mirror of
https://github.com/docker/bake-action.git
synced 2026-06-05 01:38:39 +02:00
Compare commits
17 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 CrazyMax
|
2e3d19baed | ||
|
CrazyMax
|
22815eb8f2 | ||
|
CrazyMax
|
c24ab5d426 | ||
|
CrazyMax
|
64673bcfac | ||
|
CrazyMax
|
f05b0ee234 | ||
|
dependabot[bot]
|
6161d12436 | ||
|
CrazyMax
|
e626c7390c | ||
|
CrazyMax
|
7e8997e58f | ||
|
dependabot[bot]
|
9a9d8805d1 | ||
|
CrazyMax
|
cdf7e1c5cb | ||
|
dependabot[bot]
|
01036657a2 | ||
|
CrazyMax
|
76cc8060bd | ||
|
CrazyMax
|
4cfe868c6e | ||
|
CrazyMax
|
fa256f8a0c | ||
|
CrazyMax
|
8cea75c238 | ||
|
CrazyMax
|
a7cc98928a | ||
|
dependabot[bot]
|
1b8b2f2b02 |
@@ -691,3 +691,25 @@ jobs:
|
||||
./lint.hcl
|
||||
env:
|
||||
DOCKER_BUILD_CHECKS_ANNOTATIONS: false
|
||||
|
||||
allow:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
-
|
||||
name: Checkout
|
||||
uses: actions/checkout@v4
|
||||
-
|
||||
name: Set up Docker Buildx
|
||||
uses: docker/setup-buildx-action@v3
|
||||
with:
|
||||
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
|
||||
driver-opts: |
|
||||
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
|
||||
-
|
||||
name: Build
|
||||
uses: ./
|
||||
with:
|
||||
files: |
|
||||
./test/config.hcl
|
||||
allow: network.host
|
||||
targets: app-entitlements
|
||||
|
||||
@@ -184,6 +184,7 @@ The following inputs can be used as `step.with` keys
|
||||
|----------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
|
||||
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
|
||||
| `source` | String | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/customize/bake/file-definition/#remote-definition) |
|
||||
| `allow` | List/CSV | Allow build to access specified resources (e.g., `network.host`) |
|
||||
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
|
||||
| `workdir` | String | Working directory of execution |
|
||||
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
|
||||
@@ -193,7 +194,7 @@ The following inputs can be used as `step.with` keys
|
||||
| `provenance` | Bool/String | [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance` |
|
||||
| `push` | Bool | Push is a shorthand for `--set=*.output=type=registry` (default `false`) |
|
||||
| `sbom` | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` |
|
||||
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (eg: `targetpattern.key=value`) |
|
||||
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) |
|
||||
| `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |
|
||||
|
||||
### outputs
|
||||
|
||||
@@ -330,6 +330,23 @@ describe('getArgs', () => {
|
||||
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`,
|
||||
]
|
||||
],
|
||||
[
|
||||
12,
|
||||
'0.17.0',
|
||||
new Map<string, string>([
|
||||
['allow', 'network.host'],
|
||||
['load', 'false'],
|
||||
['no-cache', 'false'],
|
||||
['push', 'false'],
|
||||
['pull', 'false'],
|
||||
]),
|
||||
[
|
||||
'bake',
|
||||
'--allow', 'network.host',
|
||||
'--metadata-file', metadataJson,
|
||||
"--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`
|
||||
]
|
||||
],
|
||||
])(
|
||||
'[%d] given %p with %p as inputs, returns %p',
|
||||
async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>) => {
|
||||
|
||||
@@ -13,6 +13,9 @@ inputs:
|
||||
source:
|
||||
description: "Context to build from. Can be either local or a remote bake definition"
|
||||
required: false
|
||||
allow:
|
||||
description: "Allow build to access specified resources (e.g., network.host)"
|
||||
required: false
|
||||
files:
|
||||
description: "List of bake definition files"
|
||||
required: false
|
||||
|
||||
+2
-2
File diff suppressed because one or more lines are too long
+1
-1
File diff suppressed because one or more lines are too long
+1
-1
@@ -27,7 +27,7 @@
|
||||
"packageManager": "yarn@3.6.3",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.1",
|
||||
"@docker/actions-toolkit": "^0.37.0",
|
||||
"@docker/actions-toolkit": "^0.39.0",
|
||||
"handlebars": "^4.7.8"
|
||||
},
|
||||
"devDependencies": {
|
||||
|
||||
@@ -11,6 +11,7 @@ import {Util} from '@docker/actions-toolkit/lib/util';
|
||||
import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake';
|
||||
|
||||
export interface Inputs {
|
||||
allow: string[];
|
||||
builder: string;
|
||||
files: string[];
|
||||
workdir: string;
|
||||
@@ -28,6 +29,7 @@ export interface Inputs {
|
||||
|
||||
export async function getInputs(): Promise<Inputs> {
|
||||
return {
|
||||
allow: Util.getInputList('allow'),
|
||||
builder: core.getInput('builder'),
|
||||
files: Util.getInputList('files'),
|
||||
workdir: core.getInput('workdir') || '.',
|
||||
@@ -80,6 +82,11 @@ async function getBakeArgs(inputs: Inputs, definition: BakeDefinition, toolkit:
|
||||
if (inputs.source) {
|
||||
args.push(inputs.source);
|
||||
}
|
||||
if (await toolkit.buildx.versionSatisfies('>=0.17.0')) {
|
||||
if (inputs.allow.length > 0) {
|
||||
args.push('--allow', inputs.allow.join(','));
|
||||
}
|
||||
}
|
||||
await Util.asyncForEach(inputs.files, async file => {
|
||||
args.push('--file', file);
|
||||
});
|
||||
|
||||
+4
-4
@@ -184,13 +184,13 @@ actionsToolkit.run(
|
||||
if (!buildSummaryEnabled()) {
|
||||
core.info('Build summary disabled');
|
||||
} else if (GitHub.isGHES) {
|
||||
core.warning('Build summary is not yet supported on GHES');
|
||||
core.info('Build summary is not yet supported on GHES');
|
||||
} else if (!(await toolkit.buildx.versionSatisfies('>=0.13.0'))) {
|
||||
core.warning('Build summary requires Buildx >= 0.13.0');
|
||||
core.info('Build summary requires Buildx >= 0.13.0');
|
||||
} else if (builder && builder.driver === 'cloud') {
|
||||
core.warning('Build summary is not yet supported with Docker Build Cloud');
|
||||
core.info('Build summary is not yet supported with Docker Build Cloud');
|
||||
} else if (refs.length == 0) {
|
||||
core.warning('Build summary requires at least one build reference');
|
||||
core.info('Build summary requires at least one build reference');
|
||||
} else {
|
||||
core.info('Build summary supported!');
|
||||
stateHelper.setSummarySupported();
|
||||
|
||||
@@ -42,3 +42,8 @@ target "app-proxy" {
|
||||
inherits = ["app"]
|
||||
dockerfile = "proxy.Dockerfile"
|
||||
}
|
||||
|
||||
target "app-entitlements" {
|
||||
inherits = ["app"]
|
||||
entitlements = ["network.host"]
|
||||
}
|
||||
|
||||
@@ -12,9 +12,9 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"@actions/artifact@npm:^2.1.8":
|
||||
version: 2.1.8
|
||||
resolution: "@actions/artifact@npm:2.1.8"
|
||||
"@actions/artifact@npm:^2.1.9":
|
||||
version: 2.1.9
|
||||
resolution: "@actions/artifact@npm:2.1.9"
|
||||
dependencies:
|
||||
"@actions/core": ^1.10.0
|
||||
"@actions/github": ^5.1.1
|
||||
@@ -30,7 +30,7 @@ __metadata:
|
||||
jwt-decode: ^3.1.2
|
||||
twirp-ts: ^2.5.0
|
||||
unzip-stream: ^0.3.1
|
||||
checksum: 51a47c21bcdac705abb61dbaef923f2760354c39bcad44a31b129e18bf31f646e5148f92ee7e1198275d1dba7bebfd1d1500ad7f62f6de1e65b57b2d092d5341
|
||||
checksum: b01404aa6b4d47186e04a64c0002100ff68a8473eafb811a3d49275a7e1135d1981ccaf527b81c4856f6da764beabe7489fd296bb287906fd7c1964dfaeef3df
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
@@ -105,7 +105,7 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"@actions/http-client@npm:^2.0.1, @actions/http-client@npm:^2.1.0, @actions/http-client@npm:^2.1.1, @actions/http-client@npm:^2.2.0, @actions/http-client@npm:^2.2.1":
|
||||
"@actions/http-client@npm:^2.0.1, @actions/http-client@npm:^2.1.0, @actions/http-client@npm:^2.1.1, @actions/http-client@npm:^2.2.0":
|
||||
version: 2.2.1
|
||||
resolution: "@actions/http-client@npm:2.2.1"
|
||||
dependencies:
|
||||
@@ -115,6 +115,16 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"@actions/http-client@npm:^2.2.3":
|
||||
version: 2.2.3
|
||||
resolution: "@actions/http-client@npm:2.2.3"
|
||||
dependencies:
|
||||
tunnel: ^0.0.6
|
||||
undici: ^5.25.4
|
||||
checksum: 5d395df575d30ae599efa10dd715e72944b015e753db61f0a823f737acbb0e99743d4a9f25e812b18ec8cc34f86c73565d075c449e01ffa891577b6595212dde
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"@actions/io@npm:^1.0.1, @actions/io@npm:^1.1.1, @actions/io@npm:^1.1.3":
|
||||
version: 1.1.3
|
||||
resolution: "@actions/io@npm:1.1.3"
|
||||
@@ -1048,16 +1058,16 @@ __metadata:
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
"@docker/actions-toolkit@npm:^0.37.0":
|
||||
version: 0.37.0
|
||||
resolution: "@docker/actions-toolkit@npm:0.37.0"
|
||||
"@docker/actions-toolkit@npm:^0.39.0":
|
||||
version: 0.39.0
|
||||
resolution: "@docker/actions-toolkit@npm:0.39.0"
|
||||
dependencies:
|
||||
"@actions/artifact": ^2.1.8
|
||||
"@actions/artifact": ^2.1.9
|
||||
"@actions/cache": ^3.2.4
|
||||
"@actions/core": ^1.10.1
|
||||
"@actions/exec": ^1.1.1
|
||||
"@actions/github": ^6.0.0
|
||||
"@actions/http-client": ^2.2.1
|
||||
"@actions/http-client": ^2.2.3
|
||||
"@actions/io": ^1.1.3
|
||||
"@actions/tool-cache": ^2.0.1
|
||||
"@azure/storage-blob": ^12.15.0
|
||||
@@ -1073,7 +1083,7 @@ __metadata:
|
||||
semver: ^7.6.3
|
||||
tar-stream: ^3.1.7
|
||||
tmp: ^0.2.3
|
||||
checksum: e0972ce4a205ddb72542cbaba3c08342ccadb198baa3093ca2b66fb926d49bed41e5b55fd1ed48df04d375529c16e1166dc0571360fc01921b30f6e55879e1f1
|
||||
checksum: 9dafe3c3e02f6f78c8da4cfb8bc726ae5eef9b6a2fedfca5d75ee6d6c559745c12aa16587dd595360f76be91803235dc66e0852e595ef7a582506fa0d4402983
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
@@ -3148,7 +3158,7 @@ __metadata:
|
||||
resolution: "docker-buildx-bake@workspace:."
|
||||
dependencies:
|
||||
"@actions/core": ^1.10.1
|
||||
"@docker/actions-toolkit": ^0.37.0
|
||||
"@docker/actions-toolkit": ^0.39.0
|
||||
"@types/node": ^20.12.12
|
||||
"@typescript-eslint/eslint-plugin": ^7.9.0
|
||||
"@typescript-eslint/parser": ^7.9.0
|
||||
@@ -5464,9 +5474,9 @@ __metadata:
|
||||
linkType: hard
|
||||
|
||||
"path-to-regexp@npm:^6.2.0":
|
||||
version: 6.2.2
|
||||
resolution: "path-to-regexp@npm:6.2.2"
|
||||
checksum: b7b0005c36f5099f9ed1fb20a820d2e4ed1297ffe683ea1d678f5e976eb9544f01debb281369dabdc26da82e6453901bf71acf2c7ed14b9243536c2a45286c33
|
||||
version: 6.3.0
|
||||
resolution: "path-to-regexp@npm:6.3.0"
|
||||
checksum: eca78602e6434a1b6799d511d375ec044e8d7e28f5a48aa5c28d57d8152fb52f3fc62fb1cfc5dfa2198e1f041c2a82ed14043d75740a2fe60e91b5089a153250
|
||||
languageName: node
|
||||
linkType: hard
|
||||
|
||||
|
||||
Reference in New Issue
Block a user