Compare commits
23 Commits
v2.8.0
...
releases/v
Author | SHA1 | Date | |
---|---|---|---|
![]() |
ac9327eae2 | ||
![]() |
7c41daf2a5 | ||
![]() |
e115266953 | ||
![]() |
50fa0058d9 | ||
![]() |
309fb9180f | ||
![]() |
db68526220 | ||
![]() |
fe02965b48 | ||
![]() |
5af8693d82 | ||
![]() |
7f9d37fa54 | ||
![]() |
d7458455bb | ||
![]() |
1ca185b339 | ||
![]() |
eebf87aed1 | ||
![]() |
d8b0ca6f0e | ||
![]() |
da767377fb | ||
![]() |
8c76bb76c2 | ||
![]() |
b598b2a3bd | ||
![]() |
eb2857f4ca | ||
![]() |
f4cf574474 | ||
![]() |
5c924147ba | ||
![]() |
253376207c | ||
![]() |
6f7a604875 | ||
![]() |
604f033158 | ||
![]() |
5645ea7274 |
BIN
.github/build-push-action.png
vendored
BIN
.github/build-push-action.png
vendored
Binary file not shown.
Before Width: | Height: | Size: 29 KiB After Width: | Height: | Size: 19 KiB |
231
.github/workflows/ci.yml
vendored
231
.github/workflows/ci.yml
vendored
@@ -4,10 +4,10 @@ on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
- 'master'
|
||||
pull_request:
|
||||
branches:
|
||||
- master
|
||||
- 'master'
|
||||
|
||||
jobs:
|
||||
minimal:
|
||||
@@ -15,7 +15,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: action
|
||||
-
|
||||
@@ -26,10 +26,6 @@ jobs:
|
||||
uses: ./action
|
||||
with:
|
||||
file: ./test/Dockerfile
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
git-context:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -41,7 +37,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: action
|
||||
-
|
||||
@@ -77,10 +73,6 @@ jobs:
|
||||
echo "::error::Digest should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
git-context-secret:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -92,7 +84,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
with:
|
||||
path: action
|
||||
-
|
||||
@@ -137,10 +129,6 @@ jobs:
|
||||
echo "::error::Digest should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
path-context:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -158,7 +146,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -192,17 +180,13 @@ jobs:
|
||||
echo "::error::Digest should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
error:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Stop docker
|
||||
run: |
|
||||
@@ -223,17 +207,13 @@ jobs:
|
||||
echo "::error::Should have failed"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
error-buildx:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -259,10 +239,6 @@ jobs:
|
||||
echo "::error::Should have failed"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
docker-driver:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -274,7 +250,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Build
|
||||
id: docker_build
|
||||
@@ -284,17 +260,13 @@ jobs:
|
||||
file: ./test/Dockerfile
|
||||
push: true
|
||||
tags: localhost:5000/name/app:latest
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
export-docker:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Build
|
||||
uses: ./
|
||||
@@ -307,17 +279,13 @@ jobs:
|
||||
name: Inspect
|
||||
run: |
|
||||
docker image inspect myimage:latest
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
network:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
@@ -331,17 +299,13 @@ jobs:
|
||||
context: ./test
|
||||
tags: name/app:latest
|
||||
network: host
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
shm-size:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
@@ -357,17 +321,13 @@ jobs:
|
||||
file: ./test/shmsize.Dockerfile
|
||||
tags: name/app:latest
|
||||
shm-size: 2g
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
ulimit:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
@@ -385,17 +345,13 @@ jobs:
|
||||
ulimit: |
|
||||
nofile=1024:1024
|
||||
nproc=3
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
cgroup-parent:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
@@ -411,10 +367,47 @@ jobs:
|
||||
file: ./test/cgroup.Dockerfile
|
||||
tags: name/app:latest
|
||||
cgroup-parent: foo
|
||||
|
||||
add-hosts:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
name: Checkout
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
-
|
||||
name: Build
|
||||
uses: ./
|
||||
with:
|
||||
context: ./test
|
||||
file: ./test/addhost.Dockerfile
|
||||
tags: name/app:latest
|
||||
add-hosts: |
|
||||
docker:10.180.0.1
|
||||
foo:10.0.0.1
|
||||
|
||||
build-contexts:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
with:
|
||||
version: v0.8.0
|
||||
-
|
||||
name: Build
|
||||
uses: ./
|
||||
with:
|
||||
context: ./test
|
||||
file: ./test/buildcontext.Dockerfile
|
||||
build-contexts: |
|
||||
alpine=docker-image://debian:stable-slim
|
||||
tags: name/app:latest
|
||||
|
||||
multi:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -435,7 +428,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -470,10 +463,94 @@ jobs:
|
||||
echo "::error::Digest should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
digest:
|
||||
runs-on: ubuntu-latest
|
||||
env:
|
||||
DOCKER_IMAGE: localhost:5000/name/app
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
driver:
|
||||
- docker
|
||||
- docker-container
|
||||
load:
|
||||
- true
|
||||
- false
|
||||
push:
|
||||
- true
|
||||
- false
|
||||
exclude:
|
||||
- driver: docker
|
||||
load: true
|
||||
push: true
|
||||
- driver: docker-container
|
||||
load: true
|
||||
push: true
|
||||
- driver: docker
|
||||
load: false
|
||||
push: false
|
||||
- driver: docker-container
|
||||
load: false
|
||||
push: false
|
||||
services:
|
||||
registry:
|
||||
image: registry:2
|
||||
ports:
|
||||
- 5000:5000
|
||||
steps:
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v1
|
||||
with:
|
||||
version: v0.8.0
|
||||
driver: ${{ matrix.driver }}
|
||||
driver-opts: |
|
||||
network=host
|
||||
-
|
||||
name: Build
|
||||
id: docker_build
|
||||
uses: ./
|
||||
with:
|
||||
context: ./test
|
||||
load: ${{ matrix.load }}
|
||||
push: ${{ matrix.push }}
|
||||
tags: ${{ env.DOCKER_IMAGE }}:latest
|
||||
platforms: ${{ matrix.platforms }}
|
||||
-
|
||||
name: Docker images
|
||||
run: |
|
||||
docker image ls --no-trunc
|
||||
-
|
||||
name: Check digest
|
||||
if: ${{ matrix.push }}
|
||||
run: |
|
||||
if [ -z "${{ steps.docker_build.outputs.digest }}" ]; then
|
||||
echo "::error::Digest should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Check manifest
|
||||
if: ${{ matrix.push }}
|
||||
run: |
|
||||
set -x
|
||||
docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}@${{ steps.docker_build.outputs.digest }} --format '{{json .}}'
|
||||
-
|
||||
name: Check image ID
|
||||
run: |
|
||||
if [ -z "${{ steps.docker_build.outputs.imageid }}" ]; then
|
||||
echo "::error::Image ID should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Inspect image
|
||||
if: ${{ matrix.load }}
|
||||
run: |
|
||||
set -x
|
||||
docker image inspect ${{ steps.docker_build.outputs.imageid }}
|
||||
|
||||
registry-cache:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -485,7 +562,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -560,10 +637,6 @@ jobs:
|
||||
echo "::error::Digests should be identical"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
local-cache-first:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -577,7 +650,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -626,10 +699,6 @@ jobs:
|
||||
echo "::error::Digest should not be empty"
|
||||
exit 1
|
||||
fi
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
local-cache-hit:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -642,7 +711,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -699,10 +768,6 @@ jobs:
|
||||
-
|
||||
name: Cache hit
|
||||
run: echo ${{ steps.cache.outputs.cache-hit }}
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
||||
github-cache:
|
||||
runs-on: ubuntu-latest
|
||||
@@ -720,7 +785,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Set up QEMU
|
||||
uses: docker/setup-qemu-action@v1
|
||||
@@ -749,7 +814,3 @@ jobs:
|
||||
name: Inspect
|
||||
run: |
|
||||
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
|
||||
-
|
||||
name: Dump context
|
||||
if: always()
|
||||
uses: crazy-max/ghaction-dump-context@v1
|
||||
|
9
.github/workflows/e2e.yml
vendored
9
.github/workflows/e2e.yml
vendored
@@ -6,7 +6,7 @@ on:
|
||||
- cron: '0 10 * * *'
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
- 'master'
|
||||
tags:
|
||||
- v*
|
||||
|
||||
@@ -52,10 +52,15 @@ jobs:
|
||||
slug: gcr.io/sandbox-298914/test-docker-action
|
||||
username_secret: GCR_USERNAME
|
||||
password_secret: GCR_JSON_KEY
|
||||
-
|
||||
registry: officialgithubactions.azurecr.io
|
||||
slug: officialgithubactions.azurecr.io/test-docker-action
|
||||
username_secret: AZURE_CLIENT_ID
|
||||
password_secret: AZURE_CLIENT_SECRET
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Docker meta
|
||||
id: meta
|
||||
|
2
.github/workflows/example.yml
vendored
2
.github/workflows/example.yml
vendored
@@ -25,7 +25,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Docker meta
|
||||
id: meta
|
||||
|
2
.github/workflows/test.yml
vendored
2
.github/workflows/test.yml
vendored
@@ -14,7 +14,7 @@ jobs:
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v2
|
||||
uses: actions/checkout@v3
|
||||
-
|
||||
name: Validate
|
||||
uses: docker/bake-action@v1
|
||||
|
83
README.md
83
README.md
@@ -38,30 +38,7 @@ ___
|
||||
|
||||
## Usage
|
||||
|
||||
By default, this action uses the [Git context](#git-context) so you don't need to use the
|
||||
[`actions/checkout`](https://github.com/actions/checkout/) action to checkout the repository because this will be
|
||||
done directly by buildkit. The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/reference/events-that-trigger-workflows)
|
||||
and will result in the following context: `https://github.com/<owner>/<repo>.git#<ref>`.
|
||||
|
||||
You can provide a subdirectory to the [Git context](#git-context) by using the following [Handlebars template](https://handlebarsjs.com/guide/) expression `{{defaultContext}}`:
|
||||
|
||||
```yaml
|
||||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: {{defaultContext}}:docker
|
||||
push: true
|
||||
tags: user/app:latest
|
||||
```
|
||||
|
||||
Be careful because **any file mutation in the steps that precede the build step will be ignored, including processing of the `.dockerignore` file** since
|
||||
the context is based on the git reference. However, you can use the [Path context](#path-context) using the
|
||||
[`context` input](#inputs) alongside the [`actions/checkout`](https://github.com/actions/checkout/) action to remove
|
||||
this restriction.
|
||||
|
||||
In the examples below we are using 3 other actions:
|
||||
In the examples below we are also using 3 other actions:
|
||||
|
||||
* [`setup-buildx`](https://github.com/docker/setup-buildx-action) action will create and boot a builder using by
|
||||
default the `docker-container` [builder driver](https://github.com/docker/buildx/blob/master/docs/reference/buildx_create.md#driver).
|
||||
@@ -72,13 +49,20 @@ to add emulation support with QEMU to be able to build against more platforms.
|
||||
|
||||
### Git context
|
||||
|
||||
By default, this action uses the [Git context](#git-context) so you don't need
|
||||
to use the [`actions/checkout`](https://github.com/actions/checkout/) action to
|
||||
check out the repository because this will be done directly by [BuildKit](https://github.com/moby/buildkit).
|
||||
|
||||
The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/reference/events-that-trigger-workflows)
|
||||
and will result in the following context: `https://github.com/<owner>/<repo>.git#<ref>`.
|
||||
|
||||
```yaml
|
||||
name: ci
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
@@ -98,21 +82,42 @@ jobs:
|
||||
password: ${{ secrets.DOCKERHUB_TOKEN }}
|
||||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
push: true
|
||||
tags: user/app:latest
|
||||
```
|
||||
|
||||
Building from the current repository automatically uses the [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
|
||||
so it does not need to be passed. If you want to authenticate against another private repository, you have to use
|
||||
a [secret](docs/advanced/secrets.md) named `GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
|
||||
Be careful because **any file mutation in the steps that precede the build step
|
||||
will be ignored, including processing of the `.dockerignore` file** since
|
||||
the context is based on the Git reference. However, you can use the
|
||||
[Path context](#path-context) using the [`context` input](#inputs) alongside
|
||||
the [`actions/checkout`](https://github.com/actions/checkout/) action to remove
|
||||
this restriction.
|
||||
|
||||
Default Git context can also be provided using the [Handlebars template](https://handlebarsjs.com/guide/)
|
||||
expression `{{defaultContext}}`. Here we can use it to provide a subdirectory
|
||||
to the default Git context:
|
||||
|
||||
```yaml
|
||||
-
|
||||
name: Build and push
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
context: "{{defaultContext}}:mysubdir"
|
||||
push: true
|
||||
tags: user/app:latest
|
||||
```
|
||||
> :warning: Subdirectory for Git context is not yet available for the buildx [`docker` driver](https://github.com/docker/buildx/blob/master/docs/reference/buildx_create.md#driver).
|
||||
|
||||
Building from the current repository automatically uses the [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
|
||||
so it does not need to be passed. If you want to authenticate against another
|
||||
private repository, you have to use a [secret](docs/advanced/secrets.md) named
|
||||
`GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
|
||||
|
||||
```yaml
|
||||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@v2
|
||||
with:
|
||||
push: true
|
||||
@@ -129,7 +134,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
@@ -194,9 +199,11 @@ Following inputs can be used as `step.with` keys
|
||||
|
||||
| Name | Type | Description |
|
||||
|---------------------|----------|------------------------------------|
|
||||
| `add-hosts` | List/CSV | List of [customs host-to-IP mapping](https://docs.docker.com/engine/reference/commandline/build/#add-entries-to-container-hosts-file---add-host) (e.g., `docker:10.180.0.1`) |
|
||||
| `allow` | List/CSV | List of [extra privileged entitlement](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#allow) (e.g., `network.host,security.insecure`) |
|
||||
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
|
||||
| `build-args` | List | List of build-time variables |
|
||||
| `build-args` | List | List of [build-time variables](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#build-arg) |
|
||||
| `build-contexts` | List | List of additional [build contexts](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#build-context) (e.g., `name=path`) |
|
||||
| `cache-from` | List | List of [external cache sources](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) (e.g., `type=local,src=path/to/dir`) |
|
||||
| `cache-to` | List | List of [cache export destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-to) (e.g., `type=local,dest=path/to/dir`) |
|
||||
| `cgroup-parent` | String | Optional [parent cgroup](https://docs.docker.com/engine/reference/commandline/build/#use-a-custom-parent-cgroup---cgroup-parent) for the container used in the build |
|
||||
@@ -208,15 +215,16 @@ Following inputs can be used as `step.with` keys
|
||||
| `no-cache` | Bool | Do not use cache when building the image (default `false`) |
|
||||
| `outputs` | List | List of [output destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#output) (format: `type=local,dest=path`) |
|
||||
| `platforms` | List/CSV | List of [target platforms](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#platform) for build |
|
||||
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) |
|
||||
| `pull` | Bool | Always attempt to pull all referenced images (default `false`) |
|
||||
| `push` | Bool | [Push](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#push) is a shorthand for `--output=type=registry` (default `false`) |
|
||||
| `secrets` | List | List of secrets to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`) |
|
||||
| `secret-files` | List | List of secret files to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`) |
|
||||
| `secrets` | List | List of [secrets](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#secret) to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`) |
|
||||
| `secret-files` | List | List of [secret files](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#secret) to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`) |
|
||||
| `shm-size` | String | Size of [`/dev/shm`](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-size-of-devshm---shm-size) (e.g., `2g`) |
|
||||
| `ssh` | List | List of SSH agent socket or keys to expose to the build |
|
||||
| `ssh` | List | List of [SSH agent socket or keys](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#ssh) to expose to the build |
|
||||
| `tags` | List/CSV | List of tags |
|
||||
| `target` | String | Sets the target stage to build |
|
||||
| `ulimit` | List | [Ulimit](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-set-ulimits---ulimit) options (e.g., `nofile=1024:1024`) |
|
||||
| `github-token` | String | GitHub Token used to authenticate against a repository for [Git context](#git-context) (default `${{ github.token }}`) |
|
||||
|
||||
### outputs
|
||||
|
||||
@@ -224,7 +232,8 @@ Following outputs are available
|
||||
|
||||
| Name | Type | Description |
|
||||
|-------------------|---------|---------------------------------------|
|
||||
| `digest` | String | Image content-addressable identifier also called a digest |
|
||||
| `imageid` | String | Image ID |
|
||||
| `digest` | String | Image digest |
|
||||
| `metadata` | JSON | Build result metadata |
|
||||
|
||||
## Troubleshooting
|
||||
|
@@ -7,7 +7,7 @@ import * as buildx from '../src/buildx';
|
||||
import * as context from '../src/context';
|
||||
|
||||
const tmpNameSync = path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
|
||||
const digest = 'sha256:bfb45ab72e46908183546477a08f8867fc40cebadd00af54b071b097aed127a9';
|
||||
const imageID = 'sha256:bfb45ab72e46908183546477a08f8867fc40cebadd00af54b071b097aed127a9';
|
||||
const metadata = `{
|
||||
"containerimage.config.digest": "sha256:059b68a595b22564a1cbc167af369349fdc2ecc1f7bc092c2235cbf601a795fd",
|
||||
"containerimage.digest": "sha256:b09b9482c72371486bb2c1d2c2a2633ed1d0b8389e12c8d52b9e052725c0c83c"
|
||||
@@ -28,9 +28,9 @@ jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
|
||||
describe('getImageID', () => {
|
||||
it('matches', async () => {
|
||||
const imageIDFile = await buildx.getImageIDFile();
|
||||
await fs.writeFileSync(imageIDFile, digest);
|
||||
const imageID = await buildx.getImageID();
|
||||
expect(imageID).toEqual(digest);
|
||||
await fs.writeFileSync(imageIDFile, imageID);
|
||||
const expected = await buildx.getImageID();
|
||||
expect(expected).toEqual(imageID);
|
||||
});
|
||||
});
|
||||
|
||||
@@ -43,6 +43,15 @@ describe('getMetadata', () => {
|
||||
});
|
||||
});
|
||||
|
||||
describe('getDigest', () => {
|
||||
it('matches', async () => {
|
||||
const metadataFile = await buildx.getMetadataFile();
|
||||
await fs.writeFileSync(metadataFile, metadata);
|
||||
const expected = await buildx.getDigest(metadata);
|
||||
expect(expected).toEqual('sha256:b09b9482c72371486bb2c1d2c2a2633ed1d0b8389e12c8d52b9e052725c0c83c');
|
||||
});
|
||||
});
|
||||
|
||||
describe('isLocalOrTarExporter', () => {
|
||||
// prettier-ignore
|
||||
test.each([
|
||||
|
@@ -446,6 +446,7 @@ ccc`],
|
||||
['context', '.'],
|
||||
['tag', 'localhost:5000/name/app:latest'],
|
||||
['file', './test/Dockerfile'],
|
||||
['add-hosts', 'docker:10.180.0.1,foo:10.0.0.1'],
|
||||
['network', 'host'],
|
||||
['load', 'false'],
|
||||
['no-cache', 'false'],
|
||||
@@ -455,6 +456,8 @@ ccc`],
|
||||
[
|
||||
'buildx',
|
||||
'build',
|
||||
'--add-host', 'docker:10.180.0.1',
|
||||
'--add-host', 'foo:10.0.0.1',
|
||||
'--file', './test/Dockerfile',
|
||||
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
|
||||
'--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
|
||||
@@ -469,6 +472,7 @@ ccc`],
|
||||
new Map<string, string>([
|
||||
['context', '.'],
|
||||
['file', './test/Dockerfile'],
|
||||
['add-hosts', 'docker:10.180.0.1\nfoo:10.0.0.1'],
|
||||
['cgroup-parent', 'foo'],
|
||||
['shm-size', '2g'],
|
||||
['ulimit', `nofile=1024:1024
|
||||
@@ -481,6 +485,8 @@ nproc=3`],
|
||||
[
|
||||
'buildx',
|
||||
'build',
|
||||
'--add-host', 'docker:10.180.0.1',
|
||||
'--add-host', 'foo:10.0.0.1',
|
||||
'--cgroup-parent', 'foo',
|
||||
'--file', './test/Dockerfile',
|
||||
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
|
||||
|
12
action.yml
12
action.yml
@@ -7,12 +7,18 @@ branding:
|
||||
color: 'blue'
|
||||
|
||||
inputs:
|
||||
add-hosts:
|
||||
description: "List of a customs host-to-IP mapping (e.g., docker:10.180.0.1)"
|
||||
required: false
|
||||
allow:
|
||||
description: "List of extra privileged entitlement (e.g., network.host,security.insecure)"
|
||||
required: false
|
||||
build-args:
|
||||
description: "List of build-time variables"
|
||||
required: false
|
||||
build-contexts:
|
||||
description: "List of additional build contexts (e.g., name=path)"
|
||||
required: false
|
||||
builder:
|
||||
description: "Builder instance"
|
||||
required: false
|
||||
@@ -52,7 +58,7 @@ inputs:
|
||||
description: "List of target platforms for build"
|
||||
required: false
|
||||
pull:
|
||||
description: "Always attempt to pull a newer version of the image"
|
||||
description: "Always attempt to pull all referenced images"
|
||||
required: false
|
||||
default: 'false'
|
||||
push:
|
||||
@@ -86,8 +92,10 @@ inputs:
|
||||
required: false
|
||||
|
||||
outputs:
|
||||
imageid:
|
||||
description: 'Image ID'
|
||||
digest:
|
||||
description: 'Image content-addressable identifier also called a digest'
|
||||
description: 'Image digest'
|
||||
metadata:
|
||||
description: 'Build result metadata'
|
||||
|
||||
|
2292
dist/index.js
generated
vendored
2292
dist/index.js
generated
vendored
File diff suppressed because one or more lines are too long
@@ -20,7 +20,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
@@ -60,7 +60,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
@@ -110,7 +110,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
@@ -154,7 +154,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -12,7 +12,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -10,7 +10,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -9,7 +9,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -6,7 +6,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -8,7 +8,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -12,7 +12,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -14,7 +14,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -22,7 +22,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -11,7 +11,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
@@ -1,7 +1,6 @@
|
||||
# Handle tags and labels
|
||||
|
||||
If you come from [`v1`](https://github.com/docker/build-push-action/tree/releases/v1#readme) and want an
|
||||
"automatic" tag management and [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
|
||||
If you want an "automatic" tag management and [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
|
||||
for labels, you can do it in a dedicated step. The following workflow will use the [Docker metadata action](https://github.com/docker/metadata-action)
|
||||
to handle tags and labels based on GitHub actions events and Git metadata.
|
||||
|
||||
@@ -10,7 +9,7 @@ name: ci
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 10 * * *' # everyday at 10am
|
||||
- cron: '0 10 * * *'
|
||||
push:
|
||||
branches:
|
||||
- '**'
|
||||
@@ -18,7 +17,7 @@ on:
|
||||
- 'v*.*.*'
|
||||
pull_request:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
jobs:
|
||||
docker:
|
||||
|
@@ -14,7 +14,7 @@ name: ci
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- 'master'
|
||||
- 'main'
|
||||
|
||||
env:
|
||||
TEST_TAG: user/myapp:test
|
||||
|
@@ -34,6 +34,17 @@ export async function getMetadata(): Promise<string | undefined> {
|
||||
return content;
|
||||
}
|
||||
|
||||
export async function getDigest(metadata: string | undefined): Promise<string | undefined> {
|
||||
if (metadata === undefined) {
|
||||
return undefined;
|
||||
}
|
||||
const metadataJSON = JSON.parse(metadata);
|
||||
if (metadataJSON['containerimage.digest']) {
|
||||
return metadataJSON['containerimage.digest'];
|
||||
}
|
||||
return undefined;
|
||||
}
|
||||
|
||||
export async function getSecretString(kvp: string): Promise<string> {
|
||||
return getSecret(kvp, false);
|
||||
}
|
||||
|
@@ -14,8 +14,10 @@ import * as handlebars from 'handlebars';
|
||||
let _defaultContext, _tmpDir: string;
|
||||
|
||||
export interface Inputs {
|
||||
addHosts: string[];
|
||||
allow: string[];
|
||||
buildArgs: string[];
|
||||
buildContexts: string[];
|
||||
builder: string;
|
||||
cacheFrom: string[];
|
||||
cacheTo: string[];
|
||||
@@ -67,8 +69,10 @@ export function tmpNameSync(options?: tmp.TmpNameOptions): string {
|
||||
|
||||
export async function getInputs(defaultContext: string): Promise<Inputs> {
|
||||
return {
|
||||
addHosts: await getInputList('add-hosts'),
|
||||
allow: await getInputList('allow'),
|
||||
buildArgs: await getInputList('build-args', true),
|
||||
buildContexts: await getInputList('build-contexts', true),
|
||||
builder: core.getInput('builder'),
|
||||
cacheFrom: await getInputList('cache-from', true),
|
||||
cacheTo: await getInputList('cache-to', true),
|
||||
@@ -104,12 +108,20 @@ export async function getArgs(inputs: Inputs, defaultContext: string, buildxVers
|
||||
|
||||
async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
|
||||
let args: Array<string> = ['build'];
|
||||
await asyncForEach(inputs.addHosts, async addHost => {
|
||||
args.push('--add-host', addHost);
|
||||
});
|
||||
if (inputs.allow.length > 0) {
|
||||
args.push('--allow', inputs.allow.join(','));
|
||||
}
|
||||
await asyncForEach(inputs.buildArgs, async buildArg => {
|
||||
args.push('--build-arg', buildArg);
|
||||
});
|
||||
if (buildx.satisfies(buildxVersion, '>=0.8.0')) {
|
||||
await asyncForEach(inputs.buildContexts, async buildContext => {
|
||||
args.push('--build-context', buildContext);
|
||||
});
|
||||
}
|
||||
await asyncForEach(inputs.cacheFrom, async cacheFrom => {
|
||||
args.push('--cache-from', cacheFrom);
|
||||
});
|
||||
|
32
src/main.ts
32
src/main.ts
@@ -33,18 +33,28 @@ async function run(): Promise<void> {
|
||||
}
|
||||
});
|
||||
|
||||
await core.group(`Setting outputs`, async () => {
|
||||
const imageID = await buildx.getImageID();
|
||||
const metadata = await buildx.getMetadata();
|
||||
if (imageID) {
|
||||
core.info(`digest=${imageID}`);
|
||||
context.setOutput('digest', imageID);
|
||||
}
|
||||
if (metadata) {
|
||||
core.info(`metadata=${metadata}`);
|
||||
const imageID = await buildx.getImageID();
|
||||
const metadata = await buildx.getMetadata();
|
||||
const digest = await buildx.getDigest(metadata);
|
||||
|
||||
if (imageID) {
|
||||
await core.group(`ImageID`, async () => {
|
||||
core.info(imageID);
|
||||
context.setOutput('imageid', imageID);
|
||||
});
|
||||
}
|
||||
if (digest) {
|
||||
await core.group(`Digest`, async () => {
|
||||
core.info(digest);
|
||||
context.setOutput('digest', digest);
|
||||
});
|
||||
}
|
||||
if (metadata) {
|
||||
await core.group(`Metadata`, async () => {
|
||||
core.info(metadata);
|
||||
context.setOutput('metadata', metadata);
|
||||
}
|
||||
});
|
||||
});
|
||||
}
|
||||
} catch (error) {
|
||||
core.setFailed(error.message);
|
||||
}
|
||||
|
2
test/addhost.Dockerfile
Normal file
2
test/addhost.Dockerfile
Normal file
@@ -0,0 +1,2 @@
|
||||
FROM busybox
|
||||
RUN cat /etc/hosts
|
3
test/buildcontext.Dockerfile
Normal file
3
test/buildcontext.Dockerfile
Normal file
@@ -0,0 +1,3 @@
|
||||
# syntax=docker/dockerfile-upstream:master
|
||||
FROM alpine
|
||||
RUN cat /etc/*release
|
26
yarn.lock
26
yarn.lock
@@ -2734,9 +2734,11 @@ nice-try@^1.0.4:
|
||||
integrity sha512-1nh45deeb5olNY7eX82BkPO7SSxR5SSYJiPTrTdFUVYwAl8CKMA5N9PjTYkHiRjisVcxcQ1HXdLhx2qxxJzLNQ==
|
||||
|
||||
node-fetch@^2.3.0, node-fetch@^2.6.1:
|
||||
version "2.6.1"
|
||||
resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.1.tgz#045bd323631f76ed2e2b55573394416b639a0052"
|
||||
integrity sha512-V4aYg89jEoVRxRb2fJdAg8FHvI7cEyYdVAh94HH0UIK8oJxUfkjlDQN9RbMx+bEjP7+ggMiFRprSti032Oipxw==
|
||||
version "2.6.7"
|
||||
resolved "https://registry.yarnpkg.com/node-fetch/-/node-fetch-2.6.7.tgz#24de9fba827e3b4ae44dc8b20256a379160052ad"
|
||||
integrity sha512-ZjMPFEfVx5j+y2yF35Kzx5sF7kDzxuDj6ziH4FFbOp87zKDZNx8yExJIb05OGF4Nlt9IHFIMBkRl41VdvcNdbQ==
|
||||
dependencies:
|
||||
whatwg-url "^5.0.0"
|
||||
|
||||
node-int64@^0.4.0:
|
||||
version "0.4.0"
|
||||
@@ -3498,6 +3500,11 @@ tr46@^2.1.0:
|
||||
dependencies:
|
||||
punycode "^2.1.1"
|
||||
|
||||
tr46@~0.0.3:
|
||||
version "0.0.3"
|
||||
resolved "https://registry.yarnpkg.com/tr46/-/tr46-0.0.3.tgz#8184fd347dac9cdc185992f3a6622e14b9d9ab6a"
|
||||
integrity sha1-gYT9NH2snNwYWZLzpmIuFLnZq2o=
|
||||
|
||||
ts-jest@^26.5.6:
|
||||
version "26.5.6"
|
||||
resolved "https://registry.yarnpkg.com/ts-jest/-/ts-jest-26.5.6.tgz#c32e0746425274e1dfe333f43cd3c800e014ec35"
|
||||
@@ -3652,6 +3659,11 @@ walker@^1.0.7, walker@~1.0.5:
|
||||
dependencies:
|
||||
makeerror "1.0.x"
|
||||
|
||||
webidl-conversions@^3.0.0:
|
||||
version "3.0.1"
|
||||
resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-3.0.1.tgz#24534275e2a7bc6be7bc86611cc16ae0a5654871"
|
||||
integrity sha1-JFNCdeKnvGvnvIZhHMFq4KVlSHE=
|
||||
|
||||
webidl-conversions@^5.0.0:
|
||||
version "5.0.0"
|
||||
resolved "https://registry.yarnpkg.com/webidl-conversions/-/webidl-conversions-5.0.0.tgz#ae59c8a00b121543a2acc65c0434f57b0fc11aff"
|
||||
@@ -3674,6 +3686,14 @@ whatwg-mimetype@^2.3.0:
|
||||
resolved "https://registry.yarnpkg.com/whatwg-mimetype/-/whatwg-mimetype-2.3.0.tgz#3d4b1e0312d2079879f826aff18dbeeca5960fbf"
|
||||
integrity sha512-M4yMwr6mAnQz76TbJm914+gPpB/nCwvZbJU28cUD6dR004SAxDLOOSUaB1JDRqLtaOV/vi0IC5lEAGFgrjGv/g==
|
||||
|
||||
whatwg-url@^5.0.0:
|
||||
version "5.0.0"
|
||||
resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-5.0.0.tgz#966454e8765462e37644d3626f6742ce8b70965d"
|
||||
integrity sha1-lmRU6HZUYuN2RNNib2dCzotwll0=
|
||||
dependencies:
|
||||
tr46 "~0.0.3"
|
||||
webidl-conversions "^3.0.0"
|
||||
|
||||
whatwg-url@^8.0.0, whatwg-url@^8.5.0:
|
||||
version "8.6.0"
|
||||
resolved "https://registry.yarnpkg.com/whatwg-url/-/whatwg-url-8.6.0.tgz#27c0205a4902084b872aecb97cf0f2a7a3011f4c"
|
||||
|
Reference in New Issue
Block a user