From 24efab297a987ede002f7e19c3888b5bdd4a3071 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 23 Oct 2023 00:10:15 +0000 Subject: [PATCH 01/54] chore(deps): pin docker docker tag to af96c68 (#95) --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index f9d9dd0..c0b5de4 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.11.2@sha256:e7f00cf9fc3754de699190b215d383e57bd654179b31b28eefadf978a362e647 -ARG DOCKER_VERSION=20.10-dind +ARG DOCKER_VERSION=20.10-dind@sha256:af96c680a7e1f853ebdd50c1e0577e5df4089b033102546dd6417419564df3b5 ARG GOLANG_VERSION=1.21@sha256:24a09375a6216764a3eda6a25490a88ac178b5fcb9511d59d0da5ebf9e496474 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From 4bc7de4d630760a28f1000673383f160c879db69 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 23 Oct 2023 11:31:58 +0000 Subject: [PATCH 02/54] fix(deps): update module github.com/drone-plugins/drone-plugin-lib to v0.4.1 (#96) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/drone-plugins/drone-plugin-lib](https://github.com/drone-plugins/drone-plugin-lib) | require | patch | `v0.4.0` -> `v0.4.1` | --- ### Release Notes
drone-plugins/drone-plugin-lib (github.com/drone-plugins/drone-plugin-lib) ### [`v0.4.1`](https://github.com/drone-plugins/drone-plugin-lib/compare/v0.4.0...v0.4.1) [Compare Source](https://github.com/drone-plugins/drone-plugin-lib/compare/v0.4.0...v0.4.1)
--- ### Configuration πŸ“… **Schedule**: Branch creation - "every weekend" (UTC), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Enabled. β™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. πŸ”• **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: Woodpecker Bot Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/96 Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index f87ce9d..09445c2 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v0.3.0 github.com/6543/go-version v1.3.1 - github.com/drone-plugins/drone-plugin-lib v0.4.0 + github.com/drone-plugins/drone-plugin-lib v0.4.1 github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.0 github.com/stretchr/testify v1.8.0 diff --git a/go.sum b/go.sum index 68ccc5c..e099812 100644 --- a/go.sum +++ b/go.sum @@ -15,6 +15,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/drone-plugins/drone-plugin-lib v0.4.0 h1:qywEYGhquUuid6zNLmKia8CWY1TUa8jPQQ/G9ozfAmc= github.com/drone-plugins/drone-plugin-lib v0.4.0/go.mod h1:EgqogX38GoJFtckeSQyhBJYX8P+KWBPhdprAVvyRxF8= +github.com/drone-plugins/drone-plugin-lib v0.4.1 h1:47rZlmcMpr1hSp+6Gl+1Z4t+efi/gMQU3lxukC1Yg64= +github.com/drone-plugins/drone-plugin-lib v0.4.1/go.mod h1:KwCu92jFjHV3xv2hu5Qg/8zBNvGwbhoJDQw/EwnTvoM= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg= github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= From db0f4f02d85d54bfe8cdc6df952585d02a5e3ad3 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 23 Oct 2023 12:02:41 +0000 Subject: [PATCH 03/54] fix(deps): update module github.com/sirupsen/logrus to v1.9.3 (#97) --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 09445c2..8b6fbf0 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/6543/go-version v1.3.1 github.com/drone-plugins/drone-plugin-lib v0.4.1 github.com/joho/godotenv v1.5.1 - github.com/sirupsen/logrus v1.9.0 + github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.0 github.com/urfave/cli/v2 v2.25.7 golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 diff --git a/go.sum b/go.sum index e099812..0221b8a 100644 --- a/go.sum +++ b/go.sum @@ -33,6 +33,8 @@ github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeV github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= +github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= From 204732bf498902fcfaf9eed749331b115ba1b229 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 23 Oct 2023 12:06:22 +0000 Subject: [PATCH 04/54] fix(deps): update module github.com/stretchr/testify to v1.8.4 (#98) --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 8b6fbf0..f83e391 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/drone-plugins/drone-plugin-lib v0.4.1 github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 - github.com/stretchr/testify v1.8.0 + github.com/stretchr/testify v1.8.4 github.com/urfave/cli/v2 v2.25.7 golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 honnef.co/go/tools v0.4.6 diff --git a/go.sum b/go.sum index 0221b8a..dbeb6cf 100644 --- a/go.sum +++ b/go.sum @@ -43,6 +43,8 @@ github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/urfave/cli/v2 v2.2.0/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ= github.com/urfave/cli/v2 v2.16.3 h1:gHoFIwpPjoyIMbJp/VFd+/vuD0dAgFK4B6DpEMFJfQk= github.com/urfave/cli/v2 v2.16.3/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI= From b518543505fe9fbcacb7bc80e026cd3df84d9c58 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 23 Oct 2023 14:12:09 +0000 Subject: [PATCH 05/54] fix(deps): update module codeberg.org/6543/go-yaml2json to v1 (#100) --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index f83e391..d40fdbe 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module codeberg.org/woodpecker-plugins/plugin-docker-buildx go 1.20 require ( - codeberg.org/6543/go-yaml2json v0.3.0 + codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 github.com/drone-plugins/drone-plugin-lib v0.4.1 github.com/joho/godotenv v1.5.1 diff --git a/go.sum b/go.sum index dbeb6cf..477f043 100644 --- a/go.sum +++ b/go.sum @@ -1,5 +1,7 @@ codeberg.org/6543/go-yaml2json v0.3.0 h1:BlvjmY0Gous8P+rr8aBdgPYnIfUAqFepF8q7Tp0R5t8= codeberg.org/6543/go-yaml2json v0.3.0/go.mod h1:mz61q14LWF4ZABrgMEDMmk3t9dPi6zgR1uBh2VKV2RQ= +codeberg.org/6543/go-yaml2json v1.0.0 h1:heGqo9VEi7gY2yNqjj7X4ADs5nzlFIbGsJtgYDLrnig= +codeberg.org/6543/go-yaml2json v1.0.0/go.mod h1:mz61q14LWF4ZABrgMEDMmk3t9dPi6zgR1uBh2VKV2RQ= github.com/6543/go-version v1.3.1 h1:HvOp+Telns7HWJ2Xo/05YXQSB2bE0WmVgbHqwMPZT4U= github.com/6543/go-version v1.3.1/go.mod h1:oqFAHCwtLVUTLdhQmVZWYvaHXTdsbB4SY85at64SQEo= github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= From c8fa946f163407060c52930d78858d3f47c076aa Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 23 Oct 2023 14:28:30 +0000 Subject: [PATCH 06/54] chore(deps): update docker docker tag to v24 (#99) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | docker | final | major | `20.10-dind` -> `24.0-dind` | --- ### Configuration πŸ“… **Schedule**: Branch creation - At any time (no schedule defined), Automerge - "before 4am" (UTC). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. β™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. πŸ”• **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Co-authored-by: woodpecker-bot Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/99 Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index c0b5de4..3b37bc2 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.11.2@sha256:e7f00cf9fc3754de699190b215d383e57bd654179b31b28eefadf978a362e647 -ARG DOCKER_VERSION=20.10-dind@sha256:af96c680a7e1f853ebdd50c1e0577e5df4089b033102546dd6417419564df3b5 +ARG DOCKER_VERSION=24.0-dind@sha256:0752ca4e936da012c173c119217c0f9599b3b191c1557e53206d5d06d2627580 ARG GOLANG_VERSION=1.21@sha256:24a09375a6216764a3eda6a25490a88ac178b5fcb9511d59d0da5ebf9e496474 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From a0371f88506298d49788deec3c6f1cddaea55fa0 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Wed, 25 Oct 2023 09:58:02 +0000 Subject: [PATCH 07/54] adds driver-opt arg as plugin parameter (#93) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit #### :book: Summary Adds `--driver-opt` buildx arg as plugin parameter. This should make it possible to pass through proxy settings. #### :bookmark_tabs: Test Plan > :bulb: Select your test plan for the code changes. - [x] CI pipeline tests - Custom test - No test plan ##### Details / Justification Manually tested on own instance behind corporate proxy: ![image](/attachments/b65d981d-c9b8-4228-8e9c-61fa517d98b6) Unfortunately the `--build-arg` passthru seems not working #### :books: Additional Notes - fixes #82 - still to do: - [x] update docs - [x] add usage example > πŸ’‘NOTE: This is my first contribution in this codebase. Feedback and help is probably needed 😸 Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/93 Reviewed-by: Patrick Schratz Co-authored-by: OCram85 Co-committed-by: OCram85 --- cmd/docker-buildx/config.go | 6 ++++ docs.md | 53 +++++++++++++++++++++++++++ plugin/docker.go | 4 +++ plugin/docker_test.go | 72 +++++++++++++++++++++++++++++++++++++ plugin/impl.go | 29 +++++++-------- 5 files changed, 150 insertions(+), 14 deletions(-) create mode 100644 plugin/docker_test.go diff --git a/cmd/docker-buildx/config.go b/cmd/docker-buildx/config.go index 3b42772..a99cccf 100644 --- a/cmd/docker-buildx/config.go +++ b/cmd/docker-buildx/config.go @@ -99,6 +99,12 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag { Usage: "sets content of the docker buildkit json config", Destination: &settings.Daemon.BuildkitConfig, }, + &cli.StringSliceFlag{ + Name: "daemon.buildkit-driveropt", + EnvVars: []string{"PLUGIN_BUILDKIT_DRIVEROPT"}, + Usage: "adds optional driver-ops args like 'env.http_proxy'", + Destination: &settings.Daemon.BuildkitDriverOpt, + }, &cli.StringFlag{ Name: "dockerfile", EnvVars: []string{"PLUGIN_DOCKERFILE"}, diff --git a/docs.md b/docs.md index 14898d8..f323410 100644 --- a/docs.md +++ b/docs.md @@ -102,6 +102,7 @@ If it's not a tag event, and no default branch, automated tags are skipped. | `debug` | `false` | enables verbose debug mode for the docker daemon | `daemon_off` | `false` | disables the startup of the docker daemon | `buildkit_config` | *none* | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) +| `buildkit_driveropt` | *none* | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance | `tags_file` | *none* | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a comma | `context` | `.` | sets the path of the build context to use | `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via `tags` are additionally added to the auto_tags without suffix @@ -142,3 +143,55 @@ settings: password: from_secret: cb_token ``` + + +## Using `plugin-docker-buildx` behind a proxy + +When performing a docker build behind a corporate proxy one needs to pass through the proxy settings to the plugin. + +```yaml +variables: + # proxy config + - proxy_conf: &proxy_conf + - http_proxy: 'http://X.Y.Z.Z:3128' + - https_proxy: 'http://X.Y.Z.Z:3128' + - no_proxy: '.my-subdomain.com' + # deployment targets + - &publish_repos 'codeberg.org/test' + # logins for deployment targets + - publish_logins: &publish_logins + - registry: https://codeberg.org + username: + from_secret: CODEBERG_USER + password: + from_secret: CODEBERG_TOKEN + +steps: + test: + image: woodpeckerci/plugin-docker-buildx:2 + environment: + # adding proxy in env for the plugin runtime itself. + - <<: *proxy_conf + privileged: true + settings: + dry_run: true + repo: *publish_repos + dockerfile: Dockerfile.multi + platforms: linux/amd64 + auto_tag: true + logins: *publish_logins + # Adding custom dns server to lookup internal Docker Hub mirror. + # custom_dns: + # - 192.168.55.31 + # - 192.168.55.32 + # Adding an optional Docker Hub mirror for the nested dockerd. + # mirror: https://my-mirror.example.com + build_args: + # passthrough proxy config to the build process and Dockerfile CMDs itself. + - <<: *proxy_conf + # add driver-opt http config to tell buildkit + buildx to resolve external checksums through a proxy. + buildkit_driveropt: + - 'env.http_proxy=http://X.Y.Z.Z:3128' + - 'env.https_proxy=http://X.Y.Z.Z:3128' + - 'env.no_proxy=.my-subdomain.com' +``` \ No newline at end of file diff --git a/plugin/docker.go b/plugin/docker.go index d914692..395a4c6 100644 --- a/plugin/docker.go +++ b/plugin/docker.go @@ -41,6 +41,10 @@ func commandBuilder(daemon Daemon) *exec.Cmd { args = append(args, "--config", buildkitConfig) } + for _, driveropt := range daemon.BuildkitDriverOpt.Value() { + args = append(args, "--driver-opt", driveropt) + } + return exec.Command(dockerExe, args...) } diff --git a/plugin/docker_test.go b/plugin/docker_test.go new file mode 100644 index 0000000..8be3298 --- /dev/null +++ b/plugin/docker_test.go @@ -0,0 +1,72 @@ +package plugin + +import ( + "fmt" + "os" + "testing" + + "github.com/stretchr/testify/assert" + "github.com/urfave/cli/v2" +) + +func TestCommandBuilder(t *testing.T) { + + tests := []struct { + Name string + Daemon Daemon + Input string + WantedLen int + Skip bool + Excuse string + }{ + { + Name: "Single driver-opt value", + Daemon: Daemon{}, + Input: "no_proxy=*.mydomain", + WantedLen: 1, + }, + { + Name: "Single driver-opt value with comma", + Input: "no_proxy=.mydomain,.sub.domain.com", + WantedLen: 1, + Skip: true, + Excuse: "Can be enabled whenever #94 is fixed.", + + }, + } + + for _, test := range tests { + t.Run(test.Name, func(t *testing.T) { + if (test.Skip) { + t.Skip(fmt.Printf("%v skipped. %v", test.Name, test.Excuse)) + } + // prepare test values to mock plugin call with settings + os.Setenv("PLUGIN_BUILDKIT_DRIVEROPT", test.Input) + + // create dummy cli app to reproduce the issue + app := &cli.App{ + Name: "dummy App", + Usage: "testing inputs", + Version: "0.0.1", + Flags: []cli.Flag{ + &cli.StringSliceFlag{ + Name: "daemon.buildkit-driveropt", + EnvVars: []string{"PLUGIN_BUILDKIT_DRIVEROPT"}, + Usage: "adds optional driver-ops args like 'env.http_proxy'", + Destination: &test.Daemon.BuildkitDriverOpt, + }, + }, + Action: nil, + } + + // need to run the app to resolve the flags + _ = app.Run(nil) + + // call the commandBuilder to prepare the cmd with its args + _ = commandBuilder(test.Daemon) + + assert.Len(t, test.Daemon.BuildkitDriverOpt.Value(), test.WantedLen) + }) + } + +} diff --git a/plugin/impl.go b/plugin/impl.go index d6e16c8..720fbeb 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -18,20 +18,21 @@ import ( // Daemon defines Docker daemon parameters. type Daemon struct { - Registry string // Docker registry - Mirror string // Docker registry mirror - Insecure bool // Docker daemon enable insecure registries - StorageDriver string // Docker daemon storage driver - StoragePath string // Docker daemon storage path - Disabled bool // DOcker daemon is disabled (already running) - Debug bool // Docker daemon started in debug mode - Bip string // Docker daemon network bridge IP address - DNS cli.StringSlice // Docker daemon dns server - DNSSearch cli.StringSlice // Docker daemon dns search domain - MTU string // Docker daemon mtu setting - IPv6 bool // Docker daemon IPv6 networking - Experimental bool // Docker daemon enable experimental mode - BuildkitConfig string // Docker buildkit config + Registry string // Docker registry + Mirror string // Docker registry mirror + Insecure bool // Docker daemon enable insecure registries + StorageDriver string // Docker daemon storage driver + StoragePath string // Docker daemon storage path + Disabled bool // DOcker daemon is disabled (already running) + Debug bool // Docker daemon started in debug mode + Bip string // Docker daemon network bridge IP address + DNS cli.StringSlice // Docker daemon dns server + DNSSearch cli.StringSlice // Docker daemon dns search domain + MTU string // Docker daemon mtu setting + IPv6 bool // Docker daemon IPv6 networking + Experimental bool // Docker daemon enable experimental mode + BuildkitConfig string // Docker buildkit config + BuildkitDriverOpt cli.StringSlice // Docker buildkit driveropt args } // Login defines Docker login parameters. From e29bb19c9d7d57f07883bd9e41984fd55199266d Mon Sep 17 00:00:00 2001 From: pat-s Date: Wed, 25 Oct 2023 12:31:29 +0200 Subject: [PATCH 08/54] add gitea release plugin --- .woodpecker.yml | 27 ++++++++++++++++++++------- 1 file changed, 20 insertions(+), 7 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 0170411..9327879 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -5,13 +5,13 @@ when: - ${CI_REPO_DEFAULT_BRANCH} variables: - - &golang 'golang:1.21' - - &build_plugin 'woodpeckerci/plugin-docker-buildx:2.1.0' - - base_settings: &base_buildx_settings - platforms: 'linux/amd64,linux/arm64' - dockerfile: Dockerfile.multiarch - auto_tag: true - repo: woodpeckerci/plugin-docker-buildx,codeberg.org/woodpecker-plugins/docker-buildx + - &golang "golang:1.21" + - &build_plugin "woodpeckerci/plugin-docker-buildx:2.1.0" + - base_settings: &base_buildx_settings + platforms: "linux/amd64,linux/arm64" + dockerfile: Dockerfile.multiarch + auto_tag: true + repo: woodpeckerci/plugin-docker-buildx,codeberg.org/woodpecker-plugins/docker-buildx steps: vendor: @@ -54,3 +54,16 @@ steps: when: event: [push, tag, cron] branch: ${CI_REPO_DEFAULT_BRANCH} + + # TODO: replace by plugin-ready-release-go once it supports gitea + gitea-release: + image: "woodpeckerci/plugin-gitea-release:0.3.1" + settings: + base_url: https://codeberg.org + title: ${CI_COMMIT_TAG} + api_key: + from_secret: gitea_token + target: main + when: + event: [tag] + branch: ${CI_REPO_DEFAULT_BRANCH} From 3d64e92383fb229fcaef7f44d607365eeb153d0d Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Wed, 25 Oct 2023 10:45:16 +0000 Subject: [PATCH 09/54] chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v2.2.0 (#102) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 9327879..80756fa 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -6,7 +6,7 @@ when: variables: - &golang "golang:1.21" - - &build_plugin "woodpeckerci/plugin-docker-buildx:2.1.0" + - &build_plugin "woodpeckerci/plugin-docker-buildx:2.2.0" - base_settings: &base_buildx_settings platforms: "linux/amd64,linux/arm64" dockerfile: Dockerfile.multiarch From b71ce15f1713291a04cb3293652d45b5cd7fc572 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 30 Oct 2023 00:15:18 +0000 Subject: [PATCH 10/54] chore(docker): update docker:24.0-dind docker digest to 1dfc375 (#106) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 3b37bc2..e990b5b 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.11.2@sha256:e7f00cf9fc3754de699190b215d383e57bd654179b31b28eefadf978a362e647 -ARG DOCKER_VERSION=24.0-dind@sha256:0752ca4e936da012c173c119217c0f9599b3b191c1557e53206d5d06d2627580 +ARG DOCKER_VERSION=24.0-dind@sha256:1dfc375736e448806602211e09a9b1390eb110548dcb839eef374da357ca5f5d ARG GOLANG_VERSION=1.21@sha256:24a09375a6216764a3eda6a25490a88ac178b5fcb9511d59d0da5ebf9e496474 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From 5116f6263fca781c3702afacd8f407101f8eafab Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 30 Oct 2023 09:33:19 +0100 Subject: [PATCH 11/54] renovate: use org config --- renovate.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/renovate.json b/renovate.json index bf73d46..b3e1b63 100644 --- a/renovate.json +++ b/renovate.json @@ -1,4 +1,4 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", - "extends": ["github>thegeeklab/renovate-presets"] + "extends": ["local>woodpecker-plugins/renovate-config"] } From 4c119d46fc3f4da7a037b449c6f8fc206c17bfee Mon Sep 17 00:00:00 2001 From: Thomas Renes Date: Wed, 1 Nov 2023 10:32:01 +0000 Subject: [PATCH 12/54] Fix separator for tags_file in docs (#107) This fixes an error in the documentation. Multiple tags in tags_file are separated by a newline instead of a comma. See: https://codeberg.org/woodpecker-plugins/docker-buildx/src/commit/5116f6263fca781c3702afacd8f407101f8eafab/plugin/impl.go#L138 Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/107 Reviewed-by: Patrick Schratz Co-authored-by: Thomas Renes Co-committed-by: Thomas Renes --- docs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs.md b/docs.md index f323410..6385107 100644 --- a/docs.md +++ b/docs.md @@ -103,7 +103,7 @@ If it's not a tag event, and no default branch, automated tags are skipped. | `daemon_off` | `false` | disables the startup of the docker daemon | `buildkit_config` | *none* | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | `buildkit_driveropt` | *none* | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance -| `tags_file` | *none* | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a comma +| `tags_file` | *none* | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | `context` | `.` | sets the path of the build context to use | `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via `tags` are additionally added to the auto_tags without suffix | `default_suffix"`/`auto_tag_suffix`| *none* | generates tag names with the given suffix From 21518998d8ac49517ad3d67469840e13e9b35398 Mon Sep 17 00:00:00 2001 From: pat-s Date: Fri, 3 Nov 2023 07:41:43 +0100 Subject: [PATCH 13/54] remove sha tags --- Dockerfile.multiarch | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index e990b5b..0e61b8b 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,6 +1,6 @@ -ARG BUILDX_VERSION=0.11.2@sha256:e7f00cf9fc3754de699190b215d383e57bd654179b31b28eefadf978a362e647 -ARG DOCKER_VERSION=24.0-dind@sha256:1dfc375736e448806602211e09a9b1390eb110548dcb839eef374da357ca5f5d -ARG GOLANG_VERSION=1.21@sha256:24a09375a6216764a3eda6a25490a88ac178b5fcb9511d59d0da5ebf9e496474 +ARG BUILDX_VERSION=0.11.2 +ARG DOCKER_VERSION=24.0-dind +ARG GOLANG_VERSION=1.21 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From da8571c71865f0226478fb60377eca7e6354ae04 Mon Sep 17 00:00:00 2001 From: pat-s Date: Wed, 8 Nov 2023 02:42:05 +0000 Subject: [PATCH 14/54] Add `git` to image (#109) Current runs of the plugin output the following ``` WARNING: buildx: git was not found in the system. Current commit information was not captured by the build ``` adding `git` should solve this. Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/109 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: pat-s Co-committed-by: pat-s --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 0e61b8b..2697d49 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -15,7 +15,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \ FROM docker/buildx-bin:${BUILDX_VERSION} as buildx-bin FROM docker:${DOCKER_VERSION} -RUN apk --update --no-cache add coredns +RUN apk --update --no-cache add coredns git COPY --from=build /src/Corefile /etc/coredns/Corefile COPY --from=buildx-bin /buildx /usr/libexec/docker/cli-plugins/docker-buildx From 43d3ea541b64af6289fc106de5c551a075c9fce9 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sun, 19 Nov 2023 00:31:29 +0000 Subject: [PATCH 15/54] chore(deps): update docker/buildx-bin docker tag to v0.12.0 (#111) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 2697d49..ba42de0 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,4 +1,4 @@ -ARG BUILDX_VERSION=0.11.2 +ARG BUILDX_VERSION=0.12.0 ARG DOCKER_VERSION=24.0-dind ARG GOLANG_VERSION=1.21 From d771a60d94d96e26c5e7016d76d7d448751bb661 Mon Sep 17 00:00:00 2001 From: pat-s Date: Sun, 19 Nov 2023 13:28:17 +0100 Subject: [PATCH 16/54] pin docker version on patch level --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index ba42de0..2563935 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.12.0 -ARG DOCKER_VERSION=24.0-dind +ARG DOCKER_VERSION=24.0.7-dind ARG GOLANG_VERSION=1.21 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From dd7bec809c080f7d0862d4305e3ea2fce7f9412f Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Tue, 21 Nov 2023 00:15:54 +0000 Subject: [PATCH 17/54] chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v2.2.1 (#112) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 80756fa..a4cc44b 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -6,7 +6,7 @@ when: variables: - &golang "golang:1.21" - - &build_plugin "woodpeckerci/plugin-docker-buildx:2.2.0" + - &build_plugin "woodpeckerci/plugin-docker-buildx:2.2.1" - base_settings: &base_buildx_settings platforms: "linux/amd64,linux/arm64" dockerfile: Dockerfile.multiarch From aaad385133e40af58303648d6e1c1c06fbcc3fca Mon Sep 17 00:00:00 2001 From: pat-s Date: Wed, 22 Nov 2023 12:57:40 +0100 Subject: [PATCH 18/54] run testst on renovate/* branches --- .woodpecker.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index a4cc44b..fb3cc23 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -3,6 +3,7 @@ when: - event: push branch: - ${CI_REPO_DEFAULT_BRANCH} + - renovate/* variables: - &golang "golang:1.21" @@ -31,7 +32,9 @@ steps: dry_run: true when: event: pull_request - branch: main + branch: + - ${CI_REPO_DEFAULT_BRANCH} + - renovate/* publish: image: *build_plugin From 75f4ccee6261390912a289a286a0bf82c5b44c42 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Thu, 23 Nov 2023 00:09:54 +0000 Subject: [PATCH 19/54] fix(deps): update module github.com/drone-plugins/drone-plugin-lib to v0.4.2 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index d40fdbe..b0b3feb 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 - github.com/drone-plugins/drone-plugin-lib v0.4.1 + github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 diff --git a/go.sum b/go.sum index 477f043..11ca4ba 100644 --- a/go.sum +++ b/go.sum @@ -19,6 +19,8 @@ github.com/drone-plugins/drone-plugin-lib v0.4.0 h1:qywEYGhquUuid6zNLmKia8CWY1TU github.com/drone-plugins/drone-plugin-lib v0.4.0/go.mod h1:EgqogX38GoJFtckeSQyhBJYX8P+KWBPhdprAVvyRxF8= github.com/drone-plugins/drone-plugin-lib v0.4.1 h1:47rZlmcMpr1hSp+6Gl+1Z4t+efi/gMQU3lxukC1Yg64= github.com/drone-plugins/drone-plugin-lib v0.4.1/go.mod h1:KwCu92jFjHV3xv2hu5Qg/8zBNvGwbhoJDQw/EwnTvoM= +github.com/drone-plugins/drone-plugin-lib v0.4.2 h1:EiJ3Kco6ypP5noBQqVt1bBbuO1eUAumtPvLTX/NVAYg= +github.com/drone-plugins/drone-plugin-lib v0.4.2/go.mod h1:KwCu92jFjHV3xv2hu5Qg/8zBNvGwbhoJDQw/EwnTvoM= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg= github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= From a5864fb4165a601a1ac4acce331ce9c7a49a5669 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Mon, 4 Dec 2023 00:20:44 +0000 Subject: [PATCH 20/54] fix(deps): update module github.com/urfave/cli/v2 to v2.26.0 (#114) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index b0b3feb..b0c8025 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 - github.com/urfave/cli/v2 v2.25.7 + github.com/urfave/cli/v2 v2.26.0 golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 honnef.co/go/tools v0.4.6 ) diff --git a/go.sum b/go.sum index 11ca4ba..df5f702 100644 --- a/go.sum +++ b/go.sum @@ -54,6 +54,8 @@ github.com/urfave/cli/v2 v2.16.3 h1:gHoFIwpPjoyIMbJp/VFd+/vuD0dAgFK4B6DpEMFJfQk= github.com/urfave/cli/v2 v2.16.3/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI= github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= +github.com/urfave/cli/v2 v2.26.0 h1:3f3AMg3HpThFNT4I++TKOejZO8yU55t3JnnSr4S4QEI= +github.com/urfave/cli/v2 v2.26.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= From cb851be7dff83c69ae9d5382a83037d9f7c331cc Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Wed, 27 Dec 2023 00:09:24 +0000 Subject: [PATCH 21/54] fix(deps): update module github.com/urfave/cli/v2 to v2.27.0 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index b0c8025..7216460 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 - github.com/urfave/cli/v2 v2.26.0 + github.com/urfave/cli/v2 v2.27.0 golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 honnef.co/go/tools v0.4.6 ) diff --git a/go.sum b/go.sum index df5f702..ff84ee8 100644 --- a/go.sum +++ b/go.sum @@ -56,6 +56,8 @@ github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/urfave/cli/v2 v2.26.0 h1:3f3AMg3HpThFNT4I++TKOejZO8yU55t3JnnSr4S4QEI= github.com/urfave/cli/v2 v2.26.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= +github.com/urfave/cli/v2 v2.27.0 h1:uNs1K8JwTFL84X68j5Fjny6hfANh9nTlJ6dRtZAFAHY= +github.com/urfave/cli/v2 v2.27.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= From e93554e4bc0783589c23576de77440e495aedad7 Mon Sep 17 00:00:00 2001 From: pat-s Date: Fri, 29 Dec 2023 22:06:37 +0000 Subject: [PATCH 22/54] feat: add support for AWS ECR (#110) fix #74 Mainly borrowed from https://github.com/drone-plugins/drone-docker/tree/master/cmd/drone-ecr. `drone/ecr` is still on 20.10.14 and sparsely updated/maintained. Would be great to add support for additional registries like ECR to buildx. The login process is as follows: 1. Call the AWS API with some arguments to get a short-lived auth token (12h) 2. Use the token and Username `AWS` for the `docker login` call ## Notes - To push to ECR, the full registry URL must be given in the tag, i.e. `registry/owner/repo`. For this, `Registry` must also be added the to `Build` struct besides the `Settings` struct - For now I've only referenced the source in `ecr.go` by using the most recent commit of today. Should this be done differently? - The implementation here from me is simple and probably a bit "naive" as this is my first "real" golang feature PR. - I've tested this change with a custom image and was able to successfully push to ECR while dynamically creating a repository. Proper tests would still be great... - Vars `assumeRole` and `externalID` are somehow not exposed in https://plugins.drone.io/plugins/ecr and I am not sure if this is by design or because they were just forgotten. Anyhow, this is reason I didn't expose them for now and just added internal dummy vars. Co-authored-by: pat-s Co-committed-by: pat-s --- cmd/docker-buildx/config.go | 42 +++++++ go.mod | 4 +- go.sum | 55 ++------- plugin/docker.go | 2 +- plugin/ecr.go | 227 ++++++++++++++++++++++++++++++++++++ plugin/impl.go | 27 +++++ 6 files changed, 311 insertions(+), 46 deletions(-) create mode 100644 plugin/ecr.go diff --git a/cmd/docker-buildx/config.go b/cmd/docker-buildx/config.go index a99cccf..4038fe8 100644 --- a/cmd/docker-buildx/config.go +++ b/cmd/docker-buildx/config.go @@ -289,5 +289,47 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag { Usage: "sets build output type and destination configuration", Destination: &settings.Build.Output, }, + &cli.StringFlag{ + Name: "ecr.aws_access_key_id", + EnvVars: []string{"PLUGIN_AWS_ACCESS_KEY_ID"}, + Usage: "Access Key ID for AWS", + Destination: &settings.AwsAccessKeyId, + }, + &cli.StringFlag{ + Name: "ecr.aws_secret_access_key_id", + EnvVars: []string{"PLUGIN_AWS_SECRET_ACCESS_KEY"}, + Usage: "Secret Access Key for AWS", + Destination: &settings.AwsSecretAccessKey, + }, + &cli.StringFlag{ + Name: "ecr.aws_region", + EnvVars: []string{"PLUGIN_AWS_REGION"}, + Usage: "AWS region to use", + Destination: &settings.AwsRegion, + }, + &cli.BoolFlag{ + Name: "ecr.create_repository", + EnvVars: []string{"PLUGIN_CREATE_REPOSITORY"}, + Usage: "creates the ECR repository if it does not exist", + Destination: &settings.CreateRepository, + }, + &cli.StringFlag{ + Name: "ecr.lifecycle_policy", + EnvVars: []string{"PLUGIN_LIFECYCLE_POLICY"}, + Usage: "AWS ECR lifecycle policy", + Destination: &settings.LifecyclePolicy, + }, + &cli.StringFlag{ + Name: "ecr.repository_policy", + EnvVars: []string{"PLUGIN_REPOSITORY_POLICY"}, + Usage: "AWS ECR repository policy", + Destination: &settings.RepositoryPolicy, + }, + &cli.BoolFlag{ + Name: "ecr.scan_on_push", + EnvVars: []string{"PLUGIN_SCAN_ON_PUSH"}, + Usage: "AWS: whether to enable image scanning on push", + Destination: &settings.ScanOnPush, + }, } } diff --git a/go.mod b/go.mod index 7216460..7f25329 100644 --- a/go.mod +++ b/go.mod @@ -5,6 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 + github.com/aws/aws-sdk-go v1.47.4 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 @@ -18,12 +19,13 @@ require ( github.com/BurntSushi/toml v1.3.2 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect + github.com/jmespath/go-jmespath v0.4.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a // indirect golang.org/x/mod v0.12.0 // indirect - golang.org/x/sys v0.11.0 // indirect + golang.org/x/sys v0.12.0 // indirect golang.org/x/tools v0.12.1-0.20230825192346-2191a27a6dc5 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index ff84ee8..47cfb98 100644 --- a/go.sum +++ b/go.sum @@ -1,59 +1,37 @@ -codeberg.org/6543/go-yaml2json v0.3.0 h1:BlvjmY0Gous8P+rr8aBdgPYnIfUAqFepF8q7Tp0R5t8= -codeberg.org/6543/go-yaml2json v0.3.0/go.mod h1:mz61q14LWF4ZABrgMEDMmk3t9dPi6zgR1uBh2VKV2RQ= codeberg.org/6543/go-yaml2json v1.0.0 h1:heGqo9VEi7gY2yNqjj7X4ADs5nzlFIbGsJtgYDLrnig= codeberg.org/6543/go-yaml2json v1.0.0/go.mod h1:mz61q14LWF4ZABrgMEDMmk3t9dPi6zgR1uBh2VKV2RQ= github.com/6543/go-version v1.3.1 h1:HvOp+Telns7HWJ2Xo/05YXQSB2bE0WmVgbHqwMPZT4U= github.com/6543/go-version v1.3.1/go.mod h1:oqFAHCwtLVUTLdhQmVZWYvaHXTdsbB4SY85at64SQEo= -github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU= -github.com/BurntSushi/toml v1.1.0 h1:ksErzDEI1khOiGPgpwuI7x2ebx/uXQNw7xJpn9Eq1+I= -github.com/BurntSushi/toml v1.1.0/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU= +github.com/aws/aws-sdk-go v1.47.4 h1:IyhNbmPt+5ldi5HNzv7ZnXiqSglDMaJiZlzj4Yq3qnk= +github.com/aws/aws-sdk-go v1.47.4/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/drone-plugins/drone-plugin-lib v0.4.0 h1:qywEYGhquUuid6zNLmKia8CWY1TUa8jPQQ/G9ozfAmc= -github.com/drone-plugins/drone-plugin-lib v0.4.0/go.mod h1:EgqogX38GoJFtckeSQyhBJYX8P+KWBPhdprAVvyRxF8= -github.com/drone-plugins/drone-plugin-lib v0.4.1 h1:47rZlmcMpr1hSp+6Gl+1Z4t+efi/gMQU3lxukC1Yg64= -github.com/drone-plugins/drone-plugin-lib v0.4.1/go.mod h1:KwCu92jFjHV3xv2hu5Qg/8zBNvGwbhoJDQw/EwnTvoM= github.com/drone-plugins/drone-plugin-lib v0.4.2 h1:EiJ3Kco6ypP5noBQqVt1bBbuO1eUAumtPvLTX/NVAYg= github.com/drone-plugins/drone-plugin-lib v0.4.2/go.mod h1:KwCu92jFjHV3xv2hu5Qg/8zBNvGwbhoJDQw/EwnTvoM= -github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= -github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg= -github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= +github.com/jmespath/go-jmespath v0.4.0 h1:BEgLn5cpjn8UN1mAw4NjwDrS35OdebyEtFe+9YPoQUg= +github.com/jmespath/go-jmespath v0.4.0/go.mod h1:T8mJZnbsbmF+m6zOOFylbeCJqk5+pHWvzYPziyZiYoo= +github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGwWFoC7ycTf1rcQZHOlsJ6N8= +github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= -github.com/konsorten/go-windows-terminal-sequences v1.0.3/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ= -github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc= -github.com/sirupsen/logrus v1.6.0/go.mod h1:7uNnSEd1DgxDLC74fIahvMZmmYsHGZGEOFrfsX/uA88= -github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0= -github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= -github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.8.0 h1:pSgiaMZlXftHpm5L7V1+rVB+AZJydKsMxsQBIJw4PKk= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/urfave/cli/v2 v2.2.0/go.mod h1:SE9GqnLQmjVa0iPEY0f1w3ygNIYcIJ0OKPMoW2caLfQ= -github.com/urfave/cli/v2 v2.16.3 h1:gHoFIwpPjoyIMbJp/VFd+/vuD0dAgFK4B6DpEMFJfQk= -github.com/urfave/cli/v2 v2.16.3/go.mod h1:1CNUng3PtjQMtRzJO4FMXBQvkGtuYRxxiR9xMa7jMwI= -github.com/urfave/cli/v2 v2.25.7 h1:VAzn5oq403l5pHjc4OhD54+XGO9cdKVL/7lDjF+iKUs= -github.com/urfave/cli/v2 v2.25.7/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/urfave/cli/v2 v2.26.0 h1:3f3AMg3HpThFNT4I++TKOejZO8yU55t3JnnSr4S4QEI= github.com/urfave/cli/v2 v2.26.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/urfave/cli/v2 v2.27.0 h1:uNs1K8JwTFL84X68j5Fjny6hfANh9nTlJ6dRtZAFAHY= @@ -62,44 +40,33 @@ github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRT github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= -golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e h1:qyrTQ++p1afMkO4DPEeLGq/3oTsdlvdH4vqZUBWzUKM= -golang.org/x/exp/typeparams v0.0.0-20220218215828-6cf2b201936e/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a h1:Jw5wfR+h9mnIYH+OtGT2im5wV1YGGDora5vTv/aa5bE= golang.org/x/exp/typeparams v0.0.0-20221208152030-732eee02a75a/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 h1:VLliZ0d+/avPrXXH+OakdXhpJuEoBZuwh1m2j7U6Iug= golang.org/x/lint v0.0.0-20210508222113-6edffad5e616/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY= golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4 h1:6zppjxzCulZykYSLyVDYbneBfbaBIQPYMevg0bEwv2s= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= +golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= -golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.12.0 h1:CM0HF96J0hcLAwsHPJZjfdNzs0gftsLfgKt57wWHJ0o= +golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/tools v0.0.0-20190624222133-a101b041ded4/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc= golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28= -golang.org/x/tools v0.1.11-0.20220513221640-090b14e8501f h1:OKYpQQVE3DKSc3r3zHVzq46vq5YH7x8xpR3/k9ixmUg= -golang.org/x/tools v0.1.11-0.20220513221640-090b14e8501f/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= golang.org/x/tools v0.12.1-0.20230825192346-2191a27a6dc5 h1:Vk4mysSz+GqQK2eqgWbo4zEO89wkeAjJiFIr9bpqa8k= golang.org/x/tools v0.12.1-0.20230825192346-2191a27a6dc5/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= +gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10= +gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools/v3 v3.0.2/go.mod h1:3SzNCllyD9/Y+b5r9JIKQ474KzkZyqLqEfYqMsX94Bk= -honnef.co/go/tools v0.3.3 h1:oDx7VAwstgpYpb3wv0oxiZlxY+foCpRAwY7Vk6XpAgA= -honnef.co/go/tools v0.3.3/go.mod h1:jzwdWgg7Jdq75wlfblQxO4neNaFFSvgc1tD5Wv8U0Yw= honnef.co/go/tools v0.4.6 h1:oFEHCKeID7to/3autwsWfnuv69j3NsfcXbvJKuIcep8= honnef.co/go/tools v0.4.6/go.mod h1:+rnGS1THNh8zMwnd2oVOTL9QF6vmfyG6ZXBULae2uc0= diff --git a/plugin/docker.go b/plugin/docker.go index 395a4c6..750810a 100644 --- a/plugin/docker.go +++ b/plugin/docker.go @@ -44,7 +44,7 @@ func commandBuilder(daemon Daemon) *exec.Cmd { for _, driveropt := range daemon.BuildkitDriverOpt.Value() { args = append(args, "--driver-opt", driveropt) } - + return exec.Command(dockerExe, args...) } diff --git a/plugin/ecr.go b/plugin/ecr.go new file mode 100644 index 0000000..ed91494 --- /dev/null +++ b/plugin/ecr.go @@ -0,0 +1,227 @@ +// Source: https://github.com/drone-plugins/drone-docker/tree/939591f01828eceae54f5768dc7ce08ad0ad0bba/cmd/drone-ecr +package plugin + +import ( + "encoding/base64" + "fmt" + "log" + "os" + "strings" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/credentials/stscreds" + "github.com/aws/aws-sdk-go/aws/session" + "github.com/aws/aws-sdk-go/service/ecr" +) + +const DefaultRegion = "us-east-1" + +var repo string +var assumeRole string +var externalID string +var ecr_login Login +var aws_region string + +func (p *Plugin) EcrInit() { + + // create a standalone Login object to account for single repo and multi-repo case + if len(p.settings.Logins) >= 1 { + for _, login := range p.settings.Logins { + if strings.Contains(login.Registry, "amazonaws.com") { + ecr_login = login + aws_region = login.Aws_region + + // filter repo containing ecr registry + substrings := make([]string, 0) + for _, repo := range p.settings.Build.Repo.Value() { + substrings = append(substrings, strings.Split(repo, ",")...) + } + filtered := make([]string, 0) + for _, s := range substrings { + if strings.Contains(s, "amazonaws.com") { + filtered = append(filtered, s) + } + } + + // Join the filtered substrings into a comma-separated string + repo = strings.Join(filtered, ",") + + // set the region + if aws_region == "" { + aws_region = DefaultRegion + } + + os.Setenv("AWS_REGION", aws_region) + os.Setenv("AWS_ACCESS_KEY_ID", ecr_login.Aws_access_key_id) + os.Setenv("AWS_SECRET_ACCESS_KEY", ecr_login.Aws_secret_access_key) + + } + } + } else { + ecr_login.Aws_access_key_id = p.settings.AwsAccessKeyId + ecr_login.Aws_secret_access_key = p.settings.AwsSecretAccessKey + aws_region = p.settings.AwsRegion + repo = p.settings.Build.Repo.Value()[0] + + // set the region + if aws_region == "" { + aws_region = DefaultRegion + } + + os.Setenv("AWS_REGION", p.settings.AwsRegion) + os.Setenv("AWS_ACCESS_KEY_ID", p.settings.AwsAccessKeyId) + os.Setenv("AWS_SECRET_ACCESS_KEY", p.settings.AwsSecretAccessKey) + } + // here the env vars are used for authentication + sess, err := session.NewSession(&aws.Config{Region: &aws_region}) + if err != nil { + log.Fatalf("error creating aws session: %v", err) + } + + svc := getECRClient(sess, assumeRole, externalID) + username, password, registry, err := getAuthInfo(svc) + + if err != nil { + log.Fatalf("error getting ECR auth: %v", err) + } + + if !strings.HasPrefix(repo, registry) { + repo = fmt.Sprintf("%s/%s", registry, repo) + } + + if p.settings.CreateRepository { + err = ensureRepoExists(svc, trimHostname(repo, registry), p.settings.ScanOnPush) + if err != nil { + log.Fatalf("error creating ECR repo: %v", err) + } + err = updateImageScannningConfig(svc, trimHostname(repo, registry), p.settings.ScanOnPush) + if err != nil { + log.Fatalf("error updating scan on push for ECR repo: %v", err) + } + } + + if p.settings.LifecyclePolicy != "" { + p, err := os.ReadFile(p.settings.LifecyclePolicy) + if err != nil { + log.Fatal(err) + } + if err := uploadLifeCyclePolicy(svc, string(p), trimHostname(repo, registry)); err != nil { + log.Fatalf("error uploading ECR lifecycle policy: %v", err) + } + } + + if p.settings.RepositoryPolicy != "" { + p, err := os.ReadFile(p.settings.RepositoryPolicy) + if err != nil { + log.Fatal(err) + } + if err := uploadRepositoryPolicy(svc, string(p), trimHostname(repo, registry)); err != nil { + log.Fatalf("error uploading ECR repository policy. %v", err) + } + } + + // set Username and Password for all Login which contain an AWS key + if len(p.settings.Logins) >= 1 { + for i, login := range p.settings.Logins { + if login.Aws_secret_access_key != "" && login.Aws_access_key_id != "" { + p.settings.Logins[i].Username = username + p.settings.Logins[i].Password = password + p.settings.Logins[i].Registry = registry + } + } + } else { + p.settings.DefaultLogin.Username = username + p.settings.DefaultLogin.Password = password + p.settings.DefaultLogin.Registry = registry + } + +} + +func trimHostname(repo, registry string) string { + repo = strings.TrimPrefix(repo, registry) + repo = strings.TrimLeft(repo, "/") + return repo +} + +func ensureRepoExists(svc *ecr.ECR, name string, scanOnPush bool) (err error) { + input := &ecr.CreateRepositoryInput{} + input.SetRepositoryName(name) + input.SetImageScanningConfiguration(&ecr.ImageScanningConfiguration{ScanOnPush: &scanOnPush}) + _, err = svc.CreateRepository(input) + if err != nil { + if aerr, ok := err.(awserr.Error); ok && aerr.Code() == ecr.ErrCodeRepositoryAlreadyExistsException { + // eat it, we skip checking for existing to save two requests + err = nil + } + } + + return +} + +func updateImageScannningConfig(svc *ecr.ECR, name string, scanOnPush bool) (err error) { + input := &ecr.PutImageScanningConfigurationInput{} + input.SetRepositoryName(name) + input.SetImageScanningConfiguration(&ecr.ImageScanningConfiguration{ScanOnPush: &scanOnPush}) + _, err = svc.PutImageScanningConfiguration(input) + + return err +} + +func uploadLifeCyclePolicy(svc *ecr.ECR, lifecyclePolicy string, name string) (err error) { + input := &ecr.PutLifecyclePolicyInput{} + input.SetLifecyclePolicyText(lifecyclePolicy) + input.SetRepositoryName(name) + _, err = svc.PutLifecyclePolicy(input) + + return err +} + +func uploadRepositoryPolicy(svc *ecr.ECR, repositoryPolicy string, name string) (err error) { + input := &ecr.SetRepositoryPolicyInput{} + input.SetPolicyText(repositoryPolicy) + input.SetRepositoryName(name) + _, err = svc.SetRepositoryPolicy(input) + + return err +} + +func getAuthInfo(svc *ecr.ECR) (username, password, registry string, err error) { + var result *ecr.GetAuthorizationTokenOutput + var decoded []byte + + result, err = svc.GetAuthorizationToken(&ecr.GetAuthorizationTokenInput{}) + if err != nil { + return + } + + auth := result.AuthorizationData[0] + token := *auth.AuthorizationToken + decoded, err = base64.StdEncoding.DecodeString(token) + if err != nil { + return + } + + registry = strings.TrimPrefix(*auth.ProxyEndpoint, "https://") + creds := strings.Split(string(decoded), ":") + username = creds[0] + password = creds[1] + return +} + +func getECRClient(sess *session.Session, role string, externalId string) *ecr.ECR { + if role == "" { + return ecr.New(sess) + } + if externalId != "" { + return ecr.New(sess, &aws.Config{ + Credentials: stscreds.NewCredentials(sess, role, func(p *stscreds.AssumeRoleProvider) { + p.ExternalID = &externalId + }), + }) + } else { + return ecr.New(sess, &aws.Config{ + Credentials: stscreds.NewCredentials(sess, role), + }) + } +} diff --git a/plugin/impl.go b/plugin/impl.go index 720fbeb..38a48f6 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -37,11 +37,17 @@ type Daemon struct { // Login defines Docker login parameters. type Login struct { + // Generic Registry string // Docker registry address Username string // Docker registry username Password string // Docker registry password Email string // Docker registry email Config string // Docker Auth Config + + // ECR + Aws_access_key_id string `json:"aws_access_key_id"` // AWS access key id + Aws_secret_access_key string `json:"aws_secret_access_key"` // AWS secret access key + Aws_region string `json:"aws_region"` // AWS region } // Build defines Docker build parameters. @@ -75,6 +81,16 @@ type Build struct { // Settings for the Plugin. type Settings struct { + // ECR + AwsRegion string `json:"aws_region"` // AWS region + ScanOnPush bool // ECR scan on push + RepositoryPolicy string // ECR repository policy + LifecyclePolicy string // ECR lifecycle policy + CreateRepository bool // ECR create repository + AwsAccessKeyId string `json:"aws_access_key_id"` // AWS access key id + AwsSecretAccessKey string `json:"aws_secret_access_key"` // AWS secret access key + + // Generic Daemon Daemon Logins []Login LoginsRaw string @@ -99,6 +115,17 @@ func (p *Plugin) InitSettings() error { p.settings.Build.Branch = p.pipeline.Repo.Branch p.settings.Build.Ref = p.pipeline.Commit.Ref + // check if any Login struct contains AWS credentials + for _, login := range p.settings.Logins { + if strings.Contains(login.Registry, "amazonaws.com") { + p.EcrInit() + } + } + + if p.settings.AwsAccessKeyId != "" && p.settings.AwsSecretAccessKey != "" { + p.EcrInit() + } + if len(p.settings.Logins) == 0 { p.settings.Logins = []Login{p.settings.DefaultLogin} } else if !p.settings.DefaultLogin.anonymous() { From 5f5b2d416141e53e7c6f081d986c1b64f0821f74 Mon Sep 17 00:00:00 2001 From: pat-s Date: Sat, 30 Dec 2023 13:50:43 +0000 Subject: [PATCH 23/54] Document ECR settings and prefix settings with `ecr_` (#115) Prefixing to make the settings easier to distinguish from non-ECR ones. Also expanded the multi-repo push example. Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/115 Reviewed-by: qwerty287 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: pat-s Co-committed-by: pat-s --- cmd/docker-buildx/config.go | 20 ++-- docs.md | 195 +++++++++++++++++++----------------- plugin/ecr.go | 14 +-- plugin/impl.go | 14 +-- 4 files changed, 128 insertions(+), 115 deletions(-) diff --git a/cmd/docker-buildx/config.go b/cmd/docker-buildx/config.go index 4038fe8..e6418c3 100644 --- a/cmd/docker-buildx/config.go +++ b/cmd/docker-buildx/config.go @@ -309,27 +309,27 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag { }, &cli.BoolFlag{ Name: "ecr.create_repository", - EnvVars: []string{"PLUGIN_CREATE_REPOSITORY"}, + EnvVars: []string{"PLUGIN_ECR_CREATE_REPOSITORY"}, Usage: "creates the ECR repository if it does not exist", - Destination: &settings.CreateRepository, + Destination: &settings.EcrCreateRepository, }, &cli.StringFlag{ Name: "ecr.lifecycle_policy", - EnvVars: []string{"PLUGIN_LIFECYCLE_POLICY"}, + EnvVars: []string{"PLUGIN_ECR_LIFECYCLE_POLICY"}, Usage: "AWS ECR lifecycle policy", - Destination: &settings.LifecyclePolicy, + Destination: &settings.EcrLifecyclePolicy, }, &cli.StringFlag{ - Name: "ecr.repository_policy", - EnvVars: []string{"PLUGIN_REPOSITORY_POLICY"}, + Name: "ecr.repository_policy", + EnvVars: []string{"PLUGIN_ECR_REPOSITORY_POLICY"}, Usage: "AWS ECR repository policy", - Destination: &settings.RepositoryPolicy, + Destination: &settings.EcrRepositoryPolicy, }, &cli.BoolFlag{ - Name: "ecr.scan_on_push", - EnvVars: []string{"PLUGIN_SCAN_ON_PUSH"}, + Name: "ecr.scan_on_push", + EnvVars: []string{"PLUGIN_ECR_SCAN_ON_PUSH"}, Usage: "AWS: whether to enable image scanning on push", - Destination: &settings.ScanOnPush, + Destination: &settings.EcrScanOnPush, }, } } diff --git a/docs.md b/docs.md index 6385107..734ec4b 100644 --- a/docs.md +++ b/docs.md @@ -28,17 +28,21 @@ It will automatically generate buildkit configuration to use custom CA certifica ## Settings -| Settings Name | Default | Description -| --------------------------| ----------------- | -------------------------------------------- -| `dry-run` | `false` | disables docker push -| `repo` | *none* | sets repository name for the image (can be a list) -| `username` | *none* | sets username to authenticates with -| `password` | *none* | sets password / token to authenticates with -| `email` | *none* | sets email address to authenticates with -| `registry` | `https://index.docker.io/v1/` | sets docker registry to authenticate with -| `dockerfile` | `Dockerfile` | sets dockerfile to use for the image build -| `tag`/`tags` | *none* | sets repository tags to use for the image -| `platforms` | *none* | sets target platform for build +| Settings Name | Default | Description | +| ----------------------- | ----------------------------- | -------------------------------------------------- | +| `dry-run` | `false` | disables docker push | +| `repo` | _none_ | sets repository name for the image (can be a list) | +| `username` | _none_ | sets username to authenticates with | +| `password` | _none_ | sets password / token to authenticates with | +| `aws_access_key_id` | _none_ | sets AWS_ACCESS_KEY_ID for AWS ECR auth | +| `aws_secret_access_key` | _none_ | sets AWS_SECRET_ACCESS_KEY for AWS ECR auth | +| `aws_region` | `us-east-1` | sets AWS_DEFAULT_REGION for AWS ECR auth | +| `password` | _none_ | sets password / token to authenticates with | +| `email` | _none_ | sets email address to authenticates with | +| `registry` | `https://index.docker.io/v1/` | sets docker registry to authenticate with | +| `dockerfile` | `Dockerfile` | sets dockerfile to use for the image build | +| `tag`/`tags` | _none_ | sets repository tags to use for the image | +| `platforms` | _none_ | sets target platform for build | ## auto_tag @@ -49,81 +53,85 @@ If it's not a tag event, and no default branch, automated tags are skipped. ## Examples ```yaml - publish-next-agent: - image: woodpeckerci/plugin-docker-buildx - secrets: [docker_username, docker_password] - settings: - repo: woodpeckerci/woodpecker-agent - dockerfile: docker/Dockerfile.agent.multiarch - platforms: windows/amd64,darwin/amd64,darwin/arm64,freebsd/amd64,linux/amd64,linux/arm64/v8 - tag: next - when: - branch: ${CI_REPO_DEFAULT_BRANCH} - event: push +publish-next-agent: + image: woodpeckerci/plugin-docker-buildx + secrets: [docker_username, docker_password] + settings: + repo: woodpeckerci/woodpecker-agent + dockerfile: docker/Dockerfile.agent.multiarch + platforms: windows/amd64,darwin/amd64,darwin/arm64,freebsd/amd64,linux/amd64,linux/arm64/v8 + tag: next + when: + branch: ${CI_REPO_DEFAULT_BRANCH} + event: push ``` ```yaml - publish: - image: woodpeckerci/plugin-docker-buildx - settings: - platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm64/v8,linux/ppc64le,linux/riscv64,linux/s390x - repo: codeberg.org/${CI_REPO_OWNER}/hello - registry: codeberg.org - tags: latest - username: ${CI_REPO_OWNER} - password: - from_secret: cb_token +publish: + image: woodpeckerci/plugin-docker-buildx + settings: + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm64/v8,linux/ppc64le,linux/riscv64,linux/s390x + repo: codeberg.org/${CI_REPO_OWNER}/hello + registry: codeberg.org + tags: latest + username: ${CI_REPO_OWNER} + password: + from_secret: cb_token ``` ```yaml - docker-build: - image: woodpeckerci/plugin-docker-buildx - settings: - repo: codeberg.org/${CI_REPO_OWNER}/hello - registry: codeberg.org - dry_run: true - output: type=oci,dest=${CI_REPO_OWNER}-hello.tar +docker-build: + image: woodpeckerci/plugin-docker-buildx + settings: + repo: codeberg.org/${CI_REPO_OWNER}/hello + registry: codeberg.org + dry_run: true + output: type=oci,dest=${CI_REPO_OWNER}-hello.tar ``` ## Advanced Settings -| Settings Name | Default | Description -| --------------------------| ----------------- | -------------------------------------------- -| `mirror` | *none* | sets a registry mirror to pull images -| `storage_driver` | *none* | sets the docker daemon storage driver -| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path -| `bip` | *none* | allows the docker daemon to bride ip address -| `mtu` | *none* | sets docker daemon custom mtu setting -| `custom_dns` | *none* | sets custom docker daemon dns server -| `custom_dns_search` | *none* | sets custom docker daemon dns search domain -| `insecure` | `false` | allows the docker daemon to use insecure registries -| `ipv6` | `false` | enables docker daemon IPv6 support -| `experimental` | `false` | enables docker daemon experimental mode -| `debug` | `false` | enables verbose debug mode for the docker daemon -| `daemon_off` | `false` | disables the startup of the docker daemon -| `buildkit_config` | *none* | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) -| `buildkit_driveropt` | *none* | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance -| `tags_file` | *none* | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline -| `context` | `.` | sets the path of the build context to use -| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via `tags` are additionally added to the auto_tags without suffix -| `default_suffix"`/`auto_tag_suffix`| *none* | generates tag names with the given suffix -| `default_tag` | `latest` | overrides the default tag name used when generating with `auto_tag` enabled -| `label`/`labels` | *none* | sets labels to use for the image in format `=` -| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information -| `build_args` | *none* | sets custom build arguments for the build -| `build_args_from_env` | *none* | forwards environment variables as custom arguments to the build -| `quiet` | `false` | enables suppression of the build output -| `target` | *none* | sets the build target to use -| `cache_from` | *none* | sets images to consider as cache sources -| `pull_image` | `true` | enforces to pull base image at build time -| `compress` | `false` | enables compression of the build context using gzip -| `config` | *none* | sets content of the docker daemon json config -| `purge` | `true` | enables cleanup of the docker environment at the end of a build -| `no_cache` | `false` | disables the usage of cached intermediate containers -| `add_host` | *none* | sets additional host:ip mapping -| `output` | *none* | sets build output in format `type=[,=]` -| `logins` | *none* | option to log into multiple registries -| `env_file` | *none* | load env vars from specified file +| Settings Name | Default | Description | +| ----------------------------------- | ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | +| `mirror` | _none_ | sets a registry mirror to pull images | +| `storage_driver` | _none_ | sets the docker daemon storage driver | +| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path | +| `bip` | _none_ | allows the docker daemon to bride ip address | +| `mtu` | _none_ | sets docker daemon custom mtu setting | +| `custom_dns` | _none_ | sets custom docker daemon dns server | +| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain | +| `insecure` | `false` | allows the docker daemon to use insecure registries | +| `ipv6` | `false` | enables docker daemon IPv6 support | +| `experimental` | `false` | enables docker daemon experimental mode | +| `debug` | `false` | enables verbose debug mode for the docker daemon | +| `daemon_off` | `false` | disables the startup of the docker daemon | +| `buildkit_config` | _none_ | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | +| `buildkit_driveropt` | _none_ | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance | +| `tags_file` | _none_ | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | +| `context` | `.` | sets the path of the build context to use | +| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via `tags` are additionally added to the auto_tags without suffix | +| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix | +| `default_tag` | `latest` | overrides the default tag name used when generating with `auto_tag` enabled | +| `label`/`labels` | _none_ | sets labels to use for the image in format `=` | +| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information | +| `build_args` | _none_ | sets custom build arguments for the build | +| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build | +| `quiet` | `false` | enables suppression of the build output | +| `target` | _none_ | sets the build target to use | +| `cache_from` | _none_ | sets images to consider as cache sources | +| `pull_image` | `true` | enforces to pull base image at build time | +| `compress` | `false` | enables compression of the build context using gzip | +| `config` | _none_ | sets content of the docker daemon json config | +| `purge` | `true` | enables cleanup of the docker environment at the end of a build | +| `no_cache` | `false` | disables the usage of cached intermediate containers | +| `add_host` | _none_ | sets additional host:ip mapping | +| `output` | _none_ | sets build output in format `type=[,=]` | +| `logins` | _none_ | option to log into multiple registries | +| `env_file` | _none_ | load env vars from specified file | +| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist | +| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy | +| `ecr_repository_policy` | _none_ | AWS ECR repository policy | +| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push | ## Multi registry push example @@ -142,9 +150,14 @@ settings: username: "6543" password: from_secret: cb_token + - registry: https://.dkr.ecr..amazonaws.com + aws_region: + aws_access_key_id: + from_secret: aws_access_key_id + aws_secret_access_key: + from_secret: aws_secret_access_key ``` - ## Using `plugin-docker-buildx` behind a proxy When performing a docker build behind a corporate proxy one needs to pass through the proxy settings to the plugin. @@ -153,18 +166,18 @@ When performing a docker build behind a corporate proxy one needs to pass throug variables: # proxy config - proxy_conf: &proxy_conf - - http_proxy: 'http://X.Y.Z.Z:3128' - - https_proxy: 'http://X.Y.Z.Z:3128' - - no_proxy: '.my-subdomain.com' + - http_proxy: "http://X.Y.Z.Z:3128" + - https_proxy: "http://X.Y.Z.Z:3128" + - no_proxy: ".my-subdomain.com" # deployment targets - - &publish_repos 'codeberg.org/test' + - &publish_repos "codeberg.org/test" # logins for deployment targets - publish_logins: &publish_logins - - registry: https://codeberg.org - username: - from_secret: CODEBERG_USER - password: - from_secret: CODEBERG_TOKEN + - registry: https://codeberg.org + username: + from_secret: CODEBERG_USER + password: + from_secret: CODEBERG_TOKEN steps: test: @@ -189,9 +202,9 @@ steps: build_args: # passthrough proxy config to the build process and Dockerfile CMDs itself. - <<: *proxy_conf - # add driver-opt http config to tell buildkit + buildx to resolve external checksums through a proxy. + # add driver-opt http config to tell buildkit + buildx to resolve external checksums through a proxy. buildkit_driveropt: - - 'env.http_proxy=http://X.Y.Z.Z:3128' - - 'env.https_proxy=http://X.Y.Z.Z:3128' - - 'env.no_proxy=.my-subdomain.com' -``` \ No newline at end of file + - "env.http_proxy=http://X.Y.Z.Z:3128" + - "env.https_proxy=http://X.Y.Z.Z:3128" + - "env.no_proxy=.my-subdomain.com" +``` diff --git a/plugin/ecr.go b/plugin/ecr.go index ed91494..7579d21 100644 --- a/plugin/ecr.go +++ b/plugin/ecr.go @@ -90,19 +90,19 @@ func (p *Plugin) EcrInit() { repo = fmt.Sprintf("%s/%s", registry, repo) } - if p.settings.CreateRepository { - err = ensureRepoExists(svc, trimHostname(repo, registry), p.settings.ScanOnPush) + if p.settings.EcrCreateRepository { + err = ensureRepoExists(svc, trimHostname(repo, registry), p.settings.EcrScanOnPush) if err != nil { log.Fatalf("error creating ECR repo: %v", err) } - err = updateImageScannningConfig(svc, trimHostname(repo, registry), p.settings.ScanOnPush) + err = updateImageScannningConfig(svc, trimHostname(repo, registry), p.settings.EcrScanOnPush) if err != nil { log.Fatalf("error updating scan on push for ECR repo: %v", err) } } - if p.settings.LifecyclePolicy != "" { - p, err := os.ReadFile(p.settings.LifecyclePolicy) + if p.settings.EcrLifecyclePolicy != "" { + p, err := os.ReadFile(p.settings.EcrLifecyclePolicy) if err != nil { log.Fatal(err) } @@ -111,8 +111,8 @@ func (p *Plugin) EcrInit() { } } - if p.settings.RepositoryPolicy != "" { - p, err := os.ReadFile(p.settings.RepositoryPolicy) + if p.settings.EcrRepositoryPolicy != "" { + p, err := os.ReadFile(p.settings.EcrRepositoryPolicy) if err != nil { log.Fatal(err) } diff --git a/plugin/impl.go b/plugin/impl.go index 38a48f6..69a27ab 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -82,13 +82,13 @@ type Build struct { // Settings for the Plugin. type Settings struct { // ECR - AwsRegion string `json:"aws_region"` // AWS region - ScanOnPush bool // ECR scan on push - RepositoryPolicy string // ECR repository policy - LifecyclePolicy string // ECR lifecycle policy - CreateRepository bool // ECR create repository - AwsAccessKeyId string `json:"aws_access_key_id"` // AWS access key id - AwsSecretAccessKey string `json:"aws_secret_access_key"` // AWS secret access key + AwsRegion string `json:"aws_region"` // AWS region + EcrScanOnPush bool `json:"ecr_scan_on_push"` // ECR scan on push + EcrRepositoryPolicy string `json:"ecr_repository_policy"` // ECR repository policy + EcrLifecyclePolicy string `json:"ecr_lifecycle_policy"` // ECR lifecycle policy + EcrCreateRepository bool `json:"ecr_create_repository"` // ECR create repository + AwsAccessKeyId string `json:"aws_access_key_id"` // AWS access key id + AwsSecretAccessKey string `json:"aws_secret_access_key"` // AWS secret access key // Generic Daemon Daemon From 2b05d0a014d92f4fd8372dd899c81cfed4db35e4 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sun, 31 Dec 2023 00:16:53 +0000 Subject: [PATCH 24/54] fix(deps): update module github.com/urfave/cli/v2 to v2.27.1 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 7f25329..5b5ba24 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 - github.com/urfave/cli/v2 v2.27.0 + github.com/urfave/cli/v2 v2.27.1 golang.org/x/lint v0.0.0-20210508222113-6edffad5e616 honnef.co/go/tools v0.4.6 ) diff --git a/go.sum b/go.sum index 47cfb98..c6862b3 100644 --- a/go.sum +++ b/go.sum @@ -36,6 +36,8 @@ github.com/urfave/cli/v2 v2.26.0 h1:3f3AMg3HpThFNT4I++TKOejZO8yU55t3JnnSr4S4QEI= github.com/urfave/cli/v2 v2.26.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/urfave/cli/v2 v2.27.0 h1:uNs1K8JwTFL84X68j5Fjny6hfANh9nTlJ6dRtZAFAHY= github.com/urfave/cli/v2 v2.27.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= +github.com/urfave/cli/v2 v2.27.1 h1:8xSQ6szndafKVRmfyeUMxkNUJQMjL1F2zmsZ+qHpfho= +github.com/urfave/cli/v2 v2.27.1/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= From 0d7dfb256611509771c5d51d9d6b65fa36480ee8 Mon Sep 17 00:00:00 2001 From: OCram85 Date: Mon, 1 Jan 2024 20:33:44 +0000 Subject: [PATCH 25/54] adds gitea meta template files for pull requests and issues (#103) adds gitea metafiles for: - Pull-Request template - https://gitea.ocram85.com/OCram85/gitea-template-test/compare/main...placeholer - Issue-Templates - Bug report related - https://gitea.ocram85.com/OCram85/gitea-template-test/issues/new?template=.gitea%2fISSUE_TEMPLATE%2fBug.yml - Feature request related - https://gitea.ocram85.com/OCram85/gitea-template-test/issues/new?template=.gitea%2fISSUE_TEMPLATE%2fFeature.yml - Question related - https://gitea.ocram85.com/OCram85/gitea-template-test/issues/new?template=.gitea%2fISSUE_TEMPLATE%2fQuestion.yml - Default template - https://gitea.ocram85.com/OCram85/gitea-template-test/issues/new? > **Note**: The templates come with their own fields and also maps the correct issue labels on creation. > > Follow the links to show an input preview. ![image](/attachments/9c9d42b7-4c1f-47a8-9ae6-818e641ed096) Co-authored-by: Patrick Schratz Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/103 Reviewed-by: Patrick Schratz Co-authored-by: OCram85 Co-committed-by: OCram85 --- .gitea/ISSUE_TEMPLATE.yml | 16 +++++++ .gitea/ISSUE_TEMPLATE/Bug.yml | 69 ++++++++++++++++++++++++++++++ .gitea/ISSUE_TEMPLATE/Feature.yml | 46 ++++++++++++++++++++ .gitea/ISSUE_TEMPLATE/Question.yml | 18 ++++++++ .gitea/PULL_REQUEST_TEMPLATE.yml | 41 ++++++++++++++++++ 5 files changed, 190 insertions(+) create mode 100644 .gitea/ISSUE_TEMPLATE.yml create mode 100644 .gitea/ISSUE_TEMPLATE/Bug.yml create mode 100644 .gitea/ISSUE_TEMPLATE/Feature.yml create mode 100644 .gitea/ISSUE_TEMPLATE/Question.yml create mode 100644 .gitea/PULL_REQUEST_TEMPLATE.yml diff --git a/.gitea/ISSUE_TEMPLATE.yml b/.gitea/ISSUE_TEMPLATE.yml new file mode 100644 index 0000000..6d80569 --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE.yml @@ -0,0 +1,16 @@ +name: Default +about: Use this template if nothing seems to work. +title: '' +body: + - type: markdown + attributes: + value: | + > **Note**: Thanks for taking the time to fill out this bug report! + - type: textarea + id: content + attributes: + label: ❔ What happened + description: Simply ask your question here. + placeholder: Tell us what you want to know... + validations: + required: true diff --git a/.gitea/ISSUE_TEMPLATE/Bug.yml b/.gitea/ISSUE_TEMPLATE/Bug.yml new file mode 100644 index 0000000..b7480c2 --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/Bug.yml @@ -0,0 +1,69 @@ +name: 🐞 Bug Report +about: This template is used to report bugs! +title: '' +labels: + - bug +body: + - type: markdown + attributes: + value: | + > **Note**: This bug report is only for content provided in this repository! + > + > - Make sure you're able to reproduce the error in the lastest version of this package. + > - Search of already existing issues. + > - Refer to the known issues and FAQ section. + - type: textarea + id: reproduce + attributes: + label: πŸ’£ Steps to reproduce + description: Describe ho to reproduce the error. + value: | + ```bash + + ``` + validations: + required: true + - type: textarea + id: expected + attributes: + label: πŸš€ Expected behaviour + description: Describe what should happen. + value: | + ```bash + + ``` + validations: + required: true + - type: textarea + id: actual + attributes: + label: πŸ’₯ Actual behaviour + description: Describe what actually happens. + value: | + ```bash + + ``` + validations: + required: true + - type: textarea + id: env + attributes: + label: πŸ““ Environment data + description: You can add addional environment data here. + placeholder: | + ```bash + + ``` + - type: textarea + id: img + attributes: + label: πŸ–ΌοΈ Screenshots + description: Paste your screenshots here. + placeholder: Copy-Paste or Drag-and-Drop your images... + - type: textarea + id: refs + attributes: + label: πŸ”– Refs + description: A place for additional references to other issues and PRs. + placeholder: | + - reopens #999 diff --git a/.gitea/ISSUE_TEMPLATE/Feature.yml b/.gitea/ISSUE_TEMPLATE/Feature.yml new file mode 100644 index 0000000..6ae035a --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/Feature.yml @@ -0,0 +1,46 @@ +name: πŸ›Έ Feature Request +about: Wite about new features. +title: '' +labels: + - feature + - enhancement +body: + - type: markdown + attributes: + value: | + > **Note**: This bug report is only for content provided in this repository! + > + > This issue template is used to describe new features or enhancements. + - type: textarea + id: idea + attributes: + label: πŸ“‘ Suggestion + description: Describe ho to reproduce the error. + value: | + ```bash + + ``` + validations: + required: true + - type: textarea + id: impl + attributes: + label: πŸ›°οΈ Implementation ideas + description: Describe your initial implementation ideas. + validations: + required: true + - type: textarea + id: mockup + attributes: + label: πŸ–ΌοΈ Mock-up + description: Alternatively add your mockups here. + placeholder: Copy-Paste or Drag-and-Drop your images... + validations: + required: true + - type: textarea + id: refs + attributes: + label: πŸ”– Refs + description: A place for additional references to other issues and PRs. + placeholder: | + - reopens #999 diff --git a/.gitea/ISSUE_TEMPLATE/Question.yml b/.gitea/ISSUE_TEMPLATE/Question.yml new file mode 100644 index 0000000..bb4f083 --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/Question.yml @@ -0,0 +1,18 @@ +name: ❓ Question +about: Use this template if nothing seems to work. +title: '' +labels: + - question +body: + - type: markdown + attributes: + value: | + > **Note**: Thanks for taking the time to fill out this bug report! + - type: textarea + id: content + attributes: + label: ❔ What happened + description: Simply ask your question here. + placeholder: Tell us what you want to know... + validations: + required: true diff --git a/.gitea/PULL_REQUEST_TEMPLATE.yml b/.gitea/PULL_REQUEST_TEMPLATE.yml new file mode 100644 index 0000000..b9e7951 --- /dev/null +++ b/.gitea/PULL_REQUEST_TEMPLATE.yml @@ -0,0 +1,41 @@ +name: Pull Request +about: General pull request +title: "" +body: + - type: markdown + attributes: + value: | + > **Note**: Thanks for contributing to this project with your pull request! + + - type: textarea + id: summary + attributes: + label: πŸ“– Summary + description: Provide a summary of your changes. Also descibe the why... + placeholder: Tell us about your code changes. + + validations: + required: true + - type: dropdown + id: testplan + attributes: + label: πŸ“‘ Test Plan + description: How did you test your code changes? + options: + - βœ… CI pipeline tests (Default) + - πŸ€” Custom test + - πŸ’£ No test Plan + validations: + required: true + - type: textarea + id: details + attributes: + label: πŸ’¬ Details + description: Add your custom test details or justification for missing tests here. + placeholder: First, solve the problem. Then, write the code. + - type: textarea + id: notes + attributes: + label: πŸ“š Additional Notes + description: A place for additional notes or linking references. + placeholder: Software and cathedrals are much the same - First we build them, then we pray. From b39f5dc37229f6832c465ee6b10a88e8db18ac1c Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 1 Jan 2024 21:53:40 +0100 Subject: [PATCH 26/54] update issue and pr templates --- .gitea/ISSUE_TEMPLATE.yml | 1 + .gitea/ISSUE_TEMPLATE/Bug.yml | 69 ---------------------- .gitea/ISSUE_TEMPLATE/Feature.yml | 46 --------------- .gitea/ISSUE_TEMPLATE/Question.yml | 15 ++--- .gitea/ISSUE_TEMPLATE/bug_report.yml | 70 +++++++++++++++++++++++ .gitea/ISSUE_TEMPLATE/feature_request.yml | 33 +++++++++++ .gitea/PULL_REQUEST_TEMPLATE.yml | 25 +++----- 7 files changed, 115 insertions(+), 144 deletions(-) delete mode 100644 .gitea/ISSUE_TEMPLATE/Bug.yml delete mode 100644 .gitea/ISSUE_TEMPLATE/Feature.yml create mode 100644 .gitea/ISSUE_TEMPLATE/bug_report.yml create mode 100644 .gitea/ISSUE_TEMPLATE/feature_request.yml diff --git a/.gitea/ISSUE_TEMPLATE.yml b/.gitea/ISSUE_TEMPLATE.yml index 6d80569..eec8a98 100644 --- a/.gitea/ISSUE_TEMPLATE.yml +++ b/.gitea/ISSUE_TEMPLATE.yml @@ -14,3 +14,4 @@ body: placeholder: Tell us what you want to know... validations: required: true +blank_issues_enabled: true diff --git a/.gitea/ISSUE_TEMPLATE/Bug.yml b/.gitea/ISSUE_TEMPLATE/Bug.yml deleted file mode 100644 index b7480c2..0000000 --- a/.gitea/ISSUE_TEMPLATE/Bug.yml +++ /dev/null @@ -1,69 +0,0 @@ -name: 🐞 Bug Report -about: This template is used to report bugs! -title: '' -labels: - - bug -body: - - type: markdown - attributes: - value: | - > **Note**: This bug report is only for content provided in this repository! - > - > - Make sure you're able to reproduce the error in the lastest version of this package. - > - Search of already existing issues. - > - Refer to the known issues and FAQ section. - - type: textarea - id: reproduce - attributes: - label: πŸ’£ Steps to reproduce - description: Describe ho to reproduce the error. - value: | - ```bash - - ``` - validations: - required: true - - type: textarea - id: expected - attributes: - label: πŸš€ Expected behaviour - description: Describe what should happen. - value: | - ```bash - - ``` - validations: - required: true - - type: textarea - id: actual - attributes: - label: πŸ’₯ Actual behaviour - description: Describe what actually happens. - value: | - ```bash - - ``` - validations: - required: true - - type: textarea - id: env - attributes: - label: πŸ““ Environment data - description: You can add addional environment data here. - placeholder: | - ```bash - - ``` - - type: textarea - id: img - attributes: - label: πŸ–ΌοΈ Screenshots - description: Paste your screenshots here. - placeholder: Copy-Paste or Drag-and-Drop your images... - - type: textarea - id: refs - attributes: - label: πŸ”– Refs - description: A place for additional references to other issues and PRs. - placeholder: | - - reopens #999 diff --git a/.gitea/ISSUE_TEMPLATE/Feature.yml b/.gitea/ISSUE_TEMPLATE/Feature.yml deleted file mode 100644 index 6ae035a..0000000 --- a/.gitea/ISSUE_TEMPLATE/Feature.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: πŸ›Έ Feature Request -about: Wite about new features. -title: '' -labels: - - feature - - enhancement -body: - - type: markdown - attributes: - value: | - > **Note**: This bug report is only for content provided in this repository! - > - > This issue template is used to describe new features or enhancements. - - type: textarea - id: idea - attributes: - label: πŸ“‘ Suggestion - description: Describe ho to reproduce the error. - value: | - ```bash - - ``` - validations: - required: true - - type: textarea - id: impl - attributes: - label: πŸ›°οΈ Implementation ideas - description: Describe your initial implementation ideas. - validations: - required: true - - type: textarea - id: mockup - attributes: - label: πŸ–ΌοΈ Mock-up - description: Alternatively add your mockups here. - placeholder: Copy-Paste or Drag-and-Drop your images... - validations: - required: true - - type: textarea - id: refs - attributes: - label: πŸ”– Refs - description: A place for additional references to other issues and PRs. - placeholder: | - - reopens #999 diff --git a/.gitea/ISSUE_TEMPLATE/Question.yml b/.gitea/ISSUE_TEMPLATE/Question.yml index bb4f083..368c6e2 100644 --- a/.gitea/ISSUE_TEMPLATE/Question.yml +++ b/.gitea/ISSUE_TEMPLATE/Question.yml @@ -1,18 +1,11 @@ name: ❓ Question -about: Use this template if nothing seems to work. -title: '' +about: Ask a question. +title: "" labels: - question body: - - type: markdown - attributes: - value: | - > **Note**: Thanks for taking the time to fill out this bug report! - type: textarea id: content attributes: - label: ❔ What happened - description: Simply ask your question here. - placeholder: Tell us what you want to know... - validations: - required: true + label: Question content + diff --git a/.gitea/ISSUE_TEMPLATE/bug_report.yml b/.gitea/ISSUE_TEMPLATE/bug_report.yml new file mode 100644 index 0000000..669c33b --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/bug_report.yml @@ -0,0 +1,70 @@ +name: 🐞 Bug Report +about: This template is used to report bugs! +title: "" +labels: + - bug + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this bug report! + - type: dropdown + id: component + attributes: + label: Component + description: Which component of Woodpecker is affected by the issue? + multiple: true + options: + - server + - agent + - cli + - web-ui + - other + validations: + required: true + - type: textarea + id: bug-description + attributes: + label: Describe the bug + description: A clear and concise description of what the bug is. If you intend to submit a PR for this issue, tell us in the description. Thanks! + placeholder: Bug description + validations: + required: true + - type: textarea + id: system-info + attributes: + label: System Info + description: Output of `https:///version` + render: shell + placeholder: Version info, docker-compose config, Kubernetes manifests + validations: + required: true + - type: textarea + id: additional-context + attributes: + label: Additional context + description: | + Logs? Screenshots? Anything that will give us more context about the issue you are encountering! + Sometimes a picture is worth a thousand words, but please try not to insert an image of logs / text + and copy paste the text instead. + + Tip: You can attach images by clicking this area to highlight it and then dragging files in. + validations: + required: false + - type: checkboxes + id: checkboxes + attributes: + label: Validations + description: Before submitting the issue, please make sure you do the following + options: + # - label: Follow our [Code of Conduct](https://github.com/woodpecker-ci/woodpecker/blob/main/CODE_OF_CONDUCT.md) + # required: true + - label: Read the [Contributing Guidelines](https://github.com/woodpecker-ci/woodpecker/blob/main/CONTRIBUTING.md). + required: true + - label: Read the [docs](https://woodpecker-ci.org/docs/intro). + required: true + - label: Check that there isn't [already an issue](https://github.com/woodpecker-ci/woodpecker/issues) that reports the same bug to avoid creating a duplicate. + required: true + - label: Checked that the bug isn't fixed in the `next` version already [https://woodpecker-ci.org/faq#which-version-of-woodpecker-should-i-use] + required: true + - label: Check that this is a concrete bug. For Q&A join our [Discord Chat Server](https://discord.gg/fcMQqSMXJy) or the [Matrix room](https://matrix.to/#/#woodpecker:matrix.org). + required: true diff --git a/.gitea/ISSUE_TEMPLATE/feature_request.yml b/.gitea/ISSUE_TEMPLATE/feature_request.yml new file mode 100644 index 0000000..2203dce --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/feature_request.yml @@ -0,0 +1,33 @@ +name: "\U0001F680 New feature proposal" +description: Propose a new feature to be added +title: "" +labels: ["feature"] +body: + - type: markdown + attributes: + value: | + Thanks for your interest in the project and taking the time to fill out this feature report! + - type: textarea + id: feature-description + attributes: + label: Clear and concise description of the problem + description: "As a user of Woodpecker I want [goal / wish] so that [benefit]. If you intend to submit a PR for this issue, tell us in the description." + validations: + required: true + - type: textarea + id: suggested-solution + attributes: + label: Suggested solution + description: "In web-ui / config we could provide following functionality..." + validations: + required: true + - type: textarea + id: alternative + attributes: + label: Alternative + description: Clear and concise description of any alternative solutions or features you've considered. + - type: textarea + id: additional-context + attributes: + label: Additional context + description: Any other context or screenshots about the feature request here. diff --git a/.gitea/PULL_REQUEST_TEMPLATE.yml b/.gitea/PULL_REQUEST_TEMPLATE.yml index b9e7951..533db78 100644 --- a/.gitea/PULL_REQUEST_TEMPLATE.yml +++ b/.gitea/PULL_REQUEST_TEMPLATE.yml @@ -6,36 +6,25 @@ body: attributes: value: | > **Note**: Thanks for contributing to this project with your pull request! - - type: textarea id: summary attributes: label: πŸ“– Summary - description: Provide a summary of your changes. Also descibe the why... - placeholder: Tell us about your code changes. - + description: Provide a concise summary of the changes. Ideally broken down to multiple bullet points. Please add details and longer text blocks to "Details" below. validations: required: true - type: dropdown - id: testplan + id: build_pr_images attributes: - label: πŸ“‘ Test Plan - description: How did you test your code changes? + label: πŸ“‘ Build PR Images? + description: Should docker images be built for this PR and uploaded to Dockerhub? If so, a maintainer will add the `build_pr_images` label to this PR if this option is selected. options: - - βœ… CI pipeline tests (Default) - - πŸ€” Custom test - - πŸ’£ No test Plan + - PR images are not needed + - βœ… Yes, please build PR images validations: required: true - type: textarea id: details attributes: label: πŸ’¬ Details - description: Add your custom test details or justification for missing tests here. - placeholder: First, solve the problem. Then, write the code. - - type: textarea - id: notes - attributes: - label: πŸ“š Additional Notes - description: A place for additional notes or linking references. - placeholder: Software and cathedrals are much the same - First we build them, then we pray. + description: Add additional information here. From 5dd0b396781369af835763c86fe4f3ba21d41bc7 Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 1 Jan 2024 21:57:58 +0100 Subject: [PATCH 27/54] fix issue template issues --- .gitea/ISSUE_TEMPLATE.yml | 7 +++++++ .gitea/ISSUE_TEMPLATE/bug_report.yml | 1 + .gitea/PULL_REQUEST_TEMPLATE.yml | 2 +- 3 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.gitea/ISSUE_TEMPLATE.yml b/.gitea/ISSUE_TEMPLATE.yml index eec8a98..6bb685f 100644 --- a/.gitea/ISSUE_TEMPLATE.yml +++ b/.gitea/ISSUE_TEMPLATE.yml @@ -15,3 +15,10 @@ body: validations: required: true blank_issues_enabled: true +contact_links: + - name: Ask a question in our Matrix room + about: If you prefer a chat-like conversation or in need for quick help, this might be an alternative to opening an issue. + url: https://matrix.to/#/#woodpecker:matrix.org + - name: Frequently Asked Questions + url: https://woodpecker-ci.org/faq + about: Check the FAQs for common questions. diff --git a/.gitea/ISSUE_TEMPLATE/bug_report.yml b/.gitea/ISSUE_TEMPLATE/bug_report.yml index 669c33b..76dac7d 100644 --- a/.gitea/ISSUE_TEMPLATE/bug_report.yml +++ b/.gitea/ISSUE_TEMPLATE/bug_report.yml @@ -3,6 +3,7 @@ about: This template is used to report bugs! title: "" labels: - bug +body: - type: markdown attributes: value: | diff --git a/.gitea/PULL_REQUEST_TEMPLATE.yml b/.gitea/PULL_REQUEST_TEMPLATE.yml index 533db78..15e71da 100644 --- a/.gitea/PULL_REQUEST_TEMPLATE.yml +++ b/.gitea/PULL_REQUEST_TEMPLATE.yml @@ -5,7 +5,7 @@ body: - type: markdown attributes: value: | - > **Note**: Thanks for contributing to this project with your pull request! + Thanks for contributing to this project with your pull request! - type: textarea id: summary attributes: From ff8ada357eba2996348e1dd6d5a2a6e265dec246 Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 1 Jan 2024 22:03:24 +0100 Subject: [PATCH 28/54] add `config.yml` to issue template --- .gitea/ISSUE_TEMPLATE.yml | 8 -------- .gitea/ISSUE_TEMPLATE/Question.yml | 2 +- .gitea/ISSUE_TEMPLATE/bug_report.yml | 4 ++-- .gitea/ISSUE_TEMPLATE/config.yml | 8 ++++++++ 4 files changed, 11 insertions(+), 11 deletions(-) create mode 100644 .gitea/ISSUE_TEMPLATE/config.yml diff --git a/.gitea/ISSUE_TEMPLATE.yml b/.gitea/ISSUE_TEMPLATE.yml index 6bb685f..6d80569 100644 --- a/.gitea/ISSUE_TEMPLATE.yml +++ b/.gitea/ISSUE_TEMPLATE.yml @@ -14,11 +14,3 @@ body: placeholder: Tell us what you want to know... validations: required: true -blank_issues_enabled: true -contact_links: - - name: Ask a question in our Matrix room - about: If you prefer a chat-like conversation or in need for quick help, this might be an alternative to opening an issue. - url: https://matrix.to/#/#woodpecker:matrix.org - - name: Frequently Asked Questions - url: https://woodpecker-ci.org/faq - about: Check the FAQs for common questions. diff --git a/.gitea/ISSUE_TEMPLATE/Question.yml b/.gitea/ISSUE_TEMPLATE/Question.yml index 368c6e2..d68a07f 100644 --- a/.gitea/ISSUE_TEMPLATE/Question.yml +++ b/.gitea/ISSUE_TEMPLATE/Question.yml @@ -1,5 +1,5 @@ name: ❓ Question -about: Ask a question. +about: Ask a question title: "" labels: - question diff --git a/.gitea/ISSUE_TEMPLATE/bug_report.yml b/.gitea/ISSUE_TEMPLATE/bug_report.yml index 76dac7d..6a1fbbe 100644 --- a/.gitea/ISSUE_TEMPLATE/bug_report.yml +++ b/.gitea/ISSUE_TEMPLATE/bug_report.yml @@ -1,5 +1,5 @@ -name: 🐞 Bug Report -about: This template is used to report bugs! +name: "\U0001F41E Bug report" +about: Report an issue with the plugin title: "" labels: - bug diff --git a/.gitea/ISSUE_TEMPLATE/config.yml b/.gitea/ISSUE_TEMPLATE/config.yml new file mode 100644 index 0000000..ee41641 --- /dev/null +++ b/.gitea/ISSUE_TEMPLATE/config.yml @@ -0,0 +1,8 @@ +blank_issues_enabled: true +contact_links: + - name: Ask a question in our Matrix room + about: If you prefer a chat-like conversation or in need for quick help, this might be an alternative to opening an issue. + url: https://matrix.to/#/#woodpecker:matrix.org + - name: Frequently Asked Questions + url: https://woodpecker-ci.org/faq + about: Check the FAQs for common questions. From f7ad298bfa852db1b2decdc0ad6ff61afa5fc6cc Mon Sep 17 00:00:00 2001 From: pat-s Date: Mon, 1 Jan 2024 22:21:41 +0100 Subject: [PATCH 29/54] update README --- .markdownlint.yml | 4 ++++ README.md | 22 ++++++++++++++++++++-- 2 files changed, 24 insertions(+), 2 deletions(-) diff --git a/.markdownlint.yml b/.markdownlint.yml index b59a114..53d3923 100644 --- a/.markdownlint.yml +++ b/.markdownlint.yml @@ -4,3 +4,7 @@ MD013: False MD041: False MD004: style: dash + +MD033: + # Allowed elements + allowed_elements: [details, summary, img, a, br, p] diff --git a/README.md b/README.md index de410c6..bd89efd 100644 --- a/README.md +++ b/README.md @@ -1,11 +1,29 @@ # plugin-docker-buildx - - Get it on Codeberg +
+

+ + status-badge + + Latest release + + + Matrix space + + + Docker pulls + + + License: Apache-2.0 + +

+
Woodpecker CI plugin to build multiarch Docker images with [buildx](https://duckduckgo.com/?q=docker+buildx&ia=web). This plugin was initially a fork of [thegeeklab/drone-docker-buildx](https://github.com/thegeeklab/drone-docker-buildx/) (now archived in favor of this plugin) which itself was a fork of [drone-plugins/drone-docker](https://github.com/drone-plugins/drone-docker). +I also contains the ability to publish to AWS ECR which was previously provided by [drone-plugins/drone-ecr](https://github.com/drone-plugins/drone-docker/tree/master/cmd/drone-ecr). You can find the full documentation at [woodpecker-ci.org](https://woodpecker-ci.org/plugins/Docker%20Buildx) ([docs.md](./docs.md)). ## Images From 5be066ff28f71cf53778030a9ff6566e64a9baae Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Tue, 2 Jan 2024 00:08:16 +0000 Subject: [PATCH 30/54] chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v2.3.0 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index fb3cc23..9fa542b 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,7 +7,7 @@ when: variables: - &golang "golang:1.21" - - &build_plugin "woodpeckerci/plugin-docker-buildx:2.2.1" + - &build_plugin "woodpeckerci/plugin-docker-buildx:2.3.0" - base_settings: &base_buildx_settings platforms: "linux/amd64,linux/arm64" dockerfile: Dockerfile.multiarch From fd51808d6e81d12272dd532327db1df4aafea900 Mon Sep 17 00:00:00 2001 From: bretello Date: Wed, 3 Jan 2024 14:19:40 +0000 Subject: [PATCH 31/54] docs: fx dry-run usage (#117) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### πŸ“– Summary fix usage of `dry-run` option in docs example. It is supposed to be `dry-run` and not `dry_run`. See the current docs here: https://woodpecker-ci.org/plugins/Docker%20Buildx for an example ### πŸ“‘ Build PR Images? PR images are not needed ### πŸ’¬ Details _No response_ Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/117 Reviewed-by: Lauris BH Co-authored-by: bretello Co-committed-by: bretello --- docs.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs.md b/docs.md index 734ec4b..68123e9 100644 --- a/docs.md +++ b/docs.md @@ -85,7 +85,7 @@ docker-build: settings: repo: codeberg.org/${CI_REPO_OWNER}/hello registry: codeberg.org - dry_run: true + dry-run: true output: type=oci,dest=${CI_REPO_OWNER}-hello.tar ``` @@ -187,7 +187,7 @@ steps: - <<: *proxy_conf privileged: true settings: - dry_run: true + dry-run: true repo: *publish_repos dockerfile: Dockerfile.multi platforms: linux/amd64 From 46a884588307f53c4fe46b88a3c4e696204f24b9 Mon Sep 17 00:00:00 2001 From: pat-s Date: Wed, 3 Jan 2024 17:26:27 +0100 Subject: [PATCH 32/54] `dry-run` > `dry_run` --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 9fa542b..aaad9f4 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -29,7 +29,7 @@ steps: settings: <<: *base_buildx_settings repo: test - dry_run: true + dry-run: true when: event: pull_request branch: From 00037ec982a5af4faac0495e542c9a0bf04cc0a1 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sat, 6 Jan 2024 00:10:25 +0000 Subject: [PATCH 33/54] fix(deps): update module github.com/aws/aws-sdk-go to v1.49.16 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 5b5ba24..f5508fd 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 - github.com/aws/aws-sdk-go v1.47.4 + github.com/aws/aws-sdk-go v1.49.16 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index c6862b3..f9b1a15 100644 --- a/go.sum +++ b/go.sum @@ -6,6 +6,8 @@ github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/aws/aws-sdk-go v1.47.4 h1:IyhNbmPt+5ldi5HNzv7ZnXiqSglDMaJiZlzj4Yq3qnk= github.com/aws/aws-sdk-go v1.47.4/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.49.16 h1:KAQwhLg296hfffRdh+itA9p7Nx/3cXS/qOa3uF9ssig= +github.com/aws/aws-sdk-go v1.49.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= From fa58979fa63d604ec84cb6820b7c7aafc1110f8b Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Tue, 9 Jan 2024 00:08:31 +0000 Subject: [PATCH 34/54] fix(deps): update module github.com/aws/aws-sdk-go to v1.49.17 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index f5508fd..f51b539 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 - github.com/aws/aws-sdk-go v1.49.16 + github.com/aws/aws-sdk-go v1.49.17 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index f9b1a15..9bf64ef 100644 --- a/go.sum +++ b/go.sum @@ -8,6 +8,8 @@ github.com/aws/aws-sdk-go v1.47.4 h1:IyhNbmPt+5ldi5HNzv7ZnXiqSglDMaJiZlzj4Yq3qnk github.com/aws/aws-sdk-go v1.47.4/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go v1.49.16 h1:KAQwhLg296hfffRdh+itA9p7Nx/3cXS/qOa3uF9ssig= github.com/aws/aws-sdk-go v1.49.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.49.17 h1:Cc+7LgPjKeJkF2SdNo1IkpQ5Dfl9HCZEVw9OP3CPuEI= +github.com/aws/aws-sdk-go v1.49.17/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= From f5ac6ccb8e8649dbf2595b29e92dce81d42f6854 Mon Sep 17 00:00:00 2001 From: qwerty287 Date: Sat, 13 Jan 2024 10:23:26 +0000 Subject: [PATCH 35/54] Add logo (#120) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### πŸ“– Summary add docker logo ### πŸ“‘ Build PR Images? PR images are not needed ### πŸ’¬ Details _No response_ Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/120 Co-authored-by: qwerty287 Co-committed-by: qwerty287 --- docker.svg | 14 ++++++++++++++ docs.md | 2 +- 2 files changed, 15 insertions(+), 1 deletion(-) create mode 100644 docker.svg diff --git a/docker.svg b/docker.svg new file mode 100644 index 0000000..383626b --- /dev/null +++ b/docker.svg @@ -0,0 +1,14 @@ + + + + + + diff --git a/docs.md b/docs.md index 68123e9..e2d7bae 100644 --- a/docs.md +++ b/docs.md @@ -1,6 +1,6 @@ --- name: Docker Buildx -icon: https://woodpecker-ci.org/img/logo.svg +icon: https://codeberg.org/woodpecker-plugins/docker-buildx/raw/branch/main/docker.svg description: plugin to build multiarch Docker images with buildx authors: Woodpecker Authors tags: [docker, image, container, build] From 689534359cdc91ed4d482482e36c82677347f399 Mon Sep 17 00:00:00 2001 From: pat-s Date: Sat, 13 Jan 2024 11:26:43 +0100 Subject: [PATCH 36/54] add `publish_pr_image` workflow --- .woodpecker.yml | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index aaad9f4..2bac7c0 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -53,11 +53,21 @@ steps: from_secret: cb_username password: from_secret: cb_password - when: event: [push, tag, cron] branch: ${CI_REPO_DEFAULT_BRANCH} + publish_pr_image: + image: *build_plugin + settings: + <<: *base_buildx_settings + tag: pull_${CI_COMMIT_PULL_REQUEST} + build_args: *build_args + logins: *login_setting + when: + evaluate: 'CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images"' + event: pull_request + # TODO: replace by plugin-ready-release-go once it supports gitea gitea-release: image: "woodpeckerci/plugin-gitea-release:0.3.1" From 8596b8b77132c24bc1b462e44080f8334971e470 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Sun, 14 Jan 2024 21:20:06 +0100 Subject: [PATCH 37/54] fix copy-pase --- .woodpecker.yml | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 2bac7c0..cf319d2 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -13,6 +13,19 @@ variables: dockerfile: Dockerfile.multiarch auto_tag: true repo: woodpeckerci/plugin-docker-buildx,codeberg.org/woodpecker-plugins/docker-buildx + - &login_setting + # Default DockerHub login + - registry: https://index.docker.io/v1/ + username: + from_secret: docker_username + password: + from_secret: docker_password + # Additional Codeberg login + - registry: https://codeberg.org + username: + from_secret: cb_username + password: + from_secret: cb_password steps: vendor: @@ -40,19 +53,7 @@ steps: image: *build_plugin settings: <<: *base_buildx_settings - logins: - # Default DockerHub login - - registry: https://index.docker.io/v1/ - username: - from_secret: docker_username - password: - from_secret: docker_password - # Additional Codeberg login - - registry: https://codeberg.org - username: - from_secret: cb_username - password: - from_secret: cb_password + logins: *login_setting when: event: [push, tag, cron] branch: ${CI_REPO_DEFAULT_BRANCH} @@ -62,7 +63,6 @@ steps: settings: <<: *base_buildx_settings tag: pull_${CI_COMMIT_PULL_REQUEST} - build_args: *build_args logins: *login_setting when: evaluate: 'CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images"' From 452d5e22773fd086453db5e167ca509f000ec1e9 Mon Sep 17 00:00:00 2001 From: qwerty287 Date: Sun, 14 Jan 2024 22:40:27 +0000 Subject: [PATCH 38/54] Fix author key (#121) Co-authored-by: qwerty287 Co-committed-by: qwerty287 --- docs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs.md b/docs.md index e2d7bae..9f697aa 100644 --- a/docs.md +++ b/docs.md @@ -2,7 +2,7 @@ name: Docker Buildx icon: https://codeberg.org/woodpecker-plugins/docker-buildx/raw/branch/main/docker.svg description: plugin to build multiarch Docker images with buildx -authors: Woodpecker Authors +author: Woodpecker Authors tags: [docker, image, container, build] containerImage: woodpeckerci/plugin-docker-buildx containerImageUrl: https://hub.docker.com/r/woodpeckerci/plugin-docker-buildx From 55cc3b1d21738af7a23d2f50c3a0d4d48c0f986d Mon Sep 17 00:00:00 2001 From: David Kovari Date: Sun, 14 Jan 2024 23:35:00 +0000 Subject: [PATCH 39/54] Add option to enable buildkit debug output (#119) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### πŸ“– Summary - Add option to enable buildkit debug output - Formats buildkit.toml using `github.com/pelletier/go-toml/v2` - Sets docker.io registry mirror based on daemon.mirror setting Co-authored-by: Patrick Schratz Co-authored-by: 6543 <6543@obermui.de> Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/119 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: David Kovari Co-committed-by: David Kovari --- cmd/docker-buildx/config.go | 6 +++ docs.md | 1 + go.mod | 1 + go.sum | 3 ++ plugin/daemon.go | 9 ++-- plugin/impl.go | 90 ++++++++++++++++++++++++++++--------- plugin/impl_test.go | 16 +++++++ 7 files changed, 101 insertions(+), 25 deletions(-) diff --git a/cmd/docker-buildx/config.go b/cmd/docker-buildx/config.go index e6418c3..17c8b2a 100644 --- a/cmd/docker-buildx/config.go +++ b/cmd/docker-buildx/config.go @@ -99,6 +99,12 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag { Usage: "sets content of the docker buildkit json config", Destination: &settings.Daemon.BuildkitConfig, }, + &cli.BoolFlag{ + Name: "daemon.buildkit-debug", + EnvVars: []string{"PLUGIN_BUILDKIT_DEBUG"}, + Usage: "enables buildkit debug", + Destination: &settings.Daemon.BuildkitDebug, + }, &cli.StringSliceFlag{ Name: "daemon.buildkit-driveropt", EnvVars: []string{"PLUGIN_BUILDKIT_DRIVEROPT"}, diff --git a/docs.md b/docs.md index 9f697aa..9a25af8 100644 --- a/docs.md +++ b/docs.md @@ -105,6 +105,7 @@ docker-build: | `experimental` | `false` | enables docker daemon experimental mode | | `debug` | `false` | enables verbose debug mode for the docker daemon | | `daemon_off` | `false` | disables the startup of the docker daemon | +| `buildkit_debug` | _none_ | enables debug output of buildkit | `buildkit_config` | _none_ | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | | `buildkit_driveropt` | _none_ | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance | | `tags_file` | _none_ | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | diff --git a/go.mod b/go.mod index f51b539..123bd44 100644 --- a/go.mod +++ b/go.mod @@ -20,6 +20,7 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect + github.com/pelletier/go-toml/v2 v2.1.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect diff --git a/go.sum b/go.sum index 9bf64ef..03e57a2 100644 --- a/go.sum +++ b/go.sum @@ -23,6 +23,8 @@ github.com/jmespath/go-jmespath/internal/testify v1.5.1 h1:shLQSRRSCCPj3f2gpwzGw github.com/jmespath/go-jmespath/internal/testify v1.5.1/go.mod h1:L3OGu8Wl2/fWfCI6z80xFu9LTZmf1ZRjMHUOPmWr69U= github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0= github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4= +github.com/pelletier/go-toml/v2 v2.1.1 h1:LWAJwfNvjQZCFIDKWYQaM62NcYeYViCmWIwmOStowAI= +github.com/pelletier/go-toml/v2 v2.1.1/go.mod h1:tJU2Z3ZkXwnxa4DPO899bsyIoywizdUvyaeZurnPPDc= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= @@ -31,6 +33,7 @@ github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= +github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= diff --git a/plugin/daemon.go b/plugin/daemon.go index 8906b0c..13996b6 100644 --- a/plugin/daemon.go +++ b/plugin/daemon.go @@ -6,11 +6,10 @@ import ( ) const ( - dockerExe = "/usr/local/bin/docker" - dockerdExe = "/usr/local/bin/dockerd" - dockerHome = "/root/.docker/" - buildkitConfig = "/tmp/buildkit.toml" - buildkitConfigTemplate = "[registry.\"%s\"]\n ca=[\"%s\"]\n" + dockerExe = "/usr/local/bin/docker" + dockerdExe = "/usr/local/bin/dockerd" + dockerHome = "/root/.docker/" + buildkitConfig = "/tmp/buildkit.toml" ) func (p Plugin) startDaemon() { diff --git a/plugin/impl.go b/plugin/impl.go index 69a27ab..83301d7 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -10,6 +10,7 @@ import ( "strings" "time" + "github.com/pelletier/go-toml/v2" "github.com/sirupsen/logrus" "github.com/urfave/cli/v2" @@ -23,7 +24,7 @@ type Daemon struct { Insecure bool // Docker daemon enable insecure registries StorageDriver string // Docker daemon storage driver StoragePath string // Docker daemon storage path - Disabled bool // DOcker daemon is disabled (already running) + Disabled bool // Docker daemon is disabled (already running) Debug bool // Docker daemon started in debug mode Bip string // Docker daemon network bridge IP address DNS cli.StringSlice // Docker daemon dns server @@ -33,6 +34,7 @@ type Daemon struct { Experimental bool // Docker daemon enable experimental mode BuildkitConfig string // Docker buildkit config BuildkitDriverOpt cli.StringSlice // Docker buildkit driveropt args + BuildkitDebug bool // Docker buildkit debug setting } // Login defines Docker login parameters. @@ -202,6 +204,10 @@ func (p *Plugin) Validate() error { p.settings.Build.Labels = *cli.NewStringSlice(p.Labels()...) } + if err := p.generateBuildkitConfig(); err != nil { + return err + } + return nil } @@ -217,31 +223,75 @@ func (p *Plugin) sanitizedUserTags() []string { return tags } -func (p *Plugin) writeBuildkitConfig() error { - // no buildkit config, automatically generate buildkit configuration to use a custom CA certificate for each registry - if p.settings.Daemon.BuildkitConfig == "" && p.settings.Daemon.Registry != "" { - for _, login := range p.settings.Logins { - if registry := login.Registry; registry != "" { - u, err := url.Parse(registry) - if err != nil { - return fmt.Errorf("could not parse registry address: %s: %v", registry, err) - } - if u.Host != "" { - registry = u.Host - } +type BuildkitConfigTOML struct { + Debug bool `toml:"debug"` // needs to be public for toml lib to use + Registry map[string]RegistryInfo `toml:"registry"` +} - caPath := fmt.Sprintf("/etc/docker/certs.d/%s/ca.crt", registry) - ca, err := os.Open(caPath) - if err != nil && !os.IsNotExist(err) { - logrus.Warnf("error reading %s: %v", caPath, err) - } else if err == nil { - ca.Close() - p.settings.Daemon.BuildkitConfig += fmt.Sprintf(buildkitConfigTemplate, registry, caPath) +type RegistryInfo struct { + Mirrors []string `toml:"mirrors"` + CA []string `toml:"ca"` +} + +func (p *Plugin) generateBuildkitConfig() error { + // no buildkit config, automatically generate buildkit configuration + if p.settings.Daemon.BuildkitConfig == "" { + + cfg := BuildkitConfigTOML{} + cfg.Registry = map[string]RegistryInfo{} + + if p.settings.Daemon.BuildkitDebug { + cfg.Debug = p.settings.Daemon.BuildkitDebug + logrus.Println("buildkit debug enabled") + } + + if p.settings.Daemon.Mirror != "" { + cfg.Registry["docker.io"] = RegistryInfo{ + Mirrors: []string{p.settings.Daemon.Mirror}, + } + } + + // use a custom CA certificate for each registry + if p.settings.Daemon.Registry != "" { + for _, login := range p.settings.Logins { + if registry := login.Registry; registry != "" { + u, err := url.Parse(registry) + if err != nil { + return fmt.Errorf("could not parse registry address: %s: %v", registry, err) + } + if u.Host != "" { + registry = u.Host + } + + caPath := fmt.Sprintf("/etc/docker/certs.d/%s/ca.crt", registry) + ca, err := os.Open(caPath) + if err != nil && !os.IsNotExist(err) { + logrus.Warnf("error reading %s: %v", caPath, err) + } else if err == nil { + ca.Close() + // add registry and ca path to buildkit.toml + cfg.Registry[registry] = RegistryInfo{ + CA: []string{caPath}, + } + } } } } + + if cfg.Debug || len(cfg.Registry) > 0 { + tomlData, err := toml.Marshal(cfg) + if err != nil { + return fmt.Errorf("error marshaling buildkit.toml: %s", err) + } else { + p.settings.Daemon.BuildkitConfig = string(tomlData) + } + } } + return nil +} + +func (p *Plugin) writeBuildkitConfig() error { // save buildkit config as described if p.settings.Daemon.BuildkitConfig != "" { err := os.WriteFile(buildkitConfig, []byte(p.settings.Daemon.BuildkitConfig), 0o600) diff --git a/plugin/impl_test.go b/plugin/impl_test.go index ebbbb47..c65f962 100644 --- a/plugin/impl_test.go +++ b/plugin/impl_test.go @@ -76,3 +76,19 @@ func TestDefaultLogin(t *testing.T) { assert.EqualValues(t, "https://codeberg.org", s.Logins[0].Registry) } } + +func TestWriteBuildkitConfig(t *testing.T) { + settings := defaultSettings + assert.NoError(t, newSettingsOnly(&settings).Validate()) + assert.EqualValues(t, "", settings.Daemon.BuildkitConfig) + + settings = defaultSettings + settings.Daemon.BuildkitDebug = true + assert.NoError(t, newSettingsOnly(&settings).Validate()) + assert.EqualValues(t, "debug = true\n\n[registry]\n", settings.Daemon.BuildkitConfig) + + settings = defaultSettings + settings.Daemon.Mirror = "mirror.example.com" + assert.NoError(t, newSettingsOnly(&settings).Validate()) + assert.EqualValues(t, "debug = false\n\n[registry]\n[registry.'docker.io']\nmirrors = ['mirror.example.com']\nca = []\n", settings.Daemon.BuildkitConfig) +} From fef922e92a6c9c45b874da824f1946c654ed61a4 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Mon, 15 Jan 2024 07:06:52 +0000 Subject: [PATCH 40/54] format via gofumpt (#123) format code ;) Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/123 Reviewed-by: qwerty287 Co-authored-by: 6543 <6543@obermui.de> Co-committed-by: 6543 <6543@obermui.de> --- .ecrc | 11 +++++++++++ .editorconfig | 19 +++++++++++++++++++ .woodpecker.yml | 17 +++++++++++++++++ Makefile | 12 ++++++++++++ cmd/docker-buildx/main.go | 2 +- go.mod | 2 +- go.sum | 8 -------- plugin/docker_test.go | 11 ++++------- plugin/ecr.go | 21 ++++++++++----------- 9 files changed, 75 insertions(+), 28 deletions(-) create mode 100644 .ecrc create mode 100644 .editorconfig diff --git a/.ecrc b/.ecrc new file mode 100644 index 0000000..ed9f777 --- /dev/null +++ b/.ecrc @@ -0,0 +1,11 @@ +{ + "Exclude": [ + ".git", + "go.mod", "go.sum", + "vendor", + "LICENSE", + "node_modules", + "_test.go", + "Makefile" + ] +} diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..34f6015 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,19 @@ +root = true + +[*] +indent_style = space +indent_size = 2 +tab_width = 2 +end_of_line = lf +charset = utf-8 +trim_trailing_whitespace = true +insert_final_newline = true + +[*.go] +indent_style = tab + +[*.md] +trim_trailing_whitespace = false + +[Makefile] +indent_style = tab diff --git a/.woodpecker.yml b/.woodpecker.yml index cf319d2..d91ab73 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -34,10 +34,24 @@ steps: test: image: *golang + depends_on: vendor commands: go test -cover ./... + lint-editorconfig: + image: docker.io/mstruebing/editorconfig-checker:2.7.2 + when: + event: pull_request + + lint-format: + image: *golang + depends_on: vendor + commands: make formatcheck + when: + event: pull_request + publish-dryrun: image: *build_plugin + depends_on: test pull: true settings: <<: *base_buildx_settings @@ -51,6 +65,7 @@ steps: publish: image: *build_plugin + depends_on: test settings: <<: *base_buildx_settings logins: *login_setting @@ -60,6 +75,7 @@ steps: publish_pr_image: image: *build_plugin + depends_on: test settings: <<: *base_buildx_settings tag: pull_${CI_COMMIT_PULL_REQUEST} @@ -71,6 +87,7 @@ steps: # TODO: replace by plugin-ready-release-go once it supports gitea gitea-release: image: "woodpeckerci/plugin-gitea-release:0.3.1" + depends_on: test settings: base_url: https://codeberg.org title: ${CI_COMMIT_TAG} diff --git a/Makefile b/Makefile index 1af273c..f7351c3 100644 --- a/Makefile +++ b/Makefile @@ -2,5 +2,17 @@ TARGETOS ?= linux TARGETARCH ?= amd64 LDFLAGS := -s -w -extldflags "-static" +.PHONY: build build: CGO_ENABLED=0 GOOS=${TARGETOS} GOARCH=${TARGETARCH} go build -ldflags '${LDFLAGS}' -v -a -tags netgo -o plugin-docker-buildx ./cmd/docker-buildx + +format: install-tools + gofumpt -extra -w . + +formatcheck: install-tools + @([ -z "$(shell gofumpt -d . | head)" ]) || (echo "Source is unformatted"; exit 1) + +install-tools: ## Install development tools + @hash gofumpt > /dev/null 2>&1; if [ $$? -ne 0 ]; then \ + go install mvdan.cc/gofumpt@latest; \ + fi diff --git a/cmd/docker-buildx/main.go b/cmd/docker-buildx/main.go index 5531f44..6fceb2f 100644 --- a/cmd/docker-buildx/main.go +++ b/cmd/docker-buildx/main.go @@ -19,7 +19,7 @@ func main() { if _, err := os.Stat("/run/drone/env"); err == nil { godotenv.Overload("/run/drone/env") } - + if envFile, set := os.LookupEnv("PLUGIN_ENV_FILE"); set { godotenv.Overload(envFile) } diff --git a/go.mod b/go.mod index 123bd44..de51ec6 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/aws/aws-sdk-go v1.49.17 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 + github.com/pelletier/go-toml/v2 v2.1.1 github.com/sirupsen/logrus v1.9.3 github.com/stretchr/testify v1.8.4 github.com/urfave/cli/v2 v2.27.1 @@ -20,7 +21,6 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect github.com/davecgh/go-spew v1.1.1 // indirect github.com/jmespath/go-jmespath v0.4.0 // indirect - github.com/pelletier/go-toml/v2 v2.1.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect diff --git a/go.sum b/go.sum index 03e57a2..742a7c7 100644 --- a/go.sum +++ b/go.sum @@ -4,10 +4,6 @@ github.com/6543/go-version v1.3.1 h1:HvOp+Telns7HWJ2Xo/05YXQSB2bE0WmVgbHqwMPZT4U github.com/6543/go-version v1.3.1/go.mod h1:oqFAHCwtLVUTLdhQmVZWYvaHXTdsbB4SY85at64SQEo= github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8= github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= -github.com/aws/aws-sdk-go v1.47.4 h1:IyhNbmPt+5ldi5HNzv7ZnXiqSglDMaJiZlzj4Yq3qnk= -github.com/aws/aws-sdk-go v1.47.4/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= -github.com/aws/aws-sdk-go v1.49.16 h1:KAQwhLg296hfffRdh+itA9p7Nx/3cXS/qOa3uF9ssig= -github.com/aws/aws-sdk-go v1.49.16/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go v1.49.17 h1:Cc+7LgPjKeJkF2SdNo1IkpQ5Dfl9HCZEVw9OP3CPuEI= github.com/aws/aws-sdk-go v1.49.17/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= @@ -39,10 +35,6 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/ github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= -github.com/urfave/cli/v2 v2.26.0 h1:3f3AMg3HpThFNT4I++TKOejZO8yU55t3JnnSr4S4QEI= -github.com/urfave/cli/v2 v2.26.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= -github.com/urfave/cli/v2 v2.27.0 h1:uNs1K8JwTFL84X68j5Fjny6hfANh9nTlJ6dRtZAFAHY= -github.com/urfave/cli/v2 v2.27.0/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/urfave/cli/v2 v2.27.1 h1:8xSQ6szndafKVRmfyeUMxkNUJQMjL1F2zmsZ+qHpfho= github.com/urfave/cli/v2 v2.27.1/go.mod h1:8qnjx1vcq5s2/wpsqoZFndg2CE5tNFyrTvS6SinrnYQ= github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU= diff --git a/plugin/docker_test.go b/plugin/docker_test.go index 8be3298..f2b13d1 100644 --- a/plugin/docker_test.go +++ b/plugin/docker_test.go @@ -10,14 +10,13 @@ import ( ) func TestCommandBuilder(t *testing.T) { - tests := []struct { Name string Daemon Daemon Input string WantedLen int Skip bool - Excuse string + Excuse string }{ { Name: "Single driver-opt value", @@ -29,15 +28,14 @@ func TestCommandBuilder(t *testing.T) { Name: "Single driver-opt value with comma", Input: "no_proxy=.mydomain,.sub.domain.com", WantedLen: 1, - Skip: true, - Excuse: "Can be enabled whenever #94 is fixed.", - + Skip: true, + Excuse: "Can be enabled whenever #94 is fixed.", }, } for _, test := range tests { t.Run(test.Name, func(t *testing.T) { - if (test.Skip) { + if test.Skip { t.Skip(fmt.Printf("%v skipped. %v", test.Name, test.Excuse)) } // prepare test values to mock plugin call with settings @@ -68,5 +66,4 @@ func TestCommandBuilder(t *testing.T) { assert.Len(t, test.Daemon.BuildkitDriverOpt.Value(), test.WantedLen) }) } - } diff --git a/plugin/ecr.go b/plugin/ecr.go index 7579d21..5409898 100644 --- a/plugin/ecr.go +++ b/plugin/ecr.go @@ -17,14 +17,15 @@ import ( const DefaultRegion = "us-east-1" -var repo string -var assumeRole string -var externalID string -var ecr_login Login -var aws_region string +var ( + repo string + assumeRole string + externalID string + ecr_login Login + aws_region string +) func (p *Plugin) EcrInit() { - // create a standalone Login object to account for single repo and multi-repo case if len(p.settings.Logins) >= 1 { for _, login := range p.settings.Logins { @@ -81,7 +82,6 @@ func (p *Plugin) EcrInit() { svc := getECRClient(sess, assumeRole, externalID) username, password, registry, err := getAuthInfo(svc) - if err != nil { log.Fatalf("error getting ECR auth: %v", err) } @@ -135,7 +135,6 @@ func (p *Plugin) EcrInit() { p.settings.DefaultLogin.Password = password p.settings.DefaultLogin.Registry = registry } - } func trimHostname(repo, registry string) string { @@ -168,7 +167,7 @@ func updateImageScannningConfig(svc *ecr.ECR, name string, scanOnPush bool) (err return err } -func uploadLifeCyclePolicy(svc *ecr.ECR, lifecyclePolicy string, name string) (err error) { +func uploadLifeCyclePolicy(svc *ecr.ECR, lifecyclePolicy, name string) (err error) { input := &ecr.PutLifecyclePolicyInput{} input.SetLifecyclePolicyText(lifecyclePolicy) input.SetRepositoryName(name) @@ -177,7 +176,7 @@ func uploadLifeCyclePolicy(svc *ecr.ECR, lifecyclePolicy string, name string) (e return err } -func uploadRepositoryPolicy(svc *ecr.ECR, repositoryPolicy string, name string) (err error) { +func uploadRepositoryPolicy(svc *ecr.ECR, repositoryPolicy, name string) (err error) { input := &ecr.SetRepositoryPolicyInput{} input.SetPolicyText(repositoryPolicy) input.SetRepositoryName(name) @@ -209,7 +208,7 @@ func getAuthInfo(svc *ecr.ECR) (username, password, registry string, err error) return } -func getECRClient(sess *session.Session, role string, externalId string) *ecr.ECR { +func getECRClient(sess *session.Session, role, externalId string) *ecr.ECR { if role == "" { return ecr.New(sess) } From b9250cc7afc0e4a796855ee222f06658e254690a Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Tue, 16 Jan 2024 00:18:07 +0000 Subject: [PATCH 41/54] chore(deps): update docker/buildx-bin docker tag to v0.12.1 (#124) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 2563935..2e8f807 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,4 +1,4 @@ -ARG BUILDX_VERSION=0.12.0 +ARG BUILDX_VERSION=0.12.1 ARG DOCKER_VERSION=24.0.7-dind ARG GOLANG_VERSION=1.21 From 8367365643687df3537934ef876e538c3c28bb5f Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Wed, 17 Jan 2024 00:16:44 +0000 Subject: [PATCH 42/54] fix(deps): update module github.com/aws/aws-sdk-go to v1.49.21 (#125) Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index de51ec6..f33bbe8 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 - github.com/aws/aws-sdk-go v1.49.17 + github.com/aws/aws-sdk-go v1.49.22 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/pelletier/go-toml/v2 v2.1.1 diff --git a/go.sum b/go.sum index 742a7c7..1d2ee89 100644 --- a/go.sum +++ b/go.sum @@ -6,6 +6,8 @@ github.com/BurntSushi/toml v1.3.2 h1:o7IhLm0Msx3BaB+n3Ag7L8EVlByGnpq14C4YWiu/gL8 github.com/BurntSushi/toml v1.3.2/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ= github.com/aws/aws-sdk-go v1.49.17 h1:Cc+7LgPjKeJkF2SdNo1IkpQ5Dfl9HCZEVw9OP3CPuEI= github.com/aws/aws-sdk-go v1.49.17/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.49.22 h1:r01+cQJ3cORQI1PJxG8af0jzrZpUOL9L+/3kU2x1geU= +github.com/aws/aws-sdk-go v1.49.22/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= From 5d98a5da22ef4e811b12613d7b466ea8f533fe14 Mon Sep 17 00:00:00 2001 From: 6543 <6543@obermui.de> Date: Thu, 18 Jan 2024 18:28:42 +0000 Subject: [PATCH 43/54] Add option to set individual mirrors for all logins (#122) - also address last nits of #119 Co-authored-by: Patrick Schratz Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/122 Reviewed-by: Patrick Schratz --- .gitignore | 1 + cmd/docker-buildx/main.go | 4 ++- docs.md | 4 ++- plugin/docker.go | 3 -- plugin/impl.go | 67 +++++++++++++++++++++++---------------- plugin/impl_test.go | 45 ++++++++++++++++++-------- 6 files changed, 78 insertions(+), 46 deletions(-) diff --git a/.gitignore b/.gitignore index afd7d10..3389027 100644 --- a/.gitignore +++ b/.gitignore @@ -5,3 +5,4 @@ plugin-docker-buildx coverage.out CHANGELOG.md +debug.test* diff --git a/cmd/docker-buildx/main.go b/cmd/docker-buildx/main.go index 6fceb2f..cedfdc2 100644 --- a/cmd/docker-buildx/main.go +++ b/cmd/docker-buildx/main.go @@ -14,7 +14,9 @@ import ( var version = "unknown" func main() { - settings := &plugin.Settings{} + settings := &plugin.Settings{ + CustomCertStore: "/etc/docker/certs.d/", + } if _, err := os.Stat("/run/drone/env"); err == nil { godotenv.Overload("/run/drone/env") diff --git a/docs.md b/docs.md index 9a25af8..a24b2f4 100644 --- a/docs.md +++ b/docs.md @@ -105,7 +105,7 @@ docker-build: | `experimental` | `false` | enables docker daemon experimental mode | | `debug` | `false` | enables verbose debug mode for the docker daemon | | `daemon_off` | `false` | disables the startup of the docker daemon | -| `buildkit_debug` | _none_ | enables debug output of buildkit +| `buildkit_debug` | `false` | enables debug output of buildkit | | `buildkit_config` | _none_ | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | | `buildkit_driveropt` | _none_ | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance | | `tags_file` | _none_ | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | @@ -147,6 +147,8 @@ settings: username: a6543 password: from_secret: docker_token + mirrors: + - "my-docker-mirror-host.local" - registry: https://codeberg.org username: "6543" password: diff --git a/plugin/docker.go b/plugin/docker.go index 750810a..e5d2ff4 100644 --- a/plugin/docker.go +++ b/plugin/docker.go @@ -179,9 +179,6 @@ func commandDaemon(daemon Daemon) *exec.Cmd { if daemon.IPv6 { args = append(args, "--ipv6") } - if len(daemon.Mirror) != 0 { - args = append(args, "--registry-mirror", daemon.Mirror) - } if len(daemon.Bip) != 0 { args = append(args, "--bip", daemon.Bip) } diff --git a/plugin/impl.go b/plugin/impl.go index 83301d7..f920ef4 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -40,12 +40,12 @@ type Daemon struct { // Login defines Docker login parameters. type Login struct { // Generic - Registry string // Docker registry address - Username string // Docker registry username - Password string // Docker registry password - Email string // Docker registry email - Config string // Docker Auth Config - + Registry string // Docker registry address + Username string // Docker registry username + Password string // Docker registry password + Email string // Docker registry email + Config string // Docker Auth Config + Mirrors []string // Docker registry mirrors // ECR Aws_access_key_id string `json:"aws_access_key_id"` // AWS access key id Aws_secret_access_key string `json:"aws_secret_access_key"` // AWS secret access key @@ -93,13 +93,14 @@ type Settings struct { AwsSecretAccessKey string `json:"aws_secret_access_key"` // AWS secret access key // Generic - Daemon Daemon - Logins []Login - LoginsRaw string - DefaultLogin Login - Build Build - Dryrun bool - Cleanup bool + Daemon Daemon + Logins []Login + LoginsRaw string + DefaultLogin Login + Build Build + Dryrun bool + Cleanup bool + CustomCertStore string // e.g. for "/etc/docker/certs.d//ca.crt" } func (l Login) anonymous() bool { @@ -128,6 +129,10 @@ func (p *Plugin) InitSettings() error { p.EcrInit() } + if p.settings.DefaultLogin.Registry != "" && p.settings.Daemon.Mirror != "" { + p.settings.DefaultLogin.Mirrors = []string{p.settings.Daemon.Mirror} + } + if len(p.settings.Logins) == 0 { p.settings.Logins = []Login{p.settings.DefaultLogin} } else if !p.settings.DefaultLogin.anonymous() { @@ -224,13 +229,13 @@ func (p *Plugin) sanitizedUserTags() []string { } type BuildkitConfigTOML struct { - Debug bool `toml:"debug"` // needs to be public for toml lib to use - Registry map[string]RegistryInfo `toml:"registry"` + Debug bool `toml:"debug,omitempty"` // needs to be public for toml lib to use + Registry map[string]*RegistryInfo `toml:"registry,omitempty"` } type RegistryInfo struct { - Mirrors []string `toml:"mirrors"` - CA []string `toml:"ca"` + Mirrors []string `toml:"mirrors,omitempty"` + CA []string `toml:"ca,omitempty"` } func (p *Plugin) generateBuildkitConfig() error { @@ -238,19 +243,13 @@ func (p *Plugin) generateBuildkitConfig() error { if p.settings.Daemon.BuildkitConfig == "" { cfg := BuildkitConfigTOML{} - cfg.Registry = map[string]RegistryInfo{} + cfg.Registry = make(map[string]*RegistryInfo) if p.settings.Daemon.BuildkitDebug { cfg.Debug = p.settings.Daemon.BuildkitDebug logrus.Println("buildkit debug enabled") } - if p.settings.Daemon.Mirror != "" { - cfg.Registry["docker.io"] = RegistryInfo{ - Mirrors: []string{p.settings.Daemon.Mirror}, - } - } - // use a custom CA certificate for each registry if p.settings.Daemon.Registry != "" { for _, login := range p.settings.Logins { @@ -263,16 +262,30 @@ func (p *Plugin) generateBuildkitConfig() error { registry = u.Host } - caPath := fmt.Sprintf("/etc/docker/certs.d/%s/ca.crt", registry) + // docker hub fix + if registry == "index.docker.io" { + registry = "docker.io" + } + + caPath := fmt.Sprintf("%s/%s/ca.crt", p.settings.CustomCertStore, registry) ca, err := os.Open(caPath) if err != nil && !os.IsNotExist(err) { logrus.Warnf("error reading %s: %v", caPath, err) } else if err == nil { ca.Close() + logrus.Infof("found ca file for '%s' registry", registry) // add registry and ca path to buildkit.toml - cfg.Registry[registry] = RegistryInfo{ - CA: []string{caPath}, + if cfg.Registry[registry] == nil { + cfg.Registry[registry] = new(RegistryInfo) } + cfg.Registry[registry].CA = []string{caPath} + } + + if len(login.Mirrors) != 0 { + if cfg.Registry[registry] == nil { + cfg.Registry[registry] = new(RegistryInfo) + } + cfg.Registry[registry].Mirrors = login.Mirrors } } } diff --git a/plugin/impl_test.go b/plugin/impl_test.go index c65f962..4232af0 100644 --- a/plugin/impl_test.go +++ b/plugin/impl_test.go @@ -1,6 +1,8 @@ package plugin import ( + "fmt" + "os" "testing" "codeberg.org/6543/go-yaml2json" @@ -8,7 +10,7 @@ import ( "github.com/urfave/cli/v2" ) -var defaultSettings = Settings{ +var defaultTestSettings = Settings{ Daemon: Daemon{ StoragePath: "/var/lib/docker", }, @@ -22,15 +24,16 @@ var defaultSettings = Settings{ DefaultLogin: Login{ Registry: "https://index.docker.io/v1/", }, - LoginsRaw: "[]", - Cleanup: true, + LoginsRaw: "[]", + Cleanup: true, + CustomCertStore: "/etc/docker/certs.d/", } func TestDefaultLogin(t *testing.T) { - s := defaultSettings + s := defaultTestSettings assert.NoError(t, newSettingsOnly(&s).Validate()) if assert.Len(t, s.Logins, 1) { - assert.EqualValues(t, defaultSettings.DefaultLogin.Registry, s.Logins[0].Registry) + assert.EqualValues(t, defaultTestSettings.DefaultLogin.Registry, s.Logins[0].Registry) } // only use login to auth to registrys @@ -45,11 +48,11 @@ func TestDefaultLogin(t *testing.T) { s.LoginsRaw = string(loginsRaw) assert.NoError(t, newSettingsOnly(&s).Validate()) if assert.Len(t, s.Logins, 2) { - assert.EqualValues(t, defaultSettings.DefaultLogin.Registry, s.Logins[0].Registry) + assert.EqualValues(t, defaultTestSettings.DefaultLogin.Registry, s.Logins[0].Registry) } // mixed login settings ('logins' and 'username', 'password' are used) - s = defaultSettings + s = defaultTestSettings loginsRaw, err = yaml2json.Convert([]byte(` - registry: https://codeberg.org username: cb_username @@ -60,11 +63,11 @@ func TestDefaultLogin(t *testing.T) { s.DefaultLogin.Password = "docker_password" assert.NoError(t, newSettingsOnly(&s).Validate()) if assert.Len(t, s.Logins, 2) { - assert.EqualValues(t, defaultSettings.DefaultLogin.Registry, s.Logins[0].Registry) + assert.EqualValues(t, defaultTestSettings.DefaultLogin.Registry, s.Logins[0].Registry) } // ignore default registry - s = defaultSettings + s = defaultTestSettings loginsRaw, err = yaml2json.Convert([]byte(` - registry: https://codeberg.org username: cb_username @@ -78,17 +81,31 @@ func TestDefaultLogin(t *testing.T) { } func TestWriteBuildkitConfig(t *testing.T) { - settings := defaultSettings + settings := defaultTestSettings assert.NoError(t, newSettingsOnly(&settings).Validate()) assert.EqualValues(t, "", settings.Daemon.BuildkitConfig) - settings = defaultSettings + settings = defaultTestSettings settings.Daemon.BuildkitDebug = true assert.NoError(t, newSettingsOnly(&settings).Validate()) - assert.EqualValues(t, "debug = true\n\n[registry]\n", settings.Daemon.BuildkitConfig) + assert.EqualValues(t, "debug = true\n", settings.Daemon.BuildkitConfig) - settings = defaultSettings + settings = defaultTestSettings settings.Daemon.Mirror = "mirror.example.com" assert.NoError(t, newSettingsOnly(&settings).Validate()) - assert.EqualValues(t, "debug = false\n\n[registry]\n[registry.'docker.io']\nmirrors = ['mirror.example.com']\nca = []\n", settings.Daemon.BuildkitConfig) + assert.EqualValues(t, "[registry]\n[registry.'docker.io']\nmirrors = ['mirror.example.com']\n", settings.Daemon.BuildkitConfig) + + settings = defaultTestSettings + settings.DefaultLogin.Registry = "codeberg.org" + tmpDir, err := os.MkdirTemp("", "go-test-*") + assert.NoError(t, err) + settings.CustomCertStore = tmpDir + defer os.RemoveAll(tmpDir) + assert.NoError(t, os.Mkdir(tmpDir+"/codeberg.org", os.ModePerm)) + caFile, err := os.Create(tmpDir + "/codeberg.org/" + "ca.crt") + assert.NoError(t, err) + assert.NoError(t, caFile.Close()) + + assert.NoError(t, newSettingsOnly(&settings).Validate()) + assert.EqualValues(t, fmt.Sprintf("[registry]\n[registry.'codeberg.org']\nca = ['%s/codeberg.org/ca.crt']\n", tmpDir), settings.Daemon.BuildkitConfig) } From 8c928fc303bfd62583820acd449e7a4eeec7717d Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sat, 20 Jan 2024 10:57:40 +0000 Subject: [PATCH 44/54] chore(deps): update docker docker tag to v25 (#126) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | docker | final | major | `24.0.7-dind` -> `25.0.0-dind` | --- ### Configuration πŸ“… **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. β™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. πŸ”• **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/126 Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 2e8f807..dac1027 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.12.1 -ARG DOCKER_VERSION=24.0.7-dind +ARG DOCKER_VERSION=25.0.0-dind ARG GOLANG_VERSION=1.21 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From bd45f56155aa01c748195d2af3523919623a5031 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sun, 21 Jan 2024 19:08:05 +0000 Subject: [PATCH 45/54] chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v3 (#127) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Update | Change | |---|---|---| | [woodpeckerci/plugin-docker-buildx](https://codeberg.org/woodpecker-plugins/docker-buildx) ([source](https://codeberg.org/woodpecker-plugins/docker-buildx.git)) | major | `2.3.0` -> `3.0.0` | --- ### Release Notes
woodpecker-plugins/docker-buildx (woodpeckerci/plugin-docker-buildx) ### [`v3.0.0`](https://codeberg.org/woodpecker-plugins/docker-buildx/releases/tag/v3.0.0) [Compare Source](https://codeberg.org/woodpecker-plugins/docker-buildx/compare/v2.3.0...v3.0.0) ##### Breaking - Update to docker engine v25 ([release notes](https://docs.docker.com/engine/release-notes/25.0/)) ##### Features - Add option to set individual mirrors for all logins ([#​122](https://github.com/woodpecker-plugins/docker-buildx/issues/122)) - Add option to enable buildkit debug output ([#​119](https://github.com/woodpecker-plugins/docker-buildx/issues/119)) ##### Dependencies - fix(deps): update module github.com/aws/aws-sdk-go to v1.49.21 ([#​125](https://github.com/woodpecker-plugins/docker-buildx/issues/125)) - chore(deps): update docker/buildx-bin docker tag to v0.12.1 ([#​124](https://github.com/woodpecker-plugins/docker-buildx/issues/124))
--- ### Configuration πŸ“… **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. β™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. πŸ”• **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/127 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: woodpecker-bot Co-committed-by: woodpecker-bot --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index d91ab73..1425c3a 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,7 +7,7 @@ when: variables: - &golang "golang:1.21" - - &build_plugin "woodpeckerci/plugin-docker-buildx:2.3.0" + - &build_plugin "woodpeckerci/plugin-docker-buildx:3.0.0" - base_settings: &base_buildx_settings platforms: "linux/amd64,linux/arm64" dockerfile: Dockerfile.multiarch From 27d19d77cd3e7c0dc15137ca7baa9876e0e8ab9c Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Thu, 25 Jan 2024 00:08:04 +0000 Subject: [PATCH 46/54] chore(deps): update docker docker tag to v25.0.1 --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index dac1027..0c3cc5f 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.12.1 -ARG DOCKER_VERSION=25.0.0-dind +ARG DOCKER_VERSION=25.0.1-dind ARG GOLANG_VERSION=1.21 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From 7499423e303507d3cc87237232422c016e2dd655 Mon Sep 17 00:00:00 2001 From: pat-s Date: Fri, 26 Jan 2024 03:19:46 +0000 Subject: [PATCH 47/54] Don't run dryrun when building pr images (#131) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### πŸ“– Summary Both essentially do the same until the very end - only one of each is needed respectively. ### πŸ“‘ Build PR Images? PR images are not needed ### πŸ’¬ Details _No response_ Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/131 Reviewed-by: 6543 <6543@obermui.de> Co-authored-by: pat-s Co-committed-by: pat-s --- .woodpecker.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.woodpecker.yml b/.woodpecker.yml index 1425c3a..072887d 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -58,6 +58,7 @@ steps: repo: test dry-run: true when: + evaluate: 'not (CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images")' event: pull_request branch: - ${CI_REPO_DEFAULT_BRANCH} From 4d1a4cbe2b896d62e081a02708c97618eb03bdba Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sat, 27 Jan 2024 00:08:09 +0000 Subject: [PATCH 48/54] fix(deps): update module github.com/aws/aws-sdk-go to v1.50.5 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index f33bbe8..3bc26b2 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 - github.com/aws/aws-sdk-go v1.49.22 + github.com/aws/aws-sdk-go v1.50.5 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/pelletier/go-toml/v2 v2.1.1 diff --git a/go.sum b/go.sum index 1d2ee89..e2ad16f 100644 --- a/go.sum +++ b/go.sum @@ -8,6 +8,8 @@ github.com/aws/aws-sdk-go v1.49.17 h1:Cc+7LgPjKeJkF2SdNo1IkpQ5Dfl9HCZEVw9OP3CPuE github.com/aws/aws-sdk-go v1.49.17/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go v1.49.22 h1:r01+cQJ3cORQI1PJxG8af0jzrZpUOL9L+/3kU2x1geU= github.com/aws/aws-sdk-go v1.49.22/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.50.5 h1:H2Aadcgwr7a2aqS6ZwcE+l1mA6ZrTseYCvjw2QLmxIA= +github.com/aws/aws-sdk-go v1.50.5/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= From ef56bac838611e28902aae37c6c297a4a0461516 Mon Sep 17 00:00:00 2001 From: David Kovari Date: Fri, 2 Feb 2024 20:25:30 +0000 Subject: [PATCH 49/54] Improve support for `cache_to` and `cache_from` & add `cache_images` (#129) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ### πŸ“– Summary Originally, the cache_to and cache_from were being converted into string arrays. Then their contents were looped over to add to the build command. This has the side affect of stopping the user from setting additional options for the cache-to and cache-from args since their command input format uses commas. i.e. `type=registry,ref=imagepath,mode=max` would result in `--cache-to type=registry --cache-to ref=imagepath --cache-to mode=max`. The command was not designed to be used that way. The one reason I can think of for cache_to and cache_from to be arrays is so you could have multiple cache registries. But I can't confirm that the build command even works like this. ### πŸ“‘ Build PR Images? PR images are not needed ### πŸ’¬ Details _No response_ Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/129 Reviewed-by: Patrick Schratz Co-authored-by: David Kovari Co-committed-by: David Kovari --- cmd/docker-buildx/config.go | 10 ++- docs.md | 134 ++++++++++++++++++++++++------------ plugin/docker.go | 12 ++-- plugin/impl.go | 5 +- 4 files changed, 109 insertions(+), 52 deletions(-) diff --git a/cmd/docker-buildx/config.go b/cmd/docker-buildx/config.go index 17c8b2a..05705f3 100644 --- a/cmd/docker-buildx/config.go +++ b/cmd/docker-buildx/config.go @@ -195,18 +195,24 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag { Usage: "sets the build target to use", Destination: &settings.Build.Target, }, - &cli.StringSliceFlag{ + &cli.StringFlag{ Name: "cache-from", EnvVars: []string{"PLUGIN_CACHE_FROM"}, Usage: "sets images to consider as cache sources", Destination: &settings.Build.CacheFrom, }, - &cli.StringSliceFlag{ + &cli.StringFlag{ Name: "cache-to", EnvVars: []string{"PLUGIN_CACHE_TO"}, Usage: "cache destination for the build cache", Destination: &settings.Build.CacheTo, }, + &cli.StringSliceFlag{ + Name: "cache-images", + EnvVars: []string{"PLUGIN_CACHE_IMAGES"}, + Usage: "list of images to use for build cache. applies both to and from flags for each image", + Destination: &settings.Build.CacheImages, + }, &cli.BoolFlag{ Name: "pull-image", EnvVars: []string{"PLUGIN_PULL_IMAGE"}, diff --git a/docs.md b/docs.md index a24b2f4..3f8ce32 100644 --- a/docs.md +++ b/docs.md @@ -8,7 +8,6 @@ containerImage: woodpeckerci/plugin-docker-buildx containerImageUrl: https://hub.docker.com/r/woodpeckerci/plugin-docker-buildx url: https://codeberg.org/woodpecker-plugins/docker-buildx --- - Woodpecker CI plugin to build multiarch Docker images with buildx. This plugin is a fork of [thegeeklab/drone-docker-buildx](https://github.com/thegeeklab/drone-docker-buildx/) which itself is a fork of [drone-plugins/drone-docker](https://github.com/drone-plugins/drone-docker). ## Features @@ -28,8 +27,9 @@ It will automatically generate buildkit configuration to use custom CA certifica ## Settings + | Settings Name | Default | Description | -| ----------------------- | ----------------------------- | -------------------------------------------------- | +| ------------------------- | ------------------------------- | ---------------------------------------------------- | | `dry-run` | `false` | disables docker push | | `repo` | _none_ | sets repository name for the image (can be a list) | | `username` | _none_ | sets username to authenticates with | @@ -91,48 +91,51 @@ docker-build: ## Advanced Settings -| Settings Name | Default | Description | -| ----------------------------------- | ----------------- | -------------------------------------------------------------------------------------------------------------------------------------------------- | -| `mirror` | _none_ | sets a registry mirror to pull images | -| `storage_driver` | _none_ | sets the docker daemon storage driver | -| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path | -| `bip` | _none_ | allows the docker daemon to bride ip address | -| `mtu` | _none_ | sets docker daemon custom mtu setting | -| `custom_dns` | _none_ | sets custom docker daemon dns server | -| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain | -| `insecure` | `false` | allows the docker daemon to use insecure registries | -| `ipv6` | `false` | enables docker daemon IPv6 support | -| `experimental` | `false` | enables docker daemon experimental mode | -| `debug` | `false` | enables verbose debug mode for the docker daemon | -| `daemon_off` | `false` | disables the startup of the docker daemon | -| `buildkit_debug` | `false` | enables debug output of buildkit | -| `buildkit_config` | _none_ | sets content of the docker [buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | -| `buildkit_driveropt` | _none_ | adds one or multiple `--driver-opt` buildx arguments for the default buildkit builder instance | -| `tags_file` | _none_ | overrides the `tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | -| `context` | `.` | sets the path of the build context to use | -| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via `tags` are additionally added to the auto_tags without suffix | -| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix | -| `default_tag` | `latest` | overrides the default tag name used when generating with `auto_tag` enabled | -| `label`/`labels` | _none_ | sets labels to use for the image in format `=` | -| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information | -| `build_args` | _none_ | sets custom build arguments for the build | -| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build | -| `quiet` | `false` | enables suppression of the build output | -| `target` | _none_ | sets the build target to use | -| `cache_from` | _none_ | sets images to consider as cache sources | -| `pull_image` | `true` | enforces to pull base image at build time | -| `compress` | `false` | enables compression of the build context using gzip | -| `config` | _none_ | sets content of the docker daemon json config | -| `purge` | `true` | enables cleanup of the docker environment at the end of a build | -| `no_cache` | `false` | disables the usage of cached intermediate containers | -| `add_host` | _none_ | sets additional host:ip mapping | -| `output` | _none_ | sets build output in format `type=[,=]` | -| `logins` | _none_ | option to log into multiple registries | -| `env_file` | _none_ | load env vars from specified file | -| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist | -| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy | -| `ecr_repository_policy` | _none_ | AWS ECR repository policy | -| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push | + +| Settings Name | Default | Description | +| ------------------------------------- | ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | +| `mirror` | _none_ | sets a registry mirror to pull images | +| `storage_driver` | _none_ | sets the docker daemon storage driver | +| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path | +| `bip` | _none_ | allows the docker daemon to bride ip address | +| `mtu` | _none_ | sets docker daemon custom mtu setting | +| `custom_dns` | _none_ | sets custom docker daemon dns server | +| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain | +| `insecure` | `false` | allows the docker daemon to use insecure registries | +| `ipv6` | `false` | enables docker daemon IPv6 support | +| `experimental` | `false` | enables docker daemon experimental mode | +| `debug` | `false` | enables verbose debug mode for the docker daemon | +| `daemon_off` | `false` | disables the startup of the docker daemon | +| `buildkit_debug` | `false` | enables debug output of buildkit | +| `buildkit_config` | _none_ | sets content of the docker[buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | +| `buildkit_driveropt` | _none_ | adds one or multiple`--driver-opt` buildx arguments for the default buildkit builder instance | +| `tags_file` | _none_ | overrides the`tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | +| `context` | `.` | sets the path of the build context to use | +| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via`tags` are additionally added to the auto_tags without suffix | +| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix | +| `default_tag` | `latest` | overrides the default tag name used when generating with`auto_tag` enabled | +| `label`/`labels` | _none_ | sets labels to use for the image in format`=` | +| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information | +| `build_args` | _none_ | sets custom build arguments for the build | +| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build | +| `quiet` | `false` | enables suppression of the build output | +| `target` | _none_ | sets the build target to use | +| `cache_from` | _none_ | sets configuration for cache source | +| `cache_to` | _none_ | sets configuration for cache export | +| `cache_images` | _none_ | a list of images to use as cache. | +| `pull_image` | `true` | enforces to pull base image at build time | +| `compress` | `false` | enables compression of the build context using gzip | +| `config` | _none_ | sets content of the docker daemon json config | +| `purge` | `true` | enables cleanup of the docker environment at the end of a build | +| `no_cache` | `false` | disables the usage of cached intermediate containers | +| `add_host` | _none_ | sets additional host:ip mapping | +| `output` | _none_ | sets build output in format`type=[,=]` | +| `logins` | _none_ | option to log into multiple registries | +| `env_file` | _none_ | load env vars from specified file | +| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist | +| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy | +| `ecr_repository_policy` | _none_ | AWS ECR repository policy | +| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push | ## Multi registry push example @@ -211,3 +214,46 @@ steps: - "env.https_proxy=http://X.Y.Z.Z:3128" - "env.no_proxy=.my-subdomain.com" ``` + +## Using cache images + +You can provide a list of images to use for cache. +These cache images are built with mode=max, image-manifest=true, and oci-mediatypes=true. +This is to provide better usage of cache and better compatibility with image stores like Harbor. + +```yaml +steps: + build: + image: woodpeckerci/plugin-docker-buildx + settings: + repo: hari/radiant + cache_images: + - hari/radiant:cache + - harbor.example.com/hari/radiant:cache + logins: + - registry: https://index.docker.io/v1/ + username: hari + password: + from_secret: docker_password + - registry: https://harbor.example.com + username: hari + password: + from_secret: harbor_password +``` + +## Using other cache types + +You can specify cache_to and cache_from to use specific settings. +For example you can configure an s3 object as cache. + +More details can be found [in the docker docs](https://docs.docker.com/build/cache/backends/). + +```yaml +steps: + build: + image: woodpeckerci/plugin-docker-buildx + settings: + repo: hari/radiant + cache_to: type=s3,region=east,bucket=mystuff,name=radiant-cache + cache_from: type=s3,region=east,bucket=mystuff,name=radiant-cache +``` diff --git a/plugin/docker.go b/plugin/docker.go index e5d2ff4..e966b37 100644 --- a/plugin/docker.go +++ b/plugin/docker.go @@ -78,11 +78,15 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd { if build.NoCache { args = append(args, "--no-cache") } - for _, arg := range build.CacheFrom.Value() { - args = append(args, "--cache-from", arg) + if build.CacheFrom != "" { + args = append(args, "--cache-from", build.CacheFrom) } - for _, arg := range build.CacheTo.Value() { - args = append(args, "--cache-to", arg) + if build.CacheTo != "" { + args = append(args, "--cache-to", build.CacheTo) + } + for _, arg := range build.CacheImages.Value() { + args = append(args, "--cache-from", arg) + args = append(args, string("--cache-to=type=registry,ref="+arg+",mode=max,image-manifest=true,oci-mediatypes=true")) } for _, arg := range build.ArgsEnv.Value() { addProxyValue(&build, arg) diff --git a/plugin/impl.go b/plugin/impl.go index f920ef4..563d03d 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -72,8 +72,9 @@ type Build struct { Target string // Docker build target Output string // Docker build output Pull bool // Docker build pull - CacheFrom cli.StringSlice // Docker build cache-from - CacheTo cli.StringSlice // Docker build cache-to + CacheFrom string // Docker build cache-from + CacheTo string // Docker build cache-to + CacheImages cli.StringSlice // Docker build cache images Compress bool // Docker build compress Repo cli.StringSlice // Docker build repository NoCache bool // Docker build no-cache From 8a80dd4ef6ddacd91babc82f16a38cca35ec46ac Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sat, 3 Feb 2024 00:09:02 +0000 Subject: [PATCH 50/54] chore(deps): update docker docker tag to v25.0.2 --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 0c3cc5f..40fb065 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.12.1 -ARG DOCKER_VERSION=25.0.1-dind +ARG DOCKER_VERSION=25.0.2-dind ARG GOLANG_VERSION=1.21 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From 89771161a053c3a14e182a406c16448d22bedbd4 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Sun, 4 Feb 2024 00:16:16 +0000 Subject: [PATCH 51/54] chore(deps): update woodpeckerci/plugin-docker-buildx docker tag to v3.0.1 --- .woodpecker.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 072887d..18221c0 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -7,7 +7,7 @@ when: variables: - &golang "golang:1.21" - - &build_plugin "woodpeckerci/plugin-docker-buildx:3.0.0" + - &build_plugin "woodpeckerci/plugin-docker-buildx:3.0.1" - base_settings: &base_buildx_settings platforms: "linux/amd64,linux/arm64" dockerfile: Dockerfile.multiarch From 699844458c2d2f23c4039ed25a2bd2087e5b8d19 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Thu, 8 Feb 2024 10:35:03 +0000 Subject: [PATCH 52/54] chore(deps): update docker docker tag to v25.0.3 --- Dockerfile.multiarch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 40fb065..2e84a5f 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,5 +1,5 @@ ARG BUILDX_VERSION=0.12.1 -ARG DOCKER_VERSION=25.0.2-dind +ARG DOCKER_VERSION=25.0.3-dind ARG GOLANG_VERSION=1.21 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build From 4b8b7aaf730fa6aed7d5dc50bb6b5b7babaaf0f5 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Thu, 8 Feb 2024 11:04:56 +0000 Subject: [PATCH 53/54] fix(deps): update module github.com/aws/aws-sdk-go to v1.50.13 --- go.mod | 2 +- go.sum | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 3bc26b2..c53b166 100644 --- a/go.mod +++ b/go.mod @@ -5,7 +5,7 @@ go 1.20 require ( codeberg.org/6543/go-yaml2json v1.0.0 github.com/6543/go-version v1.3.1 - github.com/aws/aws-sdk-go v1.50.5 + github.com/aws/aws-sdk-go v1.50.13 github.com/drone-plugins/drone-plugin-lib v0.4.2 github.com/joho/godotenv v1.5.1 github.com/pelletier/go-toml/v2 v2.1.1 diff --git a/go.sum b/go.sum index e2ad16f..4c12125 100644 --- a/go.sum +++ b/go.sum @@ -10,6 +10,8 @@ github.com/aws/aws-sdk-go v1.49.22 h1:r01+cQJ3cORQI1PJxG8af0jzrZpUOL9L+/3kU2x1ge github.com/aws/aws-sdk-go v1.49.22/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/aws/aws-sdk-go v1.50.5 h1:H2Aadcgwr7a2aqS6ZwcE+l1mA6ZrTseYCvjw2QLmxIA= github.com/aws/aws-sdk-go v1.50.5/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= +github.com/aws/aws-sdk-go v1.50.13 h1:yeXram2g7q8uKkQkAEeZyk9FmPzxI4UpGwAZGZtEGmM= +github.com/aws/aws-sdk-go v1.50.13/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w= github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= From f61c066940c3786668a11f3f3bfe4b226cb52db3 Mon Sep 17 00:00:00 2001 From: woodpecker-bot Date: Thu, 8 Feb 2024 11:39:52 +0000 Subject: [PATCH 54/54] chore(deps): update golang docker tag to v1.22 --- .woodpecker.yml | 2 +- Dockerfile.multiarch | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.woodpecker.yml b/.woodpecker.yml index 18221c0..ee4b55f 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -6,7 +6,7 @@ when: - renovate/* variables: - - &golang "golang:1.21" + - &golang "golang:1.22" - &build_plugin "woodpeckerci/plugin-docker-buildx:3.0.1" - base_settings: &base_buildx_settings platforms: "linux/amd64,linux/arm64" diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 2e84a5f..ffb321b 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,6 +1,6 @@ ARG BUILDX_VERSION=0.12.1 ARG DOCKER_VERSION=25.0.3-dind -ARG GOLANG_VERSION=1.21 +ARG GOLANG_VERSION=1.22 FROM --platform=$BUILDPLATFORM golang:${GOLANG_VERSION} as build