From 05357ea3905f814d8ec934da0b5cbde9da9af882 Mon Sep 17 00:00:00 2001 From: TP Honey Date: Fri, 11 Feb 2022 10:49:42 +0000 Subject: [PATCH] (DRON-232) enable build-kit for secrets consumption --- card.go | 8 +++++++- cmd/drone-docker/main.go | 6 ++++++ docker.go | 44 +++++++++++++++++++++++++--------------- docs/card.data.json | 40 ++++++++++++++++++++++++++++++++++++ docs/card.json | 17 +++++++++------- docs/sample_data.json | 26 ------------------------ 6 files changed, 91 insertions(+), 50 deletions(-) create mode 100644 docs/card.data.json delete mode 100644 docs/sample_data.json diff --git a/card.go b/card.go index e9bd76a..edb2a4f 100644 --- a/card.go +++ b/card.go @@ -22,7 +22,7 @@ func (p Plugin) writeCard() error { return err } - out := Inspect{} + out := Card{} if err := json.Unmarshal(data, &out); err != nil { return err } @@ -31,6 +31,12 @@ func (p Plugin) writeCard() error { inspect.SizeString = fmt.Sprint(bytesize.New(float64(inspect.Size))) inspect.VirtualSizeString = fmt.Sprint(bytesize.New(float64(inspect.VirtualSize))) inspect.Time = fmt.Sprint(inspect.Metadata.LastTagTime.Format(time.RFC3339)) + // change slice of tags to slice of TagStruct + var sliceTagStruct []TagStruct + for _, tag := range inspect.RepoTags { + sliceTagStruct = append(sliceTagStruct, TagStruct{Tag: tag}) + } + inspect.ParsedRepoTags = sliceTagStruct cardData, _ := json.Marshal(inspect) card := drone.CardInput{ diff --git a/cmd/drone-docker/main.go b/cmd/drone-docker/main.go index ce652fe..a5447a0 100644 --- a/cmd/drone-docker/main.go +++ b/cmd/drone-docker/main.go @@ -249,6 +249,11 @@ func main() { Usage: "additional host:IP mapping", EnvVar: "PLUGIN_ADD_HOST", }, + cli.StringFlag{ + Name: "secret", + Usage: "secret key value pair eg id=MYSECRET", + EnvVar: "PLUGIN_SECRET", + }, cli.StringFlag{ Name: "drone-card-path", Usage: "card path location to write to", @@ -292,6 +297,7 @@ func run(c *cli.Context) error { AutoLabel: c.BoolT("auto-label"), Link: c.String("link"), NoCache: c.Bool("no-cache"), + Secret: c.String("secret"), AddHost: c.StringSlice("add-host"), Quiet: c.Bool("quiet"), }, diff --git a/docker.go b/docker.go index d80bdf6..cf86afa 100644 --- a/docker.go +++ b/docker.go @@ -58,6 +58,7 @@ type ( Labels []string // Label map Link string // Git repo link NoCache bool // Docker build no-cache + Secret string // secret keypair AddHost []string // Docker build add-host Quiet bool // Docker build quiet } @@ -72,27 +73,31 @@ type ( CardPath string // Card path to write file to } - Inspect []struct { - ID string `json:"Id"` - RepoTags []string `json:"RepoTags"` - RepoDigests []interface{} `json:"RepoDigests"` - Parent string `json:"Parent"` - Comment string `json:"Comment"` - Created time.Time `json:"Created"` - Container string `json:"Container"` - DockerVersion string `json:"DockerVersion"` - Author string `json:"Author"` - Architecture string `json:"Architecture"` - Os string `json:"Os"` - Size int `json:"Size"` - VirtualSize int `json:"VirtualSize"` - Metadata struct { + Card []struct { + ID string `json:"Id"` + RepoTags []string `json:"RepoTags"` + ParsedRepoTags []TagStruct `json:"ParsedRepoTags"` + RepoDigests []interface{} `json:"RepoDigests"` + Parent string `json:"Parent"` + Comment string `json:"Comment"` + Created time.Time `json:"Created"` + Container string `json:"Container"` + DockerVersion string `json:"DockerVersion"` + Author string `json:"Author"` + Architecture string `json:"Architecture"` + Os string `json:"Os"` + Size int `json:"Size"` + VirtualSize int `json:"VirtualSize"` + Metadata struct { LastTagTime time.Time `json:"LastTagTime"` } `json:"Metadata"` SizeString string VirtualSizeString string Time string } + TagStruct struct { + Tag string `json:"Tag"` + } ) // Exec executes the plugin step @@ -175,7 +180,7 @@ func (p Plugin) Exec() error { for _, tag := range p.Build.Tags { cmds = append(cmds, commandTag(p.Build, tag)) // docker tag - if p.Dryrun == false { + if !p.Dryrun { cmds = append(cmds, commandPush(p.Build, tag)) // docker push } } @@ -297,6 +302,9 @@ func commandBuild(build Build) *exec.Cmd { for _, host := range build.AddHost { args = append(args, "--add-host", host) } + if build.Secret != "" { + args = append(args, "--secret", build.Secret) + } if build.Target != "" { args = append(args, "--target", build.Target) } @@ -328,6 +336,10 @@ func commandBuild(build Build) *exec.Cmd { } } + // we need to enable buildkit, for secret support + if build.Secret != "" { + os.Setenv("DOCKER_BUILDKIT", "1") + } return exec.Command(dockerExe, args...) } diff --git a/docs/card.data.json b/docs/card.data.json new file mode 100644 index 0000000..3deeebf --- /dev/null +++ b/docs/card.data.json @@ -0,0 +1,40 @@ +{ + "Id": "sha256:3b0709c9afb41629c79c93355feed114d08a8c1bedd975eb53af08f4b867fd91", + "RepoTags": [ + "798a0dae10d63d281eff4c06eaa12001ffd23740:latest", + "tphoney/test:latest" + ], + "ParsedRepoTags": [ + { + "Tag": "" + }, + { + "Tag": "" + }, + { + "Tag": "798a0dae10d63d281eff4c06eaa12001ffd23740:latest" + }, + { + "Tag": "tphoney/test:latest" + } + ], + "RepoDigests": [ + "tphoney/test@sha256:93f8b95aaae7d194208b72e94a3a90544b00c8f2ad45aeb89d81a0c6ccbc5e19" + ], + "Parent": "sha256:493aa330a5929027dd8ecded9fa8c473a1508d17c0fd7d6a94a7f197f8d22c60", + "Comment": "", + "Created": "2022-02-16T11:13:40.8956582Z", + "Container": "a57c0ca4dd2e081df8758e00549f7abe83803f1a1a7aaaf1cd8e685a5eb5a097", + "DockerVersion": "20.10.9", + "Author": "", + "Architecture": "amd64", + "Os": "linux", + "Size": 14045949, + "VirtualSize": 14045949, + "Metadata": { + "LastTagTime": "2022-02-16T11:13:40.9433973Z" + }, + "SizeString": "13.40MB", + "VirtualSizeString": "13.40MB", + "Time": "2022-02-16T11:13:40Z" +} \ No newline at end of file diff --git a/docs/card.json b/docs/card.json index fd55544..65f612a 100644 --- a/docs/card.json +++ b/docs/card.json @@ -51,19 +51,22 @@ { "type": "TextBlock", "weight": "Lighter", - "text": "OS/ARCH", + "text": "TAGS", "wrap": true, "size": "Small", "isSubtle": true, "spacing": "Medium" }, { - "type": "TextBlock", - "text": "${OS}/${Architecture}", - "wrap": true, - "size": "Small", + "type": "FactSet", + "facts": [ + { + "title": "-", + "value": "${Tag}" + } + ], "spacing": "Small", - "weight": "Bolder" + "$data": "${ParsedRepoTags}" } ], "separator": true, @@ -124,4 +127,4 @@ ], "$schema": "http://adaptivecards.io/schemas/adaptive-card.json", "version": "1.5" -} +} \ No newline at end of file diff --git a/docs/sample_data.json b/docs/sample_data.json deleted file mode 100644 index 2398fbc..0000000 --- a/docs/sample_data.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "Id": "sha256:fec8cfc9f8eb4ed6bda3e83cea97c1365c53e261d07b9f47f3429c5fa879c414", - "RepoTags": [ - "7ee96c0c66e9fa7905952b5fcf5b07461bdde833:latest", - "tphoney/test:latest" - ], - "RepoDigests": [ - "tphoney/test@sha256:96e93bd69d3b4a3863a34800db2f2aa087a861d5ce0460b5932f2b7474f10a0a" - ], - "Parent": "sha256:618905d1de06873c5c59dee713977d68973fc2b497bc073108c9ce35c79019b1", - "Comment": "", - "Created": "2022-01-19T12:16:27.4679394Z", - "Container": "e09f5b26c8d454e24b738a2b38ec8ebda740bddfb872e512ace1cca3ea2d40a1", - "DockerVersion": "20.10.9", - "Author": "", - "Architecture": "amd64", - "Os": "linux", - "Size": 13195839, - "VirtualSize": 13195839, - "Metadata": { - "LastTagTime": "2022-01-19T12:16:27.5085833Z" - }, - "SizeString": "12.58MB", - "VirtualSizeString": "12.58MB", - "Time": "2022-01-19T12:16:27Z" -}