Skip to content

Switch to shared socket for calling buildkitd #1246

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Switch to shared socket for calling buildkitd #1246

wants to merge 1 commit into from

Conversation

welteki
Copy link
Member

@welteki welteki commented Oct 10, 2025

Description

Use a shared socket for communication between Buildkit and the Pro Builder containers.

Chart changes:

  • securityContext for buildkit does not need to be set explicitly in the values.yaml file anymore. The appropriate default values are selected based on the value of the buildkit.rootless parameter.

  • BREAKING CHANGE: The buildkit.image parameter is now only used to set the image when buildkit.rootless is false. A new parameter buildkitRootless.image is used to set the image for rootless mode.

Why is this needed?

  • I have raised an issue to propose this change (required)

This simplifies the deployment and removes the need to create and manage mTLS certificates.

Who is this for?

What company is this for? Are you listed in the ADOPTERS.md file?

How Has This Been Tested?

Verified both the root and rootless mode are working on a local k3d cluster.
Verified the builder in rootless mode on an EKS cluster pushing to ECR with IRSA.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • My code follows the code style of this project.
  • My change requires a change to the documentation.
  • I have updated the documentation accordingly.
  • I've read the CONTRIBUTION guide
  • I have signed-off my commits with git commit -s
  • I have added tests to cover my changes.
  • All new and existing tests passed.

@welteki
Switch to shared socket for calling buildkitd
068e2d0 
Use a shared socket for communication between Buildkit and the Pro
Builder containers. This simplifies the deployment and removes the need
to create and manage mTLS certificates.

Chart changes:
- `securityContext` for buildkit does not need to be set explicitly in
the values.yaml file anymore. The appropriate default values are
selected based on the value of the `buildkit.rootless` parameter.

- BREAKING CHANGE - The `buildkit.image` parameter is now only used to
set the image when `buildkit.rootless` is `false`. A new parameter
`buildkitRootless.image` is used to set the image for rootless mode.

Signed-off-by: Han Verstraete (OpenFaaS Ltd) <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@welteki