docker/actions-toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

initial implementation

Browse Source 
carries most of the logic used across our actions

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax
2023-01-17 11:53:57 +01:00
parent 3b6c627995
commit 70326fd842
31 changed files with 5703 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

96
src/buildkit.ts Normal file
View File

@@ -0,0 +1,96 @@
import * as fs from 'fs';
import * as semver from 'semver';
import * as core from '@actions/core';
import * as exec from '@actions/exec';
import * as buildx from './buildx';
import * as util from './util';
export async function getConfigInline(s: string): Promise<string> {
return getConfig(s, false);
}
export async function getConfigFile(s: string): Promise<string> {
return getConfig(s, true);
}
export async function getConfig(s: string, file: boolean): Promise<string> {
if (file) {
if (!fs.existsSync(s)) {
throw new Error(`config file ${s} not found`);
}
s = fs.readFileSync(s, {encoding: 'utf-8'});
}
const configFile = util.tmpNameSync({
tmpdir: util.tmpDir()
});
fs.writeFileSync(configFile, s);
return configFile;
}
export async function getVersion(builderName: string, standalone?: boolean): Promise<string | undefined> {
const builder = await buildx.inspect(builderName, standalone);
if (builder.nodes.length == 0) {
// a builder always have on node, should not happen.
return undefined;
}
// TODO: get version for all nodes
const node = builder.nodes[0];
if (!node.buildkit && node.name) {
try {
return await getVersionWithinImage(node.name);
} catch (e) {
core.warning(e);
}
}
return node.buildkit;
}
async function getVersionWithinImage(nodeName: string): Promise<string> {
return exec
.getExecOutput(`docker`, ['inspect', '--format', '{{.Config.Image}}', `buildx_buildkit_${nodeName}`], {
ignoreReturnCode: true,
silent: true
})
.then(bkitimage => {
if (bkitimage.exitCode == 0 && bkitimage.stdout.length > 0) {
return exec
.getExecOutput(`docker`, ['run', '--rm', bkitimage.stdout.trim(), '--version'], {
ignoreReturnCode: true,
silent: true
})
.then(bkitversion => {
if (bkitversion.exitCode == 0 && bkitversion.stdout.length > 0) {
return `${bkitimage.stdout.trim()} => ${bkitversion.stdout.trim()}`;
} else if (bkitversion.stderr.length > 0) {
throw new Error(bkitimage.stderr.trim());
}
return bkitversion.stdout.trim();
});
} else if (bkitimage.stderr.length > 0) {
throw new Error(bkitimage.stderr.trim());
}
return bkitimage.stdout.trim();
});
}
export async function satisfies(builderName: string, range: string, standalone?: boolean): Promise<boolean> {
const builder = await buildx.inspect(builderName, standalone);
for (const node of builder.nodes) {
let bkversion = node.buildkit;
if (!bkversion) {
try {
bkversion = await getVersionWithinImage(node.name || '');
} catch (e) {
return false;
}
}
// BuildKit version reported by moby is in the format of `v0.11.0-moby`
if (builder.driver == 'docker' && !bkversion.endsWith('-moby')) {
return false;
}
if (!semver.satisfies(bkversion.replace(/-moby$/, ''), range)) {
return false;
}
}
return true;
}

281
src/buildx.ts Normal file
View File

@@ -0,0 +1,281 @@
import {parse} from 'csv-parse/sync';
import fs from 'fs';
import path from 'path';
import * as semver from 'semver';
import * as exec from '@actions/exec';
import * as util from './util';
export type Builder = {
name?: string;
driver?: string;
'last-activity'?: Date;
nodes: Node[];
};
export type Node = {
name?: string;
endpoint?: string;
'driver-opts'?: Array<string>;
status?: string;
'buildkitd-flags'?: string;
buildkit?: string;
platforms?: string;
};
export async function getImageIDFile(): Promise<string> {
return path.join(util.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);
}
export async function getImageID(): Promise<string | undefined> {
const iidFile = await getImageIDFile();
if (!fs.existsSync(iidFile)) {
return undefined;
}
return fs.readFileSync(iidFile, {encoding: 'utf-8'}).trim();
}
export async function getMetadataFile(): Promise<string> {
return path.join(util.tmpDir(), 'metadata-file').split(path.sep).join(path.posix.sep);
}
export async function getMetadata(): Promise<string | undefined> {
const metadataFile = await getMetadataFile();
if (!fs.existsSync(metadataFile)) {
return undefined;
}
const content = fs.readFileSync(metadataFile, {encoding: 'utf-8'}).trim();
if (content === 'null') {
return undefined;
}
return content;
}
export async function getDigest(metadata: string | undefined): Promise<string | undefined> {
if (metadata === undefined) {
return undefined;
}
const metadataJSON = JSON.parse(metadata);
if (metadataJSON['containerimage.digest']) {
return metadataJSON['containerimage.digest'];
}
return undefined;
}
export async function getSecretString(kvp: string): Promise<string> {
return getSecret(kvp, false);
}
export async function getSecretFile(kvp: string): Promise<string> {
return getSecret(kvp, true);
}
export async function getSecret(kvp: string, file: boolean): Promise<string> {
const delimiterIndex = kvp.indexOf('=');
const key = kvp.substring(0, delimiterIndex);
let value = kvp.substring(delimiterIndex + 1);
if (key.length == 0 || value.length == 0) {
throw new Error(`${kvp} is not a valid secret`);
}
if (file) {
if (!fs.existsSync(value)) {
throw new Error(`secret file ${value} not found`);
}
value = fs.readFileSync(value, {encoding: 'utf-8'});
}
const secretFile = util.tmpNameSync({
tmpdir: util.tmpDir()
});
fs.writeFileSync(secretFile, value);
return `id=${key},src=${secretFile}`;
}
export function hasLocalExporter(outputs: string[]): boolean {
return hasExporterType('local', outputs);
}
export function hasTarExporter(outputs: string[]): boolean {
return hasExporterType('tar', outputs);
}
export function hasLocalOrTarExporter(outputs: string[]): boolean {
return hasLocalExporter(outputs) || hasTarExporter(outputs);
}
function hasExporterType(name: string, outputs: string[]): boolean {
const records = parse(outputs.join(`\n`), {
delimiter: ',',
trim: true,
columns: false,
relaxColumnCount: true
});
for (const record of records) {
if (record.length == 1 && !record[0].startsWith('type=')) {
// Local if no type is defined
// https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43
return name == 'local';
}
for (const [key, value] of record.map(chunk => chunk.split('=').map(item => item.trim()))) {
if (key == 'type' && value == name) {
return true;
}
}
}
return false;
}
export function hasGitAuthToken(secrets: string[]): boolean {
for (const secret of secrets) {
if (secret.startsWith('GIT_AUTH_TOKEN=')) {
return true;
}
}
return false;
}
export async function isAvailable(standalone?: boolean): Promise<boolean> {
const cmd = getCommand([], standalone);
return await exec
.getExecOutput(cmd.command, cmd.args, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
return false;
}
return res.exitCode == 0;
})
// eslint-disable-next-line @typescript-eslint/no-unused-vars
.catch(error => {
return false;
});
}
export async function inspect(name: string, standalone?: boolean): Promise<Builder> {
const cmd = getCommand(['inspect', name], standalone);
return await exec
.getExecOutput(cmd.command, cmd.args, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.trim());
}
return parseInspect(res.stdout);
});
}
export async function parseInspect(data: string): Promise<Builder> {
const builder: Builder = {
nodes: []
};
let node: Node = {};
for (const line of data.trim().split(`\n`)) {
const [key, ...rest] = line.split(':');
const value = rest.map(v => v.trim()).join(':');
if (key.length == 0 || value.length == 0) {
continue;
}
switch (key.toLowerCase()) {
case 'name': {
if (builder.name == undefined) {
builder.name = value;
} else {
if (Object.keys(node).length > 0) {
builder.nodes.push(node);
node = {};
}
node.name = value;
}
break;
}
case 'driver': {
builder.driver = value;
break;
}
case 'last activity': {
builder['last-activity'] = new Date(value);
break;
}
case 'endpoint': {
node.endpoint = value;
break;
}
case 'driver options': {
node['driver-opts'] = (value.match(/(\w+)="([^"]*)"/g) || []).map(v => v.replace(/^(.*)="(.*)"$/g, '$1=$2'));
break;
}
case 'status': {
node.status = value;
break;
}
case 'flags': {
node['buildkitd-flags'] = value;
break;
}
case 'buildkit': {
node.buildkit = value;
break;
}
case 'platforms': {
let platforms: Array<string> = [];
// if a preferred platform is being set then use only these
// https://docs.docker.com/engine/reference/commandline/buildx_inspect/#get-information-about-a-builder-instance
if (value.includes('*')) {
for (const platform of value.split(', ')) {
if (platform.includes('*')) {
platforms.push(platform.replace('*', ''));
}
}
} else {
// otherwise set all platforms available
platforms = value.split(', ');
}
node.platforms = platforms.join(',');
break;
}
}
}
if (Object.keys(node).length > 0) {
builder.nodes.push(node);
}
return builder;
}
export async function getVersion(standalone?: boolean): Promise<string> {
const cmd = getCommand(['version'], standalone);
return await exec
.getExecOutput(cmd.command, cmd.args, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.trim());
}
return parseVersion(res.stdout.trim());
});
}
export function parseVersion(stdout: string): string {
const matches = /\sv?([0-9a-f]{7}|[0-9.]+)/.exec(stdout);
if (!matches) {
throw new Error(`Cannot parse buildx version`);
}
return matches[1];
}
export function satisfies(version: string, range: string): boolean {
return semver.satisfies(version, range) || /^[0-9a-f]{7}$/.exec(version) !== null;
}
export function getCommand(args: Array<string>, standalone?: boolean) {
return {
command: standalone ? 'buildx' : 'docker',
args: standalone ? args : ['buildx', ...args]
};
}

19
src/docker.ts Normal file
View File

@@ -0,0 +1,19 @@
import * as exec from '@actions/exec';
export async function isAvailable(): Promise<boolean> {
return await exec
.getExecOutput('docker', undefined, {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
return false;
}
return res.exitCode == 0;
})
// eslint-disable-next-line @typescript-eslint/no-unused-vars
.catch(error => {
return false;
});
}

19
src/git.ts Normal file
View File

@@ -0,0 +1,19 @@
import * as exec from '@actions/exec';
export async function getRemoteSha(repo: string, ref: string): Promise<string> {
return await exec
.getExecOutput(`git`, ['ls-remote', repo, ref], {
ignoreReturnCode: true,
silent: true
})
.then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr);
}
const [rsha] = res.stdout.trim().split(/[\s\t]/);
if (rsha.length == 0) {
throw new Error(`Cannot find remote ref for ${repo}#${ref}`);
}
return rsha;
});
}

31
src/github.ts Normal file
View File

@@ -0,0 +1,31 @@
import jwt_decode, {JwtPayload} from 'jwt-decode';
import * as github from '@actions/github';
import {Context} from '@actions/github/lib/context';
import {components as OctoOpenApiTypes} from '@octokit/openapi-types';
import * as util from './util';
export type ReposGetResponseData = OctoOpenApiTypes['schemas']['repository'];
export function context(): Context {
return github.context;
}
export async function repo(token: string): Promise<ReposGetResponseData> {
return github
.getOctokit(token)
.rest.repos.get({...github.context.repo})
.then(response => response.data as ReposGetResponseData);
}
interface Jwt extends JwtPayload {
ac?: string;
}
export const parseRuntimeToken = (token: string): Jwt => {
return jwt_decode<Jwt>(token);
};
// eslint-disable-next-line @typescript-eslint/no-explicit-any
export function fromPayload(path: string): any {
return util.select(github.context.payload, path);
}

92
src/util.ts Normal file
View File

@@ -0,0 +1,92 @@
import * as fs from 'fs';
import * as os from 'os';
import * as path from 'path';
import * as tmp from 'tmp';
import * as core from '@actions/core';
import * as github from '@actions/github';
import {parse} from 'csv-parse/sync';
let _defaultContext, _tmpDir: string;
export function defaultContext(): string {
if (!_defaultContext) {
let ref = github.context.ref;
if (github.context.sha && ref && !ref.startsWith('refs/')) {
ref = `refs/heads/${github.context.ref}`;
}
if (github.context.sha && !ref.startsWith(`refs/pull/`)) {
ref = github.context.sha;
}
_defaultContext = `${process.env.GITHUB_SERVER_URL || 'https://github.com'}/${github.context.repo.owner}/${github.context.repo.repo}.git#${ref}`;
}
return _defaultContext;
}
export function tmpDir(): string {
if (!_tmpDir) {
_tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-actions-toolkit-')).split(path.sep).join(path.posix.sep);
}
return _tmpDir;
}
export function tmpNameSync(options?: tmp.TmpNameOptions): string {
return tmp.tmpNameSync(options);
}
// eslint-disable-next-line @typescript-eslint/no-explicit-any
export function select(obj: any, path: string): any {
if (!obj) {
return undefined;
}
const i = path.indexOf('.');
if (i < 0) {
return obj[path];
}
const key = path.slice(0, i);
return select(obj[key], path.slice(i + 1));
}
export function getInputList(name: string, ignoreComma?: boolean): string[] {
const res: Array<string> = [];
const items = core.getInput(name);
if (items == '') {
return res;
}
const records = parse(items, {
columns: false,
relaxQuotes: true,
comment: '#',
relaxColumnCount: true,
skipEmptyLines: true
});
for (const record of records as Array<string[]>) {
if (record.length == 1) {
res.push(record[0]);
continue;
} else if (!ignoreComma) {
res.push(...record);
continue;
}
res.push(record.join(','));
}
return res.filter(item => item).map(pat => pat.trim());
}
export const asyncForEach = async (array, callback) => {
for (let index = 0; index < array.length; index++) {
await callback(array[index], index, array);
}
};
export function isValidUrl(url: string): boolean {
try {
new URL(url);
} catch (e) {
return false;
}
return true;
}