* Pre-parse platform string with StringSliceVar
This allows users to declare --platform multiple times and have the
values appended, i.e.:
ko build --platform=linux/amd64 --platform=linux/arm64
is equivalent to
ko build --platform=linux/amd64,linux/arm64
As a side effect, platformMatcher.spec and gobuildOpener.platforms are
now of type []string (instead of string) to maintain structure of
information from flag parsing.
* Adjust comments and styling for clarity.
* The flag --platform is now of type strings.
Internally cobra/pflag defines StringSliceVar as "strings" whereas
StringVar is defined as "string".
This change is updated by running hack/update-codegen.sh script.
* Add backwards compatibility for WithPlatforms function signature
Update comments to reflect implementation as well.
* Fix syntax failure on unit test
* Add support for `--image-refs`
This change adds a new `--image-refs=FILE` flag that can be used to
direct `ko` to write a file containing a `\n` delimited list of published
references. In the common case, this will contain the list of digest
references, but if flags directing the use of tags are present this
will reflect the style of reference requested.
* Fix dates, interface check.
* Support osversion when selecting base images
Use this in e2e tests.
Also clean up usage of bo.Platform vs a new platform var.
* use correct osversion
* Prepare for Go 1.18 by replacing all our forked code
This hides our forked-from-gotip code behind a build tag so it's only
used when the build is run on Go <1.18. For builds >= 1.18, we'll use
the actual runtime/debug and debug/buildinfo packages.
Add preliminary support for building on Go 1.18beta1 to our Build
matrix, to ensure this code builds. It's all a terrible hack, but it'll
get less so when 1.18 is actually released.
* Fix lint and boilerplate
Previously, we'd use the ctx from the Build invocation, but because
remote stashes the remote.WithContext option, when we later go to fetch
the actual base image to write it out to a tarball, it will fail because
the Build ctx was cancelled.
For whatever reason, NewGo takes a ctx, so this change propagates the
badness from remote so we can use the NewGo ctx when we fetch base
images.
In the PR where we added concurrency we used a fixed length array to store
addendum to preserve the ordering from the base image when constructing the
final index. However, with `--platform=...` this list may be filtered, which
gives us `nil` entries in our addendum.
This filters `nil` entries prior to constructing the index.
Fixes: https://github.com/google/ko/issues/544
* Add .ko.yaml to base ko container image on golang:1.17
Ignore this in e2e tests, since even though golang:1.17 provides a
Windows base image, ko's base image platform selection doesn't take
osversion into account. The e2e tests don't exercise golang usage at
all, so it shouldn't matter.
* Update README
* Build each platform concurrently
At least on my machine, this is slightly faster on a cold build and
saves significant time on a warm build.
* Plumb --jobs down to multi-arch
* Add deprecation warning for build.Limiter
* Add a workflow to push a :latest ko image to ghcr.io
This also tags images with the commit SHA
* Update .github/workflows/image.yaml
Co-authored-by: jonjohnsonjr <jonjohnson@google.com>
* Update .github/workflows/image.yaml
Co-authored-by: jonjohnsonjr <jonjohnson@google.com>
* Update .github/workflows/image.yaml
Co-authored-by: jonjohnsonjr <jonjohnson@google.com>
Co-authored-by: jonjohnsonjr <jonjohnson@google.com>
This saves a roundtrip to the registry if we ever use the same base
image for multiple builds in a single invocation.
This also sets us up for using an on-disk cache for image metadata to
speed things up even further.
* Introduce KOCACHE
Cache binaries under $KOCACHE/<import path>/<platform>
Cache metdata mapping buildid to diffid and diffid to descriptor.
* Point TODO at issue
* Split layerCache into separate file
This makes things a little cleaner by having a single place that calls
buildLayer and passing a thunk down into the cache logic to call that on
a cache miss.
Also, remove the debug logging to make the code easier to follow (if you
need to recompile anyway, it's easy enough to add log lines).
* Move cached output to $KOCACHE/bin
* Use default `completion` command provided by cobra.
`cobra` provides default `completion` subcommand.
It supports bash, zsh, fish, and powershell by default.
* update docs
We were emitting package checksum hashes as `h1:{base64}`. `h1:` is a prefix that indicates "Hash 1", which is a SHA-256 based hash of the files, which is then base64 encoded as the suffix.
This change detects/strips the `h1:` prefix and re-encodes the base64 data as hex.
* Connect SBOMs with SPDX support.
This combines Jason's SPDX stuff and my SBOM stuff to support
SPDX-based SBOMs by default instead of our `go version -m`
invention.
* Make ko deps use SPDX by default
* WIP: generate ko deps in SPDX format
- copy out a bunch of BuildInfo stuff that will land in 1.18
* review comments
* have deps take --sbom flag more like Matt's new publish-time flag
This adds functionality that enables the default publisher to
publish SBOMs (and later signatures and attestations) when the
`build.Result` is an `oci.SignedEntity`.
This also changes the `gobuild` logic to start producing
`oci.Signed*` as its `build.Result`s, so when executed we get an
SBOM for each architecture image.
For example, see the "Published SBOM" lines below:
```shell
2021/11/19 19:24:50 Using base gcr.io/distroless/static:nonroot for github.com/google/ko
2021/11/19 19:24:51 Building github.com/google/ko for linux/amd64
2021/11/19 19:24:52 Building github.com/google/ko for linux/arm64
2021/11/19 19:24:57 Publishing ghcr.io/mattmoor/ko:latest
2021/11/19 19:24:58 existing blob: sha256:c78c74e7bb4a511f7d31061fbf140d55d5549a62d33cdbdf0c57ffe43603bbeb
2021/11/19 19:24:58 existing blob: sha256:4aa59d0bf53d4190174fbbfa3e9b15fdab72e5a95077025abfa8435ccafa2920
2021/11/19 19:24:58 ghcr.io/mattmoor/ko:sha256-d2bc030f5ed083d5e6a30a7969c9a8e599511b8d7a6e20695bf5ea029b6e2c3f.sbom: digest: sha256:c67ec671aaa82902e619883a7ac7486e6f9af36653449e2eb030ba273fe5a022 size: 348
2021/11/19 19:24:58 Published SBOM ghcr.io/mattmoor/ko:sha256-d2bc030f5ed083d5e6a30a7969c9a8e599511b8d7a6e20695bf5ea029b6e2c3f.sbom
2021/11/19 19:24:58 existing blob: sha256:c78c74e7bb4a511f7d31061fbf140d55d5549a62d33cdbdf0c57ffe43603bbeb
2021/11/19 19:24:58 existing blob: sha256:4aa59d0bf53d4190174fbbfa3e9b15fdab72e5a95077025abfa8435ccafa2920
2021/11/19 19:24:59 ghcr.io/mattmoor/ko:sha256-b74c230f20efd94981e5fd823bacc23cbd71055a1b3b6a0893152b398c67743b.sbom: digest: sha256:c67ec671aaa82902e619883a7ac7486e6f9af36653449e2eb030ba273fe5a022 size: 348
2021/11/19 19:24:59 Published SBOM ghcr.io/mattmoor/ko:sha256-b74c230f20efd94981e5fd823bacc23cbd71055a1b3b6a0893152b398c67743b.sbom
2021/11/19 19:24:59 existing blob: sha256:3f7e3c6765a6abc682cd40ea256fbea5c1d4debbc07659efbc0dedc13eee0da6
2021/11/19 19:24:59 existing blob: sha256:250c06f7c38e52dc77e5c7586c3e40280dc7ff9bb9007c396e06d96736cf8542
2021/11/19 19:24:59 existing blob: sha256:e8614d09b7bebabd9d8a450f44e88a8807c98a438a2ddd63146865286b132d1b
2021/11/19 19:24:59 existing blob: sha256:7067b1bc6f9ce59f3a4ed2216946ebbb27a4f7a102f55d96c6af1dc90e77b510
2021/11/19 19:25:00 ghcr.io/mattmoor/ko@sha256:d2bc030f5ed083d5e6a30a7969c9a8e599511b8d7a6e20695bf5ea029b6e2c3f: digest: sha256:d2bc030f5ed083d5e6a30a7969c9a8e599511b8d7a6e20695bf5ea029b6e2c3f size: 751
2021/11/19 19:25:01 existing blob: sha256:250c06f7c38e52dc77e5c7586c3e40280dc7ff9bb9007c396e06d96736cf8542
2021/11/19 19:25:02 pushed blob: sha256:121c637d5c84562b51404a6f71c1f995ad059740293a3911a0dc33eb223e41a4
2021/11/19 19:25:02 pushed blob: sha256:859e03b7461b2a512159493ef1504d2859ed37c05ed1ef781ff98394ea4799b5
2021/11/19 19:25:02 pushed blob: sha256:d1b55c3db0f16b5056776c6d2c279efd16d28dbf1aae3eef1f3f9b7551d1f490
2021/11/19 19:25:03 ghcr.io/mattmoor/ko@sha256:b74c230f20efd94981e5fd823bacc23cbd71055a1b3b6a0893152b398c67743b: digest: sha256:b74c230f20efd94981e5fd823bacc23cbd71055a1b3b6a0893152b398c67743b size: 751
2021/11/19 19:25:03 ghcr.io/mattmoor/ko:latest: digest: sha256:e4466a7dd9be66c7c1b43a8ecc19247041ece232407a14e3d6ea3c51d2561a71 size: 529
2021/11/19 19:25:03 Published ghcr.io/mattmoor/ko@sha256:e4466a7dd9be66c7c1b43a8ecc19247041ece232407a14e3d6ea3c51d2561a71
ghcr.io/mattmoor/ko@sha256:e4466a7dd9be66c7c1b43a8ecc19247041ece232407a14e3d6ea3c51d2561a71
```
The "SBOM" being attached in this change is the raw output of `go version -m`,
which we will convert to one of the standard formats in a subsequent change.
Enables programmatic control of whether `ko` adds the `-trimpath`
flag to `go build`.
The `-trimpath` flag removes file system paths from the resulting
binary. `ko` adds `-trimpath` by default as it aids in achieving
reproducible builds.
However, removing file system paths makes interactive debugging more
challenging, in particular in mapping source file locations in the
IDE to debug information in the binary.
If you set `Trimpath` to `false` to enable interactive debugging, you
probably also want to set `DisableOptimizations` to `true` to disable
compiler optimizations and inlining.
Reference for `-trimpath`:
https://pkg.go.dev/cmd/go#hdr-Compile_packages_and_dependenciesResolves: #500
Related: #71, #78, https://github.com/GoogleContainerTools/skaffold/issues/6843
* Use tools/go/packages in place of go/build
* Use build config dir
Signed-off-by: Ben Moss <benm@vmware.com>
* Use filepath.Dir in place of ".." for explicitness
* Add build config usage log statement
There is currently no indication whether `ko` picks one of the configured
build configurations from the `.ko.yaml` configuration file for a build.
Add log statement to print the build config being picked for the build.
Introduce default entry for build config `ID` in case it is not specified.
* Add path check for build configuration settings
Add `os.Stat` to verify that the path that is configured in the build
configuration entry is valid. As a side effect, this will print out an error
message in case someone sets an import path like `github.com/google/ko` in
the `main` field of the build config.
* Fix trimpath command line flag in README
Fixed wrong command line flag `--trimpath` to `-trimpath`.
