docker/bake-action
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: docker:v7.0.0
Branches Tags
docker:master
docker:v7.1.0 docker:v7 docker:v7.0.0 docker:v6.10.0 docker:v6 docker:v6.9.0 docker:v6.8.0 docker:v6.7.0 docker:v6.6.0 docker:v6.5.0 docker:v6.4.0 docker:v3.2.0 docker:v3 docker:v5.13.0 docker:v5 docker:v6.3.0 docker:v4.7.0 docker:v4 docker:v5.12.0 docker:v6.2.0 docker:v6.1.1 docker:v6.1.0 docker:v6.0.0 docker:v5.11.0 docker:v5.10.0 docker:v5.9.0 docker:v5.8.0 docker:v5.7.0 docker:v5.6.1 docker:v5.6.0 docker:v5.5.0 docker:v5.4.0 docker:v5.3.0 docker:v5.2.0 docker:v5.1.0 docker:v5.0.2 docker:v5.0.1 docker:v5.0.0 docker:v4.6.0 docker:v4.5.0 docker:v4.4.0 docker:v4.3.0 docker:v4.2.0 docker:v4.1.0 docker:v4.0.0 docker:v3.1.0 docker:v3.0.1 docker:v3.0.0 docker:v2.3.0 docker:v2 docker:v2.2.0 docker:v2.1.0 docker:v2.0.0 docker:v1.7.0 docker:v1 docker:v1.6.0 docker:v1.5.0 docker:v1.4.2 docker:v1.4.1 docker:v1.4.0 docker:v1.3.0 docker:v1.2.0 docker:v1.1.3 docker:v1.1.2 docker:v1.1.1 docker:v1.1.0 docker:v1.0.0
..
compare: docker:master
Branches Tags
docker:master
docker:v7.1.0 docker:v7 docker:v7.0.0 docker:v6.10.0 docker:v6 docker:v6.9.0 docker:v6.8.0 docker:v6.7.0 docker:v6.6.0 docker:v6.5.0 docker:v6.4.0 docker:v3.2.0 docker:v3 docker:v5.13.0 docker:v5 docker:v6.3.0 docker:v4.7.0 docker:v4 docker:v5.12.0 docker:v6.2.0 docker:v6.1.1 docker:v6.1.0 docker:v6.0.0 docker:v5.11.0 docker:v5.10.0 docker:v5.9.0 docker:v5.8.0 docker:v5.7.0 docker:v5.6.1 docker:v5.6.0 docker:v5.5.0 docker:v5.4.0 docker:v5.3.0 docker:v5.2.0 docker:v5.1.0 docker:v5.0.2 docker:v5.0.1 docker:v5.0.0 docker:v4.6.0 docker:v4.5.0 docker:v4.4.0 docker:v4.3.0 docker:v4.2.0 docker:v4.1.0 docker:v4.0.0 docker:v3.1.0 docker:v3.0.1 docker:v3.0.0 docker:v2.3.0 docker:v2 docker:v2.2.0 docker:v2.1.0 docker:v2.0.0 docker:v1.7.0 docker:v1 docker:v1.6.0 docker:v1.5.0 docker:v1.4.2 docker:v1.4.1 docker:v1.4.0 docker:v1.3.0 docker:v1.2.0 docker:v1.1.3 docker:v1.1.2 docker:v1.1.1 docker:v1.1.0 docker:v1.0.0

72 Commits
v7.0.0 ... master

Author SHA1 Message Date
Tõnis Tiigi
9d83d006b8 Merge pull request #431 from crazy-max/esbuild
Some checks failed
codeql / analyze (push) Has been cancelled
Details
validate / prepare (push) Has been cancelled
Details
validate / validate (push) Has been cancelled
Details
zizmor / zizmor (push) Has been cancelled
Details 
replace ncc with esbuild for action bundling
 2026-04-24 10:38:23 -07:00
CrazyMax
9090ec1873 replace ncc with esbuild for action bundling 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-24 11:09:12 +02:00
CrazyMax
79995a2bc2 Merge pull request #427 from docker/dependabot/github_actions/actions/setup-node-6.4.0 
chore(deps): Bump actions/setup-node from 6.3.0 to 6.4.0
 2026-04-24 09:46:51 +02:00
CrazyMax
f4721a19cb Merge pull request #428 from docker/dependabot/github_actions/crazy-max-dot-github-6f136b1f9e 
chore(deps): Bump the crazy-max-dot-github group with 2 updates
 2026-04-24 09:45:50 +02:00
dependabot[bot]
a1bcdaa57b chore(deps): Bump the crazy-max-dot-github group with 2 updates 
Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).


Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](d89fe92d80...4a17dbaa9c)

Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.6.0 to 1.7.0
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](d89fe92d80...4a17dbaa9c)

---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-22 23:42:21 +00:00
dependabot[bot]
5f986360d4 chore(deps): Bump actions/setup-node from 6.3.0 to 6.4.0 
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](53b83947a5...48b55a011b)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-21 00:30:11 +00:00
CrazyMax
b108b61c0d Merge pull request #426 from docker/dependabot/github_actions/github/codeql-action-4.35.2 
chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.2
 2026-04-20 16:04:12 +02:00
dependabot[bot]
1dce13c20b chore(deps): Bump github/codeql-action from 4.35.1 to 4.35.2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 4.35.1 to 4.35.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](c10b8064de...95e58e9a2c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-17 23:43:48 +00:00
Tõnis Tiigi
f1008e7fe9 Merge pull request #424 from crazy-max/fix-zizmor 
ci(zizmor): update rules
 2026-04-15 14:24:58 -07:00
CrazyMax
457218658f Merge pull request #420 from crazy-max/vars-input 
add vars input for bake variables
 2026-04-15 18:57:05 +02:00
CrazyMax
48b09cfbb5 ci(zizmor): update rules 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-15 15:01:07 +02:00
CrazyMax
54045cd868 Merge pull request #421 from docker/dependabot/github_actions/actions/github-script-9.0.0 
chore(deps): Bump actions/github-script from 8.0.0 to 9.0.0
 2026-04-15 14:42:15 +02:00
CrazyMax
9139c9d2e4 Merge pull request #422 from docker/dependabot/github_actions/actions/create-github-app-token-3.1.1 
chore(deps): Bump actions/create-github-app-token from 3.0.0 to 3.1.1
 2026-04-15 14:42:00 +02:00
CrazyMax
c6ab6838f0 Merge pull request #423 from docker/dependabot/github_actions/docker/bake-action-7.1.0 
chore(deps): Bump docker/bake-action from 7.0.0 to 7.1.0
 2026-04-15 14:41:40 +02:00
dependabot[bot]
51cd27d3d5 chore(deps): Bump docker/bake-action from 7.0.0 to 7.1.0 
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 7.0.0 to 7.1.0.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](82490499d2...a66e1c87e2)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 23:43:19 +00:00
dependabot[bot]
699dabf187 chore(deps): Bump actions/create-github-app-token from 3.0.0 to 3.1.1 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.0.0 to 3.1.1.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](f8d387b68d...1b10c78c78)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 23:43:06 +00:00
dependabot[bot]
4bda63984e chore(deps): Bump actions/github-script from 8.0.0 to 9.0.0 
Bumps [actions/github-script](https://github.com/actions/github-script) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](ed597411d8...3a2844b7e9)

---
updated-dependencies:
- dependency-name: actions/github-script
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-13 23:43:03 +00:00
CrazyMax
9521d2372d chore: update generated content 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-13 10:19:40 +02:00
CrazyMax
9e2d1f1956 add vars input for bake variables 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-13 10:19:18 +02:00
CrazyMax
a66e1c87e2 Merge pull request #417 from docker/dependabot/npm_and_yarn/vite-7.3.2
Some checks failed
ci / sbom (/tmp/bake-build, binary) (push) Has been cancelled
Details
ci / sbom (type=image,name=localhost:5000/name/app:latest,push=true, image) (push) Has been cancelled
Details
ci / set (push) Has been cancelled
Details
ci / group (push) Has been cancelled
Details
ci / docker-config-malformed (push) Has been cancelled
Details
ci / proxy-docker-config (push) Has been cancelled
Details
ci / proxy-buildkitd (push) Has been cancelled
Details
ci / git-context (push) Has been cancelled
Details
ci / git-context-query (push) Has been cancelled
Details
ci / git-context-and-local (push) Has been cancelled
Details
ci / multi-output (push) Has been cancelled
Details
ci / load-and-push (push) Has been cancelled
Details
ci / summary-disable (push) Has been cancelled
Details
ci / summary-not-supported (push) Has been cancelled
Details
ci / record-upload-disable (push) Has been cancelled
Details
ci / record-retention-days (0) (push) Has been cancelled
Details
ci / record-retention-days (2) (push) Has been cancelled
Details
ci / checks (edge) (push) Has been cancelled
Details
ci / checks (v0.14.1) (push) Has been cancelled
Details
ci / annotations-disabled (push) Has been cancelled
Details
ci / allow (edge) (push) Has been cancelled
Details
ci / allow (v0.17.1) (push) Has been cancelled
Details
ci / allow (v0.18.0) (push) Has been cancelled
Details
ci / allow (v0.19.0) (push) Has been cancelled
Details
ci / no-default-attestations (push) Has been cancelled
Details
ci / call-check (push) Has been cancelled
Details
ci / call-check-multi (push) Has been cancelled
Details
ci / call-check-nowarning (push) Has been cancelled
Details
ci / attest-override (push) Has been cancelled
Details
zizmor / zizmor (push) Has been cancelled
Details 
chore(deps): Bump vite from 7.3.1 to 7.3.2
 2026-04-09 19:49:12 +02:00
CrazyMax
316cfbbb0c Merge pull request #419 from docker/dependabot/npm_and_yarn/lodash-4.18.1 
chore(deps): Bump lodash from 4.17.23 to 4.18.1
 2026-04-09 19:48:54 +02:00
github-actions[bot]
1e84aebe91 chore: update generated content 2026-04-09 17:44:25 +00:00
dependabot[bot]
69478a6181 chore(deps): Bump lodash from 4.17.23 to 4.18.1 
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.23 to 4.18.1.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.23...4.18.1)

---
updated-dependencies:
- dependency-name: lodash
  dependency-version: 4.18.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-09 17:43:18 +00:00
CrazyMax
9c521920c0 Merge pull request #416 from crazy-max/refactor-git-context 
refactor: use new gitContext for bake source resolution
 2026-04-09 19:38:15 +02:00
CrazyMax
b48ae068f7 Merge pull request #418 from docker/dependabot/github_actions/crazy-max-dot-github-f0991e81fd 
chore(deps): Bump the crazy-max-dot-github group with 2 updates
 2026-04-09 10:16:01 +02:00
dependabot[bot]
07be208056 chore(deps): Bump the crazy-max-dot-github group with 2 updates 
Bumps the crazy-max-dot-github group with 2 updates: [crazy-max/.github/.github/workflows/pr-assign-author.yml](https://github.com/crazy-max/.github) and [crazy-max/.github/.github/workflows/zizmor.yml](https://github.com/crazy-max/.github).


Updates `crazy-max/.github/.github/workflows/pr-assign-author.yml` from 1.3.0 to 1.6.0
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](bb328ea508...d89fe92d80)

Updates `crazy-max/.github/.github/workflows/zizmor.yml` from 1.3.0 to 1.6.0
- [Release notes](https://github.com/crazy-max/.github/releases)
- [Commits](bb328ea508...d89fe92d80)

---
updated-dependencies:
- dependency-name: crazy-max/.github/.github/workflows/pr-assign-author.yml
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
- dependency-name: crazy-max/.github/.github/workflows/zizmor.yml
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: crazy-max-dot-github
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-08 23:42:24 +00:00
CrazyMax
b3f5862c07 chore: update generated content 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-08 12:54:30 +02:00
CrazyMax
561e713afb refactor: use new gitContext for bake source resolution 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-08 12:51:34 +02:00
CrazyMax
cc339485f5 bump @docker/actions-toolkit from 0.79.0 to 0.87.0 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-04-08 12:51:33 +02:00
dependabot[bot]
06f662d146 chore(deps): Bump vite from 7.3.1 to 7.3.2 
Bumps [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite) from 7.3.1 to 7.3.2.
- [Release notes](https://github.com/vitejs/vite/releases)
- [Changelog](https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md)
- [Commits](https://github.com/vitejs/vite/commits/v7.3.2/packages/vite)

---
updated-dependencies:
- dependency-name: vite
  dependency-version: 7.3.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-06 23:10:41 +00:00
CrazyMax
573e9342f7 Merge pull request #410 from docker/dependabot/npm_and_yarn/handlebars-4.7.9 
chore(deps): Bump handlebars from 4.7.8 to 4.7.9
 2026-04-01 12:24:25 +02:00
github-actions[bot]
0237695a63 chore: update generated content 2026-04-01 10:19:51 +00:00
dependabot[bot]
0b1d05e37c chore(deps): Bump handlebars from 4.7.8 to 4.7.9 
Bumps [handlebars](https://github.com/handlebars-lang/handlebars.js) from 4.7.8 to 4.7.9.
- [Release notes](https://github.com/handlebars-lang/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/v4.7.9/release-notes.md)
- [Commits](https://github.com/handlebars-lang/handlebars.js/compare/v4.7.8...v4.7.9)

---
updated-dependencies:
- dependency-name: handlebars
  dependency-version: 4.7.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-04-01 10:18:38 +00:00
Paweł Gronowski
9ee317add1 Merge pull request #415 from crazy-max/fix-update-dist 
ci: stop update-dist reruns after generated dist pushes
 2026-04-01 12:09:57 +02:00
CrazyMax
66d42d5fe2 ci: stop update-dist reruns after generated dist pushes 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-03-31 17:26:42 +02:00
CrazyMax
5872f2d2b5 Merge pull request #407 from docker/dependabot/npm_and_yarn/picomatch-4.0.4 
chore(deps): Bump picomatch from 4.0.3 to 4.0.4
 2026-03-31 16:59:59 +02:00
CrazyMax
01bcd5c5c3 Merge pull request #411 from docker/dependabot/npm_and_yarn/brace-expansion-1.1.13 
chore(deps): Bump brace-expansion from 1.1.12 to 1.1.13
 2026-03-31 16:59:21 +02:00
CrazyMax
6c79f1f6ec Merge pull request #414 from docker/dependabot/github_actions/codecov/codecov-action-6.0.0 
chore(deps): Bump codecov/codecov-action from 5.5.4 to 6.0.0
 2026-03-31 09:32:14 +02:00
dependabot[bot]
4c1645a81a chore(deps): Bump codecov/codecov-action from 5.5.4 to 6.0.0 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.4 to 6.0.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](75cd11691c...57e3a136b7)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-31 01:50:20 +00:00
Tõnis Tiigi
9e7a27e46b Merge pull request #413 from crazy-max/zizmor 
ci: zizmor workflow
 2026-03-30 18:49:05 -07:00
CrazyMax
9c8c59b36d fix zizmor findings 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-03-30 13:41:01 +02:00
CrazyMax
f055ae898b ci: zizmor workflow 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-03-30 11:29:35 +02:00
github-actions[bot]
faa3991157 chore: update generated content 2026-03-27 16:13:12 +00:00
dependabot[bot]
60e55bc65d chore(deps): Bump brace-expansion from 1.1.12 to 1.1.13 
Bumps [brace-expansion](https://github.com/juliangruber/brace-expansion) from 1.1.12 to 1.1.13.
- [Release notes](https://github.com/juliangruber/brace-expansion/releases)
- [Commits](https://github.com/juliangruber/brace-expansion/compare/v1.1.12...v1.1.13)

---
updated-dependencies:
- dependency-name: brace-expansion
  dependency-version: 1.1.13
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-27 16:11:56 +00:00
dependabot[bot]
0cf016cd20 chore(deps): Bump picomatch from 4.0.3 to 4.0.4 
Bumps [picomatch](https://github.com/micromatch/picomatch) from 4.0.3 to 4.0.4.
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/4.0.3...4.0.4)

---
updated-dependencies:
- dependency-name: picomatch
  dependency-version: 4.0.4
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-26 06:26:42 +00:00
Tõnis Tiigi
2f8d900d05 Merge pull request #406 from crazy-max/update-crazy-max-actions 
ci: bump crazy-max/.github to 1.1.0
 2026-03-25 10:42:45 -07:00
CrazyMax
d24af26b64 ci: bump crazy-max/.github to 1.1.0 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-03-25 12:19:33 +01:00
CrazyMax
50bd4b2564 Merge pull request #395 from docker/dependabot/npm_and_yarn/undici-6.24.0 
chore(deps): Bump undici from 6.23.0 to 6.24.1
 2026-03-24 13:55:38 +01:00
github-actions[bot]
933f827d94 chore: update generated content 2026-03-24 12:51:23 +00:00
dependabot[bot]
04486f6562 chore(deps): Bump undici from 6.23.0 to 6.24.0 
Bumps [undici](https://github.com/nodejs/undici) from 6.23.0 to 6.24.0.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](https://github.com/nodejs/undici/compare/v6.23.0...v6.24.0)

---
updated-dependencies:
- dependency-name: undici
  dependency-version: 6.24.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-24 12:50:03 +00:00
CrazyMax
99343ed6d3 Merge pull request #400 from docker/dependabot/npm_and_yarn/fast-xml-parser-5.5.6 
chore(deps): Bump fast-xml-parser from 5.4.2 to 5.5.9
 2026-03-24 13:48:13 +01:00
github-actions[bot]
2bdd544224 chore: update generated content 2026-03-24 12:41:35 +00:00
dependabot[bot]
bbc5ee32a4 chore(deps): Bump fast-xml-parser from 5.4.2 to 5.5.6 
Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.4.2 to 5.5.6.
- [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases)
- [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md)
- [Commits](https://github.com/NaturalIntelligence/fast-xml-parser/compare/v5.4.2...v5.5.6)

---
updated-dependencies:
- dependency-name: fast-xml-parser
  dependency-version: 5.5.6
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-24 12:40:23 +00:00
CrazyMax
6f063f5a2c Merge pull request #401 from docker/dependabot/npm_and_yarn/glob-10.5.0 
chore(deps): Bump glob from 10.3.12 to 10.5.0
 2026-03-24 13:38:17 +01:00
CrazyMax
5663537ea2 Merge pull request #403 from docker/dependabot/npm_and_yarn/flatted-3.4.2 
chore(deps): Bump flatted from 3.3.3 to 3.4.2
 2026-03-24 13:37:20 +01:00
dependabot[bot]
46894079a4 chore(deps): Bump flatted from 3.3.3 to 3.4.2 
Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.2.
- [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2)

---
updated-dependencies:
- dependency-name: flatted
  dependency-version: 3.4.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 16:01:44 +00:00
CrazyMax
e83250164d Merge pull request #402 from crazy-max/codeql 
ci: enable SAST scanning with CodeQL
 2026-03-20 17:00:12 +01:00
CrazyMax
40614d05b3 ci: enable SAST scanning with CodeQL 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-03-20 11:46:40 +01:00
github-actions[bot]
53dc7d5b2e chore: update generated content 2026-03-20 01:07:33 +00:00
dependabot[bot]
65461e5da4 chore(deps): Bump glob from 10.3.12 to 10.5.0 
Bumps [glob](https://github.com/isaacs/node-glob) from 10.3.12 to 10.5.0.
- [Changelog](https://github.com/isaacs/node-glob/blob/main/changelog.md)
- [Commits](https://github.com/isaacs/node-glob/compare/v10.3.12...v10.5.0)

---
updated-dependencies:
- dependency-name: glob
  dependency-version: 10.5.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-20 01:05:07 +00:00
CrazyMax
cb7799a153 Merge pull request #397 from docker/dependabot/github_actions/actions/create-github-app-token-3 
chore(deps): Bump actions/create-github-app-token from 2 to 3
 2026-03-17 09:35:05 +01:00
CrazyMax
ed9fc89995 Merge pull request #398 from socheatsok78/update-action-github-script 
Upgrade github-script action from v7 to v8
 2026-03-17 09:34:49 +01:00
Socheat
4c6643337d Upgrade github-script action from v7 to v8 
Signed-off-by: Socheat <github@socheat.dev>
 2026-03-17 11:35:20 +07:00
dependabot[bot]
f0fcce2f20 chore(deps): Bump actions/create-github-app-token from 2 to 3 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 23:42:16 +00:00
CrazyMax
f26ee67c8b Merge pull request #393 from docker/dependabot/github_actions/docker/setup-buildx-action-4 
chore(deps): Bump docker/setup-buildx-action from 3 to 4
 2026-03-06 09:44:30 +01:00
CrazyMax
c1370d6be4 Merge pull request #392 from docker/dependabot/github_actions/docker/metadata-action-6 
chore(deps): Bump docker/metadata-action from 5 to 6
 2026-03-06 09:41:08 +01:00
CrazyMax
4380696821 Merge pull request #391 from docker/dependabot/github_actions/docker/bake-action-7 
chore(deps): Bump docker/bake-action from 6 to 7
 2026-03-06 09:40:51 +01:00
dependabot[bot]
d5f0a11b02 chore(deps): Bump docker/setup-buildx-action from 3 to 4 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-05 23:42:20 +00:00
dependabot[bot]
80718bd717 chore(deps): Bump docker/metadata-action from 5 to 6 
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 5 to 6.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/v5...v6)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-05 23:42:17 +00:00
dependabot[bot]
a2c53a0d11 chore(deps): Bump docker/bake-action from 6 to 7 
Bumps [docker/bake-action](https://github.com/docker/bake-action) from 6 to 7.
- [Release notes](https://github.com/docker/bake-action/releases)
- [Commits](https://github.com/docker/bake-action/compare/v6...v7)

---
updated-dependencies:
- dependency-name: docker/bake-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-05 23:42:12 +00:00
CrazyMax
cbe08afc1d Merge pull request #390 from crazy-max/update-readme 
readme: update to v7
 2026-03-05 20:39:48 +01:00
CrazyMax
a8f89f27f2 readme: update to v7 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
 2026-03-05 19:52:40 +01:00
28 changed files with 7725 additions and 668 deletions
Expand all files Collapse all files

10
.github/dependabot.yml vendored
View File

@@ -4,6 +4,12 @@ updates:
directory: "/"
schedule:
interval: "daily"
cooldown:
default-days: 2
groups:
crazy-max-dot-github:
patterns:
- "crazy-max/.github/*"
labels:
- "dependencies"
- "bot"
@@ -11,6 +17,10 @@ updates:
directory: "/"
schedule:
interval: "daily"
cooldown:
default-days: 2
exclude:
- "@docker/actions-toolkit"
versioning-strategy: "increase"
allow:
- dependency-type: "production"

7
.github/workflows/ci-subaction.yml vendored
View File

@@ -1,5 +1,8 @@
name: ci-subaction
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
@@ -60,7 +63,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Matrix gen
id: gen
@@ -71,7 +74,7 @@ jobs:
fields: ${{ matrix.fields }}
-
name: Check output
uses: actions/github-script@v8
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
env:
INPUT_MATRIX: ${{ steps.gen.outputs.matrix }}
INPUT_EXPECTED: ${{ matrix.expected }}

178
.github/workflows/ci.yml vendored
View File

@@ -1,5 +1,8 @@
name: ci
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
@@ -46,20 +49,20 @@ jobs:
- release
services:
registry:
image: registry:2
image: registry:2.8.3@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v4
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0
-
name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -82,7 +85,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Build
continue-on-error: true
@@ -99,7 +102,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Stop docker
run: |
@@ -126,7 +129,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Build
id: bake
@@ -147,7 +150,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Uninstall docker cli
run: |
@@ -158,7 +161,7 @@ jobs:
fi
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -176,7 +179,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Build
uses: ./
@@ -198,10 +201,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -233,16 +236,16 @@ jobs:
output: /tmp/bake-build
services:
registry:
image: registry:2
image: registry:2.8.3@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -287,13 +290,13 @@ jobs:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
image: registry:2.8.3@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Build
uses: ./
@@ -308,16 +311,16 @@ jobs:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
image: registry:2.8.3@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -338,7 +341,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set malformed docker config
run: |
@@ -356,7 +359,7 @@ jobs:
runs-on: ubuntu-latest
services:
squid-proxy:
image: ubuntu/squid:latest
image: ubuntu/squid:latest@sha256:6a097f68bae708cedbabd6188d68c7e2e7a38cedd05a176e1cc0ba29e3bbe029
ports:
- 3128:3128
steps:
@@ -367,7 +370,7 @@ jobs:
curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy http://127.0.0.1:3128 -v --insecure --head https://www.google.com
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set proxy config
run: |
@@ -375,7 +378,7 @@ jobs:
echo '{"proxies":{"default":{"httpProxy":"http://127.0.0.1:3128","httpsProxy":"http://127.0.0.1:3128"}}}' > ~/.docker/config.json
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -395,7 +398,7 @@ jobs:
runs-on: ubuntu-latest
services:
squid-proxy:
image: ubuntu/squid:latest
image: ubuntu/squid:latest@sha256:6a097f68bae708cedbabd6188d68c7e2e7a38cedd05a176e1cc0ba29e3bbe029
ports:
- 3128:3128
steps:
@@ -406,10 +409,10 @@ jobs:
curl --retry 5 --retry-all-errors --retry-delay 0 --connect-timeout 5 --proxy http://127.0.0.1:3128 -v --insecure --head https://www.google.com
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -431,10 +434,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -442,16 +445,41 @@ jobs:
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
git-context-query:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: v0.33.0
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
env:
BUILDX_SEND_GIT_QUERY_AS_INPUT: true
git-context-and-local:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -459,28 +487,29 @@ jobs:
-
name: Docker meta
id: meta
uses: docker/metadata-action@v5
uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
-
name: Build
uses: ./
with:
files: |
./test/config.hcl
cwd://${{ steps.meta.outputs.bake-file }}
multi-output:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
image: registry:2.8.3@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -514,16 +543,16 @@ jobs:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
image: registry:2.8.3@sha256:a3d8aaa63ed8681a604f1dea0aa03f100d5895b6a58ace528858a7b332415373
ports:
- 5000:5000
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -552,10 +581,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -575,10 +604,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: v0.12.1
driver-opts: |
@@ -596,10 +625,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -625,10 +654,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -654,10 +683,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ matrix.buildx-version }}
driver-opts: |
@@ -675,10 +704,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -706,10 +735,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ matrix.buildx-version }}
driver-opts: |
@@ -728,7 +757,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Build
uses: ./
@@ -744,10 +773,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -776,10 +805,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -807,10 +836,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -831,10 +860,10 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
@@ -844,3 +873,30 @@ jobs:
uses: ./
with:
source: ./test/attest
var:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
uses: ./
with:
source: ./test/go
targets: binary
vars: |
DESTDIR=/tmp/build
-
name: Check output folder
working-directory: /tmp/build
run: |
tree .

46
.github/workflows/codeql.yml vendored Normal file
View File

@@ -0,0 +1,46 @@
name: codeql
permissions:
contents: read
on:
push:
branches:
- 'master'
- 'releases/v*'
pull_request:
env:
NODE_VERSION: "24"
jobs:
analyze:
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
-
name: Checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Enable corepack
run: |
corepack enable
yarn --version
-
name: Set up Node
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
with:
node-version: ${{ env.NODE_VERSION }}
-
name: Initialize CodeQL
uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
with:
languages: javascript-typescript
build-mode: none
-
name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
with:
category: "/language:javascript-typescript"

4
.github/workflows/pr-assign-author.yml vendored
View File

@@ -4,14 +4,14 @@ permissions:
contents: read
on:
pull_request_target:
pull_request_target: # zizmor: ignore[dangerous-triggers] safe to use without checkout
types:
- opened
- reopened
jobs:
run:
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@1b673f36fad86812f538c1df9794904038a23cbf
uses: crazy-max/.github/.github/workflows/pr-assign-author.yml@4a17dbaa9ce13920fc5bb8824eb89c16301e5ab2 # v1.7.0
permissions:
contents: read
pull-requests: write

11
.github/workflows/publish.yml vendored
View File

@@ -1,5 +1,12 @@
name: publish
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
release:
types:
@@ -15,7 +22,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Publish
uses: actions/publish-immutable-action@v0.0.4
uses: actions/publish-immutable-action@4bc8754ffc40f27910afb20287dbbbb675a4e978 # v0.0.4

9
.github/workflows/test.yml vendored
View File

@@ -1,5 +1,8 @@
name: test
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
@@ -23,16 +26,16 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: Test
uses: docker/bake-action@v6
uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
with:
source: .
targets: test
-
name: Upload coverage
uses: codecov/codecov-action@v5
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
with:
files: ./coverage/clover.xml
token: ${{ secrets.CODECOV_TOKEN }}

17
.github/workflows/update-dist.yml vendored
View File

@@ -1,5 +1,12 @@
name: update-dist
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
pull_request:
types:
@@ -8,27 +15,27 @@ on:
jobs:
update-dist:
if: github.actor == 'dependabot[bot]'
if: github.actor == 'dependabot[bot]' && github.event.pull_request.user.login == 'dependabot[bot]' && github.repository == github.event.pull_request.head.repo.full_name
runs-on: ubuntu-latest
steps:
-
name: GitHub auth token from GitHub App
id: docker-read-app
uses: actions/create-github-app-token@v2
uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
with:
app-id: ${{ secrets.GHACTIONS_REPO_WRITE_APP_ID }}
private-key: ${{ secrets.GHACTIONS_REPO_WRITE_APP_PRIVATE_KEY }}
owner: docker
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
with:
ref: ${{ github.event.pull_request.head.ref }}
fetch-depth: 0
token: ${{ steps.docker-read-app.outputs.token || github.token }}
token: ${{ steps.docker-read-app.outputs.token }}
-
name: Build
uses: docker/bake-action@v6
uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
with:
source: .
targets: build

7
.github/workflows/validate.yml vendored
View File

@@ -1,5 +1,8 @@
name: validate
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
@@ -19,7 +22,7 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v6
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-
name: List targets
id: generate
@@ -38,6 +41,6 @@ jobs:
steps:
-
name: Validate
uses: docker/bake-action@v6
uses: docker/bake-action@a66e1c87e2eca0503c343edf1d208c716d54b8a8 # v7.1.0
with:
targets: ${{ matrix.target }}

29
.github/workflows/zizmor.yml vendored Normal file
View File

@@ -0,0 +1,29 @@
name: zizmor
permissions:
contents: read
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
on:
workflow_dispatch:
push:
branches:
- 'master'
- 'releases/v*'
tags:
- 'v*'
pull_request:
jobs:
zizmor:
uses: crazy-max/.github/.github/workflows/zizmor.yml@4a17dbaa9ce13920fc5bb8824eb89c16301e5ab2 # v1.7.0
permissions:
contents: read
security-events: write
with:
min-severity: medium
min-confidence: medium
persona: pedantic

21
README.md
View File

@@ -52,16 +52,16 @@ jobs:
steps:
-
name: Login to DockerHub
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
push: true
set: |
@@ -82,7 +82,7 @@ to the default Git context:
```yaml
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
source: "{{defaultContext}}:mysubdir"
push: true
@@ -102,7 +102,7 @@ another private repository for remote definitions, you can set the
```yaml
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
push: true
set: |
@@ -125,19 +125,19 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
-
name: Login to DockerHub
uses: docker/login-action@v3
uses: docker/login-action@v4
with:
username: ${{ vars.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
uses: docker/setup-buildx-action@v4
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
source: .
push: true
@@ -151,7 +151,7 @@ subdirectory:
```yaml
-
name: Build and push
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
source: ./subdir
files: ./docker-bake.hcl
@@ -239,6 +239,7 @@ The following inputs can be used as `step.with` keys
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) |
| `source` | String | Build source to use. Supports local path and [remote bake definition](https://docs.docker.com/build/bake/remote-definition/). With a local path, Bake runs from that directory, so all relative paths are resolved from it. See [Source semantics](#source-semantics). |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `vars` | List | [Variables](https://docs.docker.com/build/bake/variables/) to set in the Bake definition as list of key-value pair |
| `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |
### outputs

98
__tests__/context.test.ts
View File

@@ -4,6 +4,7 @@ import * as os from 'os';
import * as path from 'path';
import {Bake} from '@docker/actions-toolkit/lib/buildx/bake.js';
import {Build} from '@docker/actions-toolkit/lib/buildx/build.js';
import {Builder} from '@docker/actions-toolkit/lib/buildx/builder.js';
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx.js';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker.js';
@@ -39,6 +40,55 @@ vi.spyOn(Bake.prototype, 'getDefinition').mockImplementation(async (): Promise<B
return <BakeDefinition>JSON.parse(fs.readFileSync(path.join(fixturesDir, 'bake-def.json'), {encoding: 'utf-8'}).trim());
});
describe('getInputs', () => {
const originalEnv = process.env;
beforeEach(() => {
process.env = Object.keys(process.env).reduce((object, key) => {
if (!key.startsWith('INPUT_')) {
object[key] = process.env[key];
}
return object;
}, {});
});
afterEach(() => {
process.env = originalEnv;
});
function setRequiredBooleanInputs(): void {
setInput('no-cache', 'false');
setInput('pull', 'false');
setInput('load', 'false');
setInput('push', 'false');
}
test('uses Build git context when source input is empty', async () => {
const gitContext = 'https://github.com/docker/bake-action.git?ref=refs/heads/master&checksum=0123456789abcdef';
const gitContextSpy = vi.spyOn(Build.prototype, 'gitContext').mockResolvedValue(gitContext);
setRequiredBooleanInputs();
const inputs = await context.getInputs();
expect(inputs.source).toEqual({
remoteRef: gitContext
});
expect(gitContextSpy).toHaveBeenCalledTimes(1);
gitContextSpy.mockRestore();
});
test('renders defaultContext source templates from Build git context', async () => {
const gitContext = 'https://github.com/docker/bake-action.git#refs/heads/master';
const gitContextSpy = vi.spyOn(Build.prototype, 'gitContext').mockResolvedValue(gitContext);
setRequiredBooleanInputs();
setInput('source', '{{defaultContext}}:subdir');
const inputs = await context.getInputs();
expect(inputs.source).toEqual({
remoteRef: `${gitContext}:subdir`
});
expect(gitContextSpy).toHaveBeenCalledTimes(1);
gitContextSpy.mockRestore();
});
});
describe('getArgs', () => {
const originalEnv = process.env;
beforeEach(() => {
@@ -343,6 +393,54 @@ describe('getArgs', () => {
['BUILDX_NO_DEFAULT_ATTESTATIONS', '1']
])
],
[
15,
'0.29.0',
new Map<string, string>([
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['files', './foo.hcl'],
]),
[
'bake',
'https://github.com/docker/bake-action.git?ref=refs/heads/master',
'--allow', 'fs=*',
'--file', './foo.hcl',
'--metadata-file', metadataJson,
'--set', `lint.attest=type=provenance,mode=min,inline-only=true,builder-id=https://github.com/docker/bake-action/actions/runs/123456789/attempts/1`,
'--set', `validate-docs.attest=type=provenance,mode=min,inline-only=true,builder-id=https://github.com/docker/bake-action/actions/runs/123456789/attempts/1`,
'--set', `validate-vendor.attest=type=provenance,mode=min,inline-only=true,builder-id=https://github.com/docker/bake-action/actions/runs/123456789/attempts/1`
],
new Map<string, string>([
['BUILDX_SEND_GIT_QUERY_AS_INPUT', 'true']
])
],
[
16,
'0.28.0',
new Map<string, string>([
['load', 'false'],
['no-cache', 'false'],
['push', 'false'],
['pull', 'false'],
['files', './foo.hcl'],
]),
[
'bake',
'https://github.com/docker/bake-action.git#refs/heads/master',
'--allow', 'fs=*',
'--file', './foo.hcl',
'--metadata-file', metadataJson,
'--set', `lint.attest=type=provenance,mode=min,inline-only=true,builder-id=https://github.com/docker/bake-action/actions/runs/123456789/attempts/1`,
'--set', `validate-docs.attest=type=provenance,mode=min,inline-only=true,builder-id=https://github.com/docker/bake-action/actions/runs/123456789/attempts/1`,
'--set', `validate-vendor.attest=type=provenance,mode=min,inline-only=true,builder-id=https://github.com/docker/bake-action/actions/runs/123456789/attempts/1`
],
new Map<string, string>([
['BUILDX_SEND_GIT_QUERY_AS_INPUT', 'true']
])
],
])(
'[%d] given %o with %o as inputs, returns %o',
async (num: number, buildxVersion: string, inputs: Map<string, string>, expected: Array<string>, envs: Map<string, string> | undefined) => {

7
action.yml
View File

@@ -50,6 +50,9 @@ inputs:
targets:
description: "List of bake targets"
required: false
vars:
description: "Variables to set in the Bake definition as list of key-value pair"
required: false
github-token:
description: "API token used to authenticate to a Git repository for remote definitions"
default: ${{ github.token }}
@@ -61,5 +64,5 @@ outputs:
runs:
using: 'node24'
main: 'dist/index.js'
post: 'dist/index.js'
main: 'dist/index.cjs'
post: 'dist/index.cjs'

301
dist/606.index.js generated vendored
View File

@@ -1,301 +0,0 @@
export const id = 606;
export const ids = [606];
export const modules = {
/***/ 606:
/***/ ((__unused_webpack___webpack_module__, __webpack_exports__, __webpack_require__) => {
/* harmony export */ __webpack_require__.d(__webpack_exports__, {
/* harmony export */ "default": () => (/* binding */ pMap)
/* harmony export */ });
/* unused harmony exports pMapIterable, pMapSkip */
async function pMap(
iterable,
mapper,
{
concurrency = Number.POSITIVE_INFINITY,
stopOnError = true,
signal,
} = {},
) {
return new Promise((resolve_, reject_) => {
if (iterable[Symbol.iterator] === undefined && iterable[Symbol.asyncIterator] === undefined) {
throw new TypeError(`Expected \`input\` to be either an \`Iterable\` or \`AsyncIterable\`, got (${typeof iterable})`);
}
if (typeof mapper !== 'function') {
throw new TypeError('Mapper function is required');
}
if (!((Number.isSafeInteger(concurrency) && concurrency >= 1) || concurrency === Number.POSITIVE_INFINITY)) {
throw new TypeError(`Expected \`concurrency\` to be an integer from 1 and up or \`Infinity\`, got \`${concurrency}\` (${typeof concurrency})`);
}
const result = [];
const errors = [];
const skippedIndexesMap = new Map();
let isRejected = false;
let isResolved = false;
let isIterableDone = false;
let resolvingCount = 0;
let currentIndex = 0;
const iterator = iterable[Symbol.iterator] === undefined ? iterable[Symbol.asyncIterator]() : iterable[Symbol.iterator]();
const signalListener = () => {
reject(signal.reason);
};
const cleanup = () => {
signal?.removeEventListener('abort', signalListener);
};
const resolve = value => {
resolve_(value);
cleanup();
};
const reject = reason => {
isRejected = true;
isResolved = true;
reject_(reason);
cleanup();
};
if (signal) {
if (signal.aborted) {
reject(signal.reason);
}
signal.addEventListener('abort', signalListener, {once: true});
}
const next = async () => {
if (isResolved) {
return;
}
const nextItem = await iterator.next();
const index = currentIndex;
currentIndex++;
// Note: `iterator.next()` can be called many times in parallel.
// This can cause multiple calls to this `next()` function to
// receive a `nextItem` with `done === true`.
// The shutdown logic that rejects/resolves must be protected
// so it runs only one time as the `skippedIndex` logic is
// non-idempotent.
if (nextItem.done) {
isIterableDone = true;
if (resolvingCount === 0 && !isResolved) {
if (!stopOnError && errors.length > 0) {
reject(new AggregateError(errors)); // eslint-disable-line unicorn/error-message
return;
}
isResolved = true;
if (skippedIndexesMap.size === 0) {
resolve(result);
return;
}
const pureResult = [];
// Support multiple `pMapSkip`'s.
for (const [index, value] of result.entries()) {
if (skippedIndexesMap.get(index) === pMapSkip) {
continue;
}
pureResult.push(value);
}
resolve(pureResult);
}
return;
}
resolvingCount++;
// Intentionally detached
(async () => {
try {
const element = await nextItem.value;
if (isResolved) {
return;
}
const value = await mapper(element, index);
// Use Map to stage the index of the element.
if (value === pMapSkip) {
skippedIndexesMap.set(index, value);
}
result[index] = value;
resolvingCount--;
await next();
} catch (error) {
if (stopOnError) {
reject(error);
} else {
errors.push(error);
resolvingCount--;
// In that case we can't really continue regardless of `stopOnError` state
// since an iterable is likely to continue throwing after it throws once.
// If we continue calling `next()` indefinitely we will likely end up
// in an infinite loop of failed iteration.
try {
await next();
} catch (error) {
reject(error);
}
}
}
})();
};
// Create the concurrent runners in a detached (non-awaited)
// promise. We need this so we can await the `next()` calls
// to stop creating runners before hitting the concurrency limit
// if the iterable has already been marked as done.
// NOTE: We *must* do this for async iterators otherwise we'll spin up
// infinite `next()` calls by default and never start the event loop.
(async () => {
for (let index = 0; index < concurrency; index++) {
try {
// eslint-disable-next-line no-await-in-loop
await next();
} catch (error) {
reject(error);
break;
}
if (isIterableDone || isRejected) {
break;
}
}
})();
});
}
function pMapIterable(
iterable,
mapper,
{
concurrency = Number.POSITIVE_INFINITY,
backpressure = concurrency,
} = {},
) {
if (iterable[Symbol.iterator] === undefined && iterable[Symbol.asyncIterator] === undefined) {
throw new TypeError(`Expected \`input\` to be either an \`Iterable\` or \`AsyncIterable\`, got (${typeof iterable})`);
}
if (typeof mapper !== 'function') {
throw new TypeError('Mapper function is required');
}
if (!((Number.isSafeInteger(concurrency) && concurrency >= 1) || concurrency === Number.POSITIVE_INFINITY)) {
throw new TypeError(`Expected \`concurrency\` to be an integer from 1 and up or \`Infinity\`, got \`${concurrency}\` (${typeof concurrency})`);
}
if (!((Number.isSafeInteger(backpressure) && backpressure >= concurrency) || backpressure === Number.POSITIVE_INFINITY)) {
throw new TypeError(`Expected \`backpressure\` to be an integer from \`concurrency\` (${concurrency}) and up or \`Infinity\`, got \`${backpressure}\` (${typeof backpressure})`);
}
return {
async * [Symbol.asyncIterator]() {
const iterator = iterable[Symbol.asyncIterator] === undefined ? iterable[Symbol.iterator]() : iterable[Symbol.asyncIterator]();
const promises = [];
let pendingPromisesCount = 0;
let isDone = false;
let index = 0;
function trySpawn() {
if (isDone || !(pendingPromisesCount < concurrency && promises.length < backpressure)) {
return;
}
pendingPromisesCount++;
const promise = (async () => {
const {done, value} = await iterator.next();
if (done) {
pendingPromisesCount--;
return {done: true};
}
// Spawn if still below concurrency and backpressure limit
trySpawn();
try {
const returnValue = await mapper(await value, index++);
pendingPromisesCount--;
if (returnValue === pMapSkip) {
const index = promises.indexOf(promise);
if (index > 0) {
promises.splice(index, 1);
}
}
// Spawn if still below backpressure limit and just dropped below concurrency limit
trySpawn();
return {done: false, value: returnValue};
} catch (error) {
pendingPromisesCount--;
isDone = true;
return {error};
}
})();
promises.push(promise);
}
trySpawn();
while (promises.length > 0) {
const {error, done, value} = await promises[0]; // eslint-disable-line no-await-in-loop
promises.shift();
if (error) {
throw error;
}
if (done) {
return;
}
// Spawn if just dropped below backpressure limit and below the concurrency limit
trySpawn();
if (value === pMapSkip) {
continue;
}
yield value;
}
},
};
}
const pMapSkip = Symbol('skip');
/***/ })
};
//# sourceMappingURL=606.index.js.map

1
dist/606.index.js.map generated vendored
View File

File diff suppressed because one or more lines are too long

447
dist/index.cjs generated vendored Normal file
View File

File diff suppressed because one or more lines are too long

8
dist/index.js.map → dist/index.cjs.map generated vendored
View File

File diff suppressed because one or more lines are too long

123
dist/index.js generated vendored
View File

File diff suppressed because one or more lines are too long

5454
dist/licenses.txt generated vendored
View File

File diff suppressed because it is too large Load Diff

3
dist/package.json generated vendored
View File

@@ -1,3 +0,0 @@
{
"type": "module"
}

1
dist/sourcemap-register.cjs generated vendored
View File

File diff suppressed because one or more lines are too long

12
package.json
View File

@@ -4,10 +4,11 @@
"type": "module",
"main": "src/main.ts",
"scripts": {
"build": "ncc build --source-map --minify --license licenses.txt",
"build": "esbuild src/main.ts --bundle --platform=node --target=node24 --format=cjs --outfile=dist/index.cjs --sourcemap --minify && yarn run license",
"lint": "eslint --max-warnings=0 .",
"format": "eslint --fix .",
"test": "vitest run"
"test": "vitest run",
"license": "generate-license-file --input package.json --output dist/licenses.txt --overwrite --ci --no-spinner --eol lf"
},
"repository": {
"type": "git",
@@ -24,20 +25,21 @@
"packageManager": "yarn@4.9.2",
"dependencies": {
"@actions/core": "^3.0.0",
"@docker/actions-toolkit": "^0.79.0",
"handlebars": "^4.7.8"
"@docker/actions-toolkit": "^0.87.0",
"handlebars": "^4.7.9"
},
"devDependencies": {
"@eslint/js": "^9.39.3",
"@types/node": "^24.11.0",
"@typescript-eslint/eslint-plugin": "^8.56.1",
"@typescript-eslint/parser": "^8.56.1",
"@vercel/ncc": "^0.38.4",
"@vitest/coverage-v8": "^4.0.18",
"@vitest/eslint-plugin": "^1.6.9",
"esbuild": "^0.28.0",
"eslint": "^9.39.3",
"eslint-config-prettier": "^10.1.8",
"eslint-plugin-prettier": "^5.5.5",
"generate-license-file": "^4.1.1",
"globals": "^17.3.0",
"prettier": "^3.8.1",
"typescript": "^5.9.3",

30
src/context.ts
View File

@@ -4,7 +4,6 @@ import * as handlebars from 'handlebars';
import {Bake} from '@docker/actions-toolkit/lib/buildx/bake.js';
import {Build} from '@docker/actions-toolkit/lib/buildx/build.js';
import {Context} from '@docker/actions-toolkit/lib/context.js';
import {GitHub} from '@docker/actions-toolkit/lib/github/github.js';
import {Toolkit} from '@docker/actions-toolkit/lib/toolkit.js';
import {Util} from '@docker/actions-toolkit/lib/util.js';
@@ -30,6 +29,7 @@ export interface Inputs {
set: string[];
source: BakeContext;
targets: string[];
vars: string[];
'github-token': string;
}
@@ -46,8 +46,9 @@ export async function getInputs(): Promise<Inputs> {
push: core.getBooleanInput('push'),
sbom: core.getInput('sbom'),
set: Util.getInputList('set', {ignoreComma: true, quote: false}),
source: getBakeContext(core.getInput('source')),
source: await getBakeContext(core.getInput('source')),
targets: Util.getInputList('targets'),
vars: Util.getInputList('vars', {ignoreComma: true, quote: false}),
'github-token': core.getInput('github-token')
};
}
@@ -71,22 +72,30 @@ async function getBakeArgs(inputs: Inputs, definition: BakeDefinition, toolkit:
// allow filesystem entitlements by default
inputs.allow.push('fs=*');
}
await Util.asyncForEach(inputs.allow, async allow => {
await Util.asyncForEach(inputs.allow, async (allow: string) => {
args.push('--allow', allow);
});
}
if (inputs.call) {
if (!(await toolkit.buildx.versionSatisfies('>=0.16.0'))) {
throw new Error(`Buildx >= 0.16.0 is required to use the call flag.`);
throw new Error(`Buildx >= 0.16.0 is required to use the call input.`);
}
args.push('--call', inputs.call);
}
await Util.asyncForEach(inputs.files, async file => {
await Util.asyncForEach(inputs.files, async (file: string) => {
args.push('--file', file);
});
await Util.asyncForEach(inputs.set, async set => {
args.push('--set', set);
await Util.asyncForEach(inputs.set, async (s: string) => {
args.push('--set', s);
});
if (inputs.vars.length > 0) {
if (!(await toolkit.buildx.versionSatisfies('>=0.31.0'))) {
throw new Error(`Buildx >= 0.31.0 is required to use the vars input.`);
}
await Util.asyncForEach(inputs.vars, async (v: string) => {
args.push('--var', v);
});
}
if (await toolkit.buildx.versionSatisfies('>=0.6.0')) {
args.push('--metadata-file', toolkit.buildxBake.getMetadataFilePath());
}
@@ -139,12 +148,13 @@ async function getCommonArgs(inputs: Inputs): Promise<Array<string>> {
return args;
}
function getBakeContext(sourceInput: string): BakeContext {
async function getBakeContext(sourceInput: string): Promise<BakeContext> {
const defaultContext = await new Build().gitContext();
let bakeContext = handlebars.compile(sourceInput)({
defaultContext: Context.gitContext()
defaultContext: defaultContext
});
if (!bakeContext) {
bakeContext = Context.gitContext();
bakeContext = defaultContext;
}
if (Util.isValidRef(bakeContext)) {
return {

1
src/main.ts
View File

@@ -109,6 +109,7 @@ actionsToolkit.run(
sbom: inputs.sbom,
source: inputs.source.remoteRef,
targets: inputs.targets,
vars: inputs.vars,
githubToken: gitAuthToken
},
{

12
subaction/matrix/README.md
View File

@@ -41,11 +41,11 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
-
name: Generate matrix
id: generate
uses: docker/bake-action/subaction/matrix@v6
uses: docker/bake-action/subaction/matrix@v7
with:
target: validate
@@ -60,7 +60,7 @@ jobs:
steps:
-
name: Validate
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
targets: ${{ matrix.target }}
```
@@ -95,11 +95,11 @@ jobs:
steps:
-
name: Checkout
uses: actions/checkout@v4
uses: actions/checkout@v6
-
name: Generate matrix
id: generate
uses: docker/bake-action/subaction/matrix@v6
uses: docker/bake-action/subaction/matrix@v7
with:
target: lint
fields: platforms
@@ -115,7 +115,7 @@ jobs:
steps:
-
name: Lint
uses: docker/bake-action@v6
uses: docker/bake-action@v7
with:
targets: ${{ matrix.target }}
set: |

2
subaction/matrix/action.yml
View File

@@ -28,7 +28,7 @@ runs:
-
name: Generate
id: generate
uses: actions/github-script@v7
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
env:
INPUT_WORKDIR: ${{ inputs.workdir }}
INPUT_FILES: ${{ inputs.files }}

13
test/config.hcl
View File

@@ -6,21 +6,26 @@ group "release" {
targets = ["db", "app-plus"]
}
# Special target: https://github.com/docker/metadata-action#bake-definition
target "docker-metadata-action" {
tags = [
"localhost:5000/name/app:latest",
"localhost:5000/name/app:1.0.0"
]
}
target "db" {
context = "./test"
tags = ["docker.io/tonistiigi/db"]
}
target "app" {
inherits = ["docker-metadata-action"]
context = "./test"
dockerfile = "Dockerfile"
args = {
name = "foo"
}
tags = [
"localhost:5000/name/app:latest",
"localhost:5000/name/app:1.0.0"
]
}
target "cross" {

1541
yarn.lock
View File

File diff suppressed because it is too large Load Diff