package oci

buildkit – github.com/moby/buildkit/executor/oci Index | Files

import "github.com/moby/buildkit/executor/oci"

Index ¶

func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, namespace network.Namespace, processMode ProcessMode, idmap *idtools.IdentityMapping, apparmorProfile string, opts ...oci.SpecOpts) (*specs.Spec, func(), error)
func GetHostsFile(ctx context.Context, stateDir string, extraHosts []executor.HostIP, idmap *idtools.IdentityMapping, hostname string) (string, func(), error)
func GetResolvConf(ctx context.Context, stateDir string, idmap *idtools.IdentityMapping, dns *DNSConfig) (string, error)
func GetUser(root, username string) (uint32, uint32, []uint32, error)
func ParseUIDGID(str string) (uid uint32, gid uint32, err error)
func WithUIDGID(uid, gid uint32, sgids []uint32) containerdoci.SpecOpts
type DNSConfig
type ProcessMode

Functions ¶

func GenerateSpec ¶

func GenerateSpec(ctx context.Context, meta executor.Meta, mounts []executor.Mount, id, resolvConf, hostsFile string, namespace network.Namespace, processMode ProcessMode, idmap *idtools.IdentityMapping, apparmorProfile string, opts ...oci.SpecOpts) (*specs.Spec, func(), error)

GenerateSpec generates spec using containerd functionality. opts are ignored for s.Process, s.Hostname, and s.Mounts .

func GetHostsFile ¶

func GetHostsFile(ctx context.Context, stateDir string, extraHosts []executor.HostIP, idmap *idtools.IdentityMapping, hostname string) (string, func(), error)

func GetResolvConf ¶

func GetResolvConf(ctx context.Context, stateDir string, idmap *idtools.IdentityMapping, dns *DNSConfig) (string, error)

func GetUser ¶

func GetUser(root, username string) (uint32, uint32, []uint32, error)

func ParseUIDGID ¶

func ParseUIDGID(str string) (uid uint32, gid uint32, err error)

ParseUIDGID takes the fast path to parse UID and GID if and only if they are both provided

func WithUIDGID ¶

func WithUIDGID(uid, gid uint32, sgids []uint32) containerdoci.SpecOpts

WithUIDGID allows the UID and GID for the Process to be set FIXME: This is a temporeray fix for the missing supplementary GIDs from containerd once the PR in containerd is merged we should remove this function.

Types ¶

type DNSConfig ¶

type DNSConfig struct {
	Nameservers   []string
	Options       []string
	SearchDomains []string
}

type ProcessMode ¶

type ProcessMode int

ProcessMode configures PID namespaces

const (
	// ProcessSandbox unshares pidns and mount procfs.
	ProcessSandbox ProcessMode = iota
	// NoProcessSandbox uses host pidns and bind-mount procfs.
	// Note that NoProcessSandbox allows build containers to kill (and potentially ptrace) an arbitrary process in the BuildKit host namespace.
	// NoProcessSandbox should be enabled only when the BuildKit is running in a container as an unprivileged user.
	NoProcessSandbox
)

Source Files ¶

hosts.go mounts.go resolvconf.go spec.go spec_unix.go user.go

Version: v0.8.2
Published: Feb 25, 2021
Platform: js/wasm
Imports: 33 packages
Last checked: 13 seconds ago –

Tools for package owners.

?	: This menu
/	: Search site
f	: Jump to identifier
g then g	: Go to top of page
g then b	: Go to end of page
G	: Go to end of page
g then i	: Go to index
g then e	: Go to examples