Skip to content

Commit

Permalink
Merge pull request #3945 from tonistiigi/fix-missing-provenance
Browse files Browse the repository at this point in the history
handle missing provenance for non-evaluated result
  • Loading branch information
tonistiigi authored Jun 28, 2023
2 parents 12070ca + 60b3aa7 commit 62bdf96
Show file tree
Hide file tree
Showing 3 changed files with 78 additions and 3 deletions.
76 changes: 76 additions & 0 deletions frontend/dockerfile/dockerfile_provenance_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -1047,3 +1047,79 @@ ENV FOO=bar
}, nil)
require.NoError(t, err)
}

// https://github.com/moby/buildkit/issues/3562
func testDuplicatePlatformProvenance(t *testing.T, sb integration.Sandbox) {
integration.CheckFeatureCompat(t, sb, integration.FeatureProvenance)
ctx := sb.Context()

c, err := client.New(ctx, sb.Address())
require.NoError(t, err)
defer c.Close()

f := getFrontend(t, sb)

dockerfile := []byte(`FROM alpine`)
dir, err := integration.Tmpdir(
t,
fstest.CreateFile("Dockerfile", dockerfile, 0600),
)
require.NoError(t, err)

_, err = f.Solve(sb.Context(), c, client.SolveOpt{
FrontendAttrs: map[string]string{
"attest:provenance": "mode=max",
"platform": "linux/amd64,linux/amd64",
},
LocalDirs: map[string]string{
dockerui.DefaultLocalNameDockerfile: dir,
dockerui.DefaultLocalNameContext: dir,
},
}, nil)
require.NoError(t, err)
}

// https://github.com/moby/buildkit/issues/3928
func testDockerIgnoreMissingProvenance(t *testing.T, sb integration.Sandbox) {
integration.CheckFeatureCompat(t, sb, integration.FeatureProvenance)
c, err := client.New(sb.Context(), sb.Address())
require.NoError(t, err)
defer c.Close()

dockerfile := []byte(`FROM alpine`)
dirDockerfile, err := integration.Tmpdir(
t,
fstest.CreateFile("Dockerfile", dockerfile, 0600),
)
require.NoError(t, err)
dirContext, err := integration.Tmpdir(t)
require.NoError(t, err)

frontend := func(ctx context.Context, c gateway.Client) (*gateway.Result, error) {
// remove the directory to simulate the case where the context
// directory does not exist, and either no validation checks were run,
// or they passed erroneously
if err := os.RemoveAll(dirContext); err != nil {
return nil, err
}

res, err := c.Solve(ctx, gateway.SolveRequest{
Frontend: "dockerfile.v0",
})
if err != nil {
return nil, err
}
return res, nil
}

_, err = c.Build(sb.Context(), client.SolveOpt{
FrontendAttrs: map[string]string{
"attest:provenance": "mode=max",
},
LocalDirs: map[string]string{
dockerui.DefaultLocalNameDockerfile: dirDockerfile,
dockerui.DefaultLocalNameContext: dirContext,
},
}, "", frontend, nil)
require.NoError(t, err)
}
2 changes: 2 additions & 0 deletions frontend/dockerfile/dockerfile_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,8 @@ var allTests = integration.TestFuncs(
testSecretSSHProvenance,
testOCILayoutProvenance,
testNilProvenance,
testDuplicatePlatformProvenance,
testDockerIgnoreMissingProvenance,
testSBOMScannerArgs,
testMultiPlatformWarnings,
testNilContextInSolveGateway,
Expand Down
3 changes: 0 additions & 3 deletions solver/llbsolver/solver.go
Original file line number Diff line number Diff line change
Expand Up @@ -749,9 +749,6 @@ func getRefProvenance(ref solver.ResultProxy, br *provenanceBridge) (*provenance
}
p := ref.Provenance()
if p == nil {
if br.req != nil {
return nil, errors.Errorf("missing provenance for %s", ref.ID())
}
return nil, nil
}

Expand Down

0 comments on commit 62bdf96

Please sign in to comment.