buildx: split module

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>

src/buildx/builder.ts

@@ -0,0 +1,133 @@
+/**
+ * Copyright 2023 actions-toolkit authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import * as exec from '@actions/exec';
+
+import {Buildx} from './buildx';
+import {Context} from '../context';
+
+import {BuilderInfo, NodeInfo} from '../types/builder';
+
+export interface BuilderOpts {
+  context: Context;
+  buildx?: Buildx;
+}
+
+export class Builder {
+  private readonly context: Context;
+  private readonly buildx: Buildx;
+
+  constructor(opts: BuilderOpts) {
+    this.context = opts.context;
+    this.buildx =
+      opts?.buildx ||
+      new Buildx({
+        context: this.context
+      });
+  }
+
+  public async inspect(name: string): Promise<BuilderInfo> {
+    const cmd = this.buildx.getCommand(['inspect', name]);
+    return await exec
+      .getExecOutput(cmd.command, cmd.args, {
+        ignoreReturnCode: true,
+        silent: true
+      })
+      .then(res => {
+        if (res.stderr.length > 0 && res.exitCode != 0) {
+          throw new Error(res.stderr.trim());
+        }
+        return Builder.parseInspect(res.stdout);
+      });
+  }
+
+  public static parseInspect(data: string): BuilderInfo {
+    const builder: BuilderInfo = {
+      nodes: []
+    };
+    let node: NodeInfo = {};
+    for (const line of data.trim().split(`\n`)) {
+      const [key, ...rest] = line.split(':');
+      const value = rest.map(v => v.trim()).join(':');
+      if (key.length == 0 || value.length == 0) {
+        continue;
+      }
+      switch (key.toLowerCase()) {
+        case 'name': {
+          if (builder.name == undefined) {
+            builder.name = value;
+          } else {
+            if (Object.keys(node).length > 0) {
+              builder.nodes.push(node);
+              node = {};
+            }
+            node.name = value;
+          }
+          break;
+        }
+        case 'driver': {
+          builder.driver = value;
+          break;
+        }
+        case 'last activity': {
+          builder.lastActivity = new Date(value);
+          break;
+        }
+        case 'endpoint': {
+          node.endpoint = value;
+          break;
+        }
+        case 'driver options': {
+          node.driverOpts = (value.match(/(\w+)="([^"]*)"/g) || []).map(v => v.replace(/^(.*)="(.*)"$/g, '$1=$2'));
+          break;
+        }
+        case 'status': {
+          node.status = value;
+          break;
+        }
+        case 'flags': {
+          node.buildkitdFlags = value;
+          break;
+        }
+        case 'buildkit': {
+          node.buildkitVersion = value;
+          break;
+        }
+        case 'platforms': {
+          let platforms: Array<string> = [];
+          // if a preferred platform is being set then use only these
+          // https://docs.docker.com/engine/reference/commandline/buildx_inspect/#get-information-about-a-builder-instance
+          if (value.includes('*')) {
+            for (const platform of value.split(', ')) {
+              if (platform.includes('*')) {
+                platforms.push(platform.replace('*', ''));
+              }
+            }
+          } else {
+            // otherwise set all platforms available
+            platforms = value.split(', ');
+          }
+          node.platforms = platforms.join(',');
+          break;
+        }
+      }
+    }
+    if (Object.keys(node).length > 0) {
+      builder.nodes.push(node);
+    }
+    return builder;
+  }
+}

src/buildx/buildx.ts

@@ -0,0 +1,137 @@
+/**
+ * Copyright 2023 actions-toolkit authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import * as exec from '@actions/exec';
+import * as httpm from '@actions/http-client';
+import * as semver from 'semver';
+
+import {Docker} from '../docker';
+import {Context} from '../context';
+import {Inputs} from './inputs';
+
+import {GitHubRelease} from '../types/github';
+
+export interface BuildxOpts {
+  context: Context;
+  standalone?: boolean;
+}
+
+export class Buildx {
+  private readonly context: Context;
+  private _version: string | undefined;
+
+  public readonly inputs: Inputs;
+  public readonly standalone: boolean;
+
+  constructor(opts: BuildxOpts) {
+    this.context = opts.context;
+    this.inputs = new Inputs(this.context);
+    this.standalone = opts?.standalone ?? !Docker.isAvailable();
+  }
+
+  public static async getRelease(version: string): Promise<GitHubRelease> {
+    // FIXME: Use https://raw.githubusercontent.com/docker/actions-toolkit/main/.github/buildx-releases.json when repo public
+    const url = `https://raw.githubusercontent.com/docker/buildx/master/.github/releases.json`;
+    const http: httpm.HttpClient = new httpm.HttpClient('docker-actions-toolkit');
+    const resp: httpm.HttpClientResponse = await http.get(url);
+    const body = await resp.readBody();
+    const statusCode = resp.message.statusCode || 500;
+    if (statusCode >= 400) {
+      throw new Error(`Failed to get Buildx release ${version} from ${url} with status code ${statusCode}: ${body}`);
+    }
+    const releases = <Record<string, GitHubRelease>>JSON.parse(body);
+    if (!releases[version]) {
+      throw new Error(`Cannot find Buildx release ${version} in ${url}`);
+    }
+    return releases[version];
+  }
+
+  public getCommand(args: Array<string>) {
+    return {
+      command: this.standalone ? 'buildx' : 'docker',
+      args: this.standalone ? args : ['buildx', ...args]
+    };
+  }
+
+  public async isAvailable(): Promise<boolean> {
+    const cmd = this.getCommand([]);
+    return await exec
+      .getExecOutput(cmd.command, cmd.args, {
+        ignoreReturnCode: true,
+        silent: true
+      })
+      .then(res => {
+        if (res.stderr.length > 0 && res.exitCode != 0) {
+          return false;
+        }
+        return res.exitCode == 0;
+      })
+      // eslint-disable-next-line @typescript-eslint/no-unused-vars
+      .catch(error => {
+        return false;
+      });
+  }
+
+  public async printInspect(name: string): Promise<void> {
+    const cmd = this.getCommand(['inspect', name]);
+    await exec.exec(cmd.command, cmd.args, {
+      failOnStdErr: false
+    });
+  }
+
+  get version() {
+    return (async () => {
+      if (!this._version) {
+        const cmd = this.getCommand(['version']);
+        this._version = await exec
+          .getExecOutput(cmd.command, cmd.args, {
+            ignoreReturnCode: true,
+            silent: true
+          })
+          .then(res => {
+            if (res.stderr.length > 0 && res.exitCode != 0) {
+              throw new Error(res.stderr.trim());
+            }
+            return Buildx.parseVersion(res.stdout.trim());
+          });
+      }
+      return this._version;
+    })();
+  }
+
+  public async printVersion() {
+    const cmd = this.getCommand(['version']);
+    await exec.exec(cmd.command, cmd.args, {
+      failOnStdErr: false
+    });
+  }
+
+  public static parseVersion(stdout: string): string {
+    const matches = /\sv?([0-9a-f]{7}|[0-9.]+)/.exec(stdout);
+    if (!matches) {
+      throw new Error(`Cannot parse buildx version`);
+    }
+    return matches[1];
+  }
+
+  public async versionSatisfies(range: string, version?: string): Promise<boolean> {
+    const ver = version ?? (await this.version);
+    if (!ver) {
+      return false;
+    }
+    return semver.satisfies(ver, range) || /^[0-9a-f]{7}$/.exec(ver) !== null;
+  }
+}

src/buildx/inputs.ts

@@ -0,0 +1,177 @@
+/**
+ * Copyright 2023 actions-toolkit authors
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+import fs from 'fs';
+import path from 'path';
+import * as core from '@actions/core';
+import {parse} from 'csv-parse/sync';
+
+import {Context} from '../context';
+
+export class Inputs {
+  private readonly context: Context;
+
+  constructor(context: Context) {
+    this.context = context;
+  }
+
+  public getBuildImageIDFilePath(): string {
+    return path.join(this.context.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);
+  }
+
+  public getBuildMetadataFilePath(): string {
+    return path.join(this.context.tmpDir(), 'metadata-file').split(path.sep).join(path.posix.sep);
+  }
+
+  public getBuildImageID(): string | undefined {
+    const iidFile = this.getBuildImageIDFilePath();
+    if (!fs.existsSync(iidFile)) {
+      return undefined;
+    }
+    return fs.readFileSync(iidFile, {encoding: 'utf-8'}).trim();
+  }
+
+  public getBuildMetadata(): string | undefined {
+    const metadataFile = this.getBuildMetadataFilePath();
+    if (!fs.existsSync(metadataFile)) {
+      return undefined;
+    }
+    const content = fs.readFileSync(metadataFile, {encoding: 'utf-8'}).trim();
+    if (content === 'null') {
+      return undefined;
+    }
+    return content;
+  }
+
+  public getDigest(): string | undefined {
+    const metadata = this.getBuildMetadata();
+    if (metadata === undefined) {
+      return undefined;
+    }
+    const metadataJSON = JSON.parse(metadata);
+    if (metadataJSON['containerimage.digest']) {
+      return metadataJSON['containerimage.digest'];
+    }
+    return undefined;
+  }
+
+  public generateBuildSecretString(kvp: string): string {
+    return this.generateBuildSecret(kvp, false);
+  }
+
+  public generateBuildSecretFile(kvp: string): string {
+    return this.generateBuildSecret(kvp, true);
+  }
+
+  public generateBuildSecret(kvp: string, file: boolean): string {
+    const delimiterIndex = kvp.indexOf('=');
+    const key = kvp.substring(0, delimiterIndex);
+    let value = kvp.substring(delimiterIndex + 1);
+    if (key.length == 0 || value.length == 0) {
+      throw new Error(`${kvp} is not a valid secret`);
+    }
+    if (file) {
+      if (!fs.existsSync(value)) {
+        throw new Error(`secret file ${value} not found`);
+      }
+      value = fs.readFileSync(value, {encoding: 'utf-8'});
+    }
+    const secretFile = this.context.tmpName({tmpdir: this.context.tmpDir()});
+    fs.writeFileSync(secretFile, value);
+    return `id=${key},src=${secretFile}`;
+  }
+
+  public getProvenanceInput(name: string): string {
+    const input = core.getInput(name);
+    if (!input) {
+      // if input is not set returns empty string
+      return input;
+    }
+    const builderID = this.context.provenanceBuilderID;
+    try {
+      return core.getBooleanInput(name) ? `builder-id=${builderID}` : 'false';
+    } catch (err) {
+      // not a valid boolean, so we assume it's a string
+      return this.getProvenanceAttrs(input);
+    }
+  }
+
+  public getProvenanceAttrs(input: string): string {
+    if (!input) {
+      return `builder-id=${this.context.provenanceBuilderID}`;
+    }
+    // parse attributes from input
+    const fields = parse(input, {
+      relaxColumnCount: true,
+      skipEmptyLines: true
+    })[0];
+    // check if builder-id attribute exists in the input
+    for (const field of fields) {
+      const parts = field
+        .toString()
+        .split(/(?<=^[^=]+?)=/)
+        .map(item => item.trim());
+      if (parts[0] == 'builder-id') {
+        return input;
+      }
+    }
+    // if not add builder-id attribute
+    return `${input},builder-id=${this.context.provenanceBuilderID}`;
+  }
+
+  public static hasLocalExporter(exporters: string[]): boolean {
+    return Inputs.hasExporterType('local', exporters);
+  }
+
+  public static hasTarExporter(exporters: string[]): boolean {
+    return Inputs.hasExporterType('tar', exporters);
+  }
+
+  public static hasDockerExporter(exporters: string[], load?: boolean): boolean {
+    return load ?? Inputs.hasExporterType('docker', exporters);
+  }
+
+  public static hasExporterType(name: string, exporters: string[]): boolean {
+    const records = parse(exporters.join(`\n`), {
+      delimiter: ',',
+      trim: true,
+      columns: false,
+      relaxColumnCount: true
+    });
+    for (const record of records) {
+      if (record.length == 1 && !record[0].startsWith('type=')) {
+        // Local if no type is defined
+        // https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43
+        return name == 'local';
+      }
+      for (const [key, value] of record.map(chunk => chunk.split('=').map(item => item.trim()))) {
+        if (key == 'type' && value == name) {
+          return true;
+        }
+      }
+    }
+    return false;
+  }
+
+  public static hasGitAuthTokenSecret(secrets: string[]): boolean {
+    for (const secret of secrets) {
+      if (secret.startsWith('GIT_AUTH_TOKEN=')) {
+        return true;
+      }
+    }
+    return false;
+  }
+}