Corrupted cache #16
Merged
Corrupted cache #16
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Natalie Arellano <[email protected]>
Signed-off-by: Natalie Arellano <[email protected]>
…ot, (#1348) consider it not a match Signed-off-by: Natalie Arellano <[email protected]>
… labels (#1347) * Read `/etc/os-release` file when distro information is not present in labels Signed-off-by: Pavel Busko <[email protected]> * fix unit tests Signed-off-by: Pavel Busko <[email protected]> * Update phase/generator_test.go Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Pavel Busko <[email protected]> * Update phase/generator_test.go Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Pavel Busko <[email protected]> --------- Signed-off-by: Pavel Busko <[email protected]> Signed-off-by: Pavel Busko <[email protected]> Co-authored-by: Natalie Arellano <[email protected]>
Bumps the go-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/GoogleContainerTools/kaniko](https://github.com/GoogleContainerTools/kaniko) | `1.21.1` | `1.22.0` | | [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.14` | `1.7.16` | | [github.com/docker/docker](https://github.com/docker/docker) | `26.0.1+incompatible` | `26.1.0+incompatible` | | [github.com/moby/buildkit](https://github.com/moby/buildkit) | `0.13.1` | `0.13.2` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.18.0` | `0.19.0` | Updates `github.com/GoogleContainerTools/kaniko` from 1.21.1 to 1.22.0 - [Release notes](https://github.com/GoogleContainerTools/kaniko/releases) - [Changelog](https://github.com/GoogleContainerTools/kaniko/blob/main/CHANGELOG.md) - [Commits](GoogleContainerTools/kaniko@v1.21.1...v1.22.0) Updates `github.com/containerd/containerd` from 1.7.14 to 1.7.16 - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.14...v1.7.16) Updates `github.com/docker/docker` from 26.0.1+incompatible to 26.1.0+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v26.0.1...v26.1.0) Updates `github.com/moby/buildkit` from 0.13.1 to 0.13.2 - [Release notes](https://github.com/moby/buildkit/releases) - [Commits](moby/buildkit@v0.13.1...v0.13.2) Updates `golang.org/x/sys` from 0.18.0 to 0.19.0 - [Commits](golang/sys@v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: github.com/GoogleContainerTools/kaniko dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/containerd/containerd dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/moby/buildkit dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Natalie Arellano <[email protected]>
Bumps the go-dependencies group with 2 updates: [github.com/docker/docker](https://github.com/docker/docker) and [golang.org/x/sys](https://github.com/golang/sys). Updates `github.com/docker/docker` from 26.1.0+incompatible to 26.1.1+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v26.1.0...v26.1.1) Updates `golang.org/x/sys` from 0.19.0 to 0.20.0 - [Commits](golang/sys@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…t compat (#1352) * Reorder functions in file Signed-off-by: Natalie Arellano <[email protected]> * Also read distro information from /etc/os-release when checking target compat buildpacks/lifecycle#1347 reads the file when providing target env vars to buildpacks during detect, but we also need to consider this info when deciding whether or not to run detect for the buildpack Signed-off-by: Natalie Arellano <[email protected]> * Error if we don't find run image OS during analyze And remove checks for missing OS later in the build, as it should always be there Signed-off-by: Natalie Arellano <[email protected]> --------- Signed-off-by: Natalie Arellano <[email protected]>
* fix: instance create issue for GH actions Signed-off-by: Dilip Gowda Bhagavan <[email protected]> * fix: ibm cloud instance creation issue Signed-off-by: Dilip Gowda Bhagavan <[email protected]> --------- Signed-off-by: Dilip Gowda Bhagavan <[email protected]>
* More fixes for target compat checking during detect - If a buildpack fails to specify os/arch (but specifies distro) still check targets - If the run image fails to specify os/arch (this should not happen actually as we will fail during analyze) still check targets - Fix typo in buildpack descriptor struct so that we actually get stack information - If we get distro information from /etc/os-release, persist this information to later invocations to that the log message printed when errors are encountered will be accurate - Don't override inner `i` in loop (this should not actually affect the outer loop but is confusing) Signed-off-by: Natalie Arellano <[email protected]> * When stack is "any", don't infer empty target as it is not needed Missing targets is sufficient for wildcard match Signed-off-by: Natalie Arellano <[email protected]> * Remove backwards compatible glue that actually causes fewer builds to succeed Fixes buildpacks/lifecycle#1355 Signed-off-by: Natalie Arellano <[email protected]> * Remove exit (this was added for debugging purposes) Signed-off-by: Natalie Arellano <[email protected]> --------- Signed-off-by: Natalie Arellano <[email protected]>
Bumps [azure/docker-login](https://github.com/azure/docker-login) from 1 to 2. - [Release notes](https://github.com/azure/docker-login/releases) - [Commits](Azure/docker-login@v1...v2) --- updated-dependencies: - dependency-name: azure/docker-login dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Natalie Arellano <[email protected]>
* Bump the go-dependencies group across 1 directory with 5 updates Bumps the go-dependencies group with 3 updates in the / directory: [github.com/BurntSushi/toml](https://github.com/BurntSushi/toml), [github.com/GoogleContainerTools/kaniko](https://github.com/GoogleContainerTools/kaniko) and [github.com/containerd/containerd](https://github.com/containerd/containerd). Updates `github.com/BurntSushi/toml` from 1.3.2 to 1.4.0 - [Release notes](https://github.com/BurntSushi/toml/releases) - [Commits](BurntSushi/toml@v1.3.2...v1.4.0) Updates `github.com/GoogleContainerTools/kaniko` from 1.22.0 to 1.23.0 - [Release notes](https://github.com/GoogleContainerTools/kaniko/releases) - [Changelog](https://github.com/GoogleContainerTools/kaniko/blob/main/CHANGELOG.md) - [Commits](GoogleContainerTools/kaniko@v1.22.0...v1.23.0) Updates `github.com/awslabs/amazon-ecr-credential-helper/ecr-login` from 0.0.0-20231213181459-b0fcec718dc6 to 0.0.0-20240419161514-af205d85bb44 - [Release notes](https://github.com/awslabs/amazon-ecr-credential-helper/releases) - [Changelog](https://github.com/awslabs/amazon-ecr-credential-helper/blob/main/CHANGELOG.md) - [Commits](https://github.com/awslabs/amazon-ecr-credential-helper/commits) Updates `github.com/containerd/containerd` from 1.7.16 to 1.7.17 - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.16...v1.7.17) Updates `github.com/docker/docker` from 26.1.1+incompatible to 26.1.2+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v26.1.1...v26.1.2) --- updated-dependencies: - dependency-name: github.com/BurntSushi/toml dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/GoogleContainerTools/kaniko dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/awslabs/amazon-ecr-credential-helper/ecr-login dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/containerd/containerd dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <[email protected]> * Fix unit Signed-off-by: Natalie Arellano <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Natalie Arellano <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Natalie Arellano <[email protected]>
Signed-off-by: Joey Brown <[email protected]>
joeybrown-sf
force-pushed
the
corrupted-cache
branch
from
60fad2c to
e505545
Compare
Signed-off-by: Joey Brown <[email protected]>
Signed-off-by: Joey Brown <[email protected]>
joeybrown-sf
force-pushed
the
corrupted-cache
branch
from
e505545 to
1c4aefa
Compare
* Ensure read access to the run image selected by extensions Co-authored-by: Nicolas Bender <[email protected]> Signed-off-by: Pavel Busko <[email protected]> Co-authored-by: Pavel Busko <[email protected]> * move read access check to the restorer cmd Signed-off-by: Pavel Busko <[email protected]> * guard behind platform version check Signed-off-by: Pavel Busko <[email protected]> --------- Signed-off-by: Pavel Busko <[email protected]> Co-authored-by: Nicolas Bender <[email protected]>
* Restore cached launch layers not found in appLayers Co-authored-by: Ralf Pannemans <[email protected]> Signed-off-by: Pavel Busko <[email protected]> * add platform api guard Signed-off-by: Pavel Busko <[email protected]> --------- Signed-off-by: Pavel Busko <[email protected]> Co-authored-by: Ralf Pannemans <[email protected]>
|
Thank you for this @joeybrown-sf! I left a few nits and a few questions |
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Co-authored-by: Natalie Arellano <[email protected]> Signed-off-by: Joey Brown <[email protected]>
Signed-off-by: Joey Brown <[email protected]>
* Target data: populate os/arch as well as distro information Fixes buildpacks/lifecycle#1371 Signed-off-by: Natalie Arellano <[email protected]> * Only os and arch are truly required Signed-off-by: Natalie Arellano <[email protected]> * Fix one more unit Signed-off-by: Natalie Arellano <[email protected]> * Fix even more units Signed-off-by: Natalie Arellano <[email protected]> --------- Signed-off-by: Natalie Arellano <[email protected]>
* Bump the go-dependencies group across 1 directory with 6 updates Bumps the go-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github.com/GoogleContainerTools/kaniko](https://github.com/GoogleContainerTools/kaniko) | `1.23.0` | `1.23.1` | | [github.com/containerd/containerd](https://github.com/containerd/containerd) | `1.7.17` | `1.7.19` | | [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) | `0.19.1` | `0.20.0` | | [github.com/moby/buildkit](https://github.com/moby/buildkit) | `0.13.2` | `0.14.1` | | [golang.org/x/sys](https://github.com/golang/sys) | `0.20.0` | `0.22.0` | Updates `github.com/GoogleContainerTools/kaniko` from 1.23.0 to 1.23.1 - [Release notes](https://github.com/GoogleContainerTools/kaniko/releases) - [Changelog](https://github.com/GoogleContainerTools/kaniko/blob/main/CHANGELOG.md) - [Commits](GoogleContainerTools/kaniko@v1.23.0...v1.23.1) Updates `github.com/containerd/containerd` from 1.7.17 to 1.7.19 - [Release notes](https://github.com/containerd/containerd/releases) - [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md) - [Commits](containerd/containerd@v1.7.17...v1.7.19) Updates `github.com/docker/docker` from 26.1.2+incompatible to 26.1.3+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v26.1.2...v26.1.3) Updates `github.com/google/go-containerregistry` from 0.19.1 to 0.20.0 - [Release notes](https://github.com/google/go-containerregistry/releases) - [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml) - [Commits](google/go-containerregistry@v0.19.1...v0.20.0) Updates `github.com/moby/buildkit` from 0.13.2 to 0.14.1 - [Release notes](https://github.com/moby/buildkit/releases) - [Commits](moby/buildkit@v0.13.2...v0.14.1) Updates `golang.org/x/sys` from 0.20.0 to 0.22.0 - [Commits](golang/sys@v0.20.0...v0.22.0) --- updated-dependencies: - dependency-name: github.com/GoogleContainerTools/kaniko dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/containerd/containerd dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/docker/docker dependency-type: direct:production update-type: version-update:semver-patch dependency-group: go-dependencies - dependency-name: github.com/google/go-containerregistry dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: github.com/moby/buildkit dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor dependency-group: go-dependencies ... Signed-off-by: dependabot[bot] <[email protected]> * Stay on the same version of buildkit as kaniko Signed-off-by: Natalie Arellano <[email protected]> --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: Natalie Arellano <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Natalie Arellano <[email protected]>
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.64.0 to 1.64.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.64.0...v1.64.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Surface registry error instead of logging it as debug When permissions issues are encountered, it can be hard to determine the root cause without the error returned from the registry Signed-off-by: Natalie Arellano <[email protected]> * Fix test expectation Signed-off-by: Natalie Arellano <[email protected]> --------- Signed-off-by: Natalie Arellano <[email protected]>
Image utils should fail with a Layer Not found in both ReuseLayer & GetLayer. For GetLayer, when there is a missing blob, it's return an unexpected EOF error. For ReuseLayer, when there is a missing blob, it's not returning an error but it should.
joeybrown-sf
force-pushed
the
corrupted-cache
branch
from
c9516cd to
67a8cf5
Compare
|
Looks like these units are failing: |
|
oops I introduced a regression. Thanks for that call out! I think we're good now. Please take a look at your convenience 😃 |
|
Thank you for the PR @joeybrown-sf! This looks good to me. |
natalieparellano
approved these changes
Jul 16, 2024
jabrown85
approved these changes
Jul 16, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This PR addresses the security concern by skipping the cache restore if the tarball is not present.
A user will see the a similar warning as the following. The restore no longer hard fails.
Release notes
Restorer no longer fails when missing cache artifacts are referenced in the cache metadata.
Related
Resolves buildpacks/lifecycle#1382
Context