split extra build params

close  #134

ref: https://docs.docker.com/build/building/secrets
Co-authored-by: 6543 <6543@obermui.de>
Reviewed-on: https://codeberg.org/woodpecker-plugins/docker-buildx/pulls/135
Reviewed-by: 6543 <6543@obermui.de>
Co-authored-by: Simon Vieille <simon@deblan.fr>
Co-committed-by: Simon Vieille <simon@deblan.fr>

.woodpecker.yml

@@ -7,7 +7,7 @@ when:
 
 variables:
   - &golang "golang:1.22"
-  - &build_plugin "woodpeckerci/plugin-docker-buildx:3.0.1"
+  - &build_plugin "woodpeckerci/plugin-docker-buildx:3.1.0"
   - base_settings: &base_buildx_settings
       platforms: "linux/amd64,linux/arm64"
       dockerfile: Dockerfile.multiarch

cmd/docker-buildx/config.go

@@ -183,6 +183,18 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag {
 			Usage:       "forwards environment variables as custom arguments to the build",
 			Destination: &settings.Build.ArgsEnv,
 		},
+		&cli.StringSliceFlag{
+			Name:        "secrets",
+			EnvVars:     []string{"PLUGIN_SECRETS"},
+			Usage:       "sets custom secret arguments for the build",
+			Destination: &settings.Build.Secrets,
+		},
+		&cli.StringFlag{
+			Name:        "extra-args",
+			EnvVars:     []string{"PLUGIN_EXTRA_BUILD_PARAMS"},
+			Usage:       "sets the extra build params",
+			Destination: &settings.Build.ExtraBuildParams,
+		},
 		&cli.BoolFlag{
 			Name:        "quiet",
 			EnvVars:     []string{"PLUGIN_QUIET"},

docs.md

@@ -8,6 +8,7 @@ containerImage: woodpeckerci/plugin-docker-buildx
 containerImageUrl: https://hub.docker.com/r/woodpeckerci/plugin-docker-buildx
 url: https://codeberg.org/woodpecker-plugins/docker-buildx
 ---
+
 Woodpecker CI plugin to build multiarch Docker images with buildx. This plugin is a fork of [thegeeklab/drone-docker-buildx](https://github.com/thegeeklab/drone-docker-buildx/) which itself is a fork of [drone-plugins/drone-docker](https://github.com/drone-plugins/drone-docker).
 
 ## Features
@@ -27,9 +28,8 @@ It will automatically generate buildkit configuration to use custom CA certifica
 
 ## Settings
 
-
 | Settings Name           | Default                       | Description                                        |
-| ------------------------- | ------------------------------- | ---------------------------------------------------- |
+| ----------------------- | ----------------------------- | -------------------------------------------------- |
 | `dry-run`               | `false`                       | disables docker push                               |
 | `repo`                  | _none_                        | sets repository name for the image (can be a list) |
 | `username`              | _none_                        | sets username to authenticates with                |
@@ -91,9 +91,8 @@ docker-build:
 
 ## Advanced Settings
 
-
 | Settings Name                       | Default           | Description                                                                                                                                       |
-| ------------------------------------- | ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
+| ----------------------------------- | ----------------- | ------------------------------------------------------------------------------------------------------------------------------------------------- |
 | `mirror`                            | _none_            | sets a registry mirror to pull images                                                                                                             |
 | `storage_driver`                    | _none_            | sets the docker daemon storage driver                                                                                                             |
 | `storage_path`                      | `/var/lib/docker` | sets the docker daemon storage path                                                                                                               |
@@ -118,6 +117,8 @@ docker-build:
 | `default_labels`/`auto_labels`      | `true`            | sets docker image labels based on git information                                                                                                 |
 | `build_args`                        | _none_            | sets custom build arguments for the build                                                                                                         |
 | `build_args_from_env`               | _none_            | forwards environment variables as custom arguments to the build                                                                                   |
+| `secrets`                           | _none_            | Sets the build secrets for the build                                                                                                              |
+| `extra_build_params`                | _none_            | Sets the extra build params                                                                                                                       |
 | `quiet`                             | `false`           | enables suppression of the build output                                                                                                           |
 | `target`                            | _none_            | sets the build target to use                                                                                                                      |
 | `cache_from`                        | _none_            | sets configuration for cache source                                                                                                               |
@@ -164,6 +165,15 @@ settings:
         from_secret: aws_secret_access_key
 ```
 
+## Add extra build params
+
+```yaml
+settings:
+  repo: a6543/tmp,codeberg.org/6543/tmp
+  tag: demo
+  extra_build_params: "--secret id=secret_key,src=secret_key --build-arg no_proxy=.prod.mydomain.com,.next.mydomain.com"
+```
+
 ## Using `plugin-docker-buildx` behind a proxy
 
 When performing a docker build behind a corporate proxy one needs to pass through the proxy settings to the plugin.

go.mod

@@ -5,7 +5,7 @@ go 1.20
 require (
 	codeberg.org/6543/go-yaml2json v1.0.0
 	github.com/6543/go-version v1.3.1
-	github.com/aws/aws-sdk-go v1.50.13
+	github.com/aws/aws-sdk-go v1.50.20
 	github.com/drone-plugins/drone-plugin-lib v0.4.2
 	github.com/joho/godotenv v1.5.1
 	github.com/pelletier/go-toml/v2 v2.1.1

go.sum

@@ -12,6 +12,10 @@ github.com/aws/aws-sdk-go v1.50.5 h1:H2Aadcgwr7a2aqS6ZwcE+l1mA6ZrTseYCvjw2QLmxIA
 github.com/aws/aws-sdk-go v1.50.5/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/aws/aws-sdk-go v1.50.13 h1:yeXram2g7q8uKkQkAEeZyk9FmPzxI4UpGwAZGZtEGmM=
 github.com/aws/aws-sdk-go v1.50.13/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.50.15 h1:wEMnPfEQQFaoIJwuO18zq/vtG4Ft7NxQ3r9xlEi/8zg=
+github.com/aws/aws-sdk-go v1.50.15/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.50.20 h1:xfAnSDVf/azIWTVQXQODp89bubvCS85r70O3nuQ4dnE=
+github.com/aws/aws-sdk-go v1.50.20/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=

plugin/docker.go

@@ -94,6 +94,9 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd {
 	for _, arg := range append(defaultBuildArgs, build.Args.Value()...) {
 		args = append(args, "--build-arg", arg)
 	}
+	for _, secret := range build.Secrets.Value() {
+		args = append(args, "--secret", secret)
+	}
 	for _, host := range build.AddHost.Value() {
 		args = append(args, "--add-host", host)
 	}
@@ -103,6 +106,11 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd {
 	if build.Output != "" {
 		args = append(args, "--output", build.Output)
 	}
+	if build.ExtraBuildParams != "" {
+		for _, param := range strings.Split(build.ExtraBuildParams, " ") {
+			args = append(args, param)
+		}
+	}
 	if build.Quiet {
 		args = append(args, "--quiet")
 	}

plugin/impl.go

@@ -54,32 +54,34 @@ type Login struct {
 
 // Build defines Docker build parameters.
 type Build struct {
-	Remote          string          // Git remote URL
+	Remote           string          // Git remote URL
-	Ref             string          // Git commit ref
+	Ref              string          // Git commit ref
-	Branch          string          // Git repository branch
+	Branch           string          // Git repository branch
-	Dockerfile      string          // Docker build Dockerfile
+	Dockerfile       string          // Docker build Dockerfile
-	Context         string          // Docker build context
+	Context          string          // Docker build context
-	TagsAuto        bool            // Docker build auto tag
+	TagsAuto         bool            // Docker build auto tag
-	TagsDefaultName string          // Docker build auto tag name override
+	TagsDefaultName  string          // Docker build auto tag name override
-	TagsSuffix      string          // Docker build tags with suffix
+	TagsSuffix       string          // Docker build tags with suffix
-	Tags            cli.StringSlice // Docker build tags
+	Tags             cli.StringSlice // Docker build tags
-	TagsFile        string          // Docker build tags read from an file
+	TagsFile         string          // Docker build tags read from an file
-	LabelsAuto      bool            // Docker build auto labels
+	LabelsAuto       bool            // Docker build auto labels
-	Labels          cli.StringSlice // Docker build labels
+	Labels           cli.StringSlice // Docker build labels
-	Platforms       cli.StringSlice // Docker build target platforms
+	Platforms        cli.StringSlice // Docker build target platforms
-	Args            cli.StringSlice // Docker build args
+	Args             cli.StringSlice // Docker build args
-	ArgsEnv         cli.StringSlice // Docker build args from env
+	ArgsEnv          cli.StringSlice // Docker build args from env
-	Target          string          // Docker build target
+	Secrets          cli.StringSlice // Docker build secret
-	Output          string          // Docker build output
+	ExtraBuildParams string          // Docker build extra build args
-	Pull            bool            // Docker build pull
+	Target           string          // Docker build target
-	CacheFrom       string          // Docker build cache-from
+	Output           string          // Docker build output
-	CacheTo         string          // Docker build cache-to
+	Pull             bool            // Docker build pull
-	CacheImages     cli.StringSlice // Docker build cache images
+	CacheFrom        string          // Docker build cache-from
-	Compress        bool            // Docker build compress
+	CacheTo          string          // Docker build cache-to
-	Repo            cli.StringSlice // Docker build repository
+	CacheImages      cli.StringSlice // Docker build cache images
-	NoCache         bool            // Docker build no-cache
+	Compress         bool            // Docker build compress
-	AddHost         cli.StringSlice // Docker build add-host
+	Repo             cli.StringSlice // Docker build repository
-	Quiet           bool            // Docker build quiet
+	NoCache          bool            // Docker build no-cache
+	AddHost          cli.StringSlice // Docker build add-host
+	Quiet            bool            // Docker build quiet
 }
 
 // Settings for the Plugin.