From d1d3ad8dacff96ab6731fb75316cbe638f5ffcca Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Tue, 13 Aug 2024 13:04:43 +0300 Subject: [PATCH 1/3] exec: fix incorrect deps computation for special mounts Secret, SSH and Tmpfs mounts never have an input vertex and zero value for input should not be considered and input at index 0 . Currently, if for example secret mount had a input=0, it caused content based checksum from first input(rootfs), that could take quite a lot of time when image was big and had lots of files. The computation result was cached but if there was a cache invalidation in previous commands it caused checksum to recomputed again for the command with the secret mount. Signed-off-by: Tonis Tiigi (cherry picked from commit 3c87ba1bd502986f627115c6756c257b4a0a66e9) --- solver/llbsolver/ops/exec.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/solver/llbsolver/ops/exec.go b/solver/llbsolver/ops/exec.go index 5f6777592e09..058d911353e2 100644 --- a/solver/llbsolver/ops/exec.go +++ b/solver/llbsolver/ops/exec.go @@ -285,6 +285,11 @@ type dep struct { func (e *ExecOp) getMountDeps() ([]dep, error) { deps := make([]dep, e.numInputs) for _, m := range e.op.Mounts { + switch m.MountType { + case pb.MountType_SECRET, pb.MountType_SSH, pb.MountType_TMPFS: + continue + } + if m.Input == pb.Empty { continue } From a9d183add49ae43d8c57fbabbba1bb9609e8cf12 Mon Sep 17 00:00:00 2001 From: Justin Chadwell Date: Tue, 13 Aug 2024 13:16:57 +0100 Subject: [PATCH 2/3] chore: set pb.Empty on ssh and secret mounts These mounts have no vertex inputs, and so should be *explicitly* marshaled as such. Signed-off-by: Justin Chadwell (cherry picked from commit 157efce41a3c359f19b595699f5184c7986ac6ac) --- client/llb/exec.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/client/llb/exec.go b/client/llb/exec.go index 457a9b1f2f8e..faba8bddc72b 100644 --- a/client/llb/exec.go +++ b/client/llb/exec.go @@ -396,6 +396,7 @@ func (e *ExecOp) Marshal(ctx context.Context, c *Constraints) (digest.Digest, [] }) } else { pm := &pb.Mount{ + Input: pb.Empty, Dest: s.Target, MountType: pb.MountType_SECRET, SecretOpt: &pb.SecretOpt{ @@ -412,6 +413,7 @@ func (e *ExecOp) Marshal(ctx context.Context, c *Constraints) (digest.Digest, [] for _, s := range e.ssh { pm := &pb.Mount{ + Input: pb.Empty, Dest: s.Target, MountType: pb.MountType_SSH, SSHOpt: &pb.SSHOpt{ From e24cd7c117b1ed8f5d57726b2fc353a5b107e48d Mon Sep 17 00:00:00 2001 From: Tonis Tiigi Date: Thu, 15 Aug 2024 13:24:51 +0300 Subject: [PATCH 3/3] remotecache: handle not implemented error for Info() Moby graphdriver backend does not implement Info() and such case should not be used as a signal for blob needed to be skipped as it is unavailable. This requires a change in Moby side as well to return a typed error instead of string. Signed-off-by: Tonis Tiigi (cherry picked from commit 8fdf84f82181c897e10fd4c83b10adae6781c81f) --- cache/remotecache/v1/utils.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cache/remotecache/v1/utils.go b/cache/remotecache/v1/utils.go index 79cf846391fe..ef0294d75f18 100644 --- a/cache/remotecache/v1/utils.go +++ b/cache/remotecache/v1/utils.go @@ -5,6 +5,7 @@ import ( "fmt" "sort" + cerrdefs "github.com/containerd/errdefs" "github.com/moby/buildkit/solver" "github.com/moby/buildkit/util/bklog" digest "github.com/opencontainers/go-digest" @@ -281,7 +282,9 @@ func marshalRemote(ctx context.Context, r *solver.Remote, state *marshalState) s if r.Provider != nil { for _, d := range r.Descriptors { if _, err := r.Provider.Info(ctx, d.Digest); err != nil { - return "" + if !cerrdefs.IsNotImplemented(err) { + return "" + } } } }