Compare commits
	
		
			94 Commits
		
	
	
		
			v3.1.0
			...
			dependabot
		
	
	| Author | SHA1 | Date | |
|---|---|---|---|
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 18307f2841 | ||
|   | 184bdaa072 | ||
|   | 5c6bc94683 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | caf4058643 | ||
|   | ef38ec311a | ||
|   | d52e8ef81c | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 9644ab7025 | ||
|   | 7abd1d5126 | ||
|   | 1a81202c4f | ||
|   | d1ab30dc54 | ||
|   | f25ff28d1c | ||
|   | e0c62a93a1 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 34f6d346b5 | ||
|   | a547b56e5b | ||
|   | b7f56fce8a | ||
|   | 3d100841f6 | ||
|   | 5713f8474e | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 0a8c41d6e2 | ||
|   | 6d4b68b490 | ||
|   | b7f1bbcce7 | ||
|   | abd3abc99c | ||
|   | ac38c32963 | ||
|   | 74a5d14239 | ||
|   | 2f4f00e4c6 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 67c184546c | ||
|   | 3d4cc89e85 | ||
|   | 6cc823a6c4 | ||
|   | d94e792124 | ||
|   | 033db0da30 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 09c2ae9716 | ||
|   | ba56f006fc | ||
|   | 75bf9a79af | ||
|   | ed2698b25f | ||
|   | 52ad1d2e01 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | f18ea97ee4 | ||
|   | 07d7ee0dc6 | ||
|   | 327cd5a69d | ||
|   | e217ef3a2d | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 407f438d11 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 28e19ee314 | ||
|   | 7ca345011a | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 02b671aa02 | ||
|   | 06895751d1 | ||
|   | 02c9ff3be2 | ||
|   | 5d8785b43a | ||
|   | 7a65d3de5d | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | bd2f40996a | ||
|   | 9fd0581bf0 | ||
|   | eefb7e8744 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | cb13d66af0 | ||
|   | 1f36f5b7a2 | ||
|   | bcb47c2c49 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 8165a5b270 | ||
|   | 29df2a9f8c | ||
|   | 2b0e0e02ba | ||
|   | fe7fd06c5d | ||
|   | 3b8fed7e4b | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 90de1764cc | ||
|   | 9780b0c442 | ||
|   | 2fa130caf4 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 5e87b2aca7 | ||
|   | e0394952ce | ||
|   | 9af18aa7d8 | ||
|   | 668190adc5 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | be5150d9fe | ||
|   | e80ebcad71 | ||
|   | 75ee3eaf53 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 793c19c8fc | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 30f019fb76 | ||
|   | 0d4c9c5ea7 | ||
|   | b29e14f6a9 | ||
|   | 218a70c516 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | b8200806cf | ||
|   | 27530a9fbb | ||
|   | d072a60421 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 7c627b5124 | ||
|   | 787cfc6623 | ||
|   | 8e66e916f8 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | 5ba5e97350 | ||
|   | db77945884 | ||
|   | bfd28af29d | ||
|   | 70fccc794a | ||
|   | d5eb4a7b25 | ||
|   | d9ec9539b3 | ||
|   | 406e1d7119 | ||
|   | 834ded21d8 | ||
| ![dependabot[bot]](/assets/img/avatar_default.png)  | c7cb6a492e | ||
|   | 7840e6ddd4 | ||
|   | d910b14072 | ||
|   | 7c17210d47 | ||
|   | 117949aa8e | ||
|   | 225e47902b | ||
|   | 5f4866a30a | ||
|   | 28283a6966 | 
| @@ -1,2 +1,12 @@ | ||||
| /coverage | ||||
| /node_modules | ||||
|  | ||||
| # Dependency directories | ||||
| node_modules/ | ||||
| jspm_packages/ | ||||
|  | ||||
| # yarn v2 | ||||
| .yarn/cache | ||||
| .yarn/unplugged | ||||
| .yarn/build-state.yml | ||||
| .yarn/install-state.gz | ||||
| .pnp.* | ||||
|   | ||||
							
								
								
									
										2
									
								
								.gitattributes
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								.gitattributes
									
									
									
									
										vendored
									
									
								
							| @@ -1,2 +1,4 @@ | ||||
| /.yarn/releases/** binary | ||||
| /.yarn/plugins/** binary | ||||
| /dist/** linguist-generated=true | ||||
| /lib/** linguist-generated=true | ||||
|   | ||||
							
								
								
									
										17
									
								
								.github/workflows/pr-assign-author.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										17
									
								
								.github/workflows/pr-assign-author.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,17 @@ | ||||
| name: pr-assign-author | ||||
|  | ||||
| permissions: | ||||
|   contents: read | ||||
|  | ||||
| on: | ||||
|   pull_request_target: | ||||
|     types: | ||||
|       - opened | ||||
|       - reopened | ||||
|  | ||||
| jobs: | ||||
|   run: | ||||
|     uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@1b673f36fad86812f538c1df9794904038a23cbf | ||||
|     permissions: | ||||
|       contents: read | ||||
|       pull-requests: write | ||||
							
								
								
									
										21
									
								
								.github/workflows/publish.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										21
									
								
								.github/workflows/publish.yml
									
									
									
									
										vendored
									
									
										Normal file
									
								
							| @@ -0,0 +1,21 @@ | ||||
| name: publish | ||||
|  | ||||
| on: | ||||
|   release: | ||||
|     types: | ||||
|       - published | ||||
|  | ||||
| jobs: | ||||
|   publish: | ||||
|     runs-on: ubuntu-latest | ||||
|     permissions: | ||||
|       contents: read | ||||
|       id-token: write | ||||
|       packages: write | ||||
|     steps: | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - | ||||
|         name: Publish | ||||
|         uses: actions/publish-immutable-action@v0.0.4 | ||||
							
								
								
									
										7
									
								
								.github/workflows/test.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										7
									
								
								.github/workflows/test.yml
									
									
									
									
										vendored
									
									
								
							| @@ -20,12 +20,13 @@ jobs: | ||||
|         uses: actions/checkout@v4 | ||||
|       - | ||||
|         name: Test | ||||
|         uses: docker/bake-action@v4 | ||||
|         uses: docker/bake-action@v6 | ||||
|         with: | ||||
|           source: . | ||||
|           targets: test | ||||
|       - | ||||
|         name: Upload coverage | ||||
|         uses: codecov/codecov-action@v4 | ||||
|         uses: codecov/codecov-action@v5 | ||||
|         with: | ||||
|           file: ./coverage/clover.xml | ||||
|           files: ./coverage/clover.xml | ||||
|           token: ${{ secrets.CODECOV_TOKEN }} | ||||
|   | ||||
							
								
								
									
										16
									
								
								.github/workflows/validate.yml
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										16
									
								
								.github/workflows/validate.yml
									
									
									
									
										vendored
									
									
								
							| @@ -15,16 +15,17 @@ jobs: | ||||
|   prepare: | ||||
|     runs-on: ubuntu-latest | ||||
|     outputs: | ||||
|       targets: ${{ steps.targets.outputs.matrix }} | ||||
|       targets: ${{ steps.generate.outputs.targets }} | ||||
|     steps: | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - | ||||
|         name: Targets matrix | ||||
|         id: targets | ||||
|         run: | | ||||
|           echo "matrix=$(docker buildx bake validate --print | jq -cr '.group.validate.targets')" >> $GITHUB_OUTPUT | ||||
|         name: List targets | ||||
|         id: generate | ||||
|         uses: docker/bake-action/subaction/list-targets@v6 | ||||
|         with: | ||||
|           target: validate | ||||
|  | ||||
|   validate: | ||||
|     runs-on: ubuntu-latest | ||||
| @@ -35,11 +36,8 @@ jobs: | ||||
|       matrix: | ||||
|         target: ${{ fromJson(needs.prepare.outputs.targets) }} | ||||
|     steps: | ||||
|       - | ||||
|         name: Checkout | ||||
|         uses: actions/checkout@v4 | ||||
|       - | ||||
|         name: Validate | ||||
|         uses: docker/bake-action@v4 | ||||
|         uses: docker/bake-action@v6 | ||||
|         with: | ||||
|           targets: ${{ matrix.target }} | ||||
|   | ||||
							
								
								
									
										66
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							
							
						
						
									
										66
									
								
								.gitignore
									
									
									
									
										vendored
									
									
								
							| @@ -1,7 +1,5 @@ | ||||
| node_modules/ | ||||
| lib | ||||
| # https://raw.githubusercontent.com/github/gitignore/main/Node.gitignore | ||||
|  | ||||
| # Rest of the file pulled from https://github.com/github/gitignore/blob/master/Node.gitignore | ||||
| # Logs | ||||
| logs | ||||
| *.log | ||||
| @@ -9,6 +7,7 @@ npm-debug.log* | ||||
| yarn-debug.log* | ||||
| yarn-error.log* | ||||
| lerna-debug.log* | ||||
| .pnpm-debug.log* | ||||
|  | ||||
| # Diagnostic reports (https://nodejs.org/api/report.html) | ||||
| report.[0-9]*.[0-9]*.[0-9]*.[0-9]*.json | ||||
| @@ -19,34 +18,14 @@ pids | ||||
| *.seed | ||||
| *.pid.lock | ||||
|  | ||||
| # Directory for instrumented libs generated by jscoverage/JSCover | ||||
| lib-cov | ||||
|  | ||||
| # Coverage directory used by tools like istanbul | ||||
| coverage | ||||
| *.lcov | ||||
|  | ||||
| # nyc test coverage | ||||
| .nyc_output | ||||
|  | ||||
| # Grunt intermediate storage (https://gruntjs.com/creating-plugins#storing-task-files) | ||||
| .grunt | ||||
|  | ||||
| # Bower dependency directory (https://bower.io/) | ||||
| bower_components | ||||
|  | ||||
| # node-waf configuration | ||||
| .lock-wscript | ||||
|  | ||||
| # Compiled binary addons (https://nodejs.org/api/addons.html) | ||||
| build/Release | ||||
|  | ||||
| # Dependency directories | ||||
| node_modules/ | ||||
| jspm_packages/ | ||||
|  | ||||
| # TypeScript v1 declaration files | ||||
| typings/ | ||||
|  | ||||
| # TypeScript cache | ||||
| *.tsbuildinfo | ||||
|  | ||||
| @@ -56,36 +35,19 @@ typings/ | ||||
| # Optional eslint cache | ||||
| .eslintcache | ||||
|  | ||||
| # Optional REPL history | ||||
| .node_repl_history | ||||
|  | ||||
| # Output of 'npm pack' | ||||
| *.tgz | ||||
|  | ||||
| # Yarn Integrity file | ||||
| .yarn-integrity | ||||
|  | ||||
| # dotenv environment variables file | ||||
| # dotenv environment variable files | ||||
| .env | ||||
| .env.test | ||||
| .env.development.local | ||||
| .env.test.local | ||||
| .env.production.local | ||||
| .env.local | ||||
|  | ||||
| # parcel-bundler cache (https://parceljs.org/) | ||||
| .cache | ||||
|  | ||||
| # next.js build output | ||||
| .next | ||||
|  | ||||
| # nuxt.js build output | ||||
| .nuxt | ||||
|  | ||||
| # vuepress build output | ||||
| .vuepress/dist | ||||
|  | ||||
| # Serverless directories | ||||
| .serverless/ | ||||
|  | ||||
| # FuseBox cache | ||||
| .fusebox/ | ||||
|  | ||||
| # DynamoDB Local files | ||||
| .dynamodb/ | ||||
| # yarn v2 | ||||
| .yarn/cache | ||||
| .yarn/unplugged | ||||
| .yarn/build-state.yml | ||||
| .yarn/install-state.gz | ||||
| .pnp.* | ||||
|   | ||||
							
								
								
									
										6
									
								
								.prettierignore
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										6
									
								
								.prettierignore
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,6 @@ | ||||
| # Dependency directories | ||||
| node_modules/ | ||||
| jspm_packages/ | ||||
|  | ||||
| # yarn v2 | ||||
| .yarn/ | ||||
							
								
								
									
										541
									
								
								.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
							
						
						
									
										541
									
								
								.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
									
									
									
									
										vendored
									
									
										Normal file
									
								
							
										
											
												File diff suppressed because one or more lines are too long
											
										
									
								
							
							
								
								
									
										13
									
								
								.yarnrc.yml
									
									
									
									
									
										Normal file
									
								
							
							
						
						
									
										13
									
								
								.yarnrc.yml
									
									
									
									
									
										Normal file
									
								
							| @@ -0,0 +1,13 @@ | ||||
| logFilters: | ||||
|   - code: YN0013 | ||||
|     level: discard | ||||
|   - code: YN0019 | ||||
|     level: discard | ||||
|   - code: YN0076 | ||||
|     level: discard | ||||
|  | ||||
| nodeLinker: node-modules | ||||
|  | ||||
| plugins: | ||||
|   - path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs | ||||
|     spec: "@yarnpkg/plugin-interactive-tools" | ||||
							
								
								
									
										76
									
								
								README.md
									
									
									
									
									
								
							
							
						
						
									
										76
									
								
								README.md
									
									
									
									
									
								
							| @@ -23,9 +23,10 @@ ___ | ||||
|   * [AWS Public Elastic Container Registry (ECR)](#aws-public-elastic-container-registry-ecr) | ||||
|   * [OCI Oracle Cloud Infrastructure Registry (OCIR)](#oci-oracle-cloud-infrastructure-registry-ocir) | ||||
|   * [Quay.io](#quayio) | ||||
|   * [DigitalOcean](#digitalocean-container-registry) | ||||
| * [Customizing](#customizing) | ||||
|   * [inputs](#inputs) | ||||
| * [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot) | ||||
| * [Contributing](#contributing) | ||||
|  | ||||
| ## Usage | ||||
|  | ||||
| @@ -50,7 +51,7 @@ jobs: | ||||
|         name: Login to Docker Hub | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           username: ${{ secrets.DOCKERHUB_USERNAME }} | ||||
|           username: ${{ vars.DOCKERHUB_USERNAME }} | ||||
|           password: ${{ secrets.DOCKERHUB_TOKEN }} | ||||
| ``` | ||||
|  | ||||
| @@ -104,7 +105,7 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: registry.gitlab.com | ||||
|           username: ${{ secrets.GITLAB_USERNAME }} | ||||
|           username: ${{ vars.GITLAB_USERNAME }} | ||||
|           password: ${{ secrets.GITLAB_PASSWORD }} | ||||
| ``` | ||||
|  | ||||
| @@ -135,7 +136,7 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: <registry-name>.azurecr.io | ||||
|           username: ${{ secrets.AZURE_CLIENT_ID }} | ||||
|           username: ${{ vars.AZURE_CLIENT_ID }} | ||||
|           password: ${{ secrets.AZURE_CLIENT_SECRET }} | ||||
| ``` | ||||
|  | ||||
| @@ -198,8 +199,7 @@ jobs: | ||||
| Use a service account with permission to push to GCR and [configure access control](https://cloud.google.com/container-registry/docs/access-control). | ||||
| Download the key for the service account as a JSON file. Save the contents of | ||||
| the file [as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) | ||||
| named `GCR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`, | ||||
| or `_json_key_base64` if you use a base64-encoded key. | ||||
| named `GCR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`. | ||||
|  | ||||
| ```yaml | ||||
| name: ci | ||||
| @@ -227,10 +227,9 @@ You can authenticate with workload identity federation or a service account. | ||||
|  | ||||
| #### Workload identity federation | ||||
|  | ||||
| Download the key for the service account as a JSON file. Save the contents of | ||||
| the file [as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) | ||||
| named `GCR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`, | ||||
| or `_json_key_base64` if you use a base64-encoded key. | ||||
| Your service account must have permission to push to GAR. Use the | ||||
| `google-github-actions/auth` action to authenticate using workload identity as | ||||
| shown in the following example: | ||||
|  | ||||
| ```yaml | ||||
| name: ci | ||||
| @@ -274,7 +273,7 @@ jobs: | ||||
| Use a service account with permission to push to GAR and [configure access control](https://cloud.google.com/artifact-registry/docs/access-control). | ||||
| Download the key for the service account as a JSON file. Save the contents of | ||||
| the file [as a secret](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) | ||||
| named `GCR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`, | ||||
| named `GAR_JSON_KEY` in your GitHub repository. Set the username to `_json_key`, | ||||
| or `_json_key_base64` if you use a base64-encoded key. | ||||
|  | ||||
| ```yaml | ||||
| @@ -302,7 +301,7 @@ jobs: | ||||
|  | ||||
| ### AWS Elastic Container Registry (ECR) | ||||
|  | ||||
| Use an IAM user with the ability to [push to ECR with `AmazonEC2ContainerRegistryPowerUser` managed policy for example](https://docs.aws.amazon.com/AmazonECR/latest/userguide/ecr_managed_policies.html#AmazonEC2ContainerRegistryPowerUser). | ||||
| Use an IAM user with the ability to [push to ECR with `AmazonEC2ContainerRegistryPowerUser` managed policy for example](https://docs.aws.amazon.com/AmazonECR/latest/userguide/security-iam-awsmanpol.html#security-iam-awsmanpol-AmazonEC2ContainerRegistryPowerUser). | ||||
| Download the access keys and save them as `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` [as secrets](https://docs.github.com/en/actions/configuring-and-managing-workflows/creating-and-storing-encrypted-secrets#creating-encrypted-secrets-for-a-repository) | ||||
| in your GitHub repo. | ||||
|  | ||||
| @@ -322,7 +321,7 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com | ||||
|           username: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||
|           username: ${{ vars.AWS_ACCESS_KEY_ID }} | ||||
|           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
| ``` | ||||
|  | ||||
| @@ -345,7 +344,7 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: <aws-account-number>.dkr.ecr.<region>.amazonaws.com | ||||
|           username: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||
|           username: ${{ vars.AWS_ACCESS_KEY_ID }} | ||||
|           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
|         env: | ||||
|           AWS_ACCOUNT_IDS: 012345678910,023456789012 | ||||
| @@ -371,7 +370,7 @@ jobs: | ||||
|         name: Configure AWS Credentials | ||||
|         uses: aws-actions/configure-aws-credentials@v4 | ||||
|         with: | ||||
|           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||
|           aws-access-key-id: ${{ vars.AWS_ACCESS_KEY_ID }} | ||||
|           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
|           aws-region: <region> | ||||
|       - | ||||
| @@ -406,7 +405,7 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: public.ecr.aws | ||||
|           username: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||||
|           username: ${{ vars.AWS_ACCESS_KEY_ID }} | ||||
|           password: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||||
|         env: | ||||
|           AWS_REGION: <region> | ||||
| @@ -440,7 +439,7 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: <region>.ocir.io | ||||
|           username: ${{ secrets.OCI_USERNAME }} | ||||
|           username: ${{ vars.OCI_USERNAME }} | ||||
|           password: ${{ secrets.OCI_TOKEN }} | ||||
| ``` | ||||
|  | ||||
| @@ -467,10 +466,34 @@ jobs: | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: quay.io | ||||
|           username: ${{ secrets.QUAY_USERNAME }} | ||||
|           username: ${{ vars.QUAY_USERNAME }} | ||||
|           password: ${{ secrets.QUAY_ROBOT_TOKEN }} | ||||
| ``` | ||||
|  | ||||
| ### DigitalOcean Container Registry | ||||
|  | ||||
| Use your DigitalOcean registered email address and an API access token to authenticate. | ||||
|  | ||||
| ```yaml | ||||
| name: ci | ||||
|  | ||||
| on: | ||||
|   push: | ||||
|     branches: main | ||||
|  | ||||
| jobs: | ||||
|   login: | ||||
|     runs-on: ubuntu-latest | ||||
|     steps: | ||||
|       - | ||||
|         name: Login to DigitalOcean Container Registry | ||||
|         uses: docker/login-action@v3 | ||||
|         with: | ||||
|           registry: registry.digitalocean.com | ||||
|           username: ${{ vars.DIGITALOCEAN_USERNAME }} | ||||
|           password: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | ||||
| ``` | ||||
|  | ||||
| ## Customizing | ||||
|  | ||||
| ### inputs | ||||
| @@ -485,18 +508,7 @@ The following inputs can be used as `step.with` keys: | ||||
| | `ecr`      | String | `auto`  | Specifies whether the given registry is ECR (`auto`, `true` or `false`)       | | ||||
| | `logout`   | Bool   | `true`  | Log out from the Docker registry at the end of a job                          | | ||||
|  | ||||
| ## Keep up-to-date with GitHub Dependabot | ||||
| ## Contributing | ||||
|  | ||||
| Since [Dependabot](https://docs.github.com/en/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot) | ||||
| has [native GitHub Actions support](https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#package-ecosystem), | ||||
| to enable it on your GitHub repo all you need to do is add the `.github/dependabot.yml` file: | ||||
|  | ||||
| ```yaml | ||||
| version: 2 | ||||
| updates: | ||||
|   # Maintain dependencies for GitHub Actions | ||||
|   - package-ecosystem: "github-actions" | ||||
|     directory: "/" | ||||
|     schedule: | ||||
|       interval: "daily" | ||||
| ``` | ||||
| Want to contribute? Awesome! You can find information about contributing to | ||||
| this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md) | ||||
|   | ||||
| @@ -10,7 +10,9 @@ describe('isECR', () => { | ||||
|     ['012345678901.dkr.ecr.eu-west-3.amazonaws.com', true], | ||||
|     ['876820548815.dkr.ecr.cn-north-1.amazonaws.com.cn', true], | ||||
|     ['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', true], | ||||
|     ['public.ecr.aws', true] | ||||
|     ['012345678901.dkr-ecr.eu-north-1.on.aws', true], | ||||
|     ['public.ecr.aws', true], | ||||
|     ['ecr-public.aws.com', true] | ||||
|   ])('given registry %p', async (registry, expected) => { | ||||
|     expect(aws.isECR(registry)).toEqual(expected); | ||||
|   }); | ||||
| @@ -23,7 +25,9 @@ describe('isPubECR', () => { | ||||
|     ['012345678901.dkr.ecr.eu-west-3.amazonaws.com', false], | ||||
|     ['876820548815.dkr.ecr.cn-north-1.amazonaws.com.cn', false], | ||||
|     ['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', false], | ||||
|     ['public.ecr.aws', true] | ||||
|     ['012345678901.dkr-ecr.eu-north-1.on.aws', false], | ||||
|     ['public.ecr.aws', true], | ||||
|     ['ecr-public.aws.com', true] | ||||
|   ])('given registry %p', async (registry, expected) => { | ||||
|     expect(aws.isPubECR(registry)).toEqual(expected); | ||||
|   }); | ||||
| @@ -34,6 +38,7 @@ describe('getRegion', () => { | ||||
|     ['012345678901.dkr.ecr.eu-west-3.amazonaws.com', 'eu-west-3'], | ||||
|     ['876820548815.dkr.ecr.cn-north-1.amazonaws.com.cn', 'cn-north-1'], | ||||
|     ['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', 'cn-northwest-1'], | ||||
|     ['012345678901.dkr-ecr.eu-north-1.on.aws', 'eu-north-1'], | ||||
|     ['public.ecr.aws', 'us-east-1'] | ||||
|   ])('given registry %p', async (registry, expected) => { | ||||
|     expect(aws.getRegion(registry)).toEqual(expected); | ||||
| @@ -46,6 +51,7 @@ describe('getAccountIDs', () => { | ||||
|     ['012345678901.dkr.ecr.eu-west-3.amazonaws.com', '012345678910,023456789012', ['012345678901', '012345678910', '023456789012']], | ||||
|     ['012345678901.dkr.ecr.eu-west-3.amazonaws.com', '012345678901,012345678910,023456789012', ['012345678901', '012345678910', '023456789012']], | ||||
|     ['390948362332.dkr.ecr.cn-northwest-1.amazonaws.com.cn', '012345678910,023456789012', ['390948362332', '012345678910', '023456789012']], | ||||
|     ['876820548815.dkr-ecr.eu-north-1.on.aws', '012345678910,023456789012', ['876820548815', '012345678910', '023456789012']], | ||||
|     ['public.ecr.aws', undefined, []] | ||||
|   ])('given registry %p', async (registry, accountIDsEnv, expected) => { | ||||
|     if (accountIDsEnv) { | ||||
|   | ||||
| @@ -2,14 +2,15 @@ import {expect, jest, test} from '@jest/globals'; | ||||
| import * as path from 'path'; | ||||
|  | ||||
| import {loginStandard, logout} from '../src/docker'; | ||||
| import {Exec} from '@docker/actions-toolkit/lib/exec'; | ||||
|  | ||||
| import {Docker} from '@docker/actions-toolkit/lib/docker/docker'; | ||||
|  | ||||
| process.env['RUNNER_TEMP'] = path.join(__dirname, 'runner'); | ||||
|  | ||||
| test('loginStandard calls exec', async () => { | ||||
|   // eslint-disable-next-line @typescript-eslint/ban-ts-comment | ||||
|   // @ts-ignore | ||||
|   const execSpy = jest.spyOn(Exec, 'getExecOutput').mockImplementation(async () => { | ||||
|   const execSpy = jest.spyOn(Docker, 'getExecOutput').mockImplementation(async () => { | ||||
|     return { | ||||
|       exitCode: expect.any(Number), | ||||
|       stdout: expect.any(Function), | ||||
| @@ -23,7 +24,13 @@ test('loginStandard calls exec', async () => { | ||||
|  | ||||
|   await loginStandard(registry, username, password); | ||||
|  | ||||
|   expect(execSpy).toHaveBeenCalledWith(`docker`, ['login', '--password-stdin', '--username', username, registry], { | ||||
|   expect(execSpy).toHaveBeenCalledTimes(1); | ||||
|   const callfunc = execSpy.mock.calls[0]; | ||||
|   if (callfunc && callfunc[1]) { | ||||
|     // we don't want to check env opt | ||||
|     callfunc[1].env = undefined; | ||||
|   } | ||||
|   expect(execSpy).toHaveBeenCalledWith(['login', '--password-stdin', '--username', username, registry], { | ||||
|     input: Buffer.from(password), | ||||
|     silent: true, | ||||
|     ignoreReturnCode: true | ||||
| @@ -33,7 +40,7 @@ test('loginStandard calls exec', async () => { | ||||
| test('logout calls exec', async () => { | ||||
|   // eslint-disable-next-line @typescript-eslint/ban-ts-comment | ||||
|   // @ts-ignore | ||||
|   const execSpy = jest.spyOn(Exec, 'getExecOutput').mockImplementation(async () => { | ||||
|   const execSpy = jest.spyOn(Docker, 'getExecOutput').mockImplementation(async () => { | ||||
|     return { | ||||
|       exitCode: expect.any(Number), | ||||
|       stdout: expect.any(Function), | ||||
| @@ -45,7 +52,13 @@ test('logout calls exec', async () => { | ||||
|  | ||||
|   await logout(registry); | ||||
|  | ||||
|   expect(execSpy).toHaveBeenCalledWith(`docker`, ['logout', registry], { | ||||
|   expect(execSpy).toHaveBeenCalledTimes(1); | ||||
|   const callfunc = execSpy.mock.calls[0]; | ||||
|   if (callfunc && callfunc[1]) { | ||||
|     // we don't want to check env opt | ||||
|     callfunc[1].env = undefined; | ||||
|   } | ||||
|   expect(execSpy).toHaveBeenCalledWith(['logout', registry], { | ||||
|     ignoreReturnCode: true | ||||
|   }); | ||||
| }); | ||||
|   | ||||
| @@ -5,9 +5,16 @@ ARG NODE_VERSION=20 | ||||
| FROM node:${NODE_VERSION}-alpine AS base | ||||
| RUN apk add --no-cache cpio findutils git | ||||
| WORKDIR /src | ||||
| RUN --mount=type=bind,target=.,rw \ | ||||
|   --mount=type=cache,target=/src/.yarn/cache <<EOT | ||||
|   corepack enable | ||||
|   yarn --version | ||||
|   yarn config set --home enableTelemetry 0 | ||||
| EOT | ||||
|  | ||||
| FROM base AS deps | ||||
| RUN --mount=type=bind,target=.,rw \ | ||||
|   --mount=type=cache,target=/src/.yarn/cache \ | ||||
|   --mount=type=cache,target=/src/node_modules \ | ||||
|   yarn install && mkdir /vendor && cp yarn.lock /vendor | ||||
|  | ||||
| @@ -20,7 +27,7 @@ RUN --mount=type=bind,target=.,rw <<EOT | ||||
|   git add -A | ||||
|   cp -rf /vendor/* . | ||||
|   if [ -n "$(git status --porcelain -- yarn.lock)" ]; then | ||||
|     echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"' | ||||
|     echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor"' | ||||
|     git status --porcelain -- yarn.lock | ||||
|     exit 1 | ||||
|   fi | ||||
| @@ -28,6 +35,7 @@ EOT | ||||
|  | ||||
| FROM deps AS build | ||||
| RUN --mount=type=bind,target=.,rw \ | ||||
|   --mount=type=cache,target=/src/.yarn/cache \ | ||||
|   --mount=type=cache,target=/src/node_modules \ | ||||
|   yarn run build && mkdir /out && cp -Rf dist /out/ | ||||
|  | ||||
| @@ -48,15 +56,17 @@ EOT | ||||
|  | ||||
| FROM deps AS format | ||||
| RUN --mount=type=bind,target=.,rw \ | ||||
|   --mount=type=cache,target=/src/.yarn/cache \ | ||||
|   --mount=type=cache,target=/src/node_modules \ | ||||
|   yarn run format \ | ||||
|   && mkdir /out && find . -name '*.ts' -not -path './node_modules/*' | cpio -pdm /out | ||||
|   && mkdir /out && find . -name '*.ts' -not -path './node_modules/*' -not -path './.yarn/*' | cpio -pdm /out | ||||
|  | ||||
| FROM scratch AS format-update | ||||
| COPY --from=format /out / | ||||
|  | ||||
| FROM deps AS lint | ||||
| RUN --mount=type=bind,target=.,rw \ | ||||
|   --mount=type=cache,target=/src/.yarn/cache \ | ||||
|   --mount=type=cache,target=/src/node_modules \ | ||||
|   yarn run lint | ||||
|  | ||||
| @@ -64,6 +74,7 @@ FROM deps AS test | ||||
| ENV RUNNER_TEMP=/tmp/github_runner | ||||
| ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache | ||||
| RUN --mount=type=bind,target=.,rw \ | ||||
|   --mount=type=cache,target=/src/.yarn/cache \ | ||||
|   --mount=type=cache,target=/src/node_modules \ | ||||
|   yarn run test --coverage --coverageDirectory=/tmp/coverage | ||||
|  | ||||
|   | ||||
							
								
								
									
										124
									
								
								dist/index.js
									
									
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										124
									
								
								dist/index.js
									
									
									
										generated
									
									
										vendored
									
									
								
							
										
											
												File diff suppressed because one or more lines are too long
											
										
									
								
							
							
								
								
									
										2
									
								
								dist/index.js.map
									
									
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										2
									
								
								dist/index.js.map
									
									
									
										generated
									
									
										vendored
									
									
								
							
										
											
												File diff suppressed because one or more lines are too long
											
										
									
								
							
							
								
								
									
										4520
									
								
								dist/licenses.txt
									
									
									
										generated
									
									
										vendored
									
									
								
							
							
						
						
									
										4520
									
								
								dist/licenses.txt
									
									
									
										generated
									
									
										vendored
									
									
								
							
										
											
												File diff suppressed because it is too large
												Load Diff
											
										
									
								
							| @@ -1,9 +1,15 @@ | ||||
| target "_common" { | ||||
|   args = { | ||||
|     BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1 | ||||
|   } | ||||
| } | ||||
|  | ||||
| group "default" { | ||||
|   targets = ["build"] | ||||
| } | ||||
|  | ||||
| group "pre-checkin" { | ||||
|   targets = ["vendor-update", "format", "build"] | ||||
|   targets = ["vendor", "format", "build"] | ||||
| } | ||||
|  | ||||
| group "validate" { | ||||
| @@ -11,42 +17,49 @@ group "validate" { | ||||
| } | ||||
|  | ||||
| target "build" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "build-update" | ||||
|   output = ["."] | ||||
| } | ||||
|  | ||||
| target "build-validate" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "build-validate" | ||||
|   output = ["type=cacheonly"] | ||||
| } | ||||
|  | ||||
| target "format" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "format-update" | ||||
|   output = ["."] | ||||
| } | ||||
|  | ||||
| target "lint" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "lint" | ||||
|   output = ["type=cacheonly"] | ||||
| } | ||||
|  | ||||
| target "vendor-update" { | ||||
| target "vendor" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "vendor-update" | ||||
|   output = ["."] | ||||
| } | ||||
|  | ||||
| target "vendor-validate" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "vendor-validate" | ||||
|   output = ["type=cacheonly"] | ||||
| } | ||||
|  | ||||
| target "test" { | ||||
|   inherits = ["_common"] | ||||
|   dockerfile = "dev.Dockerfile" | ||||
|   target = "test-coverage" | ||||
|   output = ["./coverage"] | ||||
|   | ||||
							
								
								
									
										44
									
								
								package.json
									
									
									
									
									
								
							
							
						
						
									
										44
									
								
								package.json
									
									
									
									
									
								
							| @@ -1,17 +1,16 @@ | ||||
| { | ||||
|   "name": "docker-login", | ||||
|   "description": "GitHub Action to login against a Docker registry", | ||||
|   "main": "lib/main.js", | ||||
|   "main": "src/main.ts", | ||||
|   "scripts": { | ||||
|     "build": "ncc build src/main.ts --source-map --minify --license licenses.txt", | ||||
|     "build": "ncc build --source-map --minify --license licenses.txt", | ||||
|     "lint": "yarn run prettier && yarn run eslint", | ||||
|     "format": "yarn run prettier:fix && yarn run eslint:fix", | ||||
|     "eslint": "eslint --max-warnings=0 .", | ||||
|     "eslint:fix": "eslint --fix .", | ||||
|     "prettier": "prettier --check \"./**/*.ts\"", | ||||
|     "prettier:fix": "prettier --write \"./**/*.ts\"", | ||||
|     "test": "jest", | ||||
|     "all": "yarn run build && yarn run format && yarn test" | ||||
|     "test": "jest" | ||||
|   }, | ||||
|   "repository": { | ||||
|     "type": "git", | ||||
| @@ -24,27 +23,28 @@ | ||||
|   ], | ||||
|   "author": "Docker Inc.", | ||||
|   "license": "Apache-2.0", | ||||
|   "packageManager": "yarn@3.6.3", | ||||
|   "dependencies": { | ||||
|     "@actions/core": "^1.10.1", | ||||
|     "@aws-sdk/client-ecr": "^3.529.1", | ||||
|     "@aws-sdk/client-ecr-public": "^3.529.1", | ||||
|     "@docker/actions-toolkit": "^0.18.0", | ||||
|     "@actions/core": "^1.11.1", | ||||
|     "@aws-sdk/client-ecr": "^3.862.0", | ||||
|     "@aws-sdk/client-ecr-public": "^3.862.0", | ||||
|     "@docker/actions-toolkit": "^0.62.1", | ||||
|     "http-proxy-agent": "^7.0.2", | ||||
|     "https-proxy-agent": "^7.0.4" | ||||
|     "https-proxy-agent": "^7.0.6" | ||||
|   }, | ||||
|   "devDependencies": { | ||||
|     "@types/node": "^20.5.9", | ||||
|     "@typescript-eslint/eslint-plugin": "^6.6.0", | ||||
|     "@typescript-eslint/parser": "^6.6.0", | ||||
|     "@vercel/ncc": "^0.38.0", | ||||
|     "eslint": "^8.48.0", | ||||
|     "eslint-config-prettier": "^9.0.0", | ||||
|     "eslint-plugin-jest": "^27.2.3", | ||||
|     "eslint-plugin-prettier": "^5.0.0", | ||||
|     "jest": "^29.6.4", | ||||
|     "prettier": "^3.0.3", | ||||
|     "ts-jest": "^29.1.1", | ||||
|     "ts-node": "^10.9.1", | ||||
|     "typescript": "^5.2.2" | ||||
|     "@types/node": "^20.12.12", | ||||
|     "@typescript-eslint/eslint-plugin": "^7.9.0", | ||||
|     "@typescript-eslint/parser": "^7.9.0", | ||||
|     "@vercel/ncc": "^0.38.1", | ||||
|     "eslint": "^8.57.0", | ||||
|     "eslint-config-prettier": "^9.1.0", | ||||
|     "eslint-plugin-jest": "^28.5.0", | ||||
|     "eslint-plugin-prettier": "^5.1.3", | ||||
|     "jest": "^29.7.0", | ||||
|     "prettier": "^3.2.5", | ||||
|     "ts-jest": "^29.1.2", | ||||
|     "ts-node": "^10.9.2", | ||||
|     "typescript": "^5.4.5" | ||||
|   } | ||||
| } | ||||
|   | ||||
| @@ -5,14 +5,15 @@ import {NodeHttpHandler} from '@smithy/node-http-handler'; | ||||
| import {HttpProxyAgent} from 'http-proxy-agent'; | ||||
| import {HttpsProxyAgent} from 'https-proxy-agent'; | ||||
|  | ||||
| const ecrRegistryRegex = /^(([0-9]{12})\.dkr\.ecr\.(.+)\.amazonaws\.com(.cn)?)(\/([^:]+)(:.+)?)?$/; | ||||
| const ecrRegistryRegex = /^(([0-9]{12})\.(dkr\.ecr|dkr-ecr)\.(.+)\.(on\.aws|amazonaws\.com(.cn)?))(\/([^:]+)(:.+)?)?$/; | ||||
| const ecrPublicRegistryRegex = /public\.ecr\.aws|ecr-public\.aws\.com/; | ||||
|  | ||||
| export const isECR = (registry: string): boolean => { | ||||
|   return ecrRegistryRegex.test(registry) || isPubECR(registry); | ||||
| }; | ||||
|  | ||||
| export const isPubECR = (registry: string): boolean => { | ||||
|   return registry === 'public.ecr.aws'; | ||||
|   return ecrPublicRegistryRegex.test(registry); | ||||
| }; | ||||
|  | ||||
| export const getRegion = (registry: string): string => { | ||||
| @@ -23,7 +24,7 @@ export const getRegion = (registry: string): string => { | ||||
|   if (!matches) { | ||||
|     return ''; | ||||
|   } | ||||
|   return matches[3]; | ||||
|   return matches[4]; | ||||
| }; | ||||
|  | ||||
| export const getAccountIDs = (registry: string): string[] => { | ||||
|   | ||||
| @@ -1,6 +1,7 @@ | ||||
| import * as aws from './aws'; | ||||
| import * as core from '@actions/core'; | ||||
| import {Exec} from '@docker/actions-toolkit/lib/exec'; | ||||
|  | ||||
| import {Docker} from '@docker/actions-toolkit/lib/docker/docker'; | ||||
|  | ||||
| export async function login(registry: string, username: string, password: string, ecr: string): Promise<void> { | ||||
|   if (/true/i.test(ecr) || (ecr == 'auto' && aws.isECR(registry))) { | ||||
| @@ -11,7 +12,7 @@ export async function login(registry: string, username: string, password: string | ||||
| } | ||||
|  | ||||
| export async function logout(registry: string): Promise<void> { | ||||
|   await Exec.getExecOutput('docker', ['logout', registry], { | ||||
|   await Docker.getExecOutput(['logout', registry], { | ||||
|     ignoreReturnCode: true | ||||
|   }).then(res => { | ||||
|     if (res.stderr.length > 0 && res.exitCode != 0) { | ||||
| @@ -21,9 +22,15 @@ export async function logout(registry: string): Promise<void> { | ||||
| } | ||||
|  | ||||
| export async function loginStandard(registry: string, username: string, password: string): Promise<void> { | ||||
|   if (!username || !password) { | ||||
|   if (!username && !password) { | ||||
|     throw new Error('Username and password required'); | ||||
|   } | ||||
|   if (!username) { | ||||
|     throw new Error('Username required'); | ||||
|   } | ||||
|   if (!password) { | ||||
|     throw new Error('Password required'); | ||||
|   } | ||||
|  | ||||
|   const loginArgs: Array<string> = ['login', '--password-stdin']; | ||||
|   loginArgs.push('--username', username); | ||||
| @@ -34,7 +41,7 @@ export async function loginStandard(registry: string, username: string, password | ||||
|   } else { | ||||
|     core.info(`Logging into Docker Hub...`); | ||||
|   } | ||||
|   await Exec.getExecOutput('docker', loginArgs, { | ||||
|   await Docker.getExecOutput(loginArgs, { | ||||
|     ignoreReturnCode: true, | ||||
|     silent: true, | ||||
|     input: Buffer.from(password) | ||||
| @@ -51,7 +58,7 @@ export async function loginECR(registry: string, username: string, password: str | ||||
|   const regDatas = await aws.getRegistriesData(registry, username, password); | ||||
|   for (const regData of regDatas) { | ||||
|     core.info(`Logging into ${regData.registry}...`); | ||||
|     await Exec.getExecOutput('docker', ['login', '--password-stdin', '--username', regData.username, regData.registry], { | ||||
|     await Docker.getExecOutput(['login', '--password-stdin', '--username', regData.username, regData.registry], { | ||||
|       ignoreReturnCode: true, | ||||
|       silent: true, | ||||
|       input: Buffer.from(regData.password) | ||||
|   | ||||
		Reference in New Issue
	
	Block a user