96, 0xa0, 0xd1, 0x15, 0x6d, - 0x97, 0x0b, 0xbe, 0x06, 0xc5, 0x00, 0x1f, 0xea, 0xea, 0x8b, 0x23, 0xf2, 0x00, 0x3a, 0xf8, 0x30, - 0x4a, 0x22, 0xf9, 0xdb, 0x05, 0x99, 0xde, 0x2d, 0x2f, 0xed, 0x79, 0xd3, 0xdb, 0xc0, 0x40, 0x20, - 0x07, 0xaa, 0xcf, 0x5e, 0xa5, 0x84, 0x8a, 0xa6, 0x29, 0x4a, 0x9a, 0x89, 0x8d, 0x5e, 0xc2, 0x6a, - 0x7e, 0x7e, 0xca, 0x39, 0x65, 0x76, 0x49, 0x36, 0xca, 0x83, 0xf9, 0x46, 0x31, 0x83, 0xf2, 0x66, - 0x7c, 0x9e, 0x25, 0x9c, 0x8e, 0x83, 0x59, 0x1e, 0xd1, 0x23, 0x5d, 0xcc, 0x98, 0x88, 0x50, 0x09, - 0x9c, 0x9b, 0x22, 0x9c, 0xaf, 0x29, 0x49, 0x38, 0x4e, 0x06, 0x52, 0xe0, 0x5a, 0x30, 0xb1, 0x45, - 0x38, 0xf9, 0x59, 0x85, 0x53, 0xb9, 0x52, 0x38, 0x33, 0x3e, 0x3a, 0x9c, 0x99, 0x3b, 0xb4, 0x05, - 0x2b, 0xdb, 0x61, 0xff, 0x08, 0x4b, 0x2d, 0xeb, 0x9b, 0xeb, 0xf3, 0x84, 0xf2, 0xdf, 0xdf, 0x4a, - 0xf1, 0x58, 0xbb, 0x24, 0xda, 0x2a, 0x50, 0x2e, 0xce, 0x13, 0x40, 0xf3, 0xf9, 0x0a, 0x5d, 0x8e, - 0xf1, 0x38, 0xd7, 0xe5, 0x18, 0x8f, 0x45, 0xf3, 0x9f, 0x84, 0x71, 0xa6, 0x3e, 0x8a, 0x5a, 0xa0, - 0x8c, 0xad, 0xc2, 0x23, 0x4b, 0x30, 0xcc, 0x87, 0x78, 0x1d, 0x06, 0xf7, 0x8d, 0x05, 0x0d, 0x33, - 0x42, 0xf4, 0x11, 0xd4, 0x54, 0x50, 0xd3, 0xe6, 0x98, 0x5e, 0x88, 0xee, 0xdb, 0x19, 0x69, 0x83, - 0xd9, 0x05, 0xf9, 0x52, 0x18, 0x37, 0xe8, 0x3b, 0xa8, 0x2b, 0xb0, 0xaa, 0x72, 0x51, 0x56, 0xd9, - 0xbf, 0xbc, 0x28, 0x9e, 0xe1, 0xa1, 0x6a, 0x6c, 0x72, 0x38, 0x8f, 0x61, 0xed, 0x3c, 0xe0, 0x5a, - 0x19, 0xfe, 0x6e, 0xc1, 0xaa, 0x16, 0x55, 0xbf, 0x5e, 0x61, 0xce, 0x88, 0x69, 0x7e, 0xa7, 0xdf, - 0xb1, 0x87, 0x17, 0xf6, 0x83, 0x82, 0x79, 0xe7, 0xfd, 0x54, 0xbc, 0x73, 0x74, 0xce, 0x36, 0x7c, - 0xb0, 0x10, 0x7a, 0xad, 0xc8, 0x3f, 0x81, 0xd5, 0x2e, 0x0f, 0x79, 0xc6, 0x2e, 0xfc, 0x64, 0xdd, - 0xdf, 0x2c, 0xb8, 0x95, 0x63, 0x74, 0x76, 0x5f, 0x42, 0xf5, 0x04, 0x53, 0x8e, 0x5f, 0x61, 0xa6, - 0xb3, 0xb2, 0xe7, 0xb3, 0xfa, 0x5e, 0x22, 0x82, 0x09, 0x12, 0x6d, 0x41, 0x95, 0x49, 0x1e, 0xac, - 0x64, 0x5d, 0xd8, 0xca, 0xca, 0x4b, 0xff, 0xde, 0x04, 0x8f, 0x7c, 0x28, 0xc5, 0x64, 0x98, 0xab, - 0xfd, 0xe1, 0x45, 0x7e, 0xbb, 0x64, 0x18, 0x48, 0xa0, 0x7b, 0x5a, 0x80, 0xb2, 0xba, 0x43, 0xcf, - 0xa1, 0x3c, 0x88, 0x86, 0x98, 0x71, 0x95, 0x55, 0x7b, 0x53, 0x7c, 0x20, 0x7f, 0x9d, 0x6e, 0xdc, - 0x31, 0xa6, 0x21, 0x49, 0x71, 0x22, 0x66, 0x77, 0x18, 0x25, 0x98, 0x32, 0x7f, 0x48, 0xee, 0x29, - 0x17, 0xaf, 0x23, 0xff, 0x04, 0x9a, 0x41, 0x70, 0x45, 0x49, 0x9a, 0x71, 0xdd, 0x98, 0x37, 0xe3, - 0x52, 0x0c, 0x62, 0xb4, 0x24, 0xe1, 0x08, 0xeb, 0x77, 0x4d, 0x9e, 0xc5, 0xd3, 0xda, 0x17, 0x7d, - 0x3b, 0x90, 0x03, 0xa7, 0x1a, 0x68, 0x0b, 0x6d, 0x41, 0x85, 0xf1, 0x90, 0x72, 0x3c, 0x90, 0x4f, - 0xd2, 0x55, 0x66, 0x42, 0xee, 0x80, 0x1e, 0x43, 0xad, 0x4f, 0x46, 0x69, 0x8c, 0x85, 0x77, 0xf9, - 0x8a, 0xde, 0x53, 0x17, 0xd1, 0x3d, 0x98, 0x52, 0x42, 0xe5, 0x34, 0xaa, 0x05, 0xca, 0x70, 0xff, - 0x2d, 0x40, 0xc3, 0x14, 0x6b, 0x6e, 0xd2, 0x3e, 0x87, 0xb2, 0x92, 0x5e, 0x75, 0xdd, 0xcd, 0x4a, - 0xa5, 0x18, 0x16, 0x96, 0xca, 0x86, 0x4a, 0x3f, 0xa3, 0x72, 0x0c, 0xab, 0xe1, 0x9c, 0x9b, 0x22, - 0x60, 0x4e, 0x78, 0x18, 0xcb, 0x52, 0x15, 0x03, 0x65, 0x88, 0xe9, 0x3c, 0xd9, 0x9e, 0xae, 0x37, - 0x9d, 0x27, 0x6e, 0xa6, 0x0c, 0x95, 0xb7, 0x92, 0xa1, 0x7a, 0x6d, 0x19, 0xdc, 0x3f, 0x2c, 0xa8, - 0x4d, 0xba, 0xdc, 0xa8, 0xae, 0xf5, 0xd6, 0xd5, 0x9d, 0xa9, 0x4c, 0xe1, 0x66, 0x95, 0xb9, 0x0d, - 0x65, 0xc6, 0x29, 0x0e, 0x47, 0x52, 0xa3, 0x62, 0xa0, 0x2d, 0xf1, 0x9e, 0x8c, 0xd8, 0x50, 0x2a, - 0xd4, 0x08, 0xc4, 0xd1, 0x75, 0xa1, 0xd1, 0x1e, 0x73, 0xcc, 0xf6, 0x30, 0x13, 0x4b, 0x89, 0xd0, - 0x76, 0x10, 0xf2, 0x50, 0xe6, 0xd1, 0x08, 0xe4, 0xd9, 0xbd, 0x0b, 0x68, 0x37, 0x62, 0xfc, 0xa5, - 0xdc, 0x45, 0xd9, 0xb2, 0xfd, 0xb1, 0x0b, 0xef, 0xcd, 0xa0, 0xf5, 0x2b, 0xf5, 0xd5, 0xb9, 0x0d, - 0xf2, 0xb3, 0xf9, 0x57, 0x43, 0xae, 0xbc, 0x9e, 0x72, 0x9c, 0x5d, 0x24, 0x37, 0xff, 0x29, 0x42, - 0x65, 0x5b, 0x6d, 0xf3, 0x68, 0x1f, 0x6a, 0x93, 0x05, 0x15, 0xb9, 0xf3, 0x34, 0xe7, 0x37, 0x5d, - 0xe7, 0xd3, 0x4b, 0x31, 0x3a, 0xbe, 0x6f, 0x60, 0x45, 0x2e, 0xd7, 0x68, 0xc1, 0x33, 0x68, 0x6e, - 0xdd, 0xce, 0xe5, 0xab, 0xef, 0x7d, 0x4b, 0x30, 0xc9, 0x19, 0xb2, 0x88, 0xc9, 0x5c, 0x36, 0x9c, - 0x8d, 0x25, 0xc3, 0x07, 0xed, 0x41, 0x59, 0x7f, 0xce, 0x8b, 0xa0, 0xe6, 0xa4, 0x70, 0x9a, 0x17, - 0x03, 0x14, 0xd9, 0x7d, 0x0b, 0xed, 0x4d, 0x36, 0xa9, 0x45, 0xa1, 0x99, 0x6d, 0xe0, 0x2c, 0xf9, - 0x7f, 0xcb, 0xba, 0x6f, 0xa1, 0x1f, 0xa0, 0x6e, 0x08, 0x8d, 0x16, 0x08, 0x3a, 0xdf, 0x35, 0xce, - 0xe7, 0x4b, 0x50, 0x2a, 0xd8, 0x76, 0xe3, 0xf5, 0xd9, 0xba, 0xf5, 0xe7, 0xd9, 0xba, 0xf5, 0xf7, - 0xd9, 0xba, 0xd5, 0x2b, 0xcb, 0xbe, 0xff, 0xe2, 0xff, 0x00, 0x00, 0x00, 0xff, 0xff, 0x10, 0x8f, - 0x03, 0xa4, 0xd1, 0x0d, 0x00, 0x00, + // 1279 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xa4, 0x57, 0x4f, 0x6f, 0x1b, 0x45, + 0x14, 0xef, 0xda, 0x89, 0xed, 0x7d, 0x76, 0xaa, 0x30, 0x40, 0xb5, 0x5a, 0x20, 0x31, 0x0b, 0x48, + 0x56, 0xd5, 0xee, 0xb6, 0x81, 0x22, 0x14, 0xa1, 0xaa, 0x75, 0x5c, 0x44, 0xaa, 0x46, 0x94, 0x49, + 0x4b, 0x25, 0x0e, 0x48, 0x6b, 0x7b, 0xe2, 0xae, 0xb2, 0xde, 0x59, 0x66, 0x66, 0x43, 0xcd, 0x07, + 0xe0, 0xcc, 0x77, 0xe1, 0xc0, 0x27, 0x40, 0xea, 0x91, 0x73, 0x0f, 0x29, 0xea, 0x1d, 0x4e, 0x5c, + 0xb8, 0xa1, 0xf9, 0xb3, 0xce, 0x38, 0x76, 0xea, 0xa6, 0x3d, 0x65, 0xde, 0xe4, 0xf7, 0x7e, 0xfb, + 0xfe, 0xcd, 0x7b, 0xcf, 0xb0, 0x36, 0xa0, 0x99, 0x60, 0x34, 0x0d, 0x73, 0x46, 0x05, 0x45, 0xeb, + 0x63, 0xda, 0x9f, 0x84, 0xfd, 0x22, 0x49, 0x87, 0x87, 0x89, 0x08, 0x8f, 0xae, 0xfb, 0x57, 0x47, + 0x89, 0x78, 0x5c, 0xf4, 0xc3, 0x01, 0x1d, 0x47, 0x23, 0x3a, 0xa2, 0x91, 0x02, 0xf6, 0x8b, 0x03, + 0x25, 0x29, 0x41, 0x9d, 0x34, 0x81, 0xbf, 0x39, 0xa2, 0x74, 0x94, 0x92, 0x13, 0x94, 0x48, 0xc6, + 0x84, 0x8b, 0x78, 0x9c, 0x1b, 0xc0, 0x15, 0x8b, 0x4f, 0x7e, 0x2c, 0x2a, 0x3f, 0x16, 0x71, 0x9a, + 0x1e, 0x11, 0x16, 0xe5, 0xfd, 0x88, 0xe6, 0xdc, 0xa0, 0xa3, 0x33, 0xd1, 0x71, 0x9e, 0x44, 0x62, + 0x92, 0x13, 0x1e, 0xfd, 0x44, 0xd9, 0x21, 0x61, 0x5a, 0x21, 0xf8, 0xc5, 0x81, 0xd6, 0x7d, 0x56, + 0x64, 0x04, 0x93, 0x1f, 0x0b, 0xc2, 0x05, 0xba, 0x04, 0xb5, 0x83, 0x24, 0x15, 0x84, 0x79, 0x4e, + 0xbb, 0xda, 0x71, 0xb1, 0x91, 0xd0, 0x3a, 0x54, 0xe3, 0x34, 0xf5, 0x2a, 0x6d, 0xa7, 0xd3, 0xc0, + 0xf2, 0x88, 0x3a, 0xd0, 0x3a, 0x24, 0x24, 0xef, 0x15, 0x2c, 0x16, 0x09, 0xcd, 0xbc, 0x6a, 0xdb, + 0xe9, 0x54, 0xbb, 0x2b, 0x4f, 0x8f, 0x37, 0x1d, 0x3c, 0xf3, 0x1f, 0x14, 0x80, 0x2b, 0xe5, 0xee, + 0x44, 0x10, 0xee, 0xad, 0x58, 0xb0, 0x93, 0xeb, 0xe0, 0x32, 0xac, 0xf7, 0x12, 0x7e, 0xf8, 0x90, + 0xc7, 0xa3, 0x65, 0xb6, 0x04, 0x77, 0xe1, 0x2d, 0x0b, 0xcb, 0x73, 0x9a, 0x71, 0x82, 0x6e, 0x40, + 0x8d, 0x91, 0x01, 0x65, 0x43, 0x05, 0x6e, 0x6e, 0x7d, 0x10, 0x9e, 0xce, 0x4d, 0x68, 0x14, 0x24, + 0x08, 0x1b, 0x70, 0xf0, 0x5f, 0x05, 0x9a, 0xd6, 0x3d, 0xba, 0x08, 0x95, 0xdd, 0x9e, 0xe7, 0xb4, + 0x9d, 0x8e, 0x8b, 0x2b, 0xbb, 0x3d, 0xe4, 0x41, 0x7d, 0xaf, 0x10, 0x71, 0x3f, 0x25, 0xc6, 0xf7, + 0x52, 0x44, 0xef, 0xc0, 0xea, 0x6e, 0xf6, 0x90, 0x13, 0xe5, 0x78, 0x03, 0x6b, 0x01, 0x21, 0x58, + 0xd9, 0x4f, 0x7e, 0x26, 0xda, 0x4d, 0xac, 0xce, 0xd2, 0x8f, 0xfb, 0x31, 0x23, 0x99, 0xf0, 0x56, + 0x15, 0xaf, 0x91, 0x50, 0x17, 0xdc, 0x1d, 0x46, 0x62, 0x41, 0x86, 0xb7, 0x85, 0x57, 0x6b, 0x3b, + 0x9d, 0xe6, 0x96, 0x1f, 0xea, 0x82, 0x08, 0xcb, 0x82, 0x08, 0x1f, 0x94, 0x05, 0xd1, 0x6d, 0x3c, + 0x3d, 0xde, 0xbc, 0xf0, 0xeb, 0x73, 0x19, 0xb7, 0xa9, 0x1a, 0xba, 0x05, 0x70, 0x2f, 0xe6, 0xe2, + 0x21, 0x57, 0x24, 0xf5, 0xa5, 0x24, 0x2b, 0x8a, 0xc0, 0xd2, 0x41, 0x1b, 0x00, 0x2a, 0x00, 0x3b, + 0xb4, 0xc8, 0x84, 0xd7, 0x50, 0x76, 0x5b, 0x37, 0xa8, 0x0d, 0xcd, 0x1e, 0xe1, 0x03, 0x96, 0xe4, + 0x2a, 0xcd, 0xae, 0x72, 0xc1, 0xbe, 0x92, 0x0c, 0x3a, 0x7a, 0x0f, 0x26, 0x39, 0xf1, 0x40, 0x01, + 0xac, 0x1b, 0xe9, 0xff, 0xfe, 0xe3, 0x98, 0x91, 0xa1, 0xd7, 0x54, 0xa1, 0x32, 0x52, 0xf0, 0xef, + 0x0a, 0xb4, 0xf6, 0x65, 0x15, 0x97, 0x09, 0x5f, 0x87, 0x2a, 0x26, 0x07, 0x26, 0xfa, 0xf2, 0x88, + 0x42, 0x80, 0x1e, 0x39, 0x48, 0xb2, 0x44, 0x7d, 0xbb, 0xa2, 0xdc, 0xbb, 0x18, 0xe6, 0xfd, 0xf0, + 0xe4, 0x16, 0x5b, 0x08, 0xe4, 0x43, 0xe3, 0xce, 0x93, 0x9c, 0x32, 0x59, 0x34, 0x55, 0x45, 0x33, + 0x95, 0xd1, 0x23, 0x58, 0x2b, 0xcf, 0xb7, 0x85, 0x60, 0xb2, 0x14, 0x65, 0xa1, 0x5c, 0x9f, 0x2f, + 0x14, 0xdb, 0xa8, 0x70, 0x46, 0xe7, 0x4e, 0x26, 0xd8, 0x04, 0xcf, 0xf2, 0xc8, 0x1a, 0xd9, 0x27, + 0x9c, 0x4b, 0x0b, 0x75, 0x82, 0x4b, 0x51, 0x9a, 0xf3, 0x15, 0xa3, 0x99, 0x20, 0xd9, 0x50, 0x25, + 0xd8, 0xc5, 0x53, 0x59, 0x9a, 0x53, 0x9e, 0xb5, 0x39, 0xf5, 0x57, 0x32, 0x67, 0x46, 0xc7, 0x98, + 0x33, 0x73, 0x87, 0xb6, 0x61, 0x75, 0x27, 0x1e, 0x3c, 0x26, 0x2a, 0x97, 0xcd, 0xad, 0x8d, 0x79, + 0x42, 0xf5, 0xef, 0x6f, 0x54, 0xf2, 0xb8, 0x7a, 0x8a, 0x17, 0xb0, 0x56, 0x41, 0x3f, 0x40, 0xeb, + 0x4e, 0x26, 0x12, 0x91, 0x92, 0x31, 0xc9, 0x04, 0xf7, 0x5c, 0xf9, 0xf0, 0xba, 0xdb, 0xcf, 0x8e, + 0x37, 0x3f, 0x3f, 0xb3, 0xb5, 0x14, 0x22, 0x49, 0x23, 0x62, 0x69, 0x85, 0x16, 0x05, 0x9e, 0xe1, + 0xf3, 0x6f, 0x01, 0x9a, 0x8f, 0xa7, 0xcc, 0xfb, 0x21, 0x99, 0x94, 0x79, 0x3f, 0x24, 0x13, 0xf9, + 0xb8, 0x8e, 0xe2, 0xb4, 0xd0, 0x8f, 0xce, 0xc5, 0x5a, 0xd8, 0xae, 0x7c, 0xe1, 0x48, 0x86, 0xf9, + 0x10, 0x9c, 0x87, 0x21, 0x78, 0xee, 0x40, 0xcb, 0x8e, 0x00, 0x7a, 0x1f, 0x5c, 0x6d, 0xd4, 0x49, + 0xf1, 0x9d, 0x5c, 0xc8, 0xea, 0xde, 0x1d, 0x1b, 0x81, 0x7b, 0x15, 0xd5, 0x89, 0xac, 0x1b, 0xf4, + 0x2d, 0x34, 0x35, 0x58, 0x67, 0xb1, 0xaa, 0xb2, 0x18, 0xbd, 0x3c, 0xe8, 0xa1, 0xa5, 0xa1, 0x73, + 0x68, 0x73, 0xf8, 0x37, 0x61, 0xfd, 0x34, 0xe0, 0x5c, 0x1e, 0xfe, 0xee, 0xc0, 0x9a, 0x29, 0x1a, + 0xd3, 0x1d, 0xe3, 0x92, 0x91, 0xb0, 0xf2, 0xce, 0xf4, 0xc9, 0x1b, 0x67, 0xd6, 0x9b, 0x86, 0x85, + 0xa7, 0xf5, 0xb4, 0xbd, 0x73, 0x74, 0xfe, 0x0e, 0xbc, 0xbb, 0x10, 0x7a, 0x2e, 0xcb, 0x3f, 0x84, + 0xb5, 0x7d, 0x11, 0x8b, 0x82, 0x9f, 0xd9, 0x12, 0x82, 0xdf, 0x1c, 0xb8, 0x58, 0x62, 0x8c, 0x77, + 0x9f, 0x41, 0xe3, 0x88, 0x30, 0x41, 0x9e, 0x10, 0x6e, 0xbc, 0xf2, 0xe6, 0xbd, 0xfa, 0x4e, 0x21, + 0xf0, 0x14, 0x89, 0xb6, 0xa1, 0xc1, 0x15, 0x0f, 0xd1, 0x69, 0x5d, 0xf8, 0x54, 0xb4, 0x96, 0xf9, + 0xde, 0x14, 0x8f, 0x22, 0x58, 0x49, 0xe9, 0xa8, 0xcc, 0xf6, 0x7b, 0x67, 0xe9, 0xdd, 0xa3, 0x23, + 0xac, 0x80, 0xc1, 0x71, 0x05, 0x6a, 0xfa, 0x0e, 0xdd, 0x85, 0xda, 0x30, 0x19, 0x11, 0x2e, 0xb4, + 0x57, 0xdd, 0x2d, 0xf9, 0x00, 0x9f, 0x1d, 0x6f, 0x5e, 0xb6, 0x5e, 0x18, 0xcd, 0x49, 0x26, 0x57, + 0x8d, 0x38, 0xc9, 0x08, 0xe3, 0xd1, 0x88, 0x5e, 0xd5, 0x2a, 0x61, 0x4f, 0xfd, 0xc1, 0x86, 0x41, + 0x72, 0x25, 0x59, 0x5e, 0x08, 0x53, 0x98, 0xaf, 0xc7, 0xa5, 0x19, 0xe4, 0xe8, 0xca, 0xe2, 0x31, + 0x31, 0x7d, 0x53, 0x9d, 0x65, 0xeb, 0x1e, 0xc8, 0xba, 0x1d, 0xaa, 0x81, 0xd6, 0xc0, 0x46, 0x42, + 0xdb, 0x50, 0xe7, 0x22, 0x66, 0x82, 0x0c, 0x55, 0xcb, 0x7b, 0x95, 0x99, 0x53, 0x2a, 0xa0, 0x9b, + 0xe0, 0x0e, 0xe8, 0x38, 0x4f, 0x89, 0xd4, 0xae, 0xbd, 0xa2, 0xf6, 0x89, 0x8a, 0xac, 0x1e, 0xc2, + 0x18, 0x65, 0x6a, 0xda, 0xb9, 0x58, 0x0b, 0xc1, 0x3f, 0x15, 0x68, 0xd9, 0xc9, 0x9a, 0x9b, 0xe4, + 0x77, 0xa1, 0xa6, 0x53, 0xaf, 0xab, 0xee, 0xf5, 0x42, 0xa5, 0x19, 0x16, 0x86, 0xca, 0x83, 0xfa, + 0xa0, 0x60, 0x6a, 0xcc, 0xeb, 0xe1, 0x5f, 0x8a, 0xd2, 0x60, 0x41, 0x45, 0x9c, 0xaa, 0x50, 0x55, + 0xb1, 0x16, 0xe4, 0xf4, 0x9f, 0x2e, 0x7b, 0xe7, 0x9b, 0xfe, 0x53, 0x35, 0x3b, 0x0d, 0xf5, 0x37, + 0x4a, 0x43, 0xe3, 0xdc, 0x69, 0x08, 0xfe, 0x70, 0xc0, 0x9d, 0x56, 0xb9, 0x15, 0x5d, 0xe7, 0x8d, + 0xa3, 0x3b, 0x13, 0x99, 0xca, 0xeb, 0x45, 0xe6, 0x12, 0xd4, 0xb8, 0x60, 0x24, 0x1e, 0xeb, 0xbd, + 0x14, 0x1b, 0x49, 0xf6, 0x93, 0x31, 0x1f, 0xa9, 0x0c, 0xb5, 0xb0, 0x3c, 0x06, 0x01, 0xb4, 0xd4, + 0x0a, 0xba, 0x47, 0xb8, 0x5c, 0x7a, 0x64, 0x6e, 0x87, 0xb1, 0x88, 0x95, 0x1f, 0x2d, 0xac, 0xce, + 0xc1, 0x15, 0x40, 0xf7, 0x12, 0x2e, 0x1e, 0xa9, 0xd5, 0x99, 0x2f, 0xdb, 0x4f, 0xf7, 0xe1, 0xed, + 0x19, 0xb4, 0xe9, 0x52, 0x5f, 0x9e, 0xda, 0x50, 0x3f, 0x9e, 0xef, 0x1a, 0x6a, 0x43, 0x0f, 0xb5, + 0xe2, 0xec, 0xa2, 0xba, 0xf5, 0x77, 0x15, 0xea, 0x3b, 0xfa, 0xc7, 0x07, 0x7a, 0x00, 0xee, 0x74, + 0x01, 0x46, 0xc1, 0x3c, 0xcd, 0xe9, 0x4d, 0xda, 0xff, 0xe8, 0xa5, 0x18, 0x63, 0xdf, 0xd7, 0xb0, + 0xaa, 0x7e, 0x0a, 0xa0, 0x05, 0x6d, 0xd0, 0xfe, 0x8d, 0xe0, 0xbf, 0x7c, 0xb5, 0xbe, 0xe6, 0x48, + 0x26, 0x35, 0x43, 0x16, 0x31, 0xd9, 0xcb, 0x8c, 0xbf, 0xb9, 0x64, 0xf8, 0xa0, 0x3d, 0xa8, 0x99, + 0xe7, 0xbc, 0x08, 0x6a, 0x4f, 0x0a, 0xbf, 0x7d, 0x36, 0x40, 0x93, 0x5d, 0x73, 0xd0, 0xde, 0x74, + 0x53, 0x5b, 0x64, 0x9a, 0x5d, 0x06, 0xfe, 0x92, 0xff, 0x77, 0x9c, 0x6b, 0x0e, 0xfa, 0x1e, 0x9a, + 0x56, 0xa2, 0xd1, 0x82, 0x84, 0xce, 0x57, 0x8d, 0xff, 0xc9, 0x12, 0x94, 0x36, 0xb6, 0xdb, 0x7a, + 0xfa, 0x62, 0xc3, 0xf9, 0xf3, 0xc5, 0x86, 0xf3, 0xd7, 0x8b, 0x0d, 0xa7, 0x5f, 0x53, 0x75, 0xff, + 0xe9, 0xff, 0x01, 0x00, 0x00, 0xff, 0xff, 0xfe, 0x98, 0x98, 0x82, 0x80, 0x0e, 0x00, 0x00, } diff --git a/vendor/github.com/moby/buildkit/api/services/control/control.proto b/vendor/github.com/moby/buildkit/api/services/control/control.proto index 2dcd0fcb58..7ac4095b7a 100644 --- a/vendor/github.com/moby/buildkit/api/services/control/control.proto +++ b/vendor/github.com/moby/buildkit/api/services/control/control.proto @@ -25,8 +25,10 @@ service Control { } message PruneRequest { - repeated string filter = 1; // FIXME: not implemented + repeated string filter = 1; bool all = 2; + int64 keepDuration = 3 [(gogoproto.nullable) = true]; + int64 keepBytes = 4 [(gogoproto.nullable) = true]; } message DiskUsageRequest { @@ -60,6 +62,7 @@ message SolveRequest { string Frontend = 6; map FrontendAttrs = 7; CacheOptions Cache = 8 [(gogoproto.nullable) = false]; + repeated string Entitlements = 9 [(gogoproto.customtype) = "github.com/moby/buildkit/util/entitlements.Entitlement" ]; } message CacheOptions { diff --git a/vendor/github.com/moby/buildkit/cache/manager.go b/vendor/github.com/moby/buildkit/cache/manager.go index 08d8aeb770..a6a3f86ee7 100644 --- a/vendor/github.com/moby/buildkit/cache/manager.go +++ b/vendor/github.com/moby/buildkit/cache/manager.go @@ -2,6 +2,7 @@ package cache import ( "context" + "sort" "sync" "time" @@ -321,14 +322,50 @@ func (cm *cacheManager) Prune(ctx context.Context, ch chan client.UsageInfo, opt check = c } - return cm.prune(ctx, ch, filter, opt.All, check) + totalSize := int64(0) + if opt.KeepBytes != 0 { + du, err := cm.DiskUsage(ctx, client.DiskUsageInfo{}) + if err != nil { + return err + } + for _, ui := range du { + if check != nil { + if check.Exists(ui.ID) { + continue + } + } + totalSize += ui.Size + } + } + + return cm.prune(ctx, ch, pruneOpt{ + filter: filter, + all: opt.All, + checkShared: check, + keepDuration: opt.KeepDuration, + keepBytes: opt.KeepBytes, + totalSize: totalSize, + }) } -func (cm *cacheManager) prune(ctx context.Context, ch chan client.UsageInfo, filter filters.Filter, all bool, checkShared ExternalRefChecker) error { - var toDelete []*cacheRecord +func (cm *cacheManager) prune(ctx context.Context, ch chan client.UsageInfo, opt pruneOpt) error { + var toDelete []*deleteRecord + + if opt.keepBytes != 0 && opt.totalSize < opt.keepBytes { + return nil + } + cm.mu.Lock() + gcMode := opt.keepBytes != 0 + cutOff := time.Now().Add(-opt.keepDuration) + + locked := map[*cacheRecord]struct{}{} + for _, cr := range cm.records { + if _, ok := locked[cr]; ok { + continue + } cr.mu.Lock() // ignore duplicates that share data @@ -349,11 +386,11 @@ func (cm *cacheManager) prune(ctx context.Context, ch chan client.UsageInfo, fil } shared := false - if checkShared != nil { - shared = checkShared.Exists(cr.ID()) + if opt.checkShared != nil { + shared = opt.checkShared.Exists(cr.ID()) } - if !all { + if !opt.all { if recordType == client.UsageRecordTypeInternal || recordType == client.UsageRecordTypeFrontend || shared { cr.mu.Unlock() continue @@ -367,23 +404,59 @@ func (cm *cacheManager) prune(ctx context.Context, ch chan client.UsageInfo, fil Shared: shared, } - if filter.Match(adaptUsageInfo(c)) { - cr.dead = true + usageCount, lastUsedAt := getLastUsed(cr.md) + c.LastUsedAt = lastUsedAt + c.UsageCount = usageCount - toDelete = append(toDelete, cr) - - // mark metadata as deleted in case we crash before cleanup finished - if err := setDeleted(cr.md); err != nil { + if opt.keepDuration != 0 { + if lastUsedAt != nil && lastUsedAt.After(cutOff) { cr.mu.Unlock() - cm.mu.Unlock() - return err + continue + } + } + + if opt.filter.Match(adaptUsageInfo(c)) { + toDelete = append(toDelete, &deleteRecord{ + cacheRecord: cr, + lastUsedAt: c.LastUsedAt, + usageCount: c.UsageCount, + }) + if !gcMode { + cr.dead = true + + // mark metadata as deleted in case we crash before cleanup finished + if err := setDeleted(cr.md); err != nil { + cr.mu.Unlock() + cm.mu.Unlock() + return err + } + } else { + locked[cr] = struct{}{} + continue // leave the record locked } } } - cr.mu.Unlock() } + if gcMode && len(toDelete) > 0 { + sortDeleteRecords(toDelete) + var err error + for i, cr := range toDelete { + // only remove single record at a time + if i == 0 { + cr.dead = true + err = setDeleted(cr.md) + } + cr.mu.Unlock() + } + if err != nil { + return err + } + toDelete = toDelete[:1] + opt.totalSize -= getSize(toDelete[0].md) + } + cm.mu.Unlock() if len(toDelete) == 0 { @@ -443,7 +516,7 @@ func (cm *cacheManager) prune(ctx context.Context, ch chan client.UsageInfo, fil case <-ctx.Done(): return ctx.Err() default: - return cm.prune(ctx, ch, filter, all, checkShared) + return cm.prune(ctx, ch, opt) } } @@ -705,3 +778,63 @@ func adaptUsageInfo(info *client.UsageInfo) filters.Adaptor { return "", false }) } + +type pruneOpt struct { + filter filters.Filter + all bool + checkShared ExternalRefChecker + keepDuration time.Duration + keepBytes int64 + totalSize int64 +} + +type deleteRecord struct { + *cacheRecord + lastUsedAt *time.Time + usageCount int + lastUsedAtIndex int + usageCountIndex int +} + +func sortDeleteRecords(toDelete []*deleteRecord) { + sort.Slice(toDelete, func(i, j int) bool { + if toDelete[i].lastUsedAt == nil { + return true + } + if toDelete[j].lastUsedAt == nil { + return false + } + return toDelete[i].lastUsedAt.Before(*toDelete[j].lastUsedAt) + }) + + maxLastUsedIndex := 0 + var val time.Time + for _, v := range toDelete { + if v.lastUsedAt != nil && v.lastUsedAt.After(val) { + val = *v.lastUsedAt + maxLastUsedIndex++ + } + v.lastUsedAtIndex = maxLastUsedIndex + } + + sort.Slice(toDelete, func(i, j int) bool { + return toDelete[i].usageCount < toDelete[j].usageCount + }) + + maxUsageCountIndex := 0 + var count int + for _, v := range toDelete { + if v.usageCount != count { + count = v.usageCount + maxUsageCountIndex++ + } + v.usageCountIndex = maxUsageCountIndex + } + + sort.Slice(toDelete, func(i, j int) bool { + return float64(toDelete[i].lastUsedAtIndex)/float64(maxLastUsedIndex)+ + float64(toDelete[i].usageCountIndex)/float64(maxUsageCountIndex) < + float64(toDelete[j].lastUsedAtIndex)/float64(maxLastUsedIndex)+ + float64(toDelete[j].usageCountIndex)/float64(maxUsageCountIndex) + }) +} diff --git a/vendor/github.com/moby/buildkit/client/build.go b/vendor/github.com/moby/buildkit/client/build.go new file mode 100644 index 0000000000..93059d1394 --- /dev/null +++ b/vendor/github.com/moby/buildkit/client/build.go @@ -0,0 +1,95 @@ +package client + +import ( + "context" + + "github.com/moby/buildkit/client/buildid" + gateway "github.com/moby/buildkit/frontend/gateway/client" + "github.com/moby/buildkit/frontend/gateway/grpcclient" + gatewayapi "github.com/moby/buildkit/frontend/gateway/pb" + "github.com/moby/buildkit/session" + "github.com/moby/buildkit/util/apicaps" + "github.com/pkg/errors" + "google.golang.org/grpc" +) + +func (c *Client) Build(ctx context.Context, opt SolveOpt, product string, buildFunc gateway.BuildFunc, statusChan chan *SolveStatus) (*SolveResponse, error) { + defer func() { + if statusChan != nil { + close(statusChan) + } + }() + + if opt.Frontend != "" { + return nil, errors.New("invalid SolveOpt, Build interface cannot use Frontend") + } + + if product == "" { + product = apicaps.ExportedProduct + } + + feOpts := opt.FrontendAttrs + opt.FrontendAttrs = nil + + workers, err := c.ListWorkers(ctx) + if err != nil { + return nil, errors.Wrap(err, "listing workers for Build") + } + var gworkers []gateway.WorkerInfo + for _, w := range workers { + gworkers = append(gworkers, gateway.WorkerInfo{ + ID: w.ID, + Labels: w.Labels, + Platforms: w.Platforms, + }) + } + + cb := func(ref string, s *session.Session) error { + g, err := grpcclient.New(ctx, feOpts, s.ID(), product, c.gatewayClientForBuild(ref), gworkers) + if err != nil { + return err + } + + if err := g.Run(ctx, buildFunc); err != nil { + return errors.Wrap(err, "failed to run Build function") + } + return nil + } + + return c.solve(ctx, nil, cb, opt, statusChan) +} + +func (c *Client) gatewayClientForBuild(buildid string) gatewayapi.LLBBridgeClient { + g := gatewayapi.NewLLBBridgeClient(c.conn) + return &gatewayClientForBuild{g, buildid} +} + +type gatewayClientForBuild struct { + gateway gatewayapi.LLBBridgeClient + buildID string +} + +func (g *gatewayClientForBuild) ResolveImageConfig(ctx context.Context, in *gatewayapi.ResolveImageConfigRequest, opts ...grpc.CallOption) (*gatewayapi.ResolveImageConfigResponse, error) { + ctx = buildid.AppendToOutgoingContext(ctx, g.buildID) + return g.gateway.ResolveImageConfig(ctx, in, opts...) +} + +func (g *gatewayClientForBuild) Solve(ctx context.Context, in *gatewayapi.SolveRequest, opts ...grpc.CallOption) (*gatewayapi.SolveResponse, error) { + ctx = buildid.AppendToOutgoingContext(ctx, g.buildID) + return g.gateway.Solve(ctx, in, opts...) +} + +func (g *gatewayClientForBuild) ReadFile(ctx context.Context, in *gatewayapi.ReadFileRequest, opts ...grpc.CallOption) (*gatewayapi.ReadFileResponse, error) { + ctx = buildid.AppendToOutgoingContext(ctx, g.buildID) + return g.gateway.ReadFile(ctx, in, opts...) +} + +func (g *gatewayClientForBuild) Ping(ctx context.Context, in *gatewayapi.PingRequest, opts ...grpc.CallOption) (*gatewayapi.PongResponse, error) { + ctx = buildid.AppendToOutgoingContext(ctx, g.buildID) + return g.gateway.Ping(ctx, in, opts...) +} + +func (g *gatewayClientForBuild) Return(ctx context.Context, in *gatewayapi.ReturnRequest, opts ...grpc.CallOption) (*gatewayapi.ReturnResponse, error) { + ctx = buildid.AppendToOutgoingContext(ctx, g.buildID) + return g.gateway.Return(ctx, in, opts...) +} diff --git a/vendor/github.com/moby/buildkit/client/buildid/metadata.go b/vendor/github.com/moby/buildkit/client/buildid/metadata.go new file mode 100644 index 0000000000..bb169b8fe4 --- /dev/null +++ b/vendor/github.com/moby/buildkit/client/buildid/metadata.go @@ -0,0 +1,29 @@ +package buildid + +import ( + "context" + + "google.golang.org/grpc/metadata" +) + +var metadataKey = "buildkit-controlapi-buildid" + +func AppendToOutgoingContext(ctx context.Context, id string) context.Context { + if id != "" { + return metadata.AppendToOutgoingContext(ctx, metadataKey, id) + } + return ctx +} + +func FromIncomingContext(ctx context.Context) string { + md, ok := metadata.FromIncomingContext(ctx) + if !ok { + return "" + } + + if ids := md.Get(metadataKey); len(ids) == 1 { + return ids[0] + } + + return "" +} diff --git a/vendor/github.com/moby/buildkit/client/llb/exec.go b/vendor/github.com/moby/buildkit/client/llb/exec.go index c5a6677401..ebb5b7123f 100644 --- a/vendor/github.com/moby/buildkit/client/llb/exec.go +++ b/vendor/github.com/moby/buildkit/client/llb/exec.go @@ -2,6 +2,7 @@ package llb import ( _ "crypto/sha256" + "net" "sort" "github.com/moby/buildkit/solver/pb" @@ -10,11 +11,13 @@ import ( ) type Meta struct { - Args []string - Env EnvList - Cwd string - User string - ProxyEnv *ProxyEnv + Args []string + Env EnvList + Cwd string + User string + ProxyEnv *ProxyEnv + ExtraHosts []HostIP + Network pb.NetMode } func NewExecOp(root Output, meta Meta, readOnly bool, c Constraints) *ExecOp { @@ -127,13 +130,26 @@ func (e *ExecOp) Marshal(c *Constraints) (digest.Digest, []byte, *pb.OpMetadata, return e.mounts[i].target < e.mounts[j].target }) + meta := &pb.Meta{ + Args: e.meta.Args, + Env: e.meta.Env.ToArray(), + Cwd: e.meta.Cwd, + User: e.meta.User, + } + if len(e.meta.ExtraHosts) > 0 { + hosts := make([]*pb.HostIP, len(e.meta.ExtraHosts)) + for i, h := range e.meta.ExtraHosts { + hosts[i] = &pb.HostIP{Host: h.Host, IP: h.IP.String()} + } + meta.ExtraHosts = hosts + } + peo := &pb.ExecOp{ - Meta: &pb.Meta{ - Args: e.meta.Args, - Env: e.meta.Env.ToArray(), - Cwd: e.meta.Cwd, - User: e.meta.User, - }, + Meta: meta, + Network: e.meta.Network, + } + if e.meta.Network != NetModeSandbox { + addCap(&e.constraints, pb.CapExecMetaNetwork) } if p := e.meta.ProxyEnv; p != nil { @@ -346,6 +362,12 @@ func (fn runOptionFunc) SetRunOption(ei *ExecInfo) { fn(ei) } +func Network(n pb.NetMode) RunOption { + return runOptionFunc(func(ei *ExecInfo) { + ei.State = network(n)(ei.State) + }) +} + func Shlex(str string) RunOption { return Shlexf(str) } @@ -386,6 +408,12 @@ func Dirf(str string, v ...interface{}) RunOption { }) } +func AddExtraHost(host string, ip net.IP) RunOption { + return runOptionFunc(func(ei *ExecInfo) { + ei.State = ei.State.AddExtraHost(host, ip) + }) +} + func Reset(s State) RunOption { return runOptionFunc(func(ei *ExecInfo) { ei.State = ei.State.Reset(s) @@ -492,3 +520,9 @@ const ( CacheMountPrivate CacheMountLocked ) + +const ( + NetModeSandbox = pb.NetMode_UNSET + NetModeHost = pb.NetMode_HOST + NetModeNone = pb.NetMode_NONE +) diff --git a/vendor/github.com/moby/buildkit/client/llb/meta.go b/vendor/github.com/moby/buildkit/client/llb/meta.go index 22aea097d4..25b7885399 100644 --- a/vendor/github.com/moby/buildkit/client/llb/meta.go +++ b/vendor/github.com/moby/buildkit/client/llb/meta.go @@ -2,21 +2,25 @@ package llb import ( "fmt" + "net" "path" "github.com/containerd/containerd/platforms" "github.com/google/shlex" + "github.com/moby/buildkit/solver/pb" specs "github.com/opencontainers/image-spec/specs-go/v1" ) type contextKeyT string var ( - keyArgs = contextKeyT("llb.exec.args") - keyDir = contextKeyT("llb.exec.dir") - keyEnv = contextKeyT("llb.exec.env") - keyUser = contextKeyT("llb.exec.user") - keyPlatform = contextKeyT("llb.platform") + keyArgs = contextKeyT("llb.exec.args") + keyDir = contextKeyT("llb.exec.dir") + keyEnv = contextKeyT("llb.exec.env") + keyUser = contextKeyT("llb.exec.user") + keyExtraHost = contextKeyT("llb.exec.extrahost") + keyPlatform = contextKeyT("llb.platform") + keyNetwork = contextKeyT("llb.network") ) func addEnv(key, value string) StateOption { @@ -124,6 +128,40 @@ func getPlatform(s State) *specs.Platform { return nil } +func extraHost(host string, ip net.IP) StateOption { + return func(s State) State { + return s.WithValue(keyExtraHost, append(getExtraHosts(s), HostIP{Host: host, IP: ip})) + } +} + +func getExtraHosts(s State) []HostIP { + v := s.Value(keyExtraHost) + if v != nil { + return v.([]HostIP) + } + return nil +} + +type HostIP struct { + Host string + IP net.IP +} + +func network(v pb.NetMode) StateOption { + return func(s State) State { + return s.WithValue(keyNetwork, v) + } +} + +func getNetwork(s State) pb.NetMode { + v := s.Value(keyNetwork) + if v != nil { + n := v.(pb.NetMode) + return n + } + return NetModeSandbox +} + type EnvList []KeyValue type KeyValue struct { diff --git a/vendor/github.com/moby/buildkit/client/llb/state.go b/vendor/github.com/moby/buildkit/client/llb/state.go index 669e64679f..6812ad36e8 100644 --- a/vendor/github.com/moby/buildkit/client/llb/state.go +++ b/vendor/github.com/moby/buildkit/client/llb/state.go @@ -3,6 +3,7 @@ package llb import ( "context" "fmt" + "net" "github.com/containerd/containerd/platforms" "github.com/moby/buildkit/identity" @@ -181,11 +182,13 @@ func (s State) Run(ro ...RunOption) ExecState { o.SetRunOption(ei) } meta := Meta{ - Args: getArgs(ei.State), - Cwd: getDir(ei.State), - Env: getEnv(ei.State), - User: getUser(ei.State), - ProxyEnv: ei.ProxyEnv, + Args: getArgs(ei.State), + Cwd: getDir(ei.State), + Env: getEnv(ei.State), + User: getUser(ei.State), + ProxyEnv: ei.ProxyEnv, + ExtraHosts: getExtraHosts(ei.State), + Network: getNetwork(ei.State), } exec := NewExecOp(s.Output(), meta, ei.ReadonlyRootFS, ei.Constraints) @@ -247,6 +250,14 @@ func (s State) GetPlatform() *specs.Platform { return getPlatform(s) } +func (s State) Network(n pb.NetMode) State { + return network(n)(s) +} + +func (s State) GetNetwork() pb.NetMode { + return getNetwork(s) +} + func (s State) With(so ...StateOption) State { for _, o := range so { s = o(s) @@ -254,6 +265,10 @@ func (s State) With(so ...StateOption) State { return s } +func (s State) AddExtraHost(host string, ip net.IP) State { + return extraHost(host, ip)(s) +} + type output struct { vertex Vertex getIndex func() (pb.OutputIndex, error) diff --git a/vendor/github.com/moby/buildkit/client/prune.go b/vendor/github.com/moby/buildkit/client/prune.go index 96cf6fff0a..27fe5dd8cd 100644 --- a/vendor/github.com/moby/buildkit/client/prune.go +++ b/vendor/github.com/moby/buildkit/client/prune.go @@ -3,6 +3,7 @@ package client import ( "context" "io" + "time" controlapi "github.com/moby/buildkit/api/services/control" "github.com/pkg/errors" @@ -14,7 +15,11 @@ func (c *Client) Prune(ctx context.Context, ch chan UsageInfo, opts ...PruneOpti o.SetPruneOption(info) } - req := &controlapi.PruneRequest{Filter: info.Filter} + req := &controlapi.PruneRequest{ + Filter: info.Filter, + KeepDuration: int64(info.KeepDuration), + KeepBytes: int64(info.KeepBytes), + } if info.All { req.All = true } @@ -54,8 +59,10 @@ type PruneOption interface { } type PruneInfo struct { - Filter []string - All bool + Filter []string + All bool + KeepDuration time.Duration + KeepBytes int64 } type pruneOptionFunc func(*PruneInfo) @@ -67,3 +74,10 @@ func (f pruneOptionFunc) SetPruneOption(pi *PruneInfo) { var PruneAll = pruneOptionFunc(func(pi *PruneInfo) { pi.All = true }) + +func WithKeepOpt(duration time.Duration, bytes int64) PruneOption { + return pruneOptionFunc(func(pi *PruneInfo) { + pi.KeepDuration = duration + pi.KeepBytes = bytes + }) +} diff --git a/vendor/github.com/moby/buildkit/client/solve.go b/vendor/github.com/moby/buildkit/client/solve.go index 972b6b3ec9..8e1ae4962d 100644 --- a/vendor/github.com/moby/buildkit/client/solve.go +++ b/vendor/github.com/moby/buildkit/client/solve.go @@ -15,6 +15,7 @@ import ( "github.com/moby/buildkit/session/filesync" "github.com/moby/buildkit/session/grpchijack" "github.com/moby/buildkit/solver/pb" + "github.com/moby/buildkit/util/entitlements" opentracing "github.com/opentracing/opentracing-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" @@ -22,18 +23,19 @@ import ( ) type SolveOpt struct { - Exporter string - ExporterAttrs map[string]string - ExporterOutput io.WriteCloser // for ExporterOCI and ExporterDocker - ExporterOutputDir string // for ExporterLocal - LocalDirs map[string]string - SharedKey string - Frontend string - FrontendAttrs map[string]string - ExportCache string - ExportCacheAttrs map[string]string - ImportCache []string - Session []session.Attachable + Exporter string + ExporterAttrs map[string]string + ExporterOutput io.WriteCloser // for ExporterOCI and ExporterDocker + ExporterOutputDir string // for ExporterLocal + LocalDirs map[string]string + SharedKey string + Frontend string + FrontendAttrs map[string]string + ExportCache string + ExportCacheAttrs map[string]string + ImportCache []string + Session []session.Attachable + AllowedEntitlements []entitlements.Entitlement } // Solve calls Solve on the controller. @@ -52,6 +54,16 @@ func (c *Client) Solve(ctx context.Context, def *llb.Definition, opt SolveOpt, s return nil, errors.Errorf("invalid definition for frontend %s", opt.Frontend) } + return c.solve(ctx, def, nil, opt, statusChan) +} + +type runGatewayCB func(ref string, s *session.Session) error + +func (c *Client) solve(ctx context.Context, def *llb.Definition, runGateway runGatewayCB, opt SolveOpt, statusChan chan *SolveStatus) (*SolveResponse, error) { + if def != nil && runGateway != nil { + return nil, errors.New("invalid with def and cb") + } + syncedDirs, err := prepareSyncedDirs(def, opt.LocalDirs) if err != nil { return nil, err @@ -110,8 +122,12 @@ func (c *Client) Solve(ctx context.Context, def *llb.Definition, opt SolveOpt, s return s.Run(statusContext, grpchijack.Dialer(c.controlClient())) }) + solveCtx, cancelSolve := context.WithCancel(ctx) var res *SolveResponse eg.Go(func() error { + ctx := solveCtx + defer cancelSolve() + defer func() { // make sure the Status ends cleanly on build errors go func() { <-time.After(3 * time.Second) @@ -137,6 +153,7 @@ func (c *Client) Solve(ctx context.Context, def *llb.Definition, opt SolveOpt, s ImportRefs: opt.ImportCache, ExportAttrs: opt.ExportCacheAttrs, }, + Entitlements: opt.AllowedEntitlements, }) if err != nil { return errors.Wrap(err, "failed to solve") @@ -147,6 +164,28 @@ func (c *Client) Solve(ctx context.Context, def *llb.Definition, opt SolveOpt, s return nil }) + if runGateway != nil { + eg.Go(func() error { + err := runGateway(ref, s) + if err == nil { + return nil + } + + // If the callback failed then the main + // `Solve` (called above) should error as + // well. However as a fallback we wait up to + // 5s for that to happen before failing this + // goroutine. + select { + case <-solveCtx.Done(): + case <-time.After(5 * time.Second): + cancelSolve() + } + + return err + }) + } + eg.Go(func() error { stream, err := c.controlClient().Status(statusContext, &controlapi.StatusRequest{ Ref: ref, diff --git a/vendor/github.com/moby/buildkit/control/control.go b/vendor/github.com/moby/buildkit/control/control.go index 1dca59e30b..0e6904dc8f 100644 --- a/vendor/github.com/moby/buildkit/control/control.go +++ b/vendor/github.com/moby/buildkit/control/control.go @@ -2,12 +2,14 @@ package control import ( "context" + "time" "github.com/docker/distribution/reference" controlapi "github.com/moby/buildkit/api/services/control" apitypes "github.com/moby/buildkit/api/types" "github.com/moby/buildkit/cache/remotecache" "github.com/moby/buildkit/client" + controlgateway "github.com/moby/buildkit/control/gateway" "github.com/moby/buildkit/exporter" "github.com/moby/buildkit/frontend" "github.com/moby/buildkit/session" @@ -34,29 +36,34 @@ type Opt struct { } type Controller struct { // TODO: ControlService - opt Opt - solver *llbsolver.Solver - cache solver.CacheManager + opt Opt + solver *llbsolver.Solver + cache solver.CacheManager + gatewayForwarder *controlgateway.GatewayForwarder } func NewController(opt Opt) (*Controller, error) { cache := solver.NewCacheManager("local", opt.CacheKeyStorage, worker.NewCacheResultStorage(opt.WorkerController)) - solver, err := llbsolver.New(opt.WorkerController, opt.Frontends, cache, opt.ResolveCacheImporterFunc) + gatewayForwarder := controlgateway.NewGatewayForwarder() + + solver, err := llbsolver.New(opt.WorkerController, opt.Frontends, cache, opt.ResolveCacheImporterFunc, gatewayForwarder) if err != nil { return nil, errors.Wrap(err, "failed to create solver") } c := &Controller{ - opt: opt, - solver: solver, - cache: cache, + opt: opt, + solver: solver, + cache: cache, + gatewayForwarder: gatewayForwarder, } return c, nil } func (c *Controller) Register(server *grpc.Server) error { controlapi.RegisterControlServer(server, c) + c.gatewayForwarder.Register(server) return nil } @@ -120,8 +127,10 @@ func (c *Controller) Prune(req *controlapi.PruneRequest, stream controlapi.Contr func(w worker.Worker) { eg.Go(func() error { return w.Prune(ctx, ch, client.PruneInfo{ - Filter: req.Filter, - All: req.All, + Filter: req.Filter, + All: req.All, + KeepDuration: time.Duration(req.KeepDuration), + KeepBytes: req.KeepBytes, }) }) }(w) @@ -213,7 +222,7 @@ func (c *Controller) Solve(ctx context.Context, req *controlapi.SolveRequest) (* Exporter: expi, CacheExporter: cacheExporter, CacheExportMode: parseCacheExporterOpt(req.Cache.ExportAttrs), - }) + }, req.Entitlements) if err != nil { return nil, err } diff --git a/vendor/github.com/moby/buildkit/control/gateway/gateway.go b/vendor/github.com/moby/buildkit/control/gateway/gateway.go new file mode 100644 index 0000000000..475d18b4a4 --- /dev/null +++ b/vendor/github.com/moby/buildkit/control/gateway/gateway.go @@ -0,0 +1,127 @@ +package gateway + +import ( + "context" + "sync" + "time" + + "github.com/moby/buildkit/client/buildid" + "github.com/moby/buildkit/frontend/gateway" + gwapi "github.com/moby/buildkit/frontend/gateway/pb" + "github.com/pkg/errors" + "google.golang.org/grpc" +) + +type GatewayForwarder struct { + mu sync.RWMutex + updateCond *sync.Cond + builds map[string]gateway.LLBBridgeForwarder +} + +func NewGatewayForwarder() *GatewayForwarder { + gwf := &GatewayForwarder{ + builds: map[string]gateway.LLBBridgeForwarder{}, + } + gwf.updateCond = sync.NewCond(gwf.mu.RLocker()) + return gwf +} + +func (gwf *GatewayForwarder) Register(server *grpc.Server) { + gwapi.RegisterLLBBridgeServer(server, gwf) +} + +func (gwf *GatewayForwarder) RegisterBuild(ctx context.Context, id string, bridge gateway.LLBBridgeForwarder) error { + gwf.mu.Lock() + defer gwf.mu.Unlock() + + if _, ok := gwf.builds[id]; ok { + return errors.Errorf("build ID %s exists", id) + } + + gwf.builds[id] = bridge + gwf.updateCond.Broadcast() + + return nil +} + +func (gwf *GatewayForwarder) UnregisterBuild(ctx context.Context, id string) { + gwf.mu.Lock() + defer gwf.mu.Unlock() + + delete(gwf.builds, id) + gwf.updateCond.Broadcast() +} + +func (gwf *GatewayForwarder) lookupForwarder(ctx context.Context) (gateway.LLBBridgeForwarder, error) { + bid := buildid.FromIncomingContext(ctx) + if bid == "" { + return nil, errors.New("no buildid found in context") + } + + ctx, cancel := context.WithTimeout(ctx, 3*time.Second) + defer cancel() + + go func() { + <-ctx.Done() + gwf.updateCond.Broadcast() + }() + + gwf.mu.RLock() + defer gwf.mu.RUnlock() + for { + select { + case <-ctx.Done(): + return nil, errors.Errorf("no such job %s", bid) + default: + } + fwd, ok := gwf.builds[bid] + if !ok { + gwf.updateCond.Wait() + continue + } + return fwd, nil + } +} + +func (gwf *GatewayForwarder) ResolveImageConfig(ctx context.Context, req *gwapi.ResolveImageConfigRequest) (*gwapi.ResolveImageConfigResponse, error) { + fwd, err := gwf.lookupForwarder(ctx) + if err != nil { + return nil, errors.Wrap(err, "forwarding ResolveImageConfig") + } + + return fwd.ResolveImageConfig(ctx, req) +} + +func (gwf *GatewayForwarder) Solve(ctx context.Context, req *gwapi.SolveRequest) (*gwapi.SolveResponse, error) { + fwd, err := gwf.lookupForwarder(ctx) + if err != nil { + return nil, errors.Wrap(err, "forwarding Solve") + } + + return fwd.Solve(ctx, req) +} + +func (gwf *GatewayForwarder) ReadFile(ctx context.Context, req *gwapi.ReadFileRequest) (*gwapi.ReadFileResponse, error) { + fwd, err := gwf.lookupForwarder(ctx) + if err != nil { + return nil, errors.Wrap(err, "forwarding ReadFile") + } + return fwd.ReadFile(ctx, req) +} + +func (gwf *GatewayForwarder) Ping(ctx context.Context, req *gwapi.PingRequest) (*gwapi.PongResponse, error) { + fwd, err := gwf.lookupForwarder(ctx) + if err != nil { + return nil, errors.Wrap(err, "forwarding Ping") + } + return fwd.Ping(ctx, req) +} + +func (gwf *GatewayForwarder) Return(ctx context.Context, req *gwapi.ReturnRequest) (*gwapi.ReturnResponse, error) { + fwd, err := gwf.lookupForwarder(ctx) + if err != nil { + return nil, errors.Wrap(err, "forwarding Return") + } + res, err := fwd.Return(ctx, req) + return res, err +} diff --git a/vendor/github.com/moby/buildkit/executor/executor.go b/vendor/github.com/moby/buildkit/executor/executor.go index 6c89792626..91ae976faa 100644 --- a/vendor/github.com/moby/buildkit/executor/executor.go +++ b/vendor/github.com/moby/buildkit/executor/executor.go @@ -3,8 +3,10 @@ package executor import ( "context" "io" + "net" "github.com/moby/buildkit/cache" + "github.com/moby/buildkit/solver/pb" ) type Meta struct { @@ -14,7 +16,8 @@ type Meta struct { Cwd string Tty bool ReadonlyRootFS bool - // DisableNetworking bool + ExtraHosts []HostIP + NetMode pb.NetMode } type Mount struct { @@ -28,3 +31,8 @@ type Executor interface { // TODO: add stdout/err Exec(ctx context.Context, meta Meta, rootfs cache.Mountable, mounts []Mount, stdin io.ReadCloser, stdout, stderr io.WriteCloser) error } + +type HostIP struct { + Host string + IP net.IP +} diff --git a/vendor/github.com/moby/buildkit/executor/oci/hosts.go b/vendor/github.com/moby/buildkit/executor/oci/hosts.go index b7be99ccf3..405d758d32 100644 --- a/vendor/github.com/moby/buildkit/executor/oci/hosts.go +++ b/vendor/github.com/moby/buildkit/executor/oci/hosts.go @@ -1,10 +1,15 @@ package oci import ( + "bytes" "context" + "fmt" "io/ioutil" "os" "path/filepath" + + "github.com/moby/buildkit/executor" + "github.com/moby/buildkit/identity" ) const hostsContent = ` @@ -12,27 +17,53 @@ const hostsContent = ` ::1 localhost ip6-localhost ip6-loopback ` -func GetHostsFile(ctx context.Context, stateDir string) (string, error) { - p := filepath.Join(stateDir, "hosts") - _, err := g.Do(ctx, stateDir, func(ctx context.Context) (interface{}, error) { - _, err := os.Stat(p) - if err == nil { - return "", nil +func GetHostsFile(ctx context.Context, stateDir string, extraHosts []executor.HostIP) (string, func(), error) { + if len(extraHosts) == 0 { + _, err := g.Do(ctx, stateDir, func(ctx context.Context) (interface{}, error) { + _, _, err := makeHostsFile(stateDir, nil) + return nil, err + }) + if err != nil { + return "", nil, err } - if !os.IsNotExist(err) { - return "", err - } - if err := ioutil.WriteFile(p+".tmp", []byte(hostsContent), 0644); err != nil { - return "", err - } - - if err := os.Rename(p+".tmp", p); err != nil { - return "", err - } - return "", nil - }) - if err != nil { - return "", err + return filepath.Join(stateDir, "hosts"), func() {}, nil } - return p, nil + return makeHostsFile(stateDir, extraHosts) +} + +func makeHostsFile(stateDir string, extraHosts []executor.HostIP) (string, func(), error) { + p := filepath.Join(stateDir, "hosts") + if len(extraHosts) != 0 { + p += "." + identity.NewID() + } + _, err := os.Stat(p) + if err == nil { + return "", func() {}, nil + } + if !os.IsNotExist(err) { + return "", nil, err + } + + b := &bytes.Buffer{} + + if _, err := b.Write([]byte(hostsContent)); err != nil { + return "", nil, err + } + + for _, h := range extraHosts { + if _, err := b.Write([]byte(fmt.Sprintf("%s\t%s\n", h.IP.String(), h.Host))); err != nil { + return "", nil, err + } + } + + if err := ioutil.WriteFile(p+".tmp", b.Bytes(), 0644); err != nil { + return "", nil, err + } + + if err := os.Rename(p+".tmp", p); err != nil { + return "", nil, err + } + return p, func() { + os.RemoveAll(p) + }, nil } diff --git a/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go b/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go index c628b5cab1..498f6c0de4 100644 --- a/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go +++ b/vendor/github.com/moby/buildkit/executor/oci/spec_unix.go @@ -21,7 +21,7 @@ import ( // Ideally we don't have to import whole containerd just for the default spec // GenerateSpec generates spec using containerd functionality. -func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, opts ...oci.SpecOpts) (*specs.Spec, func(), error) { +func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, hostNetwork bool, opts ...oci.SpecOpts) (*specs.Spec, func(), error) { c := &containers.Container{ ID: id, } @@ -30,9 +30,9 @@ func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mou ctx = namespaces.WithNamespace(ctx, "buildkit") } - opts = append(opts, - oci.WithHostNamespace(specs.NetworkNamespace), - ) + if hostNetwork { + opts = append(opts, oci.WithHostNamespace(specs.NetworkNamespace)) + } // Note that containerd.GenerateSpec is namespaced so as to make // specs.Linux.CgroupsPath namespaced diff --git a/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go b/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go index 8dae7b2e1a..3d19d4e375 100644 --- a/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go +++ b/vendor/github.com/moby/buildkit/executor/runcexecutor/executor.go @@ -10,6 +10,7 @@ import ( "path/filepath" "strconv" "strings" + "sync" "syscall" "github.com/containerd/containerd/contrib/seccomp" @@ -21,9 +22,12 @@ import ( "github.com/moby/buildkit/executor" "github.com/moby/buildkit/executor/oci" "github.com/moby/buildkit/identity" + "github.com/moby/buildkit/solver/pb" + "github.com/moby/buildkit/util/network" rootlessspecconv "github.com/moby/buildkit/util/rootless/specconv" "github.com/moby/buildkit/util/system" - "github.com/opencontainers/runtime-spec/specs-go" + runcsystem "github.com/opencontainers/runc/libcontainer/system" + specs "github.com/opencontainers/runtime-spec/specs-go" "github.com/pkg/errors" "github.com/sirupsen/logrus" ) @@ -39,13 +43,14 @@ type Opt struct { var defaultCommandCandidates = []string{"buildkit-runc", "runc"} type runcExecutor struct { - runc *runc.Runc - root string - cmd string - rootless bool + runc *runc.Runc + root string + cmd string + rootless bool + networkProvider network.Provider } -func New(opt Opt) (executor.Executor, error) { +func New(opt Opt, networkProvider network.Provider) (executor.Executor, error) { cmds := opt.CommandCandidates if cmds == nil { cmds = defaultCommandCandidates @@ -65,6 +70,10 @@ func New(opt Opt) (executor.Executor, error) { root := opt.Root + if err := setSubReaper(); err != nil { + return nil, err + } + if err := os.MkdirAll(root, 0700); err != nil { return nil, errors.Wrapf(err, "failed to create %s", root) } @@ -89,24 +98,49 @@ func New(opt Opt) (executor.Executor, error) { } w := &runcExecutor{ - runc: runtime, - root: root, - rootless: opt.Rootless, + runc: runtime, + root: root, + rootless: opt.Rootless, + networkProvider: networkProvider, } return w, nil } func (w *runcExecutor) Exec(ctx context.Context, meta executor.Meta, root cache.Mountable, mounts []executor.Mount, stdin io.ReadCloser, stdout, stderr io.WriteCloser) error { + var iface network.Interface + // FIXME: still uses host if no provider configured + if meta.NetMode == pb.NetMode_UNSET { + if w.networkProvider != nil { + var err error + iface, err = w.networkProvider.NewInterface() + if err != nil || iface == nil { + meta.NetMode = pb.NetMode_HOST + } + } else { + meta.NetMode = pb.NetMode_HOST + } + } + if meta.NetMode == pb.NetMode_HOST { + logrus.Info("enabling HostNetworking") + } + defer func() { + if iface != nil { + w.networkProvider.Release(iface) + } + }() resolvConf, err := oci.GetResolvConf(ctx, w.root) if err != nil { return err } - hostsFile, err := oci.GetHostsFile(ctx, w.root) + hostsFile, clean, err := oci.GetHostsFile(ctx, w.root, meta.ExtraHosts) if err != nil { return err } + if clean != nil { + defer clean() + } mountable, err := root.Mount(ctx, false) if err != nil { @@ -145,6 +179,7 @@ func (w *runcExecutor) Exec(ctx context.Context, meta executor.Meta, root cache. return err } defer f.Close() + opts := []containerdoci.SpecOpts{oci.WithUIDGID(uid, gid, sgids)} if system.SeccompSupported() { opts = append(opts, seccomp.WithDefaultProfile()) @@ -152,7 +187,7 @@ func (w *runcExecutor) Exec(ctx context.Context, meta executor.Meta, root cache. if meta.ReadonlyRootFS { opts = append(opts, containerdoci.WithRootFSReadonly()) } - spec, cleanup, err := oci.GenerateSpec(ctx, meta, mounts, id, resolvConf, hostsFile, opts...) + spec, cleanup, err := oci.GenerateSpec(ctx, meta, mounts, id, resolvConf, hostsFile, meta.NetMode == pb.NetMode_HOST, opts...) if err != nil { return err } @@ -184,32 +219,140 @@ func (w *runcExecutor) Exec(ctx context.Context, meta executor.Meta, root cache. return err } - logrus.Debugf("> running %s %v", id, meta.Args) + forwardIO, err := newForwardIO(stdin, stdout, stderr) + if err != nil { + return errors.Wrap(err, "creating new forwarding IO") + } + defer forwardIO.Close() - status, err := w.runc.Run(ctx, id, bundle, &runc.CreateOpts{ - IO: &forwardIO{stdin: stdin, stdout: stdout, stderr: stderr}, + pidFilePath := filepath.Join(w.root, "runc_pid_"+identity.NewID()) + defer os.RemoveAll(pidFilePath) + + logrus.Debugf("> creating %s %v", id, meta.Args) + err = w.runc.Create(ctx, id, bundle, &runc.CreateOpts{ + PidFile: pidFilePath, + IO: forwardIO, }) - logrus.Debugf("< completed %s %v %v", id, status, err) - if status != 0 { - select { - case <-ctx.Done(): - // runc can't report context.Cancelled directly - return errors.Wrapf(ctx.Err(), "exit code %d", status) - default: - } - return errors.Errorf("exit code %d", status) + if err != nil { + return err + } + forwardIO.release() + + defer func() { + go func() { + if err := w.runc.Delete(context.TODO(), id, &runc.DeleteOpts{}); err != nil { + logrus.Errorf("failed to delete %s: %+v", id, err) + } + }() + }() + + dt, err := ioutil.ReadFile(pidFilePath) + if err != nil { + return err + } + pid, err := strconv.Atoi(string(dt)) + if err != nil { + return err } - return err + done := make(chan struct{}) + defer close(done) + + go func() { + select { + case <-done: + case <-ctx.Done(): + syscall.Kill(-pid, syscall.SIGKILL) + } + }() + + if iface != nil { + if err := iface.Set(pid); err != nil { + return errors.Wrap(err, "could not set the network") + } + defer func() { + iface.Remove(pid) + }() + } + + err = w.runc.Start(ctx, id) + if err != nil { + return err + } + + p, err := os.FindProcess(pid) + if err != nil { + return err + } + + status := 0 + ps, err := p.Wait() + if err != nil { + status = 255 + } + + if ws, ok := ps.Sys().(syscall.WaitStatus); ok { + status = ws.ExitStatus() + } + if status != 0 { + return errors.Errorf("exit code: %d", status) + } + + return nil } type forwardIO struct { - stdin io.ReadCloser - stdout, stderr io.WriteCloser + stdin, stdout, stderr *os.File + toRelease []io.Closer + toClose []io.Closer +} + +func newForwardIO(stdin io.ReadCloser, stdout, stderr io.WriteCloser) (f *forwardIO, err error) { + fio := &forwardIO{} + defer func() { + if err != nil { + fio.Close() + } + }() + if stdin != nil { + fio.stdin, err = fio.readCloserToFile(stdin) + if err != nil { + return nil, err + } + } + if stdout != nil { + fio.stdout, err = fio.writeCloserToFile(stdout) + if err != nil { + return nil, err + } + } + if stderr != nil { + fio.stderr, err = fio.writeCloserToFile(stderr) + if err != nil { + return nil, err + } + } + return fio, nil } func (s *forwardIO) Close() error { - return nil + s.release() + var err error + for _, cl := range s.toClose { + if err1 := cl.Close(); err == nil { + err = err1 + } + } + s.toClose = nil + return err +} + +// release releases active FDs if the process doesn't need them any more +func (s *forwardIO) release() { + for _, cl := range s.toRelease { + cl.Close() + } + s.toRelease = nil } func (s *forwardIO) Set(cmd *exec.Cmd) { @@ -218,6 +361,62 @@ func (s *forwardIO) Set(cmd *exec.Cmd) { cmd.Stderr = s.stderr } +func (s *forwardIO) readCloserToFile(rc io.ReadCloser) (*os.File, error) { + if f, ok := rc.(*os.File); ok { + return f, nil + } + pr, pw, err := os.Pipe() + if err != nil { + return nil, err + } + s.toClose = append(s.toClose, pw) + s.toRelease = append(s.toRelease, pr) + go func() { + _, err := io.Copy(pw, rc) + if err1 := pw.Close(); err == nil { + err = err1 + } + _ = err + }() + return pr, nil +} + +func (s *forwardIO) writeCloserToFile(wc io.WriteCloser) (*os.File, error) { + if f, ok := wc.(*os.File); ok { + return f, nil + } + pr, pw, err := os.Pipe() + if err != nil { + return nil, err + } + s.toClose = append(s.toClose, pr) + s.toRelease = append(s.toRelease, pw) + go func() { + _, err := io.Copy(wc, pr) + if err1 := pw.Close(); err == nil { + err = err1 + } + _ = err + }() + return pw, nil +} + +var subReaperOnce sync.Once +var subReaperError error + +// DisableSubReaper prevents setting subreaper on the current process. +// Do not rely on this function it may change or be removed. +func DisableSubReaper() { + subReaperOnce.Do(func() {}) +} + +func setSubReaper() error { + subReaperOnce.Do(func() { + subReaperError = runcsystem.SetSubreaper(1) + }) + return subReaperError +} + func (s *forwardIO) Stdin() io.WriteCloser { return nil } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/builder/build.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/builder/build.go index ab7cfe3b84..b76a55e5ab 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/builder/build.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/builder/build.go @@ -4,8 +4,10 @@ import ( "archive/tar" "bytes" "context" + "encoding/csv" "encoding/json" "fmt" + "net" "regexp" "strconv" "strings" @@ -36,6 +38,8 @@ const ( keyTargetPlatform = "platform" keyMultiPlatform = "multi-platform" keyImageResolveMode = "image-resolve-mode" + keyGlobalAddHosts = "add-hosts" + keyForceNetwork = "force-network-mode" ) var httpPrefix = regexp.MustCompile("^https?://") @@ -64,6 +68,16 @@ func Build(ctx context.Context, c client.Client) (*client.Result, error) { return nil, err } + extraHosts, err := parseExtraHosts(opts[keyGlobalAddHosts]) + if err != nil { + return nil, errors.Wrap(err, "failed to parse additional hosts") + } + + defaultNetMode, err := parseNetMode(opts[keyForceNetwork]) + if err != nil { + return nil, err + } + filename := opts[keyFilename] if filename == "" { filename = defaultDockerfileName @@ -250,6 +264,8 @@ func Build(ctx context.Context, c client.Client) (*client.Result, error) { BuildPlatforms: buildPlatforms, ImageResolveMode: resolveMode, PrefixPlatform: exportMap, + ExtraHosts: extraHosts, + ForceNetMode: defaultNetMode, }) if err != nil { @@ -413,3 +429,45 @@ func parseResolveMode(v string) (llb.ResolveMode, error) { return 0, errors.Errorf("invalid image-resolve-mode: %s", v) } } + +func parseExtraHosts(v string) ([]llb.HostIP, error) { + if v == "" { + return nil, nil + } + out := make([]llb.HostIP, 0) + csvReader := csv.NewReader(strings.NewReader(v)) + fields, err := csvReader.Read() + if err != nil { + return nil, err + } + for _, field := range fields { + parts := strings.SplitN(field, "=", 2) + if len(parts) != 2 { + return nil, errors.Errorf("invalid key-value pair %s", field) + } + key := strings.ToLower(parts[0]) + val := strings.ToLower(parts[1]) + ip := net.ParseIP(val) + if ip == nil { + return nil, errors.Errorf("failed to parse IP %s", val) + } + out = append(out, llb.HostIP{Host: key, IP: ip}) + } + return out, nil +} + +func parseNetMode(v string) (pb.NetMode, error) { + if v == "" { + return llb.NetModeSandbox, nil + } + switch v { + case "none": + return llb.NetModeNone, nil + case "host": + return llb.NetModeHost, nil + case "sandbox": + return llb.NetModeSandbox, nil + default: + return 0, errors.Errorf("invalid netmode %s", v) + } +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert.go index 484b3e42be..4ffdbb7bc3 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert.go @@ -22,6 +22,7 @@ import ( "github.com/moby/buildkit/frontend/dockerfile/parser" "github.com/moby/buildkit/frontend/dockerfile/shell" gw "github.com/moby/buildkit/frontend/gateway/client" + "github.com/moby/buildkit/solver/pb" specs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" "golang.org/x/sync/errgroup" @@ -52,6 +53,8 @@ type ConvertOpt struct { TargetPlatform *specs.Platform BuildPlatforms []specs.Platform PrefixPlatform bool + ExtraHosts []llb.HostIP + ForceNetMode pb.NetMode } func Dockerfile2LLB(ctx context.Context, dt []byte, opt ConvertOpt) (*llb.State, *Image, error) { @@ -282,6 +285,7 @@ func Dockerfile2LLB(ctx context.Context, dt []byte, opt ConvertOpt) (*llb.State, return nil, nil, err } } + d.state = d.state.Network(opt.ForceNetMode) opt := dispatchOpt{ allDispatchStates: allDispatchStates, @@ -294,6 +298,7 @@ func Dockerfile2LLB(ctx context.Context, dt []byte, opt ConvertOpt) (*llb.State, cacheIDNamespace: opt.CacheIDNamespace, buildPlatforms: platformOpt.buildPlatforms, targetPlatform: platformOpt.targetPlatform, + extraHosts: opt.ExtraHosts, } if err = dispatchOnBuild(d, d.image.Config.OnBuild, opt); err != nil { @@ -397,6 +402,7 @@ type dispatchOpt struct { cacheIDNamespace string targetPlatform specs.Platform buildPlatforms []specs.Platform + extraHosts []llb.HostIP } func dispatch(d *dispatchState, cmd command, opt dispatchOpt) error { @@ -584,6 +590,9 @@ func dispatchRun(d *dispatchState, c *instructions.RunCommand, proxy *llb.ProxyE } opt = append(opt, runMounts...) opt = append(opt, llb.WithCustomName(prefixCommand(d, uppercaseCmd(processCmdEnv(dopt.shlex, c.String(), d.state.Run(opt...).Env())), d.prefixPlatform, d.state.GetPlatform()))) + for _, h := range dopt.extraHosts { + opt = append(opt, llb.AddExtraHost(h.Host, h.IP)) + } d.state = d.state.Run(opt...).Root() return commitToHistory(&d.image, "RUN "+runCommandString(args, d.buildArgs), true, &d.state) } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_nosecrets.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_nosecrets.go new file mode 100644 index 0000000000..d75470215f --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_nosecrets.go @@ -0,0 +1,13 @@ +// +build dfrunmount,!dfsecrets + +package dockerfile2llb + +import ( + "github.com/moby/buildkit/client/llb" + "github.com/moby/buildkit/frontend/dockerfile/instructions" + "github.com/pkg/errors" +) + +func dispatchSecret(m *instructions.Mount) (llb.RunOption, error) { + return nil, errors.Errorf("secret mounts not allowed") +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_runmount.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_runmount.go index aea61b3675..c726b15c03 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_runmount.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_runmount.go @@ -57,6 +57,14 @@ func dispatchRunMounts(d *dispatchState, c *instructions.RunCommand, sources []* st = llb.Scratch() mountOpts = append(mountOpts, llb.Tmpfs()) } + if mount.Type == instructions.MountTypeSecret { + secret, err := dispatchSecret(mount) + if err != nil { + return nil, err + } + out = append(out, secret) + continue + } if mount.ReadOnly { mountOpts = append(mountOpts, llb.Readonly) } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_secrets.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_secrets.go new file mode 100644 index 0000000000..724035253c --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb/convert_secrets.go @@ -0,0 +1,32 @@ +// +build dfsecrets dfextall + +package dockerfile2llb + +import ( + "path" + + "github.com/moby/buildkit/client/llb" + "github.com/moby/buildkit/frontend/dockerfile/instructions" + "github.com/pkg/errors" +) + +func dispatchSecret(m *instructions.Mount) (llb.RunOption, error) { + id := m.CacheID + if m.Source != "" { + id = m.Source + } + + if id == "" { + if m.Target == "" { + return nil, errors.Errorf("one of source, target required") + } + id = path.Base(m.Target) + } + + target := m.Target + if target == "" { + target = "/run/secrets/" + path.Base(id) + } + + return llb.AddSecret(target, llb.SecretID(id)), nil +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_nosecrets.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_nosecrets.go new file mode 100644 index 0000000000..58780648db --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_nosecrets.go @@ -0,0 +1,7 @@ +// +build !dfsecrets + +package instructions + +func isSecretMountsSupported() bool { + return false +} diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_runmount.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_runmount.go index 569c60bc68..d95a83935a 100644 --- a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_runmount.go +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_runmount.go @@ -13,11 +13,13 @@ import ( const MountTypeBind = "bind" const MountTypeCache = "cache" const MountTypeTmpfs = "tmpfs" +const MountTypeSecret = "secret" var allowedMountTypes = map[string]struct{}{ - MountTypeBind: {}, - MountTypeCache: {}, - MountTypeTmpfs: {}, + MountTypeBind: {}, + MountTypeCache: {}, + MountTypeTmpfs: {}, + MountTypeSecret: {}, } const MountSharingShared = "shared" @@ -40,6 +42,11 @@ func init() { } func isValidMountType(s string) bool { + if s == "secret" { + if !isSecretMountsSupported() { + return false + } + } _, ok := allowedMountTypes[s] return ok } @@ -177,5 +184,20 @@ func parseMount(value string) (*Mount, error) { return nil, errors.Errorf("invalid cache sharing set for %v mount", m.Type) } + if m.Type == MountTypeSecret { + if m.From != "" { + return nil, errors.Errorf("secret mount should not have a from") + } + if m.CacheSharing != "" { + return nil, errors.Errorf("secret mount should not define sharing") + } + if m.Source == "" && m.Target == "" && m.CacheID == "" { + return nil, errors.Errorf("invalid secret mount. one of source, target required") + } + if m.Source != "" && m.CacheID != "" { + return nil, errors.Errorf("both source and id can't be set") + } + } + return m, nil } diff --git a/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_secrets.go b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_secrets.go new file mode 100644 index 0000000000..63b3e215a0 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/dockerfile/instructions/commands_secrets.go @@ -0,0 +1,7 @@ +// +build dfsecrets dfextall + +package instructions + +func isSecretMountsSupported() bool { + return true +} diff --git a/vendor/github.com/moby/buildkit/frontend/gateway/gateway.go b/vendor/github.com/moby/buildkit/frontend/gateway/gateway.go index 15aac85331..dbe43d9155 100644 --- a/vendor/github.com/moby/buildkit/frontend/gateway/gateway.go +++ b/vendor/github.com/moby/buildkit/frontend/gateway/gateway.go @@ -215,26 +215,72 @@ func (gf *gatewayFrontend) Solve(ctx context.Context, llbBridge frontend.Fronten ReadonlyRootFS: readonly, }, rootFS, lbf.Stdin, lbf.Stdout, os.Stderr) - if lbf.err != nil { - return nil, lbf.err + if err != nil { + // An existing error (set via Return rpc) takes + // precedence over this error, which in turn takes + // precedence over a success reported via Return. + lbf.mu.Lock() + if lbf.err == nil { + lbf.result = nil + lbf.err = err + } + lbf.mu.Unlock() } - if err != nil { - return nil, err + return lbf.Result() +} + +func (lbf *llbBridgeForwarder) Done() <-chan struct{} { + return lbf.doneCh +} + +func (lbf *llbBridgeForwarder) setResult(r *frontend.Result, err error) (*pb.ReturnResponse, error) { + lbf.mu.Lock() + defer lbf.mu.Unlock() + + if (r == nil) == (err == nil) { + return nil, errors.New("gateway return must be either result or err") + } + + if lbf.result != nil || lbf.err != nil { + return nil, errors.New("gateway result is already set") + } + + lbf.result = r + lbf.err = err + close(lbf.doneCh) + return &pb.ReturnResponse{}, nil +} + +func (lbf *llbBridgeForwarder) Result() (*frontend.Result, error) { + lbf.mu.Lock() + defer lbf.mu.Unlock() + + if lbf.result == nil && lbf.err == nil { + return nil, errors.New("no result for incomplete build") + } + + if lbf.err != nil { + return nil, lbf.err } return lbf.result, nil } -func newLLBBridgeForwarder(ctx context.Context, llbBridge frontend.FrontendLLBBridge, workers frontend.WorkerInfos) (*llbBridgeForwarder, error) { +func NewBridgeForwarder(ctx context.Context, llbBridge frontend.FrontendLLBBridge, workers frontend.WorkerInfos) *llbBridgeForwarder { lbf := &llbBridgeForwarder{ callCtx: ctx, llbBridge: llbBridge, refs: map[string]solver.CachedResult{}, + doneCh: make(chan struct{}), pipe: newPipe(), workers: workers, } + return lbf +} +func newLLBBridgeForwarder(ctx context.Context, llbBridge frontend.FrontendLLBBridge, workers frontend.WorkerInfos) (*llbBridgeForwarder, error) { + lbf := NewBridgeForwarder(ctx, llbBridge, workers) server := grpc.NewServer() grpc_health_v1.RegisterHealthServer(server, health.NewServer()) pb.RegisterLLBBridgeServer(server, lbf) @@ -297,6 +343,12 @@ func (d dummyAddr) String() string { return "localhost" } +type LLBBridgeForwarder interface { + pb.LLBBridgeServer + Done() <-chan struct{} + Result() (*frontend.Result, error) +} + type llbBridgeForwarder struct { mu sync.Mutex callCtx context.Context @@ -305,6 +357,7 @@ type llbBridgeForwarder struct { // lastRef solver.CachedResult // lastRefs map[string]solver.CachedResult // err error + doneCh chan struct{} // closed when result or err become valid through a call to a Return result *frontend.Result err error exporterAttr map[string][]byte @@ -465,13 +518,13 @@ func (lbf *llbBridgeForwarder) Ping(context.Context, *pb.PingRequest) (*pb.PongR func (lbf *llbBridgeForwarder) Return(ctx context.Context, in *pb.ReturnRequest) (*pb.ReturnResponse, error) { if in.Error != nil { - lbf.err = status.ErrorProto(&spb.Status{ + return lbf.setResult(nil, status.ErrorProto(&spb.Status{ Code: in.Error.Code, Message: in.Error.Message, // Details: in.Error.Details, - }) + })) } else { - lbf.result = &frontend.Result{ + r := &frontend.Result{ Metadata: in.Result.Metadata, } @@ -481,7 +534,7 @@ func (lbf *llbBridgeForwarder) Return(ctx context.Context, in *pb.ReturnRequest) if err != nil { return nil, err } - lbf.result.Ref = ref + r.Ref = ref case *pb.Result_Refs: m := map[string]solver.CachedResult{} for k, v := range res.Refs.Refs { @@ -491,11 +544,10 @@ func (lbf *llbBridgeForwarder) Return(ctx context.Context, in *pb.ReturnRequest) } m[k] = ref } - lbf.result.Refs = m + r.Refs = m } + return lbf.setResult(r, nil) } - - return &pb.ReturnResponse{}, nil } func (lbf *llbBridgeForwarder) convertRef(id string) (solver.CachedResult, error) { diff --git a/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go b/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go new file mode 100644 index 0000000000..deb81008b0 --- /dev/null +++ b/vendor/github.com/moby/buildkit/frontend/gateway/grpcclient/client.go @@ -0,0 +1,457 @@ +package grpcclient + +import ( + "context" + "encoding/json" + "io" + "net" + "os" + "strings" + "time" + + "github.com/gogo/googleapis/google/rpc" + "github.com/moby/buildkit/frontend/gateway/client" + pb "github.com/moby/buildkit/frontend/gateway/pb" + opspb "github.com/moby/buildkit/solver/pb" + "github.com/moby/buildkit/util/apicaps" + digest "github.com/opencontainers/go-digest" + "github.com/pkg/errors" + "google.golang.org/grpc" + "google.golang.org/grpc/status" +) + +const frontendPrefix = "BUILDKIT_FRONTEND_OPT_" + +type GrpcClient interface { + Run(context.Context, client.BuildFunc) error +} + +func New(ctx context.Context, opts map[string]string, session, product string, c pb.LLBBridgeClient, w []client.WorkerInfo) (GrpcClient, error) { + resp, err := c.Ping(ctx, &pb.PingRequest{}) + if err != nil { + return nil, err + } + + if resp.FrontendAPICaps == nil { + resp.FrontendAPICaps = defaultCaps() + } + + if resp.LLBCaps == nil { + resp.LLBCaps = defaultLLBCaps() + } + + return &grpcClient{ + client: c, + opts: opts, + sessionID: session, + workers: w, + product: product, + caps: pb.Caps.CapSet(resp.FrontendAPICaps), + llbCaps: opspb.Caps.CapSet(resp.LLBCaps), + requests: map[string]*pb.SolveRequest{}, + }, nil +} + +func current() (GrpcClient, error) { + if ep := product(); ep != "" { + apicaps.ExportedProduct = ep + } + + ctx, conn, err := grpcClientConn(context.Background()) + if err != nil { + return nil, err + } + + return New(ctx, opts(), sessionID(), product(), pb.NewLLBBridgeClient(conn), workers()) +} + +func convertRef(ref client.Reference) (string, error) { + if ref == nil { + return "", nil + } + r, ok := ref.(*reference) + if !ok { + return "", errors.Errorf("invalid return reference type %T", ref) + } + return r.id, nil +} + +func RunFromEnvironment(ctx context.Context, f client.BuildFunc) error { + client, err := current() + if err != nil { + return errors.Wrapf(err, "failed to initialize client from environment") + } + return client.Run(ctx, f) +} + +func (c *grpcClient) Run(ctx context.Context, f client.BuildFunc) (retError error) { + export := c.caps.Supports(pb.CapReturnResult) == nil + + var ( + res *client.Result + err error + ) + if export { + defer func() { + req := &pb.ReturnRequest{} + if retError == nil { + if res == nil { + res = &client.Result{} + } + pbRes := &pb.Result{ + Metadata: res.Metadata, + } + if res.Refs != nil { + m := map[string]string{} + for k, r := range res.Refs { + id, err := convertRef(r) + if err != nil { + retError = err + continue + } + m[k] = id + } + pbRes.Result = &pb.Result_Refs{Refs: &pb.RefMap{Refs: m}} + } else { + id, err := convertRef(res.Ref) + if err != nil { + retError = err + } else { + pbRes.Result = &pb.Result_Ref{Ref: id} + } + } + if retError == nil { + req.Result = pbRes + } + } + if retError != nil { + st, _ := status.FromError(retError) + stp := st.Proto() + req.Error = &rpc.Status{ + Code: stp.Code, + Message: stp.Message, + // Details: stp.Details, + } + } + if _, err := c.client.Return(ctx, req); err != nil && retError == nil { + retError = err + } + }() + } + + if res, err = f(ctx, c); err != nil { + return err + } + + if err := c.caps.Supports(pb.CapReturnMap); len(res.Refs) > 1 && err != nil { + return err + } + + if !export { + exportedAttrBytes, err := json.Marshal(res.Metadata) + if err != nil { + return errors.Wrapf(err, "failed to marshal return metadata") + } + + req, err := c.requestForRef(res.Ref) + if err != nil { + return errors.Wrapf(err, "failed to find return ref") + } + + req.Final = true + req.ExporterAttr = exportedAttrBytes + + if _, err := c.client.Solve(ctx, req); err != nil { + return errors.Wrapf(err, "failed to solve") + } + } + + return nil +} + +// defaultCaps returns the capabilities that were implemented when capabilities +// support was added. This list is frozen and should never be changed. +func defaultCaps() []apicaps.PBCap { + return []apicaps.PBCap{ + {ID: string(pb.CapSolveBase), Enabled: true}, + {ID: string(pb.CapSolveInlineReturn), Enabled: true}, + {ID: string(pb.CapResolveImage), Enabled: true}, + {ID: string(pb.CapReadFile), Enabled: true}, + } +} + +// defaultLLBCaps returns the LLB capabilities that were implemented when capabilities +// support was added. This list is frozen and should never be changed. +func defaultLLBCaps() []apicaps.PBCap { + return []apicaps.PBCap{ + {ID: string(opspb.CapSourceImage), Enabled: true}, + {ID: string(opspb.CapSourceLocal), Enabled: true}, + {ID: string(opspb.CapSourceLocalUnique), Enabled: true}, + {ID: string(opspb.CapSourceLocalSessionID), Enabled: true}, + {ID: string(opspb.CapSourceLocalIncludePatterns), Enabled: true}, + {ID: string(opspb.CapSourceLocalFollowPaths), Enabled: true}, + {ID: string(opspb.CapSourceLocalExcludePatterns), Enabled: true}, + {ID: string(opspb.CapSourceLocalSharedKeyHint), Enabled: true}, + {ID: string(opspb.CapSourceGit), Enabled: true}, + {ID: string(opspb.CapSourceGitKeepDir), Enabled: true}, + {ID: string(opspb.CapSourceGitFullURL), Enabled: true}, + {ID: string(opspb.CapSourceHTTP), Enabled: true}, + {ID: string(opspb.CapSourceHTTPChecksum), Enabled: true}, + {ID: string(opspb.CapSourceHTTPPerm), Enabled: true}, + {ID: string(opspb.CapSourceHTTPUIDGID), Enabled: true}, + {ID: string(opspb.CapBuildOpLLBFileName), Enabled: true}, + {ID: string(opspb.CapExecMetaBase), Enabled: true}, + {ID: string(opspb.CapExecMetaProxy), Enabled: true}, + {ID: string(opspb.CapExecMountBind), Enabled: true}, + {ID: string(opspb.CapExecMountCache), Enabled: true}, + {ID: string(opspb.CapExecMountCacheSharing), Enabled: true}, + {ID: string(opspb.CapExecMountSelector), Enabled: true}, + {ID: string(opspb.CapExecMountTmpfs), Enabled: true}, + {ID: string(opspb.CapMountSecret), Enabled: true}, + {ID: string(opspb.CapConstraints), Enabled: true}, + {ID: string(opspb.CapPlatform), Enabled: true}, + {ID: string(opspb.CapMetaIgnoreCache), Enabled: true}, + {ID: string(opspb.CapMetaDescription), Enabled: true}, + {ID: string(opspb.CapMetaExportCache), Enabled: true}, + } +} + +type grpcClient struct { + client pb.LLBBridgeClient + opts map[string]string + sessionID string + product string + workers []client.WorkerInfo + caps apicaps.CapSet + llbCaps apicaps.CapSet + requests map[string]*pb.SolveRequest +} + +func (c *grpcClient) requestForRef(ref client.Reference) (*pb.SolveRequest, error) { + emptyReq := &pb.SolveRequest{ + Definition: &opspb.Definition{}, + } + if ref == nil { + return emptyReq, nil + } + r, ok := ref.(*reference) + if !ok { + return nil, errors.Errorf("return reference has invalid type %T", ref) + } + if r.id == "" { + return emptyReq, nil + } + req, ok := c.requests[r.id] + if !ok { + return nil, errors.Errorf("did not find request for return reference %s", r.id) + } + return req, nil +} + +func (c *grpcClient) Solve(ctx context.Context, creq client.SolveRequest) (*client.Result, error) { + if creq.Definition != nil { + for _, md := range creq.Definition.Metadata { + for cap := range md.Caps { + if err := c.llbCaps.Supports(cap); err != nil { + return nil, err + } + } + } + } + + req := &pb.SolveRequest{ + Definition: creq.Definition, + Frontend: creq.Frontend, + FrontendOpt: creq.FrontendOpt, + ImportCacheRefs: creq.ImportCacheRefs, + AllowResultReturn: true, + } + + // backwards compatibility with inline return + if c.caps.Supports(pb.CapReturnResult) != nil { + req.ExporterAttr = []byte("{}") + } + + resp, err := c.client.Solve(ctx, req) + if err != nil { + return nil, err + } + + res := &client.Result{} + + if resp.Result == nil { + if id := resp.Ref; id != "" { + c.requests[id] = req + } + res.SetRef(&reference{id: resp.Ref, c: c}) + } else { + res.Metadata = resp.Result.Metadata + switch pbRes := resp.Result.Result.(type) { + case *pb.Result_Ref: + if id := pbRes.Ref; id != "" { + res.SetRef(&reference{id: id, c: c}) + } + case *pb.Result_Refs: + for k, v := range pbRes.Refs.Refs { + ref := &reference{id: v, c: c} + if v == "" { + ref = nil + } + res.AddRef(k, ref) + } + } + } + + return res, nil +} + +func (c *grpcClient) ResolveImageConfig(ctx context.Context, ref string, opt client.ResolveImageConfigOpt) (digest.Digest, []byte, error) { + var p *opspb.Platform + if platform := opt.Platform; platform != nil { + p = &opspb.Platform{ + OS: platform.OS, + Architecture: platform.Architecture, + Variant: platform.Variant, + OSVersion: platform.OSVersion, + OSFeatures: platform.OSFeatures, + } + } + resp, err := c.client.ResolveImageConfig(ctx, &pb.ResolveImageConfigRequest{Ref: ref, Platform: p, ResolveMode: opt.ResolveMode, LogName: opt.LogName}) + if err != nil { + return "", nil, err + } + return resp.Digest, resp.Config, nil +} + +func (c *grpcClient) BuildOpts() client.BuildOpts { + return client.BuildOpts{ + Opts: c.opts, + SessionID: c.sessionID, + Workers: c.workers, + Product: c.product, + } +} + +func (c *grpcClient) Opts() map[string]string { + return c.opts +} + +func (c *grpcClient) SessionID() string { + return c.sessionID +} + +func (c *grpcClient) WorkerInfos() []client.WorkerInfo { + return c.workers +} + +type reference struct { + id string + c *grpcClient +} + +func (r *reference) ReadFile(ctx context.Context, req client.ReadRequest) ([]byte, error) { + rfr := &pb.ReadFileRequest{FilePath: req.Filename, Ref: r.id} + if r := req.Range; r != nil { + rfr.Range = &pb.FileRange{ + Offset: int64(r.Offset), + Length: int64(r.Length), + } + } + resp, err := r.c.client.ReadFile(ctx, rfr) + if err != nil { + return nil, err + } + return resp.Data, nil +} + +func grpcClientConn(ctx context.Context) (context.Context, *grpc.ClientConn, error) { + dialOpt := grpc.WithDialer(func(addr string, d time.Duration) (net.Conn, error) { + return stdioConn(), nil + }) + + cc, err := grpc.DialContext(ctx, "", dialOpt, grpc.WithInsecure()) + if err != nil { + return nil, nil, errors.Wrap(err, "failed to create grpc client") + } + + ctx, cancel := context.WithCancel(ctx) + _ = cancel + // go monitorHealth(ctx, cc, cancel) + + return ctx, cc, nil +} + +func stdioConn() net.Conn { + return &conn{os.Stdin, os.Stdout, os.Stdout} +} + +type conn struct { + io.Reader + io.Writer + io.Closer +} + +func (s *conn) LocalAddr() net.Addr { + return dummyAddr{} +} +func (s *conn) RemoteAddr() net.Addr { + return dummyAddr{} +} +func (s *conn) SetDeadline(t time.Time) error { + return nil +} +func (s *conn) SetReadDeadline(t time.Time) error { + return nil +} +func (s *conn) SetWriteDeadline(t time.Time) error { + return nil +} + +type dummyAddr struct { +} + +func (d dummyAddr) Network() string { + return "pipe" +} + +func (d dummyAddr) String() string { + return "localhost" +} + +func opts() map[string]string { + opts := map[string]string{} + for _, env := range os.Environ() { + parts := strings.SplitN(env, "=", 2) + k := parts[0] + v := "" + if len(parts) == 2 { + v = parts[1] + } + if !strings.HasPrefix(k, frontendPrefix) { + continue + } + parts = strings.SplitN(v, "=", 2) + v = "" + if len(parts) == 2 { + v = parts[1] + } + opts[parts[0]] = v + } + return opts +} + +func sessionID() string { + return os.Getenv("BUILDKIT_SESSION_ID") +} + +func workers() []client.WorkerInfo { + var c []client.WorkerInfo + if err := json.Unmarshal([]byte(os.Getenv("BUILDKIT_WORKERS")), &c); err != nil { + return nil + } + return c +} + +func product() string { + return os.Getenv("BUILDKIT_EXPORTEDPRODUCT") +} diff --git a/vendor/github.com/moby/buildkit/solver/jobs.go b/vendor/github.com/moby/buildkit/solver/jobs.go index b74021ee2b..15dcde8847 100644 --- a/vendor/github.com/moby/buildkit/solver/jobs.go +++ b/vendor/github.com/moby/buildkit/solver/jobs.go @@ -21,6 +21,7 @@ type ResolveOpFunc func(Vertex, Builder) (Op, error) type Builder interface { Build(ctx context.Context, e Edge) (CachedResult, error) Context(ctx context.Context) context.Context + EachValue(ctx context.Context, key string, fn func(interface{}) error) error } // Solver provides a shared graph of all the vertexes currently being @@ -169,10 +170,22 @@ func (sb *subBuilder) Context(ctx context.Context) context.Context { return progress.WithProgress(ctx, sb.mpw) } +func (sb *subBuilder) EachValue(ctx context.Context, key string, fn func(interface{}) error) error { + sb.mu.Lock() + defer sb.mu.Lock() + for j := range sb.jobs { + if err := j.EachValue(ctx, key, fn); err != nil { + return err + } + } + return nil +} + type Job struct { - list *Solver - pr *progress.MultiReader - pw progress.Writer + list *Solver + pr *progress.MultiReader + pw progress.Writer + values sync.Map progressCloser func() SessionID string @@ -446,6 +459,18 @@ func (j *Job) Context(ctx context.Context) context.Context { return progress.WithProgress(ctx, j.pw) } +func (j *Job) SetValue(key string, v interface{}) { + j.values.Store(key, v) +} + +func (j *Job) EachValue(ctx context.Context, key string, fn func(interface{}) error) error { + v, ok := j.values.Load(key) + if ok { + return fn(v) + } + return nil +} + type cacheMapResp struct { *CacheMap complete bool diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/bridge.go b/vendor/github.com/moby/buildkit/solver/llbsolver/bridge.go index 2284afada0..8f3b9d052a 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/bridge.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/bridge.go @@ -75,7 +75,12 @@ func (b *llbBridge) Solve(ctx context.Context, req frontend.SolveRequest) (res * } if req.Definition != nil && req.Definition.Def != nil { - edge, err := Load(req.Definition, WithCacheSources(cms), RuntimePlatforms(b.platforms), WithValidateCaps()) + ent, err := loadEntitlements(b.builder) + if err != nil { + return nil, err + } + + edge, err := Load(req.Definition, ValidateEntitlements(ent), WithCacheSources(cms), RuntimePlatforms(b.platforms), WithValidateCaps()) if err != nil { return nil, err } diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go index 8ac610cebf..3abb82c7ac 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/ops/exec.go @@ -6,6 +6,7 @@ import ( "encoding/json" "fmt" "io/ioutil" + "net" "os" "path" "path/filepath" @@ -67,6 +68,11 @@ func NewExecOp(v solver.Vertex, op *pb.Op_Exec, cm cache.Manager, sm *session.Ma func cloneExecOp(old *pb.ExecOp) pb.ExecOp { n := *old meta := *n.Meta + meta.ExtraHosts = nil + for i := range n.Meta.ExtraHosts { + h := *n.Meta.ExtraHosts[i] + meta.ExtraHosts = append(meta.ExtraHosts, &h) + } n.Meta = &meta n.Mounts = nil for i := range n.Mounts { @@ -78,6 +84,11 @@ func cloneExecOp(old *pb.ExecOp) pb.ExecOp { func (e *execOp) CacheMap(ctx context.Context, index int) (*solver.CacheMap, bool, error) { op := cloneExecOp(e.op) + for i := range op.Meta.ExtraHosts { + h := op.Meta.ExtraHosts[i] + h.IP = "" + op.Meta.ExtraHosts[i] = h + } for i := range op.Mounts { op.Mounts[i].Selector = "" } @@ -504,12 +515,19 @@ func (e *execOp) Exec(ctx context.Context, inputs []solver.Result) ([]solver.Res return mounts[i].Dest < mounts[j].Dest }) + extraHosts, err := parseExtraHosts(e.op.Meta.ExtraHosts) + if err != nil { + return nil, err + } + meta := executor.Meta{ Args: e.op.Meta.Args, Env: e.op.Meta.Env, Cwd: e.op.Meta.Cwd, User: e.op.Meta.User, ReadonlyRootFS: readonlyRootFS, + ExtraHosts: extraHosts, + NetMode: e.op.Network, } if e.op.Meta.ProxyEnv != nil { @@ -657,3 +675,18 @@ func (r *cacheRef) Release(ctx context.Context) error { } return nil } + +func parseExtraHosts(ips []*pb.HostIP) ([]executor.HostIP, error) { + out := make([]executor.HostIP, len(ips)) + for i, hip := range ips { + ip := net.ParseIP(hip.IP) + if ip == nil { + return nil, errors.Errorf("failed to parse IP %s", hip.IP) + } + out[i] = executor.HostIP{ + IP: ip, + Host: hip.Host, + } + } + return out, nil +} diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/solver.go b/vendor/github.com/moby/buildkit/solver/llbsolver/solver.go index 3adfe4b3c1..464babaeb2 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/solver.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/solver.go @@ -7,11 +7,14 @@ import ( "github.com/moby/buildkit/cache" "github.com/moby/buildkit/cache/remotecache" "github.com/moby/buildkit/client" + controlgateway "github.com/moby/buildkit/control/gateway" "github.com/moby/buildkit/exporter" "github.com/moby/buildkit/frontend" + "github.com/moby/buildkit/frontend/gateway" "github.com/moby/buildkit/identity" "github.com/moby/buildkit/session" "github.com/moby/buildkit/solver" + "github.com/moby/buildkit/util/entitlements" "github.com/moby/buildkit/util/progress" "github.com/moby/buildkit/worker" digest "github.com/opencontainers/go-digest" @@ -19,6 +22,8 @@ import ( "github.com/pkg/errors" ) +const keyEntitlements = "llb.entitlements" + type ExporterRequest struct { Exporter exporter.ExporterInstance CacheExporter remotecache.Exporter @@ -29,18 +34,22 @@ type ExporterRequest struct { type ResolveWorkerFunc func() (worker.Worker, error) type Solver struct { + workerController *worker.Controller solver *solver.Solver resolveWorker ResolveWorkerFunc frontends map[string]frontend.Frontend resolveCacheImporter remotecache.ResolveCacheImporterFunc platforms []specs.Platform + gatewayForwarder *controlgateway.GatewayForwarder } -func New(wc *worker.Controller, f map[string]frontend.Frontend, cache solver.CacheManager, resolveCI remotecache.ResolveCacheImporterFunc) (*Solver, error) { +func New(wc *worker.Controller, f map[string]frontend.Frontend, cache solver.CacheManager, resolveCI remotecache.ResolveCacheImporterFunc, gatewayForwarder *controlgateway.GatewayForwarder) (*Solver, error) { s := &Solver{ + workerController: wc, resolveWorker: defaultResolver(wc), frontends: f, resolveCacheImporter: resolveCI, + gatewayForwarder: gatewayForwarder, } // executing is currently only allowed on default worker @@ -78,7 +87,7 @@ func (s *Solver) Bridge(b solver.Builder) frontend.FrontendLLBBridge { } } -func (s *Solver) Solve(ctx context.Context, id string, req frontend.SolveRequest, exp ExporterRequest) (*client.SolveResponse, error) { +func (s *Solver) Solve(ctx context.Context, id string, req frontend.SolveRequest, exp ExporterRequest, ent []entitlements.Entitlement) (*client.SolveResponse, error) { j, err := s.solver.NewJob(id) if err != nil { return nil, err @@ -86,12 +95,38 @@ func (s *Solver) Solve(ctx context.Context, id string, req frontend.SolveRequest defer j.Discard() - j.SessionID = session.FromContext(ctx) - - res, err := s.Bridge(j).Solve(ctx, req) + set, err := entitlements.WhiteList(ent, supportedEntitlements()) if err != nil { return nil, err } + j.SetValue(keyEntitlements, set) + + j.SessionID = session.FromContext(ctx) + + var res *frontend.Result + if s.gatewayForwarder != nil && req.Definition == nil && req.Frontend == "" { + fwd := gateway.NewBridgeForwarder(ctx, s.Bridge(j), s.workerController) + if err := s.gatewayForwarder.RegisterBuild(ctx, id, fwd); err != nil { + return nil, err + } + defer s.gatewayForwarder.UnregisterBuild(ctx, id) + + var err error + select { + case <-fwd.Done(): + res, err = fwd.Result() + case <-ctx.Done(): + err = ctx.Err() + } + if err != nil { + return nil, err + } + } else { + res, err = s.Bridge(j).Solve(ctx, req) + if err != nil { + return nil, err + } + } defer func() { res.EachRef(func(ref solver.CachedResult) error { @@ -105,6 +140,9 @@ func (s *Solver) Solve(ctx context.Context, id string, req frontend.SolveRequest inp := exporter.Source{ Metadata: res.Metadata, } + if inp.Metadata == nil { + inp.Metadata = make(map[string][]byte) + } if res := res.Ref; res != nil { workerRef, ok := res.Sys().(*worker.WorkerRef) if !ok { @@ -164,6 +202,7 @@ func (s *Solver) Solve(ctx context.Context, id string, req frontend.SolveRequest func (s *Solver) Status(ctx context.Context, id string, statusChan chan *client.SolveStatus) error { j, err := s.solver.Get(id) if err != nil { + close(statusChan) return err } return j.Status(ctx, statusChan) @@ -229,3 +268,31 @@ func notifyCompleted(ctx context.Context, v *client.Vertex, err error, cached bo } pw.Write(v.Digest.String(), *v) } + +var AllowNetworkHostUnstable = false // TODO: enable in constructor + +func supportedEntitlements() []entitlements.Entitlement { + out := []entitlements.Entitlement{} // nil means no filter + if AllowNetworkHostUnstable { + out = append(out, entitlements.EntitlementNetworkHost) + } + return out +} + +func loadEntitlements(b solver.Builder) (entitlements.Set, error) { + var ent entitlements.Set = map[entitlements.Entitlement]struct{}{} + err := b.EachValue(context.TODO(), keyEntitlements, func(v interface{}) error { + set, ok := v.(entitlements.Set) + if !ok { + return errors.Errorf("invalid entitlements %T", v) + } + for k := range set { + ent[k] = struct{}{} + } + return nil + }) + if err != nil { + return nil, err + } + return ent, nil +} diff --git a/vendor/github.com/moby/buildkit/solver/llbsolver/vertex.go b/vendor/github.com/moby/buildkit/solver/llbsolver/vertex.go index 9278c23159..f4cd925286 100644 --- a/vendor/github.com/moby/buildkit/solver/llbsolver/vertex.go +++ b/vendor/github.com/moby/buildkit/solver/llbsolver/vertex.go @@ -7,6 +7,7 @@ import ( "github.com/moby/buildkit/solver" "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/source" + "github.com/moby/buildkit/util/entitlements" digest "github.com/opencontainers/go-digest" specs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" @@ -99,6 +100,25 @@ func RuntimePlatforms(p []specs.Platform) LoadOpt { } } +func ValidateEntitlements(ent entitlements.Set) LoadOpt { + return func(op *pb.Op, _ *pb.OpMetadata, opt *solver.VertexOptions) error { + switch op := op.Op.(type) { + case *pb.Op_Exec: + if op.Exec.Network == pb.NetMode_HOST { + if !ent.Allowed(entitlements.EntitlementNetworkHost) { + return errors.Errorf("%s is not allowed", entitlements.EntitlementNetworkHost) + } + } + if op.Exec.Network == pb.NetMode_NONE { + if !ent.Allowed(entitlements.EntitlementNetworkNone) { + return errors.Errorf("%s is not allowed", entitlements.EntitlementNetworkNone) + } + } + } + return nil + } +} + func Load(def *pb.Definition, opts ...LoadOpt) (solver.Edge, error) { return loadLLB(def, func(dgst digest.Digest, pbOp *pb.Op, load func(digest.Digest) (solver.Vertex, error)) (solver.Vertex, error) { opMetadata := def.Metadata[dgst] diff --git a/vendor/github.com/moby/buildkit/solver/pb/caps.go b/vendor/github.com/moby/buildkit/solver/pb/caps.go index b415ecb8d1..2fa161584d 100644 --- a/vendor/github.com/moby/buildkit/solver/pb/caps.go +++ b/vendor/github.com/moby/buildkit/solver/pb/caps.go @@ -32,6 +32,7 @@ const ( CapExecMetaBase apicaps.CapID = "exec.meta.base" CapExecMetaProxy apicaps.CapID = "exec.meta.proxyenv" + CapExecMetaNetwork apicaps.CapID = "exec.meta.network" CapExecMountBind apicaps.CapID = "exec.mount.bind" CapExecMountCache apicaps.CapID = "exec.mount.cache" CapExecMountCacheSharing apicaps.CapID = "exec.mount.cache.sharing" @@ -162,6 +163,12 @@ func init() { Status: apicaps.CapStatusExperimental, }) + Caps.Init(apicaps.Cap{ + ID: CapExecMetaNetwork, + Enabled: true, + Status: apicaps.CapStatusExperimental, + }) + Caps.Init(apicaps.Cap{ ID: CapExecMountBind, Enabled: true, diff --git a/vendor/github.com/moby/buildkit/solver/pb/ops.pb.go b/vendor/github.com/moby/buildkit/solver/pb/ops.pb.go index 6fa7a82099..7a78618b72 100644 --- a/vendor/github.com/moby/buildkit/solver/pb/ops.pb.go +++ b/vendor/github.com/moby/buildkit/solver/pb/ops.pb.go @@ -29,6 +29,7 @@ ProxyEnv WorkerConstraints Definition + HostIP */ package pb @@ -53,6 +54,30 @@ var _ = math.Inf // proto package needs to be updated. const _ = proto.GoGoProtoPackageIsVersion2 // please upgrade the proto package +type NetMode int32 + +const ( + NetMode_UNSET NetMode = 0 + NetMode_HOST NetMode = 1 + NetMode_NONE NetMode = 2 +) + +var NetMode_name = map[int32]string{ + 0: "UNSET", + 1: "HOST", + 2: "NONE", +} +var NetMode_value = map[string]int32{ + "UNSET": 0, + "HOST": 1, + "NONE": 2, +} + +func (x NetMode) String() string { + return proto.EnumName(NetMode_name, int32(x)) +} +func (NetMode) EnumDescriptor() ([]byte, []int) { return fileDescriptorOps, []int{0} } + // MountType defines a type of a mount from a supported set type MountType int32 @@ -82,7 +107,7 @@ var MountType_value = map[string]int32{ func (x MountType) String() string { return proto.EnumName(MountType_name, int32(x)) } -func (MountType) EnumDescriptor() ([]byte, []int) { return fileDescriptorOps, []int{0} } +func (MountType) EnumDescriptor() ([]byte, []int) { return fileDescriptorOps, []int{1} } // CacheSharingOpt defines different sharing modes for cache mount type CacheSharingOpt int32 @@ -110,7 +135,7 @@ var CacheSharingOpt_value = map[string]int32{ func (x CacheSharingOpt) String() string { return proto.EnumName(CacheSharingOpt_name, int32(x)) } -func (CacheSharingOpt) EnumDescriptor() ([]byte, []int) { return fileDescriptorOps, []int{1} } +func (CacheSharingOpt) EnumDescriptor() ([]byte, []int) { return fileDescriptorOps, []int{2} } // Op represents a vertex of the LLB DAG. type Op struct { @@ -387,8 +412,9 @@ func (*Input) Descriptor() ([]byte, []int) { return fileDescriptorOps, []int{2} // ExecOp executes a command in a container. type ExecOp struct { - Meta *Meta `protobuf:"bytes,1,opt,name=meta" json:"meta,omitempty"` - Mounts []*Mount `protobuf:"bytes,2,rep,name=mounts" json:"mounts,omitempty"` + Meta *Meta `protobuf:"bytes,1,opt,name=meta" json:"meta,omitempty"` + Mounts []*Mount `protobuf:"bytes,2,rep,name=mounts" json:"mounts,omitempty"` + Network NetMode `protobuf:"varint,3,opt,name=network,proto3,enum=pb.NetMode" json:"network,omitempty"` } func (m *ExecOp) Reset() { *m = ExecOp{} } @@ -410,15 +436,23 @@ func (m *ExecOp) GetMounts() []*Mount { return nil } +func (m *ExecOp) GetNetwork() NetMode { + if m != nil { + return m.Network + } + return NetMode_UNSET +} + // Meta is a set of arguments for ExecOp. // Meta is unrelated to LLB metadata. // FIXME: rename (ExecContext? ExecArgs?) type Meta struct { - Args []string `protobuf:"bytes,1,rep,name=args" json:"args,omitempty"` - Env []string `protobuf:"bytes,2,rep,name=env" json:"env,omitempty"` - Cwd string `protobuf:"bytes,3,opt,name=cwd,proto3" json:"cwd,omitempty"` - User string `protobuf:"bytes,4,opt,name=user,proto3" json:"user,omitempty"` - ProxyEnv *ProxyEnv `protobuf:"bytes,5,opt,name=proxy_env,json=proxyEnv" json:"proxy_env,omitempty"` + Args []string `protobuf:"bytes,1,rep,name=args" json:"args,omitempty"` + Env []string `protobuf:"bytes,2,rep,name=env" json:"env,omitempty"` + Cwd string `protobuf:"bytes,3,opt,name=cwd,proto3" json:"cwd,omitempty"` + User string `protobuf:"bytes,4,opt,name=user,proto3" json:"user,omitempty"` + ProxyEnv *ProxyEnv `protobuf:"bytes,5,opt,name=proxy_env,json=proxyEnv" json:"proxy_env,omitempty"` + ExtraHosts []*HostIP `protobuf:"bytes,6,rep,name=extraHosts" json:"extraHosts,omitempty"` } func (m *Meta) Reset() { *m = Meta{} } @@ -461,6 +495,13 @@ func (m *Meta) GetProxyEnv() *ProxyEnv { return nil } +func (m *Meta) GetExtraHosts() []*HostIP { + if m != nil { + return m.ExtraHosts + } + return nil +} + // Mount specifies how to mount an input Op as a filesystem. type Mount struct { Input InputIndex `protobuf:"varint,1,opt,name=input,proto3,customtype=InputIndex" json:"input"` @@ -864,6 +905,30 @@ func (m *Definition) GetMetadata() map[github_com_opencontainers_go_digest.Diges return nil } +type HostIP struct { + Host string `protobuf:"bytes,1,opt,name=Host,proto3" json:"Host,omitempty"` + IP string `protobuf:"bytes,2,opt,name=IP,proto3" json:"IP,omitempty"` +} + +func (m *HostIP) Reset() { *m = HostIP{} } +func (m *HostIP) String() string { return proto.CompactTextString(m) } +func (*HostIP) ProtoMessage() {} +func (*HostIP) Descriptor() ([]byte, []int) { return fileDescriptorOps, []int{18} } + +func (m *HostIP) GetHost() string { + if m != nil { + return m.Host + } + return "" +} + +func (m *HostIP) GetIP() string { + if m != nil { + return m.IP + } + return "" +} + func init() { proto.RegisterType((*Op)(nil), "pb.Op") proto.RegisterType((*Platform)(nil), "pb.Platform") @@ -883,6 +948,8 @@ func init() { proto.RegisterType((*ProxyEnv)(nil), "pb.ProxyEnv") proto.RegisterType((*WorkerConstraints)(nil), "pb.WorkerConstraints") proto.RegisterType((*Definition)(nil), "pb.Definition") + proto.RegisterType((*HostIP)(nil), "pb.HostIP") + proto.RegisterEnum("pb.NetMode", NetMode_name, NetMode_value) proto.RegisterEnum("pb.MountType", MountType_name, MountType_value) proto.RegisterEnum("pb.CacheSharingOpt", CacheSharingOpt_name, CacheSharingOpt_value) } @@ -1122,6 +1189,11 @@ func (m *ExecOp) MarshalTo(dAtA []byte) (int, error) { i += n } } + if m.Network != 0 { + dAtA[i] = 0x18 + i++ + i = encodeVarintOps(dAtA, i, uint64(m.Network)) + } return i, nil } @@ -1192,6 +1264,18 @@ func (m *Meta) MarshalTo(dAtA []byte) (int, error) { } i += n9 } + if len(m.ExtraHosts) > 0 { + for _, msg := range m.ExtraHosts { + dAtA[i] = 0x32 + i++ + i = encodeVarintOps(dAtA, i, uint64(msg.Size())) + n, err := msg.MarshalTo(dAtA[i:]) + if err != nil { + return 0, err + } + i += n + } + } return i, nil } @@ -1790,6 +1874,36 @@ func (m *Definition) MarshalTo(dAtA []byte) (int, error) { return i, nil } +func (m *HostIP) Marshal() (dAtA []byte, err error) { + size := m.Size() + dAtA = make([]byte, size) + n, err := m.MarshalTo(dAtA) + if err != nil { + return nil, err + } + return dAtA[:n], nil +} + +func (m *HostIP) MarshalTo(dAtA []byte) (int, error) { + var i int + _ = i + var l int + _ = l + if len(m.Host) > 0 { + dAtA[i] = 0xa + i++ + i = encodeVarintOps(dAtA, i, uint64(len(m.Host))) + i += copy(dAtA[i:], m.Host) + } + if len(m.IP) > 0 { + dAtA[i] = 0x12 + i++ + i = encodeVarintOps(dAtA, i, uint64(len(m.IP))) + i += copy(dAtA[i:], m.IP) + } + return i, nil +} + func encodeVarintOps(dAtA []byte, offset int, v uint64) int { for v >= 1<<7 { dAtA[offset] = uint8(v&0x7f | 0x80) @@ -1912,6 +2026,9 @@ func (m *ExecOp) Size() (n int) { n += 1 + l + sovOps(uint64(l)) } } + if m.Network != 0 { + n += 1 + sovOps(uint64(m.Network)) + } return n } @@ -1942,6 +2059,12 @@ func (m *Meta) Size() (n int) { l = m.ProxyEnv.Size() n += 1 + l + sovOps(uint64(l)) } + if len(m.ExtraHosts) > 0 { + for _, e := range m.ExtraHosts { + l = e.Size() + n += 1 + l + sovOps(uint64(l)) + } + } return n } @@ -2197,6 +2320,20 @@ func (m *Definition) Size() (n int) { return n } +func (m *HostIP) Size() (n int) { + var l int + _ = l + l = len(m.Host) + if l > 0 { + n += 1 + l + sovOps(uint64(l)) + } + l = len(m.IP) + if l > 0 { + n += 1 + l + sovOps(uint64(l)) + } + return n +} + func sovOps(x uint64) (n int) { for { n++ @@ -2871,6 +3008,25 @@ func (m *ExecOp) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 3: + if wireType != 0 { + return fmt.Errorf("proto: wrong wireType = %d for field Network", wireType) + } + m.Network = 0 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowOps + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + m.Network |= (NetMode(b) & 0x7F) << shift + if b < 0x80 { + break + } + } default: iNdEx = preIndex skippy, err := skipOps(dAtA[iNdEx:]) @@ -3070,6 +3226,37 @@ func (m *Meta) Unmarshal(dAtA []byte) error { return err } iNdEx = postIndex + case 6: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field ExtraHosts", wireType) + } + var msglen int + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowOps + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + msglen |= (int(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + if msglen < 0 { + return ErrInvalidLengthOps + } + postIndex := iNdEx + msglen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.ExtraHosts = append(m.ExtraHosts, &HostIP{}) + if err := m.ExtraHosts[len(m.ExtraHosts)-1].Unmarshal(dAtA[iNdEx:postIndex]); err != nil { + return err + } + iNdEx = postIndex default: iNdEx = preIndex skippy, err := skipOps(dAtA[iNdEx:]) @@ -5260,6 +5447,114 @@ func (m *Definition) Unmarshal(dAtA []byte) error { } return nil } +func (m *HostIP) Unmarshal(dAtA []byte) error { + l := len(dAtA) + iNdEx := 0 + for iNdEx < l { + preIndex := iNdEx + var wire uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowOps + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + wire |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + fieldNum := int32(wire >> 3) + wireType := int(wire & 0x7) + if wireType == 4 { + return fmt.Errorf("proto: HostIP: wiretype end group for non-group") + } + if fieldNum <= 0 { + return fmt.Errorf("proto: HostIP: illegal tag %d (wire type %d)", fieldNum, wire) + } + switch fieldNum { + case 1: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field Host", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowOps + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthOps + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.Host = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + case 2: + if wireType != 2 { + return fmt.Errorf("proto: wrong wireType = %d for field IP", wireType) + } + var stringLen uint64 + for shift := uint(0); ; shift += 7 { + if shift >= 64 { + return ErrIntOverflowOps + } + if iNdEx >= l { + return io.ErrUnexpectedEOF + } + b := dAtA[iNdEx] + iNdEx++ + stringLen |= (uint64(b) & 0x7F) << shift + if b < 0x80 { + break + } + } + intStringLen := int(stringLen) + if intStringLen < 0 { + return ErrInvalidLengthOps + } + postIndex := iNdEx + intStringLen + if postIndex > l { + return io.ErrUnexpectedEOF + } + m.IP = string(dAtA[iNdEx:postIndex]) + iNdEx = postIndex + default: + iNdEx = preIndex + skippy, err := skipOps(dAtA[iNdEx:]) + if err != nil { + return err + } + if skippy < 0 { + return ErrInvalidLengthOps + } + if (iNdEx + skippy) > l { + return io.ErrUnexpectedEOF + } + iNdEx += skippy + } + } + + if iNdEx > l { + return io.ErrUnexpectedEOF + } + return nil +} func skipOps(dAtA []byte) (n int, err error) { l := len(dAtA) iNdEx := 0 @@ -5368,88 +5663,94 @@ var ( func init() { proto.RegisterFile("ops.proto", fileDescriptorOps) } var fileDescriptorOps = []byte{ - // 1328 bytes of a gzipped FileDescriptorProto - 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x56, 0xcb, 0x6e, 0xdb, 0x46, - 0x17, 0x36, 0xa9, 0x8b, 0xc9, 0x43, 0xdb, 0xd1, 0x3f, 0xb9, 0xfc, 0xfa, 0xfd, 0xa7, 0xb6, 0xcb, - 0x14, 0x85, 0x13, 0xc7, 0x12, 0xa0, 0x00, 0x49, 0xd0, 0x45, 0x50, 0xeb, 0x12, 0x58, 0x4d, 0x53, - 0x05, 0x23, 0xc3, 0x5d, 0x06, 0x14, 0x35, 0x92, 0x89, 0x48, 0x1c, 0x82, 0x1c, 0xa6, 0xd6, 0xa2, - 0x5d, 0xe4, 0x09, 0x0a, 0x14, 0xe8, 0xbe, 0x2f, 0xd0, 0x37, 0xe8, 0x3e, 0xcb, 0x6e, 0xdb, 0x45, - 0x5a, 0xa4, 0x2f, 0x52, 0x9c, 0x99, 0xe1, 0x25, 0x97, 0xa2, 0x09, 0xda, 0x15, 0x67, 0xce, 0xe5, - 0x9b, 0x33, 0xdf, 0x39, 0x67, 0x0e, 0xc1, 0xe6, 0x51, 0xd2, 0x8a, 0x62, 0x2e, 0x38, 0x31, 0xa3, - 0xc9, 0xf6, 0xe1, 0x3c, 0x10, 0x67, 0xe9, 0xa4, 0xe5, 0xf3, 0x65, 0x7b, 0xce, 0xe7, 0xbc, 0x2d, - 0x55, 0x93, 0x74, 0x26, 0x77, 0x72, 0x23, 0x57, 0xca, 0xc5, 0xfd, 0xc1, 0x04, 0x73, 0x14, 0x91, - 0x0f, 0xa1, 0x1e, 0x84, 0x51, 0x2a, 0x92, 0xa6, 0xb1, 0x57, 0xd9, 0x77, 0x3a, 0x76, 0x2b, 0x9a, - 0xb4, 0x86, 0x28, 0xa1, 0x5a, 0x41, 0xf6, 0xa0, 0xca, 0xce, 0x99, 0xdf, 0x34, 0xf7, 0x8c, 0x7d, - 0xa7, 0x03, 0x68, 0x30, 0x38, 0x67, 0xfe, 0x28, 0x3a, 0x5e, 0xa3, 0x52, 0x43, 0x3e, 0x86, 0x7a, - 0xc2, 0xd3, 0xd8, 0x67, 0xcd, 0x8a, 0xb4, 0xd9, 0x40, 0x9b, 0xb1, 0x94, 0x48, 0x2b, 0xad, 0x45, - 0x24, 0x9f, 0x47, 0xab, 0x66, 0xb5, 0x40, 0xea, 0xf1, 0x68, 0xa5, 0x90, 0x50, 0x43, 0xae, 0x41, - 0x6d, 0x92, 0x06, 0x8b, 0x69, 0xb3, 0x26, 0x4d, 0x1c, 0x34, 0xe9, 0xa2, 0x40, 0xda, 0x28, 0x1d, - 0xd9, 0x07, 0x2b, 0x5a, 0x78, 0x62, 0xc6, 0xe3, 0x65, 0x13, 0x8a, 0x03, 0x1f, 0x69, 0x19, 0xcd, - 0xb5, 0xe4, 0x0e, 0x38, 0x3e, 0x0f, 0x13, 0x11, 0x7b, 0x41, 0x28, 0x92, 0xa6, 0x23, 0x8d, 0x2f, - 0xa3, 0xf1, 0x97, 0x3c, 0x7e, 0xc2, 0xe2, 0x5e, 0xa1, 0xa4, 0x65, 0xcb, 0x6e, 0x15, 0x4c, 0x1e, - 0xb9, 0xdf, 0x1b, 0x60, 0x65, 0xa8, 0xc4, 0x85, 0x8d, 0xa3, 0xd8, 0x3f, 0x0b, 0x04, 0xf3, 0x45, - 0x1a, 0xb3, 0xa6, 0xb1, 0x67, 0xec, 0xdb, 0xf4, 0x15, 0x19, 0xd9, 0x02, 0x73, 0x34, 0x96, 0x44, - 0xd9, 0xd4, 0x1c, 0x8d, 0x49, 0x13, 0xd6, 0x4f, 0xbd, 0x38, 0xf0, 0x42, 0x21, 0x99, 0xb1, 0x69, - 0xb6, 0x25, 0x57, 0xc1, 0x1e, 0x8d, 0x4f, 0x59, 0x9c, 0x04, 0x3c, 0x94, 0x7c, 0xd8, 0xb4, 0x10, - 0x90, 0x1d, 0x80, 0xd1, 0xf8, 0x3e, 0xf3, 0x10, 0x34, 0x69, 0xd6, 0xf6, 0x2a, 0xfb, 0x36, 0x2d, - 0x49, 0xdc, 0x6f, 0xa0, 0x26, 0x73, 0x44, 0x3e, 0x83, 0xfa, 0x34, 0x98, 0xb3, 0x44, 0xa8, 0x70, - 0xba, 0x9d, 0xe7, 0x2f, 0x76, 0xd7, 0x7e, 0x7d, 0xb1, 0x7b, 0xa3, 0x54, 0x0c, 0x3c, 0x62, 0xa1, - 0xcf, 0x43, 0xe1, 0x05, 0x21, 0x8b, 0x93, 0xf6, 0x9c, 0x1f, 0x2a, 0x97, 0x56, 0x5f, 0x7e, 0xa8, - 0x46, 0x20, 0xd7, 0xa1, 0x16, 0x84, 0x53, 0x76, 0x2e, 0xe3, 0xaf, 0x74, 0x2f, 0x6a, 0x28, 0x67, - 0x94, 0x8a, 0x28, 0x15, 0x43, 0x54, 0x51, 0x65, 0xe1, 0x0e, 0xa1, 0xae, 0x4a, 0x80, 0x5c, 0x85, - 0xea, 0x92, 0x09, 0x4f, 0x1e, 0xef, 0x74, 0x2c, 0xa4, 0xf6, 0x21, 0x13, 0x1e, 0x95, 0x52, 0xac, - 0xae, 0x25, 0x4f, 0x91, 0x7a, 0xb3, 0xa8, 0xae, 0x87, 0x28, 0xa1, 0x5a, 0xe1, 0x7e, 0x0d, 0x55, - 0x74, 0x20, 0x04, 0xaa, 0x5e, 0x3c, 0x57, 0x65, 0x68, 0x53, 0xb9, 0x26, 0x0d, 0xa8, 0xb0, 0xf0, - 0xa9, 0xf4, 0xb5, 0x29, 0x2e, 0x51, 0xe2, 0x7f, 0x35, 0xd5, 0x64, 0xe2, 0x12, 0xfd, 0xd2, 0x84, - 0xc5, 0x9a, 0x43, 0xb9, 0x26, 0xd7, 0xc1, 0x8e, 0x62, 0x7e, 0xbe, 0x7a, 0x8c, 0xde, 0xb5, 0x52, - 0x85, 0xa0, 0x70, 0x10, 0x3e, 0xa5, 0x56, 0xa4, 0x57, 0xee, 0x8f, 0x26, 0xd4, 0x64, 0x40, 0x64, - 0x1f, 0xaf, 0x1f, 0xa5, 0x8a, 0xc9, 0x4a, 0x97, 0xe8, 0xeb, 0x83, 0x24, 0x3a, 0xbf, 0x3d, 0x92, - 0xbe, 0x0d, 0x56, 0xc2, 0x16, 0xcc, 0x17, 0x3c, 0xd6, 0xb9, 0xce, 0xf7, 0x18, 0xce, 0x14, 0xd3, - 0xa1, 0x22, 0x94, 0x6b, 0x72, 0x00, 0x75, 0x2e, 0x39, 0x94, 0x41, 0xfe, 0x05, 0xb3, 0xda, 0x04, - 0xc1, 0x63, 0xe6, 0x4d, 0x79, 0xb8, 0x58, 0xc9, 0xd0, 0x2d, 0x9a, 0xef, 0xc9, 0x01, 0xd8, 0x92, - 0xb5, 0x93, 0x55, 0xc4, 0x9a, 0xf5, 0x3d, 0x63, 0x7f, 0xab, 0xb3, 0x99, 0x33, 0x8a, 0x42, 0x5a, - 0xe8, 0xb1, 0x4b, 0x7c, 0xcf, 0x3f, 0x63, 0xa3, 0x48, 0x34, 0x2f, 0x15, 0x1c, 0xf4, 0xb4, 0x8c, - 0xe6, 0x5a, 0x84, 0x4d, 0x98, 0x1f, 0x33, 0x81, 0xa6, 0x97, 0xa5, 0xa9, 0x84, 0x1d, 0x67, 0x42, - 0x5a, 0xe8, 0xdd, 0x21, 0x58, 0x19, 0x04, 0x96, 0xfb, 0xb0, 0xaf, 0x1b, 0xc1, 0x1c, 0xf6, 0xc9, - 0x21, 0xac, 0x27, 0x67, 0x5e, 0x1c, 0x84, 0x73, 0xc9, 0xcb, 0x56, 0xe7, 0x62, 0x7e, 0xe2, 0x58, - 0xc9, 0x11, 0x2c, 0xb3, 0x71, 0x39, 0xd8, 0xf9, 0x11, 0x6f, 0x60, 0x35, 0xa0, 0x92, 0x06, 0x53, - 0x89, 0xb3, 0x49, 0x71, 0x89, 0x92, 0x79, 0xa0, 0x72, 0xbf, 0x49, 0x71, 0x89, 0x64, 0x2f, 0xf9, - 0x94, 0x49, 0x5a, 0x37, 0xa9, 0x5c, 0x23, 0x7f, 0x3c, 0x12, 0x01, 0x0f, 0xbd, 0x45, 0xc6, 0x5f, - 0xb6, 0x77, 0xef, 0x41, 0x5d, 0xbd, 0x37, 0x64, 0x0f, 0x2a, 0x49, 0xec, 0xeb, 0x37, 0x6f, 0x2b, - 0x7b, 0x88, 0xd4, 0x93, 0x45, 0x51, 0x95, 0x27, 0xd2, 0x2c, 0x12, 0xe9, 0x52, 0x80, 0xc2, 0xec, - 0xdf, 0x29, 0x18, 0xf7, 0x3b, 0x03, 0xac, 0xec, 0xa9, 0xc4, 0xbe, 0x0f, 0xa6, 0x2c, 0x14, 0xc1, - 0x2c, 0x60, 0xb1, 0x26, 0xa3, 0x24, 0x21, 0x87, 0x50, 0xf3, 0x84, 0x88, 0xb3, 0x76, 0xfa, 0x6f, - 0xf9, 0x9d, 0x6d, 0x1d, 0xa1, 0x66, 0x10, 0x8a, 0x78, 0x45, 0x95, 0xd5, 0xf6, 0x5d, 0x80, 0x42, - 0x88, 0xfc, 0x3d, 0x61, 0x2b, 0x8d, 0x8a, 0x4b, 0x72, 0x09, 0x6a, 0x4f, 0xbd, 0x45, 0xca, 0x74, - 0x50, 0x6a, 0xf3, 0x89, 0x79, 0xd7, 0x70, 0x7f, 0x32, 0x61, 0x5d, 0xbf, 0xbb, 0xe4, 0x26, 0xac, - 0xcb, 0x77, 0x57, 0x47, 0xf4, 0xf6, 0x9b, 0x66, 0x26, 0xa4, 0x9d, 0x0f, 0x94, 0x52, 0x8c, 0x1a, - 0x4a, 0x0d, 0x16, 0x1d, 0x63, 0x31, 0x5e, 0x2a, 0x53, 0x36, 0xd3, 0x93, 0x43, 0xa6, 0xa2, 0xcf, - 0x66, 0x41, 0x18, 0x60, 0xce, 0x28, 0xaa, 0xc8, 0xcd, 0xec, 0xd6, 0x55, 0x89, 0x78, 0xa5, 0x8c, - 0xf8, 0xe6, 0xa5, 0x87, 0xe0, 0x94, 0x8e, 0x79, 0xcb, 0xad, 0x3f, 0x2a, 0xdf, 0x5a, 0x1f, 0x29, - 0xe1, 0xd4, 0xd8, 0x2b, 0x58, 0xf8, 0x07, 0xfc, 0xdd, 0x06, 0x28, 0x20, 0xdf, 0xbd, 0x52, 0xdc, - 0x67, 0x15, 0x80, 0x51, 0x84, 0x0f, 0xe2, 0xd4, 0x93, 0xef, 0xe7, 0x46, 0x30, 0x0f, 0x79, 0xcc, - 0x1e, 0xcb, 0x66, 0x95, 0xfe, 0x16, 0x75, 0x94, 0x4c, 0xf6, 0x15, 0x39, 0x02, 0x67, 0xca, 0x12, - 0x3f, 0x0e, 0x64, 0x91, 0x6b, 0xd2, 0x77, 0xf1, 0x4e, 0x05, 0x4e, 0xab, 0x5f, 0x58, 0x28, 0xae, - 0xca, 0x3e, 0xa4, 0x03, 0x1b, 0xec, 0x3c, 0xe2, 0xb1, 0xd0, 0xa7, 0xa8, 0xf1, 0x7c, 0x41, 0x0d, - 0x7a, 0x94, 0xcb, 0x93, 0xa8, 0xc3, 0x8a, 0x0d, 0xf1, 0xa0, 0xea, 0x7b, 0x91, 0x9a, 0x4d, 0x4e, - 0xa7, 0xf9, 0xda, 0x79, 0x3d, 0x2f, 0x52, 0xa4, 0x75, 0x6f, 0xe1, 0x5d, 0x9f, 0xfd, 0xb6, 0x7b, - 0x50, 0x1a, 0x48, 0x4b, 0x3e, 0x59, 0xb5, 0x65, 0xbd, 0x3c, 0x09, 0x44, 0x3b, 0x15, 0xc1, 0xa2, - 0xed, 0x45, 0x01, 0xc2, 0xa1, 0xe3, 0xb0, 0x4f, 0x25, 0xf4, 0xf6, 0x3d, 0x68, 0xbc, 0x1e, 0xf7, - 0xfb, 0xe4, 0x60, 0xfb, 0x0e, 0xd8, 0x79, 0x1c, 0x7f, 0xe7, 0x68, 0x95, 0x93, 0x77, 0x0d, 0x9c, - 0xd2, 0xbd, 0xd1, 0xf0, 0x54, 0x1a, 0x2a, 0xf6, 0xd5, 0xc6, 0x7d, 0x86, 0xff, 0x06, 0x7a, 0x8a, - 0x90, 0x0f, 0x00, 0xce, 0x84, 0x88, 0x1e, 0xcb, 0xb1, 0xa2, 0x0f, 0xb1, 0x51, 0x22, 0x2d, 0xc8, - 0x2e, 0x38, 0xb8, 0x49, 0xb4, 0x5e, 0x45, 0x2a, 0x3d, 0x12, 0x65, 0xf0, 0x7f, 0xb0, 0x67, 0xb9, - 0xbb, 0x1a, 0x1d, 0xd6, 0x2c, 0xf3, 0xfe, 0x1f, 0x58, 0x21, 0xd7, 0x3a, 0x35, 0xe5, 0xd6, 0x43, - 0x2e, 0x55, 0xee, 0x01, 0xfc, 0xe7, 0x8d, 0x1f, 0x19, 0x72, 0x05, 0xea, 0xb3, 0x60, 0x21, 0x64, - 0xbb, 0xe2, 0xe0, 0xd4, 0x3b, 0xf7, 0x17, 0x03, 0xa0, 0x68, 0x2d, 0x64, 0x04, 0xfb, 0x0e, 0x6d, - 0x36, 0x54, 0x9f, 0x2d, 0xc0, 0x5a, 0xea, 0x0c, 0xea, 0x3a, 0xba, 0xfa, 0x6a, 0x3b, 0xb6, 0xb2, - 0x04, 0xab, 0xdc, 0x76, 0x74, 0x6e, 0xdf, 0xe7, 0x67, 0x23, 0x3f, 0x61, 0xfb, 0x01, 0x6c, 0xbe, - 0x02, 0xf7, 0x8e, 0x9d, 0x5a, 0x54, 0x59, 0x29, 0x65, 0x37, 0x3e, 0x05, 0x3b, 0x1f, 0x82, 0xc4, - 0x82, 0x6a, 0x77, 0xf8, 0x45, 0xbf, 0xb1, 0x46, 0x00, 0xea, 0xe3, 0x41, 0x8f, 0x0e, 0x4e, 0x1a, - 0x06, 0x59, 0x87, 0xca, 0x78, 0x7c, 0xdc, 0x30, 0x89, 0x0d, 0xb5, 0xde, 0x51, 0xef, 0x78, 0xd0, - 0xa8, 0xe0, 0xf2, 0xe4, 0xe1, 0xa3, 0xfb, 0xe3, 0x46, 0xf5, 0xc6, 0x6d, 0xb8, 0xf0, 0xda, 0xa0, - 0x92, 0xde, 0xc7, 0x47, 0x74, 0x80, 0x48, 0x0e, 0xac, 0x3f, 0xa2, 0xc3, 0xd3, 0xa3, 0x93, 0x41, - 0xc3, 0x40, 0xc5, 0xe7, 0xa3, 0xde, 0x83, 0x41, 0xbf, 0x61, 0x76, 0x1b, 0xcf, 0x5f, 0xee, 0x18, - 0x3f, 0xbf, 0xdc, 0x31, 0x7e, 0x7f, 0xb9, 0x63, 0x7c, 0xfb, 0xc7, 0xce, 0xda, 0xa4, 0x2e, 0x7f, - 0xb0, 0x6f, 0xfd, 0x19, 0x00, 0x00, 0xff, 0xff, 0xa3, 0xba, 0x5c, 0x6e, 0xa0, 0x0b, 0x00, 0x00, + // 1415 bytes of a gzipped FileDescriptorProto + 0x1f, 0x8b, 0x08, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0xff, 0xac, 0x57, 0xcd, 0x6f, 0x1b, 0x45, + 0x14, 0x8f, 0xd7, 0x9f, 0xfb, 0x9c, 0xa4, 0x66, 0xfa, 0x81, 0x09, 0x25, 0x09, 0x5b, 0x40, 0x69, + 0xd2, 0x38, 0x92, 0x2b, 0xb5, 0x15, 0x87, 0x8a, 0xf8, 0xa3, 0x8a, 0x29, 0x89, 0xa3, 0x71, 0x08, + 0xc7, 0x6a, 0xb3, 0x1e, 0x3b, 0xab, 0x38, 0x3b, 0xab, 0xdd, 0x71, 0x1b, 0x5f, 0x38, 0xf4, 0x2f, + 0x40, 0x42, 0xe2, 0xce, 0x91, 0x0b, 0xff, 0x01, 0xf7, 0x1e, 0xb9, 0xc2, 0xa1, 0xa0, 0xf2, 0x8f, + 0xa0, 0xf7, 0x66, 0xd6, 0xbb, 0xfd, 0x40, 0xb4, 0x82, 0x93, 0xdf, 0xbc, 0xf7, 0x9b, 0xdf, 0xcc, + 0xfc, 0xde, 0x9b, 0x79, 0x6b, 0xb0, 0x65, 0x18, 0x37, 0xc2, 0x48, 0x2a, 0xc9, 0xac, 0xf0, 0x64, + 0x65, 0x7b, 0xec, 0xab, 0xd3, 0xe9, 0x49, 0xc3, 0x93, 0xe7, 0x3b, 0x63, 0x39, 0x96, 0x3b, 0x14, + 0x3a, 0x99, 0x8e, 0x68, 0x44, 0x03, 0xb2, 0xf4, 0x14, 0xe7, 0x47, 0x0b, 0xac, 0x7e, 0xc8, 0x3e, + 0x86, 0x92, 0x1f, 0x84, 0x53, 0x15, 0xd7, 0x73, 0xeb, 0xf9, 0x8d, 0x6a, 0xd3, 0x6e, 0x84, 0x27, + 0x8d, 0x1e, 0x7a, 0xb8, 0x09, 0xb0, 0x75, 0x28, 0x88, 0x0b, 0xe1, 0xd5, 0xad, 0xf5, 0xdc, 0x46, + 0xb5, 0x09, 0x08, 0xe8, 0x5e, 0x08, 0xaf, 0x1f, 0xee, 0x2d, 0x70, 0x8a, 0xb0, 0xcf, 0xa0, 0x14, + 0xcb, 0x69, 0xe4, 0x89, 0x7a, 0x9e, 0x30, 0x8b, 0x88, 0x19, 0x90, 0x87, 0x50, 0x26, 0x8a, 0x4c, + 0x9e, 0x0c, 0x67, 0xf5, 0x42, 0xca, 0xd4, 0x96, 0xe1, 0x4c, 0x33, 0x61, 0x84, 0xdd, 0x80, 0xe2, + 0xc9, 0xd4, 0x9f, 0x0c, 0xeb, 0x45, 0x82, 0x54, 0x11, 0xd2, 0x42, 0x07, 0x61, 0x74, 0x8c, 0x6d, + 0x40, 0x25, 0x9c, 0xb8, 0x6a, 0x24, 0xa3, 0xf3, 0x3a, 0xa4, 0x0b, 0x1e, 0x1a, 0x1f, 0x9f, 0x47, + 0xd9, 0x5d, 0xa8, 0x7a, 0x32, 0x88, 0x55, 0xe4, 0xfa, 0x81, 0x8a, 0xeb, 0x55, 0x02, 0x5f, 0x45, + 0xf0, 0x37, 0x32, 0x3a, 0x13, 0x51, 0x3b, 0x0d, 0xf2, 0x2c, 0xb2, 0x55, 0x00, 0x4b, 0x86, 0xce, + 0x0f, 0x39, 0xa8, 0x24, 0xac, 0xcc, 0x81, 0xc5, 0xdd, 0xc8, 0x3b, 0xf5, 0x95, 0xf0, 0xd4, 0x34, + 0x12, 0xf5, 0xdc, 0x7a, 0x6e, 0xc3, 0xe6, 0x2f, 0xf9, 0xd8, 0x32, 0x58, 0xfd, 0x01, 0x09, 0x65, + 0x73, 0xab, 0x3f, 0x60, 0x75, 0x28, 0x1f, 0xbb, 0x91, 0xef, 0x06, 0x8a, 0x94, 0xb1, 0x79, 0x32, + 0x64, 0xd7, 0xc1, 0xee, 0x0f, 0x8e, 0x45, 0x14, 0xfb, 0x32, 0x20, 0x3d, 0x6c, 0x9e, 0x3a, 0xd8, + 0x2a, 0x40, 0x7f, 0xf0, 0x40, 0xb8, 0x48, 0x1a, 0xd7, 0x8b, 0xeb, 0xf9, 0x0d, 0x9b, 0x67, 0x3c, + 0xce, 0xb7, 0x50, 0xa4, 0x1c, 0xb1, 0x2f, 0xa1, 0x34, 0xf4, 0xc7, 0x22, 0x56, 0x7a, 0x3b, 0xad, + 0xe6, 0xb3, 0xe7, 0x6b, 0x0b, 0xbf, 0x3f, 0x5f, 0xdb, 0xcc, 0x14, 0x83, 0x0c, 0x45, 0xe0, 0xc9, + 0x40, 0xb9, 0x7e, 0x20, 0xa2, 0x78, 0x67, 0x2c, 0xb7, 0xf5, 0x94, 0x46, 0x87, 0x7e, 0xb8, 0x61, + 0x60, 0x37, 0xa1, 0xe8, 0x07, 0x43, 0x71, 0x41, 0xfb, 0xcf, 0xb7, 0x2e, 0x1b, 0xaa, 0x6a, 0x7f, + 0xaa, 0xc2, 0xa9, 0xea, 0x61, 0x88, 0x6b, 0x84, 0x13, 0x42, 0x49, 0x97, 0x00, 0xbb, 0x0e, 0x85, + 0x73, 0xa1, 0x5c, 0x5a, 0xbe, 0xda, 0xac, 0xa0, 0xb4, 0xfb, 0x42, 0xb9, 0x9c, 0xbc, 0x58, 0x5d, + 0xe7, 0x72, 0x8a, 0xd2, 0x5b, 0x69, 0x75, 0xed, 0xa3, 0x87, 0x9b, 0x00, 0xfb, 0x14, 0xca, 0x81, + 0x50, 0x4f, 0x64, 0x74, 0x46, 0x12, 0x2d, 0xeb, 0x9c, 0x1f, 0x08, 0xb5, 0x2f, 0x87, 0x82, 0x27, + 0x31, 0xe7, 0xa7, 0x1c, 0x14, 0x90, 0x98, 0x31, 0x28, 0xb8, 0xd1, 0x58, 0x97, 0xab, 0xcd, 0xc9, + 0x66, 0x35, 0xc8, 0x8b, 0xe0, 0x31, 0xad, 0x61, 0x73, 0x34, 0xd1, 0xe3, 0x3d, 0x19, 0x1a, 0xd1, + 0xd1, 0xc4, 0x79, 0xd3, 0x58, 0x44, 0x46, 0x6b, 0xb2, 0xd9, 0x4d, 0xb0, 0xc3, 0x48, 0x5e, 0xcc, + 0x1e, 0xe1, 0xec, 0x62, 0xa6, 0x92, 0xd0, 0xd9, 0x0d, 0x1e, 0xf3, 0x4a, 0x68, 0x2c, 0xb6, 0x09, + 0x20, 0x2e, 0x54, 0xe4, 0xee, 0xc9, 0x58, 0xc5, 0xf5, 0x12, 0x9d, 0x86, 0x0a, 0x18, 0x1d, 0xbd, + 0x43, 0x9e, 0x89, 0x3a, 0x3f, 0x5b, 0x50, 0xa4, 0x43, 0xb2, 0x0d, 0x94, 0x34, 0x9c, 0xea, 0xec, + 0xe4, 0x5b, 0xcc, 0x48, 0x0a, 0x94, 0xbc, 0xb9, 0xa2, 0x98, 0xc8, 0x15, 0xa8, 0xc4, 0x62, 0x22, + 0x3c, 0x25, 0x23, 0x53, 0x3f, 0xf3, 0x31, 0x6e, 0x7d, 0x88, 0x29, 0xd6, 0xa7, 0x21, 0x9b, 0x6d, + 0x41, 0x49, 0x52, 0x5e, 0xe8, 0x40, 0xff, 0x90, 0x2d, 0x03, 0x41, 0xf2, 0x48, 0xb8, 0x43, 0x19, + 0x4c, 0x66, 0x74, 0xcc, 0x0a, 0x9f, 0x8f, 0xd9, 0x16, 0xd8, 0x94, 0x89, 0xa3, 0x59, 0x28, 0xea, + 0x25, 0xca, 0xc0, 0xd2, 0x3c, 0x4b, 0xe8, 0xe4, 0x69, 0x1c, 0x6f, 0x9e, 0xe7, 0x7a, 0xa7, 0xa2, + 0x1f, 0xaa, 0xfa, 0x95, 0x54, 0xaf, 0xb6, 0xf1, 0xf1, 0x79, 0x14, 0x69, 0x63, 0xe1, 0x45, 0x42, + 0x21, 0xf4, 0x2a, 0x41, 0x89, 0x76, 0x90, 0x38, 0x79, 0x1a, 0x77, 0x7a, 0x50, 0x49, 0x28, 0xf0, + 0x0a, 0xf5, 0x3a, 0xe6, 0x72, 0x59, 0xbd, 0x0e, 0xdb, 0x86, 0x72, 0x7c, 0xea, 0x46, 0x7e, 0x30, + 0x26, 0x5d, 0x96, 0x9b, 0x97, 0xe7, 0x2b, 0x0e, 0xb4, 0x1f, 0xc9, 0x12, 0x8c, 0x23, 0xc1, 0x9e, + 0x2f, 0xf1, 0x1a, 0x57, 0x0d, 0xf2, 0x53, 0x7f, 0x48, 0x3c, 0x4b, 0x1c, 0x4d, 0xf4, 0x8c, 0x7d, + 0x5d, 0x27, 0x4b, 0x1c, 0x4d, 0x14, 0xfb, 0x5c, 0x0e, 0x05, 0xc9, 0xba, 0xc4, 0xc9, 0x46, 0xfd, + 0x64, 0xa8, 0x7c, 0x19, 0xb8, 0x93, 0x44, 0xbf, 0x64, 0xec, 0xdc, 0x87, 0x92, 0x7e, 0xc3, 0xd8, + 0x3a, 0xe4, 0xe3, 0xc8, 0x33, 0xef, 0xe8, 0x72, 0xf2, 0xb8, 0xe9, 0x67, 0x90, 0x63, 0x68, 0x9e, + 0x48, 0x2b, 0x4d, 0xa4, 0xc3, 0x01, 0x52, 0xd8, 0xff, 0x53, 0x30, 0xce, 0xf7, 0x39, 0xa8, 0x24, + 0xcf, 0x2f, 0xbe, 0x25, 0xfe, 0x50, 0x04, 0xca, 0x1f, 0xf9, 0x22, 0x32, 0x62, 0x64, 0x3c, 0x6c, + 0x1b, 0x8a, 0xae, 0x52, 0x51, 0x72, 0x45, 0xdf, 0xcf, 0xbe, 0xdd, 0x8d, 0x5d, 0x8c, 0x74, 0x03, + 0x15, 0xcd, 0xb8, 0x46, 0xad, 0xdc, 0x03, 0x48, 0x9d, 0xa8, 0xdf, 0x99, 0x98, 0x19, 0x56, 0x34, + 0xd9, 0x15, 0x28, 0x3e, 0x76, 0x27, 0x53, 0x61, 0x36, 0xa5, 0x07, 0x9f, 0x5b, 0xf7, 0x72, 0xce, + 0x2f, 0x16, 0x94, 0xcd, 0x5b, 0xce, 0x6e, 0x41, 0x99, 0xde, 0x72, 0xb3, 0xa3, 0x37, 0x9f, 0x34, + 0x81, 0xb0, 0x9d, 0x79, 0x93, 0xca, 0xec, 0xd1, 0x50, 0xe9, 0x66, 0x65, 0xf6, 0x98, 0xb6, 0xac, + 0xfc, 0x50, 0x8c, 0x4c, 0x37, 0xa2, 0x54, 0x74, 0xc4, 0xc8, 0x0f, 0x7c, 0xcc, 0x19, 0xc7, 0x10, + 0xbb, 0x95, 0x9c, 0xba, 0x40, 0x8c, 0xd7, 0xb2, 0x8c, 0xaf, 0x1f, 0xba, 0x07, 0xd5, 0xcc, 0x32, + 0x6f, 0x38, 0xf5, 0x27, 0xd9, 0x53, 0x9b, 0x25, 0x89, 0x4e, 0xb7, 0xd2, 0x54, 0x85, 0xff, 0xa0, + 0xdf, 0x1d, 0x80, 0x94, 0xf2, 0xed, 0x2b, 0xc5, 0x79, 0x9a, 0x07, 0xe8, 0x87, 0xf8, 0x78, 0x0e, + 0x5d, 0x7a, 0x93, 0x17, 0xfd, 0x71, 0x20, 0x23, 0xf1, 0x88, 0x2e, 0x2b, 0xcd, 0xaf, 0xf0, 0xaa, + 0xf6, 0xd1, 0xbd, 0x62, 0xbb, 0x50, 0x1d, 0x8a, 0xd8, 0x8b, 0x7c, 0x2a, 0x72, 0x23, 0xfa, 0x1a, + 0x9e, 0x29, 0xe5, 0x69, 0x74, 0x52, 0x84, 0xd6, 0x2a, 0x3b, 0x87, 0x35, 0x61, 0x51, 0x5c, 0x84, + 0x32, 0x52, 0x66, 0x15, 0xdd, 0xf2, 0x2f, 0xe9, 0x8f, 0x07, 0xf4, 0xd3, 0x4a, 0xbc, 0x2a, 0xd2, + 0x01, 0x73, 0xa1, 0xe0, 0xb9, 0xa1, 0xee, 0x77, 0xd5, 0x66, 0xfd, 0x95, 0xf5, 0xda, 0x6e, 0xa8, + 0x45, 0x6b, 0xdd, 0xc6, 0xb3, 0x3e, 0xfd, 0x63, 0x6d, 0x2b, 0xd3, 0xe4, 0xce, 0xe5, 0xc9, 0x6c, + 0x87, 0xea, 0xe5, 0xcc, 0x57, 0x3b, 0x53, 0xe5, 0x4f, 0x76, 0xdc, 0xd0, 0x47, 0x3a, 0x9c, 0xd8, + 0xeb, 0x70, 0xa2, 0x5e, 0xb9, 0x0f, 0xb5, 0x57, 0xf7, 0xfd, 0x2e, 0x39, 0x58, 0xb9, 0x0b, 0xf6, + 0x7c, 0x1f, 0xff, 0x36, 0xb1, 0x92, 0x4d, 0xde, 0x0d, 0xa8, 0x66, 0xce, 0x8d, 0xc0, 0x63, 0x02, + 0x6a, 0xf5, 0xf5, 0xc0, 0x79, 0x8a, 0xdf, 0x1b, 0x49, 0xc7, 0xf9, 0x08, 0xe0, 0x54, 0xa9, 0xf0, + 0x11, 0xb5, 0x20, 0xb3, 0x88, 0x8d, 0x1e, 0x42, 0xb0, 0x35, 0xa8, 0xe2, 0x20, 0x36, 0x71, 0xbd, + 0x53, 0x9a, 0x11, 0x6b, 0xc0, 0x87, 0x60, 0x8f, 0xe6, 0xd3, 0x75, 0xeb, 0xa8, 0x8c, 0x92, 0xd9, + 0x1f, 0x40, 0x25, 0x90, 0x26, 0xa6, 0x3b, 0x62, 0x39, 0x90, 0x14, 0x72, 0xb6, 0xe0, 0xbd, 0xd7, + 0x3e, 0x8e, 0xd8, 0x35, 0x28, 0x8d, 0xfc, 0x89, 0xa2, 0xeb, 0x8a, 0x4d, 0xd6, 0x8c, 0x9c, 0xdf, + 0x72, 0x00, 0xe9, 0xd5, 0x42, 0x45, 0xf0, 0xde, 0x21, 0x66, 0x51, 0xdf, 0xb3, 0x09, 0x54, 0xce, + 0x4d, 0x06, 0x4d, 0x1d, 0x5d, 0x7f, 0xf9, 0x3a, 0x36, 0x92, 0x04, 0xeb, 0xdc, 0x36, 0x4d, 0x6e, + 0xdf, 0xe5, 0x03, 0x66, 0xbe, 0xc2, 0xca, 0x43, 0x58, 0x7a, 0x89, 0xee, 0x2d, 0x6f, 0x6a, 0x5a, + 0x65, 0xd9, 0x94, 0xdd, 0x82, 0x92, 0x6e, 0xee, 0xf8, 0x6e, 0xa3, 0x65, 0x68, 0xc8, 0xa6, 0xde, + 0x72, 0x98, 0x7c, 0xea, 0xf5, 0x0e, 0x37, 0x37, 0xa0, 0x6c, 0x3e, 0x5a, 0x98, 0x0d, 0xc5, 0xaf, + 0x0f, 0x06, 0xdd, 0xa3, 0xda, 0x02, 0xab, 0x40, 0x61, 0xaf, 0x3f, 0x38, 0xaa, 0xe5, 0xd0, 0x3a, + 0xe8, 0x1f, 0x74, 0x6b, 0xd6, 0xe6, 0x17, 0x60, 0xcf, 0x9b, 0x2b, 0xba, 0x5b, 0xbd, 0x83, 0x4e, + 0x6d, 0x81, 0x01, 0x94, 0x06, 0xdd, 0x36, 0xef, 0x22, 0xb8, 0x0c, 0xf9, 0xc1, 0x60, 0xaf, 0x66, + 0x21, 0x55, 0x7b, 0xb7, 0xbd, 0xd7, 0xad, 0xe5, 0xd1, 0x3c, 0xda, 0x3f, 0x7c, 0x30, 0xa8, 0x15, + 0x36, 0xef, 0xc0, 0xa5, 0x57, 0x1a, 0x20, 0xcd, 0xde, 0xdb, 0xe5, 0x5d, 0x64, 0xaa, 0x42, 0xf9, + 0x90, 0xf7, 0x8e, 0x77, 0x8f, 0xba, 0xb5, 0x1c, 0x06, 0xbe, 0xea, 0xb7, 0x1f, 0x76, 0x3b, 0x35, + 0xab, 0x55, 0x7b, 0xf6, 0x62, 0x35, 0xf7, 0xeb, 0x8b, 0xd5, 0xdc, 0x9f, 0x2f, 0x56, 0x73, 0xdf, + 0xfd, 0xb5, 0xba, 0x70, 0x52, 0xa2, 0x3f, 0x03, 0xb7, 0xff, 0x0e, 0x00, 0x00, 0xff, 0xff, 0x8c, + 0x1e, 0x1e, 0x98, 0x4c, 0x0c, 0x00, 0x00, } diff --git a/vendor/github.com/moby/buildkit/solver/pb/ops.proto b/vendor/github.com/moby/buildkit/solver/pb/ops.proto index 50ed763bc5..17b5506add 100644 --- a/vendor/github.com/moby/buildkit/solver/pb/ops.proto +++ b/vendor/github.com/moby/buildkit/solver/pb/ops.proto @@ -41,6 +41,7 @@ message Input { message ExecOp { Meta meta = 1; repeated Mount mounts = 2; + NetMode network = 3; } // Meta is a set of arguments for ExecOp. @@ -52,6 +53,13 @@ message Meta { string cwd = 3; string user = 4; ProxyEnv proxy_env = 5; + repeated HostIP extraHosts = 6; +} + +enum NetMode { + UNSET = 0; // sandbox + HOST = 1; + NONE = 2; } // Mount specifies how to mount an input Op as a filesystem. @@ -181,3 +189,8 @@ message Definition { // A key must be an LLB op digest string. Currently, empty string is not expected as a key, but it may change in the future. map metadata = 2 [(gogoproto.castkey) = "github.com/opencontainers/go-digest.Digest", (gogoproto.nullable) = false]; } + +message HostIP { + string Host = 1; + string IP = 2; +} \ No newline at end of file diff --git a/vendor/github.com/moby/buildkit/util/entitlements/entitlements.go b/vendor/github.com/moby/buildkit/util/entitlements/entitlements.go new file mode 100644 index 0000000000..4bd7f2a809 --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/entitlements/entitlements.go @@ -0,0 +1,70 @@ +package entitlements + +import "github.com/pkg/errors" + +type Entitlement string + +const ( + EntitlementSecurityConfined Entitlement = "security.confined" + EntitlementSecurityUnconfined Entitlement = "security.unconfined" // unimplemented + EntitlementNetworkHost Entitlement = "network.host" + EntitlementNetworkNone Entitlement = "network.none" +) + +var all = map[Entitlement]struct{}{ + EntitlementSecurityConfined: {}, + EntitlementSecurityUnconfined: {}, + EntitlementNetworkHost: {}, + EntitlementNetworkNone: {}, +} + +var defaults = map[Entitlement]struct{}{ + EntitlementSecurityConfined: {}, + EntitlementNetworkNone: {}, +} + +func Parse(s string) (Entitlement, error) { + _, ok := all[Entitlement(s)] + if !ok { + return "", errors.Errorf("unknown entitlement %s", s) + } + return Entitlement(s), nil +} + +func WhiteList(allowed, supported []Entitlement) (Set, error) { + m := map[Entitlement]struct{}{} + + var supm Set + if supported != nil { + var err error + supm, err = WhiteList(supported, nil) + if err != nil { // should not happen + return nil, err + } + } + + for _, e := range allowed { + e, err := Parse(string(e)) + if err != nil { + return nil, err + } + if supported != nil { + if !supm.Allowed(e) { + return nil, errors.Errorf("entitlement %s is not allowed", e) + } + } + m[e] = struct{}{} + } + + for e := range defaults { + m[e] = struct{}{} + } + return Set(m), nil +} + +type Set map[Entitlement]struct{} + +func (s Set) Allowed(e Entitlement) bool { + _, ok := s[e] + return ok +} diff --git a/vendor/github.com/moby/buildkit/util/network/network.go b/vendor/github.com/moby/buildkit/util/network/network.go new file mode 100644 index 0000000000..2f66652dcf --- /dev/null +++ b/vendor/github.com/moby/buildkit/util/network/network.go @@ -0,0 +1,22 @@ +package network + +// Provider interface for Network +type Provider interface { + NewInterface() (Interface, error) + Release(Interface) error +} + +// Interface of network for workers +type Interface interface { + // Set the pid with network interace namespace + Set(int) error + // Removes the network interface + Remove(int) error +} + +// NetworkOpts hold network options +type NetworkOpts struct { + Type string + CNIConfigPath string + CNIPluginPath string +} diff --git a/vendor/github.com/moby/buildkit/vendor.conf b/vendor/github.com/moby/buildkit/vendor.conf index c5ce6efc67..a08531dbff 100644 --- a/vendor/github.com/moby/buildkit/vendor.conf +++ b/vendor/github.com/moby/buildkit/vendor.conf @@ -6,7 +6,7 @@ github.com/davecgh/go-spew v1.1.0 github.com/pmezard/go-difflib v1.0.0 golang.org/x/sys 1b2967e3c290b7c545b3db0deeda16e9be4f98a2 -github.com/containerd/containerd a88b6319614de846458750ff882723479ca7b1a1 +github.com/containerd/containerd v1.2.0-beta.0 github.com/containerd/typeurl a93fcdb778cd272c6e9b3028b2f42d813e785d40 golang.org/x/sync 450f422ab23cf9881c94e2db30cac0eb1b7cf80c github.com/sirupsen/logrus v1.0.0 @@ -21,9 +21,9 @@ github.com/opencontainers/image-spec v1.0.1 github.com/opencontainers/runc ad0f5255060d36872be04de22f8731f38ef2d7b1 github.com/Microsoft/go-winio v0.4.7 github.com/containerd/fifo 3d5202aec260678c48179c56f40e6f38a095738c -github.com/opencontainers/runtime-spec v1.0.1 -github.com/containerd/go-runc f271fa2021de855d4d918dbef83c5fe19db1bdd5 -github.com/containerd/console 5d1b48d6114b8c9666f0c8b916f871af97b0a761 +github.com/opencontainers/runtime-spec d810dbc60d8c5aeeb3d054bd1132fab2121968ce # v1.0.1-43-gd810dbc +github.com/containerd/go-runc edcf3de1f4971445c42d61f20d506b30612aa031 +github.com/containerd/console 4d8a41f4ce5b9bae77c41786ea2458330f43f081 google.golang.org/genproto d80a6e20e776b0b17a324d0ba1ab50a39c8e8944 golang.org/x/text 19e51611da83d6be54ddafce4a4af510cb3e9ea4 github.com/docker/go-events 9461782956ad83b30282bf90e31fa6a70c255ba9