diff --git a/cmd/buildkitd/debug.go b/cmd/buildkitd/debug.go index ad6785384a01..e40cbd15559e 100644 --- a/cmd/buildkitd/debug.go +++ b/cmd/buildkitd/debug.go @@ -2,10 +2,11 @@ package main import ( "expvar" - "net" "net/http" "net/http/pprof" + "os" "runtime" + "strings" "time" "github.com/moby/buildkit/util/bklog" @@ -38,7 +39,10 @@ func setupDebugHandlers(addr string) error { return true, true } - l, err := net.Listen("tcp", addr) + if !strings.Contains(addr, "://") { + addr = "tcp://" + addr + } + l, err := getListener(addr, os.Getuid(), os.Getgid(), "", nil, false) if err != nil { return err } diff --git a/cmd/buildkitd/main.go b/cmd/buildkitd/main.go index 71a6a4b11b81..5ea124642e54 100644 --- a/cmd/buildkitd/main.go +++ b/cmd/buildkitd/main.go @@ -431,7 +431,7 @@ func newGRPCListeners(cfg config.GRPCConfig) ([]net.Listener, error) { listeners := make([]net.Listener, 0, len(addrs)) for _, addr := range addrs { - l, err := getListener(addr, *cfg.UID, *cfg.GID, sd, tlsConfig) + l, err := getListener(addr, *cfg.UID, *cfg.GID, sd, tlsConfig, true) if err != nil { for _, l := range listeners { l.Close() @@ -670,7 +670,7 @@ func groupToGid(group string) (int, error) { return id, nil } -func getListener(addr string, uid, gid int, secDescriptor string, tlsConfig *tls.Config) (net.Listener, error) { +func getListener(addr string, uid, gid int, secDescriptor string, tlsConfig *tls.Config, warnTLS bool) (net.Listener, error) { addrSlice := strings.SplitN(addr, "://", 2) if len(addrSlice) < 2 { return nil, errors.Errorf("address %s does not contain proto, you meant unix://%s ?", @@ -696,7 +696,9 @@ func getListener(addr string, uid, gid int, secDescriptor string, tlsConfig *tls } if tlsConfig == nil { - bklog.L.Warnf("TLS is not enabled for %s. enabling mutual TLS authentication is highly recommended", addr) + if warnTLS { + bklog.L.Warnf("TLS is not enabled for %s. enabling mutual TLS authentication is highly recommended", addr) + } return l, nil } return tls.NewListener(l, tlsConfig), nil