Enable linting for Windows

client/mergediff_nolinux_test.go

@@ -10,12 +10,6 @@ import (
 	"github.com/pkg/errors"
 )
 
-func mknod(path string, mode os.FileMode, maj, min uint32) fstest.Applier {
-	return applyFn(func(string) error {
-		return errors.New("mknod applier not implemented yet on this platform")
-	})
-}
-
 func mkfifo(path string, mode os.FileMode) fstest.Applier {
 	return applyFn(func(string) error {
 		return errors.New("mkfifo applier not implemented yet on this platform")

cmd/buildkitd/service_windows.go

@@ -1,13 +1,13 @@
 package main
 
 import (
-	"fmt"
 	"log"
 	"os"
 	"path/filepath"
 	"time"
 	"unsafe"
 
+	"github.com/pkg/errors"
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli"
 	"golang.org/x/sys/windows"
@@ -181,7 +181,7 @@ type handler struct {
 func registerUnregisterService(root string) (bool, error) {
 	if unregisterServiceFlag {
 		if registerServiceFlag {
-			return true, fmt.Errorf("--register-service and --unregister-service cannot be used together")
+			return true, errors.Errorf("--register-service and --unregister-service cannot be used together")
 		}
 		return true, unregisterService()
 	}
@@ -224,7 +224,7 @@ func registerUnregisterService(root string) (bool, error) {
 		if logFileFlag != "" {
 			f, err = os.OpenFile(logFileFlag, os.O_APPEND|os.O_CREATE|os.O_WRONLY, 0644)
 			if err != nil {
-				return true, fmt.Errorf("open log file %q: %w", logFileFlag, err)
+				return true, errors.Wrapf(err, "open log file %q", logFileFlag)
 			}
 		} else {
 			// Windows services start with NULL stdio handles, and thus os.Stderr and friends will be
@@ -245,7 +245,6 @@ func registerUnregisterService(root string) (bool, error) {
 		// dependencies.
 		log.SetOutput(f)
 		logrus.SetOutput(f)
-
 	}
 	return false, nil
 }

executor/oci/mounts.go

@@ -24,30 +24,6 @@ func withRemovedMount(destination string) oci.SpecOpts {
 	}
 }
 
-func withROBind(src, dest string) oci.SpecOpts {
-	return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error {
-		s.Mounts = append(s.Mounts, specs.Mount{
-			Destination: dest,
-			Type:        "bind",
-			Source:      src,
-			Options:     []string{"nosuid", "noexec", "nodev", "rbind", "ro"},
-		})
-		return nil
-	}
-}
-
-func withCGroup() oci.SpecOpts {
-	return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error {
-		s.Mounts = append(s.Mounts, specs.Mount{
-			Destination: "/sys/fs/cgroup",
-			Type:        "cgroup",
-			Source:      "cgroup",
-			Options:     []string{"ro", "nosuid", "noexec", "nodev"},
-		})
-		return nil
-	}
-}
-
 func hasPrefix(p, prefixDir string) bool {
 	prefixDir = filepath.Clean(prefixDir)
 	if filepath.Base(prefixDir) == string(filepath.Separator) {
@@ -57,49 +33,6 @@ func hasPrefix(p, prefixDir string) bool {
 	return p == prefixDir || strings.HasPrefix(p, prefixDir+string(filepath.Separator))
 }
 
-func removeMountsWithPrefix(mounts []specs.Mount, prefixDir string) []specs.Mount {
-	var ret []specs.Mount
-	for _, m := range mounts {
-		if !hasPrefix(m.Destination, prefixDir) {
-			ret = append(ret, m)
-		}
-	}
-	return ret
-}
-
-func withBoundProc() oci.SpecOpts {
-	return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error {
-		s.Mounts = removeMountsWithPrefix(s.Mounts, "/proc")
-		procMount := specs.Mount{
-			Destination: "/proc",
-			Type:        "bind",
-			Source:      "/proc",
-			// NOTE: "rbind"+"ro" does not make /proc read-only recursively.
-			// So we keep maskedPath and readonlyPaths (although not mandatory for rootless mode)
-			Options: []string{"rbind"},
-		}
-		s.Mounts = append([]specs.Mount{procMount}, s.Mounts...)
-
-		var maskedPaths []string
-		for _, s := range s.Linux.MaskedPaths {
-			if !hasPrefix(s, "/proc") {
-				maskedPaths = append(maskedPaths, s)
-			}
-		}
-		s.Linux.MaskedPaths = maskedPaths
-
-		var readonlyPaths []string
-		for _, s := range s.Linux.ReadonlyPaths {
-			if !hasPrefix(s, "/proc") {
-				readonlyPaths = append(readonlyPaths, s)
-			}
-		}
-		s.Linux.ReadonlyPaths = readonlyPaths
-
-		return nil
-	}
-}
-
 func dedupMounts(mnts []specs.Mount) []specs.Mount {
 	ret := make([]specs.Mount, 0, len(mnts))
 	visited := make(map[string]int)

executor/oci/spec.go

@@ -302,15 +302,3 @@ func sub(m mount.Mount, subPath string) (mount.Mount, error) {
 	m.Source = src
 	return m, nil
 }
-
-func specMapping(s []idtools.IDMap) []specs.LinuxIDMapping {
-	var ids []specs.LinuxIDMapping
-	for _, item := range s {
-		ids = append(ids, specs.LinuxIDMapping{
-			HostID:      uint32(item.HostID),
-			ContainerID: uint32(item.ContainerID),
-			Size:        uint32(item.Size),
-		})
-	}
-	return ids
-}

executor/oci/spec_linux.go

@@ -102,6 +102,18 @@ func generateIDmapOpts(idmap *idtools.IdentityMapping) ([]oci.SpecOpts, error) {
 	}, nil
 }
 
+func specMapping(s []idtools.IDMap) []specs.LinuxIDMapping {
+	var ids []specs.LinuxIDMapping
+	for _, item := range s {
+		ids = append(ids, specs.LinuxIDMapping{
+			HostID:      uint32(item.HostID),
+			ContainerID: uint32(item.ContainerID),
+			Size:        uint32(item.Size),
+		})
+	}
+	return ids
+}
+
 func generateRlimitOpts(ulimits []*pb.Ulimit) ([]oci.SpecOpts, error) {
 	if len(ulimits) == 0 {
 		return nil, nil
@@ -135,6 +147,73 @@ func withDefaultProfile() oci.SpecOpts {
 	}
 }
 
+func withROBind(src, dest string) oci.SpecOpts {
+	return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error {
+		s.Mounts = append(s.Mounts, specs.Mount{
+			Destination: dest,
+			Type:        "bind",
+			Source:      src,
+			Options:     []string{"nosuid", "noexec", "nodev", "rbind", "ro"},
+		})
+		return nil
+	}
+}
+
+func withCGroup() oci.SpecOpts {
+	return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error {
+		s.Mounts = append(s.Mounts, specs.Mount{
+			Destination: "/sys/fs/cgroup",
+			Type:        "cgroup",
+			Source:      "cgroup",
+			Options:     []string{"ro", "nosuid", "noexec", "nodev"},
+		})
+		return nil
+	}
+}
+
+func withBoundProc() oci.SpecOpts {
+	return func(_ context.Context, _ oci.Client, _ *containers.Container, s *specs.Spec) error {
+		s.Mounts = removeMountsWithPrefix(s.Mounts, "/proc")
+		procMount := specs.Mount{
+			Destination: "/proc",
+			Type:        "bind",
+			Source:      "/proc",
+			// NOTE: "rbind"+"ro" does not make /proc read-only recursively.
+			// So we keep maskedPath and readonlyPaths (although not mandatory for rootless mode)
+			Options: []string{"rbind"},
+		}
+		s.Mounts = append([]specs.Mount{procMount}, s.Mounts...)
+
+		var maskedPaths []string
+		for _, s := range s.Linux.MaskedPaths {
+			if !hasPrefix(s, "/proc") {
+				maskedPaths = append(maskedPaths, s)
+			}
+		}
+		s.Linux.MaskedPaths = maskedPaths
+
+		var readonlyPaths []string
+		for _, s := range s.Linux.ReadonlyPaths {
+			if !hasPrefix(s, "/proc") {
+				readonlyPaths = append(readonlyPaths, s)
+			}
+		}
+		s.Linux.ReadonlyPaths = readonlyPaths
+
+		return nil
+	}
+}
+
+func removeMountsWithPrefix(mounts []specs.Mount, prefixDir string) []specs.Mount {
+	var ret []specs.Mount
+	for _, m := range mounts {
+		if !hasPrefix(m.Destination, prefixDir) {
+			ret = append(ret, m)
+		}
+	}
+	return ret
+}
+
 func getTracingSocketMount(socket string) *specs.Mount {
 	return &specs.Mount{
 		Destination: tracingSocketPath,

executor/runcexecutor/executor_common.go

@@ -14,13 +14,13 @@ import (
 	"golang.org/x/sync/errgroup"
 )
 
-var unsupportedConsoleError = errors.New("tty for runc is only supported on linux")
+var errUnsupportedConsole = errors.New("tty for runc is only supported on linux")
 
 func updateRuncFieldsForHostOS(runtime *runc.Runc) {}
 
 func (w *runcExecutor) run(ctx context.Context, id, bundle string, process executor.ProcessInfo, started func(), keep bool) error {
 	if process.Meta.Tty {
-		return unsupportedConsoleError
+		return errUnsupportedConsole
 	}
 	extraArgs := []string{}
 	if keep {
@@ -40,7 +40,7 @@ func (w *runcExecutor) run(ctx context.Context, id, bundle string, process execu
 
 func (w *runcExecutor) exec(ctx context.Context, id, bundle string, specsProcess *specs.Process, process executor.ProcessInfo, started func()) error {
 	if process.Meta.Tty {
-		return unsupportedConsoleError
+		return errUnsupportedConsole
 	}
 
 	killer, err := newExecProcKiller(w.runc, id)

hack/dockerfiles/lint.Dockerfile

@@ -18,8 +18,10 @@ WORKDIR /go/src/github.com/moby/buildkit
 FROM base as golangci-lint
 ARG BUILDTAGS
 RUN --mount=target=/go/src/github.com/moby/buildkit --mount=target=/root/.cache,type=cache,sharing=locked \
-  GOARCH=amd64 golangci-lint run --build-tags "${BUILDTAGS}" && \
-  GOARCH=arm64 golangci-lint run --build-tags "${BUILDTAGS}" && \
+  GOOS=linux GOARCH=amd64 golangci-lint run --build-tags "${BUILDTAGS}" && \
+  GOOS=windows GOARCH=amd64 golangci-lint run --build-tags "${BUILDTAGS}" && \
+  GOOS=freebsd GOARCH=amd64 golangci-lint run --build-tags "${BUILDTAGS}" && \
+  GOOS=linux GOARCH=arm64 golangci-lint run --build-tags "${BUILDTAGS}" && \
   touch /golangci-lint.done
 
 FROM base as yamllint

util/archutil/check_windows.go

@@ -5,12 +5,8 @@ package archutil
 
 import (
 	"errors"
-	"os/exec"
 )
 
-func withChroot(cmd *exec.Cmd, dir string) {
-}
-
 func check(arch, bin string) (string, error) {
 	return "", errors.New("binfmt is not supported on Windows")
 }

util/system/atime_windows.go

@@ -1,16 +1,17 @@
 package system
 
 import (
-	"fmt"
 	iofs "io/fs"
 	"syscall"
 	"time"
+
+	"github.com/pkg/errors"
 )
 
 func Atime(st iofs.FileInfo) (time.Time, error) {
 	stSys, ok := st.Sys().(*syscall.Win32FileAttributeData)
 	if !ok {
-		return time.Time{}, fmt.Errorf("expected st.Sys() to be *syscall.Win32FileAttributeData, got %T", st.Sys())
+		return time.Time{}, errors.Errorf("expected st.Sys() to be *syscall.Win32FileAttributeData, got %T", st.Sys())
 	}
 	// ref: https://github.com/golang/go/blob/go1.19.2/src/os/types_windows.go#L230
 	return time.Unix(0, stSys.LastAccessTime.Nanoseconds()), nil

util/system/getuserinfo/userinfo_windows.go

@@ -35,10 +35,10 @@ func userInfoMain() {
 		SID: sid.String(),
 	}
 
-	asJson, err := json.Marshal(ident)
+	asJSON, err := json.Marshal(ident)
 	if err != nil {
 		fmt.Println(err)
 		os.Exit(5)
 	}
-	fmt.Fprintf(os.Stdout, "%s", string(asJson))
+	fmt.Fprintf(os.Stdout, "%s", string(asJSON))
 }

util/windows/util_windows.go

@@ -4,7 +4,6 @@ import (
 	"bytes"
 	"context"
 	"encoding/json"
-	"fmt"
 	"strings"
 	"syscall"
 
@@ -76,7 +75,7 @@ func GetUserIdentFromContainer(ctx context.Context, exec executor.Executor, root
 	var ident idtools.Identity
 
 	if len(rootMounts) > 1 {
-		return ident, fmt.Errorf("unexpected number of root mounts: %d", len(rootMounts))
+		return ident, errors.Errorf("unexpected number of root mounts: %d", len(rootMounts))
 	}
 
 	stdout := &bytesReadWriteCloser{
@@ -118,7 +117,7 @@ type bytesReadWriteCloser struct {
 
 func (b *bytesReadWriteCloser) Write(p []byte) (int, error) {
 	if b.bw == nil {
-		return 0, fmt.Errorf("invalid bytes buffer")
+		return 0, errors.Errorf("invalid bytes buffer")
 	}
 	return b.bw.Write(p)
 }