always set buildkitd-flags if opt-in
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
parent
b467d6aa7a
commit
818c69a4ea
@ -101,7 +101,13 @@ The following inputs can be used as `step.with` keys:
|
|||||||
| `cache-binary` | Bool | `true` | Cache buildx binary to GitHub Actions cache backend |
|
| `cache-binary` | Bool | `true` | Cache buildx binary to GitHub Actions cache backend |
|
||||||
| `cleanup` | Bool | `true` | Cleanup temp files and remove builder at the end of a job |
|
| `cleanup` | Bool | `true` | Cleanup temp files and remove builder at the end of a job |
|
||||||
|
|
||||||
_\* `buildkitd-config` and `buildkitd-config-inline` are mutually exclusive_
|
> [!IMPORTANT]
|
||||||
|
> If you set the `buildkitd-flags` input, the default flags (`--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host`)
|
||||||
|
> will be reset. If you want to retain the default behavior, make sure to
|
||||||
|
> include these flags in your custom `buildkitd-flags` value.
|
||||||
|
|
||||||
|
> [!NOTE]
|
||||||
|
> `buildkitd-config` and `buildkitd-config-inline` are mutually exclusive.
|
||||||
|
|
||||||
### outputs
|
### outputs
|
||||||
|
|
||||||
|
@ -226,6 +226,24 @@ describe('getCreateArgs', () => {
|
|||||||
'--buildkitd-flags', '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
|
'--buildkitd-flags', '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
|
||||||
'--config', tmpName,
|
'--config', tmpName,
|
||||||
]
|
]
|
||||||
|
],
|
||||||
|
[
|
||||||
|
10,
|
||||||
|
'v0.10.3',
|
||||||
|
new Map<string, string>([
|
||||||
|
['install', 'false'],
|
||||||
|
['use', 'false'],
|
||||||
|
['driver', 'cloud'],
|
||||||
|
['buildkitd-flags', '--allow-insecure-entitlement network.host'],
|
||||||
|
['cache-binary', 'true'],
|
||||||
|
['cleanup', 'true'],
|
||||||
|
]),
|
||||||
|
[
|
||||||
|
'create',
|
||||||
|
'--name', 'builder-9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d',
|
||||||
|
'--driver', 'cloud',
|
||||||
|
'--buildkitd-flags', '--allow-insecure-entitlement network.host',
|
||||||
|
]
|
||||||
]
|
]
|
||||||
])(
|
])(
|
||||||
'[%d] given buildx %s and %p as inputs, returns %p',
|
'[%d] given buildx %s and %p as inputs, returns %p',
|
||||||
|
@ -19,7 +19,6 @@ inputs:
|
|||||||
required: false
|
required: false
|
||||||
buildkitd-flags:
|
buildkitd-flags:
|
||||||
description: 'BuildKit daemon flags'
|
description: 'BuildKit daemon flags'
|
||||||
default: '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host'
|
|
||||||
required: false
|
required: false
|
||||||
buildkitd-config:
|
buildkitd-config:
|
||||||
description: 'BuildKit daemon config file'
|
description: 'BuildKit daemon config file'
|
||||||
|
@ -8,6 +8,7 @@ import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
|
|||||||
import {Node} from '@docker/actions-toolkit/lib/types/buildx/builder';
|
import {Node} from '@docker/actions-toolkit/lib/types/buildx/builder';
|
||||||
|
|
||||||
export const builderNodeEnvPrefix = 'BUILDER_NODE';
|
export const builderNodeEnvPrefix = 'BUILDER_NODE';
|
||||||
|
const defaultBuildkitdFlags = '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host';
|
||||||
|
|
||||||
export interface Inputs {
|
export interface Inputs {
|
||||||
version: string;
|
version: string;
|
||||||
@ -32,7 +33,7 @@ export async function getInputs(): Promise<Inputs> {
|
|||||||
name: await getBuilderName(core.getInput('driver') || 'docker-container'),
|
name: await getBuilderName(core.getInput('driver') || 'docker-container'),
|
||||||
driver: core.getInput('driver') || 'docker-container',
|
driver: core.getInput('driver') || 'docker-container',
|
||||||
driverOpts: Util.getInputList('driver-opts', {ignoreComma: true, quote: false}),
|
driverOpts: Util.getInputList('driver-opts', {ignoreComma: true, quote: false}),
|
||||||
buildkitdFlags: core.getInput('buildkitd-flags') || '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
|
buildkitdFlags: core.getInput('buildkitd-flags'),
|
||||||
platforms: Util.getInputList('platforms'),
|
platforms: Util.getInputList('platforms'),
|
||||||
install: core.getBooleanInput('install'),
|
install: core.getBooleanInput('install'),
|
||||||
use: core.getBooleanInput('use'),
|
use: core.getBooleanInput('use'),
|
||||||
@ -52,11 +53,13 @@ export async function getBuilderName(driver: string): Promise<string> {
|
|||||||
export async function getCreateArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<string>> {
|
export async function getCreateArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<string>> {
|
||||||
const args: Array<string> = ['create', '--name', inputs.name, '--driver', inputs.driver];
|
const args: Array<string> = ['create', '--name', inputs.name, '--driver', inputs.driver];
|
||||||
if (await toolkit.buildx.versionSatisfies('>=0.3.0')) {
|
if (await toolkit.buildx.versionSatisfies('>=0.3.0')) {
|
||||||
await Util.asyncForEach(inputs.driverOpts, async driverOpt => {
|
await Util.asyncForEach(inputs.driverOpts, async (driverOpt: string) => {
|
||||||
args.push('--driver-opt', driverOpt);
|
args.push('--driver-opt', driverOpt);
|
||||||
});
|
});
|
||||||
if (driverSupportsFlags(inputs.driver) && inputs.buildkitdFlags) {
|
if (inputs.buildkitdFlags) {
|
||||||
args.push('--buildkitd-flags', inputs.buildkitdFlags);
|
args.push('--buildkitd-flags', inputs.buildkitdFlags);
|
||||||
|
} else if (driverSupportsBuildkitdFlags(inputs.driver)) {
|
||||||
|
args.push('--buildkitd-flags', defaultBuildkitdFlags);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (inputs.platforms.length > 0) {
|
if (inputs.platforms.length > 0) {
|
||||||
@ -65,13 +68,11 @@ export async function getCreateArgs(inputs: Inputs, toolkit: Toolkit): Promise<A
|
|||||||
if (inputs.use) {
|
if (inputs.use) {
|
||||||
args.push('--use');
|
args.push('--use');
|
||||||
}
|
}
|
||||||
if (driverSupportsFlags(inputs.driver)) {
|
|
||||||
if (inputs.buildkitdConfig) {
|
if (inputs.buildkitdConfig) {
|
||||||
args.push('--config', toolkit.buildkit.config.resolveFromFile(inputs.buildkitdConfig));
|
args.push('--config', toolkit.buildkit.config.resolveFromFile(inputs.buildkitdConfig));
|
||||||
} else if (inputs.buildkitdConfigInline) {
|
} else if (inputs.buildkitdConfigInline) {
|
||||||
args.push('--config', toolkit.buildkit.config.resolveFromString(inputs.buildkitdConfigInline));
|
args.push('--config', toolkit.buildkit.config.resolveFromString(inputs.buildkitdConfigInline));
|
||||||
}
|
}
|
||||||
}
|
|
||||||
if (inputs.endpoint) {
|
if (inputs.endpoint) {
|
||||||
args.push(inputs.endpoint);
|
args.push(inputs.endpoint);
|
||||||
}
|
}
|
||||||
@ -86,11 +87,13 @@ export async function getAppendArgs(inputs: Inputs, node: Node, toolkit: Toolkit
|
|||||||
args.push('--node', `node-${uuid.v4()}`);
|
args.push('--node', `node-${uuid.v4()}`);
|
||||||
}
|
}
|
||||||
if (node['driver-opts'] && (await toolkit.buildx.versionSatisfies('>=0.3.0'))) {
|
if (node['driver-opts'] && (await toolkit.buildx.versionSatisfies('>=0.3.0'))) {
|
||||||
await Util.asyncForEach(node['driver-opts'], async driverOpt => {
|
await Util.asyncForEach(node['driver-opts'], async (driverOpt: string) => {
|
||||||
args.push('--driver-opt', driverOpt);
|
args.push('--driver-opt', driverOpt);
|
||||||
});
|
});
|
||||||
if (driverSupportsFlags(inputs.driver) && node['buildkitd-flags']) {
|
if (node['buildkitd-flags']) {
|
||||||
args.push('--buildkitd-flags', node['buildkitd-flags']);
|
args.push('--buildkitd-flags', node['buildkitd-flags']);
|
||||||
|
} else if (driverSupportsBuildkitdFlags(inputs.driver)) {
|
||||||
|
args.push('--buildkitd-flags', defaultBuildkitdFlags);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
if (node.platforms) {
|
if (node.platforms) {
|
||||||
@ -110,6 +113,6 @@ export async function getInspectArgs(inputs: Inputs, toolkit: Toolkit): Promise<
|
|||||||
return args;
|
return args;
|
||||||
}
|
}
|
||||||
|
|
||||||
function driverSupportsFlags(driver: string): boolean {
|
function driverSupportsBuildkitdFlags(driver: string): boolean {
|
||||||
return driver == '' || driver == 'docker-container' || driver == 'docker' || driver == 'kubernetes';
|
return driver == '' || driver == 'docker-container' || driver == 'docker' || driver == 'kubernetes';
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user