Merge pull request #15 from crazy-max/default-entitlements
Allow daemon side entitlements by default
This commit is contained in:
commit
54edbcd840
|
@ -131,7 +131,7 @@ Following inputs can be used as `step.with` keys
|
||||||
| `version` | String | [Buildx](https://github.com/docker/buildx) version. (e.g. `v0.3.0`, `latest`) |
|
| `version` | String | [Buildx](https://github.com/docker/buildx) version. (e.g. `v0.3.0`, `latest`) |
|
||||||
| `driver` | String | Sets the [builder driver](https://github.com/docker/buildx#--driver-driver) to be used (default `docker-container`) |
|
| `driver` | String | Sets the [builder driver](https://github.com/docker/buildx#--driver-driver) to be used (default `docker-container`) |
|
||||||
| `driver-opts` | CSV | List of additional [driver-specific options](https://github.com/docker/buildx#--driver-opt-options) |
|
| `driver-opts` | CSV | List of additional [driver-specific options](https://github.com/docker/buildx#--driver-opt-options) |
|
||||||
| `buildkitd-flags` | String | [Flags for buildkitd](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) daemon |
|
| `buildkitd-flags` | String | [Flags for buildkitd](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) daemon (since [buildx v0.3.0](https://github.com/docker/buildx/releases/tag/v0.3.0)) |
|
||||||
| `install` | Bool | Sets up `docker build` command as an alias to `docker buildx` (default `false`) |
|
| `install` | Bool | Sets up `docker build` command as an alias to `docker buildx` (default `false`) |
|
||||||
| `use` | Bool | Switch to this builder instance (default `true`) |
|
| `use` | Bool | Switch to this builder instance (default `true`) |
|
||||||
|
|
||||||
|
|
|
@ -3,26 +3,34 @@ import * as docker from '../src/docker';
|
||||||
import * as buildx from '../src/buildx';
|
import * as buildx from '../src/buildx';
|
||||||
import * as path from 'path';
|
import * as path from 'path';
|
||||||
import * as os from 'os';
|
import * as os from 'os';
|
||||||
|
import * as semver from 'semver';
|
||||||
|
import * as exec from '@actions/exec';
|
||||||
|
|
||||||
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'setup-buildx-'));
|
describe('getVersion', () => {
|
||||||
|
it('valid', async () => {
|
||||||
|
await exec.exec('docker', ['buildx', 'version']);
|
||||||
|
const version = await buildx.getVersion();
|
||||||
|
console.log(`version: ${version}`);
|
||||||
|
expect(semver.valid(version)).not.toBeNull();
|
||||||
|
}, 100000);
|
||||||
|
});
|
||||||
|
|
||||||
describe('buildx', () => {
|
describe('parseVersion', () => {
|
||||||
|
test.each([
|
||||||
|
['github.com/docker/buildx 0.4.1+azure bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
|
||||||
|
['github.com/docker/buildx v0.4.1 bda4882a65349ca359216b135896bddc1d92461c', '0.4.1'],
|
||||||
|
['github.com/docker/buildx v0.4.2 fb7b670b764764dc4716df3eba07ffdae4cc47b2', '0.4.2']
|
||||||
|
])('given %p', async (stdout, expected) => {
|
||||||
|
expect(await buildx.parseVersion(stdout)).toEqual(expected);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('platforms', () => {
|
||||||
async function isDaemonRunning() {
|
async function isDaemonRunning() {
|
||||||
return await docker.isDaemonRunning();
|
return await docker.isDaemonRunning();
|
||||||
}
|
}
|
||||||
|
|
||||||
it('is available', async () => {
|
|
||||||
expect(await buildx.isAvailable()).toBe(true);
|
|
||||||
}, 100000);
|
|
||||||
|
|
||||||
it('count builders', async () => {
|
|
||||||
const countBuilders = await buildx.countBuilders();
|
|
||||||
console.log(`countBuilders: ${countBuilders}`);
|
|
||||||
expect(countBuilders).toBeGreaterThan(0);
|
|
||||||
}, 100000);
|
|
||||||
|
|
||||||
(isDaemonRunning() ? it : it.skip)(
|
(isDaemonRunning() ? it : it.skip)(
|
||||||
'platforms',
|
'valid',
|
||||||
async () => {
|
async () => {
|
||||||
const platforms = buildx.platforms();
|
const platforms = buildx.platforms();
|
||||||
console.log(`platforms: ${platforms}`);
|
console.log(`platforms: ${platforms}`);
|
||||||
|
@ -31,13 +39,23 @@ describe('buildx', () => {
|
||||||
},
|
},
|
||||||
100000
|
100000
|
||||||
);
|
);
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('countBuilders', () => {
|
||||||
|
it('valid', async () => {
|
||||||
|
const countBuilders = await buildx.countBuilders();
|
||||||
|
console.log(`countBuilders: ${countBuilders}`);
|
||||||
|
expect(countBuilders).toBeGreaterThan(0);
|
||||||
|
}, 100000);
|
||||||
|
});
|
||||||
|
|
||||||
|
describe('install', () => {
|
||||||
|
const tmpDir = fs.mkdtempSync(path.join(os.tmpdir(), 'setup-buildx-'));
|
||||||
it('acquires v0.2.2 version of buildx', async () => {
|
it('acquires v0.2.2 version of buildx', async () => {
|
||||||
const buildxBin = await buildx.install('v0.2.2', tmpDir);
|
const buildxBin = await buildx.install('v0.2.2', tmpDir);
|
||||||
console.log(buildxBin);
|
console.log(buildxBin);
|
||||||
expect(fs.existsSync(buildxBin)).toBe(true);
|
expect(fs.existsSync(buildxBin)).toBe(true);
|
||||||
}, 100000);
|
}, 100000);
|
||||||
|
|
||||||
it('acquires latest version of buildx', async () => {
|
it('acquires latest version of buildx', async () => {
|
||||||
const buildxBin = await buildx.install('latest', tmpDir);
|
const buildxBin = await buildx.install('latest', tmpDir);
|
||||||
console.log(buildxBin);
|
console.log(buildxBin);
|
||||||
|
|
|
@ -19,6 +19,7 @@ inputs:
|
||||||
required: false
|
required: false
|
||||||
buildkitd-flags:
|
buildkitd-flags:
|
||||||
description: 'Flags for buildkitd daemon'
|
description: 'Flags for buildkitd daemon'
|
||||||
|
default: '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host'
|
||||||
required: false
|
required: false
|
||||||
install:
|
install:
|
||||||
description: 'Sets up docker build command as an alias to docker buildx'
|
description: 'Sets up docker build command as an alias to docker buildx'
|
||||||
|
|
|
@ -500,6 +500,7 @@ const core = __importStar(__webpack_require__(186));
|
||||||
const exec = __importStar(__webpack_require__(514));
|
const exec = __importStar(__webpack_require__(514));
|
||||||
const os = __importStar(__webpack_require__(87));
|
const os = __importStar(__webpack_require__(87));
|
||||||
const path = __importStar(__webpack_require__(622));
|
const path = __importStar(__webpack_require__(622));
|
||||||
|
const semver = __importStar(__webpack_require__(383));
|
||||||
const buildx = __importStar(__webpack_require__(295));
|
const buildx = __importStar(__webpack_require__(295));
|
||||||
const context = __importStar(__webpack_require__(842));
|
const context = __importStar(__webpack_require__(842));
|
||||||
const mexec = __importStar(__webpack_require__(757));
|
const mexec = __importStar(__webpack_require__(757));
|
||||||
|
@ -516,8 +517,8 @@ function run() {
|
||||||
if (!(yield buildx.isAvailable()) || inputs.version) {
|
if (!(yield buildx.isAvailable()) || inputs.version) {
|
||||||
yield buildx.install(inputs.version || 'latest', dockerConfigHome);
|
yield buildx.install(inputs.version || 'latest', dockerConfigHome);
|
||||||
}
|
}
|
||||||
core.info('📣 Buildx info');
|
const buildxVersion = yield buildx.getVersion();
|
||||||
yield exec.exec('docker', ['buildx', 'version']);
|
core.info(`📣 Buildx version: ${buildxVersion}`);
|
||||||
const builderName = inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(yield buildx.countBuilders()) + 1}`;
|
const builderName = inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(yield buildx.countBuilders()) + 1}`;
|
||||||
core.setOutput('name', builderName);
|
core.setOutput('name', builderName);
|
||||||
stateHelper.setBuilderName(builderName);
|
stateHelper.setBuilderName(builderName);
|
||||||
|
@ -527,7 +528,7 @@ function run() {
|
||||||
yield context.asyncForEach(inputs.driverOpts, (driverOpt) => __awaiter(this, void 0, void 0, function* () {
|
yield context.asyncForEach(inputs.driverOpts, (driverOpt) => __awaiter(this, void 0, void 0, function* () {
|
||||||
createArgs.push('--driver-opt', driverOpt);
|
createArgs.push('--driver-opt', driverOpt);
|
||||||
}));
|
}));
|
||||||
if (inputs.buildkitdFlags) {
|
if (inputs.buildkitdFlags && semver.satisfies(buildxVersion, '>=0.3.0')) {
|
||||||
createArgs.push('--buildkitd-flags', inputs.buildkitdFlags);
|
createArgs.push('--buildkitd-flags', inputs.buildkitdFlags);
|
||||||
}
|
}
|
||||||
if (inputs.use) {
|
if (inputs.use) {
|
||||||
|
@ -1936,7 +1937,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
||||||
});
|
});
|
||||||
};
|
};
|
||||||
Object.defineProperty(exports, "__esModule", { value: true });
|
Object.defineProperty(exports, "__esModule", { value: true });
|
||||||
exports.install = exports.platforms = exports.countBuilders = exports.isAvailable = void 0;
|
exports.install = exports.platforms = exports.countBuilders = exports.isAvailable = exports.parseVersion = exports.getVersion = void 0;
|
||||||
const fs = __importStar(__webpack_require__(747));
|
const fs = __importStar(__webpack_require__(747));
|
||||||
const path = __importStar(__webpack_require__(622));
|
const path = __importStar(__webpack_require__(622));
|
||||||
const semver = __importStar(__webpack_require__(383));
|
const semver = __importStar(__webpack_require__(383));
|
||||||
|
@ -1946,6 +1947,27 @@ const exec = __importStar(__webpack_require__(757));
|
||||||
const github = __importStar(__webpack_require__(928));
|
const github = __importStar(__webpack_require__(928));
|
||||||
const core = __importStar(__webpack_require__(186));
|
const core = __importStar(__webpack_require__(186));
|
||||||
const tc = __importStar(__webpack_require__(784));
|
const tc = __importStar(__webpack_require__(784));
|
||||||
|
function getVersion() {
|
||||||
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
|
return yield exec.exec(`docker`, ['buildx', 'version'], true).then(res => {
|
||||||
|
if (res.stderr != '' && !res.success) {
|
||||||
|
throw new Error(res.stderr);
|
||||||
|
}
|
||||||
|
return parseVersion(res.stdout);
|
||||||
|
});
|
||||||
|
});
|
||||||
|
}
|
||||||
|
exports.getVersion = getVersion;
|
||||||
|
function parseVersion(stdout) {
|
||||||
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
|
const matches = /\sv?([0-9.]+)/.exec(stdout);
|
||||||
|
if (!matches) {
|
||||||
|
throw new Error(`Cannot parse Buildx version`);
|
||||||
|
}
|
||||||
|
return semver.clean(matches[1]);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
exports.parseVersion = parseVersion;
|
||||||
function isAvailable() {
|
function isAvailable() {
|
||||||
return __awaiter(this, void 0, void 0, function* () {
|
return __awaiter(this, void 0, void 0, function* () {
|
||||||
return yield exec.exec(`docker`, ['buildx'], true).then(res => {
|
return yield exec.exec(`docker`, ['buildx'], true).then(res => {
|
||||||
|
@ -6528,7 +6550,8 @@ function getInputs() {
|
||||||
version: core.getInput('version'),
|
version: core.getInput('version'),
|
||||||
driver: core.getInput('driver') || 'docker-container',
|
driver: core.getInput('driver') || 'docker-container',
|
||||||
driverOpts: yield getInputList('driver-opts', true),
|
driverOpts: yield getInputList('driver-opts', true),
|
||||||
buildkitdFlags: core.getInput('buildkitd-flags'),
|
buildkitdFlags: core.getInput('buildkitd-flags') ||
|
||||||
|
'--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
|
||||||
install: /true/i.test(core.getInput('install')),
|
install: /true/i.test(core.getInput('install')),
|
||||||
use: /true/i.test(core.getInput('use'))
|
use: /true/i.test(core.getInput('use'))
|
||||||
};
|
};
|
||||||
|
|
|
@ -8,6 +8,23 @@ import * as github from './github';
|
||||||
import * as core from '@actions/core';
|
import * as core from '@actions/core';
|
||||||
import * as tc from '@actions/tool-cache';
|
import * as tc from '@actions/tool-cache';
|
||||||
|
|
||||||
|
export async function getVersion(): Promise<string> {
|
||||||
|
return await exec.exec(`docker`, ['buildx', 'version'], true).then(res => {
|
||||||
|
if (res.stderr != '' && !res.success) {
|
||||||
|
throw new Error(res.stderr);
|
||||||
|
}
|
||||||
|
return parseVersion(res.stdout);
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function parseVersion(stdout: string): Promise<string> {
|
||||||
|
const matches = /\sv?([0-9.]+)/.exec(stdout);
|
||||||
|
if (!matches) {
|
||||||
|
throw new Error(`Cannot parse Buildx version`);
|
||||||
|
}
|
||||||
|
return semver.clean(matches[1]);
|
||||||
|
}
|
||||||
|
|
||||||
export async function isAvailable(): Promise<Boolean> {
|
export async function isAvailable(): Promise<Boolean> {
|
||||||
return await exec.exec(`docker`, ['buildx'], true).then(res => {
|
return await exec.exec(`docker`, ['buildx'], true).then(res => {
|
||||||
if (res.stderr != '' && !res.success) {
|
if (res.stderr != '' && !res.success) {
|
||||||
|
|
|
@ -17,7 +17,9 @@ export async function getInputs(): Promise<Inputs> {
|
||||||
version: core.getInput('version'),
|
version: core.getInput('version'),
|
||||||
driver: core.getInput('driver') || 'docker-container',
|
driver: core.getInput('driver') || 'docker-container',
|
||||||
driverOpts: await getInputList('driver-opts', true),
|
driverOpts: await getInputList('driver-opts', true),
|
||||||
buildkitdFlags: core.getInput('buildkitd-flags'),
|
buildkitdFlags:
|
||||||
|
core.getInput('buildkitd-flags') ||
|
||||||
|
'--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
|
||||||
install: /true/i.test(core.getInput('install')),
|
install: /true/i.test(core.getInput('install')),
|
||||||
use: /true/i.test(core.getInput('use'))
|
use: /true/i.test(core.getInput('use'))
|
||||||
};
|
};
|
||||||
|
|
|
@ -2,6 +2,7 @@ import * as core from '@actions/core';
|
||||||
import * as exec from '@actions/exec';
|
import * as exec from '@actions/exec';
|
||||||
import * as os from 'os';
|
import * as os from 'os';
|
||||||
import * as path from 'path';
|
import * as path from 'path';
|
||||||
|
import * as semver from 'semver';
|
||||||
import * as buildx from './buildx';
|
import * as buildx from './buildx';
|
||||||
import * as context from './context';
|
import * as context from './context';
|
||||||
import * as mexec from './exec';
|
import * as mexec from './exec';
|
||||||
|
@ -21,8 +22,8 @@ async function run(): Promise<void> {
|
||||||
await buildx.install(inputs.version || 'latest', dockerConfigHome);
|
await buildx.install(inputs.version || 'latest', dockerConfigHome);
|
||||||
}
|
}
|
||||||
|
|
||||||
core.info('📣 Buildx info');
|
const buildxVersion = await buildx.getVersion();
|
||||||
await exec.exec('docker', ['buildx', 'version']);
|
core.info(`📣 Buildx version: ${buildxVersion}`);
|
||||||
|
|
||||||
const builderName: string =
|
const builderName: string =
|
||||||
inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(await buildx.countBuilders()) + 1}`;
|
inputs.driver == 'docker' ? 'default' : `builder-${process.env.GITHUB_JOB}-${(await buildx.countBuilders()) + 1}`;
|
||||||
|
@ -35,7 +36,7 @@ async function run(): Promise<void> {
|
||||||
await context.asyncForEach(inputs.driverOpts, async driverOpt => {
|
await context.asyncForEach(inputs.driverOpts, async driverOpt => {
|
||||||
createArgs.push('--driver-opt', driverOpt);
|
createArgs.push('--driver-opt', driverOpt);
|
||||||
});
|
});
|
||||||
if (inputs.buildkitdFlags) {
|
if (inputs.buildkitdFlags && semver.satisfies(buildxVersion, '>=0.3.0')) {
|
||||||
createArgs.push('--buildkitd-flags', inputs.buildkitdFlags);
|
createArgs.push('--buildkitd-flags', inputs.buildkitdFlags);
|
||||||
}
|
}
|
||||||
if (inputs.use) {
|
if (inputs.use) {
|
||||||
|
|
Loading…
Reference in New Issue