[v0.10][Moby LTS] Backport 4600 4602 4603 4604 #4642
Closed
Commits on Feb 16, 2024
-
Move container.go to a separate module
Signed-off-by: Andrey Epifanov <[email protected]>
-
gateway: pass executor with build and not access worker directly
Running interactive container APIs was done by giving the gateway implementation access to worker controller directly, but it should be passed with a build job instead. Signed-off-by: Tonis Tiigi <[email protected]> (cherry picked from commit 0971dffaab93d91e51af984b44c745b35b3c5b4d) (cherry picked from commit 564f884e7bb6db9c63e03c3b081ea71e15aa7980) (cherry picked from commit 5026d95) Signed-off-by: Andrey Epifanov <[email protected]> `bridgeClient` is made exported since exported func LLBBridgeToGatewayClient should have exported-return Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # executor/executor.go # frontend/gateway/container/container.go # frontend/gateway/forwarder/forward.go # frontend/gateway/forwarder/frontend.go # frontend/gateway/gateway.go # solver/llbsolver/bridge.go # solver/llbsolver/provenance.go # solver/llbsolver/solver.go # worker/workercontroller.go
-
llbsolver: make sure interactive container API validates entitlements
Ensure interactive calls validate same conditions that the build requests do. Refactor of the build side is to ensure we use the same validation function for both cases. There was no validation issue with the LLB validation. Signed-off-by: Tonis Tiigi <[email protected]> (cherry picked from commit d1970522d7145be5f4a1f1a028b1910bb527126c) (cherry picked from commit e1e30278d0a491dfd34bd80fa66b54106614cffa) (cherry picked from commit 92cc595) Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # client/build_test.go # solver/llbsolver/bridge.go
-
MountStubsCleaner: preserve timestamps
Fix issue 3148 Signed-off-by: Akihiro Suda <[email protected]> (cherry picked from commit 0b5a315) Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # client/client_test.go
-
executor: stubs cleaner should remove empty directory mounts
On Linux, an empty directory is usually 4096 bytes, not 0, so we need an additional explicit check here. Signed-off-by: Justin Chadwell <[email protected]> (cherry picked from commit 6778973) Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # client/client_test.go
-
chore: tidy atime_unix.go to use errors pkg
Signed-off-by: Justin Chadwell <[email protected]> (cherry picked from commit 32b5e4d)
-
executor: recheck mount stub path within root after container run
Signed-off-by: Tonis Tiigi <[email protected]> (cherry picked from commit 96ccaec09c51176a6d954fd7c4ce57d519bae1b2) (cherry picked from commit a9523c6476f39bb44dd02bcab19e8cb25c5bc37b) (cherry picked from commit 00fe637) Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # executor/stubs.go
-
oci: fix error handling on submount calls
Signed-off-by: Tonis Tiigi <[email protected]> (cherry picked from commit 42d866e) (cherry picked from commit e81066f8a8623dc876f3d64fae8f693c17ecdc1a) (cherry picked from commit d089e0b)
-
exec: add extra validation for submount sources
While submount paths were already validated there are some cases where the parent mount may not be immutable while the submount is created. Signed-off-by: Tonis Tiigi <[email protected]> (cherry picked from commit 2529ec4121bcd8c35bcd96218083da175c2e5b77) (cherry picked from commit cbc233b3b695918d92fd5b1407b829296c53db70) (cherry picked from commit f781267) Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # executor/oci/spec.go # executor/oci/spec_windows.go # snapshot/localmounter_unix.go
-
Signed-off-by: Tonis Tiigi <[email protected]> (cherry picked from commit bac3f2b) Signed-off-by: Andrey Epifanov <[email protected]> # Conflicts: # Dockerfile
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.