[19.03] vendor: update buildkit to ff93519ee
Andrew Hsu authored on 2019/11/05 10:23:40... | ... |
@@ -26,7 +26,7 @@ github.com/imdario/mergo 7c29201646fa3de8506f70121347 |
26 | 26 |
golang.org/x/sync e225da77a7e68af35c70ccbf71af2b83e6acac3c |
27 | 27 |
|
28 | 28 |
# buildkit |
29 |
-github.com/moby/buildkit ae10b292fefb00e0fbf9fecd1419c5f252e58895 |
|
29 |
+github.com/moby/buildkit ff93519eefb7d4b2ee67dd78166cd5d0f52f8980 |
|
30 | 30 |
github.com/tonistiigi/fsutil 3d2716dd0a4d06ff854241c7e8b6f3f904e1719f |
31 | 31 |
github.com/grpc-ecosystem/grpc-opentracing 8e809c8a86450a29b90dcc9efbf062d0fe6d9746 |
32 | 32 |
github.com/opentracing/opentracing-go 1361b9cd60be79c4c3a7fa9841b3c132e40066a7 |
... | ... |
@@ -1202,31 +1202,13 @@ func normalizeContextPaths(paths map[string]struct{}) []string { |
1202 | 1202 |
if p == "/" { |
1203 | 1203 |
return nil |
1204 | 1204 |
} |
1205 |
- pathSlice = append(pathSlice, p) |
|
1205 |
+ pathSlice = append(pathSlice, path.Join(".", p)) |
|
1206 | 1206 |
} |
1207 | 1207 |
|
1208 |
- toDelete := map[string]struct{}{} |
|
1209 |
- for i := range pathSlice { |
|
1210 |
- for j := range pathSlice { |
|
1211 |
- if i == j { |
|
1212 |
- continue |
|
1213 |
- } |
|
1214 |
- if strings.HasPrefix(pathSlice[j], pathSlice[i]+"/") { |
|
1215 |
- delete(paths, pathSlice[j]) |
|
1216 |
- } |
|
1217 |
- } |
|
1218 |
- } |
|
1219 |
- |
|
1220 |
- toSort := make([]string, 0, len(paths)) |
|
1221 |
- for p := range paths { |
|
1222 |
- if _, ok := toDelete[p]; !ok { |
|
1223 |
- toSort = append(toSort, path.Join(".", p)) |
|
1224 |
- } |
|
1225 |
- } |
|
1226 |
- sort.Slice(toSort, func(i, j int) bool { |
|
1227 |
- return toSort[i] < toSort[j] |
|
1208 |
+ sort.Slice(pathSlice, func(i, j int) bool { |
|
1209 |
+ return pathSlice[i] < pathSlice[j] |
|
1228 | 1210 |
}) |
1229 |
- return toSort |
|
1211 |
+ return pathSlice |
|
1230 | 1212 |
} |
1231 | 1213 |
|
1232 | 1214 |
func proxyEnvFromBuildArgs(args map[string]string) *llb.ProxyEnv { |
... | ... |
@@ -75,6 +75,10 @@ func MountSSHSocket(ctx context.Context, c session.Caller, opt SocketOpt) (sockP |
75 | 75 |
} |
76 | 76 |
}() |
77 | 77 |
|
78 |
+ if err := os.Chmod(dir, 0711); err != nil { |
|
79 |
+ return "", nil, errors.WithStack(err) |
|
80 |
+ } |
|
81 |
+ |
|
78 | 82 |
sockPath = filepath.Join(dir, "ssh_auth_sock") |
79 | 83 |
|
80 | 84 |
l, err := net.Listen("unix", sockPath) |
... | ... |
@@ -525,7 +525,7 @@ func (sm *secretMountInstance) Mount() ([]mount.Mount, func() error, error) { |
525 | 525 |
return []mount.Mount{{ |
526 | 526 |
Type: "bind", |
527 | 527 |
Source: fp, |
528 |
- Options: []string{"ro", "rbind"}, |
|
528 |
+ Options: []string{"ro", "rbind", "nodev", "nosuid", "noexec"}, |
|
529 | 529 |
}}, cleanup, nil |
530 | 530 |
} |
531 | 531 |
|