devcontainers · samruddhikhandale · Feb 28, 2024 · Feb 6, 2024 · Feb 7, 2024 · Feb 7, 2024
@@ -69,7 +69,9 @@ jobs:
         registry-url: 'https://npm.pkg.github.com'
         scope: '@microsoft'
     - name: Install Dependencies
-      run: yarn install --frozen-lockfile
+      run: |
+        yarn install --frozen-lockfile
+        docker run --privileged --rm tonistiigi/binfmt --install all
     - name: Type-Check
       run: yarn type-check
     - name: Package

@@ -1,5 +1,5 @@
 /*---------------------------------------------------------------------------------------------
- *  Copyright (c) Microsoft Corporation. All rights reserved. 
+ *  Copyright (c) Microsoft Corporation. All rights reserved.
  *  Licensed under the MIT License. See License.txt in the project root for license information.
  *--------------------------------------------------------------------------------------------*/
 

@@ -41,6 +41,14 @@ export interface ExecFunction {
 	(params: ExecParameters): Promise<Exec>;
 }
 
+export type GoOS = { [OS in NodeJS.Platform]: OS extends 'win32' ? 'windows' : OS; }[NodeJS.Platform];
+export type GoARCH = { [ARCH in NodeJS.Architecture]: ARCH extends 'x64' ? 'amd64' : ARCH; }[NodeJS.Architecture];
+
+export interface PlatformInfo {
+	os: GoOS;
+	arch: GoARCH;
+}
+
 export interface PtyExec {
 	onData: Event<string>;
 	write?(data: string): void;

@@ -7,6 +7,7 @@ import * as crypto from 'crypto';
 import { Log, LogLevel } from '../spec-utils/log';
 import { isLocalFile, mkdirpLocal, readLocalFile, writeLocalFile } from '../spec-utils/pfs';
 import { requestEnsureAuthenticated } from './httpOCIRegistry';
+import { GoARCH, GoOS, PlatformInfo } from '../spec-common/commonUtils';
 
 export const DEVCONTAINER_MANIFEST_MEDIATYPE = 'application/vnd.devcontainers';
 export const DEVCONTAINER_TAR_LAYER_MEDIATYPE = 'application/vnd.devcontainers.layer.v1+tar';
@@ -116,7 +117,7 @@ const regexForVersionOrDigest = /^[a-zA-Z0-9_][a-zA-Z0-9._-]{0,127}$/;
 
 // https://go.dev/doc/install/source#environment
 // Expected by OCI Spec as seen here: https://github.com/opencontainers/image-spec/blob/main/image-index.md#image-index-property-descriptions
-export function mapNodeArchitectureToGOARCH(arch: NodeJS.Architecture): string {
+export function mapNodeArchitectureToGOARCH(arch: NodeJS.Architecture): GoARCH {
 	switch (arch) {
 		case 'x64':
 			return 'amd64';
@@ -127,7 +128,7 @@ export function mapNodeArchitectureToGOARCH(arch: NodeJS.Architecture): string {
 
 // https://go.dev/doc/install/source#environment
 // Expected by OCI Spec as seen here: https://github.com/opencontainers/image-spec/blob/main/image-index.md#image-index-property-descriptions
-export function mapNodeOSToGOOS(os: NodeJS.Platform): string {
+export function mapNodeOSToGOOS(os: NodeJS.Platform): GoOS {
 	switch (os) {
 		case 'win32':
 			return 'windows';
@@ -272,13 +273,13 @@ export function getCollectionRef(output: Log, registry: string, namespace: strin
 export async function fetchOCIManifestIfExists(params: CommonParams, ref: OCIRef | OCICollectionRef, manifestDigest?: string): Promise<ManifestContainer | undefined> {
 	const { output } = params;
 
-	// Simple mechanism to avoid making a DNS request for 
+	// Simple mechanism to avoid making a DNS request for
 	// something that is not a domain name.
 	if (ref.registry.indexOf('.') < 0 && !ref.registry.startsWith('localhost')) {
 		return;
 	}
 
-	// TODO: Always use the manifest digest (the canonical digest) 
+	// TODO: Always use the manifest digest (the canonical digest)
 	//       instead of the `ref.version` by referencing some lock file (if available).
 	let reference = ref.version;
 	if (manifestDigest) {
@@ -338,7 +339,7 @@ export async function getManifest(params: CommonParams, url: string, ref: OCIRef
 }
 
 // https://github.com/opencontainers/image-spec/blob/main/manifest.md
-export async function getImageIndexEntryForPlatform(params: CommonParams, url: string, ref: OCIRef | OCICollectionRef, platformInfo: { arch: NodeJS.Architecture; os: NodeJS.Platform }, mimeType?: string): Promise<OCIImageIndexEntry | undefined> {
+export async function getImageIndexEntryForPlatform(params: CommonParams, url: string, ref: OCIRef | OCICollectionRef, platformInfo: PlatformInfo, mimeType?: string): Promise<OCIImageIndexEntry | undefined> {
 	const { output } = params;
 	const response = await getJsonWithMimeType<OCIImageIndex>(params, url, ref, mimeType || 'application/vnd.oci.image.index.v1+json');
 	if (!response) {
@@ -351,14 +352,9 @@ export async function getImageIndexEntryForPlatform(params: CommonParams, url: s
 		return undefined;
 	}
 
-	const ociFriendlyPlatformInfo = {
-		arch: mapNodeArchitectureToGOARCH(platformInfo.arch),
-		os: mapNodeOSToGOOS(platformInfo.os),
-	};
-
 	// Find a manifest for the current architecture and OS.
 	return imageIndex.manifests.find(m => {
-		if (m.platform?.architecture === ociFriendlyPlatformInfo.arch && m.platform?.os === ociFriendlyPlatformInfo.os) {
+		if (m.platform?.architecture === platformInfo.arch && m.platform?.os === platformInfo.os) {
 			return m;
 		}
 		return undefined;
@@ -595,4 +591,4 @@ export async function getBlob(params: CommonParams, url: string, ociCacheDir: st
 		output.write(`Error getting blob: ${e}`, LogLevel.Error);
 		return;
 	}
-}
+}
@@ -60,7 +60,7 @@ async function resolveWithLocalFolder(params: DockerResolverParameters, parsedAu
 
 	const { dockerCLI, dockerComposeCLI } = params;
 	const { env } = common;
-	const cliParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env, output };
+	const cliParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env, output, platformInfo: params.platformInfo };
 	await ensureNoDisallowedFeatures(cliParams, config, additionalFeatures, idLabels);
 
 	await runInitializeCommand({ ...params, common: { ...common, output: common.lifecycleHook.output } }, config.initializeCommand, common.lifecycleHook.onDidInput);

@@ -22,7 +22,7 @@ import { ContainerError } from '../spec-common/errors';
 // Environment variables must contain:
 //      - alpha-numeric values, or
 //      - the '_' character, and
-//      - a number cannot be the first character 
+//      - a number cannot be the first character
 export const getSafeId = (str: string) => str
 	.replace(/[^\w_]/g, '_')
 	.replace(/^[\d_]+/g, '_')
@@ -344,7 +344,7 @@ function getFeatureEnvVariables(f: Feature) {
 	const values = getFeatureValueObject(f);
 	const idSafe = getSafeId(f.id);
 	const variables = [];
-	
+
 	if(f.internalVersion !== '2')
 	{
 		if (values) {
@@ -365,7 +365,7 @@ function getFeatureEnvVariables(f: Feature) {
 			variables.push(`${f.buildArg}=${getFeatureMainValue(f)}`);
 		}
 		return variables;
-	}	
+	}
 }
 
 export async function getRemoteUserUIDUpdateDetails(params: DockerResolverParameters, mergedConfig: MergedDevContainerConfig, imageName: string, imageDetails: () => Promise<ImageDetails>, runArgsUser: string | undefined) {
@@ -388,6 +388,7 @@ export async function getRemoteUserUIDUpdateDetails(params: DockerResolverParame
 		imageName: fixedImageName,
 		remoteUser,
 		imageUser,
+		platform: `${details.Os}/${details.Architecture}`
 	};
 }
 
@@ -399,7 +400,7 @@ export async function updateRemoteUserUID(params: DockerResolverParameters, merg
 	if (!updateDetails) {
 		return imageName;
 	}
-	const { imageName: fixedImageName, remoteUser, imageUser } = updateDetails;
+	const { imageName: fixedImageName, remoteUser, imageUser, platform } = updateDetails;
 
 	const dockerfileName = 'updateUID.Dockerfile';
 	const srcDockerfile = path.join(common.extensionPath, 'scripts', dockerfileName);
@@ -415,6 +416,7 @@ export async function updateRemoteUserUID(params: DockerResolverParameters, merg
 		'build',
 		'-f', destDockerfile,
 		'-t', fixedImageName,
+		...(platform ? ['--platform', platform] : []),
 		'--build-arg', `BASE_IMAGE=${imageName}`,
 		'--build-arg', `REMOTE_USER=${remoteUser}`,
 		'--build-arg', `NEW_UID=${await cliHost.getuid!()}`,

@@ -7,9 +7,10 @@ import * as path from 'path';
 import * as crypto from 'crypto';
 import * as os from 'os';
 
+import { mapNodeOSToGOOS, mapNodeArchitectureToGOARCH } from '../spec-configuration/containerCollectionsOCI';
 import { DockerResolverParameters, DevContainerAuthority, UpdateRemoteUserUIDDefault, BindMountConsistency, getCacheFolder } from './utils';
 import { createNullLifecycleHook, finishBackgroundTasks, ResolverParameters, UserEnvProbe } from '../spec-common/injectHeadless';
-import { getCLIHost, loadNativeModule } from '../spec-common/commonUtils';
+import { GoARCH, GoOS, getCLIHost, loadNativeModule } from '../spec-common/commonUtils';
 import { resolve } from './configContainer';
 import { URI } from 'vscode-uri';
 import { LogLevel, LogDimensions, toErrorText, createCombinedLog, createTerminalLog, Log, makeLog, LogFormat, createJSONLog, createPlainLog, LogHandler, replaceAllLog } from '../spec-utils/log';
@@ -163,12 +164,17 @@ export async function createDockerParams(options: ProvisionOptions, disposables:
 		env: cliHost.env,
 		output: common.output,
 	}, dockerPath, dockerComposePath);
+	const platformInfo = {
+		os: (<GoOS | undefined> common.buildxPlatform?.slice(0, common.buildxPlatform.indexOf('/'))) || mapNodeOSToGOOS(cliHost.platform),
+		arch: (<GoARCH | undefined> common.buildxPlatform?.slice(common.buildxPlatform.indexOf('/'))) || mapNodeArchitectureToGOARCH(cliHost.arch),
+	};
 	const buildKitVersion = options.useBuildKit === 'never' ? undefined : (await dockerBuildKitVersion({
 		cliHost,
 		dockerCLI: dockerPath,
 		dockerComposeCLI,
 		env: cliHost.env,
-		output
+		output,
+		platformInfo
 	}));
 	return {
 		common,
@@ -195,6 +201,7 @@ export async function createDockerParams(options: ProvisionOptions, disposables:
 		buildxPush: common.buildxPush,
 		buildxOutput: common.buildxOutput,
 		buildxCacheTo: common.buildxCacheTo,
+		platformInfo
 	};
 }
 

@@ -41,6 +41,7 @@ import { featuresResolveDependenciesHandler, featuresResolveDependenciesOptions
 import { getFeatureIdWithoutVersion } from '../spec-configuration/containerFeaturesOCI';
 import { featuresUpgradeHandler, featuresUpgradeOptions } from './upgradeCommand';
 import { readFeaturesConfig } from './featureUtils';
+import { mapNodeOSToGOOS, mapNodeArchitectureToGOARCH } from '../spec-configuration/containerCollectionsOCI';
 
 const defaultDefaultUserEnvProbe: UserEnvProbe = 'loginInteractiveShell';
 
@@ -601,7 +602,7 @@ async function doBuild({
 			throw new ContainerError({ description: '--push true cannot be used with --output.' });
 		}
 
-		const buildParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env, output };
+		const buildParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env, output, platformInfo: params.platformInfo };
 		await ensureNoDisallowedFeatures(buildParams, config, additionalFeatures, undefined);
 
 		// Support multiple use of `--image-name`
@@ -622,8 +623,8 @@ async function doBuild({
 			}
 		} else if ('dockerComposeFile' in config) {
 
-			if (buildxPlatform || buildxPush) {
-				throw new ContainerError({ description: '--platform or --push not supported.' });
+			if (buildxPush) {
+				throw new ContainerError({ description: '--push not supported.' });
 			}
 
 			if (buildxOutput) {
@@ -1011,7 +1012,11 @@ async function readConfiguration({
 			dockerCLI,
 			dockerComposeCLI,
 			env: cliHost.env,
-			output
+			output,
+			platformInfo: {
+				os: mapNodeOSToGOOS(cliHost.platform),
+				arch: mapNodeArchitectureToGOARCH(cliHost.arch),
+			}
 		};
 		const { container, idLabels } = await findContainerAndIdLabels(params, containerId, providedIdLabels, workspaceFolder, configPath?.fsPath);
 		if (container) {

@@ -26,7 +26,7 @@ const serviceLabel = 'com.docker.compose.service';
 export async function openDockerComposeDevContainer(params: DockerResolverParameters, workspace: Workspace, config: SubstitutedConfig<DevContainerFromDockerComposeConfig>, idLabels: string[], additionalFeatures: Record<string, string | boolean | Record<string, string | boolean>>): Promise<ResolverResult> {
 	const { common, dockerCLI, dockerComposeCLI } = params;
 	const { cliHost, env, output } = common;
-	const buildParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env, output };
+	const buildParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env, output, platformInfo: params.platformInfo };
 	return _openDockerComposeDevContainer(params, buildParams, workspace, config, getRemoteWorkspaceFolder(config.config), idLabels, additionalFeatures);
 }
 
@@ -150,7 +150,7 @@ export async function buildAndExtendDockerCompose(configWithRaw: SubstitutedConf
 	const { cliHost, env, output } = common;
 	const { config } = configWithRaw;
 
-	const cliParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI: dockerComposeCLIFunc, env, output };
+	const cliParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI: dockerComposeCLIFunc, env, output, platformInfo: params.platformInfo };
 	const composeConfig = await readDockerComposeConfig(cliParams, localComposeFiles, envFile);
 	const composeService = composeConfig.services[config.service];
 
@@ -406,7 +406,7 @@ async function startContainer(params: DockerResolverParameters, buildParams: Doc
 		// Note: As a fallback, persistedFolder is set to the build's tmpDir() directory
 		const additionalLabels = labels ? idLabels.concat(Object.keys(labels).map(key => `${key}=${labels[key]}`)) : idLabels;
 		const overrideFilePath = await writeFeaturesComposeOverrideFile(updatedImageName, currentImageName, mergedConfig, config, versionPrefix, imageDetails, service, additionalLabels, params.additionalMounts, persistedFolder, featuresStartOverrideFilePrefix, buildCLIHost, params, output);
-    
+
 		if (overrideFilePath) {
 			// Add file path to override file as parameter
 			composeGlobalArgs.push('-f', overrideFilePath);
@@ -714,7 +714,7 @@ export function dockerComposeCLIConfig(params: Omit<PartialExecParameters, 'cmd'
 
 /**
  * Convert mount command arguments to Docker Compose volume
- * @param mount 
+ * @param mount
  * @returns mount command representation for Docker compose
  */
 function convertMountToVolume(mount: Mount): string {
@@ -731,7 +731,7 @@ function convertMountToVolume(mount: Mount): string {
 
 /**
  * Convert mount command arguments to volume top-level element
- * @param mount 
+ * @param mount
  * @returns mount object representation as volumes top-level element
  */
 function convertMountToVolumeTopLevelElement(mount: Mount): string {

@@ -349,7 +349,7 @@ export async function getImageBuildInfo(params: DockerResolverParameters | Docke
 		const cwdEnvFile = cliHost.path.join(cliHost.cwd, '.env');
 		const envFile = Array.isArray(config.dockerComposeFile) && config.dockerComposeFile.length === 0 && await cliHost.isFile(cwdEnvFile) ? cwdEnvFile : undefined;
 		const composeFiles = await getDockerComposeFilePaths(cliHost, config, cliHost.env, cliHost.cwd);
-		const buildParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env: cliHost.env, output };
+		const buildParams: DockerCLIParameters = { cliHost, dockerCLI, dockerComposeCLI, env: cliHost.env, output, platformInfo: params.platformInfo };
 
 		const composeConfig = await readDockerComposeConfig(buildParams, composeFiles, envFile);
 		const services = Object.keys(composeConfig.services || {});

@@ -18,6 +18,7 @@ import { Lockfile, generateLockfile, getLockfilePath, writeLockfile } from '../s
 import { isLocalFile, readLocalFile, writeLocalFile } from '../spec-utils/pfs';
 import { readFeaturesConfig } from './featureUtils';
 import { DevContainerConfig } from '../spec-configuration/configuration';
+import { mapNodeArchitectureToGOARCH, mapNodeOSToGOOS } from '../spec-configuration/containerCollectionsOCI';
 
 export function featuresUpgradeOptions(y: Argv) {
 	return y
@@ -92,6 +93,10 @@ async function featuresUpgrade({
 			dockerComposeCLI,
 			env: cliHost.env,
 			output,
+			platformInfo: {
+				os: mapNodeOSToGOOS(cliHost.platform),
+				arch: mapNodeArchitectureToGOARCH(cliHost.arch),
+			}
 		};
 
 		const workspace = workspaceFromPath(cliHost.path, workspaceFolder);
@@ -199,4 +204,4 @@ const lastDelimiter = /[:@][^/]*$/;
 function getFeatureIdWithoutVersion(featureId: string) {
 	const m = lastDelimiter.exec(featureId);
 	return m ? featureId.substring(0, m.index) : featureId;
-}
+}
@@ -8,7 +8,7 @@ import * as crypto from 'crypto';
 import * as os from 'os';
 
 import { ContainerError, toErrorText } from '../spec-common/errors';
-import { CLIHost, runCommandNoPty, runCommand, getLocalUsername } from '../spec-common/commonUtils';
+import { CLIHost, runCommandNoPty, runCommand, getLocalUsername, PlatformInfo } from '../spec-common/commonUtils';
 import { Log, LogLevel, makeLog, nullLog } from '../spec-utils/log';
 
 import { ContainerProperties, getContainerProperties, LifecycleCommand, ResolverParameters } from '../spec-common/injectHeadless';
@@ -117,6 +117,7 @@ export interface DockerResolverParameters {
 	buildxPush: boolean;
 	buildxOutput: string | undefined;
 	buildxCacheTo: string | undefined;
+	platformInfo: PlatformInfo;
 }
 
 export interface ResolverResult {
@@ -222,10 +223,9 @@ export async function inspectDockerImage(params: DockerResolverParameters | Dock
 		if (!pullImageOnError) {
 			throw err;
 		}
-		const cliHost = 'cliHost' in params ? params.cliHost : params.common.cliHost;
 		const output = 'cliHost' in params ? params.output : params.common.output;
 		try {
-			return await inspectImageInRegistry(output, { arch: cliHost.arch, os: cliHost.platform }, imageName);
+			return await inspectImageInRegistry(output, params.platformInfo, imageName);
 		} catch (err2) {
 			output.write(`Error fetching image details: ${err2?.message}`);
 		}
@@ -244,7 +244,7 @@ export async function inspectDockerImage(params: DockerResolverParameters | Dock
 	}
 }
 
-export async function inspectImageInRegistry(output: Log, platformInfo: { arch: NodeJS.Architecture; os: NodeJS.Platform }, name: string): Promise<ImageDetails> {
+export async function inspectImageInRegistry(output: Log, platformInfo: PlatformInfo, name: string): Promise<ImageDetails> {
 	const resourceAndVersion = qualifyImageName(name);
 	const params = { output, env: process.env };
 	const ref = getRef(output, resourceAndVersion);
@@ -295,6 +295,8 @@ export async function inspectImageInRegistry(output: Log, platformInfo: { arch:
 	return {
 		Id: targetDigest,
 		Config: obj.config,
+		Os: platformInfo.os,
+		Architecture: platformInfo.arch,
 	};
 }
 
@@ -464,7 +466,7 @@ export async function runInitializeCommand(params: DockerResolverParameters, use
 				infoOutput.raw(`\x1b[1mRunning the ${hookName} from devcontainer.json...\x1b[0m\r\n\r\n`);
 			}
 
-			// If we have a command name then the command is running in parallel and 
+			// If we have a command name then the command is running in parallel and
 			// we need to hold output until the command is done so that the output
 			// doesn't get interleaved with the output of other commands.
 			const print = name ? 'end' : 'continuous';