package oci

buildkit – github.com/moby/buildkit/executor/oci Index | Files

import "github.com/moby/buildkit/executor/oci"

Index ¶

func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, namespace network.Namespace, cgroupParent string, processMode ProcessMode, idmap *user.IdentityMapping, apparmorProfile string, selinuxB bool, tracingSocket string, cdiManager *cdidevices.Manager, opts ...oci.SpecOpts) (*specs.Spec, func(), error)
func GetHostsFile(ctx context.Context, stateDir string, extraHosts []executor.HostIP, idmap *user.IdentityMapping, hostname string) (string, func(), error)
func GetResolvConf(ctx context.Context, stateDir string, idmap *user.IdentityMapping, dns *DNSConfig, netMode pb.NetMode) (string, error)
func GetUser(root, username string) (uint32, uint32, []uint32, error)
func ParseUIDGID(str string) (uid uint32, gid uint32, err error)
func WithUIDGID(uid, gid uint32, sgids []uint32) containerdoci.SpecOpts
type DNSConfig
type ProcessMode

func (pm ProcessMode) String() string

Functions ¶

func GenerateSpec ¶

func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, namespace network.Namespace, cgroupParent string, processMode ProcessMode, idmap *user.IdentityMapping, apparmorProfile string, selinuxB bool, tracingSocket string, cdiManager *cdidevices.Manager, opts ...oci.SpecOpts) (*specs.Spec, func(), error)

GenerateSpec generates spec using containerd functionality. opts are ignored for s.Process, s.Hostname, and s.Mounts .

func GetHostsFile ¶

func GetHostsFile(ctx context.Context, stateDir string, extraHosts []executor.HostIP, idmap *user.IdentityMapping, hostname string) (string, func(), error)

func GetResolvConf ¶

func GetResolvConf(ctx context.Context, stateDir string, idmap *user.IdentityMapping, dns *DNSConfig, netMode pb.NetMode) (string, error)

func GetUser ¶

func GetUser(root, username string) (uint32, uint32, []uint32, error)

func ParseUIDGID ¶

func ParseUIDGID(str string) (uid uint32, gid uint32, err error)

ParseUIDGID takes the fast path to parse UID and GID if and only if they are both provided

func WithUIDGID ¶

func WithUIDGID(uid, gid uint32, sgids []uint32) containerdoci.SpecOpts

WithUIDGID allows the UID and GID for the Process to be set FIXME: This is a temporeray fix for the missing supplementary GIDs from containerd once the PR in containerd is merged we should remove this function.

Types ¶

type DNSConfig ¶

type DNSConfig struct {
	Nameservers   []string
	Options       []string
	SearchDomains []string
}

type ProcessMode ¶

type ProcessMode int

ProcessMode configures PID namespaces

const (
	// ProcessSandbox unshares pidns and mount procfs.
	ProcessSandbox ProcessMode = iota
	// NoProcessSandbox uses host pidns and bind-mount procfs.
	// Note that NoProcessSandbox allows build containers to kill (and potentially ptrace) an arbitrary process in the BuildKit host namespace.
	// NoProcessSandbox should be enabled only when the BuildKit is running in a container as an unprivileged user.
	NoProcessSandbox
)

func (ProcessMode) String ¶

func (pm ProcessMode) String() string

Source Files ¶

hosts.go mounts.go resolvconf.go spec.go spec_unix.go user.go

Version: v0.21.0-rc1
Published: Apr 9, 2025
Platform: js/wasm
Imports: 33 packages
Last checked: 3 seconds ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples