mirror of
https://github.com/thegeeklab/drone-docker-buildx.git
synced 2024-06-14 14:20:51 +02:00
docs: move documentation for the secrets option to parameter list (#286)
This commit is contained in:
parent
89db4c201e
commit
d16fd6376b
|
@ -27,7 +27,7 @@ The tags follow the major version of Docker, e.g. `20`, and the minor and patch
|
||||||
Be aware that the this plugin requires [privileged](https://docs.drone.io/pipeline/docker/syntax/steps/#privileged-mode) capabilities, otherwise the integrated Docker daemon is not able to start.
|
Be aware that the this plugin requires [privileged](https://docs.drone.io/pipeline/docker/syntax/steps/#privileged-mode) capabilities, otherwise the integrated Docker daemon is not able to start.
|
||||||
{{< /hint >}}
|
{{< /hint >}}
|
||||||
|
|
||||||
```YAML
|
```yaml
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
name: default
|
name: default
|
||||||
|
|
||||||
|
@ -58,7 +58,7 @@ If the created image is to be pushed to registries other than the default Docker
|
||||||
|
|
||||||
**GHCR:**
|
**GHCR:**
|
||||||
|
|
||||||
```YAML
|
```yaml
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
name: default
|
name: default
|
||||||
|
|
||||||
|
@ -76,7 +76,7 @@ steps:
|
||||||
|
|
||||||
**AWS ECR:**
|
**AWS ECR:**
|
||||||
|
|
||||||
```YAML
|
```yaml
|
||||||
kind: pipeline
|
kind: pipeline
|
||||||
name: default
|
name: default
|
||||||
|
|
||||||
|
@ -95,35 +95,11 @@ steps:
|
||||||
tags: latest
|
tags: latest
|
||||||
```
|
```
|
||||||
|
|
||||||
#### Expose secrets to the build
|
|
||||||
|
|
||||||
The [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) can be used by the build using `RUN --mount=type=secret` mount.
|
|
||||||
|
|
||||||
```Yaml
|
|
||||||
kind: pipeline
|
|
||||||
name: default
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- name: docker
|
|
||||||
image: thegeeklab/drone-docker-buildx:23
|
|
||||||
privileged: true
|
|
||||||
environment:
|
|
||||||
SECURE_TOKEN:
|
|
||||||
from_secret: secure_token
|
|
||||||
settings:
|
|
||||||
secrets:
|
|
||||||
- "id=raw_file_secret\\\\,src=file.txt"
|
|
||||||
- 'id=other_raw_file_secret\\,src=other_file.txt'
|
|
||||||
- "id=SECRET_TOKEN"
|
|
||||||
```
|
|
||||||
|
|
||||||
To use secrets from files a [host volume](https://docs.drone.io/pipeline/docker/syntax/volumes/host/) is required. This should be used with caution and avoided whenever possible.
|
|
||||||
|
|
||||||
## Build
|
## Build
|
||||||
|
|
||||||
Build the binary with the following command:
|
Build the binary with the following command:
|
||||||
|
|
||||||
```Shell
|
```shell
|
||||||
export GOOS=linux
|
export GOOS=linux
|
||||||
export GOARCH=amd64
|
export GOARCH=amd64
|
||||||
export CGO_ENABLED=0
|
export CGO_ENABLED=0
|
||||||
|
@ -134,13 +110,13 @@ make build
|
||||||
|
|
||||||
Build the Docker image with the following command:
|
Build the Docker image with the following command:
|
||||||
|
|
||||||
```Shell
|
```shell
|
||||||
docker build --file docker/Dockerfile.amd64 --tag thegeeklab/drone-docker-buildx .
|
docker build --file docker/Dockerfile.amd64 --tag thegeeklab/drone-docker-buildx .
|
||||||
```
|
```
|
||||||
|
|
||||||
## Test
|
## Test
|
||||||
|
|
||||||
```Shell
|
```shell
|
||||||
docker run --rm \
|
docker run --rm \
|
||||||
-e PLUGIN_TAG=latest \
|
-e PLUGIN_TAG=latest \
|
||||||
-e PLUGIN_REPO=octocat/hello-world \
|
-e PLUGIN_REPO=octocat/hello-world \
|
||||||
|
|
|
@ -75,7 +75,8 @@ properties:
|
||||||
description: |
|
description: |
|
||||||
Content of the docker buildkit toml [config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). Example:
|
Content of the docker buildkit toml [config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). Example:
|
||||||
|
|
||||||
```TOML
|
```yaml
|
||||||
|
steps:
|
||||||
- name: Build
|
- name: Build
|
||||||
image: thegeeklab/drone-docker-buildx:23
|
image: thegeeklab/drone-docker-buildx:23
|
||||||
settings:
|
settings:
|
||||||
|
@ -163,13 +164,14 @@ properties:
|
||||||
Images to consider as [cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from). To properly work,
|
Images to consider as [cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from). To properly work,
|
||||||
commas used in the cache source entries need to be escaped:
|
commas used in the cache source entries need to be escaped:
|
||||||
|
|
||||||
```Yaml
|
```yaml
|
||||||
|
steps:
|
||||||
- name: Build
|
- name: Build
|
||||||
image: thegeeklab/drone-docker-buildx:23
|
image: thegeeklab/drone-docker-buildx:23
|
||||||
settings:
|
settings:
|
||||||
repo: example/repo
|
repo: example/repo
|
||||||
cache_from:
|
cache_from:
|
||||||
# using quotes double-escaping is required
|
# while using quotes, double-escaping is required
|
||||||
- "type=registry\\\\,ref=example"
|
- "type=registry\\\\,ref=example"
|
||||||
- 'type=foo\\,ref=bar'
|
- 'type=foo\\,ref=bar'
|
||||||
```
|
```
|
||||||
|
@ -267,6 +269,27 @@ properties:
|
||||||
required: false
|
required: false
|
||||||
|
|
||||||
- name: secrets
|
- name: secrets
|
||||||
description: Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build.
|
description: |
|
||||||
|
Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build.
|
||||||
|
The secrets can be used by the build using `RUN --mount=type=secret` mount.
|
||||||
|
|
||||||
|
```yaml
|
||||||
|
steps:
|
||||||
|
- name: Build
|
||||||
|
image: thegeeklab/drone-docker-buildx:23
|
||||||
|
privileged: true
|
||||||
|
environment:
|
||||||
|
SECURE_TOKEN:
|
||||||
|
from_secret: secure_token
|
||||||
|
settings:
|
||||||
|
secrets:
|
||||||
|
# while using quotes, double-escaping is required
|
||||||
|
- "id=raw_file_secret\\\\,src=file.txt"
|
||||||
|
- 'id=other_raw_file_secret\\,src=other_file.txt'
|
||||||
|
- "id=SECRET_TOKEN"
|
||||||
|
```
|
||||||
|
|
||||||
|
To use secrets from files a [host volume](https://docs.drone.io/pipeline/docker/syntax/volumes/host/) is required.
|
||||||
|
This should be used with caution and avoided whenever possible.
|
||||||
type: list
|
type: list
|
||||||
required: false
|
required: false
|
||||||
|
|
Loading…
Reference in New Issue
Block a user