Open tianon opened 1 week ago
I think https://github.com/moby/buildkit/pull/2356 was a prior fix for a similar issue, but perhaps it wasn't sufficient or something else in 0.13 lost the fix? (I don't see anything obvious in 0.13's release notes that would explain it, but I'm not sure exactly what to look for since I don't think it was an intentional change :sweat_smile:)
I recently was looking at permission issues as well, but there it was the reverse; but there was a difference between buildkit standalone and in docker engine; see
And most notably; https://github.com/moby/buildkit/pull/4936#issuecomment-2123870982
That was added 5+ Years ago though, so not something recent https://github.com/moby/buildkit/commit/7210bf6806999432856be71eccea0b28c4131069
Happy to test again if I've done something wrong in my docker buildx create
s that would break that (very old) umask
line somehow :sweat_smile:
d34b2471cd53edd462c2c7097e4de70e26961fa6 is the first bad commit
commit d34b2471cd53edd462c2c7097e4de70e26961fa6
Author: Justin Chadwell <me@jedevc.com>
Date: Fri Aug 4 12:47:40 2023 +0100
git: centralize git cli operations
Move all of the git command line logic into a single object, inspired by
the object already in buildx.
The basic implemenation allows for configuring a git cli for a specific
repository, along with various authorization settings and custom
binaries. Commands can be run for that repository, and a few helpers are
provided for accessing data on it - more to come in the future
hopefully.
Signed-off-by: Justin Chadwell <me@jedevc.com>
source/git/source.go | 248 +++++++++++++++++-----------------------
source/git/source_test.go | 21 +++-
util/gitutil/git_cli.go | 243 +++++++++++++++++++++++++++++++++++++++
util/gitutil/git_cli_helpers.go | 44 +++++++
4 files changed, 411 insertions(+), 145 deletions(-)
create mode 100644 util/gitutil/git_cli.go
create mode 100644 util/gitutil/git_cli_helpers.go
https://github.com/moby/buildkit/pull/4106#pullrequestreview-1592606139 🙋
cc @jedevc
I would have reported this earlier if the permission behaviour was documented on https://docs.docker.com/reference/dockerfile/#copy.
Request - please document the default chmod permissions for Dockerfile COPY.
/cc @dvdksn on the docs bit ;)
When upgrading from BuildKit 0.12 to 0.13, we've got a surprising change in the permission of files that get
COPY
'd into our images: https://github.com/docker-library/mysql/issues/1069Previously (on BuildKit 0.12), the permissions of files from
COPY config/ /etc/mysql/
was-rw-r--r--
, but in 0.13 (and 0.14), the permissions unexpectedly change to-rw-rw-rw-
:(Obviously, there could be made a simpler/smaller reproducer than this, but this is one I had handy that's already in Git somewhere so it's trivial to let BuildKit do the clone and make certain local permissions aren't a factor.)