diff --git a/cmd/podman/images/build.go b/cmd/podman/images/build.go index a4d6614e27..4730488342 100644 --- a/cmd/podman/images/build.go +++ b/cmd/podman/images/build.go @@ -18,6 +18,7 @@ import ( "github.com/containers/common/pkg/completion" "github.com/containers/common/pkg/config" "github.com/containers/image/v5/docker/reference" + "github.com/containers/image/v5/types" encconfig "github.com/containers/ocicrypt/config" enchelpers "github.com/containers/ocicrypt/helpers" "github.com/containers/podman/v4/cmd/podman/common" @@ -205,6 +206,24 @@ func build(cmd *cobra.Command, args []string) error { return errors.New("'--output' option is not supported in remote mode") } + if buildOpts.Network == "none" { + if cmd.Flag("dns").Changed { + return errors.New("the --dns option cannot be used with --network=none") + } + if cmd.Flag("dns-option").Changed { + return errors.New("the --dns-option option cannot be used with --network=none") + } + if cmd.Flag("dns-search").Changed { + return errors.New("the --dns-search option cannot be used with --network=none") + } + } + + if cmd.Flag("network").Changed { + if buildOpts.Network != "host" && buildOpts.Isolation == buildahDefine.IsolationChroot.String() { + return fmt.Errorf("cannot set --network other than host with --isolation %s", buildOpts.Isolation) + } + } + // Extract container files from the CLI (i.e., --file/-f) first. var containerFiles []string for _, f := range buildOpts.File { @@ -613,6 +632,9 @@ func buildFlagsWrapperToOptions(c *cobra.Command, contextDir string, flags *buil timestamp := time.Unix(flags.Timestamp, 0).UTC() opts.Timestamp = ×tamp } + if c.Flag("skip-unused-stages").Changed { + opts.SkipUnusedStages = types.NewOptionalBool(flags.SkipUnusedStages) + } return &entities.BuildOptions{BuildOptions: opts}, nil } diff --git a/docs/source/markdown/podman-build.1.md.in b/docs/source/markdown/podman-build.1.md.in index e201806e5a..e1ef13a0da 100644 --- a/docs/source/markdown/podman-build.1.md.in +++ b/docs/source/markdown/podman-build.1.md.in @@ -145,6 +145,10 @@ Limit the use of cached images to only consider images with created timestamps l For example if `--cache-ttl=1h` is specified, Buildah will only consider intermediate cache images which are created under the duration of one hour, and intermediate cache images outside this duration will be ignored. +Note: Setting `--cache-ttl=0` manually is equivalent to using `--no-cache` in the +implementation since this would effectively mean that user is not willing to use +cache at all. + #### **--cap-add**=*CAP\_xxx* When executing RUN instructions, run the command specified in the instruction @@ -564,6 +568,10 @@ as a seccomp filter Sign the image using a GPG key with the specified FINGERPRINT. (This option is not available with the remote Podman client, including Mac and Windows (excluding WSL2) machines,) +#### **--skip-unused-stages** + +Skip stages in multi-stage builds which don't affect the target stage. (Default: **true**). + #### **--squash** Squash all of the image's new layers into a single new layer; any preexisting diff --git a/pkg/api/handlers/compat/images_build.go b/pkg/api/handlers/compat/images_build.go index 2870117989..d4c8c0743a 100644 --- a/pkg/api/handlers/compat/images_build.go +++ b/pkg/api/handlers/compat/images_build.go @@ -130,6 +130,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Secrets string `schema:"secrets"` SecurityOpt string `schema:"securityopt"` ShmSize int `schema:"shmsize"` + SkipUnusedStages bool `schema:"skipunusedstages"` Squash bool `schema:"squash"` TLSVerify bool `schema:"tlsVerify"` Tags []string `schema:"t"` @@ -138,12 +139,13 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { Ulimits string `schema:"ulimits"` UnsetEnvs []string `schema:"unsetenv"` }{ - Dockerfile: "Dockerfile", - IdentityLabel: true, - Registry: "docker.io", - Rm: true, - ShmSize: 64 * 1024 * 1024, - TLSVerify: true, + Dockerfile: "Dockerfile", + IdentityLabel: true, + Registry: "docker.io", + Rm: true, + ShmSize: 64 * 1024 * 1024, + TLSVerify: true, + SkipUnusedStages: true, } decoder := r.Context().Value(api.DecoderKey).(*schema.Decoder) @@ -675,6 +677,7 @@ func BuildImage(w http.ResponseWriter, r *http.Request) { RemoveIntermediateCtrs: query.Rm, ReportWriter: reporter, RusageLogFile: query.RusageLogFile, + SkipUnusedStages: types.NewOptionalBool(query.SkipUnusedStages), Squash: query.Squash, SystemContext: systemContext, Target: query.Target, diff --git a/pkg/bindings/images/build.go b/pkg/bindings/images/build.go index 260d977a86..f8552cddb3 100644 --- a/pkg/bindings/images/build.go +++ b/pkg/bindings/images/build.go @@ -233,6 +233,14 @@ func Build(ctx context.Context, containerFiles []string, options entities.BuildO if options.CacheFrom != nil { params.Set("cachefrom", options.CacheFrom.String()) } + + switch options.SkipUnusedStages { + case types.OptionalBoolTrue: + params.Set("skipunusedstages", "1") + case types.OptionalBoolFalse: + params.Set("skipunusedstages", "0") + } + if options.CacheTo != nil { params.Set("cacheto", options.CacheTo.String()) } diff --git a/test/buildah-bud/apply-podman-deltas b/test/buildah-bud/apply-podman-deltas index 999f36bf97..1ab4093592 100755 --- a/test/buildah-bud/apply-podman-deltas +++ b/test/buildah-bud/apply-podman-deltas @@ -70,7 +70,10 @@ function _skip() { for t in "$@"; do if fgrep -qx "@test \"$t\" {" $BUD; then $ECHO "@test \"$t\" : $skip \"$reason\"" + # Escape slash in test name, 'custom files in /run/' t=${t//\//\\/} + # Escape star in test name, 'bud with --dns* flags' + t=${t//\*/\\\*} sed -i -e "/^\@test \"$t\" {/ a \ \ $skip \"$reason\"" $BUD else warn "[$skip] Did not find test \"$t\" in $BUD" diff --git a/test/system/070-build.bats b/test/system/070-build.bats index 87979483e0..b392fd8e94 100644 --- a/test/system/070-build.bats +++ b/test/system/070-build.bats @@ -246,7 +246,7 @@ EOF # Now test COPY. That should fail. sed -i -e 's/ADD/COPY/' $tmpdir/Dockerfile run_podman 125 build -t copy_url $tmpdir - is "$output" ".*error building at STEP .*: source can't be a URL for COPY" + is "$output" ".* building at STEP .*: source can't be a URL for COPY" } @@ -853,7 +853,7 @@ EOF run_podman 125 build -t build_test --pull-never $tmpdir is "$output" \ - ".*Error: error creating build container: quay.io/libpod/nosuchimage:nosuchtag: image not known" \ + ".*Error: creating build container: quay.io/libpod/nosuchimage:nosuchtag: image not known" \ "--pull-never fails with expected error message" } @@ -988,7 +988,7 @@ COPY ./ ./ COPY subdir ./ EOF run_podman 125 build -t build_test $tmpdir - is "$output" ".*Error: error building at STEP \"COPY subdir ./\"" ".dockerignore was ignored" + is "$output" ".*Error: building at STEP \"COPY subdir ./\"" ".dockerignore was ignored" } @test "podman build .containerignore and .dockerignore test" {