Merge pull request #400 from crazy-max/docker-context-inspect

docker: contextInspect func

.github/buildx-releases.json

@@ -40,6 +40,47 @@
       "https://github.com/docker/buildx/releases/download/v0.15.1/checksums.txt"
     ]
   },
+  "v0.16.0-rc1": {
+    "id": 163887606,
+    "tag_name": "v0.16.0-rc1",
+    "html_url": "https://github.com/docker/buildx/releases/tag/v0.16.0-rc1",
+    "assets": [
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.darwin-amd64",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.darwin-amd64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.darwin-amd64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.darwin-arm64",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.darwin-arm64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.darwin-arm64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-amd64",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-amd64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-amd64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm-v6",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm-v6.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm-v6.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm-v7",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm-v7.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm-v7.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm64",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-arm64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-ppc64le",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-ppc64le.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-ppc64le.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-riscv64",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-riscv64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-riscv64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-s390x",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-s390x.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.linux-s390x.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.windows-amd64.exe",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.windows-amd64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.windows-amd64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.windows-arm64.exe",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.windows-arm64.provenance.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/buildx-v0.16.0-rc1.windows-arm64.sbom.json",
+      "https://github.com/docker/buildx/releases/download/v0.16.0-rc1/checksums.txt"
+    ]
+  },
   "v0.15.1": {
     "id": 161126938,
     "tag_name": "v0.15.1",

__tests__/docker/docker.test.itg.ts

@@ -14,7 +14,7 @@
  * limitations under the License.
  */
 
-import {describe, expect, test} from '@jest/globals';
+import {describe, expect, it, test} from '@jest/globals';
 
 import {Docker} from '../../src/docker/docker';
 
@@ -54,3 +54,14 @@ maybe('pull', () => {
       }
     }, 600000);
 });
+
+maybe('contextInspect', () => {
+  it('inspect default context', async () => {
+    const contextInfo = await Docker.contextInspect();
+    expect(contextInfo).toBeDefined();
+    console.log('contextInfo', contextInfo);
+    expect(contextInfo?.Name).toBeDefined();
+    expect(contextInfo?.Endpoints).toBeDefined();
+    expect(Object.keys(contextInfo?.Endpoints).length).toBeGreaterThan(0);
+  });
+});

__tests__/docker/docker.test.ts

@@ -118,6 +118,19 @@ describe('context', () => {
   });
 });
 
+describe('contextInspect', () => {
+  it('call docker context inspect', async () => {
+    const execSpy = jest.spyOn(Exec, 'getExecOutput');
+    await Docker.contextInspect('foo').catch(() => {
+      // noop
+    });
+    expect(execSpy).toHaveBeenCalledWith(`docker`, ['context', 'inspect', '--format=json', 'foo'], {
+      ignoreReturnCode: true,
+      silent: true
+    });
+  });
+});
+
 describe('printVersion', () => {
   it('call docker version', async () => {
     const execSpy = jest.spyOn(Exec, 'exec');

__tests__/github.test.itg.ts

@@ -248,6 +248,52 @@ maybe('writeBuildSummary', () => {
       }
     });
   });
+
+  it('without build record', async () => {
+    const startedTime = new Date();
+    const buildx = new Buildx();
+    const build = new Build({buildx: buildx});
+
+    fs.mkdirSync(tmpDir, {recursive: true});
+    await expect(
+      (async () => {
+        // prettier-ignore
+        const buildCmd = await buildx.getCommand([
+          '--builder', process.env.CTN_BUILDER_NAME ?? 'default',
+          'build',
+          '-f', path.join(fixturesDir, 'hello.Dockerfile'),
+          fixturesDir,
+          '--metadata-file', build.getMetadataFilePath()
+        ]);
+        await Exec.exec(buildCmd.command, buildCmd.args);
+      })()
+    ).resolves.not.toThrow();
+
+    const refs = Buildx.refs({
+      dir: Buildx.refsDir,
+      builderName: process.env.CTN_BUILDER_NAME ?? 'default',
+      since: startedTime
+    });
+    expect(refs).toBeDefined();
+    expect(Object.keys(refs).length).toBeGreaterThan(0);
+
+    const history = new History({buildx: buildx});
+    const exportRes = await history.export({
+      refs: [Object.keys(refs)[0] ?? '']
+    });
+    expect(exportRes).toBeDefined();
+    expect(exportRes?.dockerbuildFilename).toBeDefined();
+    expect(exportRes?.dockerbuildSize).toBeDefined();
+    expect(exportRes?.summaries).toBeDefined();
+
+    await GitHub.writeBuildSummary({
+      exportRes: exportRes,
+      inputs: {
+        context: fixturesDir,
+        file: path.join(fixturesDir, 'hello.Dockerfile')
+      }
+    });
+  });
 });
 
 maybe('annotateBuildWarnings', () => {

src/buildx/history.ts

@@ -16,9 +16,9 @@
 
 import {ChildProcessByStdio, spawn} from 'child_process';
 import fs from 'fs';
-import {Readable, Writable} from 'node:stream';
 import os from 'os';
 import path from 'path';
+import {Readable, Writable} from 'stream';
 import * as core from '@actions/core';
 
 import {Buildx} from './buildx';
@@ -92,14 +92,29 @@ export class History {
     });
     await Exec.exec('mkfifo', [buildxOutFifoPath]);
 
-    const buildxCmd = await this.buildx.getCommand(['--builder', builderName, 'dial-stdio']);
-    const buildxDialStdioProc = History.spawn(buildxCmd.command, buildxCmd.args);
+    const buildxDialStdioCmd = await this.buildx.getCommand(['--builder', builderName, 'dial-stdio']);
+    core.info(`[command]${buildxDialStdioCmd.command} ${buildxDialStdioCmd.args.join(' ')}`);
+    const buildxDialStdioProc = spawn(buildxDialStdioCmd.command, buildxDialStdioCmd.args, {
+      stdio: ['pipe', 'pipe', 'inherit'],
+      detached: true
+    });
+    let buildxDialStdioKilled = false;
     fs.createReadStream(buildxInFifoPath).pipe(buildxDialStdioProc.stdin);
     buildxDialStdioProc.stdout.pipe(fs.createWriteStream(buildxOutFifoPath));
+    buildxDialStdioProc.on('exit', (code, signal) => {
+      buildxDialStdioKilled = true;
+      if (signal) {
+        core.info(`Process "buildx dial-stdio" was killed with signal ${signal}`);
+      } else {
+        core.info(`Process "buildx dial-stdio" exited with code ${code}`);
+      }
+    });
 
     const tmpDockerbuildFilename = path.join(outDir, 'rec.dockerbuild');
     const summaryFilename = path.join(outDir, 'summary.json');
 
+    let dockerRunProc: ChildProcessByStdio<Writable, Readable, null> | undefined;
+    let dockerRunProcKilled = false;
     await new Promise<void>((resolve, reject) => {
       const ebargs: Array<string> = ['--ref-state-dir=/buildx-refs', `--node=${builderName}/${nodeName}`];
       for (const ref of refs) {
@@ -112,13 +127,17 @@ export class History {
         ebargs.push(`--gid=${process.getgid()}`);
       }
       // prettier-ignore
-      const dockerRunProc = History.spawn('docker', [
+      const dockerRunArgs = [
         'run', '--rm', '-i',
         '-v', `${Buildx.refsDir}:/buildx-refs`,
         '-v', `${outDir}:/out`,
         opts.image || History.EXPORT_TOOL_IMAGE,
         ...ebargs
-      ]);
+      ]
+      core.info(`[command]docker ${dockerRunArgs.join(' ')}`);
+      dockerRunProc = spawn('docker', dockerRunArgs, {
+        stdio: ['pipe', 'pipe', 'inherit']
+      });
       fs.createReadStream(buildxOutFifoPath).pipe(dockerRunProc.stdin);
       dockerRunProc.stdout.pipe(fs.createWriteStream(buildxInFifoPath));
       dockerRunProc.on('close', code => {
@@ -129,16 +148,35 @@ export class History {
             resolve();
           }
         } else {
-          reject(new Error(`Process "docker run" exited with code ${code}`));
+          reject(new Error(`Process "docker run" closed with code ${code}`));
         }
       });
       dockerRunProc.on('error', err => {
-        core.error(`Error executing buildx dial-stdio: ${err}`);
+        core.error(`Error executing "docker run": ${err}`);
         reject(err);
       });
-    }).catch(err => {
-      throw err;
-    });
+      dockerRunProc.on('exit', (code, signal) => {
+        dockerRunProcKilled = true;
+        if (signal) {
+          core.info(`Process "docker run" was killed with signal ${signal}`);
+        } else {
+          core.info(`Process "docker run" exited with code ${code}`);
+        }
+      });
+    })
+      .catch(err => {
+        throw err;
+      })
+      .finally(() => {
+        if (buildxDialStdioProc && !buildxDialStdioKilled) {
+          core.debug('Force terminating "buildx dial-stdio" process');
+          buildxDialStdioProc.kill('SIGKILL');
+        }
+        if (dockerRunProc && !dockerRunProcKilled) {
+          core.debug('Force terminating "docker run" process');
+          dockerRunProc.kill('SIGKILL');
+        }
+      });
 
     let dockerbuildFilename = `${GitHub.context.repo.owner}~${GitHub.context.repo.repo}~${refs[0].substring(0, 6).toUpperCase()}`;
     if (refs.length > 1) {
@@ -162,11 +200,4 @@ export class History {
       refs: refs
     };
   }
-
-  private static spawn(command: string, args?: ReadonlyArray<string>): ChildProcessByStdio<Writable, Readable, null> {
-    core.info(`[command]${command}${args ? ` ${args.join(' ')}` : ''}`);
-    return spawn(command, args || [], {
-      stdio: ['pipe', 'pipe', 'inherit']
-    });
-  }
 }

src/docker/docker.ts

@@ -25,7 +25,7 @@ import {Cache} from '../cache';
 import {Exec} from '../exec';
 import {Util} from '../util';
 
-import {ConfigFile} from '../types/docker/docker';
+import {ConfigFile, ContextInfo} from '../types/docker/docker';
 
 export class Docker {
   static get configDir(): string {
@@ -69,6 +69,22 @@ export class Docker {
     });
   }
 
+  public static async contextInspect(name?: string): Promise<ContextInfo> {
+    const args = ['context', 'inspect', '--format=json'];
+    if (name) {
+      args.push(name);
+    }
+    return await Exec.getExecOutput(`docker`, args, {
+      ignoreReturnCode: true,
+      silent: true
+    }).then(res => {
+      if (res.stderr.length > 0 && res.exitCode != 0) {
+        throw new Error(res.stderr.trim());
+      }
+      return (<Array<ContextInfo>>JSON.parse(res.stdout.trim()))[0];
+    });
+  }
+
   public static async printVersion(): Promise<void> {
     await Exec.exec('docker', ['version']);
   }

src/github.ts

@@ -233,18 +233,19 @@ export class GitHub {
 
     const refsSize = Object.keys(opts.exportRes.refs).length;
 
-    // we just need the last two parts of the URL as they are always relative
-    // to the workflow run URL otherwise URL could be broken if GitHub
-    // repository name is part of a secret value used in the workflow. e.g.:
-    //  artifact: https://github.com/docker/actions-toolkit/actions/runs/9552208295/artifacts/1609622746
-    //  workflow: https://github.com/docker/actions-toolkit/actions/runs/9552208295
-    // https://github.com/docker/actions-toolkit/issues/367
-    const artifactRelativeURL = `./${GitHub.runId}/${opts.uploadRes.url.split('/').slice(-2).join('/')}`;
+    const sum = core.summary.addHeading('Docker Build summary', 2);
 
-    // prettier-ignore
-    const sum = core.summary
-      .addHeading('Docker Build summary', 2)
-      .addRaw(`<p>`)
+    if (opts.uploadRes) {
+      // we just need the last two parts of the URL as they are always relative
+      // to the workflow run URL otherwise URL could be broken if GitHub
+      // repository name is part of a secret value used in the workflow. e.g.:
+      //  artifact: https://github.com/docker/actions-toolkit/actions/runs/9552208295/artifacts/1609622746
+      //  workflow: https://github.com/docker/actions-toolkit/actions/runs/9552208295
+      // https://github.com/docker/actions-toolkit/issues/367
+      const artifactRelativeURL = `./${GitHub.runId}/${opts.uploadRes.url.split('/').slice(-2).join('/')}`;
+
+      // prettier-ignore
+      sum.addRaw(`<p>`)
         .addRaw(`For a detailed look at the build, download the following build record archive and import it into Docker Desktop's Builds view. `)
         .addBreak()
         .addRaw(`Build records include details such as timing, dependencies, results, logs, traces, and other information about a build. `)
@@ -252,11 +253,19 @@ export class GitHub {
       .addRaw('</p>')
       .addRaw(`<p>`)
         .addRaw(`:arrow_down: ${addLink(`<strong>${Util.stringToUnicodeEntities(opts.uploadRes.filename)}</strong>`, artifactRelativeURL)} (${Util.formatFileSize(opts.uploadRes.size)} - includes <strong>${refsSize} build record${refsSize > 1 ? 's' : ''}</strong>)`)
-      .addRaw(`</p>`)
-      .addRaw(`<p>`)
-        .addRaw(`Find this useful? `)
-        .addRaw(addLink('Let us know', 'https://docs.docker.com/feedback/gha-build-summary'))
-      .addRaw('</p>');
+      .addRaw(`</p>`);
+    } else {
+      // prettier-ignore
+      sum.addRaw(`<p>`)
+        .addRaw(`The following table provides a brief summary of your build.`)
+        .addBreak()
+        .addRaw(`For a detailed look at the build, including timing, dependencies, results, logs, traces, and other information, consider enabling the export of the build record so you can import it into Docker Desktop's Builds view. `)
+        .addRaw(addLink('Learn more', 'https://www.docker.com/blog/new-beta-feature-deep-dive-into-github-actions-docker-builds-with-docker-desktop/?utm_source=github&utm_medium=actions'))
+      .addRaw(`</p>`);
+    }
+
+    // Feedback survey
+    sum.addRaw(`<p>`).addRaw(`Find this useful? `).addRaw(addLink('Let us know', 'https://docs.docker.com/feedback/gha-build-summary')).addRaw('</p>');
 
     // Preview
     sum.addRaw('<p>');

src/types/docker/docker.ts

@@ -64,3 +64,33 @@ export interface AuthConfig {
   identitytoken?: string;
   registrytoken?: string;
 }
+
+export interface ContextInfo {
+  Name: string;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  Metadata: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  Endpoints: Record<string, EndpointInfo>;
+  TLSMaterial: Record<string, Array<string>>;
+  Storage: StorageInfo;
+}
+
+export interface EndpointInfo {
+  Host?: string;
+  SkipVerify: boolean;
+  TLSData?: TLSData;
+}
+
+export interface TLSData {
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  CA: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  Key: any;
+  // eslint-disable-next-line @typescript-eslint/no-explicit-any
+  Cert: any;
+}
+
+export interface StorageInfo {
+  MetadataPath: string;
+  TLSPath: string;
+}

src/types/github.ts

@@ -53,7 +53,7 @@ export interface UploadArtifactResponse {
 
 export interface BuildSummaryOpts {
   exportRes: ExportRecordResponse;
-  uploadRes: UploadArtifactResponse;
+  uploadRes?: UploadArtifactResponse;
   // eslint-disable-next-line @typescript-eslint/no-explicit-any
   inputs?: any;
   bakeDefinition?: BakeDefinition;