deblan/docker-buildx
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

merge into: deblan:main
Branches Tags
deblan:main
deblan:bugfix/issue137-secrets
deblan:feature/setting-mount-ci
deblan:feature/setting-secret
deblan:renovate/woodpeckerci-plugin-docker-buildx-3.x
deblan:renovate/aws-sdk-go-monorepo
deblan:fix-49
deblan:fix-59
deblan:docker-matrix
deblan:v3.1.0
deblan:v3.0.1
deblan:v3.0.0
deblan:v2.3.0
deblan:v2.2.1
deblan:2.2.0
deblan:v2.1.0
deblan:v2.0.0
deblan:v1.0.1
deblan:v1.0.0
deblan:v0.9.9
...
pull from: deblan:feature/setting-mount-ci
Branches Tags
deblan:bugfix/issue137-secrets
deblan:feature/setting-mount-ci
deblan:feature/setting-secret
deblan:renovate/woodpeckerci-plugin-docker-buildx-3.x
deblan:renovate/aws-sdk-go-monorepo
deblan:main
deblan:fix-49
deblan:fix-59
deblan:docker-matrix
deblan:v3.1.0
deblan:v3.0.1
deblan:v3.0.0
deblan:v2.3.0
deblan:v2.2.1
deblan:2.2.0
deblan:v2.1.0
deblan:v2.0.0
deblan:v1.0.1
deblan:v1.0.0
deblan:v0.9.9

34 commits
main ... feature/se

Author SHA1 Message Date
Simon Vieille 6984af910d
update ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-14 18:33:32 +01:00
Simon Vieille 5f39f80b6b
ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-14 18:29:32 +01:00
Simon Vieille 70cff8c55e
ci 2024-02-14 18:29:19 +01:00
Simon Vieille 981efe747b
ci 2024-02-14 18:28:39 +01:00
Simon Vieille b272297331 Merge branch 'feature/setting-secret' into feature/setting-mount-ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
ci/woodpecker/manual/woodpecker Pipeline failed
Details
2024-02-14 18:26:37 +01:00
Simon Vieille 571bdce941 transform secret from string to slice 2024-02-14 18:24:44 +01:00
Simon Vieille 18b7a2a2fc
update foo 2024-02-14 18:21:30 +01:00
Simon Vieille b5d5f6a9a8
update foo
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-14 18:20:20 +01:00
Simon Vieille 6c624621c4
add test
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-14 18:17:32 +01:00
Simon Vieille cbda0a36ff
add foo
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/deployment/woodpecker Pipeline was successful
Details
2024-02-14 18:10:51 +01:00
Simon Vieille 0e85f92bb2
add foo 2024-02-14 18:10:20 +01:00
Simon Vieille 0cde2cd5fd Merge branch 'feature/setting-secret' into feature/setting-mount-ci
Some checks are pending
ci/woodpecker/push/woodpecker Pipeline is pending
Details
2024-02-14 18:08:25 +01:00
Simon Vieille 8926c89183
update secret documentation 2024-02-14 18:07:27 +01:00
Simon Vieille 16cb6908e7
rename "secret" with "secrets" 2024-02-14 18:07:16 +01:00
Simon Vieille 7870618a19
update ci
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2024-02-14 18:01:21 +01:00
Simon Vieille f9490382cf Merge branch 'feature/setting-secret' into feature/setting-mount-ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-14 17:59:39 +01:00
Simon Vieille 139c3f063b
transform secret from string to slice 2024-02-14 17:59:30 +01:00
Simon Vieille 3520077c23
fix ci
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
2024-02-09 16:26:56 +01:00
Simon Vieille 9094ae8de4
fix ci
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Details
ci/woodpecker/manual/woodpecker Pipeline was successful
Details
2024-02-09 15:57:50 +01:00
Simon Vieille c79fc28a3c Merge branch 'feature/setting-mount' into feature/setting-mount-ci 2024-02-09 15:57:23 +01:00
Simon Vieille 7c5f14a957 add secret option 
add documentation
 2024-02-09 15:51:45 +01:00
Simon Vieille a6552143b7 Merge branch 'feature/setting-mount' into feature/setting-mount-ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-09 15:47:41 +01:00
Simon Vieille 22e4afcef3
set secret ad cli.StringFlag 2024-02-09 15:47:30 +01:00
Simon Vieille 93ce811722 Merge branch 'feature/setting-mount' into feature/setting-mount-ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-09 15:41:24 +01:00
Simon Vieille e8fe46f336
fix bad substitution 2024-02-09 15:41:17 +01:00
Simon Vieille cdf6844ce8 Merge branch 'feature/setting-mount' into feature/setting-mount-ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-09 15:37:11 +01:00
Simon Vieille edc13f23fc
fix bad substitution 2024-02-09 15:37:03 +01:00
Simon Vieille bf6bbafd3b Merge branch 'feature/setting-mount' into feature/setting-mount-ci 2024-02-09 15:34:51 +01:00
Simon Vieille fc60a79bc3
rename mount with secret 2024-02-09 15:34:45 +01:00
Simon Vieille 2880d7f6a3
add ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-09 15:30:38 +01:00
Simon Vieille 4d0e047b2b
add ci
Some checks failed
ci/woodpecker/push/woodpecker Pipeline failed
Details
2024-02-09 15:30:01 +01:00
Simon Vieille 6c8e0f6671
add ci 2024-02-09 15:29:16 +01:00
Simon Vieille 97bb56fa4a
add documentation for mount option 2024-02-09 15:20:34 +01:00
Simon Vieille 0786fefc51
add mount option 2024-02-09 15:18:45 +01:00
5 changed files with 114 additions and 127 deletions
Show stats Expand all files Collapse all files

140
.woodpecker.yml
View file

@ -1,9 +1,9 @@
when:
- event: [pull_request, tag, cron]
- event: push
branch:
- ${CI_REPO_DEFAULT_BRANCH}
- renovate/*
# when:
# - event: [pull_request, tag, cron]
# - event: push
# branch:
# - ${CI_REPO_DEFAULT_BRANCH}
# - renovate/*
variables:
- &golang "golang:1.22"
@ -12,89 +12,67 @@ variables:
platforms: "linux/amd64,linux/arm64"
dockerfile: Dockerfile.multiarch
auto_tag: true
repo: woodpeckerci/plugin-docker-buildx,codeberg.org/woodpecker-plugins/docker-buildx
repo: gitnet.fr/deblan/docker-buildx
- &login_setting
# Default DockerHub login
- registry: https://index.docker.io/v1/
- registry: https://gitnet.fr
username:
from_secret: docker_username
from_secret: registry_user
password:
from_secret: docker_password
# Additional Codeberg login
- registry: https://codeberg.org
username:
from_secret: cb_username
password:
from_secret: cb_password
from_secret: registry_password
steps:
vendor:
image: *golang
commands: go mod vendor
# vendor:
# image: *golang
# commands: go mod vendor
#
# test:
# image: *golang
# depends_on: vendor
# commands: go test -cover ./...
#
# lint-editorconfig:
# image: docker.io/mstruebing/editorconfig-checker:2.7.2
# when:
# event: push
#
# lint-format:
# image: *golang
# depends_on: vendor
# commands: make formatcheck
# when:
# event: push
#
# publish-dryrun:
# image: *build_plugin
# depends_on: test
# pull: true
# settings:
# <<: *base_buildx_settings
# repo: test
# dry-run: true
# when:
# evaluate: 'not (CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images")'
# event: pull_request
# branch:
# - ${CI_REPO_DEFAULT_BRANCH}
# - renovate/*
test:
image: *golang
depends_on: vendor
commands: go test -cover ./...
# publish:
# image: *build_plugin
# settings:
# <<: *base_buildx_settings
# logins: *login_setting
# when:
# event: [push, tag, cron]
lint-editorconfig:
image: docker.io/mstruebing/editorconfig-checker:2.7.2
when:
event: pull_request
lint-format:
image: *golang
depends_on: vendor
commands: make formatcheck
when:
event: pull_request
publish-dryrun:
image: *build_plugin
depends_on: test
foo:
image: gitnet.fr/deblan/docker-buildx
pull: true
volumes:
- /var/run/docker.sock:/var/run/docker.sock
settings:
<<: *base_buildx_settings
repo: test
dry-run: true
when:
evaluate: 'not (CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images")'
event: pull_request
branch:
- ${CI_REPO_DEFAULT_BRANCH}
- renovate/*
publish:
image: *build_plugin
depends_on: test
settings:
<<: *base_buildx_settings
logins: *login_setting
when:
event: [push, tag, cron]
branch: ${CI_REPO_DEFAULT_BRANCH}
publish_pr_image:
image: *build_plugin
depends_on: test
settings:
<<: *base_buildx_settings
tag: pull_${CI_COMMIT_PULL_REQUEST}
logins: *login_setting
when:
evaluate: 'CI_COMMIT_PULL_REQUEST_LABELS contains "build_pr_images"'
event: pull_request
# TODO: replace by plugin-ready-release-go once it supports gitea
gitea-release:
image: "woodpeckerci/plugin-gitea-release:0.3.1"
depends_on: test
settings:
base_url: https://codeberg.org
title: ${CI_COMMIT_TAG}
api_key:
from_secret: gitea_token
target: main
when:
event: [tag]
branch: ${CI_REPO_DEFAULT_BRANCH}
secrets:
- foo
- bar

6
cmd/docker-buildx/config.go
View file

@ -183,6 +183,12 @@ func settingsFlags(settings *plugin.Settings) []cli.Flag {
Usage: "forwards environment variables as custom arguments to the build",
Destination: &settings.Build.ArgsEnv,
},
&cli.StringSliceFlag{
Name: "secrets",
EnvVars: []string{"PLUGIN_SECRETS"},
Usage: "sets custom secret arguments for the build",
Destination: &settings.Build.Secrets,
},
&cli.BoolFlag{
Name: "quiet",
EnvVars: []string{"PLUGIN_QUIET"},

91
docs.md
View file

@ -29,7 +29,7 @@ It will automatically generate buildkit configuration to use custom CA certifica
| Settings Name | Default | Description |
| ------------------------- | ------------------------------- | ---------------------------------------------------- |
| --- | --- | --- |
| `dry-run` | `false` | disables docker push |
| `repo` | _none_ | sets repository name for the image (can be a list) |
| `username` | _none_ | sets username to authenticates with |
@ -91,52 +91,51 @@ docker-build:
## Advanced Settings
| Settings Name | Default | Description |
| Settings Name | Default | Description |
| ------------------------------------- | ------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- |
| `mirror` | _none_ | sets a registry mirror to pull images |
| `storage_driver` | _none_ | sets the docker daemon storage driver |
| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path |
| `bip` | _none_ | allows the docker daemon to bride ip address |
| `mtu` | _none_ | sets docker daemon custom mtu setting |
| `custom_dns` | _none_ | sets custom docker daemon dns server |
| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain |
| `insecure` | `false` | allows the docker daemon to use insecure registries |
| `ipv6` | `false` | enables docker daemon IPv6 support |
| `experimental` | `false` | enables docker daemon experimental mode |
| `debug` | `false` | enables verbose debug mode for the docker daemon |
| `daemon_off` | `false` | disables the startup of the docker daemon |
| `buildkit_debug` | `false` | enables debug output of buildkit |
| `buildkit_config` | _none_ | sets content of the docker[buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) |
| `buildkit_driveropt` | _none_ | adds one or multiple`--driver-opt` buildx arguments for the default buildkit builder instance |
| `tags_file` | _none_ | overrides the`tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline |
| `context` | `.` | sets the path of the build context to use |
| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via`tags` are additionally added to the auto_tags without suffix |
| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix |
| `default_tag` | `latest` | overrides the default tag name used when generating with`auto_tag` enabled |
| `label`/`labels` | _none_ | sets labels to use for the image in format`<name>=<value>` |
| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information |
| `build_args` | _none_ | sets custom build arguments for the build |
| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build |
| `quiet` | `false` | enables suppression of the build output |
| `target` | _none_ | sets the build target to use |
| `cache_from` | _none_ | sets configuration for cache source |
| `cache_to` | _none_ | sets configuration for cache export |
| `cache_images` | _none_ | a list of images to use as cache. |
| `pull_image` | `true` | enforces to pull base image at build time |
| `compress` | `false` | enables compression of the build context using gzip |
| `config` | _none_ | sets content of the docker daemon json config |
| `purge` | `true` | enables cleanup of the docker environment at the end of a build |
| `no_cache` | `false` | disables the usage of cached intermediate containers |
| `add_host` | _none_ | sets additional host:ip mapping |
| `output` | _none_ | sets build output in format`type=<type>[,<key>=<value>]` |
| `logins` | _none_ | option to log into multiple registries |
| `env_file` | _none_ | load env vars from specified file |
| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist |
| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy |
| `ecr_repository_policy` | _none_ | AWS ECR repository policy |
| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push |
| `mirror` | _none_ | sets a registry mirror to pull images |
| `storage_driver` | _none_ | sets the docker daemon storage driver |
| `storage_path` | `/var/lib/docker` | sets the docker daemon storage path |
| `bip` | _none_ | allows the docker daemon to bride ip address |
| `mtu` | _none_ | sets docker daemon custom mtu setting |
| `custom_dns` | _none_ | sets custom docker daemon dns server |
| `custom_dns_search` | _none_ | sets custom docker daemon dns search domain |
| `insecure` | `false` | allows the docker daemon to use insecure registries |
| `ipv6` | `false` | enables docker daemon IPv6 support |
| `experimental` | `false` | enables docker daemon experimental mode |
| `debug` | `false` | enables verbose debug mode for the docker daemon |
| `daemon_off` | `false` | disables the startup of the docker daemon |
| `buildkit_debug` | `false` | enables debug output of buildkit |
| `buildkit_config` | _none_ | sets content of the docker[buildkit TOML config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md) |
| `buildkit_driveropt` | _none_ | adds one or multiple`--driver-opt` buildx arguments for the default buildkit builder instance |
| `tags_file` | _none_ | overrides the`tags` option with values in a file named `.tags`; multiple tags can be specified separated by a newline |
| `context` | `.` | sets the path of the build context to use |
| `auto_tag` | `false` | generates tag names automatically based on git branch and git tag, tags supplied via`tags` are additionally added to the auto_tags without suffix |
| `default_suffix"`/`auto_tag_suffix` | _none_ | generates tag names with the given suffix |
| `default_tag` | `latest` | overrides the default tag name used when generating with`auto_tag` enabled |
| `label`/`labels` | _none_ | sets labels to use for the image in format`<name>=<value>` |
| `default_labels`/`auto_labels` | `true` | sets docker image labels based on git information |
| `build_args` | _none_ | sets custom build arguments for the build |
| `build_args_from_env` | _none_ | forwards environment variables as custom arguments to the build |
| `secrets` | _none_ | Sets the build secrets for the build |
| `quiet` | `false` | enables suppression of the build output |
| `target` | _none_ | sets the build target to use |
| `cache_from` | _none_ | sets configuration for cache source |
| `cache_to` | _none_ | sets configuration for cache export |
| `cache_images` | _none_ | a list of images to use as cache. |
| `pull_image` | `true` | enforces to pull base image at build time |
| `compress` | `false` | enables compression of the build context using gzip |
| `config` | _none_ | sets content of the docker daemon json config |
| `purge` | `true` | enables cleanup of the docker environment at the end of a build |
| `no_cache` | `false` | disables the usage of cached intermediate containers |
| `add_host` | _none_ | sets additional host:ip mapping |
| `output` | _none_ | sets build output in format`type=<type>[,<key>=<value>]` |
| `logins` | _none_ | option to log into multiple registries |
| `env_file` | _none_ | load env vars from specified file |
| `ecr_create_repository` | `false` | creates the ECR repository if it does not exist |
| `ecr_lifecycle_policy` | _none_ | AWS ECR lifecycle policy |
| `ecr_repository_policy` | _none_ | AWS ECR repository policy |
| `ecr_scan_on_push` | _none_ | AWS: whether to enable image scanning on push |
## Multi registry push example
Only supported with `woodpecker >= 1.0.0` (next-da997fa3).

3
plugin/docker.go
View file

@ -94,6 +94,9 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd {
for _, arg := range append(defaultBuildArgs, build.Args.Value()...) {
args = append(args, "--build-arg", arg)
}
for _, secret := range build.Secrets.Value() {
args = append(args, "--secret", secret)
}
for _, host := range build.AddHost.Value() {
args = append(args, "--add-host", host)
}

1
plugin/impl.go
View file

@ -69,6 +69,7 @@ type Build struct {
Platforms cli.StringSlice // Docker build target platforms
Args cli.StringSlice // Docker build args
ArgsEnv cli.StringSlice // Docker build args from env
Secrets cli.StringSlice // Docker build secret
Target string // Docker build target
Output string // Docker build output
Pull bool // Docker build pull