Skip to content

fix: handle heredoc in Dockerfile#9835

Merged
plumpy merged 1 commit into
GoogleContainerTools:mainfrom
dotzborro:handle-heredoc
Aug 18, 2025
Merged

fix: handle heredoc in Dockerfile#9835
plumpy merged 1 commit into
GoogleContainerTools:mainfrom
dotzborro:handle-heredoc

Conversation

@dotzborro

Copy link
Copy Markdown
Contributor

Fixes: #8160 #9472

Description
COPY commands are read from Dockerfile files for caching mechanism. Even before this PR, when source argument of COPY command comes from the web (http/https), it is ignored. However, since version 1.4 heredoc support was added and as per my understanding it should be handled similarly.

Example of heredoc in Dockerfile:

COPY <<EOF /entrypoint.sh
#!/bin/bash
echo "hello!"
EOF

Current version of Skaffold, when such construction is encountered fails with:

Checking cache...
 - [redacted]: Error checking cache.
getting hash for artifact "[redacted]": getting dependencies for "[redacted]": file pattern [<<EOF] must match at least one file

This PR:

  • makes << to be handled similarly to http/https
  • adds unit tests for ReadCopyCmdsFromDockerfile function
@dotzborro dotzborro requested a review from a team as a code owner June 24, 2025 18:57

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Summary of Changes

Hello @dotzborro, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses issues #8160 and #9472 by adding support for heredoc syntax in Dockerfiles. The changes ensure that Skaffold correctly identifies and skips heredoc dependencies during cache checking, preventing errors and improving the overall build process. The PR also includes new unit tests to validate the implemented functionality.

Highlights

  • Heredoc Support: The PR introduces support for handling heredoc syntax (<<EOF) within Dockerfiles, similar to how http:// and https:// sources are treated in COPY commands. This prevents Skaffold from attempting to resolve heredoc specifiers as file paths.
  • Dependency Handling: Updates the readCopyCommand function to recognize and skip heredoc dependencies, preventing errors during cache checking.
  • Unit Tests: Adds new unit tests to verify the correct behavior of ReadCopyCmdsFromDockerfile function, including scenarios with and without COPY commands, file existence checks, and handling of http/https/heredoc sources.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in issue comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@gemini-code-assist gemini-code-assist Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

The code changes enhance the handling of heredoc syntax in Dockerfiles by treating << similarly to http and https prefixes, preventing Skaffold from attempting to watch these as local file dependencies. Additionally, unit tests were added to verify the correct behavior of the ReadCopyCmdsFromDockerfile function.

Comment on lines +77 to +83
description: "http/https/heredoc files not picked up",
dockerfile: "FROM nginx\n" +
"COPY http://foo.bar.xyz/file1 /file1\n" +
"COPY https://foo.bar.xyz/file2 /file2\n" +
"COPY <<EOF /file2\n" +
" some contents\n" +
"EOF\n",

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

Consider adding a test case with a heredoc that contains spaces or tabs before the EOF to ensure that the prefix matching is robust.

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure if I'm getting it right, but the actual parsing is provided by github.com/moby/buildkit/frontend/dockerfile/parser and thus testing the parser does not fall in Skaffold scope.

@plumpy plumpy left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for sending this!

@plumpy plumpy merged commit b7805ab into GoogleContainerTools:main Aug 18, 2025
2 checks passed
@menahyouyeah menahyouyeah mentioned this pull request Mar 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

2 participants