-
Notifications
You must be signed in to change notification settings - Fork 14
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Correctly ignore files from .dockerignore #508
Changes from 12 commits
8aaa1d1
de13388
2df3c9a
0d4091b
3f33e4b
a00e445
cd6172f
13ae4df
a0002d3
b41834b
9c8d526
3c911ce
28794f4
193cb5f
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -6,11 +6,11 @@ import ( | |
"encoding/base64" | ||
"encoding/json" | ||
"fmt" | ||
"net" | ||
|
||
"github.com/docker/distribution/reference" | ||
"github.com/moby/buildkit/session" | ||
"github.com/moby/moby/registry" | ||
"net" | ||
"path/filepath" | ||
|
||
"github.com/docker/cli/cli/config" | ||
"github.com/docker/cli/cli/config/configfile" | ||
|
@@ -23,6 +23,8 @@ import ( | |
controlapi "github.com/moby/buildkit/api/services/control" | ||
"github.com/pulumi/pulumi/sdk/v3/go/common/resource" | ||
"github.com/pulumi/pulumi/sdk/v3/go/common/resource/plugin" | ||
|
||
buildCmd "github.com/docker/cli/cli/command/image/build" | ||
) | ||
|
||
const defaultDockerfile = "Dockerfile" | ||
|
@@ -90,8 +92,33 @@ func (p *dockerNativeProvider) dockerBuild(ctx context.Context, | |
return "", nil, err | ||
} | ||
|
||
// make the build context | ||
tar, err := archive.TarWithOptions(img.Build.Context, &archive.TarOptions{}) | ||
// make the build context and ensure to exclude dockerignore file patterns | ||
dockerIgnorePath := filepath.Join(build.Context, ".dockerignore") | ||
ignorePatterns, err := getIgnore(dockerIgnorePath) | ||
ignorePatterns = buildCmd.TrimBuildFilesFromExcludes(ignorePatterns, img.Build.Dockerfile, false) | ||
|
||
// warn user about accidentally copying build files | ||
if build.BuilderVersion == defaultBuilder { | ||
for _, pattern := range ignorePatterns { | ||
if pattern == "!Dockerfile" || pattern == "!.Dockerignore" { | ||
msg := "It looks like you are trying to dockerignore a build file such as Dockerfile or .dockerignore. " + | ||
"Due to limitations when running this provider in Buildkit mode, your build files may get copied " + | ||
"into your image. Please ensure any copied file systems do not include build files." | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This only applies to .dockerignore and the Dockerfile. Perhaps we should tone this message down, that seems very low impact. There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. how is this? |
||
err = p.host.Log(ctx, "warning", urn, msg) | ||
if err != nil { | ||
return "", nil, err | ||
} | ||
} | ||
} | ||
} | ||
|
||
if err != nil { | ||
return "", nil, err | ||
} | ||
|
||
tar, err := archive.TarWithOptions(img.Build.Context, &archive.TarOptions{ | ||
ExcludePatterns: ignorePatterns, | ||
}) | ||
if err != nil { | ||
return "", nil, err | ||
} | ||
|
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -483,22 +483,10 @@ func (accumulator *contextHashAccumulator) hexSumContext() string { | |
|
||
func hashContext(dockerContextPath string, dockerfile string) (string, error) { | ||
// exclude all files listed in dockerignore | ||
dockerIgnorePath := dockerfile + ".dockerignore" | ||
dockerIgnore, err := os.ReadFile(dockerIgnorePath) | ||
if err != nil { | ||
if os.IsNotExist(err) { | ||
dockerIgnorePath = filepath.Join(dockerContextPath, ".dockerignore") | ||
dockerIgnore, err = os.ReadFile(dockerIgnorePath) | ||
if err != nil && !os.IsNotExist(err) { | ||
return "", fmt.Errorf("unable to read %s file: %w", dockerIgnorePath, err) | ||
} | ||
} else { | ||
return "", fmt.Errorf("unable to read %s file: %w", dockerIgnorePath, err) | ||
} | ||
} | ||
ignorePatterns, err := dockerignore.ReadAll(bytes.NewReader(dockerIgnore)) | ||
dockerIgnorePath := filepath.Join(dockerContextPath, ".dockerignore") | ||
ignorePatterns, err := getIgnore(dockerIgnorePath) | ||
if err != nil { | ||
return "", fmt.Errorf("unable to parse %s file: %w", dockerIgnorePath, err) | ||
return "", err | ||
} | ||
ignoreMatcher, err := fileutils.NewPatternMatcher(ignorePatterns) | ||
if err != nil { | ||
|
@@ -554,3 +542,20 @@ func hashContext(dockerContextPath string, dockerfile string) (string, error) { | |
// create a hash of the entire input of the hash accumulator | ||
return accumulator.hexSumContext(), nil | ||
} | ||
|
||
func getIgnore(dockerIgnorePath string) ([]string, error) { | ||
var ignorePatterns []string | ||
dockerIgnore, err := os.ReadFile(dockerIgnorePath) | ||
if err != nil { | ||
if os.IsNotExist(err) { | ||
// .dockerignore files are optional | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. great comment! i found it helpful |
||
return ignorePatterns, nil | ||
} | ||
return ignorePatterns, fmt.Errorf("unable to read %s file: %w", dockerIgnorePath, err) | ||
} | ||
ignorePatterns, err = dockerignore.ReadAll(bytes.NewReader(dockerIgnore)) | ||
if err != nil { | ||
return ignorePatterns, fmt.Errorf("unable to parse %s file: %w", ".dockerignore", err) | ||
} | ||
return ignorePatterns, nil | ||
} |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm not sure if these patterns will fire -
.dockerignore
is typically lowercase.Rather than try to check if the pattern matches, should we store the
ignorePatterns
on line 97 in a different variable from the return value ofbuildCmd.TrimBuildFilesFromExcludes
and checklen(before) != len(after)
?There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
oooh, I like it! good idea!