From 7f4cac6f5072c8dae52c87c04ac4becbe0ad32d8 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Sat, 10 Feb 2024 15:13:09 +0100 Subject: [PATCH] exporter: use docker-spec instead of locally defined types The Docker image specification (which extends the OCi types with additional fields) was moved to a separate module, so we can now use those definitions as a central place to define these types. Signed-off-by: Sebastiaan van Stijn --- exporter/containerimage/image/docker_image.go | 50 +---- frontend/dockerfile/builder/build.go | 4 +- frontend/dockerfile/dockerfile2llb/convert.go | 20 +- frontend/dockerfile/dockerfile2llb/image.go | 8 +- frontend/dockerui/build.go | 4 +- frontend/dockerui/config.go | 4 +- frontend/dockerui/namedcontext.go | 12 +- frontend/gateway/gateway.go | 4 +- go.mod | 1 + go.sum | 2 + util/imageutil/schema1.go | 4 +- .../github.com/moby/docker-image-spec/LICENSE | 201 ++++++++++++++++++ .../docker-image-spec/specs-go/v1/image.go | 54 +++++ vendor/modules.txt | 3 + 14 files changed, 301 insertions(+), 70 deletions(-) create mode 100644 vendor/github.com/moby/docker-image-spec/LICENSE create mode 100644 vendor/github.com/moby/docker-image-spec/specs-go/v1/image.go diff --git a/exporter/containerimage/image/docker_image.go b/exporter/containerimage/image/docker_image.go index 92f8e7783b15..72ecc8a5ce07 100644 --- a/exporter/containerimage/image/docker_image.go +++ b/exporter/containerimage/image/docker_image.go @@ -1,49 +1,19 @@ package image -import ( - "time" - - "github.com/docker/docker/api/types/strslice" - ocispecs "github.com/opencontainers/image-spec/specs-go/v1" -) +import v1 "github.com/moby/docker-image-spec/specs-go/v1" // HealthConfig holds configuration settings for the HEALTHCHECK feature. -type HealthConfig struct { - // Test is the test to perform to check that the container is healthy. - // An empty slice means to inherit the default. - // The options are: - // {} : inherit healthcheck - // {"NONE"} : disable healthcheck - // {"CMD", args...} : exec arguments directly - // {"CMD-SHELL", command} : run command with system's default shell - Test []string `json:",omitempty"` - - // Zero means to inherit. Durations are expressed as integer nanoseconds. - Interval time.Duration `json:",omitempty"` // Interval is the time to wait between checks. - Timeout time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung. - StartPeriod time.Duration `json:",omitempty"` // The start period for the container to initialize before the retries starts to count down. - StartInterval time.Duration `json:",omitempty"` // StartInterval is the time to wait between checks during the start period. - - // Retries is the number of consecutive failures needed to consider a container as unhealthy. - // Zero means inherit. - Retries int `json:",omitempty"` -} +// +// Deprecated: use [v1.HealthcheckConfig]. +type HealthConfig = v1.HealthcheckConfig // ImageConfig is a docker compatible config for an image -type ImageConfig struct { - ocispecs.ImageConfig - - Healthcheck *HealthConfig `json:",omitempty"` // Healthcheck describes how to check the container is healthy - - OnBuild []string `json:",omitempty"` // ONBUILD metadata that were defined on the image Dockerfile - Shell strslice.StrSlice `json:",omitempty"` // Shell for shell-form of RUN, CMD, ENTRYPOINT -} +// +// Deprecated: use [v1.DockerOCIImageConfig]. +type ImageConfig = v1.DockerOCIImageConfig // Image is the JSON structure which describes some basic information about the image. // This provides the `application/vnd.oci.image.config.v1+json` mediatype when marshalled to JSON. -type Image struct { - ocispecs.Image - - // Config defines the execution parameters which should be used as a base when running a container using the image. - Config ImageConfig `json:"config,omitempty"` -} +// +// Deprecated: use [v1.DockerOCIImage]. +type Image = v1.DockerOCIImage diff --git a/frontend/dockerfile/builder/build.go b/frontend/dockerfile/builder/build.go index a9f4a2f1c539..ed6fe09f22d6 100644 --- a/frontend/dockerfile/builder/build.go +++ b/frontend/dockerfile/builder/build.go @@ -8,7 +8,6 @@ import ( "github.com/containerd/containerd/platforms" "github.com/moby/buildkit/client/llb" "github.com/moby/buildkit/client/llb/sourceresolver" - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/frontend" "github.com/moby/buildkit/frontend/attestations/sbom" "github.com/moby/buildkit/frontend/dockerfile/dockerfile2llb" @@ -21,6 +20,7 @@ import ( "github.com/moby/buildkit/solver/errdefs" "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/solver/result" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" ) @@ -115,7 +115,7 @@ func Build(ctx context.Context, c client.Client) (_ *client.Result, err error) { scanTargets := sync.Map{} - rb, err := bc.Build(ctx, func(ctx context.Context, platform *ocispecs.Platform, idx int) (client.Reference, *image.Image, error) { + rb, err := bc.Build(ctx, func(ctx context.Context, platform *ocispecs.Platform, idx int) (client.Reference, *dockerspec.DockerOCIImage, error) { opt := convertOpt opt.TargetPlatform = platform if idx != 0 { diff --git a/frontend/dockerfile/dockerfile2llb/convert.go b/frontend/dockerfile/dockerfile2llb/convert.go index e862ec022298..39399cdcb933 100644 --- a/frontend/dockerfile/dockerfile2llb/convert.go +++ b/frontend/dockerfile/dockerfile2llb/convert.go @@ -21,7 +21,6 @@ import ( "github.com/moby/buildkit/client/llb" "github.com/moby/buildkit/client/llb/imagemetaresolver" "github.com/moby/buildkit/client/llb/sourceresolver" - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/frontend/dockerfile/instructions" "github.com/moby/buildkit/frontend/dockerfile/parser" "github.com/moby/buildkit/frontend/dockerfile/shell" @@ -34,6 +33,7 @@ import ( "github.com/moby/buildkit/util/gitutil" "github.com/moby/buildkit/util/suggest" "github.com/moby/buildkit/util/system" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" "github.com/moby/sys/signal" digest "github.com/opencontainers/go-digest" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" @@ -72,7 +72,7 @@ type SBOMTargets struct { IgnoreCache bool } -func Dockerfile2LLB(ctx context.Context, dt []byte, opt ConvertOpt) (*llb.State, *image.Image, *SBOMTargets, error) { +func Dockerfile2LLB(ctx context.Context, dt []byte, opt ConvertOpt) (*llb.State, *dockerspec.DockerOCIImage, *SBOMTargets, error) { ds, err := toDispatchState(ctx, dt, opt) if err != nil { return nil, nil, nil, err @@ -146,7 +146,7 @@ func toDispatchState(ctx context.Context, dt []byte, opt ConvertOpt) (*dispatchS return nil, errors.Errorf("Client and MainContext cannot both be provided") } - namedContext := func(ctx context.Context, name string, copt dockerui.ContextOpt) (*llb.State, *image.Image, error) { + namedContext := func(ctx context.Context, name string, copt dockerui.ContextOpt) (*llb.State, *dockerspec.DockerOCIImage, error) { if opt.Client == nil { return nil, nil, nil } @@ -441,7 +441,7 @@ func toDispatchState(ctx context.Context, dt []byte, opt ConvertOpt) (*dispatchS return errors.Wrapf(err, "failed to parse ref %q", mutRef) } } - var img image.Image + var img dockerspec.DockerOCIImage if err := json.Unmarshal(dt, &img); err != nil { return errors.Wrap(err, "failed to parse image config") } @@ -830,7 +830,7 @@ func dispatch(d *dispatchState, cmd command, opt dispatchOpt) error { type dispatchState struct { opt dispatchOpt state llb.State - image image.Image + image dockerspec.DockerOCIImage platform *ocispecs.Platform stage instructions.Stage base *dispatchState @@ -1389,7 +1389,7 @@ func dispatchEntrypoint(d *dispatchState, c *instructions.EntrypointCommand) err } func dispatchHealthcheck(d *dispatchState, c *instructions.HealthCheckCommand) error { - d.image.Config.Healthcheck = &image.HealthConfig{ + d.image.Config.Healthcheck = &dockerspec.HealthcheckConfig{ Test: c.Health.Test, Interval: c.Health.Interval, Timeout: c.Health.Timeout, @@ -1588,7 +1588,7 @@ func runCommandString(args []string, buildArgs []instructions.KeyValuePairOption return strings.Join(append(tmpBuildEnv, args...), " ") } -func commitToHistory(img *image.Image, msg string, withLayer bool, st *llb.State, tm *time.Time) error { +func commitToHistory(img *dockerspec.DockerOCIImage, msg string, withLayer bool, st *llb.State, tm *time.Time) error { if st != nil { msg += " # buildkit" } @@ -1734,7 +1734,7 @@ type mutableOutput struct { llb.Output } -func withShell(img image.Image, args []string) []string { +func withShell(img dockerspec.DockerOCIImage, args []string) []string { var shell []string if len(img.Config.Shell) > 0 { shell = append([]string{}, img.Config.Shell...) @@ -1744,7 +1744,7 @@ func withShell(img image.Image, args []string) []string { return append(shell, strings.Join(args, " ")) } -func autoDetectPlatform(img image.Image, target ocispecs.Platform, supported []ocispecs.Platform) ocispecs.Platform { +func autoDetectPlatform(img dockerspec.DockerOCIImage, target ocispecs.Platform, supported []ocispecs.Platform) ocispecs.Platform { os := img.OS arch := img.Architecture if target.OS == os && target.Architecture == arch { @@ -1882,7 +1882,7 @@ func commonImageNames() []string { return out } -func clampTimes(img image.Image, tm *time.Time) image.Image { +func clampTimes(img dockerspec.DockerOCIImage, tm *time.Time) dockerspec.DockerOCIImage { if tm == nil { return img } diff --git a/frontend/dockerfile/dockerfile2llb/image.go b/frontend/dockerfile/dockerfile2llb/image.go index 1cb158f1f885..1603bcacf56f 100644 --- a/frontend/dockerfile/dockerfile2llb/image.go +++ b/frontend/dockerfile/dockerfile2llb/image.go @@ -1,12 +1,12 @@ package dockerfile2llb import ( - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/util/system" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" ) -func clone(src image.Image) image.Image { +func clone(src dockerspec.DockerOCIImage) dockerspec.DockerOCIImage { img := src img.Config = src.Config img.Config.Env = append([]string{}, src.Config.Env...) @@ -15,8 +15,8 @@ func clone(src image.Image) image.Image { return img } -func emptyImage(platform ocispecs.Platform) image.Image { - img := image.Image{} +func emptyImage(platform ocispecs.Platform) dockerspec.DockerOCIImage { + img := dockerspec.DockerOCIImage{} img.Architecture = platform.Architecture img.OS = platform.OS img.OSVersion = platform.OSVersion diff --git a/frontend/dockerui/build.go b/frontend/dockerui/build.go index 0bba78f48b79..960138cf87ec 100644 --- a/frontend/dockerui/build.go +++ b/frontend/dockerui/build.go @@ -7,14 +7,14 @@ import ( "github.com/containerd/containerd/platforms" "github.com/moby/buildkit/exporter/containerimage/exptypes" - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/frontend/gateway/client" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" "golang.org/x/sync/errgroup" ) -type BuildFunc func(ctx context.Context, platform *ocispecs.Platform, idx int) (client.Reference, *image.Image, error) +type BuildFunc func(ctx context.Context, platform *ocispecs.Platform, idx int) (client.Reference, *dockerspec.DockerOCIImage, error) func (bc *Client) Build(ctx context.Context, fn BuildFunc) (*ResultBuilder, error) { res := client.NewResult() diff --git a/frontend/dockerui/config.go b/frontend/dockerui/config.go index 1346679f30cc..476c9faf69e4 100644 --- a/frontend/dockerui/config.go +++ b/frontend/dockerui/config.go @@ -13,11 +13,11 @@ import ( "github.com/distribution/reference" controlapi "github.com/moby/buildkit/api/services/control" "github.com/moby/buildkit/client/llb" - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/frontend/attestations" "github.com/moby/buildkit/frontend/gateway/client" "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/flightcontrol" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" "github.com/moby/patternmatcher/ignorefile" digest "github.com/opencontainers/go-digest" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" @@ -460,7 +460,7 @@ func (bc *Client) MainContext(ctx context.Context, opts ...llb.LocalOption) (*ll return &st, nil } -func (bc *Client) NamedContext(ctx context.Context, name string, opt ContextOpt) (*llb.State, *image.Image, error) { +func (bc *Client) NamedContext(ctx context.Context, name string, opt ContextOpt) (*llb.State, *dockerspec.DockerOCIImage, error) { named, err := reference.ParseNormalizedNamed(name) if err != nil { return nil, nil, errors.Wrapf(err, "invalid context name %s", name) diff --git a/frontend/dockerui/namedcontext.go b/frontend/dockerui/namedcontext.go index 5b9913511355..2a7a55878058 100644 --- a/frontend/dockerui/namedcontext.go +++ b/frontend/dockerui/namedcontext.go @@ -12,10 +12,10 @@ import ( "github.com/moby/buildkit/client/llb" "github.com/moby/buildkit/client/llb/sourceresolver" "github.com/moby/buildkit/exporter/containerimage/exptypes" - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/frontend/gateway/client" "github.com/moby/buildkit/solver/pb" "github.com/moby/buildkit/util/imageutil" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" "github.com/moby/patternmatcher/ignorefile" "github.com/pkg/errors" ) @@ -26,11 +26,11 @@ const ( maxContextRecursion = 10 ) -func (bc *Client) namedContext(ctx context.Context, name string, nameWithPlatform string, opt ContextOpt) (*llb.State, *image.Image, error) { +func (bc *Client) namedContext(ctx context.Context, name string, nameWithPlatform string, opt ContextOpt) (*llb.State, *dockerspec.DockerOCIImage, error) { return bc.namedContextRecursive(ctx, name, nameWithPlatform, opt, 0) } -func (bc *Client) namedContextRecursive(ctx context.Context, name string, nameWithPlatform string, opt ContextOpt, count int) (*llb.State, *image.Image, error) { +func (bc *Client) namedContextRecursive(ctx context.Context, name string, nameWithPlatform string, opt ContextOpt, count int) (*llb.State, *dockerspec.DockerOCIImage, error) { opts := bc.bopts.Opts contextKey := contextPrefix + nameWithPlatform v, ok := opts[contextKey] @@ -94,7 +94,7 @@ func (bc *Client) namedContextRecursive(ctx context.Context, name string, nameWi return nil, nil, err } - var img image.Image + var img dockerspec.DockerOCIImage if err := json.Unmarshal(data, &img); err != nil { return nil, nil, err } @@ -162,7 +162,7 @@ func (bc *Client) namedContextRecursive(ctx context.Context, name string, nameWi return nil, nil, err } - var img image.Image + var img dockerspec.DockerOCIImage if err := json.Unmarshal(data, &img); err != nil { return nil, nil, errors.Wrap(err, "could not parse oci-layout image config") } @@ -247,7 +247,7 @@ func (bc *Client) namedContextRecursive(ctx context.Context, name string, nameWi if err := json.Unmarshal([]byte(md), &m); err != nil { return nil, nil, errors.Wrapf(err, "failed to parse input metadata %s", md) } - var img *image.Image + var img *dockerspec.DockerOCIImage if dtic, ok := m[exptypes.ExporterImageConfigKey]; ok { st, err = st.WithImageConfig(dtic) if err != nil { diff --git a/frontend/gateway/gateway.go b/frontend/gateway/gateway.go index 68aa2a893224..9f4b992be33f 100644 --- a/frontend/gateway/gateway.go +++ b/frontend/gateway/gateway.go @@ -29,7 +29,6 @@ import ( "github.com/moby/buildkit/client/llb/sourceresolver" "github.com/moby/buildkit/executor" "github.com/moby/buildkit/exporter/containerimage/exptypes" - "github.com/moby/buildkit/exporter/containerimage/image" "github.com/moby/buildkit/frontend" "github.com/moby/buildkit/frontend/dockerui" gwclient "github.com/moby/buildkit/frontend/gateway/client" @@ -49,6 +48,7 @@ import ( "github.com/moby/buildkit/util/stack" "github.com/moby/buildkit/util/tracing" "github.com/moby/buildkit/worker" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" "github.com/moby/sys/signal" digest "github.com/opencontainers/go-digest" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" @@ -95,7 +95,7 @@ func (gf *gatewayFrontend) Solve(ctx context.Context, llbBridge frontend.Fronten } _, isDevel := opts[keyDevel] - var img image.Image + var img dockerspec.DockerOCIImage var mfstDigest digest.Digest var rootFS cache.MutableRef var readonly bool // TODO: try to switch to read-only by default. diff --git a/go.mod b/go.mod index 5960d33ac877..fde01dfdae44 100644 --- a/go.mod +++ b/go.mod @@ -47,6 +47,7 @@ require ( github.com/in-toto/in-toto-golang v0.5.0 github.com/klauspost/compress v1.17.4 github.com/mitchellh/hashstructure/v2 v2.0.2 + github.com/moby/docker-image-spec v1.3.1 github.com/moby/locker v1.0.1 github.com/moby/patternmatcher v0.6.0 github.com/moby/sys/mountinfo v0.7.1 diff --git a/go.sum b/go.sum index 093fc7aa90e3..8960fe0ea926 100644 --- a/go.sum +++ b/go.sum @@ -904,6 +904,8 @@ github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh github.com/mitchellh/mapstructure v1.3.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo= github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f/go.mod h1:OkQIRizQZAeMln+1tSwduZz7+Af5oFlKirV/MSYes2A= github.com/moby/buildkit v0.8.1/go.mod h1:/kyU1hKy/aYCuP39GZA9MaKioovHku57N6cqlKZIaiQ= +github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0= +github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo= github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg= github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc= github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk= diff --git a/util/imageutil/schema1.go b/util/imageutil/schema1.go index cd66d9123ea7..fde33421dc96 100644 --- a/util/imageutil/schema1.go +++ b/util/imageutil/schema1.go @@ -8,7 +8,7 @@ import ( "time" "github.com/containerd/containerd/remotes" - "github.com/moby/buildkit/exporter/containerimage/image" + dockerspec "github.com/moby/docker-image-spec/specs-go/v1" digest "github.com/opencontainers/go-digest" ocispecs "github.com/opencontainers/image-spec/specs-go/v1" "github.com/pkg/errors" @@ -45,7 +45,7 @@ func convertSchema1ConfigMeta(in []byte) ([]byte, error) { return nil, errors.Errorf("invalid schema1 manifest") } - var img image.Image + var img dockerspec.DockerOCIImage if err := json.Unmarshal([]byte(m.History[0].V1Compatibility), &img); err != nil { return nil, errors.Wrap(err, "failed to unmarshal image from schema 1 history") } diff --git a/vendor/github.com/moby/docker-image-spec/LICENSE b/vendor/github.com/moby/docker-image-spec/LICENSE new file mode 100644 index 000000000000..261eeb9e9f8b --- /dev/null +++ b/vendor/github.com/moby/docker-image-spec/LICENSE @@ -0,0 +1,201 @@ + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/vendor/github.com/moby/docker-image-spec/specs-go/v1/image.go b/vendor/github.com/moby/docker-image-spec/specs-go/v1/image.go new file mode 100644 index 000000000000..16726176350f --- /dev/null +++ b/vendor/github.com/moby/docker-image-spec/specs-go/v1/image.go @@ -0,0 +1,54 @@ +package v1 + +import ( + "time" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +const DockerOCIImageMediaType = "application/vnd.docker.container.image.v1+json" + +// DockerOCIImage is a ocispec.Image extended with Docker specific Config. +type DockerOCIImage struct { + ocispec.Image + + // Shadow ocispec.Image.Config + Config DockerOCIImageConfig `json:"config,omitempty"` +} + +// DockerOCIImageConfig is a ocispec.ImageConfig extended with Docker specific fields. +type DockerOCIImageConfig struct { + ocispec.ImageConfig + + DockerOCIImageConfigExt +} + +// DockerOCIImageConfigExt contains Docker-specific fields in DockerImageConfig. +type DockerOCIImageConfigExt struct { + Healthcheck *HealthcheckConfig `json:",omitempty"` // Healthcheck describes how to check the container is healthy + + OnBuild []string `json:",omitempty"` // ONBUILD metadata that were defined on the image Dockerfile + Shell []string `json:",omitempty"` // Shell for shell-form of RUN, CMD, ENTRYPOINT +} + +// HealthcheckConfig holds configuration settings for the HEALTHCHECK feature. +type HealthcheckConfig struct { + // Test is the test to perform to check that the container is healthy. + // An empty slice means to inherit the default. + // The options are: + // {} : inherit healthcheck + // {"NONE"} : disable healthcheck + // {"CMD", args...} : exec arguments directly + // {"CMD-SHELL", command} : run command with system's default shell + Test []string `json:",omitempty"` + + // Zero means to inherit. Durations are expressed as integer nanoseconds. + Interval time.Duration `json:",omitempty"` // Interval is the time to wait between checks. + Timeout time.Duration `json:",omitempty"` // Timeout is the time to wait before considering the check to have hung. + StartPeriod time.Duration `json:",omitempty"` // The start period for the container to initialize before the retries starts to count down. + StartInterval time.Duration `json:",omitempty"` // The interval to attempt healthchecks at during the start period + + // Retries is the number of consecutive failures needed to consider a container as unhealthy. + // Zero means inherit. + Retries int `json:",omitempty"` +} diff --git a/vendor/modules.txt b/vendor/modules.txt index c290f8e251d4..5ee508f489eb 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -649,6 +649,9 @@ github.com/matttproud/golang_protobuf_extensions/pbutil # github.com/mitchellh/hashstructure/v2 v2.0.2 ## explicit; go 1.14 github.com/mitchellh/hashstructure/v2 +# github.com/moby/docker-image-spec v1.3.1 +## explicit; go 1.18 +github.com/moby/docker-image-spec/specs-go/v1 # github.com/moby/locker v1.0.1 ## explicit; go 1.13 github.com/moby/locker