wanderer/drone-docker
1
0
Fork 0
Code Issues Pull Requests Releases Activity

Merge pull request #356 from tphoney/DRON-232

Browse Source 
(DRON-232) enable build-kit for secrets consumption
This commit is contained in:
TP Honey 2022-02-16 12:49:48 +00:00 committed by GitHub
commit b6c9110c83
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 91 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
card.go
View File

@ -22,7 +22,7 @@ func (p Plugin) writeCard() error {
return err return err
} }
out := Inspect{} out := Card{}
if err := json.Unmarshal(data, &out); err != nil { if err := json.Unmarshal(data, &out); err != nil {
return err return err
} }
@ -31,6 +31,12 @@ func (p Plugin) writeCard() error {
inspect.SizeString = fmt.Sprint(bytesize.New(float64(inspect.Size))) inspect.SizeString = fmt.Sprint(bytesize.New(float64(inspect.Size)))
inspect.VirtualSizeString = fmt.Sprint(bytesize.New(float64(inspect.VirtualSize))) inspect.VirtualSizeString = fmt.Sprint(bytesize.New(float64(inspect.VirtualSize)))
inspect.Time = fmt.Sprint(inspect.Metadata.LastTagTime.Format(time.RFC3339)) inspect.Time = fmt.Sprint(inspect.Metadata.LastTagTime.Format(time.RFC3339))
// change slice of tags to slice of TagStruct
var sliceTagStruct []TagStruct
for _, tag := range inspect.RepoTags {
sliceTagStruct = append(sliceTagStruct, TagStruct{Tag: tag})
}
inspect.ParsedRepoTags = sliceTagStruct
cardData, _ := json.Marshal(inspect) cardData, _ := json.Marshal(inspect)
card := drone.CardInput{ card := drone.CardInput{

6
cmd/drone-docker/main.go
View File

@ -249,6 +249,11 @@ func main() {
Usage: "additional host:IP mapping", Usage: "additional host:IP mapping",
EnvVar: "PLUGIN_ADD_HOST", EnvVar: "PLUGIN_ADD_HOST",
}, },
cli.StringFlag{
Name: "secret",
Usage: "secret key value pair eg id=MYSECRET",
EnvVar: "PLUGIN_SECRET",
},
cli.StringFlag{ cli.StringFlag{
Name: "drone-card-path", Name: "drone-card-path",
Usage: "card path location to write to", Usage: "card path location to write to",
@ -292,6 +297,7 @@ func run(c *cli.Context) error {
AutoLabel: c.BoolT("auto-label"), AutoLabel: c.BoolT("auto-label"),
Link: c.String("link"), Link: c.String("link"),
NoCache: c.Bool("no-cache"), NoCache: c.Bool("no-cache"),
Secret: c.String("secret"),
AddHost: c.StringSlice("add-host"), AddHost: c.StringSlice("add-host"),
Quiet: c.Bool("quiet"), Quiet: c.Bool("quiet"),
}, },

44
docker.go
View File

@ -58,6 +58,7 @@ type (
Labels []string // Label map Labels []string // Label map
Link string // Git repo link Link string // Git repo link
NoCache bool // Docker build no-cache NoCache bool // Docker build no-cache
Secret string // secret keypair
AddHost []string // Docker build add-host AddHost []string // Docker build add-host
Quiet bool // Docker build quiet Quiet bool // Docker build quiet
} }
@ -72,27 +73,31 @@ type (
CardPath string // Card path to write file to CardPath string // Card path to write file to
} }
Inspect []struct { Card []struct {
ID string `json:"Id"` ID string `json:"Id"`
RepoTags []string `json:"RepoTags"` RepoTags []string `json:"RepoTags"`
RepoDigests []interface{} `json:"RepoDigests"` ParsedRepoTags []TagStruct `json:"ParsedRepoTags"`
Parent string `json:"Parent"` RepoDigests []interface{} `json:"RepoDigests"`
Comment string `json:"Comment"` Parent string `json:"Parent"`
Created time.Time `json:"Created"` Comment string `json:"Comment"`
Container string `json:"Container"` Created time.Time `json:"Created"`
DockerVersion string `json:"DockerVersion"` Container string `json:"Container"`
Author string `json:"Author"` DockerVersion string `json:"DockerVersion"`
Architecture string `json:"Architecture"` Author string `json:"Author"`
Os string `json:"Os"` Architecture string `json:"Architecture"`
Size int `json:"Size"` Os string `json:"Os"`
VirtualSize int `json:"VirtualSize"` Size int `json:"Size"`
Metadata struct { VirtualSize int `json:"VirtualSize"`
Metadata struct {
LastTagTime time.Time `json:"LastTagTime"` LastTagTime time.Time `json:"LastTagTime"`
} `json:"Metadata"` } `json:"Metadata"`
SizeString string SizeString string
VirtualSizeString string VirtualSizeString string
Time string Time string
} }
TagStruct struct {
Tag string `json:"Tag"`
}
) )
// Exec executes the plugin step // Exec executes the plugin step
@ -175,7 +180,7 @@ func (p Plugin) Exec() error {
for _, tag := range p.Build.Tags { for _, tag := range p.Build.Tags {
cmds = append(cmds, commandTag(p.Build, tag)) // docker tag cmds = append(cmds, commandTag(p.Build, tag)) // docker tag
if p.Dryrun == false { if !p.Dryrun {
cmds = append(cmds, commandPush(p.Build, tag)) // docker push cmds = append(cmds, commandPush(p.Build, tag)) // docker push
} }
} }
@ -297,6 +302,9 @@ func commandBuild(build Build) *exec.Cmd {
for _, host := range build.AddHost { for _, host := range build.AddHost {
args = append(args, "--add-host", host) args = append(args, "--add-host", host)
} }
if build.Secret != "" {
args = append(args, "--secret", build.Secret)
}
if build.Target != "" { if build.Target != "" {
args = append(args, "--target", build.Target) args = append(args, "--target", build.Target)
} }
@ -328,6 +336,10 @@ func commandBuild(build Build) *exec.Cmd {
} }
} }
// we need to enable buildkit, for secret support
if build.Secret != "" {
os.Setenv("DOCKER_BUILDKIT", "1")
}
return exec.Command(dockerExe, args...) return exec.Command(dockerExe, args...)
} }

40
docs/card.data.json Normal file
View File

@ -0,0 +1,40 @@
{
"Id": "sha256:3b0709c9afb41629c79c93355feed114d08a8c1bedd975eb53af08f4b867fd91",
"RepoTags": [
"798a0dae10d63d281eff4c06eaa12001ffd23740:latest",
"tphoney/test:latest"
],
"ParsedRepoTags": [
{
"Tag": ""
},
{
"Tag": ""
},
{
"Tag": "798a0dae10d63d281eff4c06eaa12001ffd23740:latest"
},
{
"Tag": "tphoney/test:latest"
}
],
"RepoDigests": [
"tphoney/test@sha256:93f8b95aaae7d194208b72e94a3a90544b00c8f2ad45aeb89d81a0c6ccbc5e19"
],
"Parent": "sha256:493aa330a5929027dd8ecded9fa8c473a1508d17c0fd7d6a94a7f197f8d22c60",
"Comment": "",
"Created": "2022-02-16T11:13:40.8956582Z",
"Container": "a57c0ca4dd2e081df8758e00549f7abe83803f1a1a7aaaf1cd8e685a5eb5a097",
"DockerVersion": "20.10.9",
"Author": "",
"Architecture": "amd64",
"Os": "linux",
"Size": 14045949,
"VirtualSize": 14045949,
"Metadata": {
"LastTagTime": "2022-02-16T11:13:40.9433973Z"
},
"SizeString": "13.40MB",
"VirtualSizeString": "13.40MB",
"Time": "2022-02-16T11:13:40Z"
}

17
docs/card.json
View File

@ -51,19 +51,22 @@
{ {
"type": "TextBlock", "type": "TextBlock",
"weight": "Lighter", "weight": "Lighter",
"text": "OS/ARCH", "text": "TAGS",
"wrap": true, "wrap": true,
"size": "Small", "size": "Small",
"isSubtle": true, "isSubtle": true,
"spacing": "Medium" "spacing": "Medium"
}, },
{ {
"type": "TextBlock", "type": "FactSet",
"text": "${OS}/${Architecture}", "facts": [
"wrap": true, {
"size": "Small", "title": "-",
"value": "${Tag}"
}
],
"spacing": "Small", "spacing": "Small",
"weight": "Bolder" "$data": "${ParsedRepoTags}"
} }
], ],
"separator": true, "separator": true,
@ -124,4 +127,4 @@
], ],
"$schema": "http://adaptivecards.io/schemas/adaptive-card.json", "$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
"version": "1.5" "version": "1.5"
} }

26
docs/sample_data.json
View File

@ -1,26 +0,0 @@
{
"Id": "sha256:fec8cfc9f8eb4ed6bda3e83cea97c1365c53e261d07b9f47f3429c5fa879c414",
"RepoTags": [
"7ee96c0c66e9fa7905952b5fcf5b07461bdde833:latest",
"tphoney/test:latest"
],
"RepoDigests": [
"tphoney/test@sha256:96e93bd69d3b4a3863a34800db2f2aa087a861d5ce0460b5932f2b7474f10a0a"
],
"Parent": "sha256:618905d1de06873c5c59dee713977d68973fc2b497bc073108c9ce35c79019b1",
"Comment": "",
"Created": "2022-01-19T12:16:27.4679394Z",
"Container": "e09f5b26c8d454e24b738a2b38ec8ebda740bddfb872e512ace1cca3ea2d40a1",
"DockerVersion": "20.10.9",
"Author": "",
"Architecture": "amd64",
"Os": "linux",
"Size": 13195839,
"VirtualSize": 13195839,
"Metadata": {
"LastTagTime": "2022-01-19T12:16:27.5085833Z"
},
"SizeString": "12.58MB",
"VirtualSizeString": "12.58MB",
"Time": "2022-01-19T12:16:27Z"
}