beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

vendor: github.com/moby/buildkit v0.13.0-rc3

Browse source 
full diff: https://github.com/moby/buildkit/compare/v0.13.0-rc2...v0.13.0-rc3

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This commit is contained in:
Paweł Gronowski 2024-02-28 10:05:02 +01:00
parent b37f8c8070
commit 2c9c5e1c03
No known key found for this signature in database
GPG key ID: B85EFCFE26DEF92A
34 changed files with 412 additions and 1155 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
vendor.mod
View file

@ -60,7 +60,7 @@ require (
github.com/miekg/dns v1.1.43
github.com/mistifyio/go-zfs/v3 v3.0.1
github.com/mitchellh/copystructure v1.2.0
github.com/moby/buildkit v0.13.0-rc2
github.com/moby/buildkit v0.13.0-rc3
github.com/moby/docker-image-spec v1.3.1
github.com/moby/ipvs v1.1.0
github.com/moby/locker v1.0.1
@ -132,6 +132,7 @@ require (
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.21.7 // indirect
github.com/aws/aws-sdk-go-v2/service/sts v1.26.7 // indirect
github.com/beorn7/perks v1.0.1 // indirect
github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869 // indirect
github.com/cenkalti/backoff/v4 v4.2.1 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/cilium/ebpf v0.11.0 // indirect
@ -155,7 +156,7 @@ require (
github.com/go-logr/stdr v1.2.2 // indirect
github.com/gofrs/flock v0.8.1 // indirect
github.com/gogo/googleapis v1.4.1 // indirect
github.com/golang-jwt/jwt/v4 v4.4.2 // indirect
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/btree v1.1.2 // indirect
github.com/google/certificate-transparency-go v1.1.4 // indirect
@ -184,10 +185,10 @@ require (
github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529 // indirect
github.com/secure-systems-lab/go-securesystemslib v0.4.0 // indirect
github.com/shibumi/go-pathspec v1.3.0 // indirect
github.com/spdx/tools-golang v0.5.1 // indirect
github.com/spdx/tools-golang v0.5.3 // indirect
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
github.com/tinylib/msgp v1.1.8 // indirect
github.com/tonistiigi/go-actions-cache v0.0.0-20220404170428-0bdeb6e1eac7 // indirect
github.com/tonistiigi/go-actions-cache v0.0.0-20240227172821-a0b64f338598 // indirect
github.com/tonistiigi/units v0.0.0-20180711220420-6950e57a87ea // indirect
github.com/tonistiigi/vt100 v0.0.0-20230623042737-f9a4f7ef6531 // indirect
github.com/weppos/publicsuffix-go v0.15.1-0.20210511084619-b1f36a2d6c0b // indirect

902
vendor.sum
View file

File diff suppressed because it is too large Load diff

18
vendor/github.com/golang-jwt/jwt/v4/README.md generated vendored
View file

@ -54,9 +54,9 @@ import "github.com/golang-jwt/jwt/v4"
See [the project documentation](https://pkg.go.dev/github.com/golang-jwt/jwt/v4) for examples of usage:
* [Simple example of parsing and validating a token](https://pkg.go.dev/github.com/golang-jwt/jwt#example-Parse-Hmac)
* [Simple example of building and signing a token](https://pkg.go.dev/github.com/golang-jwt/jwt#example-New-Hmac)
* [Directory of Examples](https://pkg.go.dev/github.com/golang-jwt/jwt#pkg-examples)
* [Simple example of parsing and validating a token](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#example-Parse-Hmac)
* [Simple example of building and signing a token](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#example-New-Hmac)
* [Directory of Examples](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#pkg-examples)
## Extensions
@ -96,7 +96,7 @@ A token is simply a JSON object that is signed by its author. this tells you exa
* The author of the token was in the possession of the signing secret
* The data has not been modified since it was signed
It's important to know that JWT does not provide encryption, which means anyone who has access to the token can read its contents. If you need to protect (encrypt) the data, there is a companion spec, `JWE`, that provides this functionality. JWE is currently outside the scope of this library.
It's important to know that JWT does not provide encryption, which means anyone who has access to the token can read its contents. If you need to protect (encrypt) the data, there is a companion spec, `JWE`, that provides this functionality. The companion project https://github.com/golang-jwt/jwe aims at a (very) experimental implementation of the JWE standard.
### Choosing a Signing Method
@ -110,10 +110,10 @@ Asymmetric signing methods, such as RSA, use different keys for signing and veri
Each signing method expects a different object type for its signing keys. See the package documentation for details. Here are the most common ones:
* The [HMAC signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation
* The [RSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation
* The [ECDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation
* The [EdDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt#SigningMethodEd25519) (`Ed25519`) expect `ed25519.PrivateKey` for signing and `ed25519.PublicKey` for validation
* The [HMAC signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#SigningMethodHMAC) (`HS256`,`HS384`,`HS512`) expect `[]byte` values for signing and validation
* The [RSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#SigningMethodRSA) (`RS256`,`RS384`,`RS512`) expect `*rsa.PrivateKey` for signing and `*rsa.PublicKey` for validation
* The [ECDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#SigningMethodECDSA) (`ES256`,`ES384`,`ES512`) expect `*ecdsa.PrivateKey` for signing and `*ecdsa.PublicKey` for validation
* The [EdDSA signing method](https://pkg.go.dev/github.com/golang-jwt/jwt/v4#SigningMethodEd25519) (`Ed25519`) expect `ed25519.PrivateKey` for signing and `ed25519.PublicKey` for validation
### JWT and OAuth
@ -131,7 +131,7 @@ This library uses descriptive error messages whenever possible. If you are not g
## More
Documentation can be found [on pkg.go.dev](https://pkg.go.dev/github.com/golang-jwt/jwt).
Documentation can be found [on pkg.go.dev](https://pkg.go.dev/github.com/golang-jwt/jwt/v4).
The command line utility included in this project (cmd/jwt) provides a straightforward example of token creation and parsing as well as a useful tool for debugging your own integration. You'll also find several implementation examples in the documentation.

6
vendor/github.com/golang-jwt/jwt/v4/claims.go generated vendored
View file

@ -265,9 +265,5 @@ func verifyIss(iss string, cmp string, required bool) bool {
if iss == "" {
return !required
}
if subtle.ConstantTimeCompare([]byte(iss), []byte(cmp)) != 0 {
return true
} else {
return false
}
return subtle.ConstantTimeCompare([]byte(iss), []byte(cmp)) != 0
}

7
vendor/github.com/golang-jwt/jwt/v4/parser.go generated vendored
View file

@ -42,6 +42,13 @@ func (p *Parser) Parse(tokenString string, keyFunc Keyfunc) (*Token, error) {
return p.ParseWithClaims(tokenString, MapClaims{}, keyFunc)
}
// ParseWithClaims parses, validates, and verifies like Parse, but supplies a default object implementing the Claims
// interface. This provides default values which can be overridden and allows a caller to use their own type, rather
// than the default MapClaims implementation of Claims.
//
// Note: If you provide a custom claim implementation that embeds one of the standard claims (such as RegisteredClaims),
// make sure that a) you either embed a non-pointer version of the claims or b) if you are using a pointer, allocate the
// proper memory for it before passing in the overall claims, otherwise you might run into a panic.
func (p *Parser) ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc) (*Token, error) {
token, parts, err := p.ParseUnverified(tokenString, claims)
if err != nil {

20
vendor/github.com/golang-jwt/jwt/v4/token.go generated vendored
View file

@ -14,6 +14,12 @@ import (
// To use the non-recommended decoding, set this boolean to `true` prior to using this package.
var DecodePaddingAllowed bool
// DecodeStrict will switch the codec used for decoding JWTs into strict mode.
// In this mode, the decoder requires that trailing padding bits are zero, as described in RFC 4648 section 3.5.
// Note that this is a global variable, and updating it will change the behavior on a package level, and is also NOT go-routine safe.
// To use strict decoding, set this boolean to `true` prior to using this package.
var DecodeStrict bool
// TimeFunc provides the current time when parsing token to validate "exp" claim (expiration time).
// You can override it to use another time value. This is useful for testing or if your
// server uses a different time zone than your tokens.
@ -99,6 +105,11 @@ func Parse(tokenString string, keyFunc Keyfunc, options ...ParserOption) (*Token
return NewParser(options...).Parse(tokenString, keyFunc)
}
// ParseWithClaims is a shortcut for NewParser().ParseWithClaims().
//
// Note: If you provide a custom claim implementation that embeds one of the standard claims (such as RegisteredClaims),
// make sure that a) you either embed a non-pointer version of the claims or b) if you are using a pointer, allocate the
// proper memory for it before passing in the overall claims, otherwise you might run into a panic.
func ParseWithClaims(tokenString string, claims Claims, keyFunc Keyfunc, options ...ParserOption) (*Token, error) {
return NewParser(options...).ParseWithClaims(tokenString, claims, keyFunc)
}
@ -116,12 +127,17 @@ func EncodeSegment(seg []byte) string {
// Deprecated: In a future release, we will demote this function to a non-exported function, since it
// should only be used internally
func DecodeSegment(seg string) ([]byte, error) {
encoding := base64.RawURLEncoding
if DecodePaddingAllowed {
if l := len(seg) % 4; l > 0 {
seg += strings.Repeat("=", 4-l)
}
return base64.URLEncoding.DecodeString(seg)
encoding = base64.URLEncoding
}
return base64.RawURLEncoding.DecodeString(seg)
if DecodeStrict {
encoding = encoding.Strict()
}
return encoding.DecodeString(seg)
}

17
vendor/github.com/moby/buildkit/cache/remote.go generated vendored
View file

@ -18,6 +18,7 @@ import (
"github.com/moby/buildkit/util/leaseutil"
"github.com/moby/buildkit/util/progress/logs"
"github.com/moby/buildkit/util/pull/pullprogress"
digest "github.com/opencontainers/go-digest"
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
"golang.org/x/sync/errgroup"
@ -85,7 +86,7 @@ func (sr *immutableRef) GetRemotes(ctx context.Context, createIfNeeded bool, ref
return res, nil
}
func appendRemote(parents []*solver.Remote, desc ocispecs.Descriptor, p content.Provider) (res []*solver.Remote) {
func appendRemote(parents []*solver.Remote, desc ocispecs.Descriptor, p content.InfoReaderProvider) (res []*solver.Remote) {
for _, pRemote := range parents {
provider := contentutil.NewMultiProvider(pRemote.Provider)
provider.Add(desc.Digest, p)
@ -276,6 +277,10 @@ func (mp *lazyMultiProvider) ReaderAt(ctx context.Context, desc ocispecs.Descrip
return mp.mprovider.ReaderAt(ctx, desc)
}
func (mp *lazyMultiProvider) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
return mp.mprovider.Info(ctx, dgst)
}
func (mp *lazyMultiProvider) Unlazy(ctx context.Context) error {
eg, egctx := errgroup.WithContext(ctx)
for _, p := range mp.plist {
@ -304,6 +309,16 @@ func (p lazyRefProvider) ReaderAt(ctx context.Context, desc ocispecs.Descriptor)
return p.ref.cm.ContentStore.ReaderAt(ctx, desc)
}
func (p lazyRefProvider) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
if dgst != p.desc.Digest {
return content.Info{}, errdefs.ErrNotFound
}
if err := p.Unlazy(ctx); err != nil {
return content.Info{}, errdefs.ErrNotFound
}
return p.ref.cm.ContentStore.Info(ctx, dgst)
}
func (p lazyRefProvider) Unlazy(ctx context.Context) error {
_, err := p.ref.cm.unlazyG.Do(ctx, string(p.desc.Digest), func(ctx context.Context) (_ struct{}, rerr error) {
if isLazy, err := p.ref.isLazy(ctx); err != nil {

43
vendor/github.com/moby/buildkit/cache/remotecache/gha/gha.go generated vendored
View file

@ -33,16 +33,20 @@ func init() {
}
const (
attrScope = "scope"
attrToken = "token"
attrURL = "url"
version = "1"
attrScope = "scope"
attrTimeout = "timeout"
attrToken = "token"
attrURL = "url"
version = "1"
defaultTimeout = 10 * time.Minute
)
type Config struct {
Scope string
URL string
Token string
Scope string
URL string
Token string
Timeout time.Duration
}
func getConfig(attrs map[string]string) (*Config, error) {
@ -58,10 +62,19 @@ func getConfig(attrs map[string]string) (*Config, error) {
if !ok {
return nil, errors.Errorf("token not set for github actions cache")
}
timeout := defaultTimeout
if v, ok := attrs[attrTimeout]; ok {
var err error
timeout, err = time.ParseDuration(v)
if err != nil {
return nil, errors.Wrap(err, "failed to parse timeout for github actions cache")
}
}
return &Config{
Scope: scope,
URL: url,
Token: token,
Scope: scope,
URL: url,
Token: token,
Timeout: timeout,
}, nil
}
@ -85,7 +98,10 @@ type exporter struct {
func NewExporter(c *Config) (remotecache.Exporter, error) {
cc := v1.NewCacheChains()
cache, err := actionscache.New(c.Token, c.URL, actionscache.Opt{Client: tracing.DefaultClient})
cache, err := actionscache.New(c.Token, c.URL, actionscache.Opt{
Client: tracing.DefaultClient,
Timeout: c.Timeout,
})
if err != nil {
return nil, err
}
@ -212,7 +228,10 @@ type importer struct {
}
func NewImporter(c *Config) (remotecache.Importer, error) {
cache, err := actionscache.New(c.Token, c.URL, actionscache.Opt{Client: tracing.DefaultClient})
cache, err := actionscache.New(c.Token, c.URL, actionscache.Opt{
Client: tracing.DefaultClient,
Timeout: c.Timeout,
})
if err != nil {
return nil, err
}

36
vendor/github.com/moby/buildkit/cache/remotecache/v1/chains.go generated vendored
View file

@ -7,9 +7,11 @@ import (
"time"
"github.com/containerd/containerd/content"
"github.com/moby/buildkit/session"
"github.com/moby/buildkit/solver"
digest "github.com/opencontainers/go-digest"
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/pkg/errors"
)
func NewCacheChains() *CacheChains {
@ -120,6 +122,40 @@ type DescriptorProviderPair struct {
Provider content.Provider
}
func (p DescriptorProviderPair) ReaderAt(ctx context.Context, desc ocispecs.Descriptor) (content.ReaderAt, error) {
return p.Provider.ReaderAt(ctx, desc)
}
func (p DescriptorProviderPair) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
if dgst != p.Descriptor.Digest {
return content.Info{}, errors.Errorf("content not found %s", dgst)
}
return content.Info{
Digest: p.Descriptor.Digest,
Size: p.Descriptor.Size,
}, nil
}
func (p DescriptorProviderPair) UnlazySession(desc ocispecs.Descriptor) session.Group {
type unlazySession interface {
UnlazySession(ocispecs.Descriptor) session.Group
}
if cd, ok := p.Provider.(unlazySession); ok {
return cd.UnlazySession(desc)
}
return nil
}
func (p DescriptorProviderPair) SnapshotLabels(descs []ocispecs.Descriptor, index int) map[string]string {
type snapshotLabels interface {
SnapshotLabels([]ocispecs.Descriptor, int) map[string]string
}
if cd, ok := p.Provider.(snapshotLabels); ok {
return cd.SnapshotLabels(descs, index)
}
return nil
}
// item is an implementation of a record in the cache chain. After validation,
// normalization and marshalling into the cache config, the item results form
// into the "layers", while the digests and the links form into the "records".

6
vendor/github.com/moby/buildkit/cache/remotecache/v1/parse.go generated vendored
View file

@ -82,7 +82,7 @@ func parseRecord(cc CacheConfig, idx int, provider DescriptorProvider, t solver.
}
remote.Descriptors = append(remote.Descriptors, descPair.Descriptor)
mp.Add(descPair.Descriptor.Digest, descPair.Provider)
mp.Add(descPair.Descriptor.Digest, descPair)
}
if remote != nil {
remote.Provider = mp
@ -123,12 +123,12 @@ func getRemoteChain(layers []CacheLayer, idx int, provider DescriptorProvider, v
}
r.Descriptors = append(r.Descriptors, descPair.Descriptor)
mp := contentutil.NewMultiProvider(r.Provider)
mp.Add(descPair.Descriptor.Digest, descPair.Provider)
mp.Add(descPair.Descriptor.Digest, descPair)
r.Provider = mp
return r, nil
}
return &solver.Remote{
Descriptors: []ocispecs.Descriptor{descPair.Descriptor},
Provider: descPair.Provider,
Provider: descPair,
}, nil
}

12
vendor/github.com/moby/buildkit/executor/resources/cpu.go generated vendored
View file

@ -8,7 +8,7 @@ import (
"strings"
"syscall"
"github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/pkg/errors"
)
@ -21,8 +21,8 @@ const (
cpuThrottledUsec = "throttled_usec"
)
func getCgroupCPUStat(cgroupPath string) (*types.CPUStat, error) {
cpuStat := &types.CPUStat{}
func getCgroupCPUStat(cgroupPath string) (*resourcestypes.CPUStat, error) {
cpuStat := &resourcestypes.CPUStat{}
// Read cpu.stat file
cpuStatFile, err := os.Open(filepath.Join(cgroupPath, "cpu.stat"))
@ -79,7 +79,7 @@ func getCgroupCPUStat(cgroupPath string) (*types.CPUStat, error) {
return cpuStat, nil
}
func parsePressureFile(filename string) (*types.Pressure, error) {
func parsePressureFile(filename string) (*resourcestypes.Pressure, error) {
content, err := os.ReadFile(filename)
if err != nil {
if errors.Is(err, os.ErrNotExist) || errors.Is(err, syscall.ENOTSUP) { // pressure file requires CONFIG_PSI
@ -90,7 +90,7 @@ func parsePressureFile(filename string) (*types.Pressure, error) {
lines := strings.Split(string(content), "\n")
pressure := &types.Pressure{}
pressure := &resourcestypes.Pressure{}
for _, line := range lines {
// Skip empty lines
if len(strings.TrimSpace(line)) == 0 {
@ -99,7 +99,7 @@ func parsePressureFile(filename string) (*types.Pressure, error) {
fields := strings.Fields(line)
prefix := fields[0]
pressureValues := &types.PressureValues{}
pressureValues := &resourcestypes.PressureValues{}
for i := 1; i < len(fields); i++ {
keyValue := strings.Split(fields[i], "=")

6
vendor/github.com/moby/buildkit/executor/resources/io.go generated vendored
View file

@ -6,7 +6,7 @@ import (
"strconv"
"strings"
"github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/pkg/errors"
)
@ -24,7 +24,7 @@ const (
ioDiscardIOs = "dios"
)
func getCgroupIOStat(cgroupPath string) (*types.IOStat, error) {
func getCgroupIOStat(cgroupPath string) (*resourcestypes.IOStat, error) {
ioStatPath := filepath.Join(cgroupPath, ioStatFile)
data, err := os.ReadFile(ioStatPath)
if err != nil {
@ -34,7 +34,7 @@ func getCgroupIOStat(cgroupPath string) (*types.IOStat, error) {
return nil, errors.Wrapf(err, "failed to read %s", ioStatPath)
}
ioStat := &types.IOStat{}
ioStat := &resourcestypes.IOStat{}
lines := strings.Split(string(data), "\n")
for _, line := range lines {
parts := strings.Fields(line)

6
vendor/github.com/moby/buildkit/executor/resources/memory.go generated vendored
View file

@ -6,7 +6,7 @@ import (
"strconv"
"strings"
"github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/pkg/errors"
)
@ -41,8 +41,8 @@ const (
memoryOomKill = "oom_kill"
)
func getCgroupMemoryStat(path string) (*types.MemoryStat, error) {
memoryStat := &types.MemoryStat{}
func getCgroupMemoryStat(path string) (*resourcestypes.MemoryStat, error) {
memoryStat := &resourcestypes.MemoryStat{}
// Parse memory.stat
err := parseKeyValueFile(filepath.Join(path, memoryStatFile), func(key string, value uint64) {

22
vendor/github.com/moby/buildkit/executor/resources/monitor.go generated vendored
View file

@ -10,7 +10,7 @@ import (
"sync"
"time"
"github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/moby/buildkit/util/bklog"
"github.com/moby/buildkit/util/network"
"github.com/prometheus/procfs"
@ -30,15 +30,15 @@ var isCgroupV2 bool
type cgroupRecord struct {
once sync.Once
ns string
sampler *Sub[*types.Sample]
sampler *Sub[*resourcestypes.Sample]
closeSampler func() error
samples []*types.Sample
samples []*resourcestypes.Sample
err error
done chan struct{}
monitor *Monitor
netSampler NetworkSampler
startCPUStat *procfs.CPUStat
sysCPUStat *types.SysCPUStat
sysCPUStat *resourcestypes.SysCPUStat
}
func (r *cgroupRecord) Wait() error {
@ -90,7 +90,7 @@ func (r *cgroupRecord) close() {
if r.startCPUStat != nil {
stat, err := r.monitor.proc.Stat()
if err == nil {
cpu := &types.SysCPUStat{
cpu := &resourcestypes.SysCPUStat{
User: stat.CPUTotal.User - r.startCPUStat.User,
Nice: stat.CPUTotal.Nice - r.startCPUStat.Nice,
System: stat.CPUTotal.System - r.startCPUStat.System,
@ -108,7 +108,7 @@ func (r *cgroupRecord) close() {
})
}
func (r *cgroupRecord) sample(tm time.Time) (*types.Sample, error) {
func (r *cgroupRecord) sample(tm time.Time) (*resourcestypes.Sample, error) {
cpu, err := getCgroupCPUStat(filepath.Join(defaultMountpoint, r.ns))
if err != nil {
return nil, err
@ -125,7 +125,7 @@ func (r *cgroupRecord) sample(tm time.Time) (*types.Sample, error) {
if err != nil {
return nil, err
}
sample := &types.Sample{
sample := &resourcestypes.Sample{
Timestamp_: tm,
CPUStat: cpu,
MemoryStat: memory,
@ -142,12 +142,12 @@ func (r *cgroupRecord) sample(tm time.Time) (*types.Sample, error) {
return sample, nil
}
func (r *cgroupRecord) Samples() (*types.Samples, error) {
func (r *cgroupRecord) Samples() (*resourcestypes.Samples, error) {
<-r.done
if r.err != nil {
return nil, r.err
}
return &types.Samples{
return &resourcestypes.Samples{
Samples: r.samples,
SysCPUStat: r.sysCPUStat,
}, nil
@ -160,7 +160,7 @@ func (r *nopRecord) Wait() error {
return nil
}
func (r *nopRecord) Samples() (*types.Samples, error) {
func (r *nopRecord) Samples() (*resourcestypes.Samples, error) {
return nil, nil
}
@ -189,7 +189,7 @@ type RecordOpt struct {
NetworkSampler NetworkSampler
}
func (m *Monitor) RecordNamespace(ns string, opt RecordOpt) (types.Recorder, error) {
func (m *Monitor) RecordNamespace(ns string, opt RecordOpt) (resourcestypes.Recorder, error) {
isClosed := false
select {
case <-m.closed:

6
vendor/github.com/moby/buildkit/executor/resources/pids.go generated vendored
View file

@ -6,7 +6,7 @@ import (
"strconv"
"strings"
"github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/pkg/errors"
)
@ -14,8 +14,8 @@ const (
pidsCurrentFile = "pids.current"
)
func getCgroupPIDsStat(path string) (*types.PIDsStat, error) {
pidsStat := &types.PIDsStat{}
func getCgroupPIDsStat(path string) (*resourcestypes.PIDsStat, error) {
pidsStat := &resourcestypes.PIDsStat{}
v, err := parseSingleValueFile(filepath.Join(path, pidsCurrentFile))
if err != nil {

6
vendor/github.com/moby/buildkit/executor/resources/sys.go generated vendored
View file

@ -1,9 +1,9 @@
package resources
import "github.com/moby/buildkit/executor/resources/types"
import resourcestypes "github.com/moby/buildkit/executor/resources/types"
type SysSampler = Sub[*types.SysSample]
type SysSampler = Sub[*resourcestypes.SysSample]
func NewSysSampler() (*Sampler[*types.SysSample], error) {
func NewSysSampler() (*Sampler[*resourcestypes.SysSample], error) {
return newSysSampler()
}

16
vendor/github.com/moby/buildkit/executor/resources/sys_linux.go generated vendored
View file

@ -4,32 +4,32 @@ import (
"os"
"time"
"github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/prometheus/procfs"
)
func newSysSampler() (*Sampler[*types.SysSample], error) {
func newSysSampler() (*Sampler[*resourcestypes.SysSample], error) {
pfs, err := procfs.NewDefaultFS()
if err != nil {
return nil, err
}
return NewSampler(2*time.Second, 20, func(tm time.Time) (*types.SysSample, error) {
return NewSampler(2*time.Second, 20, func(tm time.Time) (*resourcestypes.SysSample, error) {
return sampleSys(pfs, tm)
}), nil
}
func sampleSys(proc procfs.FS, tm time.Time) (*types.SysSample, error) {
func sampleSys(proc procfs.FS, tm time.Time) (*resourcestypes.SysSample, error) {
stat, err := proc.Stat()
if err != nil {
return nil, err
}
s := &types.SysSample{
s := &resourcestypes.SysSample{
Timestamp_: tm,
}
s.CPUStat = &types.SysCPUStat{
s.CPUStat = &resourcestypes.SysCPUStat{
User: stat.CPUTotal.User,
Nice: stat.CPUTotal.Nice,
System: stat.CPUTotal.System,
@ -42,7 +42,7 @@ func sampleSys(proc procfs.FS, tm time.Time) (*types.SysSample, error) {
GuestNice: stat.CPUTotal.GuestNice,
}
s.ProcStat = &types.ProcStat{
s.ProcStat = &resourcestypes.ProcStat{
ContextSwitches: stat.ContextSwitches,
ProcessCreated: stat.ProcessCreated,
ProcessesRunning: stat.ProcessesRunning,
@ -53,7 +53,7 @@ func sampleSys(proc procfs.FS, tm time.Time) (*types.SysSample, error) {
return nil, err
}
s.MemoryStat = &types.SysMemoryStat{
s.MemoryStat = &resourcestypes.SysMemoryStat{
Total: mem.MemTotal,
Free: mem.MemFree,
Buffers: mem.Buffers,

4
vendor/github.com/moby/buildkit/executor/resources/sys_nolinux.go generated vendored
View file

@ -2,8 +2,8 @@
package resources
import "github.com/moby/buildkit/executor/resources/types"
import resourcestypes "github.com/moby/buildkit/executor/resources/types"
func newSysSampler() (*Sampler[*types.SysSample], error) {
func newSysSampler() (*Sampler[*resourcestypes.SysSample], error) {
return nil, nil
}

43
vendor/github.com/moby/buildkit/solver/llbsolver/provenance.go generated vendored
View file

@ -19,6 +19,7 @@ import (
"github.com/moby/buildkit/solver"
"github.com/moby/buildkit/solver/llbsolver/ops"
"github.com/moby/buildkit/solver/llbsolver/provenance"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/solver/pb"
"github.com/moby/buildkit/worker"
digest "github.com/opencontainers/go-digest"
@ -37,7 +38,7 @@ type provenanceBridge struct {
mu sync.Mutex
req *frontend.SolveRequest
images []provenance.ImageSource
images []provenancetypes.ImageSource
builds []resultWithBridge
subBridges []*provenanceBridge
}
@ -56,8 +57,8 @@ func (b *provenanceBridge) eachRef(f func(r solver.ResultProxy) error) error {
return nil
}
func (b *provenanceBridge) allImages() []provenance.ImageSource {
res := make([]provenance.ImageSource, 0, len(b.images))
func (b *provenanceBridge) allImages() []provenancetypes.ImageSource {
res := make([]provenancetypes.ImageSource, 0, len(b.images))
res = append(res, b.images...)
for _, sb := range b.subBridges {
res = append(res, sb.allImages()...)
@ -143,7 +144,7 @@ func (b *provenanceBridge) ResolveSourceMetadata(ctx context.Context, op *pb.Sou
ref := strings.TrimPrefix(resp.Op.Identifier, "docker-image://")
ref = strings.TrimPrefix(ref, "oci-layout://")
b.mu.Lock()
b.images = append(b.images, provenance.ImageSource{
b.images = append(b.images, provenancetypes.ImageSource{
Ref: ref,
Platform: opt.Platform,
Digest: img.Digest,
@ -199,7 +200,7 @@ type resultRequests struct {
}
// filterImagePlatforms filter out images that not for the current platform if an image exists for every platform in a result
func (reqs *resultRequests) filterImagePlatforms(k string, imgs []provenance.ImageSource) []provenance.ImageSource {
func (reqs *resultRequests) filterImagePlatforms(k string, imgs []provenancetypes.ImageSource) []provenancetypes.ImageSource {
if len(reqs.platforms) == 0 {
return imgs
}
@ -237,7 +238,7 @@ func (reqs *resultRequests) filterImagePlatforms(k string, imgs []provenance.Ima
}
}
out := make([]provenance.ImageSource, 0, len(imgs))
out := make([]provenancetypes.ImageSource, 0, len(imgs))
for _, img := range imgs {
if _, ok := m[img.Ref]; ok && img.Platform != nil {
if current.OS == img.Platform.OS && current.Architecture == img.Platform.Architecture {
@ -284,20 +285,20 @@ func captureProvenance(ctx context.Context, res solver.CachedResultWithProvenanc
pr := op.Proto()
for _, m := range pr.Mounts {
if m.MountType == pb.MountType_SECRET {
c.AddSecret(provenance.Secret{
c.AddSecret(provenancetypes.Secret{
ID: m.SecretOpt.GetID(),
Optional: m.SecretOpt.GetOptional(),
})
}
if m.MountType == pb.MountType_SSH {
c.AddSSH(provenance.SSH{
c.AddSSH(provenancetypes.SSH{
ID: m.SSHOpt.GetID(),
Optional: m.SSHOpt.GetOptional(),
})
}
}
for _, se := range pr.Secretenv {
c.AddSecret(provenance.Secret{
c.AddSecret(provenancetypes.Secret{
ID: se.GetID(),
Optional: se.GetOptional(),
})
@ -324,7 +325,7 @@ func captureProvenance(ctx context.Context, res solver.CachedResultWithProvenanc
}
type ProvenanceCreator struct {
pr *provenance.ProvenancePredicate
pr *provenancetypes.ProvenancePredicate
j *solver.Job
sampler *resources.SysSampler
addLayers func() error
@ -430,7 +431,7 @@ func NewProvenanceCreator(ctx context.Context, cp *provenance.Capture, res solve
if len(m) != 0 {
if pr.Metadata == nil {
pr.Metadata = &provenance.ProvenanceMetadata{}
pr.Metadata = &provenancetypes.ProvenanceMetadata{}
}
pr.Metadata.BuildKitMetadata.Layers = m
@ -453,7 +454,7 @@ func NewProvenanceCreator(ctx context.Context, cp *provenance.Capture, res solve
return pc, nil
}
func (p *ProvenanceCreator) Predicate() (*provenance.ProvenancePredicate, error) {
func (p *ProvenanceCreator) Predicate() (*provenancetypes.ProvenancePredicate, error) {
end := p.j.RegisterCompleteTime()
p.pr.Metadata.BuildFinishedOn = &end
@ -546,14 +547,14 @@ func resolveRemotes(ctx context.Context, res solver.Result) ([]*solver.Remote, e
return remotes, nil
}
func AddBuildConfig(ctx context.Context, p *provenance.ProvenancePredicate, c *provenance.Capture, rp solver.ResultProxy, withUsage bool) (map[digest.Digest]int, error) {
func AddBuildConfig(ctx context.Context, p *provenancetypes.ProvenancePredicate, c *provenance.Capture, rp solver.ResultProxy, withUsage bool) (map[digest.Digest]int, error) {
def := rp.Definition()
steps, indexes, err := toBuildSteps(def, c, withUsage)
if err != nil {
return nil, err
}
bc := &provenance.BuildConfig{
bc := &provenancetypes.BuildConfig{
Definition: steps,
DigestMapping: digestMap(indexes),
}
@ -561,13 +562,13 @@ func AddBuildConfig(ctx context.Context, p *provenance.ProvenancePredicate, c *p
p.BuildConfig = bc
if def.Source != nil {
sis := make([]provenance.SourceInfo, len(def.Source.Infos))
sis := make([]provenancetypes.SourceInfo, len(def.Source.Infos))
for i, si := range def.Source.Infos {
steps, indexes, err := toBuildSteps(si.Definition, c, withUsage)
if err != nil {
return nil, err
}
s := provenance.SourceInfo{
s := provenancetypes.SourceInfo{
Filename: si.Filename,
Data: si.Data,
Language: si.Language,
@ -588,9 +589,9 @@ func AddBuildConfig(ctx context.Context, p *provenance.ProvenancePredicate, c *p
}
if p.Metadata == nil {
p.Metadata = &provenance.ProvenanceMetadata{}
p.Metadata = &provenancetypes.ProvenanceMetadata{}
}
p.Metadata.BuildKitMetadata.Source = &provenance.Source{
p.Metadata.BuildKitMetadata.Source = &provenancetypes.Source{
Infos: sis,
Locations: locs,
}
@ -608,7 +609,7 @@ func digestMap(idx map[digest.Digest]int) map[digest.Digest]string {
return m
}
func toBuildSteps(def *pb.Definition, c *provenance.Capture, withUsage bool) ([]provenance.BuildStep, map[digest.Digest]int, error) {
func toBuildSteps(def *pb.Definition, c *provenance.Capture, withUsage bool) ([]provenancetypes.BuildStep, map[digest.Digest]int, error) {
if def == nil || len(def.Def) == 0 {
return nil, nil, nil
}
@ -660,7 +661,7 @@ func toBuildSteps(def *pb.Definition, c *provenance.Capture, withUsage bool) ([]
indexes[dgst] = i
}
out := make([]provenance.BuildStep, 0, len(dgsts))
out := make([]provenancetypes.BuildStep, 0, len(dgsts))
for i, dgst := range dgsts {
op := *ops[dgst]
inputs := make([]string, len(op.Inputs))
@ -668,7 +669,7 @@ func toBuildSteps(def *pb.Definition, c *provenance.Capture, withUsage bool) ([]
inputs[i] = fmt.Sprintf("step%d:%d", indexes[inp.Digest], inp.Index)
}
op.Inputs = nil
s := provenance.BuildStep{
s := provenancetypes.BuildStep{
ID: fmt.Sprintf("step%d", i),
Inputs: inputs,
Op: op,

32
vendor/github.com/moby/buildkit/solver/llbsolver/provenance/buildconfig.go generated vendored
View file

@ -1,32 +0,0 @@
package provenance
import (
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/moby/buildkit/solver/pb"
digest "github.com/opencontainers/go-digest"
)
type BuildConfig struct {
Definition []BuildStep `json:"llbDefinition,omitempty"`
DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
}
type BuildStep struct {
ID string `json:"id,omitempty"`
Op pb.Op `json:"op,omitempty"`
Inputs []string `json:"inputs,omitempty"`
ResourceUsage *resourcestypes.Samples `json:"resourceUsage,omitempty"`
}
type Source struct {
Locations map[string]*pb.Locations `json:"locations,omitempty"`
Infos []SourceInfo `json:"infos,omitempty"`
}
type SourceInfo struct {
Filename string `json:"filename,omitempty"`
Language string `json:"language,omitempty"`
Data []byte `json:"data,omitempty"`
Definition []BuildStep `json:"llbDefinition,omitempty"`
DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
}

60
vendor/github.com/moby/buildkit/solver/llbsolver/provenance/capture.go generated vendored
View file

@ -5,58 +5,20 @@ import (
distreference "github.com/distribution/reference"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/solver/result"
"github.com/moby/buildkit/util/urlutil"
digest "github.com/opencontainers/go-digest"
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
)
type Result = result.Result[*Capture]
type ImageSource struct {
Ref string
Platform *ocispecs.Platform
Digest digest.Digest
Local bool
}
type GitSource struct {
URL string
Commit string
}
type HTTPSource struct {
URL string
Digest digest.Digest
}
type LocalSource struct {
Name string `json:"name"`
}
type Secret struct {
ID string `json:"id"`
Optional bool `json:"optional,omitempty"`
}
type SSH struct {
ID string `json:"id"`
Optional bool `json:"optional,omitempty"`
}
type Sources struct {
Images []ImageSource
Git []GitSource
HTTP []HTTPSource
Local []LocalSource
}
type Capture struct {
Frontend string
Args map[string]string
Sources Sources
Secrets []Secret
SSH []SSH
Sources provenancetypes.Sources
Secrets []provenancetypes.Secret
SSH []provenancetypes.SSH
NetworkAccess bool
IncompleteMaterials bool
Samples map[digest.Digest]*resourcestypes.Samples
@ -128,7 +90,7 @@ func (c *Capture) OptimizeImageSources() error {
}
}
images := make([]ImageSource, 0, len(c.Sources.Images))
images := make([]provenancetypes.ImageSource, 0, len(c.Sources.Images))
for _, i := range c.Sources.Images {
ref, nameTag, err := parseRefName(i.Ref)
if err != nil {
@ -145,7 +107,7 @@ func (c *Capture) OptimizeImageSources() error {
return nil
}
func (c *Capture) AddImage(i ImageSource) {
func (c *Capture) AddImage(i provenancetypes.ImageSource) {
for _, v := range c.Sources.Images {
if v.Ref == i.Ref && v.Local == i.Local {
if v.Platform == i.Platform {
@ -163,7 +125,7 @@ func (c *Capture) AddImage(i ImageSource) {
c.Sources.Images = append(c.Sources.Images, i)
}
func (c *Capture) AddLocal(l LocalSource) {
func (c *Capture) AddLocal(l provenancetypes.LocalSource) {
for _, v := range c.Sources.Local {
if v.Name == l.Name {
return
@ -172,7 +134,7 @@ func (c *Capture) AddLocal(l LocalSource) {
c.Sources.Local = append(c.Sources.Local, l)
}
func (c *Capture) AddGit(g GitSource) {
func (c *Capture) AddGit(g provenancetypes.GitSource) {
g.URL = urlutil.RedactCredentials(g.URL)
for _, v := range c.Sources.Git {
if v.URL == g.URL {
@ -182,7 +144,7 @@ func (c *Capture) AddGit(g GitSource) {
c.Sources.Git = append(c.Sources.Git, g)
}
func (c *Capture) AddHTTP(h HTTPSource) {
func (c *Capture) AddHTTP(h provenancetypes.HTTPSource) {
h.URL = urlutil.RedactCredentials(h.URL)
for _, v := range c.Sources.HTTP {
if v.URL == h.URL {
@ -192,7 +154,7 @@ func (c *Capture) AddHTTP(h HTTPSource) {
c.Sources.HTTP = append(c.Sources.HTTP, h)
}
func (c *Capture) AddSecret(s Secret) {
func (c *Capture) AddSecret(s provenancetypes.Secret) {
for i, v := range c.Secrets {
if v.ID == s.ID {
if !s.Optional {
@ -204,7 +166,7 @@ func (c *Capture) AddSecret(s Secret) {
c.Secrets = append(c.Secrets, s)
}
func (c *Capture) AddSSH(s SSH) {
func (c *Capture) AddSSH(s provenancetypes.SSH) {
if s.ID == "" {
s.ID = "default"
}

67
vendor/github.com/moby/buildkit/solver/llbsolver/provenance/predicate.go generated vendored
View file

@ -6,58 +6,13 @@ import (
"github.com/containerd/containerd/platforms"
slsa "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/common"
slsa02 "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v0.2"
resourcetypes "github.com/moby/buildkit/executor/resources/types"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/util/purl"
"github.com/moby/buildkit/util/urlutil"
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/package-url/packageurl-go"
)
const (
BuildKitBuildType = "https://mobyproject.org/buildkit@v1"
)
type ProvenancePredicate struct {
slsa02.ProvenancePredicate
Invocation ProvenanceInvocation `json:"invocation,omitempty"`
BuildConfig *BuildConfig `json:"buildConfig,omitempty"`
Metadata *ProvenanceMetadata `json:"metadata,omitempty"`
}
type ProvenanceInvocation struct {
ConfigSource slsa02.ConfigSource `json:"configSource,omitempty"`
Parameters Parameters `json:"parameters,omitempty"`
Environment Environment `json:"environment,omitempty"`
}
type Parameters struct {
Frontend string `json:"frontend,omitempty"`
Args map[string]string `json:"args,omitempty"`
Secrets []*Secret `json:"secrets,omitempty"`
SSH []*SSH `json:"ssh,omitempty"`
Locals []*LocalSource `json:"locals,omitempty"`
// TODO: select export attributes
// TODO: frontend inputs
}
type Environment struct {
Platform string `json:"platform"`
}
type ProvenanceMetadata struct {
slsa02.ProvenanceMetadata
BuildKitMetadata BuildKitMetadata `json:"https://mobyproject.org/buildkit@v1#metadata,omitempty"`
Hermetic bool `json:"https://mobyproject.org/buildkit@v1#hermetic,omitempty"`
}
type BuildKitMetadata struct {
VCS map[string]string `json:"vcs,omitempty"`
Source *Source `json:"source,omitempty"`
Layers map[string][][]ocispecs.Descriptor `json:"layers,omitempty"`
SysUsage []*resourcetypes.SysSample `json:"sysUsage,omitempty"`
}
func slsaMaterials(srcs Sources) ([]slsa.ProvenanceMaterial, error) {
func slsaMaterials(srcs provenancetypes.Sources) ([]slsa.ProvenanceMaterial, error) {
count := len(srcs.Images) + len(srcs.Git) + len(srcs.HTTP)
out := make([]slsa.ProvenanceMaterial, 0, count)
@ -104,7 +59,7 @@ func slsaMaterials(srcs Sources) ([]slsa.ProvenanceMaterial, error) {
return out, nil
}
func findMaterial(srcs Sources, uri string) (*slsa.ProvenanceMaterial, bool) {
func findMaterial(srcs provenancetypes.Sources, uri string) (*slsa.ProvenanceMaterial, bool) {
for _, s := range srcs.Git {
if s.URL == uri {
return &slsa.ProvenanceMaterial{
@ -128,12 +83,12 @@ func findMaterial(srcs Sources, uri string) (*slsa.ProvenanceMaterial, bool) {
return nil, false
}
func NewPredicate(c *Capture) (*ProvenancePredicate, error) {
func NewPredicate(c *Capture) (*provenancetypes.ProvenancePredicate, error) {
materials, err := slsaMaterials(c.Sources)
if err != nil {
return nil, err
}
inv := ProvenanceInvocation{}
inv := provenancetypes.ProvenanceInvocation{}
contextKey := "context"
if v, ok := c.Args["contextkey"]; ok && v != "" {
@ -175,19 +130,19 @@ func NewPredicate(c *Capture) (*ProvenancePredicate, error) {
inv.Parameters.Args = c.Args
for _, s := range c.Secrets {
inv.Parameters.Secrets = append(inv.Parameters.Secrets, &Secret{
inv.Parameters.Secrets = append(inv.Parameters.Secrets, &provenancetypes.Secret{
ID: s.ID,
Optional: s.Optional,
})
}
for _, s := range c.SSH {
inv.Parameters.SSH = append(inv.Parameters.SSH, &SSH{
inv.Parameters.SSH = append(inv.Parameters.SSH, &provenancetypes.SSH{
ID: s.ID,
Optional: s.Optional,
})
}
for _, s := range c.Sources.Local {
inv.Parameters.Locals = append(inv.Parameters.Locals, &LocalSource{
inv.Parameters.Locals = append(inv.Parameters.Locals, &provenancetypes.LocalSource{
Name: s.Name,
})
}
@ -199,13 +154,13 @@ func NewPredicate(c *Capture) (*ProvenancePredicate, error) {
}
}
pr := &ProvenancePredicate{
pr := &provenancetypes.ProvenancePredicate{
Invocation: inv,
ProvenancePredicate: slsa02.ProvenancePredicate{
BuildType: BuildKitBuildType,
BuildType: provenancetypes.BuildKitBuildType,
Materials: materials,
},
Metadata: &ProvenanceMetadata{
Metadata: &provenancetypes.ProvenanceMetadata{
ProvenanceMetadata: slsa02.ProvenanceMetadata{
Completeness: slsa02.ProvenanceComplete{
Parameters: c.Frontend != "",

116
vendor/github.com/moby/buildkit/solver/llbsolver/provenance/types/types.go generated vendored Normal file
View file

@ -0,0 +1,116 @@
package types
import (
slsa02 "github.com/in-toto/in-toto-golang/in_toto/slsa_provenance/v0.2"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/moby/buildkit/solver/pb"
digest "github.com/opencontainers/go-digest"
ocispecs "github.com/opencontainers/image-spec/specs-go/v1"
)
const (
BuildKitBuildType = "https://mobyproject.org/buildkit@v1"
)
type BuildConfig struct {
Definition []BuildStep `json:"llbDefinition,omitempty"`
DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
}
type BuildStep struct {
ID string `json:"id,omitempty"`
Op pb.Op `json:"op,omitempty"`
Inputs []string `json:"inputs,omitempty"`
ResourceUsage *resourcestypes.Samples `json:"resourceUsage,omitempty"`
}
type Source struct {
Locations map[string]*pb.Locations `json:"locations,omitempty"`
Infos []SourceInfo `json:"infos,omitempty"`
}
type SourceInfo struct {
Filename string `json:"filename,omitempty"`
Language string `json:"language,omitempty"`
Data []byte `json:"data,omitempty"`
Definition []BuildStep `json:"llbDefinition,omitempty"`
DigestMapping map[digest.Digest]string `json:"digestMapping,omitempty"`
}
type ImageSource struct {
Ref string
Platform *ocispecs.Platform
Digest digest.Digest
Local bool
}
type GitSource struct {
URL string
Commit string
}
type HTTPSource struct {
URL string
Digest digest.Digest
}
type LocalSource struct {
Name string `json:"name"`
}
type Secret struct {
ID string `json:"id"`
Optional bool `json:"optional,omitempty"`
}
type SSH struct {
ID string `json:"id"`
Optional bool `json:"optional,omitempty"`
}
type Sources struct {
Images []ImageSource
Git []GitSource
HTTP []HTTPSource
Local []LocalSource
}
type ProvenancePredicate struct {
slsa02.ProvenancePredicate
Invocation ProvenanceInvocation `json:"invocation,omitempty"`
BuildConfig *BuildConfig `json:"buildConfig,omitempty"`
Metadata *ProvenanceMetadata `json:"metadata,omitempty"`
}
type ProvenanceInvocation struct {
ConfigSource slsa02.ConfigSource `json:"configSource,omitempty"`
Parameters Parameters `json:"parameters,omitempty"`
Environment Environment `json:"environment,omitempty"`
}
type Parameters struct {
Frontend string `json:"frontend,omitempty"`
Args map[string]string `json:"args,omitempty"`
Secrets []*Secret `json:"secrets,omitempty"`
SSH []*SSH `json:"ssh,omitempty"`
Locals []*LocalSource `json:"locals,omitempty"`
// TODO: select export attributes
// TODO: frontend inputs
}
type Environment struct {
Platform string `json:"platform"`
}
type ProvenanceMetadata struct {
slsa02.ProvenanceMetadata
BuildKitMetadata BuildKitMetadata `json:"https://mobyproject.org/buildkit@v1#metadata,omitempty"`
Hermetic bool `json:"https://mobyproject.org/buildkit@v1#hermetic,omitempty"`
}
type BuildKitMetadata struct {
VCS map[string]string `json:"vcs,omitempty"`
Source *Source `json:"source,omitempty"`
Layers map[string][][]ocispecs.Descriptor `json:"layers,omitempty"`
SysUsage []*resourcestypes.SysSample `json:"sysUsage,omitempty"`
}

6
vendor/github.com/moby/buildkit/solver/llbsolver/solver.go generated vendored
View file

@ -18,7 +18,7 @@ import (
"github.com/moby/buildkit/client"
controlgateway "github.com/moby/buildkit/control/gateway"
"github.com/moby/buildkit/executor/resources"
resourcetypes "github.com/moby/buildkit/executor/resources/types"
resourcestypes "github.com/moby/buildkit/executor/resources/types"
"github.com/moby/buildkit/exporter"
"github.com/moby/buildkit/exporter/containerimage/exptypes"
"github.com/moby/buildkit/frontend"
@ -90,7 +90,7 @@ type Solver struct {
sm *session.Manager
entitlements []string
history *HistoryQueue
sysSampler *resources.Sampler[*resourcetypes.SysSample]
sysSampler *resources.Sampler[*resourcestypes.SysSample]
}
// Processor defines a processing function to be applied after solving, but
@ -441,7 +441,7 @@ func (s *Solver) Solve(ctx context.Context, id string, sessionID string, req fro
defer j.Discard()
var usage *resources.Sub[*resourcetypes.SysSample]
var usage *resources.Sub[*resourcestypes.SysSample]
if s.sysSampler != nil {
usage = s.sysSampler.Record()
defer usage.Close(false)

2
vendor/github.com/moby/buildkit/solver/types.go generated vendored
View file

@ -142,7 +142,7 @@ type CacheExporterRecord interface {
// TODO: add closer to keep referenced data from getting deleted
type Remote struct {
Descriptors []ocispecs.Descriptor
Provider content.Provider
Provider content.InfoReaderProvider
}
// CacheLink is a link between two cache records

5
vendor/github.com/moby/buildkit/source/containerimage/identifier.go generated vendored
View file

@ -4,6 +4,7 @@ import (
"github.com/containerd/containerd/reference"
"github.com/moby/buildkit/client"
"github.com/moby/buildkit/solver/llbsolver/provenance"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/source"
srctypes "github.com/moby/buildkit/source/types"
"github.com/moby/buildkit/util/resolver"
@ -43,7 +44,7 @@ func (id *ImageIdentifier) Capture(c *provenance.Capture, pin string) error {
if err != nil {
return errors.Wrapf(err, "failed to parse image digest %s", pin)
}
c.AddImage(provenance.ImageSource{
c.AddImage(provenancetypes.ImageSource{
Ref: id.Reference.String(),
Platform: id.Platform,
Digest: dgst,
@ -82,7 +83,7 @@ func (id *OCIIdentifier) Capture(c *provenance.Capture, pin string) error {
if err != nil {
return errors.Wrapf(err, "failed to parse OCI digest %s", pin)
}
c.AddImage(provenance.ImageSource{
c.AddImage(provenancetypes.ImageSource{
Ref: id.Reference.String(),
Platform: id.Platform,
Digest: dgst,

9
vendor/github.com/moby/buildkit/source/git/identifier.go generated vendored
View file

@ -4,6 +4,7 @@ import (
"path"
"github.com/moby/buildkit/solver/llbsolver/provenance"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/source"
srctypes "github.com/moby/buildkit/source/types"
"github.com/moby/buildkit/util/gitutil"
@ -51,24 +52,24 @@ func (id *GitIdentifier) Capture(c *provenance.Capture, pin string) error {
if id.Ref != "" {
url += "#" + id.Ref
}
c.AddGit(provenance.GitSource{
c.AddGit(provenancetypes.GitSource{
URL: url,
Commit: pin,
})
if id.AuthTokenSecret != "" {
c.AddSecret(provenance.Secret{
c.AddSecret(provenancetypes.Secret{
ID: id.AuthTokenSecret,
Optional: true,
})
}
if id.AuthHeaderSecret != "" {
c.AddSecret(provenance.Secret{
c.AddSecret(provenancetypes.Secret{
ID: id.AuthHeaderSecret,
Optional: true,
})
}
if id.MountSSHSock != "" {
c.AddSSH(provenance.SSH{
c.AddSSH(provenancetypes.SSH{
ID: id.MountSSHSock,
Optional: true,
})

3
vendor/github.com/moby/buildkit/source/http/identifier.go generated vendored
View file

@ -2,6 +2,7 @@ package http
import (
"github.com/moby/buildkit/solver/llbsolver/provenance"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/source"
srctypes "github.com/moby/buildkit/source/types"
digest "github.com/opencontainers/go-digest"
@ -40,7 +41,7 @@ func (id *HTTPIdentifier) Capture(c *provenance.Capture, pin string) error {
if err != nil {
return errors.Wrapf(err, "failed to parse HTTP digest %s", pin)
}
c.AddHTTP(provenance.HTTPSource{
c.AddHTTP(provenancetypes.HTTPSource{
URL: id.URL,
Digest: dgst,
})

3
vendor/github.com/moby/buildkit/source/local/identifier.go generated vendored
View file

@ -2,6 +2,7 @@ package local
import (
"github.com/moby/buildkit/solver/llbsolver/provenance"
provenancetypes "github.com/moby/buildkit/solver/llbsolver/provenance/types"
"github.com/moby/buildkit/source"
srctypes "github.com/moby/buildkit/source/types"
"github.com/tonistiigi/fsutil"
@ -28,7 +29,7 @@ func (*LocalIdentifier) Scheme() string {
var _ source.Identifier = (*LocalIdentifier)(nil)
func (id *LocalIdentifier) Capture(c *provenance.Capture, pin string) error {
c.AddLocal(provenance.LocalSource{
c.AddLocal(provenancetypes.LocalSource{
Name: id.Name,
})
return nil

24
vendor/github.com/moby/buildkit/util/contentutil/multiprovider.go generated vendored
View file

@ -13,18 +13,18 @@ import (
)
// NewMultiProvider creates a new mutable provider with a base provider
func NewMultiProvider(base content.Provider) *MultiProvider {
func NewMultiProvider(base content.InfoReaderProvider) *MultiProvider {
return &MultiProvider{
base: base,
sub: map[digest.Digest]content.Provider{},
sub: map[digest.Digest]content.InfoReaderProvider{},
}
}
// MultiProvider is a provider backed by a mutable map of providers
type MultiProvider struct {
mu sync.RWMutex
base content.Provider
sub map[digest.Digest]content.Provider
base content.InfoReaderProvider
sub map[digest.Digest]content.InfoReaderProvider
}
func (mp *MultiProvider) SnapshotLabels(descs []ocispecs.Descriptor, index int) map[string]string {
@ -85,8 +85,22 @@ func (mp *MultiProvider) ReaderAt(ctx context.Context, desc ocispecs.Descriptor)
return mp.base.ReaderAt(ctx, desc)
}
// Info returns a content.Info
func (mp *MultiProvider) Info(ctx context.Context, dgst digest.Digest) (content.Info, error) {
mp.mu.RLock()
if p, ok := mp.sub[dgst]; ok {
mp.mu.RUnlock()
return p.Info(ctx, dgst)
}
mp.mu.RUnlock()
if mp.base == nil {
return content.Info{}, errors.Wrapf(errdefs.ErrNotFound, "content %v", dgst)
}
return mp.base.Info(ctx, dgst)
}
// Add adds a new child provider for a specific digest
func (mp *MultiProvider) Add(dgst digest.Digest, p content.Provider) {
func (mp *MultiProvider) Add(dgst digest.Digest, p content.InfoReaderProvider) {
mp.mu.Lock()
defer mp.mu.Unlock()
mp.sub[dgst] = p

6
vendor/github.com/spdx/tools-golang/spdx/v2/common/package.go generated vendored
View file

@ -70,15 +70,13 @@ func (o *Originator) UnmarshalJSON(data []byte) error {
return nil
}
originatorFields := strings.SplitN(originatorStr, ": ", 2)
originatorFields := strings.SplitN(originatorStr, ":", 2)
if len(originatorFields) != 2 {
return fmt.Errorf("failed to parse Originator '%s'", originatorStr)
}
o.OriginatorType = originatorFields[0]
o.Originator = originatorFields[1]
o.Originator = strings.TrimLeft(originatorFields[1], " \t")
return nil
}

18
vendor/github.com/spdx/tools-golang/spdx/v2/v2_2/document.go generated vendored
View file

@ -101,7 +101,23 @@ func (d *Document) UnmarshalJSON(b []byte) error {
relationshipExists := map[string]bool{}
serializeRel := func(r *Relationship) string {
return fmt.Sprintf("%v-%v->%v", common.RenderDocElementID(r.RefA), r.Relationship, common.RenderDocElementID(r.RefB))
refA := r.RefA
refB := r.RefB
rel := r.Relationship
// we need to serialize the opposite for CONTAINED_BY and DESCRIBED_BY
// so that it will match when we try to de-duplicate during deserialization.
switch r.Relationship {
case common.TypeRelationshipContainedBy:
rel = common.TypeRelationshipContains
refA = r.RefB
refB = r.RefA
case common.TypeRelationshipDescribeBy:
rel = common.TypeRelationshipDescribe
refA = r.RefB
refB = r.RefA
}
return fmt.Sprintf("%v-%v->%v", common.RenderDocElementID(refA), rel, common.RenderDocElementID(refB))
}
// index current list of relationships to ensure no duplication

18
vendor/github.com/spdx/tools-golang/spdx/v2/v2_3/document.go generated vendored
View file

@ -100,7 +100,23 @@ func (d *Document) UnmarshalJSON(b []byte) error {
relationshipExists := map[string]bool{}
serializeRel := func(r *Relationship) string {
return fmt.Sprintf("%v-%v->%v", common.RenderDocElementID(r.RefA), r.Relationship, common.RenderDocElementID(r.RefB))
refA := r.RefA
refB := r.RefB
rel := r.Relationship
// we need to serialize the opposite for CONTAINED_BY and DESCRIBED_BY
// so that it will match when we try to de-duplicate during deserialization.
switch r.Relationship {
case common.TypeRelationshipContainedBy:
rel = common.TypeRelationshipContains
refA = r.RefB
refB = r.RefA
case common.TypeRelationshipDescribeBy:
rel = common.TypeRelationshipDescribe
refA = r.RefB
refB = r.RefA
}
return fmt.Sprintf("%v-%v->%v", common.RenderDocElementID(refA), rel, common.RenderDocElementID(refB))
}
// index current list of relationships to ensure no duplication

13
vendor/modules.txt vendored
View file

@ -204,6 +204,8 @@ github.com/aws/smithy-go/transport/http/internal/io
# github.com/beorn7/perks v1.0.1
## explicit; go 1.11
github.com/beorn7/perks/quantile
# github.com/bmizerany/assert v0.0.0-20160611221934-b7ed37b82869
## explicit
# github.com/cenkalti/backoff/v4 v4.2.1
## explicit; go 1.18
github.com/cenkalti/backoff/v4
@ -533,7 +535,7 @@ github.com/gogo/protobuf/sortkeys
github.com/gogo/protobuf/types
github.com/gogo/protobuf/vanity
github.com/gogo/protobuf/vanity/command
# github.com/golang-jwt/jwt/v4 v4.4.2
# github.com/golang-jwt/jwt/v4 v4.5.0
## explicit; go 1.16
github.com/golang-jwt/jwt/v4
# github.com/golang/gddo v0.0.0-20190904175337-72a348e765d2
@ -700,7 +702,7 @@ github.com/mitchellh/hashstructure/v2
# github.com/mitchellh/reflectwalk v1.0.2
## explicit
github.com/mitchellh/reflectwalk
# github.com/moby/buildkit v0.13.0-rc2
# github.com/moby/buildkit v0.13.0-rc3
## explicit; go 1.21
github.com/moby/buildkit/api/services/control
github.com/moby/buildkit/api/types
@ -784,6 +786,7 @@ github.com/moby/buildkit/solver/llbsolver/ops/fileoptypes
github.com/moby/buildkit/solver/llbsolver/ops/opsutils
github.com/moby/buildkit/solver/llbsolver/proc
github.com/moby/buildkit/solver/llbsolver/provenance
github.com/moby/buildkit/solver/llbsolver/provenance/types
github.com/moby/buildkit/solver/pb
github.com/moby/buildkit/solver/result
github.com/moby/buildkit/source
@ -1045,7 +1048,7 @@ github.com/shibumi/go-pathspec
# github.com/sirupsen/logrus v1.9.3
## explicit; go 1.13
github.com/sirupsen/logrus
# github.com/spdx/tools-golang v0.5.1
# github.com/spdx/tools-golang v0.5.3
## explicit; go 1.13
github.com/spdx/tools-golang/convert
github.com/spdx/tools-golang/json
@ -1072,8 +1075,8 @@ github.com/tinylib/msgp/msgp
github.com/tonistiigi/fsutil
github.com/tonistiigi/fsutil/copy
github.com/tonistiigi/fsutil/types
# github.com/tonistiigi/go-actions-cache v0.0.0-20220404170428-0bdeb6e1eac7
## explicit; go 1.16
# github.com/tonistiigi/go-actions-cache v0.0.0-20240227172821-a0b64f338598
## explicit; go 1.20
github.com/tonistiigi/go-actions-cache
# github.com/tonistiigi/go-archvariant v1.0.0
## explicit; go 1.17