Merge pull request #1415 from jedevc/cherry-pick-1383-to-0.9

[0.9] driver: don't create tracer delegate opt if tracer is nil

driver/docker-container/driver.go

@@ -357,11 +357,14 @@ func (d *Driver) Client(ctx context.Context) (*client.Client, error) {
 		return nil, err
 	}
 
-	td, _ := exp.(client.TracerDelegate)
+	var opts []client.ClientOpt
-
+	opts = append(opts, client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
-	return client.New(ctx, "", client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
 		return conn, nil
-	}), client.WithTracerDelegate(td))
+	}))
+	if td, ok := exp.(client.TracerDelegate); ok {
+		opts = append(opts, client.WithTracerDelegate(td))
+	}
+	return client.New(ctx, "", opts...)
 }
 
 func (d *Driver) Factory() driver.Factory {

driver/kubernetes/driver.go

@@ -215,11 +215,14 @@ func (d *Driver) Client(ctx context.Context) (*client.Client, error) {
 		return nil, err
 	}
 
-	td, _ := exp.(client.TracerDelegate)
+	var opts []client.ClientOpt
-
+	opts = append(opts, client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
-	return client.New(ctx, "", client.WithContextDialer(func(context.Context, string) (net.Conn, error) {
 		return conn, nil
-	}), client.WithTracerDelegate(td))
+	}))
+	if td, ok := exp.(client.TracerDelegate); ok {
+		opts = append(opts, client.WithTracerDelegate(td))
+	}
+	return client.New(ctx, "", opts...)
 }
 
 func (d *Driver) Factory() driver.Factory {

driver/kubernetes/manifest/manifest.go

@@ -213,6 +213,24 @@ func toRootless(d *appsv1.Deployment) error {
 		d.Spec.Template.ObjectMeta.Annotations = make(map[string]string, 1)
 	}
 	d.Spec.Template.ObjectMeta.Annotations["container.apparmor.security.beta.kubernetes.io/"+containerName] = "unconfined"
+
+	// Dockerfile has `VOLUME /home/user/.local/share/buildkit` by default too,
+	// but the default VOLUME does not work with rootless on Google's Container-Optimized OS
+	// as it is mounted with `nosuid,nodev`.
+	// https://github.com/moby/buildkit/issues/879#issuecomment-1240347038
+	// https://github.com/moby/buildkit/pull/3097
+	const emptyDirVolName = "buildkitd"
+	d.Spec.Template.Spec.Containers[0].VolumeMounts = append(d.Spec.Template.Spec.Containers[0].VolumeMounts, corev1.VolumeMount{
+		Name:      emptyDirVolName,
+		MountPath: "/home/user/.local/share/buildkit",
+	})
+	d.Spec.Template.Spec.Volumes = append(d.Spec.Template.Spec.Volumes, corev1.Volume{
+		Name: emptyDirVolName,
+		VolumeSource: corev1.VolumeSource{
+			EmptyDir: &corev1.EmptyDirVolumeSource{},
+		},
+	})
+
 	return nil
 }
 

util/imagetools/printers.go

@@ -8,6 +8,7 @@ import (
 	"os"
 	"sort"
 	"strings"
+	"sync"
 	"text/tabwriter"
 	"text/template"
 
@@ -112,7 +113,9 @@ func (p *Printer) Print(raw bool, out io.Writer) error {
 	}
 
 	imageconfigs := make(map[string]*ocispecs.Image)
+	imageconfigsMutex := sync.Mutex{}
 	buildinfos := make(map[string]*binfotypes.BuildInfo)
+	buildinfosMutex := sync.Mutex{}
 
 	eg, _ := errgroup.WithContext(p.ctx)
 	for _, platform := range p.platforms {
@@ -122,12 +125,16 @@ func (p *Printer) Print(raw bool, out io.Writer) error {
 				if err != nil {
 					return err
 				} else if img != nil {
+					imageconfigsMutex.Lock()
 					imageconfigs[platforms.Format(platform)] = img
+					imageconfigsMutex.Unlock()
 				}
 				if bi, err := imageutil.BuildInfo(dtic); err != nil {
 					return err
 				} else if bi != nil {
+					buildinfosMutex.Lock()
 					buildinfos[platforms.Format(platform)] = bi
+					buildinfosMutex.Unlock()
 				}
 				return nil
 			})