cicd/setup-buildx-action
1
0
Fork 0
mirror of https://github.com/docker/setup-buildx-action.git synced 2025-10-31 01:20:09 +08:00
Code Issues Projects Wiki Activity

Merge pull request #15 from crazy-max/default-entitlements

Browse Source 
Allow daemon side entitlements by default
This commit is contained in:
Tõnis Tiigi 2020-09-04 18:17:17 -07:00 committed by GitHub
commit 54edbcd840
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 87 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -131,7 +131,7 @@ Following inputs can be used as `step.with` keys
| `version` | String | [Buildx](https://github.com/docker/buildx) version. (e.g. `v0.3.0`, `latest`) | | `version` | String | [Buildx](https://github.com/docker/buildx) version. (e.g. `v0.3.0`, `latest`) |
| `driver` | String | Sets the [builder driver](https://github.com/docker/buildx#--driver-driver) to be used (default `docker-container`) | | `driver` | String | Sets the [builder driver](https://github.com/docker/buildx#--driver-driver) to be used (default `docker-container`) |
| `driver-opts` | CSV | List of additional [driver-specific options](https://github.com/docker/buildx#--driver-opt-options) | | `driver-opts` | CSV | List of additional [driver-specific options](https://github.com/docker/buildx#--driver-opt-options) |
| `buildkitd-flags` | String | [Flags for buildkitd](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) daemon | | `buildkitd-flags` | String | [Flags for buildkitd](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) daemon (since [buildx v0.3.0](https://github.com/docker/buildx/releases/tag/v0.3.0)) |
| `install` | Bool | Sets up `docker build` command as an alias to `docker buildx` (default `false`) | | `install` | Bool | Sets up `docker build` command as an alias to `docker buildx` (default `false`) |
| `use` | Bool | Switch to this builder instance (default `true`) | | `use` | Bool | Switch to this builder instance (default `true`) |

48
__tests__/buildx.test.ts
View File

@ -3,26 +3,34 @@ import * as docker from '../src/docker';
import * as buildx from '../src/buildx'; import * as buildx from '../src/buildx';
import * as path from 'path'; import * as path from 'path';
import * as os from 'os'; import * as os from 'os';
import * as semver from 'semver';
import * as exec from '@actions/exec';
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'setup-buildx-')); describe('getVersion', () => {
it('valid', async () => {
await exec.exec('docker', ['buildx', 'version']);
const version = await buildx.getVersion();
console.log(`version: ${version}`);
expect(semver.valid(version)).not.toBeNull();
}, 100000);
});
describe('buildx', () => { describe('parseVersion', () => {
test.each([
['github.com/docker/buildx 0.4.1+azure bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
['github.com/docker/buildx v0.4.1 bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
['github.com/docker/buildx v0.4.2 fb7b670b764764dc4716df3eba07ffdae4cc47b2', '0.4.2']
])('given %p', async (stdout, expected) => {
expect(await buildx.parseVersion(stdout)).toEqual(expected);
});
});
describe('platforms', () => {
async function isDaemonRunning() { async function isDaemonRunning() {
return await docker.isDaemonRunning(); return await docker.isDaemonRunning();
} }
it('is available', async () => {
expect(await buildx.isAvailable()).toBe(true);
}, 100000);
it('count builders', async () => {
const countBuilders = await buildx.countBuilders();
console.log(`countBuilders: ${countBuilders}`);
expect(countBuilders).toBeGreaterThan(0);
}, 100000);
(isDaemonRunning() ? it : it.skip)( (isDaemonRunning() ? it : it.skip)(
'platforms', 'valid',
async () => { async () => {
const platforms = buildx.platforms(); const platforms = buildx.platforms();
console.log(`platforms: ${platforms}`); console.log(`platforms: ${platforms}`);
@ -31,13 +39,23 @@ describe('buildx', () => {
}, },
100000 100000
); );
});
describe('countBuilders', () => {
it('valid', async () => {
const countBuilders = await buildx.countBuilders();
console.log(`countBuilders: ${countBuilders}`);
expect(countBuilders).toBeGreaterThan(0);
}, 100000);
});
describe('install', () => {
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'setup-buildx-'));
it('acquires v0.2.2 version of buildx', async () => { it('acquires v0.2.2 version of buildx', async () => {
const buildxBin = await buildx.install('v0.2.2', tmpDir); const buildxBin = await buildx.install('v0.2.2', tmpDir);
console.log(buildxBin); console.log(buildxBin);
expect(fs.existsSync(buildxBin)).toBe(true); expect(fs.existsSync(buildxBin)).toBe(true);
}, 100000); }, 100000);
it('acquires latest version of buildx', async () => { it('acquires latest version of buildx', async () => {
const buildxBin = await buildx.install('latest', tmpDir); const buildxBin = await buildx.install('latest', tmpDir);
console.log(buildxBin); console.log(buildxBin);

1
action.yml
View File

@ -19,6 +19,7 @@ inputs:
required: false required: false
buildkitd-flags: buildkitd-flags:
description: 'Flags for buildkitd daemon' description: 'Flags for buildkitd daemon'
default: '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host'
required: false required: false
install: install:
description: 'Sets up docker build command as an alias to docker buildx' description: 'Sets up docker build command as an alias to docker buildx'

33
dist/index.js generated vendored
View File

@ -500,6 +500,7 @@ const core = __importStar(__webpack_require__(186));
const exec = __importStar(__webpack_require__(514)); const exec = __importStar(__webpack_require__(514));
const os = __importStar(__webpack_require__(87)); const os = __importStar(__webpack_require__(87));
const path = __importStar(__webpack_require__(622)); const path = __importStar(__webpack_require__(622));
const semver = __importStar(__webpack_require__(383));
const buildx = __importStar(__webpack_require__(295)); const buildx = __importStar(__webpack_require__(295));
const context = __importStar(__webpack_require__(842)); const context = __importStar(__webpack_require__(842));
const mexec = __importStar(__webpack_require__(757)); const mexec = __importStar(__webpack_require__(757));
@ -516,8 +517,8 @@ function run() {
if (!(yield buildx.isAvailable()) || inputs.version) { if (!(yield buildx.isAvailable()) || inputs.version) {
yield buildx.install(inputs.version || 'latest', dockerConfigHome); yield buildx.install(inputs.version || 'latest', dockerConfigHome);
} }
core.info('📣 Buildx info'); const buildxVersion = yield buildx.getVersion();
yield exec.exec('docker', ['buildx', 'version']); core.info(`📣 Buildx version: ${buildxVersion}`);
const builderName = inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(yield buildx.countBuilders()) + 1}`; const builderName = inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(yield buildx.countBuilders()) + 1}`;
core.setOutput('name', builderName); core.setOutput('name', builderName);
stateHelper.setBuilderName(builderName); stateHelper.setBuilderName(builderName);
@ -527,7 +528,7 @@ function run() {
yield context.asyncForEach(inputs.driverOpts, (driverOpt) => __awaiter(this, void 0, void 0, function* () { yield context.asyncForEach(inputs.driverOpts, (driverOpt) => __awaiter(this, void 0, void 0, function* () {
createArgs.push('--driver-opt', driverOpt); createArgs.push('--driver-opt', driverOpt);
})); }));
if (inputs.buildkitdFlags) { if (inputs.buildkitdFlags && semver.satisfies(buildxVersion, '>=0.3.0')) {
createArgs.push('--buildkitd-flags', inputs.buildkitdFlags); createArgs.push('--buildkitd-flags', inputs.buildkitdFlags);
} }
if (inputs.use) { if (inputs.use) {
@ -1936,7 +1937,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
}); });
}; };
Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "__esModule", { value: true });
exports.install = exports.platforms = exports.countBuilders = exports.isAvailable = void 0; exports.install = exports.platforms = exports.countBuilders = exports.isAvailable = exports.parseVersion = exports.getVersion = void 0;
const fs = __importStar(__webpack_require__(747)); const fs = __importStar(__webpack_require__(747));
const path = __importStar(__webpack_require__(622)); const path = __importStar(__webpack_require__(622));
const semver = __importStar(__webpack_require__(383)); const semver = __importStar(__webpack_require__(383));
@ -1946,6 +1947,27 @@ const exec = __importStar(__webpack_require__(757));
const github = __importStar(__webpack_require__(928)); const github = __importStar(__webpack_require__(928));
const core = __importStar(__webpack_require__(186)); const core = __importStar(__webpack_require__(186));
const tc = __importStar(__webpack_require__(784)); const tc = __importStar(__webpack_require__(784));
function getVersion() {
return __awaiter(this, void 0, void 0, function* () {
return yield exec.exec(`docker`, ['buildx', 'version'], true).then(res => {
if (res.stderr != '' && !res.success) {
throw new Error(res.stderr);
}
return parseVersion(res.stdout);
});
});
}
exports.getVersion = getVersion;
function parseVersion(stdout) {
return __awaiter(this, void 0, void 0, function* () {
const matches = /\sv?([0-9.]+)/.exec(stdout);
if (!matches) {
throw new Error(`Cannot parse Buildx version`);
}
return semver.clean(matches[1]);
});
}
exports.parseVersion = parseVersion;
function isAvailable() { function isAvailable() {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
return yield exec.exec(`docker`, ['buildx'], true).then(res => { return yield exec.exec(`docker`, ['buildx'], true).then(res => {
@ -6528,7 +6550,8 @@ function getInputs() {
version: core.getInput('version'), version: core.getInput('version'),
driver: core.getInput('driver') || 'docker-container', driver: core.getInput('driver') || 'docker-container',
driverOpts: yield getInputList('driver-opts', true), driverOpts: yield getInputList('driver-opts', true),
buildkitdFlags: core.getInput('buildkitd-flags'), buildkitdFlags: core.getInput('buildkitd-flags') ||
'--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
install: /true/i.test(core.getInput('install')), install: /true/i.test(core.getInput('install')),
use: /true/i.test(core.getInput('use')) use: /true/i.test(core.getInput('use'))
}; };

17
src/buildx.ts
View File

@ -8,6 +8,23 @@ import * as github from './github';
import * as core from '@actions/core'; import * as core from '@actions/core';
import * as tc from '@actions/tool-cache'; import * as tc from '@actions/tool-cache';
export async function getVersion(): Promise<string> {
return await exec.exec(`docker`, ['buildx', 'version'], true).then(res => {
if (res.stderr != '' && !res.success) {
throw new Error(res.stderr);
}
return parseVersion(res.stdout);
});
}
export async function parseVersion(stdout: string): Promise<string> {
const matches = /\sv?([0-9.]+)/.exec(stdout);
if (!matches) {
throw new Error(`Cannot parse Buildx version`);
}
return semver.clean(matches[1]);
}
export async function isAvailable(): Promise<Boolean> { export async function isAvailable(): Promise<Boolean> {
return await exec.exec(`docker`, ['buildx'], true).then(res => { return await exec.exec(`docker`, ['buildx'], true).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {

4
src/context.ts
View File

@ -17,7 +17,9 @@ export async function getInputs(): Promise<Inputs> {
version: core.getInput('version'), version: core.getInput('version'),
driver: core.getInput('driver') || 'docker-container', driver: core.getInput('driver') || 'docker-container',
driverOpts: await getInputList('driver-opts', true), driverOpts: await getInputList('driver-opts', true),
buildkitdFlags: core.getInput('buildkitd-flags'), buildkitdFlags:
core.getInput('buildkitd-flags') ||
'--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
install: /true/i.test(core.getInput('install')), install: /true/i.test(core.getInput('install')),
use: /true/i.test(core.getInput('use')) use: /true/i.test(core.getInput('use'))
}; };

7
src/main.ts
View File

@ -2,6 +2,7 @@ import * as core from '@actions/core';
import * as exec from '@actions/exec'; import * as exec from '@actions/exec';
import * as os from 'os'; import * as os from 'os';
import * as path from 'path'; import * as path from 'path';
import * as semver from 'semver';
import * as buildx from './buildx'; import * as buildx from './buildx';
import * as context from './context'; import * as context from './context';
import * as mexec from './exec'; import * as mexec from './exec';
@ -21,8 +22,8 @@ async function run(): Promise<void> {
await buildx.install(inputs.version || 'latest', dockerConfigHome); await buildx.install(inputs.version || 'latest', dockerConfigHome);
} }
core.info('📣 Buildx info'); const buildxVersion = await buildx.getVersion();
await exec.exec('docker', ['buildx', 'version']); core.info(`📣 Buildx version: ${buildxVersion}`);
const builderName: string = const builderName: string =
inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(await buildx.countBuilders()) + 1}`; inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(await buildx.countBuilders()) + 1}`;
@ -35,7 +36,7 @@ async function run(): Promise<void> {
await context.asyncForEach(inputs.driverOpts, async driverOpt => { await context.asyncForEach(inputs.driverOpts, async driverOpt => {
createArgs.push('--driver-opt', driverOpt); createArgs.push('--driver-opt', driverOpt);
}); });
if (inputs.buildkitdFlags) { if (inputs.buildkitdFlags && semver.satisfies(buildxVersion, '>=0.3.0')) {
createArgs.push('--buildkitd-flags', inputs.buildkitdFlags); createArgs.push('--buildkitd-flags', inputs.buildkitdFlags);
} }
if (inputs.use) { if (inputs.use) {