docker/bake-action
0
0
Fork 0
mirror of https://github.com/docker/bake-action.git synced 2026-06-05 01:38:39 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: docker/bake-action:v6.9.0
Branches Tags
docker/bake-action:master docker/bake-action:dependabot/github_actions/github/codeql-action-4.36.1 docker/bake-action:dependabot/github_actions/actions/checkout-6.0.3 docker/bake-action:dependabot/github_actions/docker/setup-qemu-action-4.1.0 docker/bake-action:releases/v6 docker/bake-action:releases/v3 docker/bake-action:releases/v5 docker/bake-action:releases/v4 docker/bake-action:releases/v2 docker/bake-action:releases/v1
docker/bake-action:v7.2.0 docker/bake-action:v7 docker/bake-action:v7.1.0 docker/bake-action:v7.0.0 docker/bake-action:v6.10.0 docker/bake-action:v6 docker/bake-action:v6.9.0 docker/bake-action:v6.8.0 docker/bake-action:v6.7.0 docker/bake-action:v6.6.0 docker/bake-action:v6.5.0 docker/bake-action:v6.4.0 docker/bake-action:v3 docker/bake-action:v3.2.0 docker/bake-action:v5.13.0 docker/bake-action:v5 docker/bake-action:v6.3.0 docker/bake-action:v4.7.0 docker/bake-action:v4 docker/bake-action:v5.12.0 docker/bake-action:v6.2.0 docker/bake-action:v6.1.1 docker/bake-action:v6.1.0 docker/bake-action:v6.0.0 docker/bake-action:v5.11.0 docker/bake-action:v5.10.0 docker/bake-action:v5.9.0 docker/bake-action:v5.8.0 docker/bake-action:v5.7.0 docker/bake-action:v5.6.1 docker/bake-action:v5.6.0 docker/bake-action:v5.5.0 docker/bake-action:v5.4.0 docker/bake-action:v5.3.0 docker/bake-action:v5.2.0 docker/bake-action:v5.1.0 docker/bake-action:v5.0.2 docker/bake-action:v5.0.1 docker/bake-action:v5.0.0 docker/bake-action:v4.6.0 docker/bake-action:v4.5.0 docker/bake-action:v4.4.0 docker/bake-action:v4.3.0 docker/bake-action:v4.2.0 docker/bake-action:v4.1.0 docker/bake-action:v4.0.0 docker/bake-action:v3.1.0 docker/bake-action:v3.0.1 docker/bake-action:v3.0.0 docker/bake-action:v2.3.0 docker/bake-action:v2 docker/bake-action:v2.2.0 docker/bake-action:v2.1.0 docker/bake-action:v2.0.0 docker/bake-action:v1 docker/bake-action:v1.7.0 docker/bake-action:v1.6.0 docker/bake-action:v1.5.0 docker/bake-action:v1.4.2 docker/bake-action:v1.4.1 docker/bake-action:v1.4.0 docker/bake-action:v1.3.0 docker/bake-action:v1.2.0 docker/bake-action:v1.1.3 docker/bake-action:v1.1.2 docker/bake-action:v1.1.1 docker/bake-action:v1.1.0 docker/bake-action:v1.0.0
..
compare: docker/bake-action:v4
Branches Tags
docker/bake-action:dependabot/github_actions/github/codeql-action-4.36.1 docker/bake-action:dependabot/github_actions/actions/checkout-6.0.3 docker/bake-action:dependabot/github_actions/docker/setup-qemu-action-4.1.0 docker/bake-action:master docker/bake-action:releases/v6 docker/bake-action:releases/v3 docker/bake-action:releases/v5 docker/bake-action:releases/v4 docker/bake-action:releases/v2 docker/bake-action:releases/v1
docker/bake-action:v7.2.0 docker/bake-action:v7 docker/bake-action:v7.1.0 docker/bake-action:v7.0.0 docker/bake-action:v6.10.0 docker/bake-action:v6 docker/bake-action:v6.9.0 docker/bake-action:v6.8.0 docker/bake-action:v6.7.0 docker/bake-action:v6.6.0 docker/bake-action:v6.5.0 docker/bake-action:v6.4.0 docker/bake-action:v3 docker/bake-action:v3.2.0 docker/bake-action:v5.13.0 docker/bake-action:v5 docker/bake-action:v6.3.0 docker/bake-action:v4.7.0 docker/bake-action:v4 docker/bake-action:v5.12.0 docker/bake-action:v6.2.0 docker/bake-action:v6.1.1 docker/bake-action:v6.1.0 docker/bake-action:v6.0.0 docker/bake-action:v5.11.0 docker/bake-action:v5.10.0 docker/bake-action:v5.9.0 docker/bake-action:v5.8.0 docker/bake-action:v5.7.0 docker/bake-action:v5.6.1 docker/bake-action:v5.6.0 docker/bake-action:v5.5.0 docker/bake-action:v5.4.0 docker/bake-action:v5.3.0 docker/bake-action:v5.2.0 docker/bake-action:v5.1.0 docker/bake-action:v5.0.2 docker/bake-action:v5.0.1 docker/bake-action:v5.0.0 docker/bake-action:v4.6.0 docker/bake-action:v4.5.0 docker/bake-action:v4.4.0 docker/bake-action:v4.3.0 docker/bake-action:v4.2.0 docker/bake-action:v4.1.0 docker/bake-action:v4.0.0 docker/bake-action:v3.1.0 docker/bake-action:v3.0.1 docker/bake-action:v3.0.0 docker/bake-action:v2.3.0 docker/bake-action:v2 docker/bake-action:v2.2.0 docker/bake-action:v2.1.0 docker/bake-action:v2.0.0 docker/bake-action:v1 docker/bake-action:v1.7.0 docker/bake-action:v1.6.0 docker/bake-action:v1.5.0 docker/bake-action:v1.4.2 docker/bake-action:v1.4.1 docker/bake-action:v1.4.0 docker/bake-action:v1.3.0 docker/bake-action:v1.2.0 docker/bake-action:v1.1.3 docker/bake-action:v1.1.2 docker/bake-action:v1.1.1 docker/bake-action:v1.1.0 docker/bake-action:v1.0.0

3 Commits
v6.9.0 .. v4

Author SHA1 Message Date
CrazyMax aefd381cba Merge pull request #290 from crazy-max/v4_backport_buildx-version-support 
[v4] mark buildx >= 0.20.0 as incompatible with docker/bake-action < v5
 2025-01-21 16:07:27 +01:00
CrazyMax 1a883d70d7 chore: update generated content 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2025-01-21 14:03:47 +01:00
CrazyMax 44d6ed6f31 mark buildx >= 0.20.0 as incompatible with docker/bake-action < v5 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2025-01-21 14:03:01 +01:00
35 changed files with 3062 additions and 4104 deletions
Expand all files Collapse all files
.github/bake-summary.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 253 KiB

.github/subaction-list-targets.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 8.1 KiB

.github/subaction-matrix.png
BIN
View File
Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 12 KiB

.github/workflows/ci-subaction.yml
+14 -89
View File
@@ -25,112 +25,37 @@ on:
- 'test/**'
jobs:
list-targets:
list-targets-group:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
-
testdir: group
expected: >
["t1","t2"]
-
testdir: group-matrix
target: validate
expected: >
["lint-default","lint-labs","lint-nydus","lint-proto","lint-yaml","validate-doctoc","validate-vendor"]
-
testdir: multi-files
files: |
docker-bake.json
docker-bake.hcl
expected: >
["v1-tag","v2-tag"]
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Matrix gen
id: gen
uses: ./subaction/list-targets
with:
workdir: ./test/${{ matrix.testdir }}
files: ${{ matrix.files }}
target: ${{ matrix.target }}
workdir: ./test/group
-
name: Check output
uses: actions/github-script@v7
env:
INPUT_TARGETS: ${{ steps.gen.outputs.targets }}
INPUT_EXPECTED: ${{ matrix.expected }}
with:
script: |
const targets = JSON.stringify(JSON.parse(core.getInput('targets')));
const expected = JSON.stringify(JSON.parse(core.getInput('expected')));
if (targets !== expected) {
throw new Error(`Targets do not match expected values: ${targets} != ${expected}`);
} else {
core.info(`✅`);
}
name: Show matrix
run: |
echo matrix=${{ steps.gen.outputs.matrix }}
matrix:
list-targets-group-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
-
testdir: group
expected: >
[{"target":"t1"},{"target":"t2"}]
-
testdir: group-matrix
target: validate
expected: >
[{"target":"lint-default"},{"target":"lint-labs"},{"target":"lint-nydus"},{"target":"lint-proto"},{"target":"lint-yaml"},{"target":"validate-doctoc"},{"target":"validate-vendor"}]
-
testdir: group-with-platform
target: validate
expected: >
[{"target":"lint"},{"target":"lint-gopls"},{"target":"validate-docs"},{"target":"validate-vendor"}]
-
testdir: group-with-platform
target: validate
fields: platforms
expected: >
[{"target":"lint","platforms":"darwin/amd64"},{"target":"lint","platforms":"darwin/arm64"},{"target":"lint","platforms":"linux/amd64"},{"target":"lint","platforms":"linux/arm64"},{"target":"lint","platforms":"linux/s390x"},{"target":"lint","platforms":"linux/ppc64le"},{"target":"lint","platforms":"linux/riscv64"},{"target":"lint","platforms":"windows/amd64"},{"target":"lint","platforms":"windows/arm64"},{"target":"lint-gopls","platforms":"darwin/amd64"},{"target":"lint-gopls","platforms":"darwin/arm64"},{"target":"lint-gopls","platforms":"linux/amd64"},{"target":"lint-gopls","platforms":"linux/arm64"},{"target":"lint-gopls","platforms":"linux/s390x"},{"target":"lint-gopls","platforms":"linux/ppc64le"},{"target":"lint-gopls","platforms":"linux/riscv64"},{"target":"lint-gopls","platforms":"windows/amd64"},{"target":"lint-gopls","platforms":"windows/arm64"},{"target":"validate-docs"},{"target":"validate-vendor"}]
-
testdir: group-with-platform
target: validate
fields: platforms,dockerfile
expected: >
[{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"darwin/amd64"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"darwin/arm64"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/amd64"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/arm64"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/s390x"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/ppc64le"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/riscv64"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"windows/amd64"},{"target":"lint","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"windows/arm64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"darwin/amd64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"darwin/arm64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/amd64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/arm64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/s390x"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/ppc64le"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"linux/riscv64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"windows/amd64"},{"target":"lint-gopls","dockerfile":"./hack/dockerfiles/lint.Dockerfile","platforms":"windows/arm64"},{"target":"validate-docs","dockerfile":"./hack/dockerfiles/docs.Dockerfile"},{"target":"validate-vendor","dockerfile":"./hack/dockerfiles/vendor.Dockerfile"}]
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Matrix gen
id: gen
uses: ./subaction/matrix
uses: ./subaction/list-targets
with:
workdir: ./test/${{ matrix.testdir }}
target: ${{ matrix.target }}
fields: ${{ matrix.fields }}
workdir: ./test/group-matrix
target: validate
-
name: Check output
uses: actions/github-script@v7
env:
INPUT_MATRIX: ${{ steps.gen.outputs.matrix }}
INPUT_EXPECTED: ${{ matrix.expected }}
with:
script: |
const matrix = JSON.stringify(JSON.parse(core.getInput('matrix')));
const expected = JSON.stringify(JSON.parse(core.getInput('expected')));
if (matrix !== expected) {
throw new Error(`Matrix do not match expected values: ${matrix} != ${expected}`);
} else {
core.info(`✅`);
}
name: Show matrix
run: |
echo matrix=${{ steps.gen.outputs.matrix }}
.github/workflows/ci.yml
+58 -345
View File
@@ -32,8 +32,8 @@ on:
- 'subaction/**'
env:
BUILDX_VERSION: edge
BUILDKIT_IMAGE: moby/buildkit:latest
BUILDX_VERSION: v0.18.0
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
jobs:
bake:
@@ -52,7 +52,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
@@ -69,7 +69,6 @@ jobs:
name: Build and push
uses: ./
with:
source: .
builder: ${{ steps.buildx.outputs.name }}
files: |
./test/config.hcl
@@ -82,13 +81,18 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: docker
-
name: Build
continue-on-error: true
uses: ./
with:
source: .
files: |
./test/config.hcl
set: |
@@ -99,7 +103,13 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: docker
-
name: Stop docker
run: |
@@ -110,12 +120,12 @@ jobs:
continue-on-error: true
uses: ./
with:
source: .
files: |
./test/config.hcl
-
name: Check
run: |
echo "${{ toJson(steps.bake) }}"
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
@@ -126,7 +136,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Uninstall docker cli
run: |
@@ -146,16 +156,21 @@ jobs:
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
remote:
source:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: docker
-
name: Build
uses: ./
@@ -177,7 +192,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -191,7 +206,6 @@ jobs:
uses: ./
with:
workdir: ./test/go
source: .
targets: binary
provenance: ${{ matrix.attrs }}
set: |
@@ -219,7 +233,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -233,7 +247,6 @@ jobs:
uses: ./
with:
workdir: ./test/go
source: .
targets: ${{ matrix.target }}
sbom: true
set: |
@@ -274,13 +287,18 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: docker
-
name: Build
uses: ./
with:
workdir: ./test/go
source: .
set: |
*.platform=linux/amd64
*.output=type=image,"name=localhost:5000/name/app:v1.0.0,localhost:5000/name/app:latest",push=true
@@ -296,7 +314,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -310,7 +328,6 @@ jobs:
uses: ./
with:
workdir: ./test/group
source: .
push: true
set: |
t1.tags=localhost:5000/name/app:t1
@@ -321,7 +338,13 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: docker
-
name: Set malformed docker config
run: |
@@ -331,7 +354,6 @@ jobs:
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
@@ -350,7 +372,7 @@ jobs:
curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy http://127.0.0.1:3128 -v --insecure --head https://www.google.com
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set proxy config
run: |
@@ -369,7 +391,6 @@ jobs:
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
targets: app-proxy
@@ -389,7 +410,7 @@ jobs:
curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy http://127.0.0.1:3128 -v --insecure --head https://www.google.com
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -405,7 +426,6 @@ jobs:
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
@@ -414,7 +434,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -425,13 +445,15 @@ jobs:
-
name: Build
uses: ./
with:
source: "{{defaultContext}}"
git-context-and-local:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -447,6 +469,7 @@ jobs:
name: Build
uses: ./
with:
source: "{{defaultContext}}"
files: |
cwd://${{ steps.meta.outputs.bake-file }}
@@ -460,7 +483,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -473,7 +496,6 @@ jobs:
uses: ./
with:
workdir: ./test/go
source: .
set: |
*.output=type=image,name=localhost:5000/name/app:latest,push=true
*.output=type=docker,name=app:local
@@ -504,7 +526,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
@@ -517,7 +539,6 @@ jobs:
uses: ./
with:
workdir: ./test/go
source: .
targets: image
load: true
push: true
@@ -532,338 +553,30 @@ jobs:
run: |
docker image inspect localhost:5000/name/app:latest
summary-disable:
error-buildx-latest:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_SUMMARY: false
summary-disable-deprecated:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_NO_SUMMARY: true
summary-not-supported:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: v0.12.1
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
record-upload-disable:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_RECORD_UPLOAD: false
record-retention-days:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
days:
- 2
- 0
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_RECORD_RETENTION_DAYS: ${{ matrix.days }}
export-legacy:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
legacy:
- false
- true
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
targets: app
env:
DOCKER_BUILD_EXPORT_LEGACY: ${{ matrix.legacy }}
checks:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx-version:
- edge
- v0.14.1
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ matrix.buildx-version }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
annotations-disabled:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
env:
DOCKER_BUILD_CHECKS_ANNOTATIONS: false
allow:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx-version:
- edge
- v0.19.0
- v0.18.0
- v0.17.1
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ matrix.buildx-version }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
allow: network.host
targets: app-entitlements
no-default-attestations:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Build
uses: ./
with:
source: .
files: |
./test/config.hcl
env:
BUILDX_NO_DEFAULT_ATTESTATIONS: 1
call-check:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
version: v0.20.0
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
call: check
targets: lint
./test/config.hcl
-
name: Check
run: |
echo "${{ toJson(steps.bake) }}"
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
fi
call-check-multi:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
call: check
-
name: Check
run: |
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
fi
call-check-nowarning:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
source: .
files: |
./test/config.hcl
call: check
.github/workflows/pr-assign-author.yml
-17
View File
@@ -1,17 +0,0 @@
name: pr-assign-author
permissions:
contents: read
on:
pull_request_target:
types:
- opened
- reopened
jobs:
run:
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@1b673f36fad86812f538c1df9794904038a23cbf
permissions:
contents: read
pull-requests: write
.github/workflows/publish.yml
-21
View File
@@ -1,21 +0,0 @@
name: publish
on:
release:
types:
- published
jobs:
publish:
runs-on: ubuntu-latest
permissions:
contents: read
id-token: write
packages: write
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Publish
uses: actions/publish-immutable-action@v0.0.4
.github/workflows/test.yml
+4 -5
View File
@@ -23,16 +23,15 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: Test
uses: docker/bake-action@v6
uses: docker/bake-action@v4
with:
source: .
targets: test
-
name: Upload coverage
uses: codecov/codecov-action@v5
uses: codecov/codecov-action@v4
with:
files: ./coverage/clover.xml
file: ./coverage/clover.xml
token: ${{ secrets.CODECOV_TOKEN }}
.github/workflows/validate.yml
+5 -2
View File
@@ -19,7 +19,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v5
uses: actions/checkout@v4
-
name: List targets
id: generate
@@ -36,8 +36,11 @@ jobs:
matrix:
target: ${{ fromJson(needs.prepare.outputs.targets) }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Validate
uses: docker/bake-action@v6
uses: docker/bake-action@v4
with:
targets: ${{ matrix.target }}
.yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
Vendored
+541
View File
File diff suppressed because one or more lines are too long
.yarnrc.yml
+4 -8
View File
@@ -1,9 +1,3 @@
# https://yarnpkg.com/configuration/yarnrc
compressionLevel: mixed
enableGlobalCache: false
enableHardenedMode: true
logFilters:
- code: YN0013
level: discard
@@ -11,7 +5,9 @@ logFilters:
level: discard
- code: YN0076
level: discard
- code: YN0086
level: discard
nodeLinker: node-modules
plugins:
- path: .yarn/plugins/@yarnpkg/plugin-interactive-tools.cjs
spec: "@yarnpkg/plugin-interactive-tools"
README.md
+132 -114
View File
@@ -14,64 +14,95 @@ as a high-level build command.
___
* [Usage](#usage)
* [Git context](#git-context)
* [Path context](#path-context)
* [Summaries](#summaries)
* [Git context](#git-context)
* [Customizing](#customizing)
* [inputs](#inputs)
* [outputs](#outputs)
* [environment variables](#environment-variables)
* [Subactions](#subactions)
* [`matrix`](subaction/matrix)
* [`list-targets`](#list-targets)
* [Contributing](#contributing)
## Usage
### Git context
### Path context
Since `v6` this action uses the [Git context](https://docs.docker.com/build/bake/remote-definition/)
to build from a remote bake definition by default like the [build-push-action](https://github.com/docker/build-push-action)
does. This means that you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/)
action to check out the repository as [BuildKit](https://docs.docker.com/build/buildkit/)
will do this directly.
The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows)
and will result in the following context: `https://github.com/<owner>/<repo>.git#<ref>`.
By default, this action will use the local bake definition (`source: .`), so
you need to use the [`actions/checkout`](https://github.com/actions/checkout/)
action to check out the repository.
```yaml
name: ci
on:
push:
branches:
- 'master'
jobs:
bake:
runs-on: ubuntu-latest
steps:
-
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
name: Checkout
uses: actions/checkout@v4
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v4
with:
push: true
set: |
*.tags=user/app:latest
```
### Git context
Git context can be provided using the [`source` input](#inputs). This means
that you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/)
action to check out the repository as [BuildKit](https://docs.docker.com/build/buildkit/)
will do this directly.
```yaml
name: ci
on:
push:
branches:
- 'master'
jobs:
bake:
runs-on: ubuntu-latest
steps:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/bake-action@v4
with:
source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}"
push: true
```
Be careful because **any file mutation in the steps that precede the build step
will be ignored, including processing of the `.dockerignore` file** since
the context is based on the Git reference. However, you can use the
[Path context](#path-context) using the [`source` input](#inputs) alongside
the [`actions/checkout`](https://github.com/actions/checkout/) action to remove
this restriction.
[Path context](#path-context) alongside the [`actions/checkout`](https://github.com/actions/checkout/)
action to remove this restriction.
Default Git context can also be provided using the [Handlebars template](https://handlebarsjs.com/guide/)
expression `{{defaultContext}}`. Here we can use it to provide a subdirectory
@@ -80,12 +111,10 @@ to the default Git context:
```yaml
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v4
with:
source: "{{defaultContext}}:mysubdir"
push: true
set: |
*.tags=user/app:latest
```
Building from the current repository automatically uses the `GITHUB_TOKEN`
@@ -100,82 +129,14 @@ another private repository for remote definitions, you can set the
```yaml
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v4
with:
source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}"
push: true
set: |
*.tags=user/app:latest
env:
BUILDX_BAKE_GIT_AUTH_TOKEN: ${{ secrets.MYTOKEN }}
```
### Path context
```yaml
name: ci
on:
push:
jobs:
bake:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Login to DockerHub
uses: docker/login-action@v3
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Build and push
uses: docker/bake-action@v6
with:
source: .
push: true
set: |
*.tags=user/app:latest
```
## Summaries
This action generates a [job summary](https://github.blog/2022-05-09-supercharging-github-actions-with-job-summaries/)
that provides a detailed overview of the build execution. The summary shows an
overview of all the steps executed during the build, including the build
inputs, bake definition, and eventual errors.
![build-push-action job summary](./.github/bake-summary.png)
The summary also includes a link for downloading a build record archive with
additional details about the build execution for all the bake targets,
including build stats, logs, outputs, and more. The build record can be
imported to Docker Desktop for inspecting the build in greater detail.
> [!WARNING]
>
> If you're using the [`actions/download-artifact`](https://github.com/actions/download-artifact)
> action in your workflow, you need to ignore the build record artifacts
> if `name` and `pattern` inputs are not specified ([defaults to download all artifacts](https://github.com/actions/download-artifact?tab=readme-ov-file#download-all-artifacts) of the workflow),
> otherwise the action will fail:
> ```yaml
> - uses: actions/download-artifact@v4
> with:
> pattern: "!*.dockerbuild"
> ```
> More info: https://github.com/actions/toolkit/pull/1874
Summaries are enabled by default, but can be disabled with the
`DOCKER_BUILD_SUMMARY` [environment variable](#environment-variables).
For more information about summaries, refer to the
[documentation](https://docs.docker.com/go/build-summary/).
## Customizing
### inputs
@@ -200,19 +161,17 @@ The following inputs can be used as `step.with` keys
| Name | Type | Description |
|----------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `workdir` | String | Working directory of execution |
| `source` | String | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/bake/remote-definition/) |
| `allow` | List/CSV | Allow build to access specified resources (e.g., `network.host`) |
| `call` | String | Set method for evaluating build (e.g., check) |
| `source` | String | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/customize/bake/file-definition/#remote-definition) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `workdir` | String | Working directory of execution |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `no-cache` | Bool | Do not use cache when building the image (default `false`) |
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) |
| `load` | Bool | Load is a shorthand for `--set=*.output=type=docker` (default `false`) |
| `provenance` | Bool/String | [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance` |
| `push` | Bool | Push is a shorthand for `--set=*.output=type=registry` (default `false`) |
| `sbom` | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` |
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (eg: `targetpattern.key=value`) |
| `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |
### outputs
@@ -223,19 +182,78 @@ The following outputs are available
|------------|------|-----------------------|
| `metadata` | JSON | Build result metadata |
### environment variables
| Name | Type | Default | Description |
|--------------------------------------|--------|---------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `DOCKER_BUILD_CHECKS_ANNOTATIONS` | Bool | `true` | If `false`, GitHub annotations are not generated for [build checks](https://docs.docker.com/build/checks/) |
| `DOCKER_BUILD_SUMMARY` | Bool | `true` | If `false`, [build summary](https://docs.docker.com/build/ci/github-actions/build-summary/) generation is disabled |
| `DOCKER_BUILD_RECORD_UPLOAD` | Bool | `true` | If `false`, build record upload as [GitHub artifact](https://docs.github.com/en/actions/using-workflows/storing-workflow-data-as-artifacts) is disabled |
| `DOCKER_BUILD_RECORD_RETENTION_DAYS` | Number | | Duration after which build record artifact will expire in days. Defaults to repository/org [retention settings](https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy) if unset or `0` |
| `DOCKER_BUILD_EXPORT_LEGACY` | Bool | `false` | If `true`, exports build using legacy export-build tool instead of [`buildx history export` command](https://docs.docker.com/reference/cli/docker/buildx/history/export/) |
## Subactions
* [`matrix`](subaction/matrix)
### `list-targets`
This subaction generates a list of Bake targets that can be used in a [GitHub matrix](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix),
so you can distribute your builds across multiple runners.
```hcl
# docker-bake.hcl
group "validate" {
targets = ["lint", "doctoc"]
}
target "lint" {
target = "lint"
}
target "doctoc" {
target = "doctoc"
}
```
```yaml
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
targets: ${{ steps.generate.outputs.targets }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: List targets
id: generate
uses: docker/bake-action/subaction/list-targets@v4
with:
target: validate
validate:
runs-on: ubuntu-latest
needs:
- prepare
strategy:
fail-fast: false
matrix:
target: ${{ fromJson(needs.prepare.outputs.targets) }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Validate
uses: docker/bake-action@v4
with:
targets: ${{ matrix.target }}
```
#### inputs
| Name | Type | Description |
|--------------|-------------|---------------------------------------------------------------------------------------------------------------------------------------------|
| `workdir` | String | Working directory to use (defaults to `.`) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `target` | String | The target to use within the bake file |
#### outputs
The following outputs are available
| Name | Type | Description |
|------------|----------|----------------------------|
| `targets` | List/CSV | List of extracted targest |
## Contributing
__tests__/context.test.ts
+21 -109
View File
@@ -1,4 +1,4 @@
import {afterEach, beforeEach, describe, expect, jest, test} from '@jest/globals';
import {beforeEach, describe, expect, jest, test} from '@jest/globals';
import * as fs from 'fs';
import * as path from 'path';
@@ -122,7 +122,6 @@ jest.spyOn(Bake.prototype, 'getDefinition').mockImplementation(async (): Promise
});
describe('getArgs', () => {
const originalEnv = process.env;
beforeEach(() => {
process.env = Object.keys(process.env).reduce((object, key) => {
if (!key.startsWith('INPUT_')) {
@@ -131,9 +130,6 @@ describe('getArgs', () => {
return object;
}, {});
});
afterEach(() => {
process.env = originalEnv;
});
// prettier-ignore
test.each([
@@ -141,7 +137,6 @@ describe('getArgs', () => {
0,
'0.4.1',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -149,14 +144,12 @@ describe('getArgs', () => {
]),
[
'bake',
],
undefined
]
],
[
1,
'0.8.2',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -165,14 +158,12 @@ describe('getArgs', () => {
[
'bake',
'--metadata-file', metadataJson
],
undefined
]
],
[
2,
'0.8.2',
new Map<string, string>([
['source', '.'],
['targets', 'webapp\nvalidate'],
['load', 'false'],
['no-cache', 'false'],
@@ -183,14 +174,12 @@ describe('getArgs', () => {
'bake',
'--metadata-file', metadataJson,
'webapp', 'validate'
],
undefined
]
],
[
3,
'0.8.2',
new Map<string, string>([
['source', '.'],
['set', '*.cache-from=type=gha\n*.cache-to=type=gha'],
['load', 'false'],
['no-cache', 'false'],
@@ -202,14 +191,12 @@ describe('getArgs', () => {
'--set', '*.cache-from=type=gha',
'--set', '*.cache-to=type=gha',
'--metadata-file', metadataJson
],
undefined
]
],
[
4,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -218,15 +205,13 @@ describe('getArgs', () => {
[
'bake',
'--metadata-file', metadataJson,
"--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`,
],
undefined
"--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
]
],
[
5,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -236,15 +221,13 @@ describe('getArgs', () => {
[
'bake',
'--metadata-file', metadataJson,
"--provenance", `builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`
],
undefined
"--provenance", `builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`
]
],
[
6,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -254,15 +237,13 @@ describe('getArgs', () => {
[
'bake',
'--metadata-file', metadataJson,
"--provenance", `mode=max,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`
],
undefined
"--provenance", `mode=max,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`
]
],
[
7,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -273,14 +254,12 @@ describe('getArgs', () => {
'bake',
'--metadata-file', metadataJson,
"--provenance", 'false'
],
undefined
]
],
[
8,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -291,14 +270,12 @@ describe('getArgs', () => {
'bake',
'--metadata-file', metadataJson,
"--provenance", 'builder-id=foo'
],
undefined
]
],
[
9,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -311,16 +288,14 @@ describe('getArgs', () => {
'--set', '*.platform=linux/amd64,linux/ppc64le,linux/s390x',
'--set', `*.output=type=image,"name=moby/buildkit:v0.11.0,moby/buildkit:latest",push=true`,
'--metadata-file', metadataJson,
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`,
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
'image-all'
],
undefined
]
],
[
10,
'0.10.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -332,15 +307,15 @@ describe('getArgs', () => {
'bake',
'--set', `*.labels.foo=bar=#baz`,
'--metadata-file', metadataJson,
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`,
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
'image-all'
],
undefined
]
],
[
11,
'0.10.0',
new Map<string, string>([
['source', '{{defaultContext}}'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@@ -352,75 +327,12 @@ describe('getArgs', () => {
'https://github.com/docker/build-push-action.git#refs/heads/master',
'--file', './foo.hcl',
'--metadata-file', metadataJson,
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`,
],
undefined
],
[
12,
'0.17.0',
new Map<string, string>([
['source', '.'],
['allow', 'network.host'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
]),
[
'bake',
'--allow', 'network.host',
'--metadata-file', metadataJson,
"--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`
],
undefined
],
[
13,
'0.15.0',
new Map<string, string>([
['source', '{{defaultContext}}:subdir'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['files', './foo.hcl'],
]),
[
'bake',
'https://github.com/docker/build-push-action.git#refs/heads/master:subdir',
'--file', './foo.hcl',
'--metadata-file', metadataJson,
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`,
],
undefined
],
[
14,
'0.15.0',
new Map<string, string>([
['source', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false']
]),
[
'bake',
'--metadata-file', metadataJson
],
new Map<string, string>([
['BUILDX_NO_DEFAULT_ATTESTATIONS', '1']
])
'--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
]
],
])(
'[%d] given %p with %p as inputs, returns %p',
async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>, envs: Map<string, string> | undefined) => {
if (envs) {
envs.forEach((value: string, name: string) => {
process.env[name] = value;
});
}
async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>) => {
inputs.forEach((value: string, name: string) => {
setInput(name, value);
});
action.yml
+8 -14
View File
@@ -10,21 +10,18 @@ inputs:
builder:
description: "Builder instance"
required: false
source:
description: "Context to build from. Can be either local or a remote bake definition"
required: false
files:
description: "List of bake definition files"
required: false
workdir:
description: "Working directory of bake execution"
required: false
default: '.'
source:
description: "Context to build from. Can be either local or a remote bake definition"
required: false
allow:
description: "Allow build to access specified resources (e.g., network.host)"
required: false
call:
description: "Set method for evaluating build (e.g., check)"
required: false
files:
description: "List of bake definition files"
targets:
description: "List of bake targets"
required: false
no-cache:
description: "Do not use cache when building the image"
@@ -51,9 +48,6 @@ inputs:
set:
description: "List of targets values to override (eg. targetpattern.key=value)"
required: false
targets:
description: "List of bake targets"
required: false
github-token:
description: "API token used to authenticate to a Git repository for remote definitions"
default: ${{ github.token }}
dist/index.js
Generated Vendored
+18 -19
View File
File diff suppressed because one or more lines are too long
dist/index.js.map
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
dist/licenses.txt
Generated Vendored
+6 -24
View File
@@ -2358,6 +2358,9 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
dot-object
MIT
encoding
MIT
Copyright (c) 2012-2014 Andris Reinman
@@ -2513,30 +2516,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
he
MIT
Copyright Mathias Bynens <https://mathiasbynens.be/>
Permission is hereby granted, free of charge, to any person obtaining
a copy of this software and associated documentation files (the
"Software"), to deal in the Software without restriction, including
without limitation the rights to use, copy, modify, merge, publish,
distribute, sublicense, and/or sell copies of the Software, and to
permit persons to whom the Software is furnished to do so, subject to
the following conditions:
The above copyright notice and this permission notice shall be
included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
iconv-lite
MIT
Copyright (c) 2011 Alexander Shtuchkin
@@ -3688,6 +3667,9 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
twirp-ts
MIT
undici
MIT
MIT License
dist/sourcemap-register.js
Generated Vendored
+1 -1
View File
File diff suppressed because one or more lines are too long
docker-bake.hcl
-13
View File
@@ -1,9 +1,3 @@
target "_common" {
args = {
BUILDKIT_CONTEXT_KEEP_GIT_DIR = 1
}
}
group "default" {
targets = ["build"]
}
@@ -17,49 +11,42 @@ group "validate" {
}
target "build" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "build-update"
output = ["."]
}
target "build-validate" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "build-validate"
output = ["type=cacheonly"]
}
target "format" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "format-update"
output = ["."]
}
target "lint" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "lint"
output = ["type=cacheonly"]
}
target "vendor" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "vendor-update"
output = ["."]
}
target "vendor-validate" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "vendor-validate"
output = ["type=cacheonly"]
}
target "test" {
inherits = ["_common"]
dockerfile = "dev.Dockerfile"
target = "test-coverage"
output = ["./coverage"]
package.json
+14 -14
View File
@@ -24,25 +24,25 @@
],
"author": "Docker Inc.",
"license": "Apache-2.0",
"packageManager": "yarn@4.9.2",
"packageManager": "yarn@3.6.3",
"dependencies": {
"@actions/core": "^1.11.1",
"@docker/actions-toolkit": "^0.63.0",
"@actions/core": "^1.10.1",
"@docker/actions-toolkit": "^0.24.0",
"handlebars": "^4.7.8"
},
"devDependencies": {
"@types/node": "^20.19.9",
"@typescript-eslint/eslint-plugin": "^7.18.0",
"@typescript-eslint/parser": "^7.18.0",
"@vercel/ncc": "^0.38.3",
"eslint": "^8.57.1",
"eslint-config-prettier": "^9.1.2",
"eslint-plugin-jest": "^28.14.0",
"eslint-plugin-prettier": "^5.5.4",
"@types/node": "^20.12.12",
"@typescript-eslint/eslint-plugin": "^7.9.0",
"@typescript-eslint/parser": "^7.9.0",
"@vercel/ncc": "^0.38.1",
"eslint": "^8.57.0",
"eslint-config-prettier": "^9.1.0",
"eslint-plugin-jest": "^28.5.0",
"eslint-plugin-prettier": "^5.1.3",
"jest": "^29.7.0",
"prettier": "^3.6.2",
"ts-jest": "^29.4.1",
"prettier": "^3.2.5",
"ts-jest": "^29.1.2",
"ts-node": "^10.9.2",
"typescript": "^5.9.2"
"typescript": "^5.4.5"
}
}
src/context.ts
+7 -36
View File
@@ -12,11 +12,9 @@ import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake';
export interface Inputs {
builder: string;
workdir: string;
source: string;
allow: string[];
call: string;
files: string[];
workdir: string;
targets: string[];
'no-cache': boolean;
pull: boolean;
load: boolean;
@@ -24,18 +22,16 @@ export interface Inputs {
push: boolean;
sbom: string;
set: string[];
targets: string[];
source: string;
'github-token': string;
}
export async function getInputs(): Promise<Inputs> {
return {
builder: core.getInput('builder'),
workdir: core.getInput('workdir') || '.',
source: getSourceInput('source'),
allow: Util.getInputList('allow'),
call: core.getInput('call'),
files: Util.getInputList('files'),
workdir: core.getInput('workdir') || '.',
targets: Util.getInputList('targets'),
'no-cache': core.getBooleanInput('no-cache'),
pull: core.getBooleanInput('pull'),
load: core.getBooleanInput('load'),
@@ -43,7 +39,7 @@ export async function getInputs(): Promise<Inputs> {
push: core.getBooleanInput('push'),
sbom: core.getInput('sbom'),
set: Util.getInputList('set', {ignoreComma: true, quote: false}),
targets: Util.getInputList('targets'),
source: getSourceInput('source'),
'github-token': core.getInput('github-token')
};
}
@@ -62,21 +58,6 @@ async function getBakeArgs(inputs: Inputs, definition: BakeDefinition, toolkit:
if (inputs.source) {
args.push(inputs.source);
}
if (await toolkit.buildx.versionSatisfies('>=0.17.0')) {
if (await toolkit.buildx.versionSatisfies('>=0.18.0')) {
// allow filesystem entitlements by default
inputs.allow.push('fs=*');
}
await Util.asyncForEach(inputs.allow, async allow => {
args.push('--allow', allow);
});
}
if (inputs.call) {
if (!(await toolkit.buildx.versionSatisfies('>=0.16.0'))) {
throw new Error(`Buildx >= 0.16.0 is required to use the call flag.`);
}
args.push('--call', inputs.call);
}
await Util.asyncForEach(inputs.files, async file => {
args.push('--file', file);
});
@@ -89,7 +70,7 @@ async function getBakeArgs(inputs: Inputs, definition: BakeDefinition, toolkit:
if (await toolkit.buildx.versionSatisfies('>=0.10.0')) {
if (inputs.provenance) {
args.push('--provenance', inputs.provenance);
} else if (!noDefaultAttestations() && (await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !Bake.hasDockerExporter(definition, inputs.load)) {
} else if ((await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !Bake.hasDockerExporter(definition, inputs.load)) {
// if provenance not specified and BuildKit version compatible for
// attestation, set default provenance. Also needs to make sure user
// doesn't want to explicitly load the image to docker.
@@ -133,18 +114,8 @@ function getSourceInput(name: string): string {
let source = handlebars.compile(core.getInput(name))({
defaultContext: Context.gitContext()
});
if (!source) {
source = Context.gitContext();
}
if (source === '.') {
source = '';
}
return source;
}
function noDefaultAttestations(): boolean {
if (process.env.BUILDX_NO_DEFAULT_ATTESTATIONS) {
return Util.parseBool(process.env.BUILDX_NO_DEFAULT_ATTESTATIONS);
}
return false;
}
src/main.ts
+10 -206
View File
@@ -3,19 +3,14 @@ import * as path from 'path';
import * as core from '@actions/core';
import * as actionsToolkit from '@docker/actions-toolkit';
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx';
import {History as BuildxHistory} from '@docker/actions-toolkit/lib/buildx/history';
import {Context} from '@docker/actions-toolkit/lib/context';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
import {Exec} from '@docker/actions-toolkit/lib/exec';
import {GitHub} from '@docker/actions-toolkit/lib/github';
import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
import {Util} from '@docker/actions-toolkit/lib/util';
import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake';
import {BuilderInfo} from '@docker/actions-toolkit/lib/types/buildx/builder';
import {ConfigFile} from '@docker/actions-toolkit/lib/types/docker/docker';
import {UploadArtifactResponse} from '@docker/actions-toolkit/lib/types/github';
import * as context from './context';
import * as stateHelper from './state-helper';
@@ -23,13 +18,12 @@ import * as stateHelper from './state-helper';
actionsToolkit.run(
// main
async () => {
const startedTime = new Date();
const inputs: context.Inputs = await context.getInputs();
stateHelper.setSummaryInputs(inputs);
core.debug(`inputs: ${JSON.stringify(inputs)}`);
const toolkit = new Toolkit();
if (await toolkit.buildx.versionSatisfies('>=0.20.0')) {
throw new Error('docker/bake-action < v5 is not compatible with buildx >= 0.20.0, please update your workflow to latest docker/bake-action or use an older buildx version.');
}
const gitAuthToken = process.env.BUILDX_BAKE_GIT_AUTH_TOKEN ?? inputs['github-token'];
await core.group(`GitHub Actions runtime token ACs`, async () => {
@@ -85,11 +79,8 @@ actionsToolkit.run(
await toolkit.buildx.printVersion();
});
let builder: BuilderInfo;
await core.group(`Builder info`, async () => {
builder = await toolkit.builder.inspect(inputs.builder);
stateHelper.setBuilderDriver(builder.driver ?? '');
stateHelper.setBuilderEndpoint(builder.nodes?.[0]?.endpoint ?? '');
const builder = await toolkit.builder.inspect(inputs.builder);
core.info(JSON.stringify(builder, null, 2));
});
@@ -97,7 +88,6 @@ actionsToolkit.run(
await core.group(`Parsing raw definition`, async () => {
definition = await toolkit.buildxBake.getDefinition(
{
allow: inputs.allow,
files: inputs.files,
load: inputs.load,
noCache: inputs['no-cache'],
@@ -117,55 +107,29 @@ actionsToolkit.run(
if (!definition) {
throw new Error('Bake definition not set');
}
stateHelper.setBakeDefinition(definition);
const args: string[] = await context.getArgs(inputs, definition, toolkit);
const buildCmd = await toolkit.buildx.getCommand(args);
const buildEnv = Object.assign({}, process.env, {
BUILDX_BAKE_GIT_AUTH_TOKEN: gitAuthToken,
BUILDX_METADATA_WARNINGS: 'true'
BUILDX_BAKE_GIT_AUTH_TOKEN: gitAuthToken
}) as {
[key: string]: string;
};
await core.group(`Bake definition`, async () => {
await Exec.getExecOutput(buildCmd.command, [...buildCmd.args, '--print'], {
await Exec.exec(buildCmd.command, [...buildCmd.args, '--print'], {
cwd: inputs.workdir,
env: buildEnv,
ignoreReturnCode: true
}).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw Error(res.stderr);
}
env: buildEnv
});
});
let err: Error | undefined;
await Exec.getExecOutput(buildCmd.command, buildCmd.args, {
cwd: inputs.workdir,
env: buildEnv,
ignoreReturnCode: true
}).then(res => {
if (res.exitCode != 0) {
if (inputs.call && inputs.call === 'check' && res.stdout.length > 0) {
// checks warnings are printed to stdout: https://github.com/docker/buildx/pull/2647
// with bake we can have multiple targets being checked so we need to
// count the total number of warnings
const totalWarnings = [...res.stdout.matchAll(/^Check complete, (\d+) warnings? (?:has|have) been found!/gm)].reduce((sum, m) => sum + parseInt(m[1], 10), 0);
if (totalWarnings > 0) {
// https://github.com/docker/buildx/blob/1e50e8ddabe108f009b9925e13a321d7c8f99f26/commands/build.go#L797-L803
if (totalWarnings === 1) {
err = Error(`Check complete, ${totalWarnings} warning has been found!`);
} else {
err = Error(`Check complete, ${totalWarnings} warnings have been found!`);
}
} else {
// if there are no warnings found, return the first line of stdout
err = Error(res.stdout.split('\n')[0]?.trim());
}
} else if (res.stderr.length > 0) {
err = Error(`buildx bake failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
}
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(`buildx bake failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
}
});
@@ -177,96 +141,9 @@ actionsToolkit.run(
core.setOutput('metadata', metadatadt);
});
}
let refs: Array<string> = [];
await core.group(`Build references`, async () => {
refs = await buildRefs(toolkit, startedTime, inputs.builder);
if (refs.length > 0) {
for (const ref of refs) {
core.info(ref);
}
stateHelper.setBuildRefs(refs);
} else {
core.info('No build references found');
}
});
if (buildChecksAnnotationsEnabled()) {
const warnings = toolkit.buildxBake.resolveWarnings(metadata);
if (refs.length > 0 && warnings && warnings.length > 0) {
const annotations = await Buildx.convertWarningsToGitHubAnnotations(warnings, refs);
core.debug(`annotations: ${JSON.stringify(annotations, null, 2)}`);
if (annotations && annotations.length > 0) {
await core.group(`Generating GitHub annotations (${annotations.length} build checks found)`, async () => {
for (const annotation of annotations) {
core.warning(annotation.message, annotation);
}
});
}
}
}
await core.group(`Check build summary support`, async () => {
if (!buildSummaryEnabled()) {
core.info('Build summary disabled');
} else if (inputs.call && inputs.call !== 'build') {
core.info(`Build summary skipped for ${inputs.call} subrequest`);
} else if (GitHub.isGHES) {
core.info('Build summary is not yet supported on GHES');
} else if (!(await toolkit.buildx.versionSatisfies('>=0.13.0'))) {
core.info('Build summary requires Buildx >= 0.13.0');
} else if (refs.length == 0) {
core.info('Build summary requires at least one build reference');
} else {
core.info('Build summary supported!');
stateHelper.setSummarySupported();
}
});
if (err) {
throw err;
}
},
// post
async () => {
if (stateHelper.isSummarySupported) {
await core.group(`Generating build summary`, async () => {
try {
const recordUploadEnabled = buildRecordUploadEnabled();
let recordRetentionDays: number | undefined;
if (recordUploadEnabled) {
recordRetentionDays = buildRecordRetentionDays();
}
const buildxHistory = new BuildxHistory();
const exportRes = await buildxHistory.export({
refs: stateHelper.buildRefs,
useContainer: buildExportLegacy()
});
core.info(`Build records written to ${exportRes.dockerbuildFilename} (${Util.formatFileSize(exportRes.dockerbuildSize)})`);
let uploadRes: UploadArtifactResponse | undefined;
if (recordUploadEnabled) {
uploadRes = await GitHub.uploadArtifact({
filename: exportRes.dockerbuildFilename,
mimeType: 'application/gzip',
retentionDays: recordRetentionDays
});
}
await GitHub.writeBuildSummary({
exportRes: exportRes,
uploadRes: uploadRes,
inputs: stateHelper.summaryInputs,
bakeDefinition: stateHelper.bakeDefinition,
driver: stateHelper.builderDriver,
endpoint: stateHelper.builderEndpoint
});
} catch (e) {
core.warning(e.message);
}
});
}
if (stateHelper.tmpDir.length > 0) {
await core.group(`Removing temp folder ${stateHelper.tmpDir}`, async () => {
fs.rmSync(stateHelper.tmpDir, {recursive: true});
@@ -274,76 +151,3 @@ actionsToolkit.run(
}
}
);
async function buildRefs(toolkit: Toolkit, since: Date, builder?: string): Promise<Array<string>> {
// get refs from metadata file
const metaRefs = toolkit.buildxBake.resolveRefs();
if (metaRefs) {
return metaRefs;
}
// otherwise, look for the very first build ref since the build has started
if (!builder) {
const currentBuilder = await toolkit.builder.inspect();
builder = currentBuilder.name;
}
const res = Buildx.refs({
dir: Buildx.refsDir,
builderName: builder,
since: since
});
const refs: Array<string> = [];
for (const ref in res) {
if (Object.prototype.hasOwnProperty.call(res, ref)) {
refs.push(ref);
}
}
return refs;
}
function buildChecksAnnotationsEnabled(): boolean {
if (process.env.DOCKER_BUILD_CHECKS_ANNOTATIONS) {
return Util.parseBool(process.env.DOCKER_BUILD_CHECKS_ANNOTATIONS);
}
return true;
}
function buildSummaryEnabled(): boolean {
if (process.env.DOCKER_BUILD_NO_SUMMARY) {
core.warning('DOCKER_BUILD_NO_SUMMARY is deprecated. Set DOCKER_BUILD_SUMMARY to false instead.');
return !Util.parseBool(process.env.DOCKER_BUILD_NO_SUMMARY);
} else if (process.env.DOCKER_BUILD_SUMMARY) {
return Util.parseBool(process.env.DOCKER_BUILD_SUMMARY);
}
return true;
}
function buildRecordUploadEnabled(): boolean {
if (process.env.DOCKER_BUILD_RECORD_UPLOAD) {
return Util.parseBool(process.env.DOCKER_BUILD_RECORD_UPLOAD);
}
return true;
}
function buildRecordRetentionDays(): number | undefined {
let val: string | undefined;
if (process.env.DOCKER_BUILD_EXPORT_RETENTION_DAYS) {
core.warning('DOCKER_BUILD_EXPORT_RETENTION_DAYS is deprecated. Use DOCKER_BUILD_RECORD_RETENTION_DAYS instead.');
val = process.env.DOCKER_BUILD_EXPORT_RETENTION_DAYS;
} else if (process.env.DOCKER_BUILD_RECORD_RETENTION_DAYS) {
val = process.env.DOCKER_BUILD_RECORD_RETENTION_DAYS;
}
if (val) {
const res = parseInt(val);
if (isNaN(res)) {
throw Error(`Invalid build record retention days: ${val}`);
}
return res;
}
}
function buildExportLegacy(): boolean {
if (process.env.DOCKER_BUILD_EXPORT_LEGACY) {
return Util.parseBool(process.env.DOCKER_BUILD_EXPORT_LEGACY);
}
return false;
}
src/state-helper.ts
-51
View File
@@ -1,58 +1,7 @@
import * as core from '@actions/core';
import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake';
import {Inputs} from './context';
export const tmpDir = process.env['STATE_tmpDir'] || '';
export const builderDriver = process.env['STATE_builderDriver'] || '';
export const builderEndpoint = process.env['STATE_builderEndpoint'] || '';
export const summaryInputs = process.env['STATE_summaryInputs'] ? JSON.parse(process.env['STATE_summaryInputs']) : undefined;
export const bakeDefinition = process.env['STATE_bakeDefinition'] ? <BakeDefinition>JSON.parse(process.env['STATE_bakeDefinition']) : undefined;
export const buildRefs = process.env['STATE_buildRefs'] ? process.env['STATE_buildRefs'].split(',') : [];
export const isSummarySupported = !!process.env['STATE_isSummarySupported'];
export function setTmpDir(tmpDir: string) {
core.saveState('tmpDir', tmpDir);
}
export function setBuilderDriver(builderDriver: string) {
core.saveState('builderDriver', builderDriver);
}
export function setBuilderEndpoint(builderEndpoint: string) {
core.saveState('builderEndpoint', builderEndpoint);
}
export function setBakeDefinition(bakeDefinition: BakeDefinition) {
core.saveState('bakeDefinition', JSON.stringify(bakeDefinition));
}
export function setBuildRefs(buildRefs: Array<string>) {
core.saveState('buildRefs', buildRefs.join(','));
}
export function setSummarySupported() {
core.saveState('isSummarySupported', 'true');
}
export function setSummaryInputs(inputs: Inputs) {
const res = {};
for (const key of Object.keys(inputs)) {
if (key === 'github-token') {
continue;
}
const value: string | string[] | boolean = inputs[key];
if (typeof value === 'boolean' && !value) {
continue;
} else if (Array.isArray(value) && value.length === 0) {
continue;
} else if (!value) {
continue;
}
res[key] = value;
}
core.saveState('summaryInputs', JSON.stringify(res));
}
subaction/list-targets/README.md
-86
View File
@@ -1,86 +0,0 @@
> [!WARNING]
> `docker/bake-action/subaction/list-targets` is deprecated and will be removed
> in a future release. Please use [`docker/bake-action/subaction/matrix`](../matrix)
> instead.
## About
This subaction generates a list of Bake targets that can be used in a [GitHub matrix](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix),
so you can distribute your builds across multiple runners.
![Screenshot](../../.github/subaction-list-targets.png)
___
* [Usage](#usage)
* [Customizing](#customizing)
* [inputs](#inputs)
* [outputs](#outputs)
## Usage
```hcl
# docker-bake.hcl
group "validate" {
targets = ["lint", "doctoc"]
}
target "lint" {
target = "lint"
}
target "doctoc" {
target = "doctoc"
}
```
```yaml
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
targets: ${{ steps.generate.outputs.targets }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: List targets
id: generate
uses: docker/bake-action/subaction/list-targets@v6
with:
target: validate
validate:
runs-on: ubuntu-latest
needs:
- prepare
strategy:
fail-fast: false
matrix:
target: ${{ fromJson(needs.prepare.outputs.targets) }}
steps:
-
name: Validate
uses: docker/bake-action@v6
with:
targets: ${{ matrix.target }}
```
## Customizing
### inputs
| Name | Type | Description |
|--------------|-------------|---------------------------------------------------------------------------------------------------------------------------------------------|
| `workdir` | String | Working directory to use (defaults to `.`) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `target` | String | The target to use within the bake file |
### outputs
The following outputs are available
| Name | Type | Description |
|------------|----------|---------------------------|
| `targets` | List/CSV | List of extracted targets |
subaction/list-targets/action.yml
+4 -15
View File
@@ -26,23 +26,12 @@ runs:
name: Generate
id: generate
uses: actions/github-script@v7
env:
INPUT_WORKDIR: ${{ inputs.workdir }}
INPUT_FILES: ${{ inputs.files }}
INPUT_TARGET: ${{ inputs.target }}
with:
script: |
core.warning(`docker/bake-action/subaction/list-targets is deprecated and will be removed in a future release. Please use docker/bake-action/subaction/matrix instead.`);
let def;
const files = `${{ inputs.files }}` ? `${{ inputs.files }}`.split(',') : [];
const target = `${{ inputs.target }}`;
function getInputList(name) {
return core.getInput(name) ? core.getInput(name).split(/[\r?\n,]+/).filter(x => x !== '') : [];
}
const workdir = core.getInput('workdir');
const files = getInputList('files');
const target = core.getInput('target');
let def = {};
await core.group(`Validating definition`, async () => {
let args = ['buildx', 'bake'];
for (const file of files) {
@@ -56,7 +45,7 @@ runs:
const res = await exec.getExecOutput('docker', args, {
ignoreReturnCode: true,
silent: true,
cwd: workdir
cwd: `${{ inputs.workdir }}`
});
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr);
subaction/matrix/README.md
-140
View File
@@ -1,140 +0,0 @@
## About
This subaction generates a multi-dimension matrix that can be used in a [GitHub matrix](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstrategymatrix)
through the [`include` property](https://docs.github.com/en/actions/how-tos/writing-workflows/choosing-what-your-workflow-does/running-variations-of-jobs-in-a-workflow#expanding-or-adding-matrix-configurations)
so you can distribute your builds across multiple runners.
![Screenshot](../../.github/subaction-matrix.png)
___
* [Usage](#usage)
* [Customizing](#customizing)
* [inputs](#inputs)
* [outputs](#outputs)
## Usage
### List targets
```hcl
# docker-bake.hcl
group "validate" {
targets = ["lint", "doctoc"]
}
target "lint" {
target = "lint"
}
target "doctoc" {
target = "doctoc"
}
```
```yaml
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.generate.outputs.matrix }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Generate matrix
id: generate
uses: docker/bake-action/subaction/matrix@v6
with:
target: validate
validate:
runs-on: ubuntu-latest
needs:
- prepare
strategy:
fail-fast: false
matrix:
include: ${{ fromJson(needs.prepare.outputs.matrix) }}
steps:
-
name: Validate
uses: docker/bake-action@v6
with:
targets: ${{ matrix.target }}
```
### Platforms split
```hcl
# docker-bake.hcl
target "lint" {
dockerfile = "./hack/dockerfiles/lint.Dockerfile"
output = ["type=cacheonly"]
platforms = [
"darwin/amd64",
"darwin/arm64",
"linux/amd64",
"linux/arm64",
"linux/s390x",
"linux/ppc64le",
"linux/riscv64",
"windows/amd64",
"windows/arm64"
]
}
```
```yaml
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.generate.outputs.matrix }}
steps:
-
name: Checkout
uses: actions/checkout@v4
-
name: Generate matrix
id: generate
uses: docker/bake-action/subaction/matrix@v6
with:
target: lint
fields: platforms
lint:
runs-on: ${{ startsWith(matrix.platforms, 'linux/arm') && 'ubuntu-24.04-arm' || 'ubuntu-latest' }}
needs:
- prepare
strategy:
fail-fast: false
matrix:
include: ${{ fromJson(needs.prepare.outputs.matrix) }}
steps:
-
name: Lint
uses: docker/bake-action@v6
with:
targets: ${{ matrix.target }}
set: |
*.platform=${{ matrix.platforms }}
```
## Customizing
### inputs
| Name | Type | Description |
|-----------|----------|------------------------------------------------------------------------------------------------|
| `workdir` | String | Working directory to use (defaults to `.`) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `target` | String | The target to use within the bake file |
| `fields` | String | List of extra fields to include in the matrix |
### outputs
| Name | Type | Description |
|----------|------|----------------------|
| `matrix` | JSON | Matrix configuration |
subaction/matrix/action.yml
-101
View File
@@ -1,101 +0,0 @@
# https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions
name: 'Matrix'
description: 'Generate a matrix from a Bake definition to help distributing builds in your workflow'
inputs:
workdir:
description: Working directory
default: '.'
required: false
files:
description: List of Bake files
required: false
target:
description: Bake target
required: false
fields:
description: List of extra fields to include in the matrix
required: false
outputs:
matrix:
description: Matrix configuration
value: ${{ steps.generate.outputs.includes }}
runs:
using: composite
steps:
-
name: Generate
id: generate
uses: actions/github-script@v7
env:
INPUT_WORKDIR: ${{ inputs.workdir }}
INPUT_FILES: ${{ inputs.files }}
INPUT_TARGET: ${{ inputs.target }}
INPUT_FIELDS: ${{ inputs.fields }}
with:
script: |
function getInputList(name) {
return core.getInput(name) ? core.getInput(name).split(/[\r?\n,]+/).filter(x => x !== '') : [];
}
const workdir = core.getInput('workdir');
const files = getInputList('files');
const target = core.getInput('target');
const fields = getInputList('fields');
let def = {};
await core.group(`Parsing definition`, async () => {
let args = ['buildx', 'bake'];
for (const file of files) {
args.push('--file', file);
}
if (target) {
args.push(target);
}
args.push('--print');
const res = await exec.getExecOutput('docker', args, {
ignoreReturnCode: true,
silent: true,
cwd: workdir
});
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr);
}
def = JSON.parse(res.stdout.trim());
core.info(JSON.stringify(def, null, 2));
});
await core.group(`Generating matrix`, async () => {
const result = [];
for (const targetName of Object.keys(def.target)) {
const target = def.target[targetName];
const entry = { target: targetName };
if (fields.length === 0) {
result.push({ ...entry });
continue;
}
let fieldFound = false;
Object.keys(target).forEach(field => {
if (fields.includes(field)) {
fieldFound = true;
const value = target[field];
if (Array.isArray(value)) {
value.forEach((v) => {
entry[field] = v;
result.push({ ...entry });
});
} else {
entry[field] = value;
result.push({ ...entry });
}
}
});
if (!fieldFound) {
result.push({ ...entry });
}
}
core.info(JSON.stringify(result, null, 2));
core.setOutput('includes', JSON.stringify(result));
});
test/config.hcl
-5
View File
@@ -42,8 +42,3 @@ target "app-proxy" {
inherits = ["app"]
dockerfile = "proxy.Dockerfile"
}
target "app-entitlements" {
inherits = ["app"]
entitlements = ["network.host"]
}
test/group-with-platform/docker-bake.hcl
-36
View File
@@ -1,36 +0,0 @@
group "validate" {
targets = ["lint", "lint-gopls", "validate-vendor", "validate-docs"]
}
target "lint" {
dockerfile = "./hack/dockerfiles/lint.Dockerfile"
output = ["type=cacheonly"]
platforms = [
"darwin/amd64",
"darwin/arm64",
"linux/amd64",
"linux/arm64",
"linux/s390x",
"linux/ppc64le",
"linux/riscv64",
"windows/amd64",
"windows/arm64"
]
}
target "lint-gopls" {
inherits = ["lint"]
target = "gopls-analyze"
}
target "validate-vendor" {
dockerfile = "./hack/dockerfiles/vendor.Dockerfile"
target = "validate"
output = ["type=cacheonly"]
}
target "validate-docs" {
dockerfile = "./hack/dockerfiles/docs.Dockerfile"
target = "validate"
output = ["type=cacheonly"]
}
test/lint-other.Dockerfile
-10
View File
@@ -1,10 +0,0 @@
frOM busybox as base
cOpy lint-other.Dockerfile .
froM busybox aS notused
COPY lint-other.Dockerfile .
from scratch
COPy --from=base \
/lint-other.Dockerfile \
/
test/lint.Dockerfile
-12
View File
@@ -1,12 +0,0 @@
frOM busybox as base
cOpy lint.Dockerfile .
from scratch
MAINTAINER moby@example.com
COPy --from=base \
/lint.Dockerfile \
/
CMD [ "echo", "Hello, Norway!" ]
CMD [ "echo", "Hello, Sweden!" ]
ENTRYPOINT my-program start
test/lint.hcl
-12
View File
@@ -1,12 +0,0 @@
group "default" {
targets = ["lint", "lint-other", "lint-inline"]
}
target "lint" {
dockerfile = "lint.Dockerfile"
}
target "lint-other" {
dockerfile = "lint-other.Dockerfile"
}
target "lint-inline" {
dockerfile-inline = "FRoM alpine\nENTRYPOINT [\"echo\", \"hello\"]"
}
test/multi-files/docker-bake.hcl
-15
View File
@@ -1,15 +0,0 @@
group "default" {
targets = ["t3"]
}
target "t3" {
name = "${item.tag}"
matrix = {
item = t3
}
args = {
VERSION = "${item.version}"
DUMMY_ARG = "${item.arg}"
}
tags = ["${item.tag}"]
}
test/multi-files/docker-bake.json
-14
View File
@@ -1,14 +0,0 @@
{
"t3": [
{
"version": "v1",
"arg": "v1-value",
"tag": "v1-tag"
},
{
"version": "v2",
"arg": "v2-value",
"tag": "v2-tag"
}
]
}
yarn.lock
+2214 -2569
View File
File diff suppressed because it is too large Load Diff