2021-10-15 10:37:50 +02:00
|
|
|
/*
|
|
|
|
|
Copyright 2020 Docker Compose CLI authors
|
|
|
|
|
|
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
|
|
|
you may not use this file except in compliance with the License.
|
|
|
|
|
You may obtain a copy of the License at
|
|
|
|
|
|
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
|
|
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
|
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
|
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
|
|
|
See the License for the specific language governing permissions and
|
|
|
|
|
limitations under the License.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
package compose
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"context"
|
|
|
|
|
"encoding/json"
|
2023-09-26 00:57:12 +02:00
|
|
|
"errors"
|
2021-10-15 10:37:50 +02:00
|
|
|
"fmt"
|
|
|
|
|
"io"
|
|
|
|
|
"os"
|
|
|
|
|
"path/filepath"
|
|
|
|
|
"runtime"
|
|
|
|
|
"strings"
|
|
|
|
|
|
2023-11-08 10:19:24 +01:00
|
|
|
"github.com/compose-spec/compose-go/v2/types"
|
2022-12-14 11:12:52 +01:00
|
|
|
"github.com/docker/cli/cli"
|
2025-05-29 10:37:19 +02:00
|
|
|
"github.com/docker/cli/cli/command"
|
2021-10-15 10:37:50 +02:00
|
|
|
"github.com/docker/cli/cli/command/image/build"
|
2025-05-29 10:37:19 +02:00
|
|
|
"github.com/docker/compose/v2/pkg/api"
|
|
|
|
|
buildtypes "github.com/docker/docker/api/types/build"
|
2023-03-16 14:32:50 +01:00
|
|
|
"github.com/docker/docker/api/types/container"
|
2025-05-29 10:37:19 +02:00
|
|
|
"github.com/docker/docker/api/types/registry"
|
2022-10-18 16:57:53 +02:00
|
|
|
"github.com/docker/docker/builder/remotecontext/urlutil"
|
2021-10-15 10:37:50 +02:00
|
|
|
"github.com/docker/docker/pkg/jsonmessage"
|
|
|
|
|
"github.com/docker/docker/pkg/progress"
|
|
|
|
|
"github.com/docker/docker/pkg/streamformatter"
|
2025-04-07 17:58:28 +02:00
|
|
|
"github.com/moby/go-archive"
|
2024-07-20 16:40:52 +02:00
|
|
|
"github.com/sirupsen/logrus"
|
2021-10-15 10:37:50 +02:00
|
|
|
)
|
|
|
|
|
|
2022-08-09 16:43:58 -04:00
|
|
|
//nolint:gocyclo
|
2023-08-10 08:57:28 -04:00
|
|
|
func (s *composeService) doBuildClassic(ctx context.Context, project *types.Project, service types.ServiceConfig, options api.BuildOptions) (string, error) {
|
2021-10-15 10:37:50 +02:00
|
|
|
var (
|
|
|
|
|
buildCtx io.ReadCloser
|
|
|
|
|
dockerfileCtx io.ReadCloser
|
|
|
|
|
contextDir string
|
|
|
|
|
tempDir string
|
|
|
|
|
relDockerfile string
|
|
|
|
|
|
|
|
|
|
err error
|
|
|
|
|
)
|
|
|
|
|
|
2023-03-16 14:32:50 +01:00
|
|
|
dockerfileName := dockerFilePath(service.Build.Context, service.Build.Dockerfile)
|
|
|
|
|
specifiedContext := service.Build.Context
|
2022-02-23 11:28:56 +01:00
|
|
|
progBuff := s.stdout()
|
|
|
|
|
buildBuff := s.stdout()
|
2021-10-15 10:37:50 +02:00
|
|
|
|
2023-03-16 14:32:50 +01:00
|
|
|
if len(service.Build.Platforms) > 1 {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("the classic builder doesn't support multi-arch build, set DOCKER_BUILDKIT=1 to use BuildKit")
|
2023-03-16 14:32:50 +01:00
|
|
|
}
|
|
|
|
|
if service.Build.Privileged {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("the classic builder doesn't support privileged mode, set DOCKER_BUILDKIT=1 to use BuildKit")
|
2023-03-16 14:32:50 +01:00
|
|
|
}
|
|
|
|
|
if len(service.Build.AdditionalContexts) > 0 {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("the classic builder doesn't support additional contexts, set DOCKER_BUILDKIT=1 to use BuildKit")
|
2022-08-08 16:03:36 +02:00
|
|
|
}
|
2023-03-16 14:32:50 +01:00
|
|
|
if len(service.Build.SSH) > 0 {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("the classic builder doesn't support SSH keys, set DOCKER_BUILDKIT=1 to use BuildKit")
|
2022-12-21 10:20:46 +01:00
|
|
|
}
|
2023-03-16 14:32:50 +01:00
|
|
|
if len(service.Build.Secrets) > 0 {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("the classic builder doesn't support secrets, set DOCKER_BUILDKIT=1 to use BuildKit")
|
2023-02-16 22:58:09 +01:00
|
|
|
}
|
2022-08-08 16:03:36 +02:00
|
|
|
|
2023-03-16 14:32:50 +01:00
|
|
|
if service.Build.Labels == nil {
|
|
|
|
|
service.Build.Labels = make(map[string]string)
|
build: label built images for reliable cleanup on `down`
When running `compose down`, the `--rmi` flag can be passed,
which currently supports two values:
* `local`: remove any _implicitly-named_ images that Compose
built
* `all` : remove any named images (locally-built or fetched
from a remote repo)
Removing images in the `local` case can be problematic, as it's
historically been done via a fair amount of inference over the
Compose model. Additionally, when using the "project-model"
(by passing `--project-name` instead of using a Compose file),
we're even more limited: if no containers for the project are
running, there's nothing to derive state from to perform the
inference on.
As a first pass, we started labeling _containers_ with the name
of the locally-built image associated with it (if any) in #9715.
Unfortunately, this still suffers from the aforementioned problems
around using actual state (i.e. the containers might no longer
exist) and meant that when operating in file mode (the default),
things did not behave as expected: the label is not available
in the project since it only exists at runtime.
Now, with these changes, Compose will label any images it builds
with project metadata. Upon cleanup during `down`, the engine
image API is queried for related images and matched up with the
services for the project. As a fallback for images built with
prior versions of Compose, the previous approach is still taken.
See also:
* https://github.com/docker/compose/issues/9655
* https://github.com/docker/compose/pull/9715
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-09-07 16:24:47 -04:00
|
|
|
}
|
2023-03-16 14:32:50 +01:00
|
|
|
service.Build.Labels[api.ImageBuilderLabel] = "classic"
|
build: label built images for reliable cleanup on `down`
When running `compose down`, the `--rmi` flag can be passed,
which currently supports two values:
* `local`: remove any _implicitly-named_ images that Compose
built
* `all` : remove any named images (locally-built or fetched
from a remote repo)
Removing images in the `local` case can be problematic, as it's
historically been done via a fair amount of inference over the
Compose model. Additionally, when using the "project-model"
(by passing `--project-name` instead of using a Compose file),
we're even more limited: if no containers for the project are
running, there's nothing to derive state from to perform the
inference on.
As a first pass, we started labeling _containers_ with the name
of the locally-built image associated with it (if any) in #9715.
Unfortunately, this still suffers from the aforementioned problems
around using actual state (i.e. the containers might no longer
exist) and meant that when operating in file mode (the default),
things did not behave as expected: the label is not available
in the project since it only exists at runtime.
Now, with these changes, Compose will label any images it builds
with project metadata. Upon cleanup during `down`, the engine
image API is queried for related images and matched up with the
services for the project. As a fallback for images built with
prior versions of Compose, the previous approach is still taken.
See also:
* https://github.com/docker/compose/issues/9655
* https://github.com/docker/compose/pull/9715
Signed-off-by: Milas Bowman <milas.bowman@docker.com>
2022-09-07 16:24:47 -04:00
|
|
|
|
2021-10-15 10:37:50 +02:00
|
|
|
switch {
|
|
|
|
|
case isLocalDir(specifiedContext):
|
|
|
|
|
contextDir, relDockerfile, err = build.GetContextFromLocalDir(specifiedContext, dockerfileName)
|
|
|
|
|
if err == nil && strings.HasPrefix(relDockerfile, ".."+string(filepath.Separator)) {
|
|
|
|
|
// Dockerfile is outside of build-context; read the Dockerfile and pass it as dockerfileCtx
|
|
|
|
|
dockerfileCtx, err = os.Open(dockerfileName)
|
|
|
|
|
if err != nil {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("unable to open Dockerfile: %w", err)
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
2022-07-13 19:20:40 +02:00
|
|
|
defer dockerfileCtx.Close() //nolint:errcheck
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
|
|
|
|
case urlutil.IsGitURL(specifiedContext):
|
|
|
|
|
tempDir, relDockerfile, err = build.GetContextFromGitURL(specifiedContext, dockerfileName)
|
|
|
|
|
case urlutil.IsURL(specifiedContext):
|
|
|
|
|
buildCtx, relDockerfile, err = build.GetContextFromURL(progBuff, specifiedContext, dockerfileName)
|
|
|
|
|
default:
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("unable to prepare context: path %q not found", specifiedContext)
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("unable to prepare context: %w", err)
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if tempDir != "" {
|
2022-07-13 19:20:40 +02:00
|
|
|
defer os.RemoveAll(tempDir) //nolint:errcheck
|
2021-10-15 10:37:50 +02:00
|
|
|
contextDir = tempDir
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// read from a directory into tar archive
|
|
|
|
|
if buildCtx == nil {
|
|
|
|
|
excludes, err := build.ReadDockerignore(contextDir)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if err := build.ValidateContextDirectory(contextDir, excludes); err != nil {
|
2023-09-26 00:57:12 +02:00
|
|
|
return "", fmt.Errorf("checking context: %w", err)
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// And canonicalize dockerfile name to a platform-independent one
|
2024-06-16 15:11:10 +02:00
|
|
|
relDockerfile = filepath.ToSlash(relDockerfile)
|
2021-10-15 10:37:50 +02:00
|
|
|
|
|
|
|
|
excludes = build.TrimBuildFilesFromExcludes(excludes, relDockerfile, false)
|
|
|
|
|
buildCtx, err = archive.TarWithOptions(contextDir, &archive.TarOptions{
|
|
|
|
|
ExcludePatterns: excludes,
|
2025-04-07 17:58:28 +02:00
|
|
|
ChownOpts: &archive.ChownOpts{},
|
2021-10-15 10:37:50 +02:00
|
|
|
})
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// replace Dockerfile if it was added from stdin or a file outside the build-context, and there is archive context
|
|
|
|
|
if dockerfileCtx != nil && buildCtx != nil {
|
|
|
|
|
buildCtx, relDockerfile, err = build.AddDockerfileToBuildContext(dockerfileCtx, buildCtx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
buildCtx, err = build.Compress(buildCtx)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
|
2021-10-31 00:52:24 +02:00
|
|
|
progressOutput := streamformatter.NewProgressOutput(progBuff)
|
2022-04-08 11:33:54 +02:00
|
|
|
body := progress.NewProgressReader(buildCtx, progressOutput, 0, "", "Sending build context to Docker daemon")
|
2021-10-15 10:37:50 +02:00
|
|
|
|
2022-02-23 11:28:56 +01:00
|
|
|
configFile := s.configFile()
|
2021-10-31 02:01:30 +02:00
|
|
|
creds, err := configFile.GetAllCredentials()
|
|
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
2023-06-06 16:55:54 -04:00
|
|
|
authConfigs := make(map[string]registry.AuthConfig, len(creds))
|
2021-10-15 10:37:50 +02:00
|
|
|
for k, auth := range creds {
|
2023-06-06 16:55:54 -04:00
|
|
|
authConfigs[k] = registry.AuthConfig(auth)
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
2023-08-10 08:57:28 -04:00
|
|
|
buildOptions := imageBuildOptions(s.dockerCli, project, service, options)
|
|
|
|
|
imageName := api.GetImageNameOrDefault(service, project.Name)
|
2023-07-17 10:36:48 -04:00
|
|
|
buildOptions.Tags = append(buildOptions.Tags, imageName)
|
2021-10-15 10:37:50 +02:00
|
|
|
buildOptions.Dockerfile = relDockerfile
|
|
|
|
|
buildOptions.AuthConfigs = authConfigs
|
2023-04-24 10:51:40 +02:00
|
|
|
buildOptions.Memory = options.Memory
|
2021-10-15 10:37:50 +02:00
|
|
|
|
|
|
|
|
ctx, cancel := context.WithCancel(ctx)
|
|
|
|
|
defer cancel()
|
2022-02-23 11:28:56 +01:00
|
|
|
response, err := s.apiClient().ImageBuild(ctx, body, buildOptions)
|
2021-10-15 10:37:50 +02:00
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
2022-07-13 19:20:40 +02:00
|
|
|
defer response.Body.Close() //nolint:errcheck
|
2021-10-15 10:37:50 +02:00
|
|
|
|
|
|
|
|
imageID := ""
|
|
|
|
|
aux := func(msg jsonmessage.JSONMessage) {
|
2025-05-29 10:37:19 +02:00
|
|
|
var result buildtypes.Result
|
2021-10-15 10:37:50 +02:00
|
|
|
if err := json.Unmarshal(*msg.Aux, &result); err != nil {
|
2024-07-20 16:40:52 +02:00
|
|
|
logrus.Errorf("Failed to parse aux message: %s", err)
|
2021-10-15 10:37:50 +02:00
|
|
|
} else {
|
|
|
|
|
imageID = result.ID
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-02-23 11:28:56 +01:00
|
|
|
err = jsonmessage.DisplayJSONMessagesStream(response.Body, buildBuff, progBuff.FD(), true, aux)
|
2021-10-15 10:37:50 +02:00
|
|
|
if err != nil {
|
2023-09-26 00:57:12 +02:00
|
|
|
var jerr *jsonmessage.JSONError
|
|
|
|
|
if errors.As(err, &jerr) {
|
2021-10-15 10:37:50 +02:00
|
|
|
// If no error code is set, default to 1
|
|
|
|
|
if jerr.Code == 0 {
|
|
|
|
|
jerr.Code = 1
|
|
|
|
|
}
|
|
|
|
|
return "", cli.StatusError{Status: jerr.Message, StatusCode: jerr.Code}
|
|
|
|
|
}
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Windows: show error message about modified file permissions if the
|
|
|
|
|
// daemon isn't running Windows.
|
|
|
|
|
if response.OSType != "windows" && runtime.GOOS == "windows" {
|
|
|
|
|
// if response.OSType != "windows" && runtime.GOOS == "windows" && !options.quiet {
|
fix linting issues with golangci-lint 1.60.2
pkg/watch/watcher_darwin.go:96:16: Error return value of `d.stream.Start` is not checked (errcheck)
d.stream.Start()
^
pkg/prompt/prompt.go:97:12: Error return value of `fmt.Fprint` is not checked (errcheck)
fmt.Fprint(u.stdout, message)
^
pkg/prompt/prompt.go:99:12: Error return value of `fmt.Scanln` is not checked (errcheck)
fmt.Scanln(&answer)
^
cmd/formatter/logs.go:118:15: Error return value of `fmt.Fprintf` is not checked (errcheck)
fmt.Fprintf(w, "%s%s%s\n", p.prefix, timestamp, line)
^
cmd/formatter/logs.go:120:15: Error return value of `fmt.Fprintf` is not checked (errcheck)
fmt.Fprintf(w, "%s%s\n", p.prefix, line)
^
pkg/progress/json.go:67:15: Error return value of `fmt.Fprintln` is not checked (errcheck)
fmt.Fprintln(p.out, string(marshal))
^
pkg/progress/json.go:87:15: Error return value of `fmt.Fprintln` is not checked (errcheck)
fmt.Fprintln(p.out, string(marshal))
^
pkg/progress/plain.go:47:14: Error return value of `fmt.Fprintln` is not checked (errcheck)
fmt.Fprintln(p.out, prefix, e.ID, e.Text, e.StatusText)
^
pkg/progress/tty.go:162:12: Error return value of `fmt.Fprint` is not checked (errcheck)
fmt.Fprint(w.out, b.Column(0).ANSI)
^
pkg/progress/tty.go:165:12: Error return value of `fmt.Fprint` is not checked (errcheck)
fmt.Fprint(w.out, aec.Hide)
^
pkg/compose/attach.go:53:13: Error return value of `fmt.Fprintf` is not checked (errcheck)
fmt.Fprintf(s.stdout(), "Attaching to %s\n", strings.Join(names, ", "))
^
pkg/compose/compose.go:194:6: emptyStringTest: replace `len(dependencies) > 0` with `dependencies != ""` (gocritic)
if len(dependencies) > 0 {
^
pkg/compose/convergence.go:461:2: builtinShadow: shadowing of predeclared identifier: max (gocritic)
max := 0
^
pkg/compose/run.go:127:5: emptyStringTest: replace `len(opts.User) > 0` with `opts.User != ""` (gocritic)
if len(opts.User) > 0 {
^
pkg/compose/run.go:139:5: emptyStringTest: replace `len(opts.WorkingDir) > 0` with `opts.WorkingDir != ""` (gocritic)
if len(opts.WorkingDir) > 0 {
^
pkg/compose/viz.go:91:8: emptyStringTest: replace `len(portConfig.HostIP) > 0` with `portConfig.HostIP != ""` (gocritic)
if len(portConfig.HostIP) > 0 {
^
cmd/compatibility/convert.go:66:6: emptyStringTest: replace `len(arg) > 0` with `arg != ""` (gocritic)
if len(arg) > 0 && arg[0] != '-' {
^
pkg/e2e/watch_test.go:208:25: printf: non-constant format string in call to gotest.tools/v3/poll.Continue (govet)
return poll.Continue(res.Combined())
^
pkg/e2e/watch_test.go:290:25: printf: non-constant format string in call to gotest.tools/v3/poll.Continue (govet)
return poll.Continue(r.Combined())
^
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-09-11 12:52:55 +02:00
|
|
|
_, _ = fmt.Fprintln(s.stdout(), "SECURITY WARNING: You are building a Docker "+
|
2021-10-15 10:37:50 +02:00
|
|
|
"image from Windows against a non-Windows Docker host. All files and "+
|
|
|
|
|
"directories added to build context will have '-rwxr-xr-x' permissions. "+
|
|
|
|
|
"It is recommended to double check and reset permissions for sensitive "+
|
|
|
|
|
"files and directories.")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return imageID, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func isLocalDir(c string) bool {
|
|
|
|
|
_, err := os.Stat(c)
|
|
|
|
|
return err == nil
|
|
|
|
|
}
|
|
|
|
|
|
2025-05-29 10:37:19 +02:00
|
|
|
func imageBuildOptions(dockerCli command.Cli, project *types.Project, service types.ServiceConfig, options api.BuildOptions) buildtypes.ImageBuildOptions {
|
2023-08-10 08:57:28 -04:00
|
|
|
config := service.Build
|
2025-05-29 10:37:19 +02:00
|
|
|
return buildtypes.ImageBuildOptions{
|
|
|
|
|
Version: buildtypes.BuilderV1,
|
2023-03-16 14:32:50 +01:00
|
|
|
Tags: config.Tags,
|
|
|
|
|
NoCache: config.NoCache,
|
2021-12-08 03:54:45 +09:00
|
|
|
Remove: true,
|
2023-03-16 14:32:50 +01:00
|
|
|
PullParent: config.Pull,
|
2023-08-10 08:57:28 -04:00
|
|
|
BuildArgs: resolveAndMergeBuildArgs(dockerCli, project, service, options),
|
2023-03-16 14:32:50 +01:00
|
|
|
Labels: config.Labels,
|
|
|
|
|
NetworkMode: config.Network,
|
2023-11-27 10:14:31 +01:00
|
|
|
ExtraHosts: config.ExtraHosts.AsList(":"),
|
2023-03-16 14:32:50 +01:00
|
|
|
Target: config.Target,
|
|
|
|
|
Isolation: container.Isolation(config.Isolation),
|
2021-10-15 10:37:50 +02:00
|
|
|
}
|
|
|
|
|
}
|
