docker/bake-action
1
0
Fork 0
mirror of https://git.flexiblyrigid.au/actions/bake-action.git synced 2025-12-06 07:48:05 +08:00
Code Issues Packages Projects Releases Wiki Activity

call input to set method for evaluating build

Browse Source 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax
2025-07-30 15:20:30 +02:00
parent 6de75d5ad2
commit 24d8c3471c
5 changed files with 140 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
.github/workflows/ci.yml vendored
View File

@@ -116,7 +116,6 @@ jobs:
- -
name: Check name: Check
run: | run: |
echo "${{ toJson(steps.bake) }}"
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed" echo "::error::Should have failed"
exit 1 exit 1
@@ -779,3 +778,92 @@ jobs:
./test/config.hcl ./test/config.hcl
env: env:
BUILDX_NO_DEFAULT_ATTESTATIONS: 1 BUILDX_NO_DEFAULT_ATTESTATIONS: 1
call-check:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
call: check
targets: lint
-
name: Check
run: |
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
fi
call-check-multi:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
workdir: ./test
source: .
files: |
./lint.hcl
call: check
-
name: Check
run: |
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
fi
call-check-nowarning:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v5
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
driver-opts: |
image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
source: .
files: |
./test/config.hcl
call: check

5
README.md
View File

@@ -200,11 +200,11 @@ The following inputs can be used as `step.with` keys
| Name | Type | Description | | Name | Type | Description |
|----------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------| |----------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) | | `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `workdir` | String | Working directory of execution |
| `source` | String | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/bake/remote-definition/) | | `source` | String | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/bake/remote-definition/) |
| `allow` | List/CSV | Allow build to access specified resources (e.g., `network.host`) | | `allow` | List/CSV | Allow build to access specified resources (e.g., `network.host`) |
| `call` | String | Set method for evaluating build (e.g., check) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) | | `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `workdir` | String | Working directory of execution |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `no-cache` | Bool | Do not use cache when building the image (default `false`) | | `no-cache` | Bool | Do not use cache when building the image (default `false`) |
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) | | `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) |
| `load` | Bool | Load is a shorthand for `--set=*.output=type=docker` (default `false`) | | `load` | Bool | Load is a shorthand for `--set=*.output=type=docker` (default `false`) |
@@ -212,6 +212,7 @@ The following inputs can be used as `step.with` keys
| `push` | Bool | Push is a shorthand for `--set=*.output=type=registry` (default `false`) | | `push` | Bool | Push is a shorthand for `--set=*.output=type=registry` (default `false`) |
| `sbom` | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` | | `sbom` | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` |
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) | | `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) | | `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |
### outputs ### outputs

17
action.yml
View File

@@ -10,22 +10,22 @@ inputs:
builder: builder:
description: "Builder instance" description: "Builder instance"
required: false required: false
workdir:
description: "Working directory of bake execution"
required: false
default: '.'
source: source:
description: "Context to build from. Can be either local or a remote bake definition" description: "Context to build from. Can be either local or a remote bake definition"
required: false required: false
allow: allow:
description: "Allow build to access specified resources (e.g., network.host)" description: "Allow build to access specified resources (e.g., network.host)"
required: false required: false
call:
description: "Set method for evaluating build (e.g., check)"
required: false
files: files:
description: "List of bake definition files" description: "List of bake definition files"
required: false required: false
workdir:
description: "Working directory of bake execution"
required: false
default: '.'
targets:
description: "List of bake targets"
required: false
no-cache: no-cache:
description: "Do not use cache when building the image" description: "Do not use cache when building the image"
required: false required: false
@@ -51,6 +51,9 @@ inputs:
set: set:
description: "List of targets values to override (eg. targetpattern.key=value)" description: "List of targets values to override (eg. targetpattern.key=value)"
required: false required: false
targets:
description: "List of bake targets"
required: false
github-token: github-token:
description: "API token used to authenticate to a Git repository for remote definitions" description: "API token used to authenticate to a Git repository for remote definitions"
default: ${{ github.token }} default: ${{ github.token }}

24
src/context.ts
View File

@@ -11,11 +11,12 @@ import {Util} from '@docker/actions-toolkit/lib/util';
import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake'; import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake';
export interface Inputs { export interface Inputs {
allow: string[];
builder: string; builder: string;
files: string[];
workdir: string; workdir: string;
targets: string[]; source: string;
allow: string[];
call: string;
files: string[];
'no-cache': boolean; 'no-cache': boolean;
pull: boolean; pull: boolean;
load: boolean; load: boolean;
@@ -23,17 +24,18 @@ export interface Inputs {
push: boolean; push: boolean;
sbom: string; sbom: string;
set: string[]; set: string[];
source: string; targets: string[];
'github-token': string; 'github-token': string;
} }
export async function getInputs(): Promise<Inputs> { export async function getInputs(): Promise<Inputs> {
return { return {
allow: Util.getInputList('allow'),
builder: core.getInput('builder'), builder: core.getInput('builder'),
files: Util.getInputList('files'),
workdir: core.getInput('workdir') || '.', workdir: core.getInput('workdir') || '.',
targets: Util.getInputList('targets'), source: getSourceInput('source'),
allow: Util.getInputList('allow'),
call: core.getInput('call'),
files: Util.getInputList('files'),
'no-cache': core.getBooleanInput('no-cache'), 'no-cache': core.getBooleanInput('no-cache'),
pull: core.getBooleanInput('pull'), pull: core.getBooleanInput('pull'),
load: core.getBooleanInput('load'), load: core.getBooleanInput('load'),
@@ -41,7 +43,7 @@ export async function getInputs(): Promise<Inputs> {
push: core.getBooleanInput('push'), push: core.getBooleanInput('push'),
sbom: core.getInput('sbom'), sbom: core.getInput('sbom'),
set: Util.getInputList('set', {ignoreComma: true, quote: false}), set: Util.getInputList('set', {ignoreComma: true, quote: false}),
source: getSourceInput('source'), targets: Util.getInputList('targets'),
'github-token': core.getInput('github-token') 'github-token': core.getInput('github-token')
}; };
} }
@@ -69,6 +71,12 @@ async function getBakeArgs(inputs: Inputs, definition: BakeDefinition, toolkit:
args.push('--allow', allow); args.push('--allow', allow);
}); });
} }
if (inputs.call) {
if (!(await toolkit.buildx.versionSatisfies('>=0.16.0'))) {
throw new Error(`Buildx >= 0.16.0 is required to use the call flag.`);
}
args.push('--call', inputs.call);
}
await Util.asyncForEach(inputs.files, async file => { await Util.asyncForEach(inputs.files, async file => {
args.push('--file', file); args.push('--file', file);
}); });

24
src/main.ts
View File

@@ -146,8 +146,26 @@ actionsToolkit.run(
env: buildEnv, env: buildEnv,
ignoreReturnCode: true ignoreReturnCode: true
}).then(res => { }).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) { if (res.exitCode != 0) {
err = Error(`buildx bake failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`); if (inputs.call && inputs.call === 'check' && res.stdout.length > 0) {
// checks warnings are printed to stdout: https://github.com/docker/buildx/pull/2647
// with bake we can have multiple targets being checked so we need to
// count the total number of warnings
const totalWarnings = [...res.stdout.matchAll(/^Check complete, (\d+) warnings? (?:has|have) been found!/gm)].reduce((sum, m) => sum + parseInt(m[1], 10), 0);
if (totalWarnings > 0) {
// https://github.com/docker/buildx/blob/1e50e8ddabe108f009b9925e13a321d7c8f99f26/commands/build.go#L797-L803
if (totalWarnings === 1) {
err = Error(`Check complete, ${totalWarnings} warning has been found!`);
} else {
err = Error(`Check complete, ${totalWarnings} warnings have been found!`);
}
} else {
// if there are no warnings found, return the first line of stdout
err = Error(res.stdout.split('\n')[0]?.trim());
}
} else if (res.stderr.length > 0) {
err = Error(`buildx bake failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
}
} }
}); });
@@ -191,6 +209,8 @@ actionsToolkit.run(
await core.group(`Check build summary support`, async () => { await core.group(`Check build summary support`, async () => {
if (!buildSummaryEnabled()) { if (!buildSummaryEnabled()) {
core.info('Build summary disabled'); core.info('Build summary disabled');
} else if (inputs.call && inputs.call !== 'build') {
core.info(`Build summary skipped for ${inputs.call} subrequest`);
} else if (GitHub.isGHES) { } else if (GitHub.isGHES) {
core.info('Build summary is not yet supported on GHES'); core.info('Build summary is not yet supported on GHES');
} else if (!(await toolkit.buildx.versionSatisfies('>=0.13.0'))) { } else if (!(await toolkit.buildx.versionSatisfies('>=0.13.0'))) {