1. 18 May, 2022 2 commits
  2. 13 May, 2022 1 commit
  3. 12 May, 2022 2 commits
  4. 11 May, 2022 2 commits
  5. 06 May, 2022 10 commits
  6. 20 Apr, 2021 1 commit
    • Dduvall's avatar
      user: Check for existing user/group before creating · 459234d2
      Dduvall authored
      To support scenarios where the `runs.as` or `lives.as` user/group
      already exists in the base image, pair the calls to `useradd` and
      `groupadd` with `getent` conditionals.
      Bug: T268819
      Change-Id: I3aef722ac57b38695c7411e64b41589fad16e95b
  7. 18 Mar, 2021 1 commit
  8. 12 Mar, 2021 1 commit
    • Dduvall's avatar
      apt: Support configuration of http/https proxies · 7bb48691
      Dduvall authored
      Defines a new `apt.proxies` field that allows users to specify
      http/https proxy URLs that apply to one or all APT sources. APT
      configuration for the proxies will be written prior to package
      installation and then removed.
      Both a shorthand and longhand configuration are supported.
            packages: [foo]
            proxies: [http://proxy.example:8080]
      Is a shorthand equivalent of:
            packages: [foo]
              - url: http://proxy.example:8080
      In which case, the following APT config is written before installing
      packages, proxying all http sources via `http://proxy.example:8080`.
          Acquire::http::Proxy "http://proxy.example:8080";
            packages: [foo]
              - url: https://proxy.example:8081
                source: https://security.debian.org
      In which case, the following APT config is written before installing
      packages, proxying only https requests to security.debian.org via
          Acquire::https::Proxy::security.debian.org "https://proxy.example:8081";
      Other changes include a refactoring of the `AptConfig.Packages` type and
      unmarshalling function. A formal type `AptPackages` is now defined,
      derived from `map[string][]string`, and the `UnmarshalJSON` member
      function moved there. This was done to avoid bloating of the general
      `AptConfig` unmarshal function with implementation for both fields
      (`packages` and `proxies`).
      The new `AptConfig.Proxy` type defines its own unmarshal function to
      support both shorthand and longhand configurations.
      Bug: T277109
      Change-Id: I5b82efcc441e48890cfab62747519d8986d7e8ac
  9. 23 Feb, 2021 1 commit
    • Dduvall's avatar
      copies: Allow copying directly from other images · db3a5397
      Dduvall authored
      To support image compositions that rely on copying files from one or
      more external images, allow `ArtifactsConfig.From` to be any valid image
      Generalize `baseimage` validator as `imageref` and create a new
      `artifactfrom` validator alias for `imageref|variantref`. Use the new
      validator for `From`.
      Additionally, omits non-variant `From` references from the dependency
      Change-Id: I3b92d815b62856fe5a8df836b37cce0043a74ffa
  10. 12 Feb, 2021 1 commit
    • BryanDavis's avatar
      python: upgrade pip before installing requirements · 007009ea
      BryanDavis authored
      A `python` config block already triggered installing pip via
      easy_install which is pretty specific to python2 era usage. It then used
      pip to install/update pypi packages for setuptools, wheel, and tox. This
      change adds the pip package to that set of pypi install/update packages.
      This is useful to ensure that the resulting image is capable of
      installing manylinux2014 formatted wheels (pip >= 19.3). Debian Buster's
      python3-pip package is pip 18.1 which is too old to look for
      manylinux2014 wheels when installing packages such as cryptography which
      have stopped publishing wheels with the older manylinux1 and
      manylinux2010 platform tags.
      Existing pinning of pip to a version less than 21.0 is preserved for
      those poor, unloved python2 projects that linger in an ever colder and
      darker world hostile to their kind.
      Bug: T274435
      Change-Id: I81f0af69dbd4f9202bc9736faf653813c81fc0ad
  11. 04 Feb, 2021 1 commit
    • Dduvall's avatar
      python: Pin pip package to <21 for Python 2 · d91393a4
      Dduvall authored
      Pip 21 has dropped support for Python 2 but is still strangely
      selected for installation when running setuptools with a python2 binary.
      Let's pin pip when a `version` is specified that starts with "python2".
      Note this will require python 2 users to explicitly specify `version:
      python2` even if their default `python` binary in the base image is for
      python 2.
      Bug: T273793
      Change-Id: Id7d4315e345657ce7ac2efdd0b065d693e47b2f5
  12. 03 Feb, 2021 1 commit
  13. 02 Feb, 2021 2 commits
  14. 01 Feb, 2021 1 commit
    • Jeena Huneidi's avatar
      apt.go: Add ability to target releases · eb038f2c
      Jeena Huneidi authored
      In order to allow packages from backports to be downloaded, the ability
      to target a release when running apt-get install is required.
      apt.packages now takes the previously defined list of string or a map
      of targets and packages to install. When using a map, in order to
      install the packages for the base image, the 'default' key should be
        default: ["libfoo", "libbar"]
        buster-backports: ["libbaaz"]
      Bug: T272759
      Change-Id: I435c47794ffbc0264e0a440bfbd23e11570645d1
  15. 26 Jan, 2021 1 commit
  16. 15 Jan, 2021 1 commit
  17. 18 Dec, 2020 1 commit
    • Dduvall's avatar
      Refactor other builder types to use RequirementsConfig · 18c9968e
      Dduvall authored
      Copying of required files is now a generic operation implemented by
      `config.RequirementsConfig`. Other builder types should re-use this
      To support this change, some `RequirementsConfig` implementation around
      source and destination paths was moved to functions of
      Build macro functions `SortFilesByDir` and `SyncFiles` are no longer
      needed and were removed.
      Change-Id: Ieb0cd2a0b1e4f11b05d19c63bea9bdf9d578e3ea
      Follows-up: If813829bdace6851bdba56abcdfcab1cd967df03
  18. 16 Dec, 2020 1 commit
  19. 15 Dec, 2020 1 commit
  20. 14 Dec, 2020 1 commit
    • BryanDavis's avatar
      requirements: Fix regression in short form handling · f063588e
      BryanDavis authored
      Flip the order of `path.Clean()` and `path.Dir()` in the NewFromShort()
      constructor. The prior order was stripping directory indicators from the
      source path prematurely.
      Bug: T263597
      Change-Id: I0d76b4632660a8c32fb1c8a7a90b287546271348
  21. 11 Dec, 2020 1 commit
    • Dduvall's avatar
      Make artifact destination optional · 058c2d54
      Dduvall authored
      Destination is now an optional field, defaulting to the source path
      when omitted.
      This makes for less redundancy when defining cross-variant builder
      requirements and copies in cases where the application directories
      are the same between variants.
      Change-Id: I44cc3fdff260670b07b6cb3d82d4d7a49ff221f7
  22. 10 Dec, 2020 2 commits
    • BryanDavis's avatar
      builder: support cross variant copying for builder.requirements · a9a61206
      BryanDavis authored
      Allow `builder.requirements` to use a long form similar to `copies` when
      the user needs to copy files from one variant to another as part of the
      builder stage. This allows multi-stage builds to generate some artifact
      in stage "A" and then copy that artifact into stage "B" in the
      PreInstall phase before running `builder.command`.
      Usage example:
              - wget
              - /bin/bash
              - -c
              - >-
                wget https://example.org/some_cool_utility.tgz
                && tar xzvf some_cool_utility.tgz
                && rm some_cool_utility.tgz
              - src
              - from: A
                source: some_cool_utility
                destination: .
              - some_cool_utility --do-something-cool src/
      Bug: T263597
      Co-authored-by: Dduvall's avatarDan Duvall <dduvall@wikimedia.org>
      Change-Id: If813829bdace6851bdba56abcdfcab1cd967df03
    • BryanDavis's avatar
      Fix Makefile syntax for running linter & legacy errors · e81d1adf
      BryanDavis authored
      The `lint` make target contained a logic error which made make evaluate
      the test condition rather than bash. This in turn has prevented all
      gofmt warnings from being seen by developers. The fix was escaping the
      `$` character in the Makefile by doubling it.
      Following this fix, the existing linter errors are also fixed by this
      Change-Id: Ieb0c91cbdd0b13602fba9b6f81c97d22f36a7fd7
  23. 16 Oct, 2020 1 commit
    • Dduvall's avatar
      Fix openapi spec and include variant schema · f34686ba
      Dduvall authored
      Fixes various issues with the openapi 3.0 blubberoid specification,
      includes the variant schema using `additionalProperties`'s object
      notation, and implements a test that performs validation.
      Change-Id: I203ff340a9753a1541512ab466ac845e0e7e4f64
  24. 25 Sep, 2020 1 commit
    • BryanDavis's avatar
      python.go: Add support for Poetry package manager · 5718d4d6
      BryanDavis authored
      Poetry (<https://python-poetry.org/>) is a packaging and dependency
      management tool for Python. Poetry creates a fully versioned dependency
      tree for your project. The poetry.lock file tracks the exact versions of
      each library and its dependencies for repeatable installs.
      Usage example:
            version: python3
              version: ==1.0.10
            requirements: [pyproject.toml, poetry.lock]
          includes: [build]
              devel: true
          copies: [local]
          includes: [build]
          copies: [local]
      python.poetry.version must be a simplified Python package version
      specification. A new "pypkgver" validator is provided to ensure that the
      value is usable for a `pip install poetry...` command. Typically it
      would be reasonable to pin the version of Poetry in use to an exact
      version as show in the sample above, but it may be desirable to use
      other more complex constraints such as ">=1.0,!=1.0.3,<2.0".
      python.poetry.devel is a boolean flag indicating whether or not to
      install development dependencies in the Poetry managed venv. It defaults
      to false.
      When python.poetry.version is non-empty various changes will be made to
      the generated Dockerfile.
      ; PhasePrivileged
      : A version of Poetry matching the python.poetry.version constraint
        will be installed using pip.
      : POETRY_VIRTUALENVS_PATH will be set in the environment.
      ; PhasePreInstall
      : PIP_WHEEL_DIR and PIP_FIND_LINKS will not be set in the environment.
      : `poetry install --no-root --no-dev` will be used to create and
        populate a venv within POETRY_VIRTUALENVS_PATH.
      : If python.poetry.devel is true, the `--no-dev` flag will be omitted.
      ; PhasePostInstall
      : PYTHONPATH and PATH will not be set in the environment.
      Change-Id: I33b356ff90983f8b8d5b76003851db139d97fe2e
  25. 22 Sep, 2020 1 commit
  26. 16 Sep, 2020 1 commit
    • Jeena Huneidi's avatar
      .pipeline/config.yaml: add promote step · 1fbe4e19
      Jeena Huneidi authored
      Adds a promote step to the pipeline config so that the blubber
      deployment chart will be updated with each newly published image.
      Bug: T255835
      Change-Id: I978792af67528009f7b964e9a55fcd594d44c72f