bump github.com/moby/buildkit to v0.13.0 (#351)

* bump github.com/moby/buildkit to v0.13.0 Signed-off-by: Nianyu Shen <nianyu@spectrocloud.com> * fix: update dep usage based on newer version Signed-off-by: Nianyu Shen <nianyu@spectrocloud.com> * remove empty line Signed-off-by: Nianyu Shen <nianyu@spectrocloud.com> * ci: bump golang to 1.21.x * Bump moby * debug --------- Signed-off-by: Nianyu Shen <nianyu@spectrocloud.com> Co-authored-by: Nianyu Shen <nianyu@spectrocloud.com>
2025-09-26 07:04:27 +00:00 · 2024-03-15 09:26:32 +01:00
parent c47bf4833a
commit 4c788ccbd1
1779 changed files with 127547 additions and 71408 deletions
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/image.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/image.go
@@ -18,7 +18,6 @@ import (
 	"bytes"
 	"encoding/json"
 	"errors"
-	"strings"

 	v1 "github.com/google/go-containerregistry/pkg/v1"
 	"github.com/google/go-containerregistry/pkg/v1/partial"
@@ -38,6 +37,7 @@ type image struct {
 	configMediaType *types.MediaType
 	diffIDMap       map[v1.Hash]v1.Layer
 	digestMap       map[v1.Hash]v1.Layer
+	subject         *v1.Descriptor
 }

 var _ v1.Image = (*image)(nil)
@@ -141,14 +141,8 @@ func (i *image) compute() error {
 		manifest.Config.MediaType = *i.configMediaType
 	}

-	// With OCI media types, this should not be set, see discussion:
-	// https://github.com/opencontainers/image-spec/pull/795
 	if i.mediaType != nil {
-		if strings.Contains(string(*i.mediaType), types.OCIVendorPrefix) {
-			manifest.MediaType = ""
-		} else if strings.Contains(string(*i.mediaType), types.DockerVendorPrefix) {
-			manifest.MediaType = *i.mediaType
-		}
+		manifest.MediaType = *i.mediaType
 	}

 	if i.annotations != nil {
@@ -160,6 +154,7 @@ func (i *image) compute() error {
 			manifest.Annotations[k] = v
 		}
 	}
+	manifest.Subject = i.subject

 	i.configFile = configFile
 	i.manifest = manifest
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/index.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/index.go
@@ -17,7 +17,6 @@ package mutate
 import (
 	"encoding/json"
 	"fmt"
-	"strings"

 	"github.com/google/go-containerregistry/pkg/logs"
 	v1 "github.com/google/go-containerregistry/pkg/v1"
@@ -71,6 +70,7 @@ type index struct {
 	imageMap    map[v1.Hash]v1.Image
 	indexMap    map[v1.Hash]v1.ImageIndex
 	layerMap    map[v1.Hash]v1.Layer
+	subject     *v1.Descriptor
 }

 var _ v1.ImageIndex = (*index)(nil)
@@ -131,14 +131,8 @@ func (i *index) compute() error {

 	manifest.Manifests = manifests

-	// With OCI media types, this should not be set, see discussion:
-	// https://github.com/opencontainers/image-spec/pull/795
 	if i.mediaType != nil {
-		if strings.Contains(string(*i.mediaType), types.OCIVendorPrefix) {
-			manifest.MediaType = ""
-		} else if strings.Contains(string(*i.mediaType), types.DockerVendorPrefix) {
-			manifest.MediaType = *i.mediaType
-		}
+		manifest.MediaType = *i.mediaType
 	}

 	if i.annotations != nil {
@@ -149,6 +143,7 @@ func (i *index) compute() error {
 			manifest.Annotations[k] = v
 		}
 	}
+	manifest.Subject = i.subject

 	i.manifest = manifest
 	i.computed = true
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/mutate.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/mutate/mutate.go
@@ -21,7 +21,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"path/filepath"
 	"strings"
 	"time"
@@ -116,9 +115,33 @@ func Config(base v1.Image, cfg v1.Config) (v1.Image, error) {
 	return ConfigFile(base, cf)
 }

-// Annotatable represents a manifest that can carry annotations.
-type Annotatable interface {
-	partial.WithRawManifest
+// Subject mutates the subject on an image or index manifest.
+//
+// The input is expected to be a v1.Image or v1.ImageIndex, and
+// returns the same type. You can type-assert the result like so:
+//
+//	img := Subject(empty.Image, subj).(v1.Image)
+//
+// Or for an index:
+//
+//	idx := Subject(empty.Index, subj).(v1.ImageIndex)
+//
+// If the input is not an Image or ImageIndex, the result will
+// attempt to lazily annotate the raw manifest.
+func Subject(f partial.WithRawManifest, subject v1.Descriptor) partial.WithRawManifest {
+	if img, ok := f.(v1.Image); ok {
+		return &image{
+			base:    img,
+			subject: &subject,
+		}
+	}
+	if idx, ok := f.(v1.ImageIndex); ok {
+		return &index{
+			base:    idx,
+			subject: &subject,
+		}
+	}
+	return arbitraryRawManifest{a: f, subject: &subject}
 }

 // Annotations mutates the annotations on an annotatable image or index manifest.
@@ -126,19 +149,19 @@ type Annotatable interface {
 // The annotatable input is expected to be a v1.Image or v1.ImageIndex, and
 // returns the same type. You can type-assert the result like so:
 //
-//     img := Annotations(empty.Image, map[string]string{
-//         "foo": "bar",
-//     }).(v1.Image)
+//	img := Annotations(empty.Image, map[string]string{
+//	    "foo": "bar",
+//	}).(v1.Image)
 //
 // Or for an index:
 //
-//     idx := Annotations(empty.Index, map[string]string{
-//         "foo": "bar",
-//     }).(v1.ImageIndex)
+//	idx := Annotations(empty.Index, map[string]string{
+//	    "foo": "bar",
+//	}).(v1.ImageIndex)
 //
 // If the input Annotatable is not an Image or ImageIndex, the result will
 // attempt to lazily annotate the raw manifest.
-func Annotations(f Annotatable, anns map[string]string) Annotatable {
+func Annotations(f partial.WithRawManifest, anns map[string]string) partial.WithRawManifest {
 	if img, ok := f.(v1.Image); ok {
 		return &image{
 			base:        img,
@@ -151,12 +174,13 @@ func Annotations(f Annotatable, anns map[string]string) Annotatable {
 			annotations: anns,
 		}
 	}
-	return arbitraryRawManifest{f, anns}
+	return arbitraryRawManifest{a: f, anns: anns}
 }

 type arbitraryRawManifest struct {
-	a    Annotatable
-	anns map[string]string
+	a       partial.WithRawManifest
+	anns    map[string]string
+	subject *v1.Descriptor
 }

 func (a arbitraryRawManifest) RawManifest() ([]byte, error) {
@@ -164,7 +188,7 @@ func (a arbitraryRawManifest) RawManifest() ([]byte, error) {
 	if err != nil {
 		return nil, err
 	}
-	var m map[string]interface{}
+	var m map[string]any
 	if err := json.Unmarshal(b, &m); err != nil {
 		return nil, err
 	}
@@ -179,6 +203,9 @@ func (a arbitraryRawManifest) RawManifest() ([]byte, error) {
 	} else {
 		m["annotations"] = a.anns
 	}
+	if a.subject != nil {
+		m["subject"] = a.subject
+	}
 	return json.Marshal(m)
 }

@@ -244,6 +271,7 @@ func extract(img v1.Image, w io.Writer) error {
 	if err != nil {
 		return fmt.Errorf("retrieving image layers: %w", err)
 	}
+
 	// we iterate through the layers in reverse order because it makes handling
 	// whiteout layers more efficient, since we can just keep track of the removed
 	// files as we see .wh. layers and ignore those in previous layers.
@@ -267,6 +295,10 @@ func extract(img v1.Image, w io.Writer) error {
 			// Some tools prepend everything with "./", so if we don't Clean the
 			// name, we may have duplicate entries, which angers tar-split.
 			header.Name = filepath.Clean(header.Name)
+			// force PAX format to remove Name/Linkname length limit of 100 characters
+			// required by USTAR and to not depend on internal tar package guess which
+			// prefers USTAR over PAX
+			header.Format = tar.FormatPAX

 			basename := filepath.Base(header.Name)
 			dirname := filepath.Dir(header.Name)
@@ -297,9 +329,11 @@ func extract(img v1.Image, w io.Writer) error {
 			// any entries with a matching (or child) name
 			fileMap[name] = tombstone || !(header.Typeflag == tar.TypeDir)
 			if !tombstone {
-				tarWriter.WriteHeader(header)
+				if err := tarWriter.WriteHeader(header); err != nil {
+					return err
+				}
 				if header.Size > 0 {
-					if _, err := io.Copy(tarWriter, tarReader); err != nil {
+					if _, err := io.CopyN(tarWriter, tarReader, header.Size); err != nil {
 						return err
 					}
 				}
@@ -326,6 +360,13 @@ func inWhiteoutDir(fileMap map[string]bool, file string) bool {
 	return false
 }

+func max(a, b int) int {
+	if a > b {
+		return a
+	}
+	return b
+}
+
 // Time sets all timestamps in an image to the given timestamp.
 func Time(img v1.Image, t time.Time) (v1.Image, error) {
 	newImage := empty.Image
@@ -335,26 +376,45 @@ func Time(img v1.Image, t time.Time) (v1.Image, error) {
 		return nil, fmt.Errorf("getting image layers: %w", err)
 	}

-	// Strip away all timestamps from layers
-	newLayers := make([]v1.Layer, len(layers))
-	for idx, layer := range layers {
-		newLayer, err := layerTime(layer, t)
-		if err != nil {
-			return nil, fmt.Errorf("setting layer times: %w", err)
-		}
-		newLayers[idx] = newLayer
-	}
-
-	newImage, err = AppendLayers(newImage, newLayers...)
-	if err != nil {
-		return nil, fmt.Errorf("appending layers: %w", err)
-	}
-
 	ocf, err := img.ConfigFile()
 	if err != nil {
 		return nil, fmt.Errorf("getting original config file: %w", err)
 	}

+	addendums := make([]Addendum, max(len(ocf.History), len(layers)))
+	var historyIdx, addendumIdx int
+	for layerIdx := 0; layerIdx < len(layers); addendumIdx, layerIdx = addendumIdx+1, layerIdx+1 {
+		newLayer, err := layerTime(layers[layerIdx], t)
+		if err != nil {
+			return nil, fmt.Errorf("setting layer times: %w", err)
+		}
+
+		// try to search for the history entry that corresponds to this layer
+		for ; historyIdx < len(ocf.History); historyIdx++ {
+			addendums[addendumIdx].History = ocf.History[historyIdx]
+			// if it's an EmptyLayer, do not set the Layer and have the Addendum with just the History
+			// and move on to the next History entry
+			if ocf.History[historyIdx].EmptyLayer {
+				addendumIdx++
+				continue
+			}
+			// otherwise, we can exit from the cycle
+			historyIdx++
+			break
+		}
+		addendums[addendumIdx].Layer = newLayer
+	}
+
+	// add all leftover History entries
+	for ; historyIdx < len(ocf.History); historyIdx, addendumIdx = historyIdx+1, addendumIdx+1 {
+		addendums[addendumIdx].History = ocf.History[historyIdx]
+	}
+
+	newImage, err = Append(newImage, addendums...)
+	if err != nil {
+		return nil, fmt.Errorf("appending layers: %w", err)
+	}
+
 	cf, err := newImage.ConfigFile()
 	if err != nil {
 		return nil, fmt.Errorf("setting config file: %w", err)
@@ -377,6 +437,7 @@ func Time(img v1.Image, t time.Time) (v1.Image, error) {
 		h.Comment = ocf.History[i].Comment
 		h.EmptyLayer = ocf.History[i].EmptyLayer
 		// Explicitly ignore Author field; which hinders reproducibility
+		h.Author = ""
 		cfg.History[i] = h
 	}

@@ -404,12 +465,20 @@ func layerTime(layer v1.Layer, t time.Time) (v1.Layer, error) {
 		}

 		header.ModTime = t
+
+		//PAX and GNU Format support additional timestamps in the header
+		if header.Format == tar.FormatPAX || header.Format == tar.FormatGNU {
+			header.AccessTime = t
+			header.ChangeTime = t
+		}
+
 		if err := tarWriter.WriteHeader(header); err != nil {
 			return nil, fmt.Errorf("writing tar header: %w", err)
 		}

 		if header.Typeflag == tar.TypeReg {
-			if _, err = io.Copy(tarWriter, tarReader); err != nil {
+			// TODO(#1168): This should be lazy, and not buffer the entire layer contents.
+			if _, err = io.CopyN(tarWriter, tarReader, header.Size); err != nil {
 				return nil, fmt.Errorf("writing layer file: %w", err)
 			}
 		}
@@ -422,7 +491,7 @@ func layerTime(layer v1.Layer, t time.Time) (v1.Layer, error) {
 	b := w.Bytes()
 	// gzip the contents, then create the layer
 	opener := func() (io.ReadCloser, error) {
-		return gzip.ReadCloser(ioutil.NopCloser(bytes.NewReader(b))), nil
+		return gzip.ReadCloser(io.NopCloser(bytes.NewReader(b))), nil
 	}
 	layer, err = tarball.LayerFromOpener(opener)
 	if err != nil {
@@ -466,6 +535,8 @@ func MediaType(img v1.Image, mt types.MediaType) v1.Image {
 }

 // ConfigMediaType modifies the MediaType() of the given image's Config.
+//
+// If !mt.IsConfig(), this will be the image's artifactType in any indexes it's a part of.
 func ConfigMediaType(img v1.Image, mt types.MediaType) v1.Image {
 	return &image{
 		base:            img,