docker/build-push-action
3
0
Fork 0
mirror of https://github.com/docker/build-push-action.git synced 2025-06-13 14:47:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: docker:v3.1.0
Branches Tags
docker:master docker:releases/v5 docker:releases/v4 docker:releases/v3 docker:releases/v2 docker:releases/v1
docker:v6.18.0 docker:v6 docker:v6.17.0 docker:v6.16.0 docker:v6.15.0 docker:v6.14.0 docker:v6.13.0 docker:v6.12.0 docker:v6.11.0 docker:v6.10.0 docker:v6.9.0 docker:v6.8.0 docker:v6.7.0 docker:v6.6.1 docker:v6.6.0 docker:v6.5.0 docker:v6.4.1 docker:v6.4.0 docker:v6.3.0 docker:v6.2.0 docker:v6.1.0 docker:v6.0.2 docker:v6.0.1 docker:v6.0.0 docker:v5.4.0 docker:v5 docker:v5.3.0 docker:v5.2.0 docker:v5.1.0 docker:v5.0.0 docker:v4 docker:v4.2.1 docker:v4.2.0 docker:v4.1.1 docker:v4.1.0 docker:v4.0.0 docker:v3.3.1 docker:v3 docker:v3.3.0 docker:v3.2.0 docker:v3.1.1 docker:v3.1.0 docker:v3.0.0 docker:v2 docker:v2.10.0 docker:v2.9.0 docker:v2.8.0 docker:v2.7.0 docker:v2.6.1 docker:v2.6.0 docker:v2.5.0 docker:v2.4.0 docker:v2.3.0 docker:v2.2.2 docker:v2.2.1 docker:v2.2.0 docker:v2.1.0 docker:v2.0.1 docker:v1 docker:v1.1.2 docker:v2.0.0 docker:v1.1.1 docker:v1.1.0 docker:v1.0.1 docker:v1.0 docker:v1.0.0
..
compare: docker:v4.1.0
Branches Tags
docker:master docker:releases/v5 docker:releases/v4 docker:releases/v3 docker:releases/v2 docker:releases/v1
docker:v6.18.0 docker:v6 docker:v6.17.0 docker:v6.16.0 docker:v6.15.0 docker:v6.14.0 docker:v6.13.0 docker:v6.12.0 docker:v6.11.0 docker:v6.10.0 docker:v6.9.0 docker:v6.8.0 docker:v6.7.0 docker:v6.6.1 docker:v6.6.0 docker:v6.5.0 docker:v6.4.1 docker:v6.4.0 docker:v6.3.0 docker:v6.2.0 docker:v6.1.0 docker:v6.0.2 docker:v6.0.1 docker:v6.0.0 docker:v5.4.0 docker:v5 docker:v5.3.0 docker:v5.2.0 docker:v5.1.0 docker:v5.0.0 docker:v4 docker:v4.2.1 docker:v4.2.0 docker:v4.1.1 docker:v4.1.0 docker:v4.0.0 docker:v3.3.1 docker:v3 docker:v3.3.0 docker:v3.2.0 docker:v3.1.1 docker:v3.1.0 docker:v3.0.0 docker:v2 docker:v2.10.0 docker:v2.9.0 docker:v2.8.0 docker:v2.7.0 docker:v2.6.1 docker:v2.6.0 docker:v2.5.0 docker:v2.4.0 docker:v2.3.0 docker:v2.2.2 docker:v2.2.1 docker:v2.2.0 docker:v2.1.0 docker:v2.0.1 docker:v1 docker:v1.1.2 docker:v2.0.0 docker:v1.1.1 docker:v1.1.0 docker:v1.0.1 docker:v1.0 docker:v1.0.0

138 Commits
v3.1.0 ... v4.1.0

Author SHA1 Message Date
CrazyMax
44ea916f6c Merge pull request #875 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.3.0 
chore(deps): Bump @docker/actions-toolkit from 0.2.0 to 0.3.0
 2023-06-07 16:44:03 +02:00
CrazyMax
0167eef179 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-06-07 16:40:11 +02:00
dependabot[bot]
91bf8bfc4d chore(deps): Bump @docker/actions-toolkit from 0.2.0 to 0.3.0 
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.2.0...v0.3.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-06-07 14:30:42 +00:00
CrazyMax
a799b4decf Merge pull request #860 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.2.0 
chore(deps): Bump @docker/actions-toolkit from 0.1.0 to 0.2.0
 2023-06-05 13:21:33 +02:00
CrazyMax
87480bdf69 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-06-05 13:19:32 +02:00
Justin Chadwell
f9efed53cc Merge pull request #871 from dvdksn/fix/secret-example-link 2023-05-31 10:43:01 +01:00
David Karlsson
3580b78e04 fix: broken link to secret example docs 
Signed-off-by: David Karlsson <david.karlsson@docker.com>
 2023-05-31 11:36:48 +02:00
CrazyMax
91df6b874e Merge pull request #859 from docker/dependabot/github_actions/docker/bake-action-3 
chore(deps): Bump docker/bake-action from 2 to 3
 2023-05-11 15:20:14 +02:00
dependabot[bot]
ea92b18afb chore(deps): Bump @docker/actions-toolkit from 0.1.0 to 0.2.0 
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.1.0 to 0.2.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.1.0...v0.2.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-19 11:56:57 +00:00
dependabot[bot]
6f91eb31f7 chore(deps): Bump docker/bake-action from 2 to 3 
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 2 to 3.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-18 11:56:41 +00:00
CrazyMax
eafaea8d0f Merge pull request #855 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.1.0 
chore(deps): Bump @docker/actions-toolkit from 0.1.0-beta.19 to 0.1.0
 2023-04-17 08:07:44 +02:00
CrazyMax
ddd2a92197 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-17 02:10:24 +02:00
CrazyMax
a54198e85a use new implementation from toolkit 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-17 02:09:47 +02:00
CrazyMax
7e3a79c50d update dev dependencies 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-17 02:09:47 +02:00
dependabot[bot]
4a730ce64b chore(deps): Bump @docker/actions-toolkit from 0.1.0-beta.19 to 0.1.0 
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.1.0-beta.19 to 0.1.0.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.1.0-beta.19...v0.1.0)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-04-11 11:57:09 +00:00
CrazyMax
817ed59f97 Merge pull request #837 from crazy-max/update-workflows 
ci: split validate and test workflow
 2023-04-11 09:44:56 +02:00
CrazyMax
a3646c08f8 test: update go example 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-10 00:13:50 +02:00
CrazyMax
5c3465b033 ci: merge example workflow to ci one 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-10 00:13:50 +02:00
CrazyMax
e9c0697e5b ci: virtual-env workflow moved to actions-toolkit repo 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-10 00:13:50 +02:00
CrazyMax
e090350180 ci: split validate and test workflow 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-04-10 00:13:49 +02:00
CrazyMax
f2a1d5e99d Merge pull request #838 from docker/dependabot/npm_and_yarn/docker/actions-toolkit-0.1.0-beta.19 
chore(deps): Bump @docker/actions-toolkit from 0.1.0-beta.14 to 0.1.0-beta.19
 2023-03-13 08:49:57 +00:00
CrazyMax
81f5252b54 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-03-12 23:37:34 +01:00
CrazyMax
b3435979d1 use methods from toolkit to handle provenance attrs 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-03-12 23:37:34 +01:00
dependabot[bot]
80def7c74e chore(deps): Bump @docker/actions-toolkit 
Bumps [@docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.1.0-beta.14 to 0.1.0-beta.19.
- [Release notes](https://github.com/docker/actions-toolkit/releases)
- [Commits](https://github.com/docker/actions-toolkit/compare/v0.1.0-beta.14...v0.1.0-beta.19)

---
updated-dependencies:
- dependency-name: "@docker/actions-toolkit"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-03-12 21:49:46 +00:00
CrazyMax
35434f557a Merge pull request #809 from crazy-max/test-named-context 
ci: named context jobs
 2023-02-27 15:58:24 +01:00
CrazyMax
d63c96254b Merge pull request #811 from crazy-max/switch-toolkit 
switch to actions-toolkit implementation
 2023-02-24 19:15:59 +01:00
CrazyMax
21fe05ff59 Merge pull request #818 from crazy-max/fix-docs-links 
docs: fix links
 2023-02-24 14:46:55 +01:00
CrazyMax
097a3e23ac update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-24 10:22:20 +01:00
CrazyMax
d8823bfaed switch to actions-toolkit implementation 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-24 10:22:19 +01:00
CrazyMax
3a3620ed49 docs: fix links 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-23 17:16:49 +01:00
CrazyMax
8082ebc6ea ci: named context jobs 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-23 14:06:53 +01:00
Justin Chadwell
a3ae207c14 Merge pull request #815 from jedevc/e2e-distribution-fixup 
fixup! e2e: add distribution tests
 2023-02-22 12:50:28 +00:00
Justin Chadwell
4858a31f84 fixup! e2e: add distribution tests 
Signed-off-by: Justin Chadwell <me@jedevc.com>
 2023-02-22 12:40:15 +00:00
Justin Chadwell
d10433366f Merge pull request #814 from jedevc/e2e-distribution 
e2e: add distribution tests
 2023-02-22 12:19:02 +00:00
Justin Chadwell
ee5cabd9e3 e2e: add distribution tests 
Signed-off-by: Justin Chadwell <me@jedevc.com>
 2023-02-22 11:55:00 +00:00
CrazyMax
7944f9a25b Merge pull request #796 from docker/dependabot/npm_and_yarn/csv-parse-5.3.5 
chore(deps): Bump csv-parse from 5.3.4 to 5.3.5
 2023-02-16 14:13:36 +01:00
CrazyMax
c088e12d82 Merge pull request #804 from docker/registry-artifactory 
ci: add artifactory container registry to test against
 2023-02-15 19:26:39 +01:00
CrazyMax
e941dc0149 Merge pull request #805 from crazy-max/e2e-update-quay 
e2e: update quay namespace
 2023-02-15 19:25:25 +01:00
CrazyMax
0d6f3e8936 e2e: update quay namespace 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-15 19:23:19 +01:00
Justin Chadwell
c779d8500d ci: add artifactory container registry to test against 
The artifactory container registry is configured to accept schema 2
manifests.

Signed-off-by: Justin Chadwell <me@jedevc.com>
 2023-02-15 10:48:45 +00:00
CrazyMax
b651cf69a6 Merge pull request #802 from docker/dependabot/github_actions/crazy-max/ghaction-dump-context-2 
chore(deps): Bump crazy-max/ghaction-dump-context from 1 to 2
 2023-02-13 13:10:23 +01:00
dependabot[bot]
0db6129a57 chore(deps): Bump crazy-max/ghaction-dump-context from 1 to 2 
Bumps [crazy-max/ghaction-dump-context](https://github.com/crazy-max/ghaction-dump-context) from 1 to 2.
- [Release notes](https://github.com/crazy-max/ghaction-dump-context/releases)
- [Changelog](https://github.com/crazy-max/ghaction-dump-context/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crazy-max/ghaction-dump-context/compare/v1...v2)

---
updated-dependencies:
- dependency-name: crazy-max/ghaction-dump-context
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-13 11:57:09 +00:00
CrazyMax
70cc701b9c Merge pull request #800 from crazy-max/e2e-local 
e2e: local harbor and nexus
 2023-02-10 17:36:20 +01:00
CrazyMax
af7537dc3e e2e: local nexus 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-10 06:18:22 +01:00
CrazyMax
2d8166c4b9 e2e: local harbor 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-10 04:45:30 +01:00
CrazyMax
6a8fbf0dbc Merge pull request #799 from crazy-max/e2e-quay 
e2e: quay.io
 2023-02-09 13:09:47 +01:00
CrazyMax
f74fd039f3 e2e: input to set additional tag 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-09 12:53:34 +01:00
CrazyMax
695ee8547d e2e: quay.io 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-09 12:06:55 +01:00
Justin Chadwell
fd7264830a Merge pull request #798 from docker/e2e-enable-debug 
e2e: enable buildkit container logs
 2023-02-08 13:16:49 +00:00
Justin Chadwell
6842956e83 e2e: enable buildkit container logs 
Signed-off-by: Justin Chadwell <me@jedevc.com>
 2023-02-08 12:27:02 +00:00
CrazyMax
9d1b8fa4e2 Merge pull request #797 from crazy-max/e2e-rm-harbor 
e2e: remove harbor
 2023-02-08 13:14:41 +01:00
CrazyMax
17c742ea85 e2e: remove harbor 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-08 13:10:54 +01:00
dependabot[bot]
916f6873ae chore(deps): Bump csv-parse from 5.3.4 to 5.3.5 
Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 5.3.4 to 5.3.5.
- [Release notes](https://github.com/adaltas/node-csv/releases)
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@5.3.5/packages/csv-parse)

---
updated-dependencies:
- dependency-name: csv-parse
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-08 11:02:07 +00:00
CrazyMax
a3f7a443f9 Merge pull request #787 from docker/dependabot/npm_and_yarn/csv-parse-5.3.4 
chore(deps): Bump csv-parse from 5.3.3 to 5.3.4
 2023-02-06 17:25:28 +01:00
CrazyMax
05e89e68aa Merge pull request #790 from crazy-max/e2e-harbor 
e2e: harbor
 2023-02-06 14:29:57 +01:00
CrazyMax
d16cc0b66f e2e: harbor 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-02-02 13:42:15 +01:00
dependabot[bot]
306a0a9f50 chore(deps): Bump csv-parse from 5.3.3 to 5.3.4 
Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 5.3.3 to 5.3.4.
- [Release notes](https://github.com/adaltas/node-csv/releases)
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@5.3.4/packages/csv-parse)

---
updated-dependencies:
- dependency-name: csv-parse
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-01 11:02:18 +00:00
CrazyMax
55a3485913 Merge pull request #785 from crazy-max/update-version 
docs: update version to v4
 2023-01-30 19:33:53 +01:00
CrazyMax
71e9aaaf29 docs: update version to v4 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-30 19:30:24 +01:00
CrazyMax
3b5e8027fc Merge pull request #784 from crazy-max/enable-provenance 
revert disable provenance by default if not set
 2023-01-30 19:25:07 +01:00
CrazyMax
02d3266a89 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-30 19:23:01 +01:00
CrazyMax
f403dafe18 revert disable provenance by default if not set 
This partially reverts 337a09d182 but
keeps the newly added tests.

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-30 19:23:00 +01:00
CrazyMax
1104d47137 Merge pull request #781 from crazy-max/disable-provenance 
Disable provenance by default if not set
 2023-01-30 19:07:44 +01:00
CrazyMax
838bf90c88 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-30 10:15:05 +01:00
CrazyMax
337a09d182 disable provenance by default if not set 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-30 10:15:05 +01:00
CrazyMax
37abcedcc1 Merge pull request #760 from crazy-max/test-envs 
test: move envs to jest config
 2023-01-13 13:27:37 +01:00
CrazyMax
67109bc4b2 test: move envs to jest config 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-13 13:23:43 +01:00
CrazyMax
d1b0eb0a29 Merge pull request #759 from crazy-max/fix-provenance-input 
Fix provenance input
 2023-01-13 13:06:45 +01:00
CrazyMax
a0635fe7cd update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-13 12:59:31 +01:00
CrazyMax
f834265449 tests for provenance 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-13 12:59:31 +01:00
CrazyMax
0191543e0b fix provenance input 
When `provenance: false`, we should not set the builder-id.

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-13 12:59:31 +01:00
CrazyMax
2a16835223 Merge pull request #758 from crazy-max/revert-736 
Revert build-args newline split
 2023-01-13 11:35:45 +01:00
CrazyMax
9b96801525 Revert build-args newline split 
This reverts commit 6afac853c9, reversing
changes made to 1d910c8aa2.

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-13 11:27:13 +01:00
CrazyMax
6afac853c9 Merge pull request #736 from ruslandoga/build-args-newline-split 
build-args newline split
 2023-01-13 10:03:35 +01:00
ruslandoga
3bfdd83cd7 pre-checkin 
Signed-off-by: ruslandoga <67764432+ruslandoga@users.noreply.github.com>
 2023-01-13 15:15:03 +07:00
ruslandoga
316d5eb8b3 build-args newline split 
Signed-off-by: ruslandoga <67764432+ruslandoga@users.noreply.github.com>
 2023-01-13 12:51:11 +07:00
CrazyMax
1d910c8aa2 Merge pull request #707 from crazy-max/gh-runtime-token-info 
Log GitHub Actions runtime token access controls
 2023-01-12 19:50:31 +01:00
CrazyMax
f9ccca010f log GitHub Actions runtime token access controls 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-12 19:44:24 +01:00
CrazyMax
c40bf0fdf6 Merge pull request #746 from crazy-max/attests-sbom-provenance-inputs 
add attests, provenance and sbom inputs
 2023-01-12 19:27:54 +01:00
CrazyMax
223ed1ebd4 ci: fix registry-cache job 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:26 +01:00
CrazyMax
fdafae777b update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:25 +01:00
CrazyMax
0cb700ffba do not set default provenance if user wants to load the image 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:25 +01:00
CrazyMax
ee7989df81 always set builder-id attribute for provenance 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:25 +01:00
CrazyMax
74f883a069 check BuildKit compatibility before setting default provenance opts 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:25 +01:00
CrazyMax
0149503e26 ci: inspect with json output 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:25 +01:00
CrazyMax
26ce4f3617 provenance: set mode max and builder-id for public repos by default 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:24 +01:00
CrazyMax
ed2672fc33 add attests, provenance and sbom inputs 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:24 +01:00
CrazyMax
472ccddef1 test: go project sample 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2023-01-11 15:56:24 +01:00
CrazyMax
d235d2d5ea Merge pull request #749 from docker/dependabot/npm_and_yarn/json5-2.2.3 
chore(deps): Bump json5 from 2.2.0 to 2.2.3
 2023-01-08 18:32:06 +01:00
dependabot[bot]
2f519a7883 chore(deps): Bump json5 from 2.2.0 to 2.2.3 
Bumps [json5](https://github.com/json5/json5) from 2.2.0 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.2.0...v2.2.3)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-01-07 04:56:41 +00:00
CrazyMax
4eb68bb2ac Merge pull request #729 from docker/dependabot/npm_and_yarn/csv-parse-5.3.3 
chore(deps): Bump csv-parse from 5.3.0 to 5.3.3
 2022-12-19 20:44:37 +01:00
CrazyMax
b4755849f0 update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-12-19 20:42:49 +01:00
dependabot[bot]
ade1a6afe3 chore(deps): Bump csv-parse from 5.3.0 to 5.3.3 
Bumps [csv-parse](https://github.com/adaltas/node-csv/tree/HEAD/packages/csv-parse) from 5.3.0 to 5.3.3.
- [Release notes](https://github.com/adaltas/node-csv/releases)
- [Changelog](https://github.com/adaltas/node-csv/blob/master/packages/csv-parse/CHANGELOG.md)
- [Commits](https://github.com/adaltas/node-csv/commits/csv-parse@5.3.3/packages/csv-parse)

---
updated-dependencies:
- dependency-name: csv-parse
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-12-19 19:37:51 +00:00
CrazyMax
21d6059e1e Merge pull request #732 from docker/dependabot/npm_and_yarn/minimatch-3.1.2 
chore(deps): Bump minimatch from 3.0.4 to 3.1.2
 2022-12-19 20:20:03 +01:00
CrazyMax
c2c50190db readme: fix badges 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-12-19 20:17:23 +01:00
CrazyMax
a154a68da0 Update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-12-19 20:15:46 +01:00
dependabot[bot]
4ac90f5dca chore(deps): Bump minimatch from 3.0.4 to 3.1.2 
Bumps [minimatch](https://github.com/isaacs/minimatch) from 3.0.4 to 3.1.2.
- [Release notes](https://github.com/isaacs/minimatch/releases)
- [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2)

---
updated-dependencies:
- dependency-name: minimatch
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-11-29 17:55:45 +00:00
CrazyMax
175d02bffe Merge pull request #723 from crazy-max/docs-fix-link 
docs: fix link
 2022-11-10 18:25:38 +01:00
CrazyMax
546378e7fb docs: fix link 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-11-10 15:57:59 +01:00
CrazyMax
ffe65bfc27 Merge pull request #718 from crazy-max/moved-examples 
docs: examples moved to docs website
 2022-11-04 14:11:17 +01:00
CrazyMax
d4c14fd006 docs: examples moved to docs website 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-11-04 09:17:25 +01:00
CrazyMax
6e95f19fb8 Merge pull request #708 from kaznovac/patch-1 
[docs] test-before-push: push tested image as latest
 2022-10-20 21:05:58 +02:00
Marko Kaznovac
2a752d5a63 [docs] test-before-push: push tested image as latest 
also renamed image name from `myapp` -> `app`

Signed-off-by: Marko Kaznovac <kaznovac@users.noreply.github.com>
 2022-10-20 16:03:06 +02:00
CrazyMax
c56af95754 Merge pull request #704 from crazy-max/setOutput 
Remove workaround for setOutput
 2022-10-12 08:33:54 +02:00
CrazyMax
75aaa63262 Remove workaround for setOutput 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-12 06:56:31 +02:00
CrazyMax
f97d6e2850 Merge pull request #700 from crazy-max/update-docs 
docs: update links and layout
 2022-10-11 12:07:35 +02:00
CrazyMax
47c00d78bf ci: secret job to check for invalid secrets 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-09 17:42:47 +02:00
CrazyMax
871b930e7a docs: update links and layout 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-07 19:28:55 +02:00
CrazyMax
105bf59b00 docs: copy between registries with buildx 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-07 19:23:10 +02:00
CrazyMax
48888e0b13 Merge pull request #699 from crazy-max/docs-outputs 
docs: note about multiple outputs
 2022-10-07 18:33:56 +02:00
CrazyMax
6b820ad47e docs: note about multiple outputs 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-07 18:31:06 +02:00
CrazyMax
e1a10350ee Merge pull request #665 from baibaratsky/patch-1 
docs: named contexts
 2022-10-07 18:25:40 +02:00
CrazyMax
0f5a7d48d5 docs: named contexts 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-07 18:22:40 +02:00
Andrei Baibaratsky
6a6e8c7c14 docs: build contexts and bake options 
Signed-off-by: Andrei Baibaratsky <andrei@baibaratsky.com>
 2022-10-07 18:21:37 +02:00
CrazyMax
e189a1cb78 Merge pull request #696 from docker/dependabot/npm_and_yarn/actions/github-5.1.1 
Bump @actions/github from 5.0.3 to 5.1.1
 2022-10-07 16:47:39 +02:00
CrazyMax
2cf0d6fbdc Update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-07 16:46:29 +02:00
dependabot[bot]
3cde535b0c Bump @actions/github from 5.0.3 to 5.1.1 
Bumps [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github) from 5.0.3 to 5.1.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@actions/github"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-10-01 01:09:07 +00:00
CrazyMax
83a00fb5e6 Merge pull request #695 from docker/dependabot/npm_and_yarn/actions/core-1.10.0 
Bump @actions/core from 1.9.1 to 1.10.0
 2022-10-01 03:07:44 +02:00
CrazyMax
1d5915004a Update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-10-01 03:05:50 +02:00
dependabot[bot]
2e87529dad Bump @actions/core from 1.9.1 to 1.10.0 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.9.1 to 1.10.0.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-09-30 11:12:03 +00:00
CrazyMax
e27bcee4eb Merge pull request #685 from crazy-max/git-context-docs 
docs: fix Git context link and add more details about subdir support
 2022-09-02 14:26:21 +02:00
CrazyMax
71d260c49a docs: fix Git context link and add more details about subdir support 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-09-02 12:24:08 +02:00
CrazyMax
965c6a410d Merge pull request #672 from crazy-max/fix-ci-dispatch 
ci: fix workflow dispatch inputs
 2022-08-17 11:25:02 +02:00
CrazyMax
08aa123a28 ci: fix workflow dispatch inputs 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-08-17 02:17:37 +02:00
CrazyMax
1527803881 Merge pull request #666 from deronnax/patch-1 
use ${{ env.TEST_TAG }} to tag image in push step
 2022-08-12 18:17:02 +02:00
CrazyMax
a49d9ab751 Merge pull request #667 from docker/dependabot/npm_and_yarn/actions/core-1.9.1 
Bump @actions/core from 1.9.0 to 1.9.1
 2022-08-12 18:14:31 +02:00
CrazyMax
cbb574ee73 Update generated content 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-08-12 18:13:02 +02:00
CrazyMax
8b56e74b48 ci: cleanup ci workflow 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-08-12 18:12:47 +02:00
dependabot[bot]
a5024d816a Bump @actions/core from 1.9.0 to 1.9.1 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/actions/toolkit/releases)
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-08-12 18:12:16 +02:00
CrazyMax
2235b57edd Merge pull request #669 from crazy-max/buildx-dispatch 
ci: allow arbitrary buildx/buildkit version on workflow dispatch event
 2022-08-12 17:04:32 +02:00
CrazyMax
15b9e74b95 ci: allow arbitrary buildx/buildkit version on workflow dispatch event 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-08-12 16:45:35 +02:00
Mathieu Dupuy
48daa618bd use ${{ env.TEST_TAG }} to tag image in push step 
Signed-off-by: Mathieu Dupuy <deronnax@gmail.com>
 2022-08-06 11:12:45 +02:00
CrazyMax
c84f382811 Merge pull request #663 from crazy-max/fix-git-token-cond 
Fix GitHub token not passed with Git context if subdir defined
 2022-08-03 17:25:08 +02:00
CrazyMax
cd5d0b79ea Merge pull request #661 from dud225/subdir_context 
Update comment regarding the support of subdir context
 2022-08-03 16:59:34 +02:00
CrazyMax
30a32246ba Fix GitHub token not passed with Git context if subdir defined 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
 2022-08-03 14:39:01 +02:00
Herve Werner
1f19633b92 Update comment regarding the support of subdir context 
Signed-off-by: Hervé Werner <dud225@hotmail.com>
 2022-08-03 13:55:05 +02:00
CrazyMax
67af6dc1d3 Merge pull request #657 from bendrucker/deprecated-fs-rmdir 
Replace deprecated `fs.rmdir` with `fs.rm`
 2022-07-28 11:04:08 +02:00
Ben Drucker
988cb093f2 replace deprecated fs.rmdir with fs.rm 
Signed-off-by: Ben Drucker <bvdrucker@gmail.com>
 2022-07-27 16:47:22 -07:00
66 changed files with 3337 additions and 3495 deletions
Expand all files Collapse all files

2
.eslintrc.json
View File

@ -2,7 +2,7 @@
"env": {
"node": true,
"es2021": true,
"jest/globals": true
"jest": true
},
"extends": [
"eslint:recommended",

5
.github/e2e/distribution/env vendored Normal file
View File

@ -0,0 +1,5 @@
REGISTRY_FQDN=localhost:8080
REGISTRY_SLUG=localhost:8080/test-docker-action
DISTRIBUTION_HOST=localhost
DISTRIBUTION_PORT=8080

13
.github/e2e/distribution/install.sh vendored Executable file
View File

@ -0,0 +1,13 @@
#!/usr/bin/env bash
set -eu
: "${DISTRIBUTION_VERSION:=2}"
: "${DISTRIBUTION_HOST:=localhost}"
: "${DISTRIBUTION_PORT:=8080}"
echo "::group::Starting registry:${DISTRIBUTION_VERSION}"
(
set -x
docker run -d --name registry -p "${DISTRIBUTION_PORT}:5000" "registry:${DISTRIBUTION_VERSION}"
)
echo "::endgroup::"

8
.github/e2e/harbor/env vendored Normal file
View File

@ -0,0 +1,8 @@
REGISTRY_FQDN=localhost:8081
REGISTRY_USER=admin
REGISTRY_PASSWORD=Harbor12345
REGISTRY_SLUG=localhost:8081/test-docker-action/test-docker-action
HARBOR_HOST=localhost
HARBOR_PORT=8081
HARBOR_PROJECT=test-docker-action

79
.github/e2e/harbor/install.sh vendored Executable file
View File

@ -0,0 +1,79 @@
#!/usr/bin/env bash
set -eu
: "${HARBOR_VERSION:=v2.7.0}"
: "${HARBOR_HOST:=localhost}"
: "${HARBOR_PORT:=49154}"
: "${REGISTRY_USER:=admin}"
: "${REGISTRY_PASSWORD:=Harbor12345}"
: "${HARBOR_PROJECT:=test-docker-action}"
project_post_data() {
cat <<EOF
{
"project_name": "$HARBOR_PROJECT",
"public": true
}
EOF
}
export TERM=xterm
# download
echo "::group::Downloading Harbor $HARBOR_VERSION"
(
cd /tmp
set -x
wget -q "https://github.com/goharbor/harbor/releases/download/${HARBOR_VERSION}/harbor-offline-installer-${HARBOR_VERSION}.tgz" -O harbor-online-installer.tgz
tar xvf harbor-online-installer.tgz
)
echo "::endgroup::"
# config
echo "::group::Configuring Harbor"
(
cd /tmp/harbor
set -x
cp harbor.yml.tmpl harbor.yml
harborConfig="$(harborHost="$HARBOR_HOST" harborPort="$HARBOR_PORT" harborPwd="$REGISTRY_PASSWORD" yq --no-colors '.hostname = env(harborHost) | .http.port = env(harborPort) | .harbor_admin_password = env(harborPwd) | del(.https)' harbor.yml)"
tee harbor.yml <<<"$harborConfig" >/dev/null
yq --no-colors harbor.yml
)
echo "::endgroup::"
# install and start
echo "::group::Installing Harbor"
(
cd /tmp/harbor
set -x
./install.sh
sleep 10
netstat -aptn
)
echo "::endgroup::"
# compose config
echo "::group::Compose config"
(
cd /tmp/harbor
set -x
docker compose config
)
echo "::endgroup::"
# create project
echo "::group::Creating project"
(
set -x
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H "Content-Type: application/json" -d "$(project_post_data)" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects"
)
echo "::endgroup::"
# list projects
echo "::group::List projects"
(
set -x
curl --fail -s -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -H "Content-Type: application/json" "http://$HARBOR_HOST:$HARBOR_PORT/api/v2.0/projects" | jq
)
echo "::endgroup::"

8
.github/e2e/nexus/docker-compose.yml vendored Normal file
View File

@ -0,0 +1,8 @@
services:
nexus:
image: sonatype/nexus3:${NEXUS_VERSION:-latest}
volumes:
- "./data:/nexus-data"
ports:
- "8081:8081"
- "8082:8082"

9
.github/e2e/nexus/env vendored Normal file
View File

@ -0,0 +1,9 @@
REGISTRY_FQDN=localhost:8082
REGISTRY_USER=admin
REGISTRY_PASSWORD=Nexus12345
REGISTRY_SLUG=localhost:8082/test-docker-action
NEXUS_HOST=localhost
NEXUS_PORT=8081
NEXUS_REGISTRY_PORT=8082
NEXUS_REPO=test-docker-action

93
.github/e2e/nexus/install.sh vendored Executable file
View File

@ -0,0 +1,93 @@
#!/usr/bin/env bash
set -eu
SCRIPT_DIR=$(cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd)
: "${NEXUS_VERSION:=3.47.1}"
: "${NEXUS_HOST:=localhost}"
: "${NEXUS_PORT:=8081}"
: "${NEXUS_REGISTRY_PORT:=8082}"
: "${REGISTRY_USER:=admin}"
: "${REGISTRY_PASSWORD:=Nexus12345}"
: "${NEXUS_REPO:=test-docker-action}"
createrepo_post_data() {
cat <<EOF
{
"name": "${NEXUS_REPO}",
"online": true,
"storage": {
"blobStoreName": "default",
"strictContentTypeValidation": true,
"writePolicy": "ALLOW"
},
"docker": {
"v1Enabled": false,
"forceBasicAuth": true,
"httpPort": ${NEXUS_REGISTRY_PORT},
"httpsPort": null,
"subdomain": null
}
}
EOF
}
export NEXUS_VERSION
mkdir -p /tmp/nexus/data
chown 200:200 /tmp/nexus/data
cp "${SCRIPT_DIR}/docker-compose.yml" /tmp/nexus/docker-compose.yml
echo "::group::Pulling Nexus $NEXUS_VERSION"
(
cd /tmp/nexus
set -x
docker compose pull
)
echo "::endgroup::"
echo "::group::Compose config"
(
cd /tmp/nexus
set -x
docker compose config
)
echo "::endgroup::"
echo "::group::Running Nexus"
(
cd /tmp/nexus
set -x
docker compose up -d
)
echo "::endgroup::"
echo "::group::Running Nexus"
(
cd /tmp/nexus
set -x
docker compose up -d
)
echo "::endgroup::"
echo "::group::Waiting for Nexus to be ready"
until $(curl --output /dev/null --silent --head --fail "http://$NEXUS_HOST:$NEXUS_PORT"); do
printf '.'
sleep 5
done
echo "::endgroup::"
echo "::group::Change user's password"
(
set -x
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$(cat /tmp/nexus/data/admin.password)" -X PUT -H 'Content-Type: text/plain' -d "$REGISTRY_PASSWORD" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/security/users/$REGISTRY_USER/change-password"
)
echo "::endgroup::"
echo "::group::Create Docker repository"
(
set -x
curl --fail -v -k --max-time 10 -u "$REGISTRY_USER:$REGISTRY_PASSWORD" -X POST -H 'Content-Type: application/json' -d "$(createrepo_post_data)" "http://$NEXUS_HOST:$NEXUS_PORT/service/rest/v1/repositories/docker/hosted"
)
echo "::endgroup::"

601
.github/workflows/ci.yml vendored
View File

@ -2,12 +2,26 @@ name: ci
on:
workflow_dispatch:
inputs:
buildx-version:
description: 'Buildx version or Git context'
default: 'latest'
required: false
buildkit-image:
description: 'BuildKit image'
default: 'moby/buildkit:buildx-stable-1'
required: false
schedule:
- cron: '0 10 * * *'
push:
branches:
- 'master'
- 'releases/v*'
pull_request:
branches:
- 'master'
env:
BUILDX_VERSION: latest
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
jobs:
minimal:
@ -21,6 +35,10 @@ jobs:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./action
@ -48,8 +66,10 @@ jobs:
id: buildx
uses: docker/setup-buildx-action@v2
with:
version: latest
driver-opts: network=host
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build and push
id: docker_build
@ -65,7 +85,7 @@ jobs:
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'
-
name: Check digest
run: |
@ -95,7 +115,10 @@ jobs:
id: buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: network=host
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build and push
id: docker_build
@ -121,7 +144,7 @@ jobs:
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'
-
name: Check digest
run: |
@ -132,12 +155,6 @@ jobs:
path-context:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx-version:
- ""
- latest
services:
registry:
image: registry:2
@ -155,8 +172,10 @@ jobs:
id: buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ matrix.buildx-version }}
driver-opts: network=host
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build and push
id: docker_build
@ -172,7 +191,7 @@ jobs:
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'
-
name: Check digest
run: |
@ -181,6 +200,69 @@ jobs:
exit 1
fi
example:
runs-on: ubuntu-latest
env:
DOCKER_IMAGE: localhost:5000/name/app
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.DOCKER_IMAGE }}
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build and export to Docker client
uses: ./
with:
context: ./test
file: ./test/Dockerfile
load: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
-
name: Build and push to local registry
uses: ./
with:
context: ./test
file: ./test/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
-
name: Inspect image
run: |
docker image inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }}
-
name: Check manifest
if: github.event_name != 'pull_request'
run: |
docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }} --format '{{json .}}'
error:
runs-on: ubuntu-latest
steps:
@ -220,6 +302,10 @@ jobs:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
id: docker_build
@ -280,6 +366,29 @@ jobs:
run: |
docker image inspect myimage:latest
secret:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
context: .
file: ./test/secret.Dockerfile
secrets: |
MYSECRET=foo
INVALID_SECRET=
network:
runs-on: ubuntu-latest
steps:
@ -289,6 +398,10 @@ jobs:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: List networks
run: docker network ls
@ -310,8 +423,9 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=moby/buildkit:master
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
@ -331,8 +445,10 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=moby/buildkit:master
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
@ -354,8 +470,10 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=moby/buildkit:master
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
@ -374,6 +492,11 @@ jobs:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
@ -385,25 +508,6 @@ jobs:
docker:10.180.0.1
foo:10.0.0.1
build-contexts:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build
uses: ./
with:
context: ./test
file: ./test/buildcontext.Dockerfile
build-contexts: |
alpine=docker-image://debian:stable-slim
tags: name/app:latest
no-cache-filters:
runs-on: ubuntu-latest
steps:
@ -413,6 +517,10 @@ jobs:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
@ -424,14 +532,137 @@ jobs:
cache-from: type=gha,scope=nocachefilter
cache-to: type=gha,scope=nocachefilter,mode=max
attests-compat:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- buildx: latest
buildkit: moby/buildkit:buildx-stable-1
- buildx: latest
buildkit: moby/buildkit:v0.10.6
- buildx: v0.9.1
buildkit: moby/buildkit:buildx-stable-1
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ matrix.buildx }}
driver-opts: |
network=host
image=${{ matrix.buildkit }}
-
name: Build
uses: ./
with:
context: ./test/go
file: ./test/go/Dockerfile
outputs: type=cacheonly
provenance:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
attrs:
- ''
- mode=max
- builder-id=foo
- false
- true
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
context: ./test/go
file: ./test/go/Dockerfile
target: binary
outputs: type=oci,dest=/tmp/build.tar
provenance: ${{ matrix.attrs }}
cache-from: type=gha,scope=provenance
cache-to: type=gha,scope=provenance,mode=max
sbom:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- target: image
output: type=image,name=localhost:5000/name/app:latest,push=true
- target: binary
output: /tmp/buildx-build
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
context: ./test/go
file: ./test/go/Dockerfile
target: ${{ matrix.target }}
outputs: ${{ matrix.output }}
sbom: true
cache-from: type=gha,scope=attests-${{ matrix.target }}
cache-to: type=gha,scope=attests-${{ matrix.target }},mode=max
-
name: Inspect image
if: matrix.target == 'image'
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
-
name: Check output folder
if: matrix.target == 'binary'
run: |
tree /tmp/buildx-build
-
name: Print provenance
if: matrix.target == 'binary'
run: |
cat /tmp/buildx-build/provenance.json | jq
-
name: Print SBOM
if: matrix.target == 'binary'
run: |
cat /tmp/buildx-build/sbom.spdx.json | jq
multi:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx-version:
- ""
- latest
dockerfile:
- multi
- multi-sudo
@ -452,8 +683,10 @@ jobs:
id: buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ matrix.buildx-version }}
driver-opts: network=host
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build and push
id: docker_build
@ -470,7 +703,7 @@ jobs:
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'
-
name: Check digest
run: |
@ -521,6 +754,7 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: ${{ matrix.driver }}
driver-opts: |
network=host
@ -582,13 +816,14 @@ jobs:
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build and push (1)
name: Build and push
id: docker_build
uses: ./
with:
@ -602,110 +837,10 @@ jobs:
localhost:5000/name/app:1.0.0
cache-from: type=registry,ref=localhost:5000/name/app
cache-to: type=inline
-
name: Inspect (1)
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest
-
name: Check digest (1)
run: |
if [ -z "${{ steps.docker_build.outputs.digest }}" ]; then
echo "::error::Digest should not be empty"
exit 1
fi
-
name: Prune
run: |
docker buildx prune -a -f --verbose
-
name: Build and push (2)
id: docker_build2
uses: ./
with:
context: ./test
file: ./test/multi.Dockerfile
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64
push: true
tags: |
localhost:5000/name/app:latest
localhost:5000/name/app:1.0.0
cache-from: type=registry,ref=localhost:5000/name/app
cache-to: type=inline
-
name: Inspect (2)
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest
-
name: Check digest (2)
run: |
if [ -z "${{ steps.docker_build2.outputs.digest }}" ]; then
echo "::error::Digest should not be empty"
exit 1
fi
-
name: Compare digests
run: |
echo Compare "${{ steps.docker_build.outputs.digest }}" with "${{ steps.docker_build2.outputs.digest }}"
if [ "${{ steps.docker_build.outputs.digest }}" != "${{ steps.docker_build2.outputs.digest }}" ]; then
echo "::error::Digests should be identical"
exit 1
fi
local-cache-first:
runs-on: ubuntu-latest
outputs:
digest: ${{ steps.docker_build.outputs.digest }}
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: |
network=host
-
name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-local-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-ghcache-
-
name: Erase cache
run: |
rm -rf /tmp/.buildx-cache/*
-
name: Build and push
id: docker_build
uses: ./
with:
context: ./test
file: ./test/multi.Dockerfile
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64
push: true
tags: |
localhost:5000/name/app:latest
localhost:5000/name/app:1.0.0
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
docker buildx imagetools inspect localhost:5000/name/app:latest --format '{{json .}}'
-
name: Check digest
run: |
@ -714,83 +849,8 @@ jobs:
exit 1
fi
local-cache-hit:
runs-on: ubuntu-latest
needs: local-cache-first
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: |
network=host
-
name: Cache Docker layers
uses: actions/cache@v3
id: cache
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-local-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-ghcache-
-
name: Build and push
id: docker_build
uses: ./
with:
context: ./test
file: ./test/multi.Dockerfile
builder: ${{ steps.buildx.outputs.name }}
platforms: linux/amd64,linux/arm64
push: true
tags: |
localhost:5000/name/app:latest
localhost:5000/name/app:1.0.0
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
-
name: Check digest
run: |
if [ -z "${{ steps.docker_build.outputs.digest }}" ]; then
echo "::error::Digest should not be empty"
exit 1
fi
-
name: Compare digests
run: |
echo Compare "${{ needs.local-cache-first.outputs.digest }}" with "${{ steps.docker_build.outputs.digest }}"
if [ "${{ needs.local-cache-first.outputs.digest }}" != "${{ steps.docker_build.outputs.digest }}" ]; then
echo "::error::Digests should be identical"
exit 1
fi
-
name: Cache hit
run: echo ${{ steps.cache.outputs.cache-hit }}
github-cache:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
buildx_version:
- ""
- latest
services:
registry:
image: registry:2
@ -807,9 +867,10 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ matrix.buildx_version }}
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
buildkitd-flags: --debug
-
name: Build and push
@ -827,7 +888,7 @@ jobs:
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:1.0.0
docker buildx imagetools inspect localhost:5000/name/app:1.0.0 --format '{{json .}}'
standalone:
runs-on: ubuntu-latest
@ -842,9 +903,101 @@ jobs:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
network=host
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
context: ./test
file: ./test/Dockerfile
named-context-pin:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build base image
uses: ./
with:
context: ./test
file: ./test/named-context.Dockerfile
build-contexts: |
alpine=docker-image://alpine:edge
named-context-docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver: docker
-
name: Build base image
uses: ./
with:
context: ./test
file: ./test/named-context-base.Dockerfile
load: true
tags: my-base-image:local
-
name: Build
uses: ./
with:
context: ./test
file: ./test/named-context.Dockerfile
build-contexts: |
base=docker-image://my-base-image:local
named-context-container:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
network=host
-
name: Build base image
uses: ./
with:
context: ./test
file: ./test/named-context-base.Dockerfile
tags: localhost:5000/my-base-image:latest
push: true
-
name: Build
uses: ./
with:
context: ./test
file: ./test/named-context.Dockerfile
build-contexts: |
alpine=docker-image://localhost:5000/my-base-image:latest

127
.github/workflows/e2e.yml vendored
View File

@ -2,85 +2,184 @@ name: e2e
on:
workflow_dispatch:
inputs:
buildx-version:
description: 'Buildx version or Git context'
default: 'latest'
required: false
buildkit-image:
description: 'BuildKit image'
default: 'moby/buildkit:buildx-stable-1'
required: false
tag:
description: 'Additional tag to push'
required: false
schedule:
- cron: '0 10 * * *'
push:
branches:
- 'master'
tags:
- v*
- 'v*'
env:
BUILDX_VERSION: latest
BUILDKIT_IMAGE: moby/buildkit:buildx-stable-1
HARBOR_VERSION: v2.7.0
NEXUS_VERSION: 3.47.1
DISTRIBUTION_VERSION: 2.8.1
jobs:
docker:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
-
name: Distribution
id: distribution
type: local
-
name: Docker Hub
registry: ''
slug: ghactionstest/ghactionstest
username_secret: DOCKERHUB_USERNAME
password_secret: DOCKERHUB_TOKEN
type: remote
-
name: GitHub
registry: ghcr.io
slug: ghcr.io/docker-ghactiontest/test
username_secret: GHCR_USERNAME
password_secret: GHCR_PAT
type: remote
-
name: GitLab
registry: registry.gitlab.com
slug: registry.gitlab.com/test1716/test
username_secret: GITLAB_USERNAME
password_secret: GITLAB_TOKEN
type: remote
-
name: AWS ECR
registry: 175142243308.dkr.ecr.us-east-2.amazonaws.com
slug: 175142243308.dkr.ecr.us-east-2.amazonaws.com/sandbox/test-docker-action
username_secret: AWS_ACCESS_KEY_ID
password_secret: AWS_SECRET_ACCESS_KEY
type: remote
-
name: AWS ECR Public
registry: public.ecr.aws
slug: public.ecr.aws/q3b5f1u4/test-docker-action
username_secret: AWS_ACCESS_KEY_ID
password_secret: AWS_SECRET_ACCESS_KEY
type: remote
-
name: Google Artifact Registry
registry: us-east4-docker.pkg.dev
slug: us-east4-docker.pkg.dev/sandbox-298914/docker-official-github-actions/test-docker-action
username_secret: GAR_USERNAME
password_secret: GAR_JSON_KEY
type: remote
-
name: Google Container Registry
registry: gcr.io
slug: gcr.io/sandbox-298914/test-docker-action
username_secret: GCR_USERNAME
password_secret: GCR_JSON_KEY
type: remote
-
name: Azure Container Registry
registry: officialgithubactions.azurecr.io
slug: officialgithubactions.azurecr.io/test-docker-action
username_secret: AZURE_CLIENT_ID
password_secret: AZURE_CLIENT_SECRET
type: remote
-
name: Quay
registry: quay.io
slug: quay.io/docker_build_team/ghactiontest
username_secret: QUAY_USERNAME
password_secret: QUAY_TOKEN
type: remote
-
name: Artifactory
registry: buildkitghactiontests.jfrog.io
slug: buildkitghactiontests.jfrog.io/ghactiontest/test-docker-action
username_secret: ARTIFACTORY_USERNAME
password_secret: ARTIFACTORY_TOKEN
type: remote
-
name: Harbor
id: harbor
type: local
-
name: Nexus
id: nexus
type: local
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up env
if: matrix.type == 'local'
run: |
cat ./.github/e2e/${{ matrix.id }}/env >> $GITHUB_ENV
-
name: Set up BuildKit config
run: |
touch /tmp/buildkitd.toml
if [ "${{ matrix.type }}" = "local" ]; then
echo -e "[registry.\"${{ env.REGISTRY_FQDN }}\"]\nhttp = true\ninsecure = true" > /tmp/buildkitd.toml
fi
-
name: Set up Docker daemon
if: matrix.type == 'local'
run: |
if [ ! -e /etc/docker/daemon.json ]; then
echo '{}' | tee /etc/docker/daemon.json >/dev/null
fi
DOCKERD_CONFIG=$(jq '.+{"insecure-registries":["http://${{ env.REGISTRY_FQDN }}"]}' /etc/docker/daemon.json)
sudo tee /etc/docker/daemon.json <<<"$DOCKERD_CONFIG" >/dev/null
sudo service docker restart
-
name: Install ${{ matrix.name }}
if: matrix.type == 'local'
run: |
sudo -E bash ./.github/e2e/${{ matrix.id }}/install.sh
-
name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ matrix.slug }}
images: ${{ env.REGISTRY_SLUG || matrix.slug }}
tags: |
type=ref,event=branch
type=ref,event=tag
type=raw,value=${{ inputs.tag }},enable=${{ inputs.tag != '' }}
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
config: /tmp/buildkitd.toml
buildkitd-flags: --debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
network=host
-
name: Login to Registry
if: github.event_name != 'pull_request'
if: github.event_name != 'pull_request' && (env.REGISTRY_USER || matrix.username_secret) != ''
uses: docker/login-action@v2
with:
registry: ${{ matrix.registry }}
username: ${{ secrets[matrix.username_secret] }}
password: ${{ secrets[matrix.password_secret] }}
registry: ${{ env.REGISTRY_FQDN || matrix.registry }}
username: ${{ env.REGISTRY_USER || secrets[matrix.username_secret] }}
password: ${{ env.REGISTRY_PASSWORD || secrets[matrix.password_secret] }}
-
name: Build and push
uses: ./
@ -91,20 +190,14 @@ jobs:
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=registry,ref=${{ matrix.slug }}:master
cache-from: type=registry,ref=${{ env.REGISTRY_SLUG || matrix.slug }}:master
cache-to: type=inline
-
name: Inspect image
if: github.event_name != 'pull_request'
run: |
docker pull ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
docker image inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
docker pull ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
docker image inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }}
-
name: Check manifest
if: github.event_name != 'pull_request'
run: |
docker buildx imagetools inspect ${{ matrix.slug }}:${{ steps.meta.outputs.version }}
-
name: Dump context
if: always()
uses: crazy-max/ghaction-dump-context@v1
docker buildx imagetools inspect ${{ env.REGISTRY_SLUG || matrix.slug }}:${{ steps.meta.outputs.version }} --format '{{json .}}'

78
.github/workflows/example.yml vendored
View File

@ -1,78 +0,0 @@
# This workflow is provided just as an example and not for repo testing/verification
name: example
on:
schedule:
- cron: '0 10 * * 0'
push:
branches:
- '**'
tags:
- 'v*.*.*'
pull_request:
env:
DOCKER_IMAGE: localhost:5000/name/app
jobs:
docker:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
images: ${{ env.DOCKER_IMAGE }}
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: network=host
-
name: Build and export to Docker client
uses: ./
with:
context: ./test
file: ./test/Dockerfile
load: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
-
name: Build and push to local registry
uses: ./
with:
context: ./test
file: ./test/Dockerfile
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
-
name: Inspect image
run: |
docker image inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }}
-
name: Check manifest
if: github.event_name != 'pull_request'
run: |
docker buildx imagetools inspect ${{ env.DOCKER_IMAGE }}:${{ steps.meta.outputs.version }}
-
name: Dump context
if: always()
uses: crazy-max/ghaction-dump-context@v1

10
.github/workflows/test.yml vendored
View File

@ -4,9 +4,8 @@ on:
push:
branches:
- 'master'
- 'releases/v*'
pull_request:
branches:
- 'master'
jobs:
test:
@ -15,14 +14,9 @@ jobs:
-
name: Checkout
uses: actions/checkout@v3
-
name: Validate
uses: docker/bake-action@v2
with:
targets: validate
-
name: Test
uses: docker/bake-action@v2
uses: docker/bake-action@v3
with:
targets: test
-

41
.github/workflows/validate.yml vendored Normal file
View File

@ -0,0 +1,41 @@
name: validate
on:
push:
branches:
- 'master'
- 'releases/v*'
pull_request:
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
targets: ${{ steps.targets.outputs.matrix }}
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Targets matrix
id: targets
run: |
echo "matrix=$(docker buildx bake validate --print | jq -cr '.group.validate.targets')" >> $GITHUB_OUTPUT
validate:
runs-on: ubuntu-latest
needs:
- prepare
strategy:
fail-fast: false
matrix:
target: ${{ fromJson(needs.prepare.outputs.targets) }}
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Validate
uses: docker/bake-action@v3
with:
targets: ${{ matrix.target }}

72
.github/workflows/virtual-env.yml vendored
View File

@ -1,72 +0,0 @@
name: virtual-env
on:
workflow_dispatch:
schedule:
- cron: '0 10 * * *'
push:
branches:
- 'master'
paths:
- '.github/workflows/virtual-env.yml'
pull_request:
branches:
- 'master'
paths:
- '.github/workflows/virtual-env.yml'
jobs:
os:
runs-on: ${{ matrix.os }}
strategy:
fail-fast: false
matrix:
os:
- ubuntu-latest
- ubuntu-22.04
- ubuntu-20.04
- ubuntu-18.04
steps:
-
name: File system
run: df -ah
-
name: Mounts
run: mount
-
name: Node info
run: node -p process
-
name: NPM version
run: npm version
-
name: List install packages
run: apt list --installed
-
name: Docker daemon conf
run: |
cat /etc/docker/daemon.json
-
name: Docker info
run: docker info
-
name: Docker version
run: docker version
-
name: Cgroups
run: |
sudo apt-get install -y cgroup-tools
lscgroup
-
name: buildx version
run: docker buildx version
-
name: containerd version
run: containerd --version
-
name: Docker images
run: docker image ls
-
name: Dump context
if: always()
uses: crazy-max/ghaction-dump-context@v1

4
.gitignore vendored
View File

@ -1,10 +1,6 @@
node_modules
lib
# Jetbrains
/.idea
/*.iml
# Rest of the file pulled from https://github.com/github/gitignore/blob/master/Node.gitignore
# Logs
logs

212
README.md
View File

@ -1,14 +1,15 @@
[![GitHub release](https://img.shields.io/github/release/docker/build-push-action.svg?style=flat-square)](https://github.com/docker/build-push-action/releases/latest)
[![GitHub marketplace](https://img.shields.io/badge/marketplace-build--and--push--docker--images-blue?logo=github&style=flat-square)](https://github.com/marketplace/actions/build-and-push-docker-images)
[![CI workflow](https://img.shields.io/github/workflow/status/docker/build-push-action/ci?label=ci&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=ci)
[![Test workflow](https://img.shields.io/github/workflow/status/docker/build-push-action/test?label=test&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=test)
[![CI workflow](https://img.shields.io/github/actions/workflow/status/docker/build-push-action/ci.yml?branch=master&label=ci&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=ci)
[![Test workflow](https://img.shields.io/github/actions/workflow/status/docker/build-push-action/test.yml?branch=master&label=test&logo=github&style=flat-square)](https://github.com/docker/build-push-action/actions?workflow=test)
[![Codecov](https://img.shields.io/codecov/c/github/docker/build-push-action?logo=codecov&style=flat-square)](https://codecov.io/gh/docker/build-push-action)
## About
GitHub Action to build and push Docker images with [Buildx](https://github.com/docker/buildx) with full support of the
features provided by [Moby BuildKit](https://github.com/moby/buildkit) builder toolkit. This includes multi-platform
build, secrets, remote cache, etc. and different builder deployment/namespacing options.
GitHub Action to build and push Docker images with [Buildx](https://github.com/docker/buildx)
with full support of the features provided by [Moby BuildKit](https://github.com/moby/buildkit)
builder toolkit. This includes multi-platform build, secrets, remote cache, etc.
and different builder deployment/namespacing options.
![Screenshot](.github/build-push-action.png)
@ -17,43 +18,46 @@ ___
* [Usage](#usage)
* [Git context](#git-context)
* [Path context](#path-context)
* [Advanced usage](#advanced-usage)
* [Multi-platform image](docs/advanced/multi-platform.md)
* [Secrets](docs/advanced/secrets.md)
* [Isolated builders](docs/advanced/isolated-builders.md)
* [Push to multi-registries](docs/advanced/push-multi-registries.md)
* [Copy between registries](docs/advanced/copy-between-registries.md)
* [Cache](docs/advanced/cache.md)
* [Local registry](docs/advanced/local-registry.md)
* [Export image to Docker](docs/advanced/export-docker.md)
* [Share built image between jobs](docs/advanced/share-image-jobs.md)
* [Test your image before pushing it](docs/advanced/test-before-push.md)
* [Handle tags and labels](docs/advanced/tags-labels.md)
* [Update DockerHub repo description](docs/advanced/dockerhub-desc.md)
* [Examples](#examples)
* [Multi-platform image](https://docs.docker.com/build/ci/github-actions/multi-platform/)
* [Secrets](https://docs.docker.com/build/ci/github-actions/secrets/)
* [Push to multi-registries](https://docs.docker.com/build/ci/github-actions/push-multi-registries/)
* [Manage tags and labels](https://docs.docker.com/build/ci/github-actions/manage-tags-labels/)
* [Cache management](https://docs.docker.com/build/ci/github-actions/cache/)
* [Export to Docker](https://docs.docker.com/build/ci/github-actions/export-docker/)
* [Test before push](https://docs.docker.com/build/ci/github-actions/test-before-push/)
* [Local registry](https://docs.docker.com/build/ci/github-actions/local-registry/)
* [Share built image between jobs](https://docs.docker.com/build/ci/github-actions/share-image-jobs/)
* [Named contexts](https://docs.docker.com/build/ci/github-actions/named-contexts/)
* [Copy image between registries](https://docs.docker.com/build/ci/github-actions/copy-image-registries/)
* [Update Docker Hub repo description](https://docs.docker.com/build/ci/github-actions/update-dockerhub-desc/)
* [Customizing](#customizing)
* [inputs](#inputs)
* [outputs](#outputs)
* [Troubleshooting](#troubleshooting)
* [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot)
* [Contributing](#contributing)
## Usage
In the examples below we are also using 3 other actions:
* [`setup-buildx`](https://github.com/docker/setup-buildx-action) action will create and boot a builder using by
default the `docker-container` [builder driver](https://github.com/docker/buildx/blob/master/docs/reference/buildx_create.md#driver).
This is **not required but recommended** using it to be able to build multi-platform images, export cache, etc.
* [`setup-qemu`](https://github.com/docker/setup-qemu-action) action can be useful if you want
to add emulation support with QEMU to be able to build against more platforms.
* [`login`](https://github.com/docker/login-action) action will take care to log in against a Docker registry.
* [`setup-buildx`](https://github.com/docker/setup-buildx-action) action will
create and boot a builder using by default the [`docker-container` driver](https://docs.docker.com/build/building/drivers/docker-container/).
This is **not required but recommended** using it to be able to build
multi-platform images, export cache, etc.
* [`setup-qemu`](https://github.com/docker/setup-qemu-action) action can be
useful if you want to add emulation support with QEMU to be able to build
against more platforms.
* [`login`](https://github.com/docker/login-action) action will take care to
log in against a Docker registry.
### Git context
By default, this action uses the [Git context](#git-context) so you don't need
to use the [`actions/checkout`](https://github.com/actions/checkout/) action to
check out the repository because this will be done directly by [BuildKit](https://github.com/moby/buildkit).
By default, this action uses the [Git context](https://docs.docker.com/engine/reference/commandline/build/#git-repositories),
so you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/)
action to check out the repository as this will be done directly by [BuildKit](https://github.com/moby/buildkit).
The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/reference/events-that-trigger-workflows)
The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows)
and will result in the following context: `https://github.com/<owner>/<repo>.git#<ref>`.
```yaml
@ -75,14 +79,14 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
push: true
tags: user/app:latest
@ -100,25 +104,37 @@ expression `{{defaultContext}}`. Here we can use it to provide a subdirectory
to the default Git context:
```yaml
-
# Setting up Docker Buildx with docker-container driver is required
# at the moment to be able to use a subdirectory with Git context
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: "{{defaultContext}}:mysubdir"
push: true
tags: user/app:latest
```
> :warning: Subdirectory for Git context is not yet available for the buildx [`docker` driver](https://github.com/docker/buildx/blob/master/docs/reference/buildx_create.md#driver).
Building from the current repository automatically uses the [GitHub Token](https://help.github.com/en/actions/configuring-and-managing-workflows/authenticating-with-the-github_token)
> **Warning**
>
> Subdirectory for Git context is available from [BuildKit v0.9.0](https://github.com/moby/buildkit/releases/tag/v0.9.0).
> If you're using the `docker` builder (default if `setup-buildx-action` not used),
> then BuildKit in Docker Engine will be used. As Docker Engine < v22.x.x embeds
> Buildkit 0.8.2 at the moment, it does not support this feature. It's therefore
> required to use the `setup-buildx-action` at the moment.
Building from the current repository automatically uses the [GitHub Token](https://docs.github.com/en/actions/security-guides/automatic-token-authentication),
so it does not need to be passed. If you want to authenticate against another
private repository, you have to use a [secret](docs/advanced/secrets.md) named
`GIT_AUTH_TOKEN` to be able to authenticate against it with buildx:
private repository, you have to use a [secret](https://docs.docker.com/build/ci/github-actions/secrets)
named `GIT_AUTH_TOKEN` to be able to authenticate against it with Buildx:
```yaml
-
name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
push: true
tags: user/app:latest
@ -150,34 +166,34 @@ jobs:
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
push: true
tags: user/app:latest
```
## Advanced usage
## Examples
* [Multi-platform image](docs/advanced/multi-platform.md)
* [Secrets](docs/advanced/secrets.md)
* [Isolated builders](docs/advanced/isolated-builders.md)
* [Push to multi-registries](docs/advanced/push-multi-registries.md)
* [Copy between registries](docs/advanced/copy-between-registries.md)
* [Cache](docs/advanced/cache.md)
* [Local registry](docs/advanced/local-registry.md)
* [Export image to Docker](docs/advanced/export-docker.md)
* [Share built image between jobs](docs/advanced/share-image-jobs.md)
* [Test your image before pushing it](docs/advanced/test-before-push.md)
* [Handle tags and labels](docs/advanced/tags-labels.md)
* [Update DockerHub repo description](docs/advanced/dockerhub-desc.md)
* [Multi-platform image](https://docs.docker.com/build/ci/github-actions/multi-platform/)
* [Secrets](https://docs.docker.com/build/ci/github-actions/secrets/)
* [Push to multi-registries](https://docs.docker.com/build/ci/github-actions/push-multi-registries/)
* [Manage tags and labels](https://docs.docker.com/build/ci/github-actions/manage-tags-labels/)
* [Cache management](https://docs.docker.com/build/ci/github-actions/cache/)
* [Export to Docker](https://docs.docker.com/build/ci/github-actions/export-docker/)
* [Test before push](https://docs.docker.com/build/ci/github-actions/test-before-push/)
* [Local registry](https://docs.docker.com/build/ci/github-actions/local-registry/)
* [Share built image between jobs](https://docs.docker.com/build/ci/github-actions/share-image-jobs/)
* [Named contexts](https://docs.docker.com/build/ci/github-actions/named-contexts/)
* [Copy image between registries](https://docs.docker.com/build/ci/github-actions/copy-image-registries/)
* [Update Docker Hub repo description](https://docs.docker.com/build/ci/github-actions/update-dockerhub-desc/)
## Customizing
@ -197,62 +213,58 @@ Following inputs can be used as `step.with` keys
> tags: name/app:latest,name/app:1.0.0
> ```
| Name | Type | Description |
|--------------------|----------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `add-hosts` | List/CSV | List of [customs host-to-IP mapping](https://docs.docker.com/engine/reference/commandline/build/#add-entries-to-container-hosts-file---add-host) (e.g., `docker:10.180.0.1`) |
| `allow` | List/CSV | List of [extra privileged entitlement](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#allow) (e.g., `network.host,security.insecure`) |
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `build-args` | List | List of [build-time variables](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#build-arg) |
| `build-contexts` | List | List of additional [build contexts](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#build-context) (e.g., `name=path`) |
| `cache-from` | List | List of [external cache sources](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) (e.g., `type=local,src=path/to/dir`) |
| `cache-to` | List | List of [cache export destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-to) (e.g., `type=local,dest=path/to/dir`) |
| `cgroup-parent` | String | Optional [parent cgroup](https://docs.docker.com/engine/reference/commandline/build/#use-a-custom-parent-cgroup---cgroup-parent) for the container used in the build |
| `context` | String | Build's context is the set of files located in the specified [`PATH` or `URL`](https://docs.docker.com/engine/reference/commandline/build/) (default [Git context](#git-context)) |
| `file` | String | Path to the Dockerfile. (default `{context}/Dockerfile`) |
| `labels` | List | List of metadata for an image |
| `load` | Bool | [Load](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#load) is a shorthand for `--output=type=docker` (default `false`) |
| `network` | String | Set the networking mode for the `RUN` instructions during build |
| `no-cache` | Bool | Do not use cache when building the image (default `false`) |
| `no-cache-filters` | List/CSV | Do not cache specified stages |
| `outputs` | List | List of [output destinations](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#output) (format: `type=local,dest=path`) |
| `platforms` | List/CSV | List of [target platforms](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#platform) for build |
| `pull` | Bool | Always attempt to pull all referenced images (default `false`) |
| `push` | Bool | [Push](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#push) is a shorthand for `--output=type=registry` (default `false`) |
| `secrets` | List | List of [secrets](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#secret) to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`) |
| `secret-files` | List | List of [secret files](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#secret) to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`) |
| `shm-size` | String | Size of [`/dev/shm`](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-size-of-devshm---shm-size) (e.g., `2g`) |
| `ssh` | List | List of [SSH agent socket or keys](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#ssh) to expose to the build |
| `tags` | List/CSV | List of tags |
| `target` | String | Sets the target stage to build |
| `ulimit` | List | [Ulimit](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#-set-ulimits---ulimit) options (e.g., `nofile=1024:1024`) |
| `github-token` | String | GitHub Token used to authenticate against a repository for [Git context](#git-context) (default `${{ github.token }}`) |
| Name | Type | Description |
|--------------------|-------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `add-hosts` | List/CSV | List of [customs host-to-IP mapping](https://docs.docker.com/engine/reference/commandline/build/#add-entries-to-container-hosts-file---add-host) (e.g., `docker:10.180.0.1`) |
| `allow` | List/CSV | List of [extra privileged entitlement](https://docs.docker.com/engine/reference/commandline/buildx_build/#allow) (e.g., `network.host,security.insecure`) |
| `attests` | List | List of [attestation](https://docs.docker.com/build/attestations/) parameters (e.g., `type=sbom,generator=image`) |
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `build-args` | List | List of [build-time variables](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-arg) |
| `build-contexts` | List | List of additional [build contexts](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-context) (e.g., `name=path`) |
| `cache-from` | List | List of [external cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from) (e.g., `type=local,src=path/to/dir`) |
| `cache-to` | List | List of [cache export destinations](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-to) (e.g., `type=local,dest=path/to/dir`) |
| `cgroup-parent` | String | Optional [parent cgroup](https://docs.docker.com/engine/reference/commandline/build/#use-a-custom-parent-cgroup---cgroup-parent) for the container used in the build |
| `context` | String | Build's context is the set of files located in the specified [`PATH` or `URL`](https://docs.docker.com/engine/reference/commandline/build/) (default [Git context](#git-context)) |
| `file` | String | Path to the Dockerfile. (default `{context}/Dockerfile`) |
| `labels` | List | List of metadata for an image |
| `load` | Bool | [Load](https://docs.docker.com/engine/reference/commandline/buildx_build/#load) is a shorthand for `--output=type=docker` (default `false`) |
| `network` | String | Set the networking mode for the `RUN` instructions during build |
| `no-cache` | Bool | Do not use cache when building the image (default `false`) |
| `no-cache-filters` | List/CSV | Do not cache specified stages |
| `outputs`¹ | List | List of [output destinations](https://docs.docker.com/engine/reference/commandline/buildx_build/#output) (format: `type=local,dest=path`) |
| `platforms` | List/CSV | List of [target platforms](https://docs.docker.com/engine/reference/commandline/buildx_build/#platform) for build |
| `provenance` | Bool/String | Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build (shorthand for `--attest=type=provenance`) |
| `pull` | Bool | Always attempt to pull all referenced images (default `false`) |
| `push` | Bool | [Push](https://docs.docker.com/engine/reference/commandline/buildx_build/#push) is a shorthand for `--output=type=registry` (default `false`) |
| `sbom` | Bool/String | Generate [SBOM](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest=type=sbom`) |
| `secrets` | List | List of [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=string`, `GIT_AUTH_TOKEN=mytoken`) |
| `secret-files` | List | List of [secret files](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to expose to the build (e.g., `key=filename`, `MY_SECRET=./secret.txt`) |
| `shm-size` | String | Size of [`/dev/shm`](https://docs.docker.com/engine/reference/commandline/buildx_build/#shm-size) (e.g., `2g`) |
| `ssh` | List | List of [SSH agent socket or keys](https://docs.docker.com/engine/reference/commandline/buildx_build/#ssh) to expose to the build |
| `tags` | List/CSV | List of tags |
| `target` | String | Sets the target stage to build |
| `ulimit` | List | [Ulimit](https://docs.docker.com/engine/reference/commandline/buildx_build/#ulimit) options (e.g., `nofile=1024:1024`) |
| `github-token` | String | GitHub Token used to authenticate against a repository for [Git context](#git-context) (default `${{ github.token }}`) |
> **Note**
>
> * ¹ multiple `outputs` are [not yet supported](https://github.com/moby/buildkit/issues/1555)
### outputs
Following outputs are available
| Name | Type | Description |
|------------|---------|-----------------------------------------|
| `imageid` | String | Image ID |
| `digest` | String | Image digest |
| `metadata` | JSON | Build result metadata |
| Name | Type | Description |
|------------|---------|-----------------------|
| `imageid` | String | Image ID |
| `digest` | String | Image digest |
| `metadata` | JSON | Build result metadata |
## Troubleshooting
See [TROUBLESHOOTING.md](TROUBLESHOOTING.md)
## Keep up-to-date with GitHub Dependabot
## Contributing
Since [Dependabot](https://docs.github.com/en/github/administering-a-repository/keeping-your-actions-up-to-date-with-github-dependabot)
has [native GitHub Actions support](https://docs.github.com/en/github/administering-a-repository/configuration-options-for-dependency-updates#package-ecosystem),
to enable it on your GitHub repo all you need to do is add the `.github/dependabot.yml` file:
```yaml
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "daily"
```
Want to contribute? Awesome! You can find information about contributing to
this project in the [CONTRIBUTING.md](/.github/CONTRIBUTING.md)

10
TROUBLESHOOTING.md
View File

@ -16,7 +16,7 @@ While pushing to a registry, you may encounter these kinds of issues:
* `unexpected response: 401 Unauthorized`
These issues are not directly related to this action but are rather linked to
[buildx](https://github.com/docker/buildx), [buildkit](https://github.com/moby/buildkit),
[Buildx](https://github.com/docker/buildx), [BuildKit](https://github.com/moby/buildkit),
[containerd](https://github.com/containerd/containerd) or the registry on which
you're pushing your image. The quality of error message depends on the registry
and are usually not very informative.
@ -29,7 +29,7 @@ action step and attach BuildKit container logs to your issue.
### With containerd
Next you can test pushing with [containerd action](https://github.com/crazy-max/ghaction-setup-containerd)
using the following workflow. If it works then open an issue on [buildkit](https://github.com/moby/buildkit)
using the following workflow. If it works then open an issue on [BuildKit](https://github.com/moby/buildkit)
repository.
```yaml
@ -58,7 +58,7 @@ jobs:
uses: crazy-max/ghaction-setup-containerd@v2
-
name: Build Docker image
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
platforms: linux/amd64,linux/arm64
@ -111,7 +111,7 @@ to generate sanitized tags:
tags: latest
- name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
push: true
@ -129,7 +129,7 @@ Or a dedicated step to sanitize the slug:
script: return 'ghcr.io/${{ github.repository }}'.toLowerCase()
- name: Build and push
uses: docker/build-push-action@v3
uses: docker/build-push-action@v4
with:
context: .
push: true

207
__mocks__/@actions/github.ts Normal file
View File

@ -0,0 +1,207 @@
import {jest} from '@jest/globals';
export const context = {
repo: {
owner: 'docker',
repo: 'build-push-action'
},
ref: 'refs/heads/master',
runId: 123456789,
payload: {
after: '860c1904a1ce19322e91ac35af1ab07466440c37',
base_ref: null,
before: '5f3331d7f7044c18ca9f12c77d961c4d7cf3276a',
commits: [
{
author: {
email: 'crazy-max@users.noreply.github.com',
name: 'CrazyMax',
username: 'crazy-max'
},
committer: {
email: 'crazy-max@users.noreply.github.com',
name: 'CrazyMax',
username: 'crazy-max'
},
distinct: true,
id: '860c1904a1ce19322e91ac35af1ab07466440c37',
message: 'hello dev',
timestamp: '2022-04-19T11:27:24+02:00',
tree_id: 'd2c60af597e863787d2d27f569e30495b0b92820',
url: 'https://github.com/docker/test-docker-action/commit/860c1904a1ce19322e91ac35af1ab07466440c37'
}
],
compare: 'https://github.com/docker/test-docker-action/compare/5f3331d7f704...860c1904a1ce',
created: false,
deleted: false,
forced: false,
head_commit: {
author: {
email: 'crazy-max@users.noreply.github.com',
name: 'CrazyMax',
username: 'crazy-max'
},
committer: {
email: 'crazy-max@users.noreply.github.com',
name: 'CrazyMax',
username: 'crazy-max'
},
distinct: true,
id: '860c1904a1ce19322e91ac35af1ab07466440c37',
message: 'hello dev',
timestamp: '2022-04-19T11:27:24+02:00',
tree_id: 'd2c60af597e863787d2d27f569e30495b0b92820',
url: 'https://github.com/docker/test-docker-action/commit/860c1904a1ce19322e91ac35af1ab07466440c37'
},
organization: {
avatar_url: 'https://avatars.githubusercontent.com/u/5429470?v=4',
description: 'Docker helps developers bring their ideas to life by conquering the complexity of app development.',
events_url: 'https://api.github.com/orgs/docker/events',
hooks_url: 'https://api.github.com/orgs/docker/hooks',
id: 5429470,
issues_url: 'https://api.github.com/orgs/docker/issues',
login: 'docker',
members_url: 'https://api.github.com/orgs/docker/members{/member}',
node_id: 'MDEyOk9yZ2FuaXphdGlvbjU0Mjk0NzA=',
public_members_url: 'https://api.github.com/orgs/docker/public_members{/member}',
repos_url: 'https://api.github.com/orgs/docker/repos',
url: 'https://api.github.com/orgs/docker'
},
pusher: {
email: 'github@crazymax.dev',
name: 'crazy-max'
},
ref: 'refs/heads/dev',
repository: {
allow_forking: true,
archive_url: 'https://api.github.com/repos/docker/test-docker-action/{archive_format}{/ref}',
archived: false,
assignees_url: 'https://api.github.com/repos/docker/test-docker-action/assignees{/user}',
blobs_url: 'https://api.github.com/repos/docker/test-docker-action/git/blobs{/sha}',
branches_url: 'https://api.github.com/repos/docker/test-docker-action/branches{/branch}',
clone_url: 'https://github.com/docker/test-docker-action.git',
collaborators_url: 'https://api.github.com/repos/docker/test-docker-action/collaborators{/collaborator}',
comments_url: 'https://api.github.com/repos/docker/test-docker-action/comments{/number}',
commits_url: 'https://api.github.com/repos/docker/test-docker-action/commits{/sha}',
compare_url: 'https://api.github.com/repos/docker/test-docker-action/compare/{base}...{head}',
contents_url: 'https://api.github.com/repos/docker/test-docker-action/contents/{+path}',
contributors_url: 'https://api.github.com/repos/docker/test-docker-action/contributors',
created_at: 1596792180,
default_branch: 'master',
deployments_url: 'https://api.github.com/repos/docker/test-docker-action/deployments',
description: 'Test "Docker" Actions',
disabled: false,
downloads_url: 'https://api.github.com/repos/docker/test-docker-action/downloads',
events_url: 'https://api.github.com/repos/docker/test-docker-action/events',
fork: false,
forks: 1,
forks_count: 1,
forks_url: 'https://api.github.com/repos/docker/test-docker-action/forks',
full_name: 'docker/test-docker-action',
git_commits_url: 'https://api.github.com/repos/docker/test-docker-action/git/commits{/sha}',
git_refs_url: 'https://api.github.com/repos/docker/test-docker-action/git/refs{/sha}',
git_tags_url: 'https://api.github.com/repos/docker/test-docker-action/git/tags{/sha}',
git_url: 'git://github.com/docker/test-docker-action.git',
has_downloads: true,
has_issues: true,
has_pages: false,
has_projects: true,
has_wiki: true,
homepage: '',
hooks_url: 'https://api.github.com/repos/docker/test-docker-action/hooks',
html_url: 'https://github.com/docker/test-docker-action',
id: 285789493,
is_template: false,
issue_comment_url: 'https://api.github.com/repos/docker/test-docker-action/issues/comments{/number}',
issue_events_url: 'https://api.github.com/repos/docker/test-docker-action/issues/events{/number}',
issues_url: 'https://api.github.com/repos/docker/test-docker-action/issues{/number}',
keys_url: 'https://api.github.com/repos/docker/test-docker-action/keys{/key_id}',
labels_url: 'https://api.github.com/repos/docker/test-docker-action/labels{/name}',
language: 'JavaScript',
languages_url: 'https://api.github.com/repos/docker/test-docker-action/languages',
license: {
key: 'mit',
name: 'MIT License',
node_id: 'MDc6TGljZW5zZTEz',
spdx_id: 'MIT',
url: 'https://api.github.com/licenses/mit'
},
master_branch: 'master',
merges_url: 'https://api.github.com/repos/docker/test-docker-action/merges',
milestones_url: 'https://api.github.com/repos/docker/test-docker-action/milestones{/number}',
mirror_url: null,
name: 'test-docker-action',
node_id: 'MDEwOlJlcG9zaXRvcnkyODU3ODk0OTM=',
notifications_url: 'https://api.github.com/repos/docker/test-docker-action/notifications{?since,all,participating}',
open_issues: 6,
open_issues_count: 6,
organization: 'docker',
owner: {
avatar_url: 'https://avatars.githubusercontent.com/u/5429470?v=4',
email: 'info@docker.com',
events_url: 'https://api.github.com/users/docker/events{/privacy}',
followers_url: 'https://api.github.com/users/docker/followers',
following_url: 'https://api.github.com/users/docker/following{/other_user}',
gists_url: 'https://api.github.com/users/docker/gists{/gist_id}',
gravatar_id: '',
html_url: 'https://github.com/docker',
id: 5429470,
login: 'docker',
name: 'docker',
node_id: 'MDEyOk9yZ2FuaXphdGlvbjU0Mjk0NzA=',
organizations_url: 'https://api.github.com/users/docker/orgs',
received_events_url: 'https://api.github.com/users/docker/received_events',
repos_url: 'https://api.github.com/users/docker/repos',
site_admin: false,
starred_url: 'https://api.github.com/users/docker/starred{/owner}{/repo}',
subscriptions_url: 'https://api.github.com/users/docker/subscriptions',
type: 'Organization',
url: 'https://api.github.com/users/docker'
},
private: true,
pulls_url: 'https://api.github.com/repos/docker/test-docker-action/pulls{/number}',
pushed_at: 1650360446,
releases_url: 'https://api.github.com/repos/docker/test-docker-action/releases{/id}',
size: 796,
ssh_url: 'git@github.com:docker/test-docker-action.git',
stargazers: 0,
stargazers_count: 0,
stargazers_url: 'https://api.github.com/repos/docker/test-docker-action/stargazers',
statuses_url: 'https://api.github.com/repos/docker/test-docker-action/statuses/{sha}',
subscribers_url: 'https://api.github.com/repos/docker/test-docker-action/subscribers',
subscription_url: 'https://api.github.com/repos/docker/test-docker-action/subscription',
svn_url: 'https://github.com/docker/test-docker-action',
tags_url: 'https://api.github.com/repos/docker/test-docker-action/tags',
teams_url: 'https://api.github.com/repos/docker/test-docker-action/teams',
topics: [],
trees_url: 'https://api.github.com/repos/docker/test-docker-action/git/trees{/sha}',
updated_at: '2022-04-19T09:05:09Z',
url: 'https://github.com/docker/test-docker-action',
visibility: 'private',
watchers: 0,
watchers_count: 0
},
sender: {
avatar_url: 'https://avatars.githubusercontent.com/u/1951866?v=4',
events_url: 'https://api.github.com/users/crazy-max/events{/privacy}',
followers_url: 'https://api.github.com/users/crazy-max/followers',
following_url: 'https://api.github.com/users/crazy-max/following{/other_user}',
gists_url: 'https://api.github.com/users/crazy-max/gists{/gist_id}',
gravatar_id: '',
html_url: 'https://github.com/crazy-max',
id: 1951866,
login: 'crazy-max',
node_id: 'MDQ6VXNlcjE5NTE4NjY=',
organizations_url: 'https://api.github.com/users/crazy-max/orgs',
received_events_url: 'https://api.github.com/users/crazy-max/received_events',
repos_url: 'https://api.github.com/users/crazy-max/repos',
site_admin: false,
starred_url: 'https://api.github.com/users/crazy-max/starred{/owner}{/repo}',
subscriptions_url: 'https://api.github.com/users/crazy-max/subscriptions',
type: 'User',
url: 'https://api.github.com/users/crazy-max'
}
}
};
export const getOctokit = jest.fn();

147
__tests__/buildx.test.ts
View File

@ -1,147 +0,0 @@
import {describe, expect, it, jest, test} from '@jest/globals';
import * as fs from 'fs';
import * as path from 'path';
import * as semver from 'semver';
import * as exec from '@actions/exec';
import * as buildx from '../src/buildx';
import * as context from '../src/context';
const tmpNameSync = path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
const imageID = 'sha256:bfb45ab72e46908183546477a08f8867fc40cebadd00af54b071b097aed127a9';
const metadata = `{
"containerimage.config.digest": "sha256:059b68a595b22564a1cbc167af369349fdc2ecc1f7bc092c2235cbf601a795fd",
"containerimage.digest": "sha256:b09b9482c72371486bb2c1d2c2a2633ed1d0b8389e12c8d52b9e052725c0c83c"
}`;
jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
const tmpDir = path.join('/tmp/.docker-build-push-jest').split(path.sep).join(path.posix.sep);
if (!fs.existsSync(tmpDir)) {
fs.mkdirSync(tmpDir, {recursive: true});
}
return tmpDir;
});
jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
return tmpNameSync;
});
describe('getImageID', () => {
it('matches', async () => {
const imageIDFile = await buildx.getImageIDFile();
await fs.writeFileSync(imageIDFile, imageID);
const expected = await buildx.getImageID();
expect(expected).toEqual(imageID);
});
});
describe('getMetadata', () => {
it('matches', async () => {
const metadataFile = await buildx.getMetadataFile();
await fs.writeFileSync(metadataFile, metadata);
const expected = await buildx.getMetadata();
expect(expected).toEqual(metadata);
});
});
describe('getDigest', () => {
it('matches', async () => {
const metadataFile = await buildx.getMetadataFile();
await fs.writeFileSync(metadataFile, metadata);
const expected = await buildx.getDigest(metadata);
expect(expected).toEqual('sha256:b09b9482c72371486bb2c1d2c2a2633ed1d0b8389e12c8d52b9e052725c0c83c');
});
});
describe('isLocalOrTarExporter', () => {
test.each([
[['type=registry,ref=user/app'], false],
[['type=docker'], false],
[['type=local,dest=./release-out'], true],
[['type=tar,dest=/tmp/image.tar'], true],
[['type=docker', 'type=tar,dest=/tmp/image.tar'], true],
[['"type=tar","dest=/tmp/image.tar"'], true],
[['" type= local" , dest=./release-out'], true],
[['.'], true]
])('given %p returns %p', async (outputs: Array<string>, expected: boolean) => {
expect(buildx.isLocalOrTarExporter(outputs)).toEqual(expected);
});
});
describe('isAvailable', () => {
const execSpy = jest.spyOn(exec, 'getExecOutput');
buildx.isAvailable();
// eslint-disable-next-line jest/no-standalone-expect
expect(execSpy).toHaveBeenCalledWith(`docker`, ['buildx'], {
silent: true,
ignoreReturnCode: true
});
});
describe('isAvailable standalone', () => {
const execSpy = jest.spyOn(exec, 'getExecOutput');
buildx.isAvailable(true);
// eslint-disable-next-line jest/no-standalone-expect
expect(execSpy).toHaveBeenCalledWith(`buildx`, [], {
silent: true,
ignoreReturnCode: true
});
});
describe('getVersion', () => {
it('valid', async () => {
const version = await buildx.getVersion();
expect(semver.valid(version)).not.toBeNull();
});
});
describe('parseVersion', () => {
test.each([
['github.com/docker/buildx 0.4.1+azure bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
['github.com/docker/buildx v0.4.1 bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
['github.com/docker/buildx v0.4.2 fb7b670b764764dc4716df3eba07ffdae4cc47b2', '0.4.2'],
['github.com/docker/buildx f117971 f11797113e5a9b86bd976329c5dbb8a8bfdfadfa', 'f117971']
])('given %p', async (stdout, expected) => {
expect(buildx.parseVersion(stdout)).toEqual(expected);
});
});
describe('satisfies', () => {
test.each([
['0.4.1', '>=0.3.2', true],
['bda4882a65349ca359216b135896bddc1d92461c', '>0.1.0', false],
['f117971', '>0.6.0', true]
])('given %p', async (version, range, expected) => {
expect(buildx.satisfies(version, range)).toBe(expected);
});
});
describe('getSecret', () => {
test.each([
['A_SECRET=abcdef0123456789', false, 'A_SECRET', 'abcdef0123456789', false],
['GIT_AUTH_TOKEN=abcdefghijklmno=0123456789', false, 'GIT_AUTH_TOKEN', 'abcdefghijklmno=0123456789', false],
['MY_KEY=c3RyaW5nLXdpdGgtZXF1YWxzCg==', false, 'MY_KEY', 'c3RyaW5nLXdpdGgtZXF1YWxzCg==', false],
['aaaaaaaa', false, '', '', true],
['aaaaaaaa=', false, '', '', true],
['=bbbbbbb', false, '', '', true],
[`foo=${path.join(__dirname, 'fixtures', 'secret.txt').split(path.sep).join(path.posix.sep)}`, true, 'foo', 'bar', false],
[`notfound=secret`, true, '', '', true]
])('given %p key and %p secret', async (kvp, file, exKey, exValue, invalid) => {
try {
let secret: string;
if (file) {
secret = await buildx.getSecretFile(kvp);
} else {
secret = await buildx.getSecretString(kvp);
}
expect(true).toBe(!invalid);
expect(secret).toEqual(`id=${exKey},src=${tmpNameSync}`);
const secretValue = await fs.readFileSync(tmpNameSync, 'utf-8');
expect(secretValue).toEqual(exValue);
} catch (err) {
// eslint-disable-next-line jest/no-conditional-expect
expect(true).toBe(invalid);
}
});
});

591
__tests__/context.test.ts
View File

@ -1,131 +1,57 @@
import {beforeEach, describe, expect, it, jest, test} from '@jest/globals';
import {beforeEach, describe, expect, jest, test} from '@jest/globals';
import * as fs from 'fs';
import * as os from 'os';
import * as path from 'path';
import {Builder} from '@docker/actions-toolkit/lib/buildx/builder';
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx';
import {Context} from '@docker/actions-toolkit/lib/context';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
import {GitHub} from '@docker/actions-toolkit/lib/github';
import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
import {BuilderInfo} from '@docker/actions-toolkit/lib/types/builder';
import {GitHubRepo} from '@docker/actions-toolkit/lib/types/github';
import * as context from '../src/context';
const pgp = `-----BEGIN PGP PRIVATE KEY BLOCK-----
const tmpDir = path.join('/tmp', '.docker-build-push-jest');
const tmpName = path.join(tmpDir, '.tmpname-jest');
lQdGBF6tzaABEACjFbX7PFEG6vDPN2MPyxYW7/3o/sonORj4HXUFjFxxJxktJ3x3
N1ayHPJ1lqIeoiY7jVbq0ZdEVGkd3YsKG9ZMdZkzGzY6PQPC/+M8OnzOiOPwUdWc
+Tdhh115LvVz0MMKYiab6Sn9cgxj9On3LCQKpjvMDpPo9Ttf6v2GQIw8h2ACvdzQ
71LtIELS/I+dLbfZiwpUu2fhQT13EJkEnYMOYwM5jNUd66P9itUc7MrOWjkicrKP
oF1dQaCM+tuKuxvD8WLdiwU5x60NoGkJHHUehKQXl2dVzjpqEqHKEBJt9tfJ9lpE
YIisgwB8o3pes0fgCehjW2zI95/o9+ayJ6nl4g5+mSvWRXEu66h71nwM0Yuvquk8
3me7qhYfDrDdCwcxS5BS1hwakTgUQLD99FZjbx1j8sq96I65O0GRdyU2PR8KIjwu
JrkTH4ZlKxK3FQghUhFoA5GkiDb+eClmRMSni5qg+81T4XChmUkEprA3eWCHL+Ma
xRNNxLS+r6hH9HG5JBxpV3iaTI9HHpnQKhEeaLXqsUTDZliN9hP7Ywo8bpUB8j2d
oWYwDV4dPyMKr6Fb8RDCh2q5gJGbVp8w/NmmBTeL+IP2fFggJkRfyumv3Ul7x66L
tBFQ4rYo4JUUrGweSTneG6REIgxH66hIrNl6Vo/D1ZyknTe1dMOu/BTkkQARAQAB
/gcDAqra8KO+h3bfyu90vxTL1ro4x/x9il7VBcWlIR4cBP7Imgxv+T4hwPIu8P1x
lOlxLNWegFOV0idoTy1o3VLLBev/F+IlspX4A+2XEIddR6nZnKFi0Lv2L4TKgE9E
VJJTszmviDIRLMLN9dWzDfA8hj5tR5Inot92CHRF414AS22JHvlhbFSLQnjqsN+C
n1cQpNOJhkxsSfZsxjnFa/70y/u8v0o8mzyLZmk9HpzRHGzoz8IfpLp8OTqBR9u6
zzoKLy16zZO55OKbj7h8uVZvDUq9l8iDICpqWMdZqBJIl56MBexYKgYxh3YO/8v2
oXli+8Xuaq5QLiCN3yT7IbKoYzplnFfaJwFiMh7R1iPLXaYAZ0qdRijlbtseTK1m
oHNkwUbxVzjkh4LfE8UpmMwZn5ZjWni3230SoiXuKy0OHkGvwGvWWAL1mEuoYuUI
mFMcH5MnixP8oQYZKDj2IR/yEeOpdU6B/tr3Tk1NidLf7pUMqG7Ff1NU6dAUeBpa
9xahITMjHvrhgMISY4IYZep5cEnVw8lQTpUJtW/ePMzrFhu3sA7oNdj9joW/VMfz
H7MHwwavtICsYqoqV3lnjX4EC9dW6o8PTUg2u956dmtK7KAyUK/+w2aLNGT28ChN
jhRYHvHzB9Kw5asqI/lTM49eqslBqYQMTTjdBphkYuSZQzNMf291j/ZmoLhD1A1a
S8tUnNygKV4D1cJYgSXfzhFoU8ib/0SPo+KqQ+CzGS+wxXg6WNBA6wepTjpnVVx3
4JADP8IJcDC3P0iwAreWjSy15F1cvemFFB0SLNUkyZGzsxtKzbM1+8khl68+eazC
LzRj0rxfIF5znWjX1QFhKxCk6eF0IWDY0+b3DBkmChME9YDXJ3TthcqA7JgcX4JI
M4/wdqhgerJYOmj+i2Q0M+Bu02icOJYMwTMMsDVl7XGHkaCuRgZ54eZAUH7JFwUm
1Ct3tcaqiTMmz0ngHVqBTauzgqKDvzwdVqdfg05H364nJMay/3omR6GayIb5CwSo
xdNVwG3myPPradT9MP09mDr4ys2zcnQmCkvTVBF6cMZ1Eh6PQQ8CyQWv0zkaBnqj
JrM1hRpgW4ZlRosSIjCaaJjolN5QDcXBM9TbW9ww+ZYstazN2bV1ZQ7BEjlHQPa1
BhzMsvqkbETHsIpDNF52gZKn3Q9eIX05BeadzpHUb5/XOheIHVIdhSaTlgl/qQW5
hQgPGSzSV6KhXEY7aevTdvOgq++WiELkjfz2f2lQFesTjFoQWEvxVDUmLxHtEhaN
DOuh4H3mX5Opn3pLQmqWVhJTbFdx+g5qQd0NCW4mDaTFWTRLFLZQsSJxDSeg9xrY
gmaii8NhMZRwquADW+6iU6KfraBhngi7HRz4TfqPr9ma/KUY464cqim1fnwXejyx
jsb5YHR9R66i+F6P/ysF5w+QuVdDt1fnf9GLay0r6qxpA8ft2vGPcDs4806Huj+7
Aq5VeJaNkCuh3GR3xVnCFAz/7AtkO6xKuZm8B3q904UuMdSmkhWbaobIuF/B2B6S
eawIXQHEOplK3ic26d8Ckf4gbjeORfELcMAEi5nGXpTThCdmxQApCLxAYYnTfQT1
xhlDwT9xPEabo98mIwJJsAU5VsTDYW+qfo4qIx8gYoSKc9Xu3yVh3n+9k43Gcm5V
9lvK1slijf+TzODZt/jsmkF8mPjXyP5KOI+xQp/m4PxW3pp57YrYj/Rnwga+8DKX
jMsW7mLAAZ/e+PY6z/s3x1Krfk+Bb5Ph4mI0zjw5weQdtyEToRgveda0GEpvZSBU
ZXN0ZXIgPGpvZUBmb28uYmFyPokCNgQQAQgAIAUCXq3NoAYLCQcIAwIEFQgKAgQW
AgEAAhkBAhsDAh4BAAoJEH2FHrctc72gxtQP/AulaClIcn/kDt43mhYnyLglPfbo
AqPlU26chXolBg0Wo0frFY3aIs5SrcWEf8aR4XLwCFGyi3vya0CUxjghN5tZBYqo
vswbT00zP3ohxxlJFCRRR9bc7OZXCgTddtfVf6EKrUAzIkbWyAhaJnwJy/1UGpSw
SEO/KpastrVKf3sv1wqOeFQ4DFyjaNda+xv3dVWS8db7KogqJiPFZXrQK3FKVIxS
fxRSmKaYN7//d+xwVAEY++RrnL/o8B2kV6N68cCpQWJELyYnJzis9LBcWd/3wiYh
efTyY+ePKUjcB+kEZnyJfLc7C2hll2e7UJ0fxv+k8vHReRhrNWmGRXsjNRxiw3U0
hfvxD/C8nyqAbeTHp4XDX78Tc3XCysAqIYboIL+RyewDMjjLj5vzUYAdUdtyNaD7
C6M2R6pN1GAt52CJmC/Z6F7W7GFGoYOdEkVdMQDsjCwScyEUNlGj9Zagw5M2EgSe
6gaHgMgTzsMzCc4W6WV5RcS55cfDNOXtxPsMJTt4FmXrjl11prBzpMfpU5a9zxDZ
oi54ZZ8VPE6jsT4Lzw3sni3c83wm28ArM20AzZ1vh7fk3Sfd0u4Yaz7s9JlEm5+D
34tEyli28+QjCQc18EfQUiJqiYEJRxJXJ3esvMHfYi45pV/Eh5DgRW1305fUJV/6
+rGpg0NejsHoZdZPnQdGBF6tzaABEAC4mVXTkVk6Kdfa4r5zlzsoIrR27laUlMkb
OBMt+aokqS+BEbmTnMg6xIAmcUT5uvGAc8S/WhrPoYfc15fTUyHIz8ZbDoAg0LO6
0Io4VkAvNJNEnsSV9VdLBh/XYlc4K49JqKyWTL4/FJFAGbsmHY3b+QU90AS6FYRv
KeBAoiyebrjx0vmzb8E8h3xthVLN+AfMlR1ickY62zvnpkbncSMY/skur1D2KfbF
3sFprty2pEtjFcyB5+18l2IyyHGOlEUw1PZdOAV4/Myh1EZRgYBPs80lYTJALCVF
IdOakH33WJCImtNZB0AbDTABG+JtMjQGscOa0qzf1Y/7tlhgCrynBBdaIJTx95TD
21BUHcHOu5yTIS6Ulysxfkv611+BiOKHgdq7DVGP78VuzA7bCjlP1+vHqIt3cnIa
t2tEyuZ/XF4uc3/i4g0uP9r7AmtET7Z6SKECWjpVv+UEgLx5Cv+ql+LSKYQMvU9a
i3B1F9fatn3FSLVYrL4aRxu4TSw9POb0/lgDNmN3lGQOsjGCZPibkHjgPEVxKuiq
9Oi38/VTQ0ZKAmHwBTq1WTZIrPrCW0/YMQ6yIJZulwQ9Yx1cgzYzEfg04fPXlXMi
vkvNpKbYIICzqj0/DVztz9wgpW6mnd0A2VX2dqbMM0fJUCHA6pj8AvXY4R+9Q4rj
eWRK9ycInQARAQAB/gcDApjt7biRO0PEyrrAiUwDMsJL4/CVMu11qUWEPjKe2Grh
ZTW3N+m3neKPRULu+LUtndUcEdVWUCoDzAJ7MwihZtV5vKST/5Scd2inonOaJqoA
nS3wnEMN/Sc93HAZiZnFx3NKjQVNCwbuEs45mXkkcjLm2iadrTL8fL4acsu5IsvD
LbDwVOPeNnHKl6Hr20e39fK0FuJEyH49JM6U3B1/8385sJB8+E24+hvSF81aMddh
Ne4Bc3ZYiYaKxe1quPNKC0CQhAZiT7LsMfkInXr0hY1I+kISNXEJ1dPYOEWiv0Ze
jD5Pupn34okKNEeBCx+dK8BmUCi6Jgs7McUA7hN0D/YUS++5fuR55UQq2j8Ui0tS
P8GDr86upH3PgEL0STh9fYfJ7TesxurwonWjlmmT62Myl4Pr+RmpS6PXOnhtcADm
eGLpzhTveFj4JBLMpyYHgBTqcs12zfprATOpsI/89kmQoGCZpG6+AbfSHqNNPdy2
eqUCBhOZlIIda1z/cexmU3f/gBqyflFf8fkvmlO4AvI8aMH3OpgHdWnzh+AB51xj
kmdD/oWel9v7Dz4HoZUfwFaLZ0fE3P9voD8e+sCwqQwVqRY4L/BOYPD5noVOKgOj
ABNKu5uKrobj6rFUi6DTUCjFGcmoF1Sc06xFNaagUNggRbmlC/dz22RWdDUYv5ra
N6TxIDkGC0cK6ujyK0nes3DN0aHjgwWuMXDYkN3UckiebI4Cv/eF9jvUKOSiIcy1
RtxdazZS4dYg2LBMeJKVkPi5elsNyw2812nEY3du/nEkQYXfYgWOF27OR+g4Y9Yw
1BiqJ1TTjbQnd/khOCrrbzDH1mw00+1XVsT6wjObuYqqxPPS87UrqmMf6OdoYfPm
zEOnNLBnsJ5VQM3A3pcT40RfdBrZRO8LjGhzKTreyq3C+jz0RLa5HNE8GgOhGyck
ME4h+RhXlE8KGM+tTo6PA1NJSrEt+8kZzxjP4rIEn0aVthCkNXK12inuXtnHm0ao
iLUlQOsfPFEnzl0TUPd7+z7j/wB+XiKU/AyEUuB0mvdxdKtqXvajahOyhLjzHQhz
ZnNlgANGtiqcSoJmkJ8yAvhrtQX51fQLftxbArRW1RYk/5l+Gy3azR+gUC17M6JN
jrUYxn0zlAxDGFH7gACHUONwVekcuEffHzgu2lk7MyO1Y+lPnwabqjG0eWWHuU00
hskJlXyhj7DeR12bwjYkyyjG62GvOH02g3OMvUgNGH+K321Dz539csCh/xwtg7Wt
U3YAphU7htQ1dPDfk1IRs7DQo2L+ZTE57vmL5m0l6fTataEWBPUXkygfQFUJOM6Q
yY76UEZww1OSDujNeY171NSTzXCVkUeAdAMXgjaHXWLK2QUQUoXbYX/Kr7Vvt9Fu
Jh6eGjjp7dSjQ9+DW8CAB8vxd93gsQQGWYjmGu8khkEmx6OdZhmSbDbe915LQTb9
sPhk2s5/Szsvr5W2JJ2321JI6KXBJMZvPC5jEBWmRzOYkRd2vloft+CSMfXF+Zfd
nYtc6R3dvb9vcjo+a9wFtfcoDsO0MaPSM+9GB25MamdatmGX6iLOy9Re1UABwUi/
VhTWNkP5uzqx0sDwHEIa2rYOwxpIZDwwjM3oOASCW1DDBQ0BI9KNjfIeL3ubx2mS
2x8hFU9qSK4umoDNbzOqGPSlkdbiPcNjF2ZcSN1qQZiYdwLL5dw6APNyBVjxTN1J
gkCdJ/HwAY+r93Lbl5g8gz8d0vJEyfn//34sn9u+toSTw55GcG9Ks1kSKIeDNh0h
MiPm3HmJAh8EGAEIAAkFAl6tzaACGwwACgkQfYUety1zvaBV9hAAgliX36pXJ59g
3I9/4R68e/fGg0FMM6D+01yCeiKApOYRrJ0cYKn7ITDYmHhlGGpBAie90UsqX12h
hdLP7LoQx7sjTyzQt6JmpA8krIwi2ON7FKBkdYb8IYx4mE/5vKnYT4/SFnwTmnZY
+m+NzK2U/qmhq8JyO8gozdAKJUcgz49IVv2Ij0tQ4qaPbyPwQxIDyKnT758nJhB1
jTqo+oWtER8q3okzIlqcArqn5rDaNJx+DRYL4E/IddyHQAiUWUka8usIUqeW5reu
zoPUE2CCfOJSGArkqHQQqMx0WEzjQTwAPaHrQbera4SbiV/o4CLCV/u5p1Qnig+Q
iUsakmlD299t//125LIQEa5qzd9hRC7u1uJS7VdW8eGIEcZ0/XT/sr+z23z0kpZH
D3dXPX0BwM4IP9xu31CNg10x0rKwjbxy8VaskFEelpqpu+gpAnxqMd1evpeUHcOd
r5RgPgkNFfba9Nbxf7uEX+HOmsOM+kdtSmdGIvsBZjVnW31nnoDMp49jG4OynjrH
cRuoM9sxdr6UDqb22CZ3/e0YN4UaZM3YDWMVaP/QBVgvIFcdByqNWezpd9T4ZUII
MZlaV1uRnHg6B/zTzhIdMM80AXz6Uv6kw4S+Lt7HlbrnMT7uKLuvzH7cle0hcIUa
PejgXO0uIRolYQ3sz2tMGhx1MfBqH64=
=WbwB
-----END PGP PRIVATE KEY BLOCK-----`;
jest.spyOn(context, 'defaultContext').mockImplementation((): string => {
return 'https://github.com/docker/build-push-action.git#refs/heads/test-jest';
import repoFixture from './fixtures/github-repo.json';
jest.spyOn(GitHub.prototype, 'repoData').mockImplementation((): Promise<GitHubRepo> => {
return <Promise<GitHubRepo>>(repoFixture as unknown);
});
jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
const tmpDir = path.join('/tmp/.docker-build-push-jest').split(path.sep).join(path.posix.sep);
jest.spyOn(Context, 'tmpDir').mockImplementation((): string => {
if (!fs.existsSync(tmpDir)) {
fs.mkdirSync(tmpDir, {recursive: true});
}
return tmpDir;
});
jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
return path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
jest.spyOn(Context, 'tmpName').mockImplementation((): string => {
return tmpName;
});
jest.spyOn(Docker, 'isAvailable').mockImplementation(async (): Promise<boolean> => {
return true;
});
jest.spyOn(Builder.prototype, 'inspect').mockImplementation(async (): Promise<BuilderInfo> => {
return {
name: 'builder2',
driver: 'docker-container',
lastActivity: new Date('2023-01-16 09:45:23 +0000 UTC'),
nodes: [
{
buildkit: 'v0.11.0',
'buildkitd-flags': '--debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
'driver-opts': ['BUILDKIT_STEP_LOG_MAX_SIZE=10485760', 'BUILDKIT_STEP_LOG_MAX_SPEED=10485760', 'JAEGER_TRACE=localhost:6831', 'image=moby/buildkit:latest', 'network=host'],
endpoint: 'unix:///var/run/docker.sock',
name: 'builder20',
platforms: 'linux/amd64,linux/amd64/v2,linux/amd64/v3,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6',
status: 'running'
}
]
};
});
describe('getArgs', () => {
@ -152,7 +78,7 @@ describe('getArgs', () => {
]),
[
'build',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'.'
]
],
@ -160,7 +86,11 @@ describe('getArgs', () => {
1,
'0.4.2',
new Map<string, string>([
['build-args', 'MY_ARG=val1,val2,val3\nARG=val'],
['build-args', `MY_ARG=val1,val2,val3
ARG=val
"MULTILINE=aaaa
bbbb
ccc"`],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
@ -170,8 +100,9 @@ describe('getArgs', () => {
'build',
'--build-arg', 'MY_ARG=val1,val2,val3',
'--build-arg', 'ARG=val',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
'--build-arg', `MULTILINE=aaaa\nbbbb\nccc`,
'--iidfile', path.join(tmpDir, 'iidfile'),
'https://github.com/docker/build-push-action.git#refs/heads/master'
]
],
[
@ -186,10 +117,10 @@ describe('getArgs', () => {
]),
[
'build',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--tag', 'name/app:7.4',
'--tag', 'name/app:latest',
'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
'https://github.com/docker/build-push-action.git#refs/heads/master'
]
],
[
@ -241,7 +172,7 @@ describe('getArgs', () => {
]),
[
'build',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'.'
]
],
@ -258,8 +189,8 @@ describe('getArgs', () => {
]),
[
'build',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
'.'
]
],
@ -277,8 +208,8 @@ describe('getArgs', () => {
[
'build',
'--output', '.',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'https://github.com/docker/build-push-action.git#refs/heads/test-jest'
'--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
'https://github.com/docker/build-push-action.git#refs/heads/master'
]
],
[
@ -299,9 +230,9 @@ describe('getArgs', () => {
[
'build',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--platform', 'linux/amd64,linux/arm64',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
'--builder', 'builder-git-context-2',
'--push',
'https://github.com/docker/build-push-action.git#refs/heads/master'
@ -333,12 +264,12 @@ ccc"`],
[
'build',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--platform', 'linux/amd64,linux/arm64',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
'--secret', `id=MYSECRET,src=${tmpName}`,
'--secret', `id=FOO,src=${tmpName}`,
'--secret', `id=EMPTYLINE,src=${tmpName}`,
'--builder', 'builder-git-context-2',
'--push',
'https://github.com/docker/build-push-action.git#refs/heads/master'
@ -370,12 +301,12 @@ ccc`],
[
'build',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--platform', 'linux/amd64,linux/arm64',
'--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=MYSECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=FOO,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', 'id=EMPTYLINE,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
'--secret', `id=MYSECRET,src=${tmpName}`,
'--secret', `id=FOO,src=${tmpName}`,
'--secret', `id=EMPTYLINE,src=${tmpName}`,
'--builder', 'builder-git-context-2',
'--push',
'https://github.com/docker/build-push-action.git#refs/heads/master'
@ -387,7 +318,7 @@ ccc`],
new Map<string, string>([
['context', 'https://github.com/docker/build-push-action.git#refs/heads/master'],
['tag', 'localhost:5000/name/app:latest'],
['secret-files', `MY_SECRET=${path.join(__dirname, 'fixtures', 'secret.txt').split(path.sep).join(path.posix.sep)}`],
['secret-files', `MY_SECRET=${path.join(__dirname, 'fixtures', 'secret.txt')}`],
['file', './test/Dockerfile'],
['builder', 'builder-git-context-2'],
['network', 'host'],
@ -399,8 +330,8 @@ ccc`],
[
'build',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--secret', 'id=MY_SECRET,src=/tmp/.docker-build-push-jest/.tmpname-jest',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--secret', `id=MY_SECRET,src=${tmpName}`,
'--builder', 'builder-git-context-2',
'--network', 'host',
'--push',
@ -446,8 +377,8 @@ ccc`],
'--add-host', 'docker:10.180.0.1',
'--add-host', 'foo:10.0.0.1',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'--network', 'host',
'--push',
'.'
@ -475,11 +406,11 @@ nproc=3`],
'--add-host', 'foo:10.0.0.1',
'--cgroup-parent', 'foo',
'--file', './test/Dockerfile',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--shm-size', '2g',
'--ulimit', 'nofile=1024:1024',
'--ulimit', 'nproc=3',
'--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
@ -495,9 +426,177 @@ nproc=3`],
]),
[
'build',
'--iidfile', '/tmp/.docker-build-push-jest/iidfile',
'--metadata-file', '/tmp/.docker-build-push-jest/metadata-file',
'https://github.com/docker/build-push-action.git#refs/heads/test-jest:docker'
'--iidfile', path.join(tmpDir, 'iidfile'),
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'https://github.com/docker/build-push-action.git#refs/heads/master:docker'
]
],
[
16,
'0.8.2',
new Map<string, string>([
['github-token', 'abcdefghijklmno0123456789'],
['context', '{{defaultContext}}:subdir'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--secret', `id=GIT_AUTH_TOKEN,src=${tmpName}`,
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'https://github.com/docker/build-push-action.git#refs/heads/master:subdir'
]
],
[
17,
'0.8.2',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['provenance', 'true'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
18,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
"--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
19,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['provenance', 'true'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
"--provenance", `builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
20,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['provenance', 'mode=max'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
"--provenance", `mode=max,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
21,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['provenance', 'false'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
"--provenance", 'false',
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
22,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['provenance', 'builder-id=foo'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
"--provenance", 'builder-id=foo',
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
23,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['outputs', 'type=docker'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
"--output", 'type=docker',
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
[
24,
'0.10.0',
new Map<string, string>([
['context', '.'],
['load', 'true'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
]),
[
'build',
'--iidfile', path.join(tmpDir, 'iidfile'),
'--load',
'--metadata-file', path.join(tmpDir, 'metadata-file'),
'.'
]
],
])(
@ -506,195 +605,17 @@ nproc=3`],
inputs.forEach((value: string, name: string) => {
setInput(name, value);
});
const defContext = context.defaultContext();
const inp = await context.getInputs(defContext);
const res = await context.getArgs(inp, defContext, buildxVersion);
const toolkit = new Toolkit();
jest.spyOn(Buildx.prototype, 'version').mockImplementation(async (): Promise<string> => {
return buildxVersion;
});
const inp = await context.getInputs();
const res = await context.getArgs(inp, toolkit);
expect(res).toEqual(expected);
}
);
});
describe('getInputList', () => {
it('single line correctly', async () => {
await setInput('foo', 'bar');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar']);
});
it('multiline correctly', async () => {
setInput('foo', 'bar\nbaz');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar', 'baz']);
});
it('empty lines correctly', async () => {
setInput('foo', 'bar\n\nbaz');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar', 'baz']);
});
it('comma correctly', async () => {
setInput('foo', 'bar,baz');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar', 'baz']);
});
it('empty result correctly', async () => {
setInput('foo', 'bar,baz,');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar', 'baz']);
});
it('different new lines correctly', async () => {
setInput('foo', 'bar\r\nbaz');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar', 'baz']);
});
it('different new lines and comma correctly', async () => {
setInput('foo', 'bar\r\nbaz,bat');
const res = await context.getInputList('foo');
expect(res).toEqual(['bar', 'baz', 'bat']);
});
it('multiline and ignoring comma correctly', async () => {
setInput('cache-from', 'user/app:cache\ntype=local,src=path/to/dir');
const res = await context.getInputList('cache-from', true);
expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
});
it('different new lines and ignoring comma correctly', async () => {
setInput('cache-from', 'user/app:cache\r\ntype=local,src=path/to/dir');
const res = await context.getInputList('cache-from', true);
expect(res).toEqual(['user/app:cache', 'type=local,src=path/to/dir']);
});
it('multiline values', async () => {
setInput(
'secrets',
`GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
"MYSECRET=aaaaaaaa
bbbbbbb
ccccccccc"
FOO=bar`
);
const res = await context.getInputList('secrets', true);
expect(res).toEqual([
'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
`MYSECRET=aaaaaaaa
bbbbbbb
ccccccccc`,
'FOO=bar'
]);
});
it('multiline values with empty lines', async () => {
setInput(
'secrets',
`GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
"MYSECRET=aaaaaaaa
bbbbbbb
ccccccccc"
FOO=bar
"EMPTYLINE=aaaa
bbbb
ccc"`
);
const res = await context.getInputList('secrets', true);
expect(res).toEqual([
'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
`MYSECRET=aaaaaaaa
bbbbbbb
ccccccccc`,
'FOO=bar',
`EMPTYLINE=aaaa
bbbb
ccc`
]);
});
it('multiline values without quotes', async () => {
setInput(
'secrets',
`GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
MYSECRET=aaaaaaaa
bbbbbbb
ccccccccc
FOO=bar`
);
const res = await context.getInputList('secrets', true);
expect(res).toEqual(['GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789', 'MYSECRET=aaaaaaaa', 'bbbbbbb', 'ccccccccc', 'FOO=bar']);
});
it('large multiline values', async () => {
setInput(
'secrets',
`"GPG_KEY=${pgp}"
FOO=bar`
);
const res = await context.getInputList('secrets', true);
expect(res).toEqual([`GPG_KEY=${pgp}`, 'FOO=bar']);
});
it('multiline values escape quotes', async () => {
setInput(
'secrets',
`GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789
"MYSECRET=aaaaaaaa
bbbb""bbb
ccccccccc"
FOO=bar`
);
const res = await context.getInputList('secrets', true);
expect(res).toEqual([
'GIT_AUTH_TOKEN=abcdefgh,ijklmno=0123456789',
`MYSECRET=aaaaaaaa
bbbb"bbb
ccccccccc`,
'FOO=bar'
]);
});
});
describe('asyncForEach', () => {
it('executes async tasks sequentially', async () => {
const testValues = [1, 2, 3, 4, 5];
const results: number[] = [];
await context.asyncForEach(testValues, async value => {
results.push(value);
});
expect(results).toEqual(testValues);
});
});
describe('setOutput', () => {
beforeEach(() => {
process.stdout.write = jest.fn() as typeof process.stdout.write;
});
// eslint-disable-next-line jest/expect-expect
it('setOutput produces the correct command', () => {
context.setOutput('some output', 'some value');
assertWriteCalls([`::set-output name=some output::some value${os.EOL}`]);
});
// eslint-disable-next-line jest/expect-expect
it('setOutput handles bools', () => {
context.setOutput('some output', false);
assertWriteCalls([`::set-output name=some output::false${os.EOL}`]);
});
// eslint-disable-next-line jest/expect-expect
it('setOutput handles numbers', () => {
context.setOutput('some output', 1.01);
assertWriteCalls([`::set-output name=some output::1.01${os.EOL}`]);
});
});
// See: https://github.com/actions/toolkit/blob/a1b068ec31a042ff1e10a522d8fdf0b8869d53ca/packages/core/src/core.ts#L89
function getInputName(name: string): string {
return `INPUT_${name.replace(/ /g, '_').toUpperCase()}`;
@ -703,11 +624,3 @@ function getInputName(name: string): string {
function setInput(name: string, value: string): void {
process.env[getInputName(name)] = value;
}
// Assert that process.stdout.write calls called only with the given arguments.
function assertWriteCalls(calls: string[]): void {
expect(process.stdout.write).toHaveBeenCalledTimes(calls.length);
for (let i = 0; i < calls.length; i++) {
expect(process.stdout.write).toHaveBeenNthCalledWith(i + 1, calls[i]);
}
}

16
__tests__/docker.test.ts
View File

@ -1,16 +0,0 @@
import {describe, expect, it, jest} from '@jest/globals';
import * as docker from '../src/docker';
import * as exec from '@actions/exec';
describe('isAvailable', () => {
it('cli', () => {
const execSpy = jest.spyOn(exec, 'getExecOutput');
docker.isAvailable();
// eslint-disable-next-line jest/no-standalone-expect
expect(execSpy).toHaveBeenCalledWith(`docker`, undefined, {
silent: true,
ignoreReturnCode: true
});
});
});

362
__tests__/fixtures/github-repo.json Normal file
View File

@ -0,0 +1,362 @@
{
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "http://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "http://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "http://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "http://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "http://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "http://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "http://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "http://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "http://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "http://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "http://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "http://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "http://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "http://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "http://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "http://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "http://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "http://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "http://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "http://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "http://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "http://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "http://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "http://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "http://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "http://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "http://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "http://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "http://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "http://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"clone_url": "https://github.com/octocat/Hello-World.git",
"mirror_url": "git:git.example.com/octocat/Hello-World",
"hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks",
"svn_url": "https://svn.github.com/octocat/Hello-World",
"homepage": "https://github.com",
"language": null,
"forks_count": 9,
"stargazers_count": 80,
"watchers_count": 80,
"size": 108,
"default_branch": "master",
"open_issues_count": 0,
"is_template": true,
"topics": [
"octocat",
"atom",
"electron",
"api"
],
"has_issues": true,
"has_projects": true,
"has_wiki": true,
"has_pages": false,
"has_downloads": true,
"archived": false,
"disabled": false,
"visibility": "public",
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"permissions": {
"pull": true,
"triage": true,
"push": false,
"maintain": false,
"admin": false
},
"allow_rebase_merge": true,
"template_repository": null,
"temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
"allow_squash_merge": true,
"delete_branch_on_merge": true,
"allow_merge_commit": true,
"subscribers_count": 42,
"network_count": 0,
"license": {
"key": "mit",
"name": "MIT License",
"spdx_id": "MIT",
"url": "https://api.github.com/licenses/mit",
"node_id": "MDc6TGljZW5zZW1pdA=="
},
"organization": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "Organization",
"site_admin": false
},
"parent": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "http://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "http://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "http://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "http://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "http://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "http://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "http://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "http://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "http://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "http://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "http://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "http://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "http://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "http://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "http://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "http://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "http://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "http://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "http://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "http://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "http://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "http://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "http://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "http://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "http://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "http://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "http://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "http://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "http://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "http://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"clone_url": "https://github.com/octocat/Hello-World.git",
"mirror_url": "git:git.example.com/octocat/Hello-World",
"hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks",
"svn_url": "https://svn.github.com/octocat/Hello-World",
"homepage": "https://github.com",
"language": null,
"forks_count": 9,
"stargazers_count": 80,
"watchers_count": 80,
"size": 108,
"default_branch": "master",
"open_issues_count": 0,
"is_template": true,
"topics": [
"octocat",
"atom",
"electron",
"api"
],
"has_issues": true,
"has_projects": true,
"has_wiki": true,
"has_pages": false,
"has_downloads": true,
"archived": false,
"disabled": false,
"visibility": "public",
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"permissions": {
"admin": false,
"push": false,
"pull": true
},
"allow_rebase_merge": true,
"template_repository": null,
"temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
"allow_squash_merge": true,
"delete_branch_on_merge": true,
"allow_merge_commit": true,
"subscribers_count": 42,
"network_count": 0
},
"source": {
"id": 1296269,
"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5",
"name": "Hello-World",
"full_name": "octocat/Hello-World",
"owner": {
"login": "octocat",
"id": 1,
"node_id": "MDQ6VXNlcjE=",
"avatar_url": "https://github.com/images/error/octocat_happy.gif",
"gravatar_id": "",
"url": "https://api.github.com/users/octocat",
"html_url": "https://github.com/octocat",
"followers_url": "https://api.github.com/users/octocat/followers",
"following_url": "https://api.github.com/users/octocat/following{/other_user}",
"gists_url": "https://api.github.com/users/octocat/gists{/gist_id}",
"starred_url": "https://api.github.com/users/octocat/starred{/owner}{/repo}",
"subscriptions_url": "https://api.github.com/users/octocat/subscriptions",
"organizations_url": "https://api.github.com/users/octocat/orgs",
"repos_url": "https://api.github.com/users/octocat/repos",
"events_url": "https://api.github.com/users/octocat/events{/privacy}",
"received_events_url": "https://api.github.com/users/octocat/received_events",
"type": "User",
"site_admin": false
},
"private": false,
"html_url": "https://github.com/octocat/Hello-World",
"description": "This your first repo!",
"fork": false,
"url": "https://api.github.com/repos/octocat/Hello-World",
"archive_url": "http://api.github.com/repos/octocat/Hello-World/{archive_format}{/ref}",
"assignees_url": "http://api.github.com/repos/octocat/Hello-World/assignees{/user}",
"blobs_url": "http://api.github.com/repos/octocat/Hello-World/git/blobs{/sha}",
"branches_url": "http://api.github.com/repos/octocat/Hello-World/branches{/branch}",
"collaborators_url": "http://api.github.com/repos/octocat/Hello-World/collaborators{/collaborator}",
"comments_url": "http://api.github.com/repos/octocat/Hello-World/comments{/number}",
"commits_url": "http://api.github.com/repos/octocat/Hello-World/commits{/sha}",
"compare_url": "http://api.github.com/repos/octocat/Hello-World/compare/{base}...{head}",
"contents_url": "http://api.github.com/repos/octocat/Hello-World/contents/{+path}",
"contributors_url": "http://api.github.com/repos/octocat/Hello-World/contributors",
"deployments_url": "http://api.github.com/repos/octocat/Hello-World/deployments",
"downloads_url": "http://api.github.com/repos/octocat/Hello-World/downloads",
"events_url": "http://api.github.com/repos/octocat/Hello-World/events",
"forks_url": "http://api.github.com/repos/octocat/Hello-World/forks",
"git_commits_url": "http://api.github.com/repos/octocat/Hello-World/git/commits{/sha}",
"git_refs_url": "http://api.github.com/repos/octocat/Hello-World/git/refs{/sha}",
"git_tags_url": "http://api.github.com/repos/octocat/Hello-World/git/tags{/sha}",
"git_url": "git:github.com/octocat/Hello-World.git",
"issue_comment_url": "http://api.github.com/repos/octocat/Hello-World/issues/comments{/number}",
"issue_events_url": "http://api.github.com/repos/octocat/Hello-World/issues/events{/number}",
"issues_url": "http://api.github.com/repos/octocat/Hello-World/issues{/number}",
"keys_url": "http://api.github.com/repos/octocat/Hello-World/keys{/key_id}",
"labels_url": "http://api.github.com/repos/octocat/Hello-World/labels{/name}",
"languages_url": "http://api.github.com/repos/octocat/Hello-World/languages",
"merges_url": "http://api.github.com/repos/octocat/Hello-World/merges",
"milestones_url": "http://api.github.com/repos/octocat/Hello-World/milestones{/number}",
"notifications_url": "http://api.github.com/repos/octocat/Hello-World/notifications{?since,all,participating}",
"pulls_url": "http://api.github.com/repos/octocat/Hello-World/pulls{/number}",
"releases_url": "http://api.github.com/repos/octocat/Hello-World/releases{/id}",
"ssh_url": "git@github.com:octocat/Hello-World.git",
"stargazers_url": "http://api.github.com/repos/octocat/Hello-World/stargazers",
"statuses_url": "http://api.github.com/repos/octocat/Hello-World/statuses/{sha}",
"subscribers_url": "http://api.github.com/repos/octocat/Hello-World/subscribers",
"subscription_url": "http://api.github.com/repos/octocat/Hello-World/subscription",
"tags_url": "http://api.github.com/repos/octocat/Hello-World/tags",
"teams_url": "http://api.github.com/repos/octocat/Hello-World/teams",
"trees_url": "http://api.github.com/repos/octocat/Hello-World/git/trees{/sha}",
"clone_url": "https://github.com/octocat/Hello-World.git",
"mirror_url": "git:git.example.com/octocat/Hello-World",
"hooks_url": "http://api.github.com/repos/octocat/Hello-World/hooks",
"svn_url": "https://svn.github.com/octocat/Hello-World",
"homepage": "https://github.com",
"language": null,
"forks_count": 9,
"stargazers_count": 80,
"watchers_count": 80,
"size": 108,
"default_branch": "master",
"open_issues_count": 0,
"is_template": true,
"topics": [
"octocat",
"atom",
"electron",
"api"
],
"has_issues": true,
"has_projects": true,
"has_wiki": true,
"has_pages": false,
"has_downloads": true,
"archived": false,
"disabled": false,
"visibility": "public",
"pushed_at": "2011-01-26T19:06:43Z",
"created_at": "2011-01-26T19:01:12Z",
"updated_at": "2011-01-26T19:14:43Z",
"permissions": {
"admin": false,
"push": false,
"pull": true
},
"allow_rebase_merge": true,
"template_repository": null,
"temp_clone_token": "ABTLWHOULUVAXGTRYU7OC2876QJ2O",
"allow_squash_merge": true,
"delete_branch_on_merge": true,
"allow_merge_commit": true,
"subscribers_count": 42,
"network_count": 0
}
}

2
__tests__/fixtures/secret.txt
View File

@ -1 +1 @@
bar
bar

9
action.yml
View File

@ -13,6 +13,9 @@ inputs:
allow:
description: "List of extra privileged entitlement (e.g., network.host,security.insecure)"
required: false
attests:
description: "List of attestation parameters (e.g., type=sbom,generator=image)"
required: false
build-args:
description: "List of build-time variables"
required: false
@ -60,6 +63,9 @@ inputs:
platforms:
description: "List of target platforms for build"
required: false
provenance:
description: "Generate provenance attestation for the build (shorthand for --attest=type=provenance)"
required: false
pull:
description: "Always attempt to pull all referenced images"
required: false
@ -68,6 +74,9 @@ inputs:
description: "Push is a shorthand for --output=type=registry"
required: false
default: 'false'
sbom:
description: "Generate SBOM attestation for the build (shorthand for --attest=type=sbom)"
required: false
secrets:
description: "List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)"
required: false

4
dev.Dockerfile
View File

@ -1,4 +1,4 @@
# syntax=docker/dockerfile:1.4
# syntax=docker/dockerfile:1
ARG NODE_VERSION=16
ARG DOCKER_VERSION=20.10.13
@ -66,8 +66,6 @@ FROM docker:${DOCKER_VERSION} as docker
FROM docker/buildx-bin:${BUILDX_VERSION} as buildx
FROM deps AS test
ENV RUNNER_TEMP=/tmp/github_runner
ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
--mount=type=bind,from=docker,source=/usr/local/bin/docker,target=/usr/bin/docker \

8
dist/index.js generated vendored
View File

File diff suppressed because one or more lines are too long

2
dist/index.js.map generated vendored
View File

File diff suppressed because one or more lines are too long

254
dist/licenses.txt generated vendored
View File

@ -61,6 +61,222 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/io
MIT
The MIT License (MIT)
Copyright 2019 GitHub
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@actions/tool-cache
MIT
The MIT License (MIT)
Copyright 2019 GitHub
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@docker/actions-toolkit
Apache-2.0
Apache License
Version 2.0, January 2004
https://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
Copyright 2013-2018 Docker, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
https://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
@octokit/auth-token
MIT
@ -724,6 +940,31 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
jwt-decode
MIT
The MIT License (MIT)
Copyright (c) 2015 Auth0, Inc. <support@auth0.com> (http://auth0.com)
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
lru-cache
ISC
The ISC License
@ -966,6 +1207,19 @@ Permission to use, copy, modify, and/or distribute this software for any purpose
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
uuid
MIT
The MIT License (MIT)
Copyright (c) 2010-2020 Robert Kieffer and other contributors
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
webidl-conversions
BSD-2-Clause
# The BSD 2-Clause License

2
dist/sourcemap-register.js generated vendored
View File

File diff suppressed because one or more lines are too long

199
docs/advanced/cache.md
View File

@ -1,200 +1,3 @@
# Cache
* [Inline cache](#inline-cache)
* [Registry cache](#registry-cache)
* [GitHub cache](#github-cache)
* [Cache backend API](#cache-backend-api)
* [Local cache](#local-cache)
> More info about cache on [BuildKit](https://github.com/moby/buildkit#export-cache) and [Buildx](https://github.com/docker/buildx/blob/master/docs/reference/buildx_build.md#cache-from) repositories.
## Inline cache
In most cases you want to use the [`type=inline` cache exporter](https://github.com/moby/buildkit#inline-push-image-and-cache-together).
However, note that the `inline` cache exporter only supports `min` cache mode. To enable `max` cache mode, push the
image and the cache separately by using the `registry` cache exporter as shown in the [next example](#registry-cache).
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: user/app:latest
cache-from: type=registry,ref=user/app:latest
cache-to: type=inline
```
## Registry cache
You can import/export cache from a cache manifest or (special) image configuration on the registry with the
[`type=registry` cache exporter](https://github.com/moby/buildkit/tree/master#registry-push-image-and-cache-separately).
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: user/app:latest
cache-from: type=registry,ref=user/app:buildcache
cache-to: type=registry,ref=user/app:buildcache,mode=max
```
## GitHub cache
### Cache backend API
> :test_tube: This cache exporter is considered EXPERIMENTAL until further notice. Please provide feedback on
> [BuildKit repository](https://github.com/moby/buildkit) if you encounter any issues.
Since [buildx 0.6.0](https://github.com/docker/buildx/releases/tag/v0.6.0) and [BuildKit 0.9.0](https://github.com/moby/buildkit/releases/tag/v0.9.0),
you can use the [`type=gha` cache exporter](https://github.com/moby/buildkit/tree/master#github-actions-cache-experimental).
GitHub Actions cache exporter backend uses the [GitHub Cache API](https://github.com/tonistiigi/go-actions-cache/blob/master/api.md)
to fetch and upload cache blobs. That's why this type of cache should be exclusively used in a GitHub Action workflow
as the `url` (`$ACTIONS_CACHE_URL`) and `token` (`$ACTIONS_RUNTIME_TOKEN`) attributes are populated when a workflow
is started.
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: user/app:latest
cache-from: type=gha
cache-to: type=gha,mode=max
```
### Local cache
> :warning: At the moment caches are copied over the existing cache so it [keeps growing](https://github.com/docker/build-push-action/issues/252).
> The `Move cache` step is used as a temporary fix (see https://github.com/moby/buildkit/issues/1896).
You can also leverage [GitHub cache](https://docs.github.com/en/actions/configuring-and-managing-workflows/caching-dependencies-to-speed-up-workflows)
using [actions/cache](https://github.com/actions/cache) and [`type=local` cache exporter](https://github.com/moby/buildkit#local-directory-1)
with this action:
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: user/app:latest
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
-
# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/cache/)

72
docs/advanced/copy-between-registries.md
View File

@ -1,73 +1,3 @@
# Copy images between registries
Multi-platform images built using buildx can be copied from one registry to another without
changing the image SHA using the [tag-push-action](https://github.com/akhilerm/tag-push-action).
The following workflow will first push the image to dockerhub, run some tests using the images
and then push to quay and ghcr
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
- # quay and ghcr logins for pushing image after testing
name: Login to Quay Registry
uses: docker/login-action@v2
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_TOKEN }}
-
name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
user/app:latest
user/app:1.0.0
- # run tests using image from docker hub
name: Run Tests
run: make tests
- # copy multiplatform image from dockerhub to quay and ghcr
name: Push Image to multiple registries
uses: akhilerm/tag-push-action@v2.0.0
with:
src: docker.io/user/app:1.0.0
dst: |
quay.io/user/app:latest
quay.io/user/app:1.0.0
ghcr.io/user/app:latest
ghcr.io/user/app:1.0.0
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/copy-image-registries/)

49
docs/advanced/dockerhub-desc.md
View File

@ -1,48 +1,3 @@
# Update DockerHub repo description
# Update Docker Hub repo description
You can update the [DockerHub repository description](https://docs.docker.com/docker-hub/repos/) using
a third party action called [DockerHub Description](https://github.com/peter-evans/dockerhub-description)
with this action:
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: user/app:latest
-
name: Update repo description
uses: peter-evans/dockerhub-description@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
repository: user/app
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/update-dockerhub-desc/)

34
docs/advanced/export-docker.md
View File

@ -1,35 +1,3 @@
# Export image to Docker
You may want your build result to be available in the Docker client through `docker images` to be able to use it
in another step of your workflow:
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build
uses: docker/build-push-action@v3
with:
context: .
load: true
tags: myimage:latest
-
name: Inspect
run: |
docker image inspect myimage:latest
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/export-docker/)

43
docs/advanced/isolated-builders.md
View File

@ -1,44 +1,3 @@
# Isolated builders
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
uses: docker/setup-buildx-action@v2
id: builder1
-
uses: docker/setup-buildx-action@v2
id: builder2
-
name: Builder 1 name
run: echo ${{ steps.builder1.outputs.name }}
-
name: Builder 2 name
run: echo ${{ steps.builder2.outputs.name }}
-
name: Build against builder1
uses: docker/build-push-action@v3
with:
builder: ${{ steps.builder1.outputs.name }}
context: .
target: mytarget1
-
name: Build against builder2
uses: docker/build-push-action@v3
with:
builder: ${{ steps.builder2.outputs.name }}
context: .
target: mytarget2
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/configure-builder/#isolated-builders)

43
docs/advanced/local-registry.md
View File

@ -1,44 +1,3 @@
# Local registry
For testing purposes you may need to create a [local registry](https://hub.docker.com/_/registry) to push images into:
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
with:
driver-opts: network=host
-
name: Build and push to local registry
uses: docker/build-push-action@v3
with:
context: .
push: true
tags: localhost:5000/name/app:latest
-
name: Inspect
run: |
docker buildx imagetools inspect localhost:5000/name/app:latest
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/local-registry/)

43
docs/advanced/multi-platform.md
View File

@ -1,44 +1,3 @@
# Multi-platform image
You can build multi-platform images using the [`platforms` input](../../README.md#inputs) as described below.
> :bulb: List of available platforms will be displayed and available through our [setup-buildx](https://github.com/docker/setup-buildx-action#about) action.
> :bulb: If you want support for more platforms, you can use QEMU with our [setup-qemu](https://github.com/docker/setup-qemu-action) action.
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: user/app:latest
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/multi-platform/)

3
docs/advanced/named-contexts.md Normal file
View File

@ -0,0 +1,3 @@
# Named contexts
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/named-contexts/)

56
docs/advanced/push-multi-registries.md
View File

@ -1,57 +1,3 @@
# Push to multi-registries
* [Docker Hub and GHCR](#docker-hub-and-ghcr)
## Docker Hub and GHCR
The following workflow will connect you to [DockerHub](https://github.com/docker/login-action#dockerhub)
and [GitHub Container Registry](https://github.com/docker/login-action#github-container-registry) and push the
image to these registries.
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Login to GitHub Container Registry
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: |
user/app:latest
user/app:1.0.0
ghcr.io/user/app:latest
ghcr.io/user/app:1.0.0
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/push-multi-registries/)

83
docs/advanced/secrets.md
View File

@ -1,84 +1,3 @@
# Secrets
In the following example we will expose and use the [GITHUB_TOKEN secret](https://docs.github.com/en/actions/reference/authentication-in-a-workflow#about-the-github_token-secret)
as provided by GitHub in your workflow.
First let's create our `Dockerfile` to use our secret:
```Dockerfile
#syntax=docker/dockerfile:1.2
FROM alpine
RUN --mount=type=secret,id=github_token \
cat /run/secrets/github_token
```
As you can see we have named our secret `github_token`. Here is the workflow you can use to expose this secret using
the [`secrets` input](../../README.md#inputs):
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
tags: user/app:latest
secrets: |
"github_token=${{ secrets.GITHUB_TOKEN }}"
```
> :bulb: You can also expose a secret file to the build with [`secret-files`](../../README.md#inputs) input:
> ```yaml
> secret-files: |
> "MY_SECRET=./secret.txt"
> ```
If you're using [GitHub secrets](https://docs.github.com/en/actions/reference/encrypted-secrets) and need to handle
multi-line value, you will need to place the key-value pair between quotes:
```yaml
secrets: |
"MYSECRET=${{ secrets.GPG_KEY }}"
GIT_AUTH_TOKEN=abcdefghi,jklmno=0123456789
"MYSECRET=aaaaaaaa
bbbbbbb
ccccccccc"
FOO=bar
"EMPTYLINE=aaaa
bbbb
ccc"
"JSON_SECRET={""key1"":""value1"",""key2"":""value2""}"
```
| Key | Value |
|--------------------|--------------------------------------------------|
| `MYSECRET` | `***********************` |
| `GIT_AUTH_TOKEN` | `abcdefghi,jklmno=0123456789` |
| `MYSECRET` | `aaaaaaaa\nbbbbbbb\nccccccccc` |
| `FOO` | `bar` |
| `EMPTYLINE` | `aaaa\n\nbbbb\nccc` |
| `JSON_SECRET` | `{"key1":"value1","key2":"value2"}` |
> :bulb: All quote signs need to be doubled for escaping.
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/secrets/)

57
docs/advanced/share-image-jobs.md
View File

@ -1,58 +1,3 @@
# Share built image between jobs
As each job is isolated in its own runner you cannot use your built image between jobs (except for [self-hosted runners](https://docs.github.com/en/actions/hosting-your-own-runners/about-self-hosted-runners)).
However, you can [pass data between jobs in a workflow](https://docs.github.com/en/actions/guides/storing-workflow-data-as-artifacts#passing-data-between-jobs-in-a-workflow)
using the [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact)
actions:
```yaml
name: ci
on:
push:
branches:
- 'main'
jobs:
build:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Build and export
uses: docker/build-push-action@v3
with:
context: .
tags: myimage:latest
outputs: type=docker,dest=/tmp/myimage.tar
-
name: Upload artifact
uses: actions/upload-artifact@v3
with:
name: myimage
path: /tmp/myimage.tar
use:
runs-on: ubuntu-latest
needs: build
steps:
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Download artifact
uses: actions/download-artifact@v3
with:
name: myimage
path: /tmp
-
name: Load image
run: |
docker load --input /tmp/myimage.tar
docker image ls -a
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/share-image-jobs/)

75
docs/advanced/tags-labels.md
View File

@ -1,76 +1,3 @@
# Handle tags and labels
If you want an "automatic" tag management and [OCI Image Format Specification](https://github.com/opencontainers/image-spec/blob/master/annotations.md)
for labels, you can do it in a dedicated step. The following workflow will use the [Docker metadata action](https://github.com/docker/metadata-action)
to handle tags and labels based on GitHub actions events and Git metadata.
```yaml
name: ci
on:
schedule:
- cron: '0 10 * * *'
push:
branches:
- '**'
tags:
- 'v*.*.*'
pull_request:
branches:
- 'main'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Docker meta
id: meta
uses: docker/metadata-action@v4
with:
# list of Docker images to use as base name for tags
images: |
name/app
ghcr.io/username/app
# generate Docker tags based on the following events/attributes
tags: |
type=schedule
type=ref,event=branch
type=ref,event=pr
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Login to GHCR
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
```
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/manage-tags-labels/)

63
docs/advanced/test-before-push.md
View File

@ -1,64 +1,3 @@
# Test your image before pushing it
In some cases, you might want to validate that the image works as expected
before pushing it.
The workflow below will be composed of several steps to achieve this:
* Build and export the image to Docker
* Test your image
* Multi-platform build and push the image
```yaml
name: ci
on:
push:
branches:
- 'main'
env:
TEST_TAG: user/myapp:test
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
-
name: Login to DockerHub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and export to Docker
uses: docker/build-push-action@v3
with:
context: .
load: true
tags: ${{ env.TEST_TAG }}
-
name: Test
run: |
docker run --rm ${{ env.TEST_TAG }}
-
name: Build and push
uses: docker/build-push-action@v3
with:
context: .
platforms: linux/amd64,linux/arm64
push: true
tags: user/app:latest
```
> :bulb: Build time will not be increased with this workflow because internal
> cache for `linux/amd64` will be used from previous step on `Build and push`
> step so only `linux/arm64` will be actually built.
This page has moved to [Docker Docs website](https://docs.docker.com/build/ci/github-actions/test-before-push/)

19
jest.config.ts
View File

@ -1,7 +1,22 @@
import fs from 'fs';
import os from 'os';
import path from 'path';
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-build-push-action-'));
process.env = Object.assign({}, process.env, {
TEMP: tmpDir,
GITHUB_REPOSITORY: 'docker/build-push-action',
RUNNER_TEMP: path.join(tmpDir, 'runner-temp'),
RUNNER_TOOL_CACHE: path.join(tmpDir, 'runner-tool-cache')
}) as {
[key: string]: string;
};
module.exports = {
clearMocks: false,
testEnvironment: 'node',
moduleFileExtensions: ['js', 'ts'],
setupFiles: ['dotenv/config'],
testMatch: ['**/*.test.ts'],
transform: {
'^.+\\.ts$': 'ts-jest'
@ -9,5 +24,7 @@ module.exports = {
moduleNameMapper: {
'^csv-parse/sync': '<rootDir>/node_modules/csv-parse/dist/cjs/sync.cjs'
},
collectCoverageFrom: ['src/**/{!(main.ts),}.ts'],
coveragePathIgnorePatterns: ['lib/', 'node_modules/', '__mocks__/', '__tests__/'],
verbose: true
};

39
package.json
View File

@ -28,31 +28,24 @@
],
"license": "Apache-2.0",
"dependencies": {
"@actions/core": "^1.9.0",
"@actions/exec": "^1.1.1",
"@actions/github": "^5.0.3",
"csv-parse": "^5.3.0",
"handlebars": "^4.7.7",
"semver": "^7.3.7",
"tmp": "^0.2.1"
"@actions/core": "^1.10.0",
"@docker/actions-toolkit": "^0.3.0",
"handlebars": "^4.7.7"
},
"devDependencies": {
"@types/csv-parse": "^1.2.2",
"@types/node": "^16.11.26",
"@types/semver": "^7.3.9",
"@types/tmp": "^0.2.3",
"@typescript-eslint/eslint-plugin": "^5.14.0",
"@typescript-eslint/parser": "^5.14.0",
"@vercel/ncc": "^0.33.3",
"dotenv": "^16.0.0",
"eslint": "^8.11.0",
"eslint-config-prettier": "^8.5.0",
"eslint-plugin-jest": "^26.1.1",
"eslint-plugin-prettier": "^4.0.0",
"jest": "^27.2.5",
"prettier": "^2.3.1",
"ts-jest": "^27.1.2",
"ts-node": "^10.7.0",
"typescript": "^4.4.4"
"@types/node": "^16.18.21",
"@typescript-eslint/eslint-plugin": "^5.56.0",
"@typescript-eslint/parser": "^5.56.0",
"@vercel/ncc": "^0.36.1",
"eslint": "^8.36.0",
"eslint-config-prettier": "^8.8.0",
"eslint-plugin-jest": "^27.2.1",
"eslint-plugin-prettier": "^4.2.1",
"jest": "^29.5.0",
"prettier": "^2.8.7",
"ts-jest": "^29.0.5",
"ts-node": "^10.9.1",
"typescript": "^4.9.5"
}
}

161
src/buildx.ts
View File

@ -1,161 +0,0 @@
import {parse} from 'csv-parse/sync';
import fs from 'fs';
import path from 'path';
import * as semver from 'semver';
import * as exec from '@actions/exec';
import * as context from './context';
export async function getImageIDFile(): Promise<string> {
return path.join(context.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);
}
export async function getImageID(): Promise<string | undefined> {
const iidFile = await getImageIDFile();
if (!fs.existsSync(iidFile)) {
return undefined;
}
return fs.readFileSync(iidFile, {encoding: 'utf-8'}).trim();
}
export async function getMetadataFile(): Promise<string> {
return path.join(context.tmpDir(), 'metadata-file').split(path.sep).join(path.posix.sep);
}
export async function getMetadata(): Promise<string | undefined> {
const metadataFile = await getMetadataFile();
if (!fs.existsSync(metadataFile)) {
return undefined;
}
const content = fs.readFileSync(metadataFile, {encoding: 'utf-8'}).trim();
if (content === 'null') {
return undefined;
}
return content;
}
export async function getDigest(metadata: string | undefined): Promise<string | undefined> {
if (metadata === undefined) {
return undefined;
}
const metadataJSON = JSON.parse(metadata);
if (metadataJSON['containerimage.digest']) {
return metadataJSON['containerimage.digest'];
}
return undefined;
}
export async function getSecretString(kvp: string): Promise<string> {
return getSecret(kvp, false);
}
export async function getSecretFile(kvp: string): Promise<string> {
return getSecret(kvp, true);
}
export async function getSecret(kvp: string, file: boolean): Promise<string> {
const delimiterIndex = kvp.indexOf('=');
const key = kvp.substring(0, delimiterIndex);
let value = kvp.substring(delimiterIndex + 1);
if (key.length == 0 || value.length == 0) {
throw new Error(`${kvp} is not a valid secret`);
}
if (file) {
if (!fs.existsSync(value)) {
throw new Error(`secret file ${value} not found`);
}
value = fs.readFileSync(value, {encoding: 'utf-8'});
}
const secretFile = context.tmpNameSync({
tmpdir: context.tmpDir()
});
fs.writeFileSync(secretFile, value);
return `id=${key},src=${secretFile}`;
}
export function isLocalOrTarExporter(outputs: string[]): boolean {
const records = parse(outputs.join(`\n`), {
delimiter: ',',
trim: true,
columns: false,
relaxColumnCount: true
});
for (const record of records) {
// Local if no type is defined
// https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43
if (record.length == 1 && !record[0].startsWith('type=')) {
return true;
}
for (const [key, value] of record.map(chunk => chunk.split('=').map(item => item.trim()))) {
if (key == 'type' && (value == 'local' || value == 'tar')) {
return true;
}
}
}
return false;
}
export function hasGitAuthToken(secrets: string[]): boolean {
for (const secret of secrets) {
if (secret.startsWith('GIT_AUTH_TOKEN=')) {
return true;
}
}
return false;
}
export async function isAvailable(standalone?: boolean): Promise<boolean> {
const cmd = getCommand([], standalone);
return await exec
.getExecOutput(cmd.command, cmd.args, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
return false;
}
return res.exitCode == 0;
})
// eslint-disable-next-line @typescript-eslint/no-unused-vars
.catch(error => {
return false;
});
}
export async function getVersion(standalone?: boolean): Promise<string> {
const cmd = getCommand(['version'], standalone);
return await exec
.getExecOutput(cmd.command, cmd.args, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.trim());
}
return parseVersion(res.stdout.trim());
});
}
export function parseVersion(stdout: string): string {
const matches = /\sv?([0-9a-f]{7}|[0-9.]+)/.exec(stdout);
if (!matches) {
throw new Error(`Cannot parse buildx version`);
}
return matches[1];
}
export function satisfies(version: string, range: string): boolean {
return semver.satisfies(version, range) || /^[0-9a-f]{7}$/.exec(version) !== null;
}
export function getCommand(args: Array<string>, standalone?: boolean) {
return {
command: standalone ? 'buildx' : 'docker',
args: standalone ? args : ['buildx', ...args]
};
}

206
src/context.ts
View File

@ -1,21 +1,15 @@
import {parse} from 'csv-parse/sync';
import * as fs from 'fs';
import * as os from 'os';
import * as path from 'path';
import * as tmp from 'tmp';
import * as core from '@actions/core';
import {issueCommand} from '@actions/core/lib/command';
import * as github from '@actions/github';
import * as buildx from './buildx';
import * as handlebars from 'handlebars';
let _defaultContext, _tmpDir: string;
import {Context} from '@docker/actions-toolkit/lib/context';
import {GitHub} from '@docker/actions-toolkit/lib/github';
import {Inputs as BuildxInputs} from '@docker/actions-toolkit/lib/buildx/inputs';
import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
import {Util} from '@docker/actions-toolkit/lib/util';
export interface Inputs {
addHosts: string[];
allow: string[];
attests: string[];
buildArgs: string[];
buildContexts: string[];
builder: string;
@ -31,8 +25,10 @@ export interface Inputs {
noCacheFilters: string[];
outputs: string[];
platforms: string[];
provenance: string;
pull: boolean;
push: boolean;
sbom: string;
secrets: string[];
secretFiles: string[];
shmSize: string;
@ -43,92 +39,78 @@ export interface Inputs {
githubToken: string;
}
export function defaultContext(): string {
if (!_defaultContext) {
let ref = github.context.ref;
if (github.context.sha && ref && !ref.startsWith('refs/')) {
ref = `refs/heads/${github.context.ref}`;
}
if (github.context.sha && !ref.startsWith(`refs/pull/`)) {
ref = github.context.sha;
}
_defaultContext = `${process.env.GITHUB_SERVER_URL || 'https://github.com'}/${github.context.repo.owner}/${github.context.repo.repo}.git#${ref}`;
}
return _defaultContext;
}
export function tmpDir(): string {
if (!_tmpDir) {
_tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-build-push-')).split(path.sep).join(path.posix.sep);
}
return _tmpDir;
}
export function tmpNameSync(options?: tmp.TmpNameOptions): string {
return tmp.tmpNameSync(options);
}
export async function getInputs(defaultContext: string): Promise<Inputs> {
export async function getInputs(): Promise<Inputs> {
return {
addHosts: await getInputList('add-hosts'),
allow: await getInputList('allow'),
buildArgs: await getInputList('build-args', true),
buildContexts: await getInputList('build-contexts', true),
addHosts: Util.getInputList('add-hosts'),
allow: Util.getInputList('allow'),
attests: Util.getInputList('attests', {ignoreComma: true}),
buildArgs: Util.getInputList('build-args', {ignoreComma: true}),
buildContexts: Util.getInputList('build-contexts', {ignoreComma: true}),
builder: core.getInput('builder'),
cacheFrom: await getInputList('cache-from', true),
cacheTo: await getInputList('cache-to', true),
cacheFrom: Util.getInputList('cache-from', {ignoreComma: true}),
cacheTo: Util.getInputList('cache-to', {ignoreComma: true}),
cgroupParent: core.getInput('cgroup-parent'),
context: core.getInput('context') || defaultContext,
context: core.getInput('context') || Context.gitContext(),
file: core.getInput('file'),
labels: await getInputList('labels', true),
labels: Util.getInputList('labels', {ignoreComma: true}),
load: core.getBooleanInput('load'),
network: core.getInput('network'),
noCache: core.getBooleanInput('no-cache'),
noCacheFilters: await getInputList('no-cache-filters'),
outputs: await getInputList('outputs', true),
platforms: await getInputList('platforms'),
noCacheFilters: Util.getInputList('no-cache-filters'),
outputs: Util.getInputList('outputs', {ignoreComma: true}),
platforms: Util.getInputList('platforms'),
provenance: BuildxInputs.getProvenanceInput('provenance'),
pull: core.getBooleanInput('pull'),
push: core.getBooleanInput('push'),
secrets: await getInputList('secrets', true),
secretFiles: await getInputList('secret-files', true),
sbom: core.getInput('sbom'),
secrets: Util.getInputList('secrets', {ignoreComma: true}),
secretFiles: Util.getInputList('secret-files', {ignoreComma: true}),
shmSize: core.getInput('shm-size'),
ssh: await getInputList('ssh'),
tags: await getInputList('tags'),
ssh: Util.getInputList('ssh'),
tags: Util.getInputList('tags'),
target: core.getInput('target'),
ulimit: await getInputList('ulimit', true),
ulimit: Util.getInputList('ulimit', {ignoreComma: true}),
githubToken: core.getInput('github-token')
};
}
export async function getArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
export async function getArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<string>> {
const context = handlebars.compile(inputs.context)({
defaultContext: Context.gitContext()
});
// prettier-ignore
return [
...await getBuildArgs(inputs, defaultContext, buildxVersion),
...await getCommonArgs(inputs, buildxVersion),
handlebars.compile(inputs.context)({defaultContext})
...await getBuildArgs(inputs, context, toolkit),
...await getCommonArgs(inputs, toolkit),
context
];
}
async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit): Promise<Array<string>> {
const args: Array<string> = ['build'];
await asyncForEach(inputs.addHosts, async addHost => {
await Util.asyncForEach(inputs.addHosts, async addHost => {
args.push('--add-host', addHost);
});
if (inputs.allow.length > 0) {
args.push('--allow', inputs.allow.join(','));
}
await asyncForEach(inputs.buildArgs, async buildArg => {
if (await toolkit.buildx.versionSatisfies('>=0.10.0')) {
await Util.asyncForEach(inputs.attests, async attest => {
args.push('--attest', attest);
});
}
await Util.asyncForEach(inputs.buildArgs, async buildArg => {
args.push('--build-arg', buildArg);
});
if (buildx.satisfies(buildxVersion, '>=0.8.0')) {
await asyncForEach(inputs.buildContexts, async buildContext => {
if (await toolkit.buildx.versionSatisfies('>=0.8.0')) {
await Util.asyncForEach(inputs.buildContexts, async buildContext => {
args.push('--build-context', buildContext);
});
}
await asyncForEach(inputs.cacheFrom, async cacheFrom => {
await Util.asyncForEach(inputs.cacheFrom, async cacheFrom => {
args.push('--cache-from', cacheFrom);
});
await asyncForEach(inputs.cacheTo, async cacheTo => {
await Util.asyncForEach(inputs.cacheTo, async cacheTo => {
args.push('--cache-to', cacheTo);
});
if (inputs.cgroupParent) {
@ -137,57 +119,77 @@ async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersio
if (inputs.file) {
args.push('--file', inputs.file);
}
if (!buildx.isLocalOrTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || buildx.satisfies(buildxVersion, '>=0.4.2'))) {
args.push('--iidfile', await buildx.getImageIDFile());
if (!BuildxInputs.hasLocalExporter(inputs.outputs) && !BuildxInputs.hasTarExporter(inputs.outputs) && (inputs.platforms.length == 0 || (await toolkit.buildx.versionSatisfies('>=0.4.2')))) {
args.push('--iidfile', BuildxInputs.getBuildImageIDFilePath());
}
await asyncForEach(inputs.labels, async label => {
await Util.asyncForEach(inputs.labels, async label => {
args.push('--label', label);
});
await asyncForEach(inputs.noCacheFilters, async noCacheFilter => {
await Util.asyncForEach(inputs.noCacheFilters, async noCacheFilter => {
args.push('--no-cache-filter', noCacheFilter);
});
await asyncForEach(inputs.outputs, async output => {
await Util.asyncForEach(inputs.outputs, async output => {
args.push('--output', output);
});
if (inputs.platforms.length > 0) {
args.push('--platform', inputs.platforms.join(','));
}
await asyncForEach(inputs.secrets, async secret => {
if (await toolkit.buildx.versionSatisfies('>=0.10.0')) {
if (inputs.provenance) {
args.push('--provenance', inputs.provenance);
} else if ((await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !BuildxInputs.hasDockerExporter(inputs.outputs, inputs.load)) {
// if provenance not specified and BuildKit version compatible for
// attestation, set default provenance. Also needs to make sure user
// doesn't want to explicitly load the image to docker.
if (GitHub.context.payload.repository?.private ?? false) {
// if this is a private repository, we set the default provenance
// attributes being set in buildx: https://github.com/docker/buildx/blob/fb27e3f919dcbf614d7126b10c2bc2d0b1927eb6/build/build.go#L603
args.push('--provenance', BuildxInputs.resolveProvenanceAttrs(`mode=min,inline-only=true`));
} else {
// for a public repository, we set max provenance mode.
args.push('--provenance', BuildxInputs.resolveProvenanceAttrs(`mode=max`));
}
}
if (inputs.sbom) {
args.push('--sbom', inputs.sbom);
}
}
await Util.asyncForEach(inputs.secrets, async secret => {
try {
args.push('--secret', await buildx.getSecretString(secret));
args.push('--secret', BuildxInputs.resolveBuildSecretString(secret));
} catch (err) {
core.warning(err.message);
}
});
await asyncForEach(inputs.secretFiles, async secretFile => {
await Util.asyncForEach(inputs.secretFiles, async secretFile => {
try {
args.push('--secret', await buildx.getSecretFile(secretFile));
args.push('--secret', BuildxInputs.resolveBuildSecretFile(secretFile));
} catch (err) {
core.warning(err.message);
}
});
if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) {
args.push('--secret', await buildx.getSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
if (inputs.githubToken && !BuildxInputs.hasGitAuthTokenSecret(inputs.secrets) && context.startsWith(Context.gitContext())) {
args.push('--secret', BuildxInputs.resolveBuildSecretString(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
}
if (inputs.shmSize) {
args.push('--shm-size', inputs.shmSize);
}
await asyncForEach(inputs.ssh, async ssh => {
await Util.asyncForEach(inputs.ssh, async ssh => {
args.push('--ssh', ssh);
});
await asyncForEach(inputs.tags, async tag => {
await Util.asyncForEach(inputs.tags, async tag => {
args.push('--tag', tag);
});
if (inputs.target) {
args.push('--target', inputs.target);
}
await asyncForEach(inputs.ulimit, async ulimit => {
await Util.asyncForEach(inputs.ulimit, async ulimit => {
args.push('--ulimit', ulimit);
});
return args;
}
async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Array<string>> {
async function getCommonArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<string>> {
const args: Array<string> = [];
if (inputs.builder) {
args.push('--builder', inputs.builder);
@ -195,8 +197,8 @@ async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Arr
if (inputs.load) {
args.push('--load');
}
if (buildx.satisfies(buildxVersion, '>=0.6.0')) {
args.push('--metadata-file', await buildx.getMetadataFile());
if (await toolkit.buildx.versionSatisfies('>=0.6.0')) {
args.push('--metadata-file', BuildxInputs.getBuildMetadataFilePath());
}
if (inputs.network) {
args.push('--network', inputs.network);
@ -212,43 +214,3 @@ async function getCommonArgs(inputs: Inputs, buildxVersion: string): Promise<Arr
}
return args;
}
export async function getInputList(name: string, ignoreComma?: boolean): Promise<string[]> {
const res: Array<string> = [];
const items = core.getInput(name);
if (items == '') {
return res;
}
const records = await parse(items, {
columns: false,
relaxQuotes: true,
relaxColumnCount: true,
skipEmptyLines: true
});
for (const record of records as Array<string[]>) {
if (record.length == 1) {
res.push(record[0]);
continue;
} else if (!ignoreComma) {
res.push(...record);
continue;
}
res.push(record.join(','));
}
return res.filter(item => item).map(pat => pat.trim());
}
export const asyncForEach = async (array, callback) => {
for (let index = 0; index < array.length; index++) {
await callback(array[index], index, array);
}
};
// FIXME: Temp fix https://github.com/actions/toolkit/issues/777
export function setOutput(name: string, value: unknown): void {
issueCommand('set-output', {name}, value);
}

19
src/docker.ts
View File

@ -1,19 +0,0 @@
import * as exec from '@actions/exec';
export async function isAvailable(): Promise<boolean> {
return await exec
.getExecOutput('docker', undefined, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
return false;
}
return res.exitCode == 0;
})
// eslint-disable-next-line @typescript-eslint/no-unused-vars
.catch(error => {
return false;
});
}

120
src/main.ts
View File

@ -1,95 +1,89 @@
import * as fs from 'fs';
import * as buildx from './buildx';
import * as context from './context';
import * as docker from './docker';
import * as stateHelper from './state-helper';
import * as core from '@actions/core';
import * as exec from '@actions/exec';
import * as actionsToolkit from '@docker/actions-toolkit';
import {Context} from '@docker/actions-toolkit/lib/context';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
import {Exec} from '@docker/actions-toolkit/lib/exec';
import {GitHub} from '@docker/actions-toolkit/lib/github';
import {Inputs as BuildxInputs} from '@docker/actions-toolkit/lib/buildx/inputs';
import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
async function run(): Promise<void> {
try {
const defContext = context.defaultContext();
const inputs: context.Inputs = await context.getInputs(defContext);
import * as context from './context';
// standalone if docker cli not available
const standalone = !(await docker.isAvailable());
actionsToolkit.run(
// main
async () => {
const inputs: context.Inputs = await context.getInputs();
const toolkit = new Toolkit();
core.startGroup(`Docker info`);
if (standalone) {
core.info(`Docker info skipped in standalone mode`);
} else {
await exec.exec('docker', ['version'], {
failOnStdErr: false
});
await exec.exec('docker', ['info'], {
failOnStdErr: false
});
}
core.endGroup();
await core.group(`GitHub Actions runtime token ACs`, async () => {
try {
await GitHub.printActionsRuntimeTokenACs();
} catch (e) {
core.warning(e.message);
}
});
if (!(await buildx.isAvailable(standalone))) {
await core.group(`Docker info`, async () => {
try {
await Docker.printVersion();
await Docker.printInfo();
} catch (e) {
core.info(e.message);
}
});
if (!(await toolkit.buildx.isAvailable())) {
core.setFailed(`Docker buildx is required. See https://github.com/docker/setup-buildx-action to set up buildx.`);
return;
}
stateHelper.setTmpDir(context.tmpDir());
const buildxVersion = await buildx.getVersion(standalone);
stateHelper.setTmpDir(Context.tmpDir());
await core.group(`Buildx version`, async () => {
const versionCmd = buildx.getCommand(['version'], standalone);
await exec.exec(versionCmd.command, versionCmd.args, {
failOnStdErr: false
});
await toolkit.buildx.printVersion();
});
const args: string[] = await context.getArgs(inputs, defContext, buildxVersion);
const buildCmd = buildx.getCommand(args, standalone);
await exec
.getExecOutput(buildCmd.command, buildCmd.args, {
ignoreReturnCode: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(`buildx failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
}
});
const args: string[] = await context.getArgs(inputs, toolkit);
const buildCmd = await toolkit.buildx.getCommand(args);
await Exec.getExecOutput(buildCmd.command, buildCmd.args, {
ignoreReturnCode: true
}).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(`buildx failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
}
});
const imageID = await buildx.getImageID();
const metadata = await buildx.getMetadata();
const digest = await buildx.getDigest(metadata);
const imageID = BuildxInputs.resolveBuildImageID();
const metadata = BuildxInputs.resolveBuildMetadata();
const digest = BuildxInputs.resolveDigest();
if (imageID) {
await core.group(`ImageID`, async () => {
core.info(imageID);
context.setOutput('imageid', imageID);
core.setOutput('imageid', imageID);
});
}
if (digest) {
await core.group(`Digest`, async () => {
core.info(digest);
context.setOutput('digest', digest);
core.setOutput('digest', digest);
});
}
if (metadata) {
await core.group(`Metadata`, async () => {
core.info(metadata);
context.setOutput('metadata', metadata);
core.setOutput('metadata', metadata);
});
}
},
// post
async () => {
if (stateHelper.tmpDir.length > 0) {
await core.group(`Removing temp folder ${stateHelper.tmpDir}`, async () => {
fs.rmSync(stateHelper.tmpDir, {recursive: true});
});
}
} catch (error) {
core.setFailed(error.message);
}
}
async function cleanup(): Promise<void> {
if (stateHelper.tmpDir.length > 0) {
core.startGroup(`Removing temp folder ${stateHelper.tmpDir}`);
fs.rmdirSync(stateHelper.tmpDir, {recursive: true});
core.endGroup();
}
}
if (!stateHelper.IsPost) {
run();
} else {
cleanup();
}
);

5
src/state-helper.ts
View File

@ -1,12 +1,7 @@
import * as core from '@actions/core';
export const IsPost = !!process.env['STATE_isPost'];
export const tmpDir = process.env['STATE_tmpDir'] || '';
export function setTmpDir(tmpDir: string) {
core.saveState('tmpDir', tmpDir);
}
if (!IsPost) {
core.saveState('isPost', 'true');
}

2
test/Dockerfile
View File

@ -1,3 +1,3 @@
# syntax=docker/dockerfile:1
FROM alpine
RUN echo "Hello world!"

1
test/addhost.Dockerfile
View File

@ -1,2 +1,3 @@
# syntax=docker/dockerfile:1
FROM busybox
RUN cat /etc/hosts

3
test/buildcontext.Dockerfile
View File

@ -1,3 +0,0 @@
# syntax=docker/dockerfile-upstream:master
FROM alpine
RUN cat /etc/*release

1
test/cgroup.Dockerfile
View File

@ -1,2 +1,3 @@
# syntax=docker/dockerfile:1
FROM alpine
RUN cat /proc/self/cgroup

19
test/go/Dockerfile Normal file
View File

@ -0,0 +1,19 @@
# syntax=docker/dockerfile:1
FROM golang:alpine AS base
ENV CGO_ENABLED=0
RUN apk add --no-cache file git
WORKDIR /src
FROM base AS build
RUN --mount=type=bind,target=/src \
--mount=type=cache,target=/root/.cache/go-build \
go build -ldflags "-s -w" -o /usr/bin/app .
FROM scratch AS binary
COPY --from=build /usr/bin/app /bin/app
FROM alpine AS image
COPY --from=build /usr/bin/app /bin/app
EXPOSE 8080
ENTRYPOINT ["/bin/app"]

3
test/go/go.mod Normal file
View File

@ -0,0 +1,3 @@
module github.com/docker/build-push-action/test/go
go 1.18

14
test/go/main.go Normal file
View File

@ -0,0 +1,14 @@
package main
import (
"fmt"
"log"
"net/http"
)
func main() {
http.HandleFunc("/", func(w http.ResponseWriter, r *http.Request) {
fmt.Fprintf(w, "Hello, Go!")
})
log.Fatal(http.ListenAndServe(":8080", nil))
}

4
test/multi-sudo.Dockerfile
View File

@ -1,9 +1,8 @@
# syntax=docker/dockerfile:1
FROM --platform=$BUILDPLATFORM golang:alpine AS build
ARG TARGETPLATFORM
ARG BUILDPLATFORM
RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" > /log
RUN apk --update --no-cache add \
shadow \
sudo \
@ -17,6 +16,5 @@ RUN sudo chown buildx. /log
USER root
FROM alpine
COPY --from=build /log /log
RUN ls -al /log

1
test/multi.Dockerfile
View File

@ -1,3 +1,4 @@
# syntax=docker/dockerfile:1
FROM --platform=$BUILDPLATFORM golang:alpine AS build
ARG TARGETPLATFORM

4
test/named-context-base.Dockerfile Normal file
View File

@ -0,0 +1,4 @@
# syntax=docker/dockerfile:1
FROM debian
RUN echo "Hello debian!"

4
test/named-context.Dockerfile Normal file
View File

@ -0,0 +1,4 @@
# syntax=docker/dockerfile:1
FROM alpine
RUN cat /etc/*release

1
test/nocachefilter.Dockerfile
View File

@ -1,3 +1,4 @@
# syntax=docker/dockerfile:1
FROM busybox AS base
RUN echo "Hello world!" > /hello

4
test/secret.Dockerfile Normal file
View File

@ -0,0 +1,4 @@
# syntax=docker/dockerfile:1
FROM busybox
RUN --mount=type=secret,id=MYSECRET \
echo "MYSECRET=$(cat /run/secrets/MYSECRET)"

1
test/shmsize.Dockerfile
View File

@ -1,2 +1,3 @@
# syntax=docker/dockerfile:1
FROM busybox
RUN mount | grep /dev/shm

1
test/ulimit.Dockerfile
View File

@ -1,2 +1,3 @@
# syntax=docker/dockerfile:1
FROM busybox
RUN ulimit -a

9
tsconfig.json
View File

@ -1,19 +1,22 @@
{
"compilerOptions": {
"esModuleInterop": true,
"target": "es6",
"module": "commonjs",
"strict": true,
"newLine": "lf",
"outDir": "./lib",
"rootDir": "./src",
"esModuleInterop": true,
"forceConsistentCasingInFileNames": true,
"strict": true,
"noImplicitAny": false,
"resolveJsonModule": true,
"useUnknownInCatchVariables": false,
},
"exclude": [
"./__mocks__/**/*",
"./__tests__/**/*",
"./lib/**/*",
"node_modules",
"**/*.test.ts",
"jest.config.ts"
]
}

2395
yarn.lock
View File

File diff suppressed because it is too large Load Diff