Merge pull request #356 from tphoney/DRON-232

(DRON-232) enable build-kit for secrets consumption
This commit is contained in:
TP Honey 2022-02-16 12:49:48 +00:00 committed by GitHub
commit b6c9110c83
Signed by: GitHub
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 91 additions and 50 deletions

@ -22,7 +22,7 @@ func (p Plugin) writeCard() error {
return err
}
out := Inspect{}
out := Card{}
if err := json.Unmarshal(data, &out); err != nil {
return err
}
@ -31,6 +31,12 @@ func (p Plugin) writeCard() error {
inspect.SizeString = fmt.Sprint(bytesize.New(float64(inspect.Size)))
inspect.VirtualSizeString = fmt.Sprint(bytesize.New(float64(inspect.VirtualSize)))
inspect.Time = fmt.Sprint(inspect.Metadata.LastTagTime.Format(time.RFC3339))
// change slice of tags to slice of TagStruct
var sliceTagStruct []TagStruct
for _, tag := range inspect.RepoTags {
sliceTagStruct = append(sliceTagStruct, TagStruct{Tag: tag})
}
inspect.ParsedRepoTags = sliceTagStruct
cardData, _ := json.Marshal(inspect)
card := drone.CardInput{

@ -249,6 +249,11 @@ func main() {
Usage: "additional host:IP mapping",
EnvVar: "PLUGIN_ADD_HOST",
},
cli.StringFlag{
Name: "secret",
Usage: "secret key value pair eg id=MYSECRET",
EnvVar: "PLUGIN_SECRET",
},
cli.StringFlag{
Name: "drone-card-path",
Usage: "card path location to write to",
@ -292,6 +297,7 @@ func run(c *cli.Context) error {
AutoLabel: c.BoolT("auto-label"),
Link: c.String("link"),
NoCache: c.Bool("no-cache"),
Secret: c.String("secret"),
AddHost: c.StringSlice("add-host"),
Quiet: c.Bool("quiet"),
},

@ -58,6 +58,7 @@ type (
Labels []string // Label map
Link string // Git repo link
NoCache bool // Docker build no-cache
Secret string // secret keypair
AddHost []string // Docker build add-host
Quiet bool // Docker build quiet
}
@ -72,27 +73,31 @@ type (
CardPath string // Card path to write file to
}
Inspect []struct {
ID string `json:"Id"`
RepoTags []string `json:"RepoTags"`
RepoDigests []interface{} `json:"RepoDigests"`
Parent string `json:"Parent"`
Comment string `json:"Comment"`
Created time.Time `json:"Created"`
Container string `json:"Container"`
DockerVersion string `json:"DockerVersion"`
Author string `json:"Author"`
Architecture string `json:"Architecture"`
Os string `json:"Os"`
Size int `json:"Size"`
VirtualSize int `json:"VirtualSize"`
Metadata struct {
Card []struct {
ID string `json:"Id"`
RepoTags []string `json:"RepoTags"`
ParsedRepoTags []TagStruct `json:"ParsedRepoTags"`
RepoDigests []interface{} `json:"RepoDigests"`
Parent string `json:"Parent"`
Comment string `json:"Comment"`
Created time.Time `json:"Created"`
Container string `json:"Container"`
DockerVersion string `json:"DockerVersion"`
Author string `json:"Author"`
Architecture string `json:"Architecture"`
Os string `json:"Os"`
Size int `json:"Size"`
VirtualSize int `json:"VirtualSize"`
Metadata struct {
LastTagTime time.Time `json:"LastTagTime"`
} `json:"Metadata"`
SizeString string
VirtualSizeString string
Time string
}
TagStruct struct {
Tag string `json:"Tag"`
}
)
// Exec executes the plugin step
@ -175,7 +180,7 @@ func (p Plugin) Exec() error {
for _, tag := range p.Build.Tags {
cmds = append(cmds, commandTag(p.Build, tag)) // docker tag
if p.Dryrun == false {
if !p.Dryrun {
cmds = append(cmds, commandPush(p.Build, tag)) // docker push
}
}
@ -297,6 +302,9 @@ func commandBuild(build Build) *exec.Cmd {
for _, host := range build.AddHost {
args = append(args, "--add-host", host)
}
if build.Secret != "" {
args = append(args, "--secret", build.Secret)
}
if build.Target != "" {
args = append(args, "--target", build.Target)
}
@ -328,6 +336,10 @@ func commandBuild(build Build) *exec.Cmd {
}
}
// we need to enable buildkit, for secret support
if build.Secret != "" {
os.Setenv("DOCKER_BUILDKIT", "1")
}
return exec.Command(dockerExe, args...)
}

40
docs/card.data.json Normal file

@ -0,0 +1,40 @@
{
"Id": "sha256:3b0709c9afb41629c79c93355feed114d08a8c1bedd975eb53af08f4b867fd91",
"RepoTags": [
"798a0dae10d63d281eff4c06eaa12001ffd23740:latest",
"tphoney/test:latest"
],
"ParsedRepoTags": [
{
"Tag": ""
},
{
"Tag": ""
},
{
"Tag": "798a0dae10d63d281eff4c06eaa12001ffd23740:latest"
},
{
"Tag": "tphoney/test:latest"
}
],
"RepoDigests": [
"tphoney/test@sha256:93f8b95aaae7d194208b72e94a3a90544b00c8f2ad45aeb89d81a0c6ccbc5e19"
],
"Parent": "sha256:493aa330a5929027dd8ecded9fa8c473a1508d17c0fd7d6a94a7f197f8d22c60",
"Comment": "",
"Created": "2022-02-16T11:13:40.8956582Z",
"Container": "a57c0ca4dd2e081df8758e00549f7abe83803f1a1a7aaaf1cd8e685a5eb5a097",
"DockerVersion": "20.10.9",
"Author": "",
"Architecture": "amd64",
"Os": "linux",
"Size": 14045949,
"VirtualSize": 14045949,
"Metadata": {
"LastTagTime": "2022-02-16T11:13:40.9433973Z"
},
"SizeString": "13.40MB",
"VirtualSizeString": "13.40MB",
"Time": "2022-02-16T11:13:40Z"
}

@ -51,19 +51,22 @@
{
"type": "TextBlock",
"weight": "Lighter",
"text": "OS/ARCH",
"text": "TAGS",
"wrap": true,
"size": "Small",
"isSubtle": true,
"spacing": "Medium"
},
{
"type": "TextBlock",
"text": "${OS}/${Architecture}",
"wrap": true,
"size": "Small",
"type": "FactSet",
"facts": [
{
"title": "-",
"value": "${Tag}"
}
],
"spacing": "Small",
"weight": "Bolder"
"$data": "${ParsedRepoTags}"
}
],
"separator": true,

@ -1,26 +0,0 @@
{
"Id": "sha256:fec8cfc9f8eb4ed6bda3e83cea97c1365c53e261d07b9f47f3429c5fa879c414",
"RepoTags": [
"7ee96c0c66e9fa7905952b5fcf5b07461bdde833:latest",
"tphoney/test:latest"
],
"RepoDigests": [
"tphoney/test@sha256:96e93bd69d3b4a3863a34800db2f2aa087a861d5ce0460b5932f2b7474f10a0a"
],
"Parent": "sha256:618905d1de06873c5c59dee713977d68973fc2b497bc073108c9ce35c79019b1",
"Comment": "",
"Created": "2022-01-19T12:16:27.4679394Z",
"Container": "e09f5b26c8d454e24b738a2b38ec8ebda740bddfb872e512ace1cca3ea2d40a1",
"DockerVersion": "20.10.9",
"Author": "",
"Architecture": "amd64",
"Os": "linux",
"Size": 13195839,
"VirtualSize": 13195839,
"Metadata": {
"LastTagTime": "2022-01-19T12:16:27.5085833Z"
},
"SizeString": "12.58MB",
"VirtualSizeString": "12.58MB",
"Time": "2022-01-19T12:16:27Z"
}