From d2bf1df12d8b4cc34ab9ce3cd26ae201a45bd0b2 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Tue, 18 Jun 2024 12:03:27 +0200 Subject: [PATCH] default to git context Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- .github/workflows/ci.yml | 21 ++++- README.md | 168 +++++++++++++++++++------------------- __tests__/context.test.ts | 32 +++++++- src/context.ts | 3 + 4 files changed, 137 insertions(+), 87 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a45e8c4..f2fb79a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -69,6 +69,7 @@ jobs: name: Build and push uses: ./ with: + source: . builder: ${{ steps.buildx.outputs.name }} files: | ./test/config.hcl @@ -87,6 +88,7 @@ jobs: continue-on-error: true uses: ./ with: + source: . files: | ./test/config.hcl set: | @@ -108,6 +110,7 @@ jobs: continue-on-error: true uses: ./ with: + source: . files: | ./test/config.hcl - @@ -144,10 +147,11 @@ jobs: name: Build uses: ./ with: + source: . files: | ./test/config.hcl - source: + remote: runs-on: ubuntu-latest steps: - @@ -188,6 +192,7 @@ jobs: uses: ./ with: workdir: ./test/go + source: . targets: binary provenance: ${{ matrix.attrs }} set: | @@ -229,6 +234,7 @@ jobs: uses: ./ with: workdir: ./test/go + source: . targets: ${{ matrix.target }} sbom: true set: | @@ -275,6 +281,7 @@ jobs: uses: ./ with: workdir: ./test/go + source: . set: | *.platform=linux/amd64 *.output=type=image,"name=localhost:5000/name/app:v1.0.0,localhost:5000/name/app:latest",push=true @@ -304,6 +311,7 @@ jobs: uses: ./ with: workdir: ./test/group + source: . push: true set: | t1.tags=localhost:5000/name/app:t1 @@ -324,6 +332,7 @@ jobs: name: Build uses: ./ with: + source: . files: | ./test/config.hcl @@ -361,6 +370,7 @@ jobs: name: Build uses: ./ with: + source: . files: | ./test/config.hcl targets: app-proxy @@ -396,6 +406,7 @@ jobs: name: Build uses: ./ with: + source: . files: | ./test/config.hcl @@ -415,8 +426,6 @@ jobs: - name: Build uses: ./ - with: - source: "{{defaultContext}}" git-context-and-local: runs-on: ubuntu-latest @@ -439,7 +448,6 @@ jobs: name: Build uses: ./ with: - source: "{{defaultContext}}" files: | cwd://${{ steps.meta.outputs.bake-file }} @@ -466,6 +474,7 @@ jobs: uses: ./ with: workdir: ./test/go + source: . set: | *.output=type=image,name=localhost:5000/name/app:latest,push=true *.output=type=docker,name=app:local @@ -509,6 +518,7 @@ jobs: uses: ./ with: workdir: ./test/go + source: . targets: image load: true push: true @@ -563,6 +573,7 @@ jobs: name: Build uses: ./ with: + source: . files: | ./test/config.hcl targets: app @@ -666,6 +677,7 @@ jobs: uses: ./ with: workdir: ./test + source: . files: | ./lint.hcl @@ -687,6 +699,7 @@ jobs: uses: ./ with: workdir: ./test + source: . files: | ./lint.hcl env: diff --git a/README.md b/README.md index 60f9882..1715b28 100644 --- a/README.md +++ b/README.md @@ -14,8 +14,8 @@ as a high-level build command. ___ * [Usage](#usage) - * [Path context](#path-context) * [Git context](#git-context) + * [Path context](#path-context) * [Summaries](#summaries) * [Customizing](#customizing) * [inputs](#inputs) @@ -27,19 +27,95 @@ ___ ## Usage -### Path context +### Git context -By default, this action will use the local bake definition (`source: .`), so -you need to use the [`actions/checkout`](https://github.com/actions/checkout/) -action to check out the repository. +Since `v6` this action uses the [Git context](https://docs.docker.com/build/bake/remote-definition/) +to build from a remote bake definition by default like the [build-push-action](https://github.com/docker/build-push-action) +does. This means that you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/) +action to check out the repository as [BuildKit](https://docs.docker.com/build/buildkit/) +will do this directly. + +The git reference will be based on the [event that triggered your workflow](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows) +and will result in the following context: `https://github.com//.git#`. + +```yaml +name: ci + +on: + push: + +jobs: + bake: + runs-on: ubuntu-latest + steps: + - + name: Login to DockerHub + uses: docker/login-action@v3 + with: + username: ${{ vars.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + - + name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - + name: Build and push + uses: docker/bake-action@v5 + with: + push: true + set: | + *.tags=user/app:latest +``` + +Be careful because **any file mutation in the steps that precede the build step +will be ignored, including processing of the `.dockerignore` file** since +the context is based on the Git reference. However, you can use the +[Path context](#path-context) using the [`source` input](#inputs) alongside +the [`actions/checkout`](https://github.com/actions/checkout/) action to remove +this restriction. + +Default Git context can also be provided using the [Handlebars template](https://handlebarsjs.com/guide/) +expression `{{defaultContext}}`. Here we can use it to provide a subdirectory +to the default Git context: + +```yaml + - + name: Build and push + uses: docker/bake-action@v5 + with: + source: "{{defaultContext}}:mysubdir" + push: true + set: | + *.tags=user/app:latest +``` + +Building from the current repository automatically uses the `GITHUB_TOKEN` +secret that GitHub [automatically creates for workflows](https://docs.github.com/en/actions/security-guides/automatic-token-authentication), +so you don't need to pass that manually. If you want to authenticate against +another private repository for remote definitions, you can set the +[`BUILDX_BAKE_GIT_AUTH_TOKEN` environment variable](https://docs.docker.com/build/building/variables/#buildx_bake_git_auth_token). + +> [!NOTE] +> Supported since Buildx 0.14.0 + +```yaml + - + name: Build and push + uses: docker/bake-action@v5 + with: + push: true + set: | + *.tags=user/app:latest + env: + BUILDX_BAKE_GIT_AUTH_TOKEN: ${{ secrets.MYTOKEN }} +``` + +### Path context ```yaml name: ci on: push: - branches: - - 'master' jobs: bake: @@ -61,82 +137,10 @@ jobs: name: Build and push uses: docker/bake-action@v5 with: + source: . push: true -``` - -### Git context - -Git context can be provided using the [`source` input](#inputs). This means -that you don't need to use the [`actions/checkout`](https://github.com/actions/checkout/) -action to check out the repository as [BuildKit](https://docs.docker.com/build/buildkit/) -will do this directly. - -```yaml -name: ci - -on: - push: - branches: - - 'master' - -jobs: - bake: - runs-on: ubuntu-latest - steps: - - - name: Login to DockerHub - uses: docker/login-action@v3 - with: - username: ${{ vars.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Build and push - uses: docker/bake-action@v5 - with: - source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}" - push: true -``` - -Be careful because **any file mutation in the steps that precede the build step -will be ignored, including processing of the `.dockerignore` file** since -the context is based on the Git reference. However, you can use the -[Path context](#path-context) alongside the [`actions/checkout`](https://github.com/actions/checkout/) -action to remove this restriction. - -Default Git context can also be provided using the [Handlebars template](https://handlebarsjs.com/guide/) -expression `{{defaultContext}}`. Here we can use it to provide a subdirectory -to the default Git context: - -```yaml - - - name: Build and push - uses: docker/bake-action@v5 - with: - source: "{{defaultContext}}:mysubdir" - push: true -``` - -Building from the current repository automatically uses the `GITHUB_TOKEN` -secret that GitHub [automatically creates for workflows](https://docs.github.com/en/actions/security-guides/automatic-token-authentication), -so you don't need to pass that manually. If you want to authenticate against -another private repository for remote definitions, you can set the -[`BUILDX_BAKE_GIT_AUTH_TOKEN` environment variable](https://docs.docker.com/build/building/variables/#buildx_bake_git_auth_token). - -> [!NOTE] -> Supported since Buildx 0.14.0 - -```yaml - - - name: Build and push - uses: docker/bake-action@v5 - with: - source: "${{ github.server_url }}/${{ github.repository }}.git#${{ github.ref }}" - push: true - env: - BUILDX_BAKE_GIT_AUTH_TOKEN: ${{ secrets.MYTOKEN }} + set: | + *.tags=user/app:latest ``` ## Summaries diff --git a/__tests__/context.test.ts b/__tests__/context.test.ts index d4a20bd..71760f4 100644 --- a/__tests__/context.test.ts +++ b/__tests__/context.test.ts @@ -137,6 +137,7 @@ describe('getArgs', () => { 0, '0.4.1', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -150,6 +151,7 @@ describe('getArgs', () => { 1, '0.8.2', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -164,6 +166,7 @@ describe('getArgs', () => { 2, '0.8.2', new Map([ + ['source', '.'], ['targets', 'webapp\nvalidate'], ['load', 'false'], ['no-cache', 'false'], @@ -180,6 +183,7 @@ describe('getArgs', () => { 3, '0.8.2', new Map([ + ['source', '.'], ['set', '*.cache-from=type=gha\n*.cache-to=type=gha'], ['load', 'false'], ['no-cache', 'false'], @@ -197,6 +201,7 @@ describe('getArgs', () => { 4, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -212,6 +217,7 @@ describe('getArgs', () => { 5, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -228,6 +234,7 @@ describe('getArgs', () => { 6, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -244,6 +251,7 @@ describe('getArgs', () => { 7, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -260,6 +268,7 @@ describe('getArgs', () => { 8, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -276,6 +285,7 @@ describe('getArgs', () => { 9, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -296,6 +306,7 @@ describe('getArgs', () => { 10, '0.10.0', new Map([ + ['source', '.'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -315,7 +326,6 @@ describe('getArgs', () => { 11, '0.10.0', new Map([ - ['source', '{{defaultContext}}'], ['load', 'false'], ['no-cache', 'false'], ['push', 'false'], @@ -334,6 +344,7 @@ describe('getArgs', () => { 12, '0.17.0', new Map([ + ['source', '.'], ['allow', 'network.host'], ['load', 'false'], ['no-cache', 'false'], @@ -347,6 +358,25 @@ describe('getArgs', () => { "--provenance", `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1` ] ], + [ + 13, + '0.15.0', + new Map([ + ['source', '{{defaultContext}}:subdir'], + ['load', 'false'], + ['no-cache', 'false'], + ['push', 'false'], + ['pull', 'false'], + ['files', './foo.hcl'], + ]), + [ + 'bake', + 'https://github.com/docker/build-push-action.git#refs/heads/master:subdir', + '--file', './foo.hcl', + '--metadata-file', metadataJson, + '--provenance', `mode=min,inline-only=true,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789/attempts/1`, + ] + ], ])( '[%d] given %p with %p as inputs, returns %p', async (num: number, buildxVersion: string, inputs: Map, expected: Array) => { diff --git a/src/context.ts b/src/context.ts index 499b58f..0131234 100644 --- a/src/context.ts +++ b/src/context.ts @@ -147,6 +147,9 @@ function getSourceInput(name: string): string { let source = handlebars.compile(core.getInput(name))({ defaultContext: Context.gitContext() }); + if (!source) { + source = Context.gitContext(); + } if (source === '.') { source = ''; }