mirror of
https://github.com/moby/moby.git
synced 2022-11-09 12:21:53 -05:00
260 lines
9.1 KiB
Go
260 lines
9.1 KiB
Go
package builder
|
|
|
|
import (
|
|
"bufio"
|
|
"fmt"
|
|
"io"
|
|
"io/ioutil"
|
|
"os"
|
|
"os/exec"
|
|
"path/filepath"
|
|
"runtime"
|
|
"strings"
|
|
|
|
"github.com/docker/docker/pkg/archive"
|
|
"github.com/docker/docker/pkg/fileutils"
|
|
"github.com/docker/docker/pkg/gitutils"
|
|
"github.com/docker/docker/pkg/httputils"
|
|
"github.com/docker/docker/pkg/ioutils"
|
|
"github.com/docker/docker/pkg/progress"
|
|
"github.com/docker/docker/pkg/streamformatter"
|
|
)
|
|
|
|
// ValidateContextDirectory checks if all the contents of the directory
|
|
// can be read and returns an error if some files can't be read
|
|
// symlinks which point to non-existing files don't trigger an error
|
|
func ValidateContextDirectory(srcPath string, excludes []string) error {
|
|
contextRoot, err := getContextRoot(srcPath)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return filepath.Walk(contextRoot, func(filePath string, f os.FileInfo, err error) error {
|
|
if err != nil {
|
|
if os.IsPermission(err) {
|
|
return fmt.Errorf("can't stat '%s'", filePath)
|
|
}
|
|
if os.IsNotExist(err) {
|
|
return nil
|
|
}
|
|
return err
|
|
}
|
|
|
|
// skip this directory/file if it's not in the path, it won't get added to the context
|
|
if relFilePath, err := filepath.Rel(contextRoot, filePath); err != nil {
|
|
return err
|
|
} else if skip, err := fileutils.Matches(relFilePath, excludes); err != nil {
|
|
return err
|
|
} else if skip {
|
|
if f.IsDir() {
|
|
return filepath.SkipDir
|
|
}
|
|
return nil
|
|
}
|
|
|
|
// skip checking if symlinks point to non-existing files, such symlinks can be useful
|
|
// also skip named pipes, because they hanging on open
|
|
if f.Mode()&(os.ModeSymlink|os.ModeNamedPipe) != 0 {
|
|
return nil
|
|
}
|
|
|
|
if !f.IsDir() {
|
|
currentFile, err := os.Open(filePath)
|
|
if err != nil && os.IsPermission(err) {
|
|
return fmt.Errorf("no permission to read from '%s'", filePath)
|
|
}
|
|
currentFile.Close()
|
|
}
|
|
return nil
|
|
})
|
|
}
|
|
|
|
// GetContextFromReader will read the contents of the given reader as either a
|
|
// Dockerfile or tar archive. Returns a tar archive used as a context and a
|
|
// path to the Dockerfile inside the tar.
|
|
func GetContextFromReader(r io.ReadCloser, dockerfileName string) (out io.ReadCloser, relDockerfile string, err error) {
|
|
buf := bufio.NewReader(r)
|
|
|
|
magic, err := buf.Peek(archive.HeaderSize)
|
|
if err != nil && err != io.EOF {
|
|
return nil, "", fmt.Errorf("failed to peek context header from STDIN: %v", err)
|
|
}
|
|
|
|
if archive.IsArchive(magic) {
|
|
return ioutils.NewReadCloserWrapper(buf, func() error { return r.Close() }), dockerfileName, nil
|
|
}
|
|
|
|
// Input should be read as a Dockerfile.
|
|
tmpDir, err := ioutil.TempDir("", "docker-build-context-")
|
|
if err != nil {
|
|
return nil, "", fmt.Errorf("unbale to create temporary context directory: %v", err)
|
|
}
|
|
|
|
f, err := os.Create(filepath.Join(tmpDir, DefaultDockerfileName))
|
|
if err != nil {
|
|
return nil, "", err
|
|
}
|
|
_, err = io.Copy(f, buf)
|
|
if err != nil {
|
|
f.Close()
|
|
return nil, "", err
|
|
}
|
|
|
|
if err := f.Close(); err != nil {
|
|
return nil, "", err
|
|
}
|
|
if err := r.Close(); err != nil {
|
|
return nil, "", err
|
|
}
|
|
|
|
tar, err := archive.Tar(tmpDir, archive.Uncompressed)
|
|
if err != nil {
|
|
return nil, "", err
|
|
}
|
|
|
|
return ioutils.NewReadCloserWrapper(tar, func() error {
|
|
err := tar.Close()
|
|
os.RemoveAll(tmpDir)
|
|
return err
|
|
}), DefaultDockerfileName, nil
|
|
|
|
}
|
|
|
|
// GetContextFromGitURL uses a Git URL as context for a `docker build`. The
|
|
// git repo is cloned into a temporary directory used as the context directory.
|
|
// Returns the absolute path to the temporary context directory, the relative
|
|
// path of the dockerfile in that context directory, and a non-nil error on
|
|
// success.
|
|
func GetContextFromGitURL(gitURL, dockerfileName string) (absContextDir, relDockerfile string, err error) {
|
|
if _, err := exec.LookPath("git"); err != nil {
|
|
return "", "", fmt.Errorf("unable to find 'git': %v", err)
|
|
}
|
|
if absContextDir, err = gitutils.Clone(gitURL); err != nil {
|
|
return "", "", fmt.Errorf("unable to 'git clone' to temporary context directory: %v", err)
|
|
}
|
|
|
|
return getDockerfileRelPath(absContextDir, dockerfileName)
|
|
}
|
|
|
|
// GetContextFromURL uses a remote URL as context for a `docker build`. The
|
|
// remote resource is downloaded as either a Dockerfile or a tar archive.
|
|
// Returns the tar archive used for the context and a path of the
|
|
// dockerfile inside the tar.
|
|
func GetContextFromURL(out io.Writer, remoteURL, dockerfileName string) (io.ReadCloser, string, error) {
|
|
response, err := httputils.Download(remoteURL)
|
|
if err != nil {
|
|
return nil, "", fmt.Errorf("unable to download remote context %s: %v", remoteURL, err)
|
|
}
|
|
progressOutput := streamformatter.NewStreamFormatter().NewProgressOutput(out, true)
|
|
|
|
// Pass the response body through a progress reader.
|
|
progReader := progress.NewProgressReader(response.Body, progressOutput, response.ContentLength, "", fmt.Sprintf("Downloading build context from remote url: %s", remoteURL))
|
|
|
|
return GetContextFromReader(ioutils.NewReadCloserWrapper(progReader, func() error { return response.Body.Close() }), dockerfileName)
|
|
}
|
|
|
|
// GetContextFromLocalDir uses the given local directory as context for a
|
|
// `docker build`. Returns the absolute path to the local context directory,
|
|
// the relative path of the dockerfile in that context directory, and a non-nil
|
|
// error on success.
|
|
func GetContextFromLocalDir(localDir, dockerfileName string) (absContextDir, relDockerfile string, err error) {
|
|
// When using a local context directory, when the Dockerfile is specified
|
|
// with the `-f/--file` option then it is considered relative to the
|
|
// current directory and not the context directory.
|
|
if dockerfileName != "" {
|
|
if dockerfileName, err = filepath.Abs(dockerfileName); err != nil {
|
|
return "", "", fmt.Errorf("unable to get absolute path to Dockerfile: %v", err)
|
|
}
|
|
}
|
|
|
|
return getDockerfileRelPath(localDir, dockerfileName)
|
|
}
|
|
|
|
// getDockerfileRelPath uses the given context directory for a `docker build`
|
|
// and returns the absolute path to the context directory, the relative path of
|
|
// the dockerfile in that context directory, and a non-nil error on success.
|
|
func getDockerfileRelPath(givenContextDir, givenDockerfile string) (absContextDir, relDockerfile string, err error) {
|
|
if absContextDir, err = filepath.Abs(givenContextDir); err != nil {
|
|
return "", "", fmt.Errorf("unable to get absolute context directory of given context directory %q: %v", givenContextDir, err)
|
|
}
|
|
|
|
// The context dir might be a symbolic link, so follow it to the actual
|
|
// target directory.
|
|
//
|
|
// FIXME. We use isUNC (always false on non-Windows platforms) to workaround
|
|
// an issue in golang. On Windows, EvalSymLinks does not work on UNC file
|
|
// paths (those starting with \\). This hack means that when using links
|
|
// on UNC paths, they will not be followed.
|
|
if !isUNC(absContextDir) {
|
|
absContextDir, err = filepath.EvalSymlinks(absContextDir)
|
|
if err != nil {
|
|
return "", "", fmt.Errorf("unable to evaluate symlinks in context path: %v", err)
|
|
}
|
|
}
|
|
|
|
stat, err := os.Lstat(absContextDir)
|
|
if err != nil {
|
|
return "", "", fmt.Errorf("unable to stat context directory %q: %v", absContextDir, err)
|
|
}
|
|
|
|
if !stat.IsDir() {
|
|
return "", "", fmt.Errorf("context must be a directory: %s", absContextDir)
|
|
}
|
|
|
|
absDockerfile := givenDockerfile
|
|
if absDockerfile == "" {
|
|
// No -f/--file was specified so use the default relative to the
|
|
// context directory.
|
|
absDockerfile = filepath.Join(absContextDir, DefaultDockerfileName)
|
|
|
|
// Just to be nice ;-) look for 'dockerfile' too but only
|
|
// use it if we found it, otherwise ignore this check
|
|
if _, err = os.Lstat(absDockerfile); os.IsNotExist(err) {
|
|
altPath := filepath.Join(absContextDir, strings.ToLower(DefaultDockerfileName))
|
|
if _, err = os.Lstat(altPath); err == nil {
|
|
absDockerfile = altPath
|
|
}
|
|
}
|
|
}
|
|
|
|
// If not already an absolute path, the Dockerfile path should be joined to
|
|
// the base directory.
|
|
if !filepath.IsAbs(absDockerfile) {
|
|
absDockerfile = filepath.Join(absContextDir, absDockerfile)
|
|
}
|
|
|
|
// Evaluate symlinks in the path to the Dockerfile too.
|
|
//
|
|
// FIXME. We use isUNC (always false on non-Windows platforms) to workaround
|
|
// an issue in golang. On Windows, EvalSymLinks does not work on UNC file
|
|
// paths (those starting with \\). This hack means that when using links
|
|
// on UNC paths, they will not be followed.
|
|
if !isUNC(absDockerfile) {
|
|
absDockerfile, err = filepath.EvalSymlinks(absDockerfile)
|
|
if err != nil {
|
|
return "", "", fmt.Errorf("unable to evaluate symlinks in Dockerfile path: %v", err)
|
|
}
|
|
}
|
|
|
|
if _, err := os.Lstat(absDockerfile); err != nil {
|
|
if os.IsNotExist(err) {
|
|
return "", "", fmt.Errorf("Cannot locate Dockerfile: %q", absDockerfile)
|
|
}
|
|
return "", "", fmt.Errorf("unable to stat Dockerfile: %v", err)
|
|
}
|
|
|
|
if relDockerfile, err = filepath.Rel(absContextDir, absDockerfile); err != nil {
|
|
return "", "", fmt.Errorf("unable to get relative Dockerfile path: %v", err)
|
|
}
|
|
|
|
if strings.HasPrefix(relDockerfile, ".."+string(filepath.Separator)) {
|
|
return "", "", fmt.Errorf("The Dockerfile (%s) must be within the build context (%s)", givenDockerfile, givenContextDir)
|
|
}
|
|
|
|
return absContextDir, relDockerfile, nil
|
|
}
|
|
|
|
// isUNC returns true if the path is UNC (one starting \\). It always returns
|
|
// false on Linux.
|
|
func isUNC(path string) bool {
|
|
return runtime.GOOS == "windows" && strings.HasPrefix(path, `\\`)
|
|
}
|