Skip to content

Commit

Permalink
Merge pull request #3446 from jedevc/sbom-image-resolve-mode
Browse files Browse the repository at this point in the history
Propogate image-resolve-mode for SBOM generator image
  • Loading branch information
tonistiigi authored Jun 28, 2023
2 parents 45e8c8e + a609d2e commit 12070ca
Show file tree
Hide file tree
Showing 4 changed files with 17 additions and 7 deletions.
10 changes: 8 additions & 2 deletions control/control.go
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ import (
apitypes "github.com/moby/buildkit/api/types"
"github.com/moby/buildkit/cache/remotecache"
"github.com/moby/buildkit/client"
"github.com/moby/buildkit/client/llb"
"github.com/moby/buildkit/cmd/buildkitd/config"
controlgateway "github.com/moby/buildkit/control/gateway"
"github.com/moby/buildkit/exporter"
Expand Down Expand Up @@ -414,14 +415,19 @@ func (c *Controller) Solve(ctx context.Context, req *controlapi.SolveRequest) (*
if err != nil {
return nil, errors.Wrapf(err, "failed to parse sbom generator %s", src)
}
ref = reference.TagNameOnly(ref)

useCache := true
if v, ok := req.FrontendAttrs["no-cache"]; ok && v == "" {
// disable cache if cache is disabled for all stages
useCache = false
}
ref = reference.TagNameOnly(ref)
procs = append(procs, proc.SBOMProcessor(ref.String(), useCache))
resolveMode := llb.ResolveModeDefault.String()
if v, ok := req.FrontendAttrs["image-resolve-mode"]; ok {
resolveMode = v
}

procs = append(procs, proc.SBOMProcessor(ref.String(), useCache, resolveMode))
}

if attrs, ok := attests["provenance"]; ok {
Expand Down
4 changes: 2 additions & 2 deletions frontend/attestations/sbom/sbom.go
Original file line number Diff line number Diff line change
Expand Up @@ -33,12 +33,12 @@ const (
// attestation.
type Scanner func(ctx context.Context, name string, ref llb.State, extras map[string]llb.State, opts ...llb.ConstraintsOpt) (result.Attestation[*llb.State], error)

func CreateSBOMScanner(ctx context.Context, resolver llb.ImageMetaResolver, scanner string) (Scanner, error) {
func CreateSBOMScanner(ctx context.Context, resolver llb.ImageMetaResolver, scanner string, resolveOpt llb.ResolveImageConfigOpt) (Scanner, error) {
if scanner == "" {
return nil, nil
}

_, dt, err := resolver.ResolveImageConfig(ctx, scanner, llb.ResolveImageConfigOpt{})
_, dt, err := resolver.ResolveImageConfig(ctx, scanner, resolveOpt)
if err != nil {
return nil, err
}
Expand Down
4 changes: 3 additions & 1 deletion frontend/dockerfile/builder/build.go
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,9 @@ func Build(ctx context.Context, c client.Client) (_ *client.Result, err error) {

var scanner sbom.Scanner
if bc.SBOM != nil {
scanner, err = sbom.CreateSBOMScanner(ctx, c, bc.SBOM.Generator)
scanner, err = sbom.CreateSBOMScanner(ctx, c, bc.SBOM.Generator, llb.ResolveImageConfigOpt{
ResolveMode: opts["image-resolve-mode"],
})
if err != nil {
return nil, err
}
Expand Down
6 changes: 4 additions & 2 deletions solver/llbsolver/proc/sbom.go
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ import (
"github.com/pkg/errors"
)

func SBOMProcessor(scannerRef string, useCache bool) llbsolver.Processor {
func SBOMProcessor(scannerRef string, useCache bool, resolveMode string) llbsolver.Processor {
return func(ctx context.Context, res *llbsolver.Result, s *llbsolver.Solver, j *solver.Job, usage *resources.SysSampler) (*llbsolver.Result, error) {
// skip sbom generation if we already have an sbom
if sbom.HasSBOM(res.Result) {
Expand All @@ -26,7 +26,9 @@ func SBOMProcessor(scannerRef string, useCache bool) llbsolver.Processor {
return nil, err
}

scanner, err := sbom.CreateSBOMScanner(ctx, s.Bridge(j), scannerRef)
scanner, err := sbom.CreateSBOMScanner(ctx, s.Bridge(j), scannerRef, llb.ResolveImageConfigOpt{
ResolveMode: resolveMode,
})
if err != nil {
return nil, err
}
Expand Down

0 comments on commit 12070ca

Please sign in to comment.