diff --git a/.woodpecker.yml b/.woodpecker.yml index 1bb4c06..ee4b55f 100644 --- a/.woodpecker.yml +++ b/.woodpecker.yml @@ -1,9 +1,9 @@ -# when: -# - event: [pull_request, tag, cron] -# - event: push -# branch: -# - ${CI_REPO_DEFAULT_BRANCH} -# - renovate/* +when: + - event: [pull_request, tag, cron] + - event: push + branch: + - ${CI_REPO_DEFAULT_BRANCH} + - renovate/* variables: - &golang "golang:1.22" @@ -12,67 +12,89 @@ variables: platforms: "linux/amd64,linux/arm64" dockerfile: Dockerfile.multiarch auto_tag: true - repo: gitnet.fr/deblan/docker-buildx + repo: woodpeckerci/plugin-docker-buildx,codeberg.org/woodpecker-plugins/docker-buildx - &login_setting - - registry: https://gitnet.fr + # Default DockerHub login + - registry: https://index.docker.io/v1/ username: - from_secret: registry_user + from_secret: docker_username password: - from_secret: registry_password + from_secret: docker_password + # Additional Codeberg login + - registry: https://codeberg.org + username: + from_secret: cb_username + password: + from_secret: cb_password steps: - # vendor: - # image: *golang - # commands: go mod vendor - # - # test: - # image: *golang - # depends_on: vendor - # commands: go test -cover ./... - # - # lint-editorconfig: - # image: docker.io/mstruebing/editorconfig-checker:2.7.2 - # when: - # event: push - # - # lint-format: - # image: *golang - # depends_on: vendor - # commands: make formatcheck - # when: - # event: push - # - # publish-dryrun: - # image: *build_plugin - # depends_on: test - # pull: true - # settings: - # <<: *base_buildx_settings - # repo: test - # dry-run: true - # when: - # evaluate: 'not (CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images")' - # event: pull_request - # branch: - # - ${CI_REPO_DEFAULT_BRANCH} - # - renovate/* + vendor: + image: *golang + commands: go mod vendor - # publish: - # image: *build_plugin - # settings: - # <<: *base_buildx_settings - # logins: *login_setting - # when: - # event: [push, tag, cron] + test: + image: *golang + depends_on: vendor + commands: go test -cover ./... - foo: - image: gitnet.fr/deblan/docker-buildx + lint-editorconfig: + image: docker.io/mstruebing/editorconfig-checker:2.7.2 + when: + event: pull_request + + lint-format: + image: *golang + depends_on: vendor + commands: make formatcheck + when: + event: pull_request + + publish-dryrun: + image: *build_plugin + depends_on: test pull: true - volumes: - - /var/run/docker.sock:/var/run/docker.sock settings: <<: *base_buildx_settings + repo: test dry-run: true - secrets: - - foo - - bar + when: + evaluate: 'not (CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images")' + event: pull_request + branch: + - ${CI_REPO_DEFAULT_BRANCH} + - renovate/* + + publish: + image: *build_plugin + depends_on: test + settings: + <<: *base_buildx_settings + logins: *login_setting + when: + event: [push, tag, cron] + branch: ${CI_REPO_DEFAULT_BRANCH} + + publish_pr_image: + image: *build_plugin + depends_on: test + settings: + <<: *base_buildx_settings + tag: pull_${CI_COMMIT_PULL_REQUEST} + logins: *login_setting + when: + evaluate: 'CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images"' + event: pull_request + + # TODO: replace by plugin-ready-release-go once it supports gitea + gitea-release: + image: "woodpeckerci/plugin-gitea-release:0.3.1" + depends_on: test + settings: + base_url: https://codeberg.org + title: ${CI_COMMIT_TAG} + api_key: + from_secret: gitea_token + target: main + when: + event: [tag] + branch: ${CI_REPO_DEFAULT_BRANCH} diff --git a/cmd/docker-buildx/config.go b/cmd/docker-buildx/config.go index 9e56a4e..05705f3 100644 --- a/cmd/docker-buildx/config.go +++ b/cmd/docker-buildx/config.go @@ -183,12 +183,6 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag { Usage: "forwards environment variables as custom arguments to the build", Destination: &settings.Build.ArgsEnv, }, - &cli.StringSliceFlag{ - Name: "secrets", - EnvVars: []string{"PLUGIN_SECRETS"}, - Usage: "sets custom secret arguments for the build", - Destination: &settings.Build.Secrets, - }, &cli.BoolFlag{ Name: "quiet", EnvVars: []string{"PLUGIN_QUIET"}, diff --git a/docs.md b/docs.md index b413377..3f8ce32 100644 --- a/docs.md +++ b/docs.md @@ -29,7 +29,7 @@ It will automatically generate buildkit configuration to use custom CA certifica | Settings Name | Default | Description | -| --- | --- | --- | +| ------------------------- | ------------------------------- | ---------------------------------------------------- | | `dry-run` | `false` | disables docker push | | `repo` | _none_ | sets repository name for the image (can be a list) | | `username` | _none_ | sets username to authenticates with | @@ -91,51 +91,52 @@ docker-build: ## Advanced Settings -| Settings Name | Default | Description | + +| Settings Name | Default | Description | | ------------------------------------- | ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | -| `mirror` | _none_ | sets a registry mirror to pull images | -| `storage_driver` | _none_ | sets the docker daemon storage driver | -| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path | -| `bip` | _none_ | allows the docker daemon to bride ip address | -| `mtu` | _none_ | sets docker daemon custom mtu setting | -| `custom_dns` | _none_ | sets custom docker daemon dns server | -| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain | -| `insecure` | `false` | allows the docker daemon to use insecure registries | -| `ipv6` | `false` | enables docker daemon IPv6 support | -| `experimental` | `false` | enables docker daemon experimental mode | -| `debug` | `false` | enables verbose debug mode for the docker daemon | -| `daemon_off` | `false` | disables the startup of the docker daemon | -| `buildkit_debug` | `false` | enables debug output of buildkit | -| `buildkit_config` | _none_ | sets content of the docker[buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | -| `buildkit_driveropt` | _none_ | adds one or multiple`--driver-opt` buildx arguments for the default buildkit builder instance | -| `tags_file` | _none_ | overrides the`tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | -| `context` | `.` | sets the path of the build context to use | -| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via`tags` are additionally added to the auto_tags without suffix | -| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix | -| `default_tag` | `latest` | overrides the default tag name used when generating with`auto_tag` enabled | -| `label`/`labels` | _none_ | sets labels to use for the image in format`=` | -| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information | -| `build_args` | _none_ | sets custom build arguments for the build | -| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build | -| `secrets` | _none_ | Sets the build secrets for the build | -| `quiet` | `false` | enables suppression of the build output | -| `target` | _none_ | sets the build target to use | -| `cache_from` | _none_ | sets configuration for cache source | -| `cache_to` | _none_ | sets configuration for cache export | -| `cache_images` | _none_ | a list of images to use as cache. | -| `pull_image` | `true` | enforces to pull base image at build time | -| `compress` | `false` | enables compression of the build context using gzip | -| `config` | _none_ | sets content of the docker daemon json config | -| `purge` | `true` | enables cleanup of the docker environment at the end of a build | -| `no_cache` | `false` | disables the usage of cached intermediate containers | -| `add_host` | _none_ | sets additional host:ip mapping | -| `output` | _none_ | sets build output in format`type=[,=]` | -| `logins` | _none_ | option to log into multiple registries | -| `env_file` | _none_ | load env vars from specified file | -| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist | -| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy | -| `ecr_repository_policy` | _none_ | AWS ECR repository policy | -| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push | +| `mirror` | _none_ | sets a registry mirror to pull images | +| `storage_driver` | _none_ | sets the docker daemon storage driver | +| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path | +| `bip` | _none_ | allows the docker daemon to bride ip address | +| `mtu` | _none_ | sets docker daemon custom mtu setting | +| `custom_dns` | _none_ | sets custom docker daemon dns server | +| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain | +| `insecure` | `false` | allows the docker daemon to use insecure registries | +| `ipv6` | `false` | enables docker daemon IPv6 support | +| `experimental` | `false` | enables docker daemon experimental mode | +| `debug` | `false` | enables verbose debug mode for the docker daemon | +| `daemon_off` | `false` | disables the startup of the docker daemon | +| `buildkit_debug` | `false` | enables debug output of buildkit | +| `buildkit_config` | _none_ | sets content of the docker[buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) | +| `buildkit_driveropt` | _none_ | adds one or multiple`--driver-opt` buildx arguments for the default buildkit builder instance | +| `tags_file` | _none_ | overrides the`tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline | +| `context` | `.` | sets the path of the build context to use | +| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via`tags` are additionally added to the auto_tags without suffix | +| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix | +| `default_tag` | `latest` | overrides the default tag name used when generating with`auto_tag` enabled | +| `label`/`labels` | _none_ | sets labels to use for the image in format`=` | +| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information | +| `build_args` | _none_ | sets custom build arguments for the build | +| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build | +| `quiet` | `false` | enables suppression of the build output | +| `target` | _none_ | sets the build target to use | +| `cache_from` | _none_ | sets configuration for cache source | +| `cache_to` | _none_ | sets configuration for cache export | +| `cache_images` | _none_ | a list of images to use as cache. | +| `pull_image` | `true` | enforces to pull base image at build time | +| `compress` | `false` | enables compression of the build context using gzip | +| `config` | _none_ | sets content of the docker daemon json config | +| `purge` | `true` | enables cleanup of the docker environment at the end of a build | +| `no_cache` | `false` | disables the usage of cached intermediate containers | +| `add_host` | _none_ | sets additional host:ip mapping | +| `output` | _none_ | sets build output in format`type=[,=]` | +| `logins` | _none_ | option to log into multiple registries | +| `env_file` | _none_ | load env vars from specified file | +| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist | +| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy | +| `ecr_repository_policy` | _none_ | AWS ECR repository policy | +| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push | + ## Multi registry push example Only supported with `woodpecker >= 1.0.0` (next-da997fa3). diff --git a/plugin/docker.go b/plugin/docker.go index 4b82743..e966b37 100644 --- a/plugin/docker.go +++ b/plugin/docker.go @@ -94,9 +94,6 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd { for _, arg := range append(defaultBuildArgs, build.Args.Value()...) { args = append(args, "--build-arg", arg) } - for _, secret := range build.Secrets.Value() { - args = append(args, "--secret", secret) - } for _, host := range build.AddHost.Value() { args = append(args, "--add-host", host) } diff --git a/plugin/impl.go b/plugin/impl.go index 55708bf..563d03d 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -69,7 +69,6 @@ type Build struct { Platforms cli.StringSlice // Docker build target platforms Args cli.StringSlice // Docker build args ArgsEnv cli.StringSlice // Docker build args from env - Secrets cli.StringSlice // Docker build secret Target string // Docker build target Output string // Docker build output Pull bool // Docker build pull