Skip to content

Instantly share code, notes, and snippets.

@tonistiigi

tonistiigi/from_git.bash Secret

Last active August 30, 2022 05:13
Show Gist options
  • Save tonistiigi/003d3f49d646399d150a08ec30874398 to your computer and use it in GitHub Desktop.
Save tonistiigi/003d3f49d646399d150a08ec30874398 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
from_git.bash
# buildctl build --frontend dockerfile.v0 --opt context=https://github.com/moby/buildkit.git --opt filename=frontend/dockerfile/cmd/dockerfile-frontend/Dockerfile --opt attest:provenance= -o type=image,name=tonistiigi/test:dockerfile-from-git,push=true --opt platform=linux/amd64,linux/arm64
# docker buildx imagetools inspect tonistiigi/test:dockerfile-from-git --raw
{
"mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
"schemaVersion": 2,
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:dc27f0ad619add3b2067fcf3598ccd88bc80095b4738e0a8a937d91a3e055f64",
"size": 529,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:4171369e903d720f338931b713773f82f0bab9824d928b24dede492cf48a0d01",
"size": 529,
"platform": {
"architecture": "arm64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:a3f3ad9f3aed760547159ff08d118be6e20e7630694bc268d3f7cbf8dcddfd70",
"size": 503,
"annotations": {
"vnd.docker.reference.digest": "sha256:dc27f0ad619add3b2067fcf3598ccd88bc80095b4738e0a8a937d91a3e055f64",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:398b7ff3c16366f883570bb5f103a56ad5c6376a0d6e97134a1abe1e2466905c",
"size": 503,
"annotations": {
"vnd.docker.reference.digest": "sha256:4171369e903d720f338931b713773f82f0bab9824d928b24dede492cf48a0d01",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
}
]
}
/ # ctr content get sha256:398b7ff3c16366f883570bb5f103a56ad5c6376a0d6e97134a1abe1e2466905c
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"schemaVersion": 2,
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"digest": "sha256:da583a88490a968bd9130f24e07534621a6e0fcaacfa1a2ae7516a1e8959f843",
"size": 167
},
"layers": [
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:e715cb6c33f663c98b6c42fb1dabf74e808ef9809e007729d306e1fc73910ec4",
"size": 1192
}
]
}/ #
/ #
/ # ctr content get sha256:e715cb6c33f663c98b6c42fb1dabf74e808ef9809e007729d306e1fc73910ec4 | jq .
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"name": "_",
"digest": {
"sha256": "4171369e903d720f338931b713773f82f0bab9824d928b24dede492cf48a0d01"
}
}
],
"predicate": {
"builder": {
"id": ""
},
"buildType": "https://mobyproject.org/buildkit@v1",
"invocation": {
"configSource": {
"uri": "https://github.com/moby/buildkit.git",
"digest": {
"sha1": "9528036502c589626bfb60600af6ce5ee427f479"
},
"entryPoint": "frontend/dockerfile/cmd/dockerfile-frontend/Dockerfile"
},
"parameters": {
"source": "docker/dockerfile-upstream:master"
}
},
"materials": [
{
"uri": "pkg:docker/golang@1.19-alpine",
"digest": {
"sha256": "0eb08c89ab1b0c638a9fe2780f7ae3ab18f6ecda2c76b908e09eb8073912045d"
}
},
{
"uri": "pkg:docker/tonistiigi/xx@golang",
"digest": {
"sha256": "810dc54d5144f133a218e88e319184bf8b9ce01d37d46ddb37573e90decd9eef"
}
},
{
"uri": "https://github.com/moby/buildkit.git",
"digest": {
"sha1": "9528036502c589626bfb60600af6ce5ee427f479"
}
}
],
"metadata": {
"buildInvocationID": "dwhrk44a258qlamqvhqqpla07",
"buildStartedOn": "2022-08-30T04:32:41.002156792Z",
"buildFinishedOn": "2022-08-30T04:33:14.027753043Z",
"completeness": {
"parameters": true,
"environment": true,
"materials": true
},
"reproducible": false
}
}
}
/ #
Raw
from_local.bash
# buildctl build --frontend dockerfile.v0 --local context=. --local dockerfile=. --opt filename=frontend/dockerfile/cmd/dockerfile-frontend/Dockerfile --opt attest:provenance= -o type=image,name=tonistiigi/test:dockerfile-from-local,push=true --opt platform=linux/amd64,linux/arm64 --opt vcs:source=$(git config --get remote.origin.url) --opt vcs:revision=$(git rev-parse HEAD)
# docker buildx imagetools inspect tonistiigi/test:dockerfile-from-local --raw
{
"mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
"schemaVersion": 2,
"manifests": [
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:7ff2e95da074a118e81ee4e2f5b5f6867035a960c0e3e490e884d7d33e9fb830",
"size": 529,
"platform": {
"architecture": "amd64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:0d617bb8379e08516b26a300e74613c49fc6271e59ee068e021879a8eb04be9a",
"size": 529,
"platform": {
"architecture": "arm64",
"os": "linux"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:de1deafb650a6889348ea3171bac6893b5453fc78e1fad92d747daf6dbf72d5b",
"size": 503,
"annotations": {
"vnd.docker.reference.digest": "sha256:7ff2e95da074a118e81ee4e2f5b5f6867035a960c0e3e490e884d7d33e9fb830",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
},
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"digest": "sha256:f4bf208d40a28361e6d54321060b21e24aca0e1ee7579fc40d6c0a24337dbb71",
"size": 503,
"annotations": {
"vnd.docker.reference.digest": "sha256:0d617bb8379e08516b26a300e74613c49fc6271e59ee068e021879a8eb04be9a",
"vnd.docker.reference.type": "attestation-manifest"
},
"platform": {
"architecture": "unknown",
"os": "unknown"
}
}
]
}
/ #
/ # ctr content get sha256:f4bf208d40a28361e6d54321060b21e24aca0e1ee7579fc40d6c0a24337dbb71
{
"mediaType": "application/vnd.docker.distribution.manifest.v2+json",
"schemaVersion": 2,
"config": {
"mediaType": "application/vnd.docker.container.image.v1+json",
"digest": "sha256:6c9c4c40ac483975ff192f5bb75988b221c8d49d2bcc6b108518c324c5ea2da0",
"size": 167
},
"layers": [
{
"mediaType": "application/vnd.in-toto+json",
"digest": "sha256:465390174ca6e399aca6e8ad64c45f596f98327f3bd95c32f93a75f34f14dfaf",
"size": 1088
}
]
}/ #
/ #
/ #
/ # ctr content get sha256:465390174ca6e399aca6e8ad64c45f596f98327f3bd95c32f93a75f34f14dfaf | jq .
{
"_type": "https://in-toto.io/Statement/v0.1",
"predicateType": "https://slsa.dev/provenance/v0.2",
"subject": [
{
"name": "_",
"digest": {
"sha256": "0d617bb8379e08516b26a300e74613c49fc6271e59ee068e021879a8eb04be9a"
}
}
],
"predicate": {
"builder": {
"id": ""
},
"buildType": "https://mobyproject.org/buildkit@v1",
"invocation": {
"configSource": {
"entryPoint": "frontend/dockerfile/cmd/dockerfile-frontend/Dockerfile"
},
"parameters": {
"source": "docker/dockerfile-upstream:master"
}
},
"materials": [
{
"uri": "pkg:docker/golang@1.19-alpine",
"digest": {
"sha256": "0eb08c89ab1b0c638a9fe2780f7ae3ab18f6ecda2c76b908e09eb8073912045d"
}
},
{
"uri": "pkg:docker/tonistiigi/xx@golang",
"digest": {
"sha256": "810dc54d5144f133a218e88e319184bf8b9ce01d37d46ddb37573e90decd9eef"
}
}
],
"metadata": {
"buildInvocationID": "f923lr8lzdjsq97ukps9s0u8b",
"buildStartedOn": "2022-08-30T04:34:49.495747587Z",
"buildFinishedOn": "2022-08-30T04:35:00.177776634Z",
"completeness": {
"parameters": true,
"environment": true,
"materials": true <<<--- This is wrong, this build does not list all materials
},
"reproducible": false,
"vcs": {
"revision": "7add946620cf1d14e19010a35b96dc7aee10ec8a",
"source": "https://github.com/moby/buildkit.git"
}
}
}
}
/ #
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment