Driver client meta #1
Draft
+4,801
−5,422
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This attempts to make it clearer that the --cgroup-parent option is only used for the containers used during build. Instead of mentioning "build container", I opted for using "RUN instructions" (to match the --network description), although this may not be ideal (as it assumes the "Dockerfile" front-end, which of course may not be the case). Signed-off-by: Sebastiaan van Stijn <[email protected]>
Signed-off-by: Justin Chadwell <[email protected]>
tonistiigi
commented
Aug 22, 2023
driver/kubernetes/driver.go
Outdated
| if td, ok := exp.(client.TracerDelegate); ok { | ||
| opts = append(opts, client.WithTracerDelegate(td)) | ||
| } | ||
|
|
||
| if d.Meta != nil { | ||
| opts = append(opts, client.WithGRPCDialOption(grpc.WithChainUnaryInterceptor(func(ctx context.Context, method string, req, reply interface{}, cc *grpc.ClientConn, invoker grpc.UnaryInvoker, opts ...grpc.CallOption) error { |
There was a problem hiding this comment.
Why do we need this part?
There was a problem hiding this comment.
Wanted to be consistent for each driver and not just docker
There was a problem hiding this comment.
For other drivers this would be grpc headers so it is not the same. This is not configuring headers for the buildkit but only for the driver. And I don't think there is anything comparable in other drivers.
If anything, this is sort of like endpoint configuration.
| @@ -52,7 +52,7 @@ func (d *Driver) Rm(ctx context.Context, force, rmVolume, rmDaemon bool) error { | |||
|
|
|||
| func (d *Driver) Client(ctx context.Context) (*client.Client, error) { | |||
There was a problem hiding this comment.
Could we just add it as dial options property on Client instead of property of driver.
There was a problem hiding this comment.
Done and https://github.com/docker/desktop-build/pull/312 updated
crazy-max
force-pushed
the
driver-client-meta
branch
from
83e7c98
to
4466a1f
Compare
update flag-description for --cgroup-parent
Signed-off-by: CrazyMax <[email protected]>
test: fix non-deterministic compose context path
tests: add imagetools tests for copying manifests and indexes
crazy-max
force-pushed
the
driver-client-meta
branch
from
4466a1f
to
905bee4
Compare
Signed-off-by: Justin Chadwell <[email protected]>
Signed-off-by: Kohei Tokunaga <[email protected]>
debug: fix short-form custom command name on `--invoke` isn't used
Signed-off-by: guoguangwu <[email protected]>
chore: slice loop replace
update the dependency to v0.7.0 to be closer to what docker/cli uses; notaryproject/notary@v0.6.1...v0.7.0 Note that docker/cli is slightly ahead of v0.7.0, and uses bf96a202a09a; notaryproject/notary@v0.7.0...bf96a20 Signed-off-by: Sebastiaan van Stijn <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
…actions/checkout-4 build(deps): bump actions/checkout from 3 to 4
Signed-off-by: Tonis Tiigi <[email protected]>
vendor: github.com/theupdateframework/notary v0.7.0
- Parse service device count to int if possible - introduce ResourceResolver to accept remote resources - use include.env_file to resolve variables in included compose.yaml file - remove potential dependencies to disabled services in ForServices - ability to convert a mapping (back) to KEY=VALUE strings - load: include details about included files on Project - include disabled services - local environment to override included .env - load: move env var profile detection to option - add support for multi-document yaml full diff: compose-spec/compose-go@v1.17.0...v1.18.3 Signed-off-by: Sebastiaan van Stijn <[email protected]>
The "reference" package was moved to a separate module, which was extracted from distribution/distribution@b9b1940 Also update compose-go, which also switched to distribution/reference; full diff: compose-spec/compose-go@v1.18.3...v1.18.4 Signed-off-by: Sebastiaan van Stijn <[email protected]>
migrate reference github.com/distribution/reference
Signed-off-by: Kijima Daigo <[email protected]>
docs: remove broken link
go1.20.8 (released 2023-09-06) includes two security fixes to the html/template package, as well as bug fixes to the compiler, the go command, the runtime, and the crypto/tls, go/types, net/http, and path/filepath packages. See the Go 1.20.8 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.20.8+label%3ACherryPickApproved full diff: golang/go@go1.20.7...go1.20.8 From the security mailing: [security] Go 1.21.1 and Go 1.20.8 are released Hello gophers, We have just released Go versions 1.21.1 and 1.20.8, minor point releases. These minor releases include 4 security fixes following the security policy: - cmd/go: go.mod toolchain directive allows arbitrary execution The go.mod toolchain directive, introduced in Go 1.21, could be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software. Thanks to Juho Nurminen of Mattermost for reporting this issue. This is CVE-2023-39320 and Go issue https://go.dev/issue/62198. - html/template: improper handling of HTML-like comments within script contexts The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack. Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this issue. This is CVE-2023-39318 and Go issue https://go.dev/issue/62196. - html/template: improper handling of special tags within script contexts The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack. Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this issue. This is CVE-2023-39319 and Go issue https://go.dev/issue/62197. - crypto/tls: panic when processing post-handshake message on QUIC connections Processing an incomplete post-handshake message for a QUIC connection caused a panic. Thanks to Marten Seemann for reporting this issue. This is CVE-2023-39321 and CVE-2023-39322 and Go issue https://go.dev/issue/62266. Signed-off-by: Sebastiaan van Stijn <[email protected]>
Signed-off-by: Justin Chadwell <[email protected]>
Signed-off-by: Justin Chadwell <[email protected]>
update to go1.20.8
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
build: support local state group
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
commands: release the file lock before attempting to boot during create
builder: set node worker ids
vendor: update compose-go to v1.19.0
This will allow further enhancement like caching remote driver responses. Signed-off-by: Silvin Lubecki <[email protected]>
crazy-max
force-pushed
the
driver-client-meta
branch
2 times, most recently
from
be1f292
to
417dbf8
Compare
(drivers): Introduce a client interface
This reverts commit 2aa6d52. Signed-off-by: Silvin Lubecki <[email protected]>
Revert "Introduce a client interface, to abstract from buildkit client."
crazy-max
force-pushed
the
driver-client-meta
branch
4 times, most recently
from
cc8d86b
to
c459ae0
Compare
Adds a new HostGatewayIP entry in the Driver interface so we can move Features and HostGatewayIP handling with cache to the very specific driver (docker). Signed-off-by: CrazyMax <[email protected]>
Signed-off-by: CrazyMax <[email protected]>
crazy-max
force-pushed
the
driver-client-meta
branch
from
c459ae0
to
cef117b
Compare
Signed-off-by: CrazyMax <[email protected]>
crazy-max
force-pushed
the
driver-client-meta
branch
from
cef117b
to
511e413
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.