2024-04-11 17:00:36 +02:00
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Apr 08 06:02:50 UTC 2024 - danish.prakash@suse.com
|
|
|
|
|
|
|
|
|
|
- Update to version 0.13.1:
|
|
|
|
|
* oci: make mounting oci socket optional
|
|
|
|
|
* git: ensure file-looking git refs aren't parsed as URLs
|
|
|
|
|
* remotecache: fix missing CheckDescriptor method
|
|
|
|
|
* solver: stub out sysSampler close
|
|
|
|
|
* fix(docs): add the containers feature enabling step
|
|
|
|
|
* ci: enable multi-platform lint only for upstream repo
|
|
|
|
|
* docs: replace references to the master branch with v0.13
|
|
|
|
|
* fix: windows getting started guide for uniformity
|
|
|
|
|
* dockerfile: add docs for --parents
|
|
|
|
|
* dockerfile: allow pivot point for --parents flag
|
|
|
|
|
* util: typo fix
|
|
|
|
|
* vendor: update github.com/tonistiigi/fsutil to 7525a1af2bb5
|
|
|
|
|
* ci(validate): temporarily disable archutil-arm64 job
|
|
|
|
|
* add loongarch support for buildkit archutil
|
|
|
|
|
* dockerfile: don't silently ignore --parents if not labs
|
|
|
|
|
* test: switch to golang.org/x/mod to check containerd version constraint
|
|
|
|
|
* move network sample to resources types
|
|
|
|
|
* vendor: update github.com/Masterminds/semver to v3.2.1
|
|
|
|
|
* gateway: mount metadata with nodev
|
|
|
|
|
* file: fix idmap passed to unpack when userns enabled
|
|
|
|
|
* file: use best-effort xattr behavior on unpacking
|
|
|
|
|
* docs: restructure flags/options for add, copy, run
|
|
|
|
|
* docs: typo in windows.md
|
|
|
|
|
* docs: add quick guide for macOS
|
|
|
|
|
* vendor: update github.com/pkg/profile to v1.7.0
|
|
|
|
|
* docs: add quick guide for windows
|
|
|
|
|
* vendor: update github.com/tonistiigi/go-actions-cache to a0b64f338598
|
|
|
|
|
* cache(gha): increase default timeout to 10m
|
|
|
|
|
* cache(gha): add timeout attr for cache export/import
|
|
|
|
|
* vendor: update go.etcd.io/bbolt to v1.3.9
|
|
|
|
|
* vendor: update github.com/spdx/tools-golang to v0.5.3
|
|
|
|
|
* vendor: update github.com/serialx/hashring to 22c0c7ab6b1b
|
|
|
|
|
* vendor: update github.com/containerd/fuse-overlayfs-snapshotter to 1.0.8
|
|
|
|
|
* DescriptorProviderPair: expose methods used by multiprovider
|
|
|
|
|
* util/multiprovider: Implement Info
|
|
|
|
|
* provenance: move types to a dedicated package
|
|
|
|
|
* dockerfile2llb: fix ci merge conflict
|
|
|
|
|
* Revert "util/multiprovider: Implement Info"
|
|
|
|
|
* Avoid applying `SOURCE_DATE_EPOCH` to base images
|
|
|
|
|
* dockerfile2llb: emit base image config
|
|
|
|
|
* Fix case where TESTFLAGS may be unset
|
|
|
|
|
* dockerfile: add excludepatterns feature to labs
|
|
|
|
|
* vendor: update github.com/tonistiigi/fsutil to 7a889f53dbf6
|
|
|
|
|
* vendor: OTEL v0.46.1 / v1.21.0
|
|
|
|
|
* vendor: golang.org/x/net v0.18.0
|
|
|
|
|
* set bridge name and subnet in appdefaults
|
|
|
|
|
* ci(test-os): split windows tests
|
|
|
|
|
* ci(test-os): merge windows and freebsd build
|
|
|
|
|
* dockerfile: cross build freebsd support
|
|
|
|
|
* remove accidental debug log
|
|
|
|
|
* ci(test-os): build binaries from dockerfile for windows
|
|
|
|
|
* dockerfile: binaries-for-test target
|
|
|
|
|
* dockerfile: cross build windows support
|
|
|
|
|
* ci: inherit secrets from the caller workflow
|
|
|
|
|
* secret mount: avoid setting `noexec` when an exec bit it set
|
|
|
|
|
* fix: typo
|
|
|
|
|
* add buildkitd.exe to windows binaries
|
|
|
|
|
* examples/dockerfile2llb: remove unused `-partial-metadata-file`
|
|
|
|
|
* ci: set codecov token
|
|
|
|
|
* exporter: use docker-spec instead of locally defined types
|
|
|
|
|
* dockerfile: bump xx to 1.4.0
|
|
|
|
|
* dockerfile: bump alpine to 3.19
|
|
|
|
|
* Dockerfile update stargz-snapshotter to v0.15.1
|
|
|
|
|
* vendor: github.com/containerd/stargz-snapshotter v0.15.1
|
|
|
|
|
* vendor: github.com/hashicorp/go-retryablehttp v0.7.5
|
|
|
|
|
* vendor: github.com/hanwen/go-fuse/v2 v2.4.0
|
|
|
|
|
* vendor: github.com/prometheus/procfs v0.12.0
|
|
|
|
|
* vendor: github.com/prometheus/client_golang v1.17.0
|
|
|
|
|
* vendor: github.com/urfave/cli v1.22.14
|
|
|
|
|
* vendor: github.com/containerd/continuity v0.4.3
|
|
|
|
|
* client: fix result history media type with dockerd moby
|
|
|
|
|
* hack: fix unbound variable
|
|
|
|
|
* CNI bridge firewall: avoid using `iptables` backend on rootless mode
|
|
|
|
|
* client: fix multiple exporter test for dockerd worker
|
|
|
|
|
* Dockerfile frontend: add Integration test for context from git
|
|
|
|
|
* Move Dockerfile copy/add --exclude implementation to Labs
|
|
|
|
|
* Add llb.WithExcludePatterns
|
|
|
|
|
* Integration test for Dockerfile --exclude option
|
|
|
|
|
* Dockerfile: Document exclude patterns on COPY and ADD commands
|
|
|
|
|
* Dockerfile frontend: expose exclude keyword to ADD and COPY commands
|
|
|
|
|
* dockerfile2llb: consistent progress for HTTP and Git ops with ADD
|
|
|
|
|
* exporter: make OnBuild omiteempty
|
|
|
|
|
* make sure iptables installed in release image
|
|
|
|
|
* Revert "temporarily use older frontend to unblock CI"
|
|
|
|
|
* util/multiprovider: Implement Info
|
|
|
|
|
* temporarily use older frontend to unblock CI
|
|
|
|
|
* add missing fallback from new frontend to daemon without sourceresolver
|
|
|
|
|
* Dockerfile: update Nydus Image Service to v2.2.4
|
|
|
|
|
* replace resolveimageconfig with generic sourcemetaresolver
|
|
|
|
|
* vendor: github.com/containerd/nydus-snapshotter v0.13.7
|
|
|
|
|
* vendor: google.golang.org/genproto/googleapis/rpc 49dd2c1f3d0b
|
|
|
|
|
* vendor: google.golang.org/grpc v1.59.0
|
|
|
|
|
* ci: validate archutil on arm64
|
|
|
|
|
* archutil: generate arch bins
|
|
|
|
|
* dockerfile(archutil): strip debug info
|
|
|
|
|
* dockerfile(archutil): mark the stack as non-executable for amd64
|
|
|
|
|
* dockerfile(archutil): bump to trixie
|
|
|
|
|
* archutil: validate
|
|
|
|
|
* archutil: move dockerfile to hack and update scripts
|
|
|
|
|
* keep local dns in resolv.conf when host network enabled
|
|
|
|
|
* Fix source police mutation for named context
|
|
|
|
|
* resolver: Limit auth handler isolation to push scopes
|
|
|
|
|
* resolver: Isolate auth token cache per session
|
|
|
|
|
* go.mod: update containerd to v1.7.13
|
|
|
|
|
* docs/rootless.md: move auxiliary information to the bottom
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.3
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.3
|
|
|
|
|
* test: add new content-cache exec mount tests
|
|
|
|
|
* exec: allow caller-controlled content-based cache
|
|
|
|
|
* exec: allow content-cache for root selected mounts
|
|
|
|
|
* exec: refactor content-based cache detection
|
|
|
|
|
* vendor: github.com/containerd/console v1.0.4
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.2
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.2
|
|
|
|
|
* Fix regression `/run/buildkit is inaccessible for socket user`
|
|
|
|
|
* Update fallback logic to only fallback with previous host
|
|
|
|
|
* chore(deps): bump actions/setup-go from 4 to 5
|
|
|
|
|
* chore(deps): bump nick-fields/retry from 2.9.0 to 3.0.0
|
|
|
|
|
* chore(deps): bump actions/cache from 3 to 4
|
|
|
|
|
* chore: refactor IsGitTransport to avoid duplication
|
|
|
|
|
* docs: make the warning about build arguments
|
|
|
|
|
* ci(docs-upstream): pin reusable workflow
|
|
|
|
|
* ci: bump gotest-annotations to fa6141aedf23596fb8bdcceab9cce8dadaa31bd9
|
|
|
|
|
* ci: bump actions/upload-artifact and actions/download-artifact to 4
|
|
|
|
|
* test: warn if testing dockerd worker without disabled features
|
|
|
|
|
* ci: bump codecov/codecov-action to v4
|
|
|
|
|
* ci: bump actions/github-script to v7
|
|
|
|
|
* ci(dockerd): bump docker to 25.0.2
|
|
|
|
|
* update runc to v1.1.12
|
|
|
|
|
* exec: add extra validation for submount sources
|
|
|
|
|
* executor: recheck mount stub path within root after container run
|
|
|
|
|
* llbsolver: make sure interactive container API validates entitlements
|
|
|
|
|
* gateway: pass executor with build and not access worker directly
|
|
|
|
|
* pb: add extra validation to protobuf types
|
|
|
|
|
* sourcepolicy: add validations for nil values
|
|
|
|
|
* exporter: add validation for platforms key value
|
|
|
|
|
* exporter: add validation for invalid platorm
|
|
|
|
|
* exporter: validate null config metadata from gateway
|
|
|
|
|
* Fix missing chown/chmod when using parents flag with ADD/COPY command
|
|
|
|
|
* Add --parents to commitMessage for ADD/COPY command
|
|
|
|
|
* chore: fix remotecache/v1/doc.go
|
|
|
|
|
* Add --chown and --chmod to commitMessage for ADD/COPY command
|
|
|
|
|
* update runc to v1.1.11
|
|
|
|
|
* Add test to check that `client.SolveOpt.LocalDirs` still works
|
|
|
|
|
* Replace usage of LocalDirs with LocalMounts in buildctl and examples
|
|
|
|
|
* Integration tests: use LocalMounts instead of deprecated LocalDirs
|
|
|
|
|
* chore: close solver resources on shutdown
|
|
|
|
|
* s3: fix deprecated EndpointResolver
|
|
|
|
|
* s3: rely on aws sdk v2 error types
|
|
|
|
|
* vendor: bump github.com/aws/aws-sdk-go-v2 deps
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.1
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.1
|
|
|
|
|
* chore: document CacheChains.Marshal
|
|
|
|
|
* chore: refactor item.validate for readability
|
|
|
|
|
* chore: add some doc-comments in remotecache
|
|
|
|
|
* chore: update CacheExporterTarget docs
|
|
|
|
|
* chore: remove unused cachechains parent link
|
|
|
|
|
* Do not include a cache mount's ID in the ExecOp's cachemap
|
|
|
|
|
* docs: tiny improvements
|
|
|
|
|
* chore: remove noisy rootlesskit cni log
|
|
|
|
|
* solver: use errors.Is when checking context.Cause()
|
|
|
|
|
* oci: fix error handling on submount calls
|
|
|
|
|
* Dockerfile: update dind script to latest version
|
|
|
|
|
* fix: typo
|
|
|
|
|
* ci: disable push if not upstream repo
|
|
|
|
|
* hack: use git context only for upstream repo
|
|
|
|
|
* chore: remove unnecessary locker from http source
|
|
|
|
|
* gateway: ensure that all process io is correctly closed
|
|
|
|
|
* history: wrap os.ErrNotExist errors
|
|
|
|
|
* dockerfile: validate order when linking stages
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.0
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.0
|
|
|
|
|
* dockerfile: allow errors with multiple source location
|
|
|
|
|
* dockerfile: add source location to circular dependency error
|
|
|
|
|
* CI: add oci-rootless-slirp4netns-detachnetns
|
|
|
|
|
* cniprovider: support `rootlesskit --detach-netns` (RootlessKit v2)
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.0-rc.3
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.0-rc.3
|
|
|
|
|
* vendor: github.com/moby/sys/mountinfo v0.7.1
|
|
|
|
|
* vendor: golang.org/x/sys v0.16.0
|
|
|
|
|
* vendor: github.com/google/uuid v1.5.0
|
|
|
|
|
* vendor: github.com/google/go-cmp v0.6.0
|
|
|
|
|
* test: add a test for cyclic merges
|
|
|
|
|
* scheduler: always edge merge in one direction
|
|
|
|
|
* progress: add panic for multiwriter cycles
|
|
|
|
|
* chore: update merging log message to include index
|
|
|
|
|
* chore: fix minor typos in scheduler_test.go
|
|
|
|
|
* docs: fix up named context docs
|
|
|
|
|
* filesync: append metadata for CopyToCaller
|
|
|
|
|
* docs: clarify here-document word quote variable expansion
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.0-rc.2
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.0-rc.2
|
|
|
|
|
* vendor: github.com/vbatts/tar-split v0.11.5
|
|
|
|
|
* vendor: github.com/containerd/containerd v1.7.12
|
|
|
|
|
* docs: fix copy/paste typo in Dockerfile reference
|
|
|
|
|
* solver: ensure each ref in the result map is evaluated
|
|
|
|
|
* rootless: use `~/.config/buildkit/cni.json`
|
|
|
|
|
* hack/test: allow ALPINE_VERSION to be set from env
|
|
|
|
|
* authors.Dockerfile: update to alpine 3.19
|
|
|
|
|
* cmd/buildkitd: show "bridge" net mode in `--help`
|
|
|
|
|
* add CNI bridge network provider
|
|
|
|
|
* test: add test case for multi-platform scratch
|
|
|
|
|
* docs: fix typo for eksctl
|
|
|
|
|
* fix lease management with flightcontrol
|
|
|
|
|
* go.mod: fix dependencies being in the wrong group
|
|
|
|
|
* vendor: github.com/docker/go-connections v0.5.0
|
|
|
|
|
* hack: add docker-compose file for development
|
|
|
|
|
* control: fix typo in exporter slice comment
|
|
|
|
|
* solver: avoid discarding nil refs entry
|
|
|
|
|
* gateway: avoid calling Definition on nil ref
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.0-rc.1
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.0-rc.1
|
|
|
|
|
* vendor: github.com/opencontainers/runc v1.1.11
|
|
|
|
|
* vendor: github.com/klauspost/compress v1.17.4
|
|
|
|
|
* exporter: use implicit ids for exporters
|
|
|
|
|
* solver: add cap for multiple exporters
|
|
|
|
|
* control: add multiple exporters
|
|
|
|
|
* exporter: add new id parameter to exporter instances
|
|
|
|
|
* session: add file send multiplexing
|
|
|
|
|
* exporter: pass inline cache directly to exporter
|
|
|
|
|
* exporter: make ParseKey platform parameter optional
|
|
|
|
|
* session: create helper type for exporter file output
|
|
|
|
|
* exporter: avoid modifying exporter inputs
|
|
|
|
|
* filesync: add doc comments in proto
|
|
|
|
|
* chore: remove function indirection for cache exporters
|
|
|
|
|
* dockerfile: mitigate flaky smoke test with timeout
|
|
|
|
|
* docs: clarify the purpose of the syntax parser directive
|
|
|
|
|
* Fix hardlink issue with whiteout deletes in the merge snapshotter.
|
|
|
|
|
* detect: refactor the default resource detector for detect
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.0-beta.3
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.0-beta.3
|
|
|
|
|
* vendor: github.com/felixge/httpsnoop v1.0.4
|
|
|
|
|
* vendor: golang.org/x/crypto v0.17.0
|
|
|
|
|
* vendor: golang.org/x/crypto v0.16.0
|
|
|
|
|
* vendor: golang.org/x/text v0.14.0
|
|
|
|
|
* vendor: golang.org/x/sys v0.15.0
|
|
|
|
|
* docs: mention trace logging in buildkitd.toml docs
|
|
|
|
|
* ci: remove timeout on image job
|
|
|
|
|
* tracing: allow the `Resource` to be set externally
|
|
|
|
|
* tests: enable previously skipped tests
|
|
|
|
|
* lint: set proper cache key for golangci-lint target
|
|
|
|
|
* ci(buildkit): set timeout to image job
|
|
|
|
|
* ci(test-os): retry logic for freebsd smoke tests step
|
|
|
|
|
* tests: enable integration test run on windows
|
|
|
|
|
* chore: remove WithFailFast option
|
|
|
|
|
* git: ensure that pin matches checked-out commit
|
|
|
|
|
* util: expose otel metrics through grpc and prometheus
|
|
|
|
|
* Dockerfile: bump up containerd to 1.7.11
|
|
|
|
|
* go.mod: bump up containerd to 1.7.11
|
|
|
|
|
* add gabriel-samfira to maintainers
|
|
|
|
|
* Add project processes guide
|
|
|
|
|
* fix/pr: fixes from pr review
|
|
|
|
|
* replace WithTimeout with WithTimeoutCause
|
|
|
|
|
* replace context.WithCancel with WithCancelCause
|
|
|
|
|
* make docs
|
|
|
|
|
* json-cache-metrics becomes debug-json-cache-metrics
|
|
|
|
|
* add an option to show JSON cache metrics
|
|
|
|
|
* chore: tidy up removal of digest algorithm
|
|
|
|
|
* Dockerfile: Bump up containerd to v1.7.10
|
|
|
|
|
* go.mod: bump up github.com/containerd/containerd to v1.7.10
|
|
|
|
|
* solver: use toSelectors to filter root paths instead of custom logic
|
|
|
|
|
* llbsolver: fix possible panic when setting event to nil
|
|
|
|
|
* ci(deps): upgrade containerd to v1.7.9
|
|
|
|
|
* ci(deps): upgrade OpenTelemetry libraries to v1.19.0 / v0.45.0
|
|
|
|
|
* Update docs/attestations/sbom-protocol.md
|
|
|
|
|
* docs: dockerfile instructions quick reference
|
|
|
|
|
* github: add issue reporting guide
|
|
|
|
|
* windows integration tests: plumbing work to be able to run on windows
|
|
|
|
|
* Update to go 1.21
|
|
|
|
|
* dockerfile: remove duplicate layer chains from provenance attestation
|
|
|
|
|
* fix bug that gen layer tar contains duplicated files
|
|
|
|
|
* Dockerfile: Bump up runc to 1.1.10
|
|
|
|
|
* docs: refresh dockerfile frontend reference
|
|
|
|
|
* String substitution in variable expansion
|
|
|
|
|
* docs: update builtctl.md to fix markdown links and typo
|
|
|
|
|
* buildctl: Add insecure config for registry-auth-tlscontext flag
|
|
|
|
|
* dockerfile2llb: filter unused paths for named contexts
|
|
|
|
|
* vendor: github.com/docker/cli v25.0.0-beta.1
|
|
|
|
|
* vendor: github.com/docker/docker v25.0.0-beta.1
|
|
|
|
|
* vendor: github.com/docker/go-connections fa09c952e3ea (v0.5.0-dev)
|
|
|
|
|
* vendor: github.com/opencontainers/runc v1.1.10
|
|
|
|
|
* vendor: github.com/docker/docker-credential-helpers v0.8.0
|
|
|
|
|
* vendor: github.com/go-logr/logr v1.2.4
|
|
|
|
|
* vendor: github.com/vbatts/tar-split v0.11.3
|
|
|
|
|
* vendor: github.com/opencontainers/runtime-spec v1.1.0
|
|
|
|
|
* vendor: github.com/cenkalti/backoff/v4 v4.2.1
|
|
|
|
|
* llbsolver: unmarshal protobuf objects into the provenance attestation correctly
|
|
|
|
|
* docs: fix warning callouts
|
|
|
|
|
* cache: set max batch size limit to prune
|
|
|
|
|
* ci(test-os): enable SSH keep alive in vagrant vm
|
|
|
|
|
* ci(validate): use target property to list all targets
|
|
|
|
|
* golangci-lint: increase timeout
|
|
|
|
|
* enable golangci-lint for supported platforms
|
|
|
|
|
* solver: allow debugging specific builder steps
|
|
|
|
|
* Update buildctl.md
|
|
|
|
|
* containerd: support custom shim path
|
|
|
|
|
* chore: update getTaskOpts to return multiple opts
|
|
|
|
|
* git: add missing RedactCredentials call in cache description
|
|
|
|
|
* docs: add a note that healthcheck --start-interval requires docker 25.0
|
|
|
|
|
* Whenever copying OCI Platform data, include OSVersion and OSFeatures
|
|
|
|
|
* hack: enable linting for freebsd
|
|
|
|
|
* hack: enable linting for windows
|
|
|
|
|
* chore: move linux-specific oci spec to spec_linux.go
|
|
|
|
|
* chore: remove unused functions for windows
|
|
|
|
|
* chore: fix windows variable naming issues
|
|
|
|
|
* chore: remove fmt.Errorf usage for windows
|
|
|
|
|
* docs: retarget dockerfile reference link
|
|
|
|
|
* ci: make test job depends on binaries one
|
|
|
|
|
* dockerfile: smoke tests for binaries
|
|
|
|
|
* frontend/dockerfile/dockerfile2llb: errmsg: quote build target
|
|
|
|
|
* vendor: github.com/containerd/containerd v1.7.8
|
|
|
|
|
* vendor: google.golang.org/grpc v1.58.3
|
|
|
|
|
* vendor: google.golang.org/protobuf v1.31.0
|
|
|
|
|
* vendor: golang.org/x/tools v0.10.0
|
|
|
|
|
* vendor: golang.org/x/sync v0.3.0
|
|
|
|
|
* vendor: golang.org/x/mod v0.11.0
|
|
|
|
|
* Add string trimming (#, %, ##, %%) in variable expansion
|
|
|
|
|
* test: add force-compression option for nydus case
|
|
|
|
|
* solver: fix nydus force compression for provenance
|
|
|
|
|
* fix typos
|
|
|
|
|
* containerd: normalize platform received from introspection API
|
|
|
|
|
* fix usage loss for snapshots with labels in MergeSnapshotter
|
|
|
|
|
* vendor: update nydus-snapshotter to v0.13.1
|
|
|
|
|
* ci(test-os): switch to macos-13 runner for freebsd job
|
|
|
|
|
* migrate to github.com/moby/sys/user
|
|
|
|
|
* vendor: google.golang.org/grpc v1.56.3
|
|
|
|
|
* vendor: google.golang.org/grpc v1.56.2
|
|
|
|
|
* ci: bump up golangci-lint to v1.55.0
|
|
|
|
|
* dockerfile2llb: Add a MainContext option to ConvertOpt
|
|
|
|
|
* buildkitd: use default config file location when run as root in rootless
|
|
|
|
|
* Dockerfile: bump up registry to v2.8.3
|
|
|
|
|
* Dockerfile: bump up CNI plugins to v1.3.0
|
|
|
|
|
* solver: fix printing progress messages after merged edges
|
|
|
|
|
* Fix broken link
|
|
|
|
|
* vendor: github.com/klauspost/compress v1.17.2
|
|
|
|
|
* client: refactor to extract prepareMounts
|
|
|
|
|
* exporter: refactor to clarify intent behind fs usage
|
|
|
|
|
* client: allow exposing fsutil.FS through SolveOpts
|
|
|
|
|
* session: modify FSSync provider to take fsutil.FS objects
|
|
|
|
|
* vendor: update fsutil to master@f09800878302
|
|
|
|
|
* Send hcsshim's options struct when running with hcsshim
|
|
|
|
|
* ci(test-os): increase vm boot time to 15m
|
|
|
|
|
* llbsolver: fix possible deadlock in history listen
|
|
|
|
|
* buildkitd: fix debug handler listener
|
|
|
|
|
* cache: fix cache leak
|
|
|
|
|
* Dockerfile: update xx to 1.3.0
|
|
|
|
|
* solver: minor typo in one of the logging messages
|
|
|
|
|
* Dockerfile: bump up nerdctl to v1.6.2
|
|
|
|
|
* chore: enable riscv64 build
|
|
|
|
|
* solver: fix possible concurrent map access on cache export
|
|
|
|
|
* Fix linting issue
|
|
|
|
|
* Use snapshot.Mountable as an argument type to readUser
|
|
|
|
|
* Move readUser code outside of the file package
|
|
|
|
|
* Remove the need for an exported Executor field
|
|
|
|
|
* Implement readUser on Windows
|
|
|
|
|
* Skip export of caches with no layers to OCI structures
|
|
|
|
|
* Correct package name for inline remote-cache source
|
|
|
|
|
* Revendor opencontainers/image-spec to v1.1.0-rc5
|
|
|
|
|
* chore: temporarily disable riscv64 build
|
|
|
|
|
* ci: fix docs upstream validation workflow
|
|
|
|
|
* README: BuildKit is now default in the Engine
|
|
|
|
|
* vendor: golang.org/x/net v0.17.0
|
|
|
|
|
* vendor: golang.org/x/crypto v0.14.0
|
|
|
|
|
* vendor: golang.org/x/text v0.13.0
|
|
|
|
|
* vendor: golang.org/x/sys v0.13.0
|
|
|
|
|
* Dockerfile: update containerd binary to v1.7.7
|
|
|
|
|
* Add Unikraft to the list of BuildKit users
|
|
|
|
|
* vendor: github.com/containerd/containerd v1.7.7
|
|
|
|
|
* vendor: golang.org/x/net v0.13.0
|
|
|
|
|
* vendor: golang.org/x/crypto v0.11.0, golang.org/x/text v0.11.0
|
|
|
|
|
* vendor: golang.org/x/sys v0.10.0
|
|
|
|
|
* vendor: github.com/stretchr/testify v1.8.4
|
|
|
|
|
* vendor: github.com/containerd/continuity v0.4.2
|
|
|
|
|
* solver: protect against nil rres upon errors
|
|
|
|
|
* ResolveImageConfig: Only fetch best matching config
|
|
|
|
|
* git: use custom giturl type to preserve original remote
|
|
|
|
|
* sshutil: refactor to allow parsing scp-style urls
|
|
|
|
|
* gateway: restore original filename in StatFile error message
|
|
|
|
|
* dockerfile: add --parents flag for COPY
|
|
|
|
|
* CI (containerd v1.6): bump up containerd to 1.6.24
|
|
|
|
|
* docs: mv .dockerignore help to context docs
|
|
|
|
|
* uploadprovider: avoid too big grpc messages on tar upload
|
|
|
|
|
* session: raise grpc message size limits for session endpoint
|
|
|
|
|
* filesync: split stream data into 3MB chunks to avoid message limits
|
|
|
|
|
* Bump up golangci-lint to 1.54.2
|
|
|
|
|
* Update go to 1.21
|
|
|
|
|
* docs: fix typo in nydus.md
|
|
|
|
|
* Rename cgroupNamespaceSupported, add details
|
|
|
|
|
* Don't support cgroupns on cgroups v1
|
|
|
|
|
* util/resolver: fillInsecureOpts don't return slice
|
|
|
|
|
* util/resolver: Http fallback in the same host
|
|
|
|
|
* util/resolver: Fix insecure mirrors
|
|
|
|
|
* Make output window configurable: BUILDKIT_TTY_LOG_LINES
|
|
|
|
|
* docs: fix incorrect option name in containerd runtime config
|
|
|
|
|
* ci(test): fix unhandled buildkitd tags
|
|
|
|
|
* solver: fix issue with double merged edges
|
|
|
|
|
* hack: update BUILDKIT_DEBUG handling
|
|
|
|
|
* dockerfile: introduce a debug variant for the buildkit docker image
|
|
|
|
|
* integration: set otel socket path through buildkit config
|
|
|
|
|
* chore: add todo note to remove runj specifics
|
|
|
|
|
* Add options to specify containerd runtime
|
|
|
|
|
* Ensure layers in the local content store on FileList API
|
|
|
|
|
* cache: don't skip unlazy without blob check
|
|
|
|
|
* docs/rootless: use Bottlerocket's API configurations
|
|
|
|
|
* solver: correctly set the content selector with multiple bind mounts references
|
|
|
|
|
* diff: gzip with custom level should be compressed by BuildKit's differ
|
|
|
|
|
* docs: note that gckeepstorage can take different types
|
|
|
|
|
* Revert "Update buildkitd.toml.md"
|
|
|
|
|
* ci(test-os): increase vm boot time to 10m
|
|
|
|
|
* hack(test): tidy create command and display invoked docker cmds
|
|
|
|
|
* ci(test): dedicated step to build integration-tests image
|
|
|
|
|
* create integration-tests bake target
|
|
|
|
|
* hack(test): opt to avoid building the integration tests image
|
|
|
|
|
* hack(dockerfile-frontend): remove daily release type
|
|
|
|
|
* hack: align syntax
|
|
|
|
|
* hack: progressFlag set not needed
|
|
|
|
|
* hack: cleanup buildx install
|
|
|
|
|
* hack(test): use trap to remove cache volume
|
|
|
|
|
* buildctl: propagate `SOURCE_DATE_EPOCH` from client env to build arg
|
|
|
|
|
* ci: update github actions to latest stable
|
|
|
|
|
* buildctl: Add configured TLS certificate to trust store when making calls to registry auth
|
|
|
|
|
* go fmt cache/blobs_nolinux.go
|
|
|
|
|
* exporter/containerimage: new option: rewrite-timestamp
|
|
|
|
|
* Move cache/converter.go to util/converter/converter.go
|
|
|
|
|
* dockerfile2llb: set default llb.Local when client is not available
|
|
|
|
|
* progressui: modify NewDisplay to accept io.Writer instead of console.File
|
|
|
|
|
* authprovider: Fix error return from Credentials when logger is nil
|
|
|
|
|
* Add Unikraft's kraft.yaml to list of LLB languages.
|
|
|
|
|
* ci(test-os): cross build freebsd binaries using the Dockerfile
|
|
|
|
|
* progress: add new quiet display mode
|
|
|
|
|
* docs: Add `[dns]` snippet to `buildkitd.toml` example file
|
|
|
|
|
* client: manually implement Wait backoffs
|
|
|
|
|
* docs(source): mention successful snapshots can be nil
|
|
|
|
|
* fix: return err when unable to hash
|
|
|
|
|
* migrate to github.com/distribution/reference v0.5.0
|
|
|
|
|
* Revert "buildctl: set max backoff delay to 1 second"
|
|
|
|
|
* ci: update github actions to latest stable
|
|
|
|
|
* lint: fix linting rules for logrus
|
|
|
|
|
* chore: use bklog instead of logrus
|
|
|
|
|
* fix: use sha256 for merge/diff op cache maps
|
|
|
|
|
* llb: avoid duplicate instances of sourcemaps in provenance
|
|
|
|
|
* fix: log context for future debugging
|
|
|
|
|
* fix(boltdb): close cache and history dbs on exit
|
|
|
|
|
* Cleanup args, rename jobDetails
|
|
|
|
|
* fix: check snapshot labels to avoid panic
|
|
|
|
|
* fix(metadata): close store on exit
|
|
|
|
|
* pull: fix possible negative blob pull time
|
|
|
|
|
* docs: fix slsa definition markup issues
|
|
|
|
|
* FreeBSD CI: cross-compile binaries
|
|
|
|
|
* util/progress: silence go test -race
|
|
|
|
|
* progressui: adds a json output that shows raw events for the solver status
|
|
|
|
|
* docker: cleanup fields in image definition
|
|
|
|
|
* test: git tag test should not sign tags
|
|
|
|
|
* git: centralize git cli operations
|
|
|
|
|
* deprecate frontend/dockerfile/dockerignore
|
|
|
|
|
* replace dockerfile/dockerignore with patternmatcher/ignorefile
|
|
|
|
|
* vendor: github.com/moby/patternmatcher v0.6.0
|
|
|
|
|
* git: avoid regexp for checking .git suffix
|
|
|
|
|
* git: update parsing to clarify between scp-style urls
|
|
|
|
|
* tests: tidy up gitutil testing structs
|
|
|
|
|
* git: update llb.Git doc comment
|
|
|
|
|
* hack: forward CGO_ENABLED into test container
|
|
|
|
|
* solver: fix possible race for provenance ResolveImageConfig
|
|
|
|
|
* solver: wrap gRPC codes.NotFound on unknown build ID
|
|
|
|
|
* ci: dump context on failure
|
|
|
|
|
* chore: fix git freebsd to match file names
|
|
|
|
|
* source: make sources pluggable
|
|
|
|
|
* Fix typo in README.md
|
|
|
|
|
* Implement executor on Windows
|
|
|
|
|
* chore: split vagrant provisioning
|
|
|
|
|
* buildkitd: add grpc.health.v1.Health service
|
|
|
|
|
* Dockerfile: RUNC_VERSION=v1.1.9
|
|
|
|
|
* go.mod: github.com/opencontainers/runc v1.1.9
|
|
|
|
|
* ci: add protolint validation
|
|
|
|
|
* lint: add protolint config
|
|
|
|
|
* chore: tidy up filesync encode headers handling
|
|
|
|
|
* docs: index annotations fail if index is not produced
|
|
|
|
|
* docs: update gcpolicy percentage to refer to total space
|
|
|
|
|
* docs: improve CacheMap developer documentation
|
|
|
|
|
* filesync: write closer err discarded
|
|
|
|
|
* Avoid unnecessary map allocation when writing progress
|
|
|
|
|
* Improve cache related trace logging.
|
|
|
|
|
* test: add HasFeatureCompat helper
|
|
|
|
|
* integration: fix rootless tests
|
|
|
|
|
* buildkitd: otel config and otel-socket-path flag
|
|
|
|
|
* tests: refactor integration test package
|
|
|
|
|
* test: use integration.Tmpdir consistently
|
|
|
|
|
* docs: removed labs ref for ADD checksum and git
|
|
|
|
|
* ci(test-os): bump actions
|
|
|
|
|
* tests: refactor Tmpdir as a test helper
|
|
|
|
|
* FreeBSD CI Run logs retention
|
|
|
|
|
* filesync: remove deprecated override-excludes
|
|
|
|
|
* integration: preserve existing environment variables when using sudo
|
|
|
|
|
* set tracing socket path to runtime dir
|
|
|
|
|
* executor: fix resource sampler goroutine leak
|
|
|
|
|
* docs: troubleshoot for `mount proc:/proc (via /proc/self/fd/6), flags: 0xe: operation not permitted`
|
|
|
|
|
* FreeBSD port
|
|
|
|
|
* examples: bump oci and containerd versions
|
|
|
|
|
* examples: remove no_containerd_worker build tag
|
|
|
|
|
* hack: add linting for multiple combinations of build tags
|
|
|
|
|
* chore: remove unused blobIDs for nydus compression
|
|
|
|
|
* chore: remove old no_{oci,containerd}_worker build tags
|
|
|
|
|
* nydus: fix missing imports
|
|
|
|
|
* frontend/dockerfile/dockerignore: remove hard-coded filename from error
|
|
|
|
|
* frontend/dockerfile/dockerignore: touch-up godoc and code
|
|
|
|
|
* frontend/dockerfile/dockerignore: cleanup unit test
|
|
|
|
|
* chore: clean up file copy logic backend logic
|
|
|
|
|
* filesync: append rather than replace grpc md.
|
|
|
|
|
* progress: don't modify ResetTime inputs
|
|
|
|
|
* vendor: github.com/docker/cli v24.0.5
|
|
|
|
|
* vendor: golang.org/x/net v0.10.0
|
|
|
|
|
* vendor: golang.org/x/text v0.9.0
|
|
|
|
|
* vendor: golang.org/x/sys v0.8.0
|
|
|
|
|
* vendor: github.com/sirupsen/logrus v1.9.3
|
|
|
|
|
* Add support for JSON formatted logs (#3133)
|
|
|
|
|
* Dedupe "containerd.io/uncompressed" constants and literals
|
|
|
|
|
* integration: missing env var to check feature compat
|
|
|
|
|
* vendor: github.com/docker/docker@master (afd4805)
|
|
|
|
|
* file: Fix incorrect handling of non-existent files in llbsolver's rmPath
|
|
|
|
|
* llb: Add tests for WithUser
|
|
|
|
|
* llb: Correct 'contexst' typo in State.Run function's documentation
|
|
|
|
|
* test: update pinned busybox image to 1.36
|
|
|
|
|
* executor/resource: stub out NewSysSampler on Windows
|
|
|
|
|
* vendor: github.com/docker/cli v24.0.4
|
|
|
|
|
* docs/build-repro.md: fix description about squashing
|
|
|
|
|
* vendor: github.com/docker/docker 8e51b8b59cb8 (master, v25.0.0-dev)
|
|
|
|
|
* test: update pinned alpine image to 3.18
|
|
|
|
|
* examples: create certs bake definition
|
|
|
|
|
* testutil: move CheckContainerdVersion to a separate package
|
|
|
|
|
* chore: update AUTHORS and mailmap
|
|
|
|
|
* Clarify the behavior of wildcards in .dockerignore file
|
|
|
|
|
|
2024-02-05 12:53:43 +01:00
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Feb 01 16:36:18 UTC 2024 - dcermak@suse.com
|
|
|
|
|
|
|
|
|
|
- Update to version 0.12.5:
|
|
|
|
|
* update runc to v1.1.12
|
|
|
|
|
* exec: add extra validation for submount sources (fixes CVE-2024-23651, bsc#1219267)
|
|
|
|
|
* oci: fix error handling on submount calls
|
|
|
|
|
* executor: recheck mount stub path within root after container run (fixes CVE-2024-23652, bsc#1219268)
|
2024-02-12 15:10:46 +01:00
|
|
|
|
* llbsolver: make sure interactive container API validates entitlements (fixes CVE-2024-23653, bsc#1219438)
|
2024-02-05 12:53:43 +01:00
|
|
|
|
* gateway: pass executor with build and not access worker directly
|
|
|
|
|
* pb: add extra validation to protobuf types
|
|
|
|
|
* sourcepolicy: add validations for nil values
|
|
|
|
|
* exporter: add validation for platforms key value
|
|
|
|
|
* exporter: add validation for invalid platorm
|
|
|
|
|
* exporter: validate null config metadata from gateway
|
|
|
|
|
* ci: disable push if not upstream repo
|
|
|
|
|
* hack: use git context only for upstream repo
|
|
|
|
|
* hack/test: allow ALPINE_VERSION to be set from env
|
|
|
|
|
* hack: align syntax
|
|
|
|
|
* vendor: github.com/cyphar/filepath-securejoin v0.2.4
|
|
|
|
|
* tracing: allow the `Resource` to be set externally
|
|
|
|
|
|
2023-12-07 08:55:11 +01:00
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Dec 04 13:14:41 UTC 2023 - fredrik.lonnegren@suse.com
|
|
|
|
|
|
|
|
|
|
- Update to version 0.12.4:
|
|
|
|
|
* Fix possible concurrent map access on remote cache export
|
|
|
|
|
* Fix hang on debug server listener
|
|
|
|
|
* Fix possible deadlock in History API under high number of parallel builds
|
|
|
|
|
* Fix possible panic on handling deleted records in History API
|
|
|
|
|
* Fix possible data corruption in zstd library
|
|
|
|
|
|
|
|
|
|
- Update to version 0.12.3:
|
|
|
|
|
* Fix possible duplicate source files in provenance attestation for chained builds
|
|
|
|
|
* Fix possible negative step time in progressbar for step shared with other build request
|
|
|
|
|
* Fix properly closing history and cache DB on shutdown to avoid corruption
|
|
|
|
|
* Fix incorrect error handling for invalid HTTP source URLs
|
|
|
|
|
* Fix fallback cases for ambiguous insecure configuration provided for registry used as push target.
|
|
|
|
|
* Fix possible data race with parallel image config resolves
|
|
|
|
|
* Fix regression in v0.12 for clients waiting on buildkitd to become available
|
|
|
|
|
* Fix Cgroup NS handling for hosts supporting only CgroupV1
|
|
|
|
|
|
|
|
|
|
- Update to version 0.12.2:
|
|
|
|
|
* Fix possible discarded network error when exporting result to client
|
|
|
|
|
* Avoid unnecessary memory allocations when writing build progress
|
|
|
|
|
|
Accepting request 1102234 from home:elimat:branches:devel:microos
- Update to version 0.12.1:
* executor: fix resource sampler goroutine leak
* [v0.11] make tracing socket forward error non-fatal
* integration: missing env var to check feature compat
* test: update pinned busybox image to 1.36
* test: update pinned alpine image to 3.18
* vendor: github.com/docker/docker 8e51b8b59cb8 (master, v25.0.0-dev)
* executor/resource: stub out NewSysSampler on Windows
* vendor: github.com/docker/cli v24.0.4
* testutil: move CheckContainerdVersion to a separate package
* llbsolver: fix policy rule ordering
* filesync: fix backward compatibility with encoding + and %
* hack: allow to set GO_VERSION during tests
* test: always disable tls for dockerd worker
* buildctl: set max backoff delay to 1 second
* contenthash: data race
* filesync: escape special query characters
* applier: add hack to support docker zstd layers
* Fix various nits
* pullprogress data race
* use sampler lock instead
* Fix ResolveImageConfig to evaluate source policy
* sampler data race fix
* update cgroup parent test to work with cgroupns
* Revert "specify a `ResponseHeaderTimeout` value"
* oci: make sure cgroupns is enabled if supported
* bash lint fix
* rename BUILDFLAGS to GOBUILDFLAGS
* allow ENOTSUP for PSI cgroup files
* containerimage: use platform matcher to detect platform to unpack
* exporter: silently skip unpacking unknown reference
* improve error handling in ReadFile
* dockerfile: arg for controlling go build flags
* dockerfile: arg to enable go race detection
* Add support for health start interval
* Re-vendor moby/moby
* filesync: mark if options have been encoded to detect old versions
* dockerfile: heredoc should use 0644 permissions
* docs: update README to reference OpenTelemetry instead of OpenTracing
* gateway: restore original filename in ReadFile error message
* Dockerfile: update containerd to v1.7.2
* Use system.ToSlash() instead of filepath.ToSlash()
* Revert most changes to client/llb
* Remove Architecture
* Default to linux in client
* Ensure we use proper path separators
* Set default platform
* Add nil pointer check in dispatchWorkdir
* Remove nil pointer check and extra NormalizePath
* Rename variable, remove superfluous check
* Use current OS as a default
* Handle file paths base on target platform
* exporter: unlazy references in parallel
* exporter: simplify unlazy references to reduce duplication
* exporter: allow unpack on multi-platform images
* tests: add unpack to scratch export test
* overlay: set whiteout timestamps to 1970-01-01 (not to SOURCE_DATE_EPOCH)
* dockerfile: graduate `ADD --checksum=<checksum>` from labs
* dockerfile: graduate `ADD <git ref>` from labs
* dockerfile: mod-outdated target to check modules updates
* dockerfile: use xx in dnsname stage
* dockerfile: install musl-dev to fix compilation issue
* dockerfile: update Alpine to 3.18
* vendor: update fsutil to 36ef4d8
* export(local): split opt
* buildctl: Provide --wait option
* containerimage: support SOURCE_DATE_EPOCH for CreatedAt
* move flightcontrol to use generics
* containerimage: keep layer labels for exported images
* shell: start shell from cmd, not entrypoint
* sbom: propogate image-resolve-mode for generator image
* client: add extra debug to tests
* handle missing provenance for non-evaluated result
* tests: add provenance test for duplicate platform
* tests: add provenance test for when context directory does not exist
* forward: make BridgeClient public for lint
* gateway: enable named contexts for gateway frontend
* vendor: update vt100 with resize panic fix
* docs: dockerfile: remove "known issues" related to AuFS
* docs: add running instruction to CONTRIBUTING.md
* tests: add worker close method to interface
* add and check for gateway.exec.secretenv cap
* move Secretenv from Meta to InitMessage
* support passing SecretEnv to gateway containers
* Add comment, update from review
* Fix issue with digest merge (inconsistent graph state)
* docs: add helper commands section to CONTRIBUTING.md
* docs: update CONTRIBUTING.md whitespace formatting
* integration: fix not deleting dockerd workdir
* remove uses of deprecated ResolverOptions.Client
* filesync: fix handling non-ascii in file paths
* tests: add test for unicode filenames
* Adding more docs to client/llb
* Add special case for rw bind mounts
* vendor: github.com/docker/cli v24.0.2
* vendor: github.com/docker/docker v24.0.2
* progressui: fix index printing on partial rows
* gateway: wrap ExecProcessServer Send calls with a mutex
* resources: make maxsamples configurable
* llbsolver: add systemusage samples to provenance attestation
* resources: store sys cpu usage per step
* resources: add sampler for periodic stat reads
* resources: CNI network usage sampling support
* resources: add build step resource tracking via cgroups
* solver: lock before using actives
* Emulate "bind" mounts using the bind filter
* Fix mount layers on host
* llbsolver: set temporary lease in Commit context
* Update containerd dependency
* exporter: Add exptypes with Common exporter keys
* exporter/image/exptypes: Make strongly typed
* solver: move AddBuildConfig into llbsolver package
* tests: add test to check url format for image loaded from oci layout
* solver: mark locally loaded images as such
* solver: merge local and remote images into single list
* purl: allow RefToPURL to take a type parameter
* tests: don't use purl code to test itself
* Use linux as a default for inputOS
* Add path handling functions
* response to comments
* containerimage: Export option keys
* vendor: update spdx/tools-golang to v0.5.1
* exporter: remove non dist options from tar exporter
* exporter: move fs opt parsing to method
* tests: fixup attestation tar to not panic when file not found
* git: set umask without reexec
* add language property for sourcemap
* dockerfile/docs: add set -ex to heredoc #3870
* authprovider: fix a bug where registry-1.docker.io auth was always a cache miss
* response to comments
* tracing: fix buildx tracing delegation
* Update continuity and fsutil
* cache: add a few more fields to ref trace logs.
* vendor: github.com/containerd/go-runc v1.1.0
* provenance: fix possible empty digest access
* vendor: fix broken vendoring
* dockerfile: bump up nerdctl to v1.4.0
* bump nydus-snapshotter dependence to v0.8.2
* vendor: github.com/docker/cli v24.0.1
* vendor: github.com/docker/docker v24.0.1
* vendor: github.com/containerd/containerd v1.7.1
* vendor: github.com/Microsoft/hcsshim v0.10.0-rc.8
* vendor: github.com/Microsoft/go-winio v0.6.1
* vendor: golang.org/x/sys v0.7.0
* vendor: github.com/containerd/typeurl/v2 v2.1.1
* chore: bump spdx tools
* Fix typo in attestation-storage.md
* vendor: github.com/docker/cli v24.0.0
* vendor: github.com/docker/docker v24.0.0
* vendor: github.com/opencontainers/runc v1.1.7
* vendor: github.com/opencontainers/runtime-spec v1.1.0-rc.2
* vendor: github.com/klauspost/compress v1.16.3
* Dockerfile: CONTAINERD_VERSION=v1.7.1
* Dockerfile: CONTAINERD_ALT_VERSION_16=v1.6.21
* Dockerfile: RUNC_VERSION=v1.1.7
* session: avoid logging healthcheck error on canceled connection
* session: fix run and close synchronization
* testutil: update ReadImages to fallback to reading manifest
* Add trace logs for cache leaks.
* Add some doc strings for LLB functions
* attestations: move containerd media type warnings
* update generated proto files
* attestations: replace intoto media type with vendored const
* nydus: bump nydus versions in Dockerfile and doc
* feedback changes for moby/buildkit #2251
* testutil: expose underlying docker address for supported workers
* testutil: expose integration workers as public
* remove type aliases for leasemanager/contentstore
* llbsolver: move history blobs to a separate namespace
* build(deps): bump github.com/docker/distribution
* added import/export support for OCI compatible image manifest version of cache manifest (opt-in on export, inferred on import) moby/buildkit #2251
* llb: carry platform from inputs for merge/diff
* llb: don't include platform in fileop
* control: fix possible deadlock on network error
* exporter/containerimage: remove redundant type for var declaration
* Fix not to set the value on empty vertex
* Fix to import as digest
* cache: always release ref when getting size in usage.
* Drop unneeded variable
* ssh: add fallback to ensure conn is closed in all cases.
* vendor: github.com/opencontainers/image-spec v1.1.0-rc3
* vendor: github.com/docker/cli v23.0.5
* vendor: github.com/docker/docker v23.0.5
* nydus: update nydus-snapshotter dependency to v0.8.0
* progressui: fix possible zero prefix numbers in logs
* llbsolver: send active event only to current client
* llbsolver: send delete status event
* llbsolver: filter out records marked deleted from list responses
* Add Windows service support
* docs: fixup build repro doc with updated policy format
* test: use appropriate snapshotter service to walk snapshots
* overlay: use function to check for overlay-based mounts
* Update uses of Image platform fields in OCI image-spec
* allow setting user agent products
* Bump up golangci-lint to v1.52.2
* chore: tidy up duplicated imports
* solver: Release unused refs in LoadWithParents
* Avoid panic on parallel walking on DefinitionOp
* solver: skip sbom post processor if result is nil
* vendor: github.com/docker/docker v23.0.4
* vendor: github.com/docker/cli v23.0.4
* vendor: golang.org/x/time v0.3.0
* vendor: github.com/docker/cli v23.0.2
* vendor: github.com/docker/docker v23.0.2
* test: don't hang if a process doesn't run
* ci: put worker name first for better UX in actions
* go.mod: remove github.com/kr/pretty
* Revert "Problem: can't use anonymous S3 credentials"
* go.mod: bump up runc to v1.1.6
* go.mod: Bump up stargz-snapshotter to v0.14.3
* dockerfile: bump up stargz-snapshotter to v0.14.3
* dockerfile: bump up runc to v1.1.6
* buildkitd: add grpc reflection
* Bump up nerdctl to 1.3.0
* Bump up containerd 1.6.20
* Fix gzip decoding of HTTP sources.
* ci: update runner os to ubuntu 22.04
* Fix bearer token expiration check (fixes #3779)
* docs: update buildkitd.toml with new field info
* buildkitd: allow durations for gc config
* buildkitd: allow multiple units for gc config
* dockerui: expose context detection functions as public
* Prevent overflow of runc exit code.
* Upgrade to latest go-runc.
* runc worker: fix sigkill handling
* Dockerfile: RUNC_VERSION=v1.1.5
* client: add client opts to enable system certificates
* Make ClientOpts type safe
* build(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5
* fileop: create new fileOpSolver instance per Exec call
* Provide CacheManager to Controller instead of CacheKeyManager.
* http: ensure HEAD and GET requests have same headers
* docs: add auto-generated sections to buildctl.md
* client: allow grpc dial option passthrough
* cni: simplify netns creation
* add Bass to list of LLB languages
* llbsolver: fix sorting of history records
* llbsolver: Fix performance of recomputeDigests
* solve: use comparables instead of reflection in result struct
* vendor: github.com/docker/cli v23.0.1
* vendor: github.com/docker/docker v23.0.1
* client: create oci-layout file in StoreIndex
* ci: output annotations for failures
* test: set mod vendor
* test: use gotestsum to generate reports
* fix gateway exec tty cleanup on context.Canceled
* fix process termination handling for runc exec
* Register builds before recording build history
* docs(dockerfile): minimal Dockerfile version support for chmod
* Update builder.md to document newly supported --chmod features in both ADD and COPY statements.
* use bklog.G(ctx) instead of logrus directly
* integration: missing mergeDiff compat check
* chore: `translateLegacySolveRequest` does not need to return error checking.
* integration: split feature compat check for subtests
* integration: missing feature compat check for cache
* dockerfile: fix reproducible digest test for non-amd64
* integration: add FeatureMergeDiff compat
* integration: add FeatureCacheBackend* compat
* integration: enforce features compat through env vars
* ci: upstream docs conformance validation
* dockerfile(docs): fix liquid syntax
* Problem: can't use anonymous S3 credentials
* hack: remove build_ci_first_pass script
* hack: binaries and cross bake targets
* go.mod: update to go 1.20
* Dockerfile: CONTAINERD_VERSION=v1.7.0
* go.mod: github.com/containerd/containerd v1.7.0
* Add Namespace to list of buildkit users.
* remove buildinfo
* buildinfo: add BUILDKIT_BUILDINFO build arg
* buildinfo: mark as deprecated
* docs: deprecated features page
* rootless: guide for Bottlerocket OS (`sysctl -w user.max_user_namespaces=N`)
* rootless: fix up unprivileged mount opts
* Dockerfile: CONTAINERD_VERSION=v1.7.0-rc.3, CONTAINERD_ALT_VERSION_16=v1.6.19
* go.mod: github.com/containerd/containerd v1.7.0-rc.3
* version: add "v" prefix to version for tagging convention consistency
* remove context name validation from kubepod connhelper
* gateway: add hostname option to NewContainer API
* fix error message typo
* provenance: ensure URLs are redacted before written
* test/client: Close buildkit client
* docs: missing security policy markdown file
* diffapply: do chown before xattrs
* Add test for merge of files with capabilities.
* fix a possible panic on cache
* Update cmd/buildkitd/main_windows.go
* ci(validate): use bake
* hack: shfmt bake target
* hack: generated-files bake target
* hack: doctoc bake target
* hack: lint bake target
* hack: authors Dockerfile and bake target
* hack: bake definition with vendor targets
* Fix buildkitd panic when frontend input is nil.
* ci: trigger workflows on push to release branches
* build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0
* ci: create GitHub Release for frontend as well
* ci: make release depends on image job
* lint: fix issues with go 1.20
* remove deprecated golangci-lint linters
* update golangci-lint to v1.51.1
* update to go 1.20
* Allow DefinitionOp to track sources
* specify a `ResponseHeaderTimeout` value
* Ensures that the primary GID is also included in the additional GIDs
* ci: fix missing TESTFLAGS env var in test-os workflow
* Dockerfile: update containerd to v1.7.0-beta.4, v1.6.18
* go.mod: github.com/containerd/containerd v1.7.0-beta.4
* ci: update softprops/action-gh-release to v0.1.15
* ci: remove unused vars in dockerd workflow
* ci: split cross job
* Dockerfile: remove binaries-linux-helper stage
* ci: rename unclear env vars
* readme: fix and update badges
* ci: rename build workflow to buildkit
* ci: reusable test workflow
* ci: move test-os to a dedicated workflow
* ci: move frontend integration tests and build to a dedicated workflow
* stargz-snapshotter: graduate from experimental
* Bump up stargz-snapshotter to v0.14.1
* set osversion in index descriptor from base image
* progress: solve status description
* ci: update buildx to latest
* Dockerfile: update xx to 1.2.1
* integration: make sure registry directory exists
* gha: avoid range requests with too big offset
* ci: merge test-nydus job in test one
* ci: remove branch restriction on pull request event
* client: add tests for layerID in comment field
* exporter: fix sbom supplement core detection
* exporter: fix supplement sboms on empty scratch layer
* exporter: fix file layer finder whiteout detection
* exporter: canonicalize sbom file paths during search
* Add platform tracing socket paths and mounts
* integration: log dockerd cmd
* integration: set custom flags for dockerd worker
* remotecache: proper exporter naming for gha, s3 and azblob
* remotecache: explicit names for registry and local
* exporter: use compression.ParseAttributes func
* remotecache: mutualize compression parsing attrs
* lex: add support for optional colon in variable expansion
* test: rework TestProcessWithMatches to use a matrix
* dockerfile: update to use dockerui pkg
* dockerui: separate docker frontend params to reusable package
* cache: add fallback for snapshotID
* exporter: remove wrappers for oci data types
* vendor: github.com/docker/cli v23.0.0
* vendor: github.com/docker/docker v23.0.0
* hack: do not cache some stages on release
* hack: do not set attest flags when exporting to docker
* git: override the locale to ensure consistent output
* fix support for empty git ref with subdir
* gitutil: use subtests
* source: more tests cases for git identifier
* source: use subtests cases for git identifier
* otel: bump dependencies to v1.11.2/v0.37.0
* hack: treat unset variables as an error
* frontend: fix typo in release script
* ci: create matrix for building frontend image
* inline cache: fix blob indexes by uncompressed digest
* Skip configuring cache exporter if it is nil.
* docs: update syntax for labs channel in examples
* integration: remove wrong compat condition
* integration: fix compat check for CNI DNS test
* cache: don’t link blobonly based on chainid
* do not mount secrets that are optional and missing from solve opts
* SOURCE_DATE_EPOCH: drop timezone
* sbom: create tmp directory for scanner image
* progress: keep color enabled with NO_COLOR empty
* hack: remove azblob_test
* integration: basic azblob cache test
* test: add proxy build args when existed
* vendor: github.com/docker/cli v23.0.0-rc.3
* vendor: github.com/docker/docker v23.0.0-rc.3
* vendor: golang.org/x/net v0.5.0
* vendor: golang.org/x/text v0.6.0
* vendor: golang.org/x/sys v0.4.0
* Dockerfile: CNI plugins v1.2.0
* Dockerfile: CONTAINERD_VERSION=v1.7.0-beta.3, CONTAINERD_ALT_VERSION_16=v1.6.16
* Fix tracing listener on Windows
* go.mod: github.com/containerd/containerd v1.7.0-beta.3
* control: send current timestamp header with event streams
* vendor: update containerd to v1.6.16-0.1709cfe273d9
* buildctl: add ref-file to get history record for a build
* client: make sure ref is configurable for the history API
* history: save completed steps with cache stats
* history: fix exporter key not being passed
* history: fix logs and traces are saving on canceled builds
* hack: add correct entrypoint to shell script
* ci: use moby/buildkit:latest in build action
* dockerfile: add testReproSourceDateEpoch
* Fix cache cannot reuse lazy layers
* Correct manifests_prefix documentation for S3 cache
* Use golang.org/x/sys/windows instead of syscall
* dockerfile: release frontend for i386 platform
* Add get-user-info utility
* optimize --dry-run flag
* fix(tracing): spelling of OTEL_TRACES_EXPORTER value
* Propagate sshforward send side connection close
* buildctl: add `buildctl debug histories, buildctl prune-histories`
* dockerfile: fix panic on warnings with multi-platform
* vendor: github.com/docker/cli v23.0.0-rc.2
* vendor: github.com/docker/docker v23.0.0-rc.2
* vendor: github.com/containerd/containerd v1.6.15
* cache: add registry.insecure option to registry exporter
* Make local cache non-lazy
* docs/build-repro.md: add the SOURCE_DATE_EPOCH section
* docs: clarified build argument example by changing the variable name
* azblob cache: account_name attribute
* docs: master -> 0.11
* ci: fix dockerd workflow with latest changes from moby
* integration: set mirrors and entitlements with dockerd worker
* github: update CI to buildkit version
* exporter: ensure spdx order prioritizes primary sbom
* hack: remove s3_test
* integration: basic s3 cache test
* integration: add runCmd and randomString utils
* integration: expose backend logs in sandbox interface
* azblob_test: pin busybox to avoid "Illegal instruction" error
* docs: add nerdctl container buildkitd address docs
* feat: add namespace support for nerdctl container
* ci: add ci to check README toc
* testutil: pin busybox and alpine used in releases
* exporter: allow configuring inline attestations for image exporters
* exporter: force enabling inline attestations for image export
* docs: change semicolons to double ampersands
* llbsolver: fix panic when requesting provenance on nil result
* vendor: update fsutil to fb43384
* attestation: only supplement file data for the core scan
* docs: add index page for attestations
* docs: move attestation docs to dedicated directory
* docs: rename slsa.md to slsa-provenance.md
* docs: tidy up json examples for slsa definitions
* docs: add cross-linking between slsa pages
* Flakiness in azblob test job
* vendor: update spdx/tools-golang to d6f58551be3f
* feat: add nerdctl-container support for client
* docs: slsa review updates
* docs: moved slsa definitions to a separate page
* docs: slsa editorial fixes
* docs: add filename to provenance attestation
* docs: update hermetic field after it was moved in implementation
* docs: update provenance docs
* docs: add slsa provenance documentation
* progress: fix clean context cancelling
* fix: updated_at -> updated-at
* Solve panic due to concurrent access to ExportSpans
* feat: allow ignoring remote cache-export error if failing
* add cache stats to the build history API
* vendor: github.com/docker/cli v23.0.0-rc.1
* vendor: github.com/docker/docker v23.0.0-rc.1
* vendor: github.com/containerd/containerd v1.6.14
* frontend: fix testMultiStageImplicitFrom to account for busybox changes
* sshforward: skip conn close on stream CloseSend.
* chore: update buildkitd.toml docs with mirror path example
* feat: handle mirror url with path
* provenance: fix the order of the build steps
* provenance: move hermetic field into a correct struct
* add possibility to override filename for provenance
* Fix typo in CapExecMountBindReadWriteNoOutput.
* Use SkipOutput instead of -1 for output indexes to clarify semantics.
* fix indentation for in-toto and traces
* attestation: forbid provenance attestations from frontend
* attestation: validate attestations before unbundling as well
* exporter: make attestation validation public
* result: change reason types to strings
* attestations: ignore spdx parse errors
* attestations: propogate metadata through unbundling
* gateway: add addition check to prevent content func from being forwarded
* ociindex: add utility method for getting a single manifest from the index
* ociindex: refactor to hide implementation internally
* cache: test gha cache exporter
* containerdexecutor: add network namespace callback
* frontend/dockerfile: BFlags.Parse(): use strings.Cut()
* frontend/dockerfile: parseExtraHosts(): use strings.Cut()
* frontend/dockerfile: parseMount() use strings.Cut(), and some minor cleanup
* frontend/dockerfile: move check for cache-sharing
* frontend/dockerfile: provide suggestions for mount share mode
* frontend/dockerfile: define types for enums
* frontend/dockerfile/shell: use strings.Equalfold
* frontend/dockerfile/parser: remove redundant concat
* frontend/dockerfile: parseBuildStageName(): pre-compile regex
* frontend/dockerfile: remove isSSHMountsSupported, isSecretMountsSupported
* docs: Enable rootless for stargz-snapshotter
* executor/oci: GetResolvConf(): simplify handling of resolv.conf
- fix rpmlint errors
* systemd units should not have execute permissions
* add missing %service_add_pre for the systemd units
OBS-URL: https://build.opensuse.org/request/show/1102234
OBS-URL: https://build.opensuse.org/package/show/devel:microos/buildkit?expand=0&rev=4
2023-08-24 16:20:49 +02:00
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Aug 02 21:37:05 UTC 2023 - elimat@opensuse.org
|
|
|
|
|
|
|
|
|
|
- Update to version 0.12.1:
|
|
|
|
|
* executor: fix resource sampler goroutine leak
|
|
|
|
|
* [v0.11] make tracing socket forward error non-fatal
|
|
|
|
|
* integration: missing env var to check feature compat
|
|
|
|
|
* test: update pinned busybox image to 1.36
|
|
|
|
|
* test: update pinned alpine image to 3.18
|
|
|
|
|
* vendor: github.com/docker/docker 8e51b8b59cb8 (master, v25.0.0-dev)
|
|
|
|
|
* executor/resource: stub out NewSysSampler on Windows
|
|
|
|
|
* vendor: github.com/docker/cli v24.0.4
|
|
|
|
|
* testutil: move CheckContainerdVersion to a separate package
|
|
|
|
|
* llbsolver: fix policy rule ordering
|
|
|
|
|
* filesync: fix backward compatibility with encoding + and %
|
|
|
|
|
* hack: allow to set GO_VERSION during tests
|
|
|
|
|
* test: always disable tls for dockerd worker
|
|
|
|
|
* buildctl: set max backoff delay to 1 second
|
|
|
|
|
* contenthash: data race
|
|
|
|
|
* filesync: escape special query characters
|
|
|
|
|
* applier: add hack to support docker zstd layers
|
|
|
|
|
* Fix various nits
|
|
|
|
|
* pullprogress data race
|
|
|
|
|
* use sampler lock instead
|
|
|
|
|
* Fix ResolveImageConfig to evaluate source policy
|
|
|
|
|
* sampler data race fix
|
|
|
|
|
* update cgroup parent test to work with cgroupns
|
|
|
|
|
* Revert "specify a `ResponseHeaderTimeout` value"
|
|
|
|
|
* oci: make sure cgroupns is enabled if supported
|
|
|
|
|
* bash lint fix
|
|
|
|
|
* rename BUILDFLAGS to GOBUILDFLAGS
|
|
|
|
|
* allow ENOTSUP for PSI cgroup files
|
|
|
|
|
* containerimage: use platform matcher to detect platform to unpack
|
|
|
|
|
* exporter: silently skip unpacking unknown reference
|
|
|
|
|
* improve error handling in ReadFile
|
|
|
|
|
* dockerfile: arg for controlling go build flags
|
|
|
|
|
* dockerfile: arg to enable go race detection
|
|
|
|
|
* Add support for health start interval
|
|
|
|
|
* Re-vendor moby/moby
|
|
|
|
|
* filesync: mark if options have been encoded to detect old versions
|
|
|
|
|
* dockerfile: heredoc should use 0644 permissions
|
|
|
|
|
* docs: update README to reference OpenTelemetry instead of OpenTracing
|
|
|
|
|
* gateway: restore original filename in ReadFile error message
|
|
|
|
|
* Dockerfile: update containerd to v1.7.2
|
|
|
|
|
* Use system.ToSlash() instead of filepath.ToSlash()
|
|
|
|
|
* Revert most changes to client/llb
|
|
|
|
|
* Remove Architecture
|
|
|
|
|
* Default to linux in client
|
|
|
|
|
* Ensure we use proper path separators
|
|
|
|
|
* Set default platform
|
|
|
|
|
* Add nil pointer check in dispatchWorkdir
|
|
|
|
|
* Remove nil pointer check and extra NormalizePath
|
|
|
|
|
* Rename variable, remove superfluous check
|
|
|
|
|
* Use current OS as a default
|
|
|
|
|
* Handle file paths base on target platform
|
|
|
|
|
* exporter: unlazy references in parallel
|
|
|
|
|
* exporter: simplify unlazy references to reduce duplication
|
|
|
|
|
* exporter: allow unpack on multi-platform images
|
|
|
|
|
* tests: add unpack to scratch export test
|
|
|
|
|
* overlay: set whiteout timestamps to 1970-01-01 (not to SOURCE_DATE_EPOCH)
|
|
|
|
|
* dockerfile: graduate `ADD --checksum=<checksum>` from labs
|
|
|
|
|
* dockerfile: graduate `ADD <git ref>` from labs
|
|
|
|
|
* dockerfile: mod-outdated target to check modules updates
|
|
|
|
|
* dockerfile: use xx in dnsname stage
|
|
|
|
|
* dockerfile: install musl-dev to fix compilation issue
|
|
|
|
|
* dockerfile: update Alpine to 3.18
|
|
|
|
|
* vendor: update fsutil to 36ef4d8
|
|
|
|
|
* export(local): split opt
|
|
|
|
|
* buildctl: Provide --wait option
|
|
|
|
|
* containerimage: support SOURCE_DATE_EPOCH for CreatedAt
|
|
|
|
|
* move flightcontrol to use generics
|
|
|
|
|
* containerimage: keep layer labels for exported images
|
|
|
|
|
* shell: start shell from cmd, not entrypoint
|
|
|
|
|
* sbom: propogate image-resolve-mode for generator image
|
|
|
|
|
* client: add extra debug to tests
|
|
|
|
|
* handle missing provenance for non-evaluated result
|
|
|
|
|
* tests: add provenance test for duplicate platform
|
|
|
|
|
* tests: add provenance test for when context directory does not exist
|
|
|
|
|
* forward: make BridgeClient public for lint
|
|
|
|
|
* gateway: enable named contexts for gateway frontend
|
|
|
|
|
* vendor: update vt100 with resize panic fix
|
|
|
|
|
* docs: dockerfile: remove "known issues" related to AuFS
|
|
|
|
|
* docs: add running instruction to CONTRIBUTING.md
|
|
|
|
|
* tests: add worker close method to interface
|
|
|
|
|
* add and check for gateway.exec.secretenv cap
|
|
|
|
|
* move Secretenv from Meta to InitMessage
|
|
|
|
|
* support passing SecretEnv to gateway containers
|
|
|
|
|
* Add comment, update from review
|
|
|
|
|
* Fix issue with digest merge (inconsistent graph state)
|
|
|
|
|
* docs: add helper commands section to CONTRIBUTING.md
|
|
|
|
|
* docs: update CONTRIBUTING.md whitespace formatting
|
|
|
|
|
* integration: fix not deleting dockerd workdir
|
|
|
|
|
* remove uses of deprecated ResolverOptions.Client
|
|
|
|
|
* filesync: fix handling non-ascii in file paths
|
|
|
|
|
* tests: add test for unicode filenames
|
|
|
|
|
* Adding more docs to client/llb
|
|
|
|
|
* Add special case for rw bind mounts
|
|
|
|
|
* vendor: github.com/docker/cli v24.0.2
|
|
|
|
|
* vendor: github.com/docker/docker v24.0.2
|
|
|
|
|
* progressui: fix index printing on partial rows
|
|
|
|
|
* gateway: wrap ExecProcessServer Send calls with a mutex
|
|
|
|
|
* resources: make maxsamples configurable
|
|
|
|
|
* llbsolver: add systemusage samples to provenance attestation
|
|
|
|
|
* resources: store sys cpu usage per step
|
|
|
|
|
* resources: add sampler for periodic stat reads
|
|
|
|
|
* resources: CNI network usage sampling support
|
|
|
|
|
* resources: add build step resource tracking via cgroups
|
|
|
|
|
* solver: lock before using actives
|
|
|
|
|
* Emulate "bind" mounts using the bind filter
|
|
|
|
|
* Fix mount layers on host
|
|
|
|
|
* llbsolver: set temporary lease in Commit context
|
|
|
|
|
* Update containerd dependency
|
|
|
|
|
* exporter: Add exptypes with Common exporter keys
|
|
|
|
|
* exporter/image/exptypes: Make strongly typed
|
|
|
|
|
* solver: move AddBuildConfig into llbsolver package
|
|
|
|
|
* tests: add test to check url format for image loaded from oci layout
|
|
|
|
|
* solver: mark locally loaded images as such
|
|
|
|
|
* solver: merge local and remote images into single list
|
|
|
|
|
* purl: allow RefToPURL to take a type parameter
|
|
|
|
|
* tests: don't use purl code to test itself
|
|
|
|
|
* Use linux as a default for inputOS
|
|
|
|
|
* Add path handling functions
|
|
|
|
|
* response to comments
|
|
|
|
|
* containerimage: Export option keys
|
|
|
|
|
* vendor: update spdx/tools-golang to v0.5.1
|
|
|
|
|
* exporter: remove non dist options from tar exporter
|
|
|
|
|
* exporter: move fs opt parsing to method
|
|
|
|
|
* tests: fixup attestation tar to not panic when file not found
|
|
|
|
|
* git: set umask without reexec
|
|
|
|
|
* add language property for sourcemap
|
|
|
|
|
* dockerfile/docs: add set -ex to heredoc #3870
|
|
|
|
|
* authprovider: fix a bug where registry-1.docker.io auth was always a cache miss
|
|
|
|
|
* response to comments
|
|
|
|
|
* tracing: fix buildx tracing delegation
|
|
|
|
|
* Update continuity and fsutil
|
|
|
|
|
* cache: add a few more fields to ref trace logs.
|
|
|
|
|
* vendor: github.com/containerd/go-runc v1.1.0
|
|
|
|
|
* provenance: fix possible empty digest access
|
|
|
|
|
* vendor: fix broken vendoring
|
|
|
|
|
* dockerfile: bump up nerdctl to v1.4.0
|
|
|
|
|
* bump nydus-snapshotter dependence to v0.8.2
|
|
|
|
|
* vendor: github.com/docker/cli v24.0.1
|
|
|
|
|
* vendor: github.com/docker/docker v24.0.1
|
|
|
|
|
* vendor: github.com/containerd/containerd v1.7.1
|
|
|
|
|
* vendor: github.com/Microsoft/hcsshim v0.10.0-rc.8
|
|
|
|
|
* vendor: github.com/Microsoft/go-winio v0.6.1
|
|
|
|
|
* vendor: golang.org/x/sys v0.7.0
|
|
|
|
|
* vendor: github.com/containerd/typeurl/v2 v2.1.1
|
|
|
|
|
* chore: bump spdx tools
|
|
|
|
|
* Fix typo in attestation-storage.md
|
|
|
|
|
* vendor: github.com/docker/cli v24.0.0
|
|
|
|
|
* vendor: github.com/docker/docker v24.0.0
|
|
|
|
|
* vendor: github.com/opencontainers/runc v1.1.7
|
|
|
|
|
* vendor: github.com/opencontainers/runtime-spec v1.1.0-rc.2
|
|
|
|
|
* vendor: github.com/klauspost/compress v1.16.3
|
|
|
|
|
* Dockerfile: CONTAINERD_VERSION=v1.7.1
|
|
|
|
|
* Dockerfile: CONTAINERD_ALT_VERSION_16=v1.6.21
|
|
|
|
|
* Dockerfile: RUNC_VERSION=v1.1.7
|
|
|
|
|
* session: avoid logging healthcheck error on canceled connection
|
|
|
|
|
* session: fix run and close synchronization
|
|
|
|
|
* testutil: update ReadImages to fallback to reading manifest
|
|
|
|
|
* Add trace logs for cache leaks.
|
|
|
|
|
* Add some doc strings for LLB functions
|
|
|
|
|
* attestations: move containerd media type warnings
|
|
|
|
|
* update generated proto files
|
|
|
|
|
* attestations: replace intoto media type with vendored const
|
|
|
|
|
* nydus: bump nydus versions in Dockerfile and doc
|
|
|
|
|
* feedback changes for moby/buildkit #2251
|
|
|
|
|
* testutil: expose underlying docker address for supported workers
|
|
|
|
|
* testutil: expose integration workers as public
|
|
|
|
|
* remove type aliases for leasemanager/contentstore
|
|
|
|
|
* llbsolver: move history blobs to a separate namespace
|
|
|
|
|
* build(deps): bump github.com/docker/distribution
|
|
|
|
|
* added import/export support for OCI compatible image manifest version of cache manifest (opt-in on export, inferred on import) moby/buildkit #2251
|
|
|
|
|
* llb: carry platform from inputs for merge/diff
|
|
|
|
|
* llb: don't include platform in fileop
|
|
|
|
|
* control: fix possible deadlock on network error
|
|
|
|
|
* exporter/containerimage: remove redundant type for var declaration
|
|
|
|
|
* Fix not to set the value on empty vertex
|
|
|
|
|
* Fix to import as digest
|
|
|
|
|
* cache: always release ref when getting size in usage.
|
|
|
|
|
* Drop unneeded variable
|
|
|
|
|
* ssh: add fallback to ensure conn is closed in all cases.
|
|
|
|
|
* vendor: github.com/opencontainers/image-spec v1.1.0-rc3
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.5
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.5
|
|
|
|
|
* nydus: update nydus-snapshotter dependency to v0.8.0
|
|
|
|
|
* progressui: fix possible zero prefix numbers in logs
|
|
|
|
|
* llbsolver: send active event only to current client
|
|
|
|
|
* llbsolver: send delete status event
|
|
|
|
|
* llbsolver: filter out records marked deleted from list responses
|
|
|
|
|
* Add Windows service support
|
|
|
|
|
* docs: fixup build repro doc with updated policy format
|
|
|
|
|
* test: use appropriate snapshotter service to walk snapshots
|
|
|
|
|
* overlay: use function to check for overlay-based mounts
|
|
|
|
|
* Update uses of Image platform fields in OCI image-spec
|
|
|
|
|
* allow setting user agent products
|
|
|
|
|
* Bump up golangci-lint to v1.52.2
|
|
|
|
|
* chore: tidy up duplicated imports
|
|
|
|
|
* solver: Release unused refs in LoadWithParents
|
|
|
|
|
* Avoid panic on parallel walking on DefinitionOp
|
|
|
|
|
* solver: skip sbom post processor if result is nil
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.4
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.4
|
|
|
|
|
* vendor: golang.org/x/time v0.3.0
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.2
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.2
|
|
|
|
|
* test: don't hang if a process doesn't run
|
|
|
|
|
* ci: put worker name first for better UX in actions
|
|
|
|
|
* go.mod: remove github.com/kr/pretty
|
|
|
|
|
* Revert "Problem: can't use anonymous S3 credentials"
|
|
|
|
|
* go.mod: bump up runc to v1.1.6
|
|
|
|
|
* go.mod: Bump up stargz-snapshotter to v0.14.3
|
|
|
|
|
* dockerfile: bump up stargz-snapshotter to v0.14.3
|
|
|
|
|
* dockerfile: bump up runc to v1.1.6
|
|
|
|
|
* buildkitd: add grpc reflection
|
|
|
|
|
* Bump up nerdctl to 1.3.0
|
|
|
|
|
* Bump up containerd 1.6.20
|
|
|
|
|
* Fix gzip decoding of HTTP sources.
|
|
|
|
|
* ci: update runner os to ubuntu 22.04
|
|
|
|
|
* Fix bearer token expiration check (fixes #3779)
|
|
|
|
|
* docs: update buildkitd.toml with new field info
|
|
|
|
|
* buildkitd: allow durations for gc config
|
|
|
|
|
* buildkitd: allow multiple units for gc config
|
|
|
|
|
* dockerui: expose context detection functions as public
|
|
|
|
|
* Prevent overflow of runc exit code.
|
|
|
|
|
* Upgrade to latest go-runc.
|
|
|
|
|
* runc worker: fix sigkill handling
|
|
|
|
|
* Dockerfile: RUNC_VERSION=v1.1.5
|
|
|
|
|
* client: add client opts to enable system certificates
|
|
|
|
|
* Make ClientOpts type safe
|
|
|
|
|
* build(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5
|
|
|
|
|
* fileop: create new fileOpSolver instance per Exec call
|
|
|
|
|
* Provide CacheManager to Controller instead of CacheKeyManager.
|
|
|
|
|
* http: ensure HEAD and GET requests have same headers
|
|
|
|
|
* docs: add auto-generated sections to buildctl.md
|
|
|
|
|
* client: allow grpc dial option passthrough
|
|
|
|
|
* cni: simplify netns creation
|
|
|
|
|
* add Bass to list of LLB languages
|
|
|
|
|
* llbsolver: fix sorting of history records
|
|
|
|
|
* llbsolver: Fix performance of recomputeDigests
|
|
|
|
|
* solve: use comparables instead of reflection in result struct
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.1
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.1
|
|
|
|
|
* client: create oci-layout file in StoreIndex
|
|
|
|
|
* ci: output annotations for failures
|
|
|
|
|
* test: set mod vendor
|
|
|
|
|
* test: use gotestsum to generate reports
|
|
|
|
|
* fix gateway exec tty cleanup on context.Canceled
|
|
|
|
|
* fix process termination handling for runc exec
|
|
|
|
|
* Register builds before recording build history
|
|
|
|
|
* docs(dockerfile): minimal Dockerfile version support for chmod
|
|
|
|
|
* Update builder.md to document newly supported --chmod features in both ADD and COPY statements.
|
|
|
|
|
* use bklog.G(ctx) instead of logrus directly
|
|
|
|
|
* integration: missing mergeDiff compat check
|
|
|
|
|
* chore: `translateLegacySolveRequest` does not need to return error checking.
|
|
|
|
|
* integration: split feature compat check for subtests
|
|
|
|
|
* integration: missing feature compat check for cache
|
|
|
|
|
* dockerfile: fix reproducible digest test for non-amd64
|
|
|
|
|
* integration: add FeatureMergeDiff compat
|
|
|
|
|
* integration: add FeatureCacheBackend* compat
|
|
|
|
|
* integration: enforce features compat through env vars
|
|
|
|
|
* ci: upstream docs conformance validation
|
|
|
|
|
* dockerfile(docs): fix liquid syntax
|
|
|
|
|
* Problem: can't use anonymous S3 credentials
|
|
|
|
|
* hack: remove build_ci_first_pass script
|
|
|
|
|
* hack: binaries and cross bake targets
|
|
|
|
|
* go.mod: update to go 1.20
|
|
|
|
|
* Dockerfile: CONTAINERD_VERSION=v1.7.0
|
|
|
|
|
* go.mod: github.com/containerd/containerd v1.7.0
|
|
|
|
|
* Add Namespace to list of buildkit users.
|
|
|
|
|
* remove buildinfo
|
|
|
|
|
* buildinfo: add BUILDKIT_BUILDINFO build arg
|
|
|
|
|
* buildinfo: mark as deprecated
|
|
|
|
|
* docs: deprecated features page
|
|
|
|
|
* rootless: guide for Bottlerocket OS (`sysctl -w user.max_user_namespaces=N`)
|
|
|
|
|
* rootless: fix up unprivileged mount opts
|
|
|
|
|
* Dockerfile: CONTAINERD_VERSION=v1.7.0-rc.3, CONTAINERD_ALT_VERSION_16=v1.6.19
|
|
|
|
|
* go.mod: github.com/containerd/containerd v1.7.0-rc.3
|
|
|
|
|
* version: add "v" prefix to version for tagging convention consistency
|
|
|
|
|
* remove context name validation from kubepod connhelper
|
|
|
|
|
* gateway: add hostname option to NewContainer API
|
|
|
|
|
* fix error message typo
|
|
|
|
|
* provenance: ensure URLs are redacted before written
|
|
|
|
|
* test/client: Close buildkit client
|
|
|
|
|
* docs: missing security policy markdown file
|
|
|
|
|
* diffapply: do chown before xattrs
|
|
|
|
|
* Add test for merge of files with capabilities.
|
|
|
|
|
* fix a possible panic on cache
|
|
|
|
|
* Update cmd/buildkitd/main_windows.go
|
|
|
|
|
* ci(validate): use bake
|
|
|
|
|
* hack: shfmt bake target
|
|
|
|
|
* hack: generated-files bake target
|
|
|
|
|
* hack: doctoc bake target
|
|
|
|
|
* hack: lint bake target
|
|
|
|
|
* hack: authors Dockerfile and bake target
|
|
|
|
|
* hack: bake definition with vendor targets
|
|
|
|
|
* Fix buildkitd panic when frontend input is nil.
|
|
|
|
|
* ci: trigger workflows on push to release branches
|
|
|
|
|
* build(deps): bump golang.org/x/net from 0.5.0 to 0.7.0
|
|
|
|
|
* ci: create GitHub Release for frontend as well
|
|
|
|
|
* ci: make release depends on image job
|
|
|
|
|
* lint: fix issues with go 1.20
|
|
|
|
|
* remove deprecated golangci-lint linters
|
|
|
|
|
* update golangci-lint to v1.51.1
|
|
|
|
|
* update to go 1.20
|
|
|
|
|
* Allow DefinitionOp to track sources
|
|
|
|
|
* specify a `ResponseHeaderTimeout` value
|
|
|
|
|
* Ensures that the primary GID is also included in the additional GIDs
|
|
|
|
|
* ci: fix missing TESTFLAGS env var in test-os workflow
|
|
|
|
|
* Dockerfile: update containerd to v1.7.0-beta.4, v1.6.18
|
|
|
|
|
* go.mod: github.com/containerd/containerd v1.7.0-beta.4
|
|
|
|
|
* ci: update softprops/action-gh-release to v0.1.15
|
|
|
|
|
* ci: remove unused vars in dockerd workflow
|
|
|
|
|
* ci: split cross job
|
|
|
|
|
* Dockerfile: remove binaries-linux-helper stage
|
|
|
|
|
* ci: rename unclear env vars
|
|
|
|
|
* readme: fix and update badges
|
|
|
|
|
* ci: rename build workflow to buildkit
|
|
|
|
|
* ci: reusable test workflow
|
|
|
|
|
* ci: move test-os to a dedicated workflow
|
|
|
|
|
* ci: move frontend integration tests and build to a dedicated workflow
|
|
|
|
|
* stargz-snapshotter: graduate from experimental
|
|
|
|
|
* Bump up stargz-snapshotter to v0.14.1
|
|
|
|
|
* set osversion in index descriptor from base image
|
|
|
|
|
* progress: solve status description
|
|
|
|
|
* ci: update buildx to latest
|
|
|
|
|
* Dockerfile: update xx to 1.2.1
|
|
|
|
|
* integration: make sure registry directory exists
|
|
|
|
|
* gha: avoid range requests with too big offset
|
|
|
|
|
* ci: merge test-nydus job in test one
|
|
|
|
|
* ci: remove branch restriction on pull request event
|
|
|
|
|
* client: add tests for layerID in comment field
|
|
|
|
|
* exporter: fix sbom supplement core detection
|
|
|
|
|
* exporter: fix supplement sboms on empty scratch layer
|
|
|
|
|
* exporter: fix file layer finder whiteout detection
|
|
|
|
|
* exporter: canonicalize sbom file paths during search
|
|
|
|
|
* Add platform tracing socket paths and mounts
|
|
|
|
|
* integration: log dockerd cmd
|
|
|
|
|
* integration: set custom flags for dockerd worker
|
|
|
|
|
* remotecache: proper exporter naming for gha, s3 and azblob
|
|
|
|
|
* remotecache: explicit names for registry and local
|
|
|
|
|
* exporter: use compression.ParseAttributes func
|
|
|
|
|
* remotecache: mutualize compression parsing attrs
|
|
|
|
|
* lex: add support for optional colon in variable expansion
|
|
|
|
|
* test: rework TestProcessWithMatches to use a matrix
|
|
|
|
|
* dockerfile: update to use dockerui pkg
|
|
|
|
|
* dockerui: separate docker frontend params to reusable package
|
|
|
|
|
* cache: add fallback for snapshotID
|
|
|
|
|
* exporter: remove wrappers for oci data types
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.0
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.0
|
|
|
|
|
* hack: do not cache some stages on release
|
|
|
|
|
* hack: do not set attest flags when exporting to docker
|
|
|
|
|
* git: override the locale to ensure consistent output
|
|
|
|
|
* fix support for empty git ref with subdir
|
|
|
|
|
* gitutil: use subtests
|
|
|
|
|
* source: more tests cases for git identifier
|
|
|
|
|
* source: use subtests cases for git identifier
|
|
|
|
|
* otel: bump dependencies to v1.11.2/v0.37.0
|
|
|
|
|
* hack: treat unset variables as an error
|
|
|
|
|
* frontend: fix typo in release script
|
|
|
|
|
* ci: create matrix for building frontend image
|
|
|
|
|
* inline cache: fix blob indexes by uncompressed digest
|
|
|
|
|
* Skip configuring cache exporter if it is nil.
|
|
|
|
|
* docs: update syntax for labs channel in examples
|
|
|
|
|
* integration: remove wrong compat condition
|
|
|
|
|
* integration: fix compat check for CNI DNS test
|
|
|
|
|
* cache: don’t link blobonly based on chainid
|
|
|
|
|
* do not mount secrets that are optional and missing from solve opts
|
|
|
|
|
* SOURCE_DATE_EPOCH: drop timezone
|
|
|
|
|
* sbom: create tmp directory for scanner image
|
|
|
|
|
* progress: keep color enabled with NO_COLOR empty
|
|
|
|
|
* hack: remove azblob_test
|
|
|
|
|
* integration: basic azblob cache test
|
|
|
|
|
* test: add proxy build args when existed
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.0-rc.3
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.0-rc.3
|
|
|
|
|
* vendor: golang.org/x/net v0.5.0
|
|
|
|
|
* vendor: golang.org/x/text v0.6.0
|
|
|
|
|
* vendor: golang.org/x/sys v0.4.0
|
|
|
|
|
* Dockerfile: CNI plugins v1.2.0
|
|
|
|
|
* Dockerfile: CONTAINERD_VERSION=v1.7.0-beta.3, CONTAINERD_ALT_VERSION_16=v1.6.16
|
|
|
|
|
* Fix tracing listener on Windows
|
|
|
|
|
* go.mod: github.com/containerd/containerd v1.7.0-beta.3
|
|
|
|
|
* control: send current timestamp header with event streams
|
|
|
|
|
* vendor: update containerd to v1.6.16-0.1709cfe273d9
|
|
|
|
|
* buildctl: add ref-file to get history record for a build
|
|
|
|
|
* client: make sure ref is configurable for the history API
|
|
|
|
|
* history: save completed steps with cache stats
|
|
|
|
|
* history: fix exporter key not being passed
|
|
|
|
|
* history: fix logs and traces are saving on canceled builds
|
|
|
|
|
* hack: add correct entrypoint to shell script
|
|
|
|
|
* ci: use moby/buildkit:latest in build action
|
|
|
|
|
* dockerfile: add testReproSourceDateEpoch
|
|
|
|
|
* Fix cache cannot reuse lazy layers
|
|
|
|
|
* Correct manifests_prefix documentation for S3 cache
|
|
|
|
|
* Use golang.org/x/sys/windows instead of syscall
|
|
|
|
|
* dockerfile: release frontend for i386 platform
|
|
|
|
|
* Add get-user-info utility
|
|
|
|
|
* optimize --dry-run flag
|
|
|
|
|
* fix(tracing): spelling of OTEL_TRACES_EXPORTER value
|
|
|
|
|
* Propagate sshforward send side connection close
|
|
|
|
|
* buildctl: add `buildctl debug histories, buildctl prune-histories`
|
|
|
|
|
* dockerfile: fix panic on warnings with multi-platform
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.0-rc.2
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.0-rc.2
|
|
|
|
|
* vendor: github.com/containerd/containerd v1.6.15
|
|
|
|
|
* cache: add registry.insecure option to registry exporter
|
|
|
|
|
* Make local cache non-lazy
|
|
|
|
|
* docs/build-repro.md: add the SOURCE_DATE_EPOCH section
|
|
|
|
|
* docs: clarified build argument example by changing the variable name
|
|
|
|
|
* azblob cache: account_name attribute
|
|
|
|
|
* docs: master -> 0.11
|
|
|
|
|
* ci: fix dockerd workflow with latest changes from moby
|
|
|
|
|
* integration: set mirrors and entitlements with dockerd worker
|
|
|
|
|
* github: update CI to buildkit version
|
|
|
|
|
* exporter: ensure spdx order prioritizes primary sbom
|
|
|
|
|
* hack: remove s3_test
|
|
|
|
|
* integration: basic s3 cache test
|
|
|
|
|
* integration: add runCmd and randomString utils
|
|
|
|
|
* integration: expose backend logs in sandbox interface
|
|
|
|
|
* azblob_test: pin busybox to avoid "Illegal instruction" error
|
|
|
|
|
* docs: add nerdctl container buildkitd address docs
|
|
|
|
|
* feat: add namespace support for nerdctl container
|
|
|
|
|
* ci: add ci to check README toc
|
|
|
|
|
* testutil: pin busybox and alpine used in releases
|
|
|
|
|
* exporter: allow configuring inline attestations for image exporters
|
|
|
|
|
* exporter: force enabling inline attestations for image export
|
|
|
|
|
* docs: change semicolons to double ampersands
|
|
|
|
|
* llbsolver: fix panic when requesting provenance on nil result
|
|
|
|
|
* vendor: update fsutil to fb43384
|
|
|
|
|
* attestation: only supplement file data for the core scan
|
|
|
|
|
* docs: add index page for attestations
|
|
|
|
|
* docs: move attestation docs to dedicated directory
|
|
|
|
|
* docs: rename slsa.md to slsa-provenance.md
|
|
|
|
|
* docs: tidy up json examples for slsa definitions
|
|
|
|
|
* docs: add cross-linking between slsa pages
|
|
|
|
|
* Flakiness in azblob test job
|
|
|
|
|
* vendor: update spdx/tools-golang to d6f58551be3f
|
|
|
|
|
* feat: add nerdctl-container support for client
|
|
|
|
|
* docs: slsa review updates
|
|
|
|
|
* docs: moved slsa definitions to a separate page
|
|
|
|
|
* docs: slsa editorial fixes
|
|
|
|
|
* docs: add filename to provenance attestation
|
|
|
|
|
* docs: update hermetic field after it was moved in implementation
|
|
|
|
|
* docs: update provenance docs
|
|
|
|
|
* docs: add slsa provenance documentation
|
|
|
|
|
* progress: fix clean context cancelling
|
|
|
|
|
* fix: updated_at -> updated-at
|
|
|
|
|
* Solve panic due to concurrent access to ExportSpans
|
|
|
|
|
* feat: allow ignoring remote cache-export error if failing
|
|
|
|
|
* add cache stats to the build history API
|
|
|
|
|
* vendor: github.com/docker/cli v23.0.0-rc.1
|
|
|
|
|
* vendor: github.com/docker/docker v23.0.0-rc.1
|
|
|
|
|
* vendor: github.com/containerd/containerd v1.6.14
|
|
|
|
|
* frontend: fix testMultiStageImplicitFrom to account for busybox changes
|
|
|
|
|
* sshforward: skip conn close on stream CloseSend.
|
|
|
|
|
* chore: update buildkitd.toml docs with mirror path example
|
|
|
|
|
* feat: handle mirror url with path
|
|
|
|
|
* provenance: fix the order of the build steps
|
|
|
|
|
* provenance: move hermetic field into a correct struct
|
|
|
|
|
* add possibility to override filename for provenance
|
|
|
|
|
* Fix typo in CapExecMountBindReadWriteNoOutput.
|
|
|
|
|
* Use SkipOutput instead of -1 for output indexes to clarify semantics.
|
|
|
|
|
* fix indentation for in-toto and traces
|
|
|
|
|
* attestation: forbid provenance attestations from frontend
|
|
|
|
|
* attestation: validate attestations before unbundling as well
|
|
|
|
|
* exporter: make attestation validation public
|
|
|
|
|
* result: change reason types to strings
|
|
|
|
|
* attestations: ignore spdx parse errors
|
|
|
|
|
* attestations: propogate metadata through unbundling
|
|
|
|
|
* gateway: add addition check to prevent content func from being forwarded
|
|
|
|
|
* ociindex: add utility method for getting a single manifest from the index
|
|
|
|
|
* ociindex: refactor to hide implementation internally
|
|
|
|
|
* cache: test gha cache exporter
|
|
|
|
|
* containerdexecutor: add network namespace callback
|
|
|
|
|
* frontend/dockerfile: BFlags.Parse(): use strings.Cut()
|
|
|
|
|
* frontend/dockerfile: parseExtraHosts(): use strings.Cut()
|
|
|
|
|
* frontend/dockerfile: parseMount() use strings.Cut(), and some minor cleanup
|
|
|
|
|
* frontend/dockerfile: move check for cache-sharing
|
|
|
|
|
* frontend/dockerfile: provide suggestions for mount share mode
|
|
|
|
|
* frontend/dockerfile: define types for enums
|
|
|
|
|
* frontend/dockerfile/shell: use strings.Equalfold
|
|
|
|
|
* frontend/dockerfile/parser: remove redundant concat
|
|
|
|
|
* frontend/dockerfile: parseBuildStageName(): pre-compile regex
|
|
|
|
|
* frontend/dockerfile: remove isSSHMountsSupported, isSecretMountsSupported
|
|
|
|
|
* docs: Enable rootless for stargz-snapshotter
|
|
|
|
|
* executor/oci: GetResolvConf(): simplify handling of resolv.conf
|
|
|
|
|
- fix rpmlint errors
|
|
|
|
|
* systemd units should not have execute permissions
|
|
|
|
|
* add missing %service_add_pre for the systemd units
|
|
|
|
|
|
2023-02-01 16:39:42 +01:00
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 31 17:50:32 UTC 2023 - Dirk Müller <dmueller@suse.com>
|
|
|
|
|
|
|
|
|
|
- update to 0.11.2:
|
|
|
|
|
* Update containerd patches to fix regression in handling push errors
|
|
|
|
|
* Multiple fixes for History API #3530
|
|
|
|
|
* Fix issue with parallel build requests using local cache imports #3493
|
|
|
|
|
* Builtin Dockerfile frontend has been updated to 1.5.1, fixing possible
|
|
|
|
|
panic in certain warning condition #3505
|
|
|
|
|
* Fix possible hang when closing down the SSH forwarding socket in v0.11.0
|
|
|
|
|
* Fix typo in an environment variable used to configure OpenTelemetry
|
|
|
|
|
endpoints #3508
|
|
|
|
|
* Builtin Dockerfile frontend has been updated to v1.5.0
|
|
|
|
|
https://github.com/moby/buildkit/releases/tag/dockerfile%2F1.5.0
|
|
|
|
|
* BuildKit and compatible frontends can now produce SBOM (Software Bill of
|
|
|
|
|
Materials) attestations for the build results to show the dependencies
|
|
|
|
|
of the build. These attestations can be added to images and locally
|
|
|
|
|
exported files. Using Dockerfiles, SBOM information can be configured to
|
|
|
|
|
be produced also based on files in intermediate build stages or build
|
|
|
|
|
context, or run processes that manually define the SBOM dependencies.
|
|
|
|
|
When exporting an image, layer mapping is also produced that allows
|
|
|
|
|
tracing a SBOM package to a specific build step. #3258 #3290 #3249 #2983
|
|
|
|
|
#3358 #3312 #3407 #3408 #3410 #3414 #3422
|
|
|
|
|
* BuildKit can now produce a Provenance attestation for the build result
|
|
|
|
|
in SLSA format. Provenance attestations describe how a build was
|
|
|
|
|
produced, and what sources/parameters were used. In addition to fields
|
|
|
|
|
part of the SLSA specification, Buildkit's provenance also exports
|
|
|
|
|
BuildKit-specific metadata like LLB steps with their source- and layer
|
|
|
|
|
mapping. Provenance attestation will capture all the build sources
|
|
|
|
|
visible to BuildKit, for example, not only the Git repository where the
|
|
|
|
|
project's source is coming from but also the digests of all the
|
|
|
|
|
container images used during the build. #3240 #3428 #3428 #3462
|
|
|
|
|
* BuildKit now supports reproducible builds by setting `SOURCE_DATE_EPOCH`
|
|
|
|
|
build argument or `source-date-epoch` exporter attribute. This
|
|
|
|
|
deterministic date will be used in image metadata instead of the current
|
|
|
|
|
time. #2918 #3262 #3152 Read documentation
|
|
|
|
|
* OCI annotations can now be set to build results exported as images or
|
|
|
|
|
OCI layouts. Annotations can be set on both image manifests and indexes,
|
|
|
|
|
as well as descriptors to them. #3283 #3061 #2975 #2879 Read
|
|
|
|
|
documentation
|
|
|
|
|
* New Build History API allows listening to events about builds starting
|
|
|
|
|
and completing, and streaming progress of active builds. New commands
|
|
|
|
|
`buildctl debug monitor`, `buildctl debug logs` and `buildctl debug get`
|
|
|
|
|
have been added to use this API. Build records also keep OpenTelemetry
|
|
|
|
|
traces, provenance attestations, and image manifests if they were
|
|
|
|
|
created by the build. #3294 #3339 #3440
|
|
|
|
|
* Build results exported with image, local or tar exporters now support
|
|
|
|
|
attestations. In addition to builtin SBOM and Provenance attestations,
|
|
|
|
|
frontends can produce custom attestations in in-toto format #3197 #3070
|
|
|
|
|
#3129 #3073 #3063 #2935 #3289 #3389 #3321 #3342 #3461 Read documentation
|
|
|
|
|
* New Source type `oci-layout://` allows builds to import images from OCI
|
|
|
|
|
directory structure on the client side. This allows using local versions
|
|
|
|
|
of the image. #3112 #3300 #3122 #3034 #2971 #2827 #3397
|
|
|
|
|
* Build requests now support sending a Source policy definition. A policy
|
|
|
|
|
can be used to deny access to specific sources (e.g. images or URLs) or
|
|
|
|
|
only allow access to specific image namespaces. Policies can also be
|
|
|
|
|
used to modify sources when they are requested by the build, for
|
|
|
|
|
example, pin a tag requested by the build to a specific digest even if
|
|
|
|
|
it has already changed in the registry. #3332
|
|
|
|
|
* New remote cache backend: Azure Blob Storage #3010
|
|
|
|
|
* New remote cache backend: S3 #2824 #3065
|
|
|
|
|
* BuildKit now supports Nydus compression type #2581
|
|
|
|
|
* OCI exporter now supports attribute `tar=false` to export OCI layout
|
|
|
|
|
into a directory instead of downloading a tarball. #3162
|
|
|
|
|
* Setting multiple cache exporters for a single build is now supported
|
|
|
|
|
#3024 #3271
|
|
|
|
|
* Cache exporters can now be configured to ignore exporting errors #3430
|
|
|
|
|
* Remote cache import/export to client-side local files now supports tag
|
|
|
|
|
parameter for scoping cache #3111
|
|
|
|
|
* CNI network namespaces are now provisioned from a pool for increased
|
|
|
|
|
performance #3107
|
|
|
|
|
* New Info service has been added to control API for asking BuildKit
|
|
|
|
|
daemon's version #2725
|
|
|
|
|
* Gateway API now has a new `Evaluate` method to control the lazy solve
|
|
|
|
|
behavior #3137
|
|
|
|
|
* Allow mounting secrets with empty contents #3081
|
|
|
|
|
* New RemoveMountStubsRecursive option has been added to LLB ExecOp to
|
|
|
|
|
control the cleanup behavior of mounts. By default, empty mount stubs
|
|
|
|
|
are now cleaned up recursively in new frontends. #3314
|
|
|
|
|
* LLB Image source now allows pulling partial layer chains from image
|
|
|
|
|
* Allow hostname to be set by network provider (K8S_POD_NAME) #3044
|
|
|
|
|
* Improve handling and logging of API health checks #2998
|
|
|
|
|
* RegistryToken auth from Docker config is now allowed as authentication
|
|
|
|
|
input #2868
|
|
|
|
|
* Image exporter with containerd worker now allows skipping adding image
|
|
|
|
|
to containerd image store with `store=false`. If not set then images
|
|
|
|
|
stored images are now guaranteed to be unlazied and unpacked. #2800
|
|
|
|
|
* `buildctl` now loads Github runtime environment when using GHA remote
|
|
|
|
|
cache #2707
|
|
|
|
|
* Support for `conflist` when configuring CNI networking #3029
|
|
|
|
|
* Platform info has been added to the build result descriptor metadata
|
|
|
|
|
* Allow sourcemaps to link single LLB vertex to multiple source locations
|
|
|
|
|
* Support for SSH connection helper #2843
|
|
|
|
|
* Empty stub paths created by mount points when build container runs are
|
|
|
|
|
now cleaned up and do not remain in the final image. #3307 #3149
|
|
|
|
|
* Improve performance on BoltDB commits #3261
|
|
|
|
|
* Indentation of some of the image manifests has been fixed to use double
|
|
|
|
|
spaces #3259
|
|
|
|
|
* Fix caching checksum error on copying files with custom UID/GID #3295
|
|
|
|
|
* Fix cases where copy operation left behind nondeterministic timestamps
|
|
|
|
|
for better support for reproducible builds #3298
|
|
|
|
|
* Fix SSH forwarding incompatibility with OpenSSH >= 8.9 #3274
|
|
|
|
|
* Stargz has been updated to v0.13.0 #3280
|
|
|
|
|
* Embedded QEMU emulators have been updated to v7.1.0 with new patches for
|
|
|
|
|
path handling. #3386
|
|
|
|
|
* Fix unpacking images with no layers #3251
|
|
|
|
|
* Fix possible nil pointer exception in LLB bridge #3233 #3169 #3066
|
|
|
|
|
* Fix cleanup of containerd tasks if a start fails #3253
|
|
|
|
|
* Fix handling Windows paths in content checksums #3227
|
|
|
|
|
* Fix possible missing newline in progress output #3072
|
|
|
|
|
* Fix possible early EOF on SSH forwarding #3431
|
|
|
|
|
* Fix possible panic in concurrent OpenTelemetry access #3058
|
|
|
|
|
* Previously deprecated old cache options have been removed #2982
|
|
|
|
|
* Daemonless script has been updated to handle already stopped process
|
|
|
|
|
#3005
|
|
|
|
|
* Fix closing session if shared by multiple clients #2995
|
|
|
|
|
* `buildctl du` command now supports JSON formatting #2992
|
|
|
|
|
* Registry push errors now show additional context #2981
|
|
|
|
|
* Improve default description of FileOp vertexes #2932
|
|
|
|
|
* Make sure progress from exporting is properly keyed on parallel requests
|
|
|
|
|
* Terminal colors are now configurable #2954
|
|
|
|
|
* Build errors now always print stacktraces to daemon logs in debug mode
|
|
|
|
|
- switch packaging to zstd
|
|
|
|
|
- include ldflags to set the version number in the binaries correctly
|
|
|
|
|
|
2021-11-24 23:54:28 +01:00
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 24 09:43:06 UTC 2021 - Richard Brown <rbrown@suse.com>
|
|
|
|
|
|
|
|
|
|
- Initial Packaging
|