github/drone-docker-buildx
0
0
Fork 0
mirror of https://github.com/thegeeklab/drone-docker-buildx.git synced 2024-11-13 00:00:40 +00:00
Code Issues Projects Releases Wiki Activity

Compare commits

base: github:main
Branches Tags
github:main
github:renovate/configure
github:docs
github:secret-docs
github:v24.1.3
github:v24.1.2
github:v24.1.1
github:v24.1.0
github:v24.0.2
github:v24.0.1
github:v24.0.0
github:v23.1.2
github:v23.1.1
github:v23.1.0
github:v23.0.2
github:v23.0.1
github:v23.0.0
github:v20.13.6
github:v20.13.5
github:v20.13.4
github:v20.13.3
github:v20.13.2
github:v20.13.1
github:v20.13.0
github:v20.12.8
github:v20.12.7
github:v20.12.6
github:v20.12.5
github:v20.12.4
github:v20.12.3
github:v20.12.2
github:v20.12.1
github:v20.12.0
github:v20.11.13
github:v20.11.12
github:v20.11.11
github:v20.11.10
github:v20.11.9
github:v20.11.8
github:v20.11.7
github:v20.11.6
github:v20.11.5
github:v20.11.4
github:v20.11.3
github:v20.11.2
github:v20.11.1
github:v20.11.0
github:v20.10.16
github:v20.10.15
github:v20.10.14
github:v20.10.13
github:v20.10.12
github:v20.10.11
github:v20.10.10
github:v20.10.9
github:v20.10.8
github:v20.10.7
github:v20.10.6
github:v20.10.5
github:v20.10.4
github:v20.10.3
github:v20.10.2
github:v20.10.1
..
compare: github:v20.12.7
Branches Tags
github:renovate/configure
github:main
github:docs
github:secret-docs
github:v24.1.3
github:v24.1.2
github:v24.1.1
github:v24.1.0
github:v24.0.2
github:v24.0.1
github:v24.0.0
github:v23.1.2
github:v23.1.1
github:v23.1.0
github:v23.0.2
github:v23.0.1
github:v23.0.0
github:v20.13.6
github:v20.13.5
github:v20.13.4
github:v20.13.3
github:v20.13.2
github:v20.13.1
github:v20.13.0
github:v20.12.8
github:v20.12.7
github:v20.12.6
github:v20.12.5
github:v20.12.4
github:v20.12.3
github:v20.12.2
github:v20.12.1
github:v20.12.0
github:v20.11.13
github:v20.11.12
github:v20.11.11
github:v20.11.10
github:v20.11.9
github:v20.11.8
github:v20.11.7
github:v20.11.6
github:v20.11.5
github:v20.11.4
github:v20.11.3
github:v20.11.2
github:v20.11.1
github:v20.11.0
github:v20.10.16
github:v20.10.15
github:v20.10.14
github:v20.10.13
github:v20.10.12
github:v20.10.11
github:v20.10.10
github:v20.10.9
github:v20.10.8
github:v20.10.7
github:v20.10.6
github:v20.10.5
github:v20.10.4
github:v20.10.3
github:v20.10.2
github:v20.10.1

No commits in common. "main" and "v20.12.7" have entirely different histories.
main ... v20.12.7

29 changed files with 1005 additions and 540 deletions
Show Stats Expand all files Collapse all files

5
.dictionary
View File

@ -9,12 +9,9 @@ config
dockerfile
og
gzip
toml
json
config
host:ip
drone-docker-buildx
multiarch
buildx
DockerHub
ECR
GHCR

2
.dockerignore Normal file
View File

@ -0,0 +1,2 @@
*
!dist/

349
.drone.jsonnet Normal file
View File

@ -0,0 +1,349 @@
local PipelineTest = {
kind: 'pipeline',
name: 'test',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'deps',
image: 'golang:1.19',
commands: [
'make deps',
],
volumes: [
{
name: 'godeps',
path: '/go',
},
],
},
{
name: 'lint',
image: 'golang:1.19',
commands: [
'make lint',
],
volumes: [
{
name: 'godeps',
path: '/go',
},
],
},
{
name: 'test',
image: 'golang:1.19',
commands: [
'make test',
],
volumes: [
{
name: 'godeps',
path: '/go',
},
],
},
],
volumes: [
{
name: 'godeps',
temp: {},
},
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineBuildBinaries = {
kind: 'pipeline',
name: 'build-binaries',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
name: 'build',
image: 'techknowlogick/xgo:go-1.19.x',
commands: [
'ln -s /drone/src /source',
'make release',
],
},
{
name: 'executable',
image: 'alpine',
commands: [
'$(find dist/ -executable -type f -iname ${DRONE_REPO_NAME}-linux-amd64) --help',
],
},
{
name: 'changelog-generate',
image: 'thegeeklab/git-chglog',
commands: [
'git fetch -tq',
'git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}',
],
},
{
name: 'changelog-format',
image: 'thegeeklab/alpine-tools',
commands: [
'prettier CHANGELOG.md',
'prettier -w CHANGELOG.md',
],
},
{
name: 'publish',
image: 'plugins/github-release',
settings: {
overwrite: true,
api_key: {
from_secret: 'github_token',
},
files: ['dist/*'],
title: '${DRONE_TAG}',
note: 'CHANGELOG.md',
},
when: {
ref: [
'refs/tags/**',
],
},
},
],
depends_on: [
'test',
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineBuildContainer(arch='amd64') = {
kind: 'pipeline',
name: 'build-container-' + arch,
platform: {
os: 'linux',
arch: arch,
},
steps: [
{
name: 'build',
image: 'golang:1.19',
commands: [
'make build',
],
},
{
name: 'dryrun',
image: 'thegeeklab/drone-docker:19',
settings: {
dry_run: true,
dockerfile: 'docker/Dockerfile.' + arch,
repo: 'thegeeklab/${DRONE_REPO_NAME}',
},
depends_on: ['build'],
when: {
ref: ['refs/pull/**'],
},
},
{
name: 'publish-dockerhub',
image: 'thegeeklab/drone-docker:19',
settings: {
auto_tag: true,
auto_tag_suffix: arch,
dockerfile: 'docker/Dockerfile.' + arch,
repo: 'thegeeklab/${DRONE_REPO_NAME}',
username: { from_secret: 'docker_username' },
password: { from_secret: 'docker_password' },
},
when: {
ref: ['refs/heads/main', 'refs/tags/**'],
},
depends_on: ['dryrun'],
},
{
name: 'publish-quay',
image: 'thegeeklab/drone-docker:19',
settings: {
auto_tag: true,
auto_tag_suffix: arch,
dockerfile: 'docker/Dockerfile.' + arch,
registry: 'quay.io',
repo: 'quay.io/thegeeklab/${DRONE_REPO_NAME}',
username: { from_secret: 'quay_username' },
password: { from_secret: 'quay_password' },
},
when: {
ref: ['refs/heads/main', 'refs/tags/**'],
},
depends_on: ['dryrun'],
},
],
depends_on: [
'test',
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineDocs = {
kind: 'pipeline',
name: 'docs',
platform: {
os: 'linux',
arch: 'amd64',
},
concurrency: {
limit: 1,
},
steps: [
{
name: 'markdownlint',
image: 'thegeeklab/markdownlint-cli',
commands: [
"markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'",
],
},
{
name: 'spellcheck',
image: 'thegeeklab/alpine-tools',
commands: [
"spellchecker --files '_docs/**/*.md' 'README.md' 'CONTRIBUTING.md' -d .dictionary -p spell indefinite-article syntax-urls --no-suggestions",
],
environment: {
FORCE_COLOR: true,
NPM_CONFIG_LOGLEVEL: 'error',
},
},
{
name: 'publish',
image: 'plugins/gh-pages',
settings: {
username: { from_secret: 'github_username' },
password: { from_secret: 'github_token' },
pages_directory: '_docs/',
target_branch: 'docs',
},
when: {
ref: ['refs/heads/main'],
},
},
],
depends_on: [
'build-binaries',
'build-container-amd64',
'build-container-arm64',
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
},
};
local PipelineNotifications = {
kind: 'pipeline',
name: 'notifications',
platform: {
os: 'linux',
arch: 'amd64',
},
steps: [
{
image: 'plugins/manifest',
name: 'manifest-dockerhub',
settings: {
ignore_missing: true,
auto_tag: true,
username: { from_secret: 'docker_username' },
password: { from_secret: 'docker_password' },
spec: 'docker/manifest.tmpl',
},
when: {
status: ['success'],
},
},
{
image: 'plugins/manifest',
name: 'manifest-quay',
settings: {
ignore_missing: true,
auto_tag: true,
username: { from_secret: 'quay_username' },
password: { from_secret: 'quay_password' },
spec: 'docker/manifest-quay.tmpl',
},
when: {
status: ['success'],
},
},
{
name: 'pushrm-dockerhub',
image: 'chko/docker-pushrm:1',
environment: {
DOCKER_PASS: {
from_secret: 'docker_password',
},
DOCKER_USER: {
from_secret: 'docker_username',
},
PUSHRM_FILE: 'README.md',
PUSHRM_SHORT: 'Drone plugin to build multiarch Docker images with buildx',
PUSHRM_TARGET: 'thegeeklab/${DRONE_REPO_NAME}',
},
when: {
status: ['success'],
},
},
{
name: 'pushrm-quay',
image: 'chko/docker-pushrm:1',
environment: {
APIKEY__QUAY_IO: {
from_secret: 'quay_token',
},
PUSHRM_FILE: 'README.md',
PUSHRM_TARGET: 'quay.io/thegeeklab/${DRONE_REPO_NAME}',
},
when: {
status: ['success'],
},
},
{
name: 'matrix',
image: 'thegeeklab/drone-matrix',
settings: {
homeserver: { from_secret: 'matrix_homeserver' },
roomid: { from_secret: 'matrix_roomid' },
template: 'Status: **{{ build.Status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.Link }}){{#if build.Branch}} ({{ build.Branch }}){{/if}} by {{ commit.Author }}<br/> Message: {{ commit.Message.Title }}',
username: { from_secret: 'matrix_username' },
password: { from_secret: 'matrix_password' },
},
when: {
status: ['success', 'failure'],
},
},
],
depends_on: [
'docs',
],
trigger: {
ref: ['refs/heads/main', 'refs/tags/**'],
status: ['success', 'failure'],
},
};
[
PipelineTest,
PipelineBuildBinaries,
PipelineBuildContainer(arch='amd64'),
PipelineBuildContainer(arch='arm64'),
PipelineDocs,
PipelineNotifications,
]

386
.drone.yml Normal file
View File

@ -0,0 +1,386 @@
---
kind: pipeline
name: test
platform:
os: linux
arch: amd64
steps:
- name: deps
image: golang:1.19
commands:
- make deps
volumes:
- name: godeps
path: /go
- name: lint
image: golang:1.19
commands:
- make lint
volumes:
- name: godeps
path: /go
- name: test
image: golang:1.19
commands:
- make test
volumes:
- name: godeps
path: /go
volumes:
- name: godeps
temp: {}
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
---
kind: pipeline
name: build-binaries
platform:
os: linux
arch: amd64
steps:
- name: build
image: techknowlogick/xgo:go-1.19.x
commands:
- ln -s /drone/src /source
- make release
- name: executable
image: alpine
commands:
- $(find dist/ -executable -type f -iname ${DRONE_REPO_NAME}-linux-amd64) --help
- name: changelog-generate
image: thegeeklab/git-chglog
commands:
- git fetch -tq
- git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}
- name: changelog-format
image: thegeeklab/alpine-tools
commands:
- prettier CHANGELOG.md
- prettier -w CHANGELOG.md
- name: publish
image: plugins/github-release
settings:
api_key:
from_secret: github_token
files:
- dist/*
note: CHANGELOG.md
overwrite: true
title: ${DRONE_TAG}
when:
ref:
- refs/tags/**
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- test
---
kind: pipeline
name: build-container-amd64
platform:
os: linux
arch: amd64
steps:
- name: build
image: golang:1.19
commands:
- make build
- name: dryrun
image: thegeeklab/drone-docker:19
settings:
dockerfile: docker/Dockerfile.amd64
dry_run: true
repo: thegeeklab/${DRONE_REPO_NAME}
when:
ref:
- refs/pull/**
depends_on:
- build
- name: publish-dockerhub
image: thegeeklab/drone-docker:19
settings:
auto_tag: true
auto_tag_suffix: amd64
dockerfile: docker/Dockerfile.amd64
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- dryrun
- name: publish-quay
image: thegeeklab/drone-docker:19
settings:
auto_tag: true
auto_tag_suffix: amd64
dockerfile: docker/Dockerfile.amd64
password:
from_secret: quay_password
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: quay_username
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- dryrun
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- test
---
kind: pipeline
name: build-container-arm64
platform:
os: linux
arch: arm64
steps:
- name: build
image: golang:1.19
commands:
- make build
- name: dryrun
image: thegeeklab/drone-docker:19
settings:
dockerfile: docker/Dockerfile.arm64
dry_run: true
repo: thegeeklab/${DRONE_REPO_NAME}
when:
ref:
- refs/pull/**
depends_on:
- build
- name: publish-dockerhub
image: thegeeklab/drone-docker:19
settings:
auto_tag: true
auto_tag_suffix: arm64
dockerfile: docker/Dockerfile.arm64
password:
from_secret: docker_password
repo: thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: docker_username
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- dryrun
- name: publish-quay
image: thegeeklab/drone-docker:19
settings:
auto_tag: true
auto_tag_suffix: arm64
dockerfile: docker/Dockerfile.arm64
password:
from_secret: quay_password
registry: quay.io
repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
username:
from_secret: quay_username
when:
ref:
- refs/heads/main
- refs/tags/**
depends_on:
- dryrun
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- test
---
kind: pipeline
name: docs
platform:
os: linux
arch: amd64
concurrency:
limit: 1
steps:
- name: markdownlint
image: thegeeklab/markdownlint-cli
commands:
- markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'
- name: spellcheck
image: thegeeklab/alpine-tools
commands:
- spellchecker --files '_docs/**/*.md' 'README.md' 'CONTRIBUTING.md' -d .dictionary -p spell indefinite-article syntax-urls --no-suggestions
environment:
FORCE_COLOR: true
NPM_CONFIG_LOGLEVEL: error
- name: publish
image: plugins/gh-pages
settings:
pages_directory: _docs/
password:
from_secret: github_token
target_branch: docs
username:
from_secret: github_username
when:
ref:
- refs/heads/main
trigger:
ref:
- refs/heads/main
- refs/tags/**
- refs/pull/**
depends_on:
- build-binaries
- build-container-amd64
- build-container-arm64
---
kind: pipeline
name: notifications
platform:
os: linux
arch: amd64
steps:
- name: manifest-dockerhub
image: plugins/manifest
settings:
auto_tag: true
ignore_missing: true
password:
from_secret: docker_password
spec: docker/manifest.tmpl
username:
from_secret: docker_username
when:
status:
- success
- name: manifest-quay
image: plugins/manifest
settings:
auto_tag: true
ignore_missing: true
password:
from_secret: quay_password
spec: docker/manifest-quay.tmpl
username:
from_secret: quay_username
when:
status:
- success
- name: pushrm-dockerhub
image: chko/docker-pushrm:1
environment:
DOCKER_PASS:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
PUSHRM_FILE: README.md
PUSHRM_SHORT: Drone plugin to build multiarch Docker images with buildx
PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME}
when:
status:
- success
- name: pushrm-quay
image: chko/docker-pushrm:1
environment:
APIKEY__QUAY_IO:
from_secret: quay_token
PUSHRM_FILE: README.md
PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME}
when:
status:
- success
- name: matrix
image: thegeeklab/drone-matrix
settings:
homeserver:
from_secret: matrix_homeserver
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
template: "Status: **{{ build.Status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.Link }}){{#if build.Branch}} ({{ build.Branch }}){{/if}} by {{ commit.Author }}<br/> Message: {{ commit.Message.Title }}"
username:
from_secret: matrix_username
when:
status:
- success
- failure
trigger:
ref:
- refs/heads/main
- refs/tags/**
status:
- success
- failure
depends_on:
- docs
---
kind: signature
hmac: 406af709c926dd4fd1b189a89d7b10d65e889e881d4fec63ac3526672a3e3336
...

106
.golangci.yml
View File

@ -1,91 +1,25 @@
linters:
enable:
- gosimple
- deadcode
- typecheck
- govet
- errcheck
- staticcheck
- unused
- structcheck
- varcheck
- dupl
- gofmt
- misspell
- gocritic
- bidichk
- ineffassign
- revive
- gofumpt
- depguard
enable-all: false
disable-all: true
enable:
- errcheck
- gosimple
- govet
- ineffassign
- staticcheck
- typecheck
- unused
- asasalint
- asciicheck
- bidichk
- bodyclose
- containedctx
- contextcheck
- decorder
- dogsled
- dupl
- dupword
- durationcheck
- errchkjson
- errname
- errorlint
- execinquery
- exhaustive
- exportloopref
- forcetypeassert
- ginkgolinter
- gocheckcompilerdirectives
- gochecknoglobals
- gochecknoinits
- gocognit
- goconst
- gocritic
- gocyclo
- godot
- godox
- goerr113
- gofmt
- gofumpt
- goheader
- goimports
- gomnd
- gomoddirectives
- gomodguard
- goprintffuncname
- gosec
- grouper
- importas
- interfacebloat
- ireturn
- lll
- loggercheck
- maintidx
- makezero
- misspell
- musttag
- nakedret
- nestif
- nilerr
- nilnil
- nlreturn
- noctx
- nolintlint
- nonamedreturns
- nosprintfhostport
- prealloc
- predeclared
- promlinter
- reassign
- revive
# - rowserrcheck
# - sqlclosecheck
# - structcheck
- stylecheck
- tagliatelle
- tenv
- testableexamples
- thelper
- tparallel
- unconvert
- unparam
- usestdlibvars
# - wastedassign
- whitespace
- wsl
fast: false
run:
@ -94,4 +28,4 @@ run:
linters-settings:
gofumpt:
extra-rules: true
lang-version: "1.20"
lang-version: "1.18"

2
CONTRIBUTING.md
View File

@ -3,7 +3,7 @@
## Security
If you think you have found a **security issue**, please do not mention it in this repository.
Instead, send an email to `security@thegeeklab.de` with as many details as possible so it can be handled confidential.
Instead, send an email to security@thegeeklab.de with as many details as possible so it can be handled confidential.
## Bug Reports and Feature Requests

3
Corefile
View File

@ -1,3 +0,0 @@
.:53 {
forward . /etc/resolv.conf
}

15
Makefile
View File

@ -1,7 +1,7 @@
# renovate: datasource=github-releases depName=mvdan/gofumpt
GOFUMPT_PACKAGE_VERSION := v0.5.0
GOFUMPT_PACKAGE_VERSION := v0.4.0
# renovate: datasource=github-releases depName=golangci/golangci-lint
GOLANGCI_LINT_PACKAGE_VERSION := v1.54.2
GOLANGCI_LINT_PACKAGE_VERSION := v1.50.1
EXECUTABLE := drone-docker-buildx
@ -19,14 +19,9 @@ GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@$(G
XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
GENERATE ?=
XGO_VERSION := go-1.20.x
XGO_TARGETS ?= linux/amd64,linux/arm64
XGO_VERSION := go-1.19.x
XGO_TARGETS ?= linux/amd64,linux/arm-6,linux/arm-7,linux/arm64
TARGETOS ?= linux
TARGETARCH ?= amd64
ifneq ("$(TARGETVARIANT)","")
GOARM ?= $(subst v,,$(TARGETVARIANT))
endif
TAGS ?= netgo
ifndef VERSION
@ -74,7 +69,7 @@ test:
build: $(DIST)/$(EXECUTABLE)
$(DIST)/$(EXECUTABLE): $(SOURCES)
GOOS=$(TARGETOS) GOARCH=$(TARGETARCH) GOARM=$(GOARM) $(GO) build -v -tags '$(TAGS)' -ldflags '-extldflags "-static" $(LDFLAGS)' -o $@ ./cmd/$(EXECUTABLE)
$(GO) build -v -tags '$(TAGS)' -ldflags '-extldflags "-static" $(LDFLAGS)' -o $@ ./cmd/$(EXECUTABLE)
$(DIST_DIRS):
mkdir -p $(DIST_DIRS)

4
README.md
View File

@ -1,6 +1,6 @@
# drone-docker-buildx
DISCONTINUED: Drone plugin to build multiarch Docker images with buildx
Drone plugin to build multiarch Docker images with buildx
[![Build Status](https://img.shields.io/drone/build/thegeeklab/drone-docker-buildx?logo=drone&server=https%3A%2F%2Fdrone.thegeeklab.de)](https://drone.thegeeklab.de/thegeeklab/drone-docker-buildx)
[![Docker Hub](https://img.shields.io/badge/dockerhub-latest-blue.svg?logo=docker&logoColor=white)](https://hub.docker.com/r/thegeeklab/drone-docker-buildx)
@ -10,8 +10,6 @@ DISCONTINUED: Drone plugin to build multiarch Docker images with buildx
[![Source: GitHub](https://img.shields.io/badge/source-github-blue.svg?logo=github&logoColor=white)](https://github.com/thegeeklab/drone-docker-buildx)
[![License: Apache-2.0](https://img.shields.io/github/license/thegeeklab/drone-docker-buildx)](https://github.com/thegeeklab/drone-docker-buildx/blob/main/LICENSE)
> **DISCONTINUED:** As I don't use Drone CI anymore, this project is unmaintained. If you are interested in a free and open source CI system check out [Woodpecker CI](https://woodpecker-ci.org/).
Drone plugin to build multiarch Docker images with buildx. This plugin is a fork of [drone-plugins/drone-docker](https://github.com/drone-plugins/drone-docker). You can find the full documentation at [https://drone-plugin-index.geekdocs.de](https://drone-plugin-index.geekdocs.de/plugins/drone-docker-buildx).
## Versioning

57
_docs/content/_index.md
View File

@ -27,13 +27,13 @@ The tags follow the major version of Docker, e.g. `20`, and the minor and patch
Be aware that the this plugin requires [privileged](https://docs.drone.io/pipeline/docker/syntax/steps/#privileged-mode) capabilities, otherwise the integrated Docker daemon is not able to start.
{{< /hint >}}
```yaml
```YAML
kind: pipeline
name: default
steps:
- name: docker
image: thegeeklab/drone-docker-buildx:23
image: thegeeklab/drone-docker-buildx
privileged: true
settings:
username: octocat
@ -46,60 +46,15 @@ steps:
<!-- prettier-ignore-start -->
<!-- spellchecker-disable -->
{{< propertylist name=drone-docker-buildx.data sort=name >}}
{{< propertylist name=drone-docker-buildx.data >}}
<!-- spellchecker-enable -->
<!-- prettier-ignore-end -->
### Examples
#### Push to other registries than DockerHub
If the created image is to be pushed to registries other than the default DockerHub, it is necessary to set `registry` and `repo` as fully-qualified name.
**GHCR:**
```yaml
kind: pipeline
name: default
steps:
- name: docker
image: thegeeklab/drone-docker-buildx:23
privileged: true
settings:
registry: ghcr.io
username: octocat
password: secret-access-token
repo: ghcr.io/octocat/example
tags: latest
```
**AWS ECR:**
```yaml
kind: pipeline
name: default
steps:
- name: docker
image: thegeeklab/drone-docker-buildx:23
privileged: true
environment:
AWS_ACCESS_KEY_ID:
from_secret: aws_access_key_id
AWS_SECRET_ACCESS_KEY:
from_secret: aws_secret_access_key
settings:
registry: <account_id>.dkr.ecr.<region>.amazonaws.com
repo: <account_id>.dkr.ecr.<region>.amazonaws.com/octocat/example
tags: latest
```
## Build
Build the binary with the following command:
```shell
```Shell
export GOOS=linux
export GOARCH=amd64
export CGO_ENABLED=0
@ -110,13 +65,13 @@ make build
Build the Docker image with the following command:
```shell
```Shell
docker build --file docker/Dockerfile.amd64 --tag thegeeklab/drone-docker-buildx .
```
## Test
```shell
```Shell
docker run --rm \
-e PLUGIN_TAG=latest \
-e PLUGIN_REPO=octocat/hello-world \

156
_docs/data/data.yaml
View File

@ -1,119 +1,106 @@
---
properties:
- name: dry_run
dry_run:
description: Disable docker push.
type: bool
required: false
- name: mirror
mirror:
description: Use a registry mirror to pull images.
type: string
required: false
- name: storage_driver
storage_driver:
description: The docker daemon storage driver.
type: string
required: false
- name: storage_path
storage_path:
description: The docker daemon storage path.
defaultValue: /var/lib/docker
type: string
required: false
- name: bip
bip:
description: Allows the docker daemon to bride IP address.
type: string
required: false
- name: mtu
mtu:
description: A docker daemon custom MTU.
type: string
required: false
- name: custom_dns
custom_dns:
description: Custom docker daemon DNS server.
type: list
required: false
- name: custom_dns_search
custom_dns_search:
description: Custom docker daemon DNS search domain.
type: list
required: false
- name: insecure
insecure:
description: Enable the usage of insecure registries.
type: bool
defaultValue: false
required: false
- name: ipv6
ipv6:
description: Enable docker daemon IPv6 support.
type: bool
defaultValue: false
required: false
- name: experimental
experimental:
description: Enable docker daemon experimental mode.
type: bool
defaultValue: false
required: false
- name: debug
debug:
description: Enable verbose debug mode for the docker daemon.
type: string
defaultValue: false
required: false
- name: daemon_off
daemon_off:
description: Disable the startup of the docker daemon.
type: string
defaultValue: false
required: false
- name: buildkit_config
description: |
Content of the docker buildkit toml [config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). Example:
```yaml
steps:
- name: Build
image: thegeeklab/drone-docker-buildx:23
settings:
repo: example/repo
buildkit_config: |
[registry."registry.local:30081"]
http = true
insecure = true
```
buildkit_config:
description: Content of the docker buildkit json config.
type: string
defaultValue: false
required: false
- name: dockerfile
dockerfile:
description: Set dockerfile to use for the image build.
defaultValue: Dockerfile
type: string
required: false
- name: context
context:
description: Set the path of the build context to use.
defaultValue: .
type: string
required: false
- name: named_context
named_context:
description: Set additional named [build contexts](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-context) (e.g., name=path).
type: list
required: false
- name: tags
tags:
description: Set repository tags to use for the image. Tags can also be loaded from a `.tags` file.
defaultValue: latest
type: list
required: false
- name: auto_tag
auto_tag:
description: |
Generate tag names automatically based on git branch and git tag. When this feature is enabled and the event type is `tag`,
the plugin will automatically tag the image using the standard semVer convention. For example:
@ -125,12 +112,12 @@ properties:
type: bool
required: false
- name: auto_tag_suffix
auto_tag_suffix:
description: Generate tag names with the given suffix.
type: string
required: false
- name: extra_tags
extra_tags:
description: |
Set additional tags to be used for the image. Additional tags can also be loaded from an `.extratags` file. This function can be used
to push images to multiple registries at once. Therefore, it is necessary to use the `config` flag to provide a configuration file
@ -138,65 +125,64 @@ properties:
type: list
required: false
- name: build_args
description: Custom build arguments to pass to the build.
build_args:
description: Ccustom build arguments to pass to the build.
type: list
required: false
- name: build_args_from_env
build_args_from_env:
description: Forward environment variables as custom arguments to the build.
type: list
required: false
- name: quiet
quiet:
description: Enable suppression of the build output.
defaultValue: false
type: bool
required: false
- name: target
target:
description: The docker build target.
type: string
required: false
- name: cache_from
cache_from:
description: |
Images to consider as [cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from). To properly work,
commas used in the cache source entries need to be escaped:
```yaml
steps:
- name: Build
image: thegeeklab/drone-docker-buildx:23
settings:
repo: example/repo
cache_from:
# while using quotes, double-escaping is required
- "type=registry\\\\,ref=example"
- 'type=foo\\,ref=bar'
```Yaml
- name: Build
image: thegeeklab/drone-docker-buildx:20
settings:
repo: example/repo
cache_from:
# using quotes double-escaping is required
- "type=registry\\\\,ref=example"
- 'type=foo\\,ref=bar'
```
type: list
required: false
- name: cache_to
cache_to:
description: |
[Cache destination](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-to) for the build cache.
type: string
required: false
- name: pull_image
pull_image:
description: Enforce to pull the base image at build time.
defaultValue: true
type: bool
required: false
- name: compress
compress:
description: Enable compression of the build context using gzip.
defaultValue: false
type: bool
required: false
- name: output
output:
description: |
[Export action](https://docs.docker.com/engine/reference/commandline/buildx_build/#output) for the build result
(format: `path` or `type=TYPE[,KEY=VALUE]`).
@ -204,92 +190,54 @@ properties:
type: bool
required: false
- name: repo
description: |
Repository name for the image. If the image is to be pushed to registries other than the default DockerHub,
it is necessary to set `repo` as fully-qualified name.
repo:
description: Repository name for the image.
type: string
required: false
- name: registry
registry:
description: Docker registry to upload images.
defaultValue: https://index.docker.io/v1/
type: string
required: false
- name: username
username:
description: Username for authentication with the registry.
type: string
required: false
- name: password
password:
description: Password for authentication with the registry.
type: string
required: false
- name: email
email:
description: E-Mail address for authentication with the registry.
type: string
required: false
- name: config
config:
description: Content of the docker daemon json config.
type: string
required: false
- name: no_cache
no_cache:
description: Disable the usage of cached intermediate containers.
defaultValue: false
type: string
required: false
- name: add_host
add_host:
description: Additional `host:ip` mapping.
type: list
required: false
- name: platforms
platforms:
description: Target platforms for build.
type: list
required: false
- name: labels
labels:
description: Labels to add to the image.
type: list
required: false
- name: provenance
description: Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build (shorthand for `--attest=type=provenance`).
type: string
required: false
- name: sbom
description: Generate [sbom](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest type=sbom`).
type: string
required: false
- name: secrets
description: |
Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build.
The secrets can be used by the build using `RUN --mount=type=secret` mount.
```yaml
steps:
- name: Build
image: thegeeklab/drone-docker-buildx:23
privileged: true
environment:
SECURE_TOKEN:
from_secret: secure_token
settings:
secrets:
# while using quotes, double-escaping is required
- "id=raw_file_secret\\\\,src=file.txt"
- 'id=other_raw_file_secret\\,src=other_file.txt'
- "id=SECRET_TOKEN"
```
To use secrets from files a [host volume](https://docs.drone.io/pipeline/docker/syntax/volumes/host/) is required.
This should be used with caution and avoided whenever possible.
type: list
required: false

25
cmd/drone-docker-buildx/config.go
View File

@ -7,8 +7,6 @@ import (
)
// settingsFlags has the cli.Flags for the plugin.Settings.
//
//nolint:maintidx
func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
return []cli.Flag{
&cli.BoolFlag{
@ -111,7 +109,7 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
&cli.StringFlag{
Name: "daemon.buildkit-config",
EnvVars: []string{"PLUGIN_BUILDKIT_CONFIG"},
Usage: "content of the docker buildkit toml config",
Usage: "content of the docker buildkit json config",
Destination: &settings.Daemon.BuildkitConfig,
Category: category,
},
@ -307,26 +305,5 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
Destination: &settings.Build.Labels,
Category: category,
},
&cli.StringFlag{
Name: "provenance",
EnvVars: []string{"PLUGIN_PROVENANCE"},
Usage: "generates provenance attestation for the build",
Destination: &settings.Build.Provenance,
Category: category,
},
&cli.StringFlag{
Name: "sbom",
EnvVars: []string{"PLUGIN_SBOM"},
Usage: "generates sbom attestation for the build",
Destination: &settings.Build.SBOM,
Category: category,
},
&cli.GenericFlag{
Name: "secrets",
EnvVars: []string{"PLUGIN_SECRETS"},
Usage: "exposes secrets to the build",
Value: &drone.StringSliceFlag{},
Category: category,
},
}
}

18
cmd/drone-docker-buildx/main.go
View File

@ -1,7 +1,6 @@
package main
import (
"errors"
"fmt"
"os"
@ -14,14 +13,11 @@ import (
"github.com/thegeeklab/drone-plugin-lib/v2/urfave"
)
//nolint:gochecknoglobals
var (
BuildVersion = "devel"
BuildDate = "00000000"
)
var ErrTypeAssertionFailed = errors.New("type assertion failed")
func main() {
settings := &plugin.Settings{}
@ -50,19 +46,7 @@ func run(settings *plugin.Settings) cli.ActionFunc {
return func(ctx *cli.Context) error {
urfave.LoggingFromContext(ctx)
cacheFrom, ok := ctx.Generic("cache-from").(*drone.StringSliceFlag)
if !ok {
return fmt.Errorf("%w: failed to read cache-from input", ErrTypeAssertionFailed)
}
settings.Build.CacheFrom = cacheFrom.Get()
secrets, ok := ctx.Generic("secrets").(*drone.StringSliceFlag)
if !ok {
return fmt.Errorf("%w: failed to read secrets input", ErrTypeAssertionFailed)
}
settings.Build.Secrets = secrets.Get()
settings.Build.CacheFrom = ctx.Generic("cache-from").(*drone.StringSliceFlag).Get()
plugin := plugin.New(
*settings,

24
Dockerfile.multiarch → docker/Dockerfile.amd64
View File

@ -1,14 +1,4 @@
FROM --platform=$BUILDPLATFORM golang:1.20@sha256:741d6f9bcab778441efe05c8e4369d4f8ff56c9a635a97d77f55d8b0ec62f907 as build
ARG TARGETOS
ARG TARGETARCH
ADD . /src
WORKDIR /src
RUN make build
FROM docker:24.0-dind@sha256:020562d22f11c27997e00da910ed6b580d93094bc25841cb87aacab4ced4a882
FROM docker:20.10-dind@sha256:80e81aecd51d80e63ae4cbbd5eb1968e84edd151b90ef2c2f17e1004c7a3832b
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
@ -17,25 +7,21 @@ LABEL org.opencontainers.image.url="https://github.com/thegeeklab/drone-docker-b
LABEL org.opencontainers.image.source="https://github.com/thegeeklab/drone-docker-buildx"
LABEL org.opencontainers.image.documentation="https://github.com/thegeeklab/drone-docker-buildx"
ARG TARGETOS
ARG TARGETARCH
ARG BUILDX_VERSION
# renovate: datasource=github-releases depName=docker/buildx
ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.11.2}"
ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.9.1}"
ENV DOCKER_HOST=unix:///var/run/docker.sock
RUN apk --update add --virtual .build-deps curl && \
apk --update add --no-cache git coredns && \
mkdir -p /usr/lib/docker/cli-plugins/ && \
curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx \
"https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.${TARGETOS:-linux}-${TARGETARCH:-amd64}" && \
curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.linux-amd64" && \
chmod 755 /usr/lib/docker/cli-plugins/docker-buildx && \
apk del .build-deps && \
rm -rf /var/cache/apk/* && \
rm -rf /tmp/*
COPY --from=build /src/Corefile /etc/coredns/Corefile
COPY --from=build /src/dist/drone-docker-buildx /bin/drone-docker-buildx
ADD dist/drone-docker-buildx /bin/
ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "drone-docker-buildx"]

27
docker/Dockerfile.arm Normal file
View File

@ -0,0 +1,27 @@
FROM arm32v7/docker:20.10-dind
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.title="drone-docker-buildx"
LABEL org.opencontainers.image.url="https://github.com/thegeeklab/drone-docker-buildx"
LABEL org.opencontainers.image.source="https://github.com/thegeeklab/drone-docker-buildx"
LABEL org.opencontainers.image.documentation="https://github.com/thegeeklab/drone-docker-buildx"
ARG BUILDX_VERSION
# renovate: datasource=github-releases depName=docker/buildx
ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.9.1}"
ENV DOCKER_HOST=unix:///var/run/docker.sock
RUN apk --update add --virtual .build-deps curl && \
mkdir -p /usr/lib/docker/cli-plugins/ && \
curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.linux-arm-v7" && \
chmod 755 /usr/lib/docker/cli-plugins/docker-buildx && \
apk del .build-deps && \
rm -rf /var/cache/apk/* && \
rm -rf /tmp/*
ADD dist/drone-docker-buildx /bin/
ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "drone-docker-buildx"]

27
docker/Dockerfile.arm64 Normal file
View File

@ -0,0 +1,27 @@
FROM arm64v8/docker:20.10-dind@sha256:9a71869312a529739ddc360ca625e811563ef5845fc93c7c890dc3b152dcbdc9
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.title="drone-docker-buildx"
LABEL org.opencontainers.image.url="https://github.com/thegeeklab/drone-docker-buildx"
LABEL org.opencontainers.image.source="https://github.com/thegeeklab/drone-docker-buildx"
LABEL org.opencontainers.image.documentation="https://github.com/thegeeklab/drone-docker-buildx"
ARG BUILDX_VERSION
# renovate: datasource=github-releases depName=docker/buildx
ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.9.1}"
ENV DOCKER_HOST=unix:///var/run/docker.sock
RUN apk --update add --virtual .build-deps curl && \
mkdir -p /usr/lib/docker/cli-plugins/ && \
curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.linux-arm64" && \
chmod 755 /usr/lib/docker/cli-plugins/docker-buildx && \
apk del .build-deps && \
rm -rf /var/cache/apk/* && \
rm -rf /tmp/*
ADD dist/drone-docker-buildx /bin/
ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "drone-docker-buildx"]

24
docker/manifest-quay.tmpl Normal file
View File

@ -0,0 +1,24 @@
image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
{{#if build.tags}}
tags:
{{#each build.tags}}
- {{this}}
{{/each}}
{{/if}}
manifests:
- image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64
platform:
architecture: amd64
os: linux
- image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm64
platform:
architecture: arm64
os: linux
variant: v8
- image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm
platform:
architecture: arm
os: linux
variant: v7

24
docker/manifest.tmpl Normal file
View File

@ -0,0 +1,24 @@
image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
{{#if build.tags}}
tags:
{{#each build.tags}}
- {{this}}
{{/each}}
{{/if}}
manifests:
- image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64
platform:
architecture: amd64
os: linux
- image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm64
platform:
architecture: arm64
os: linux
variant: v8
- image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm
platform:
architecture: arm
os: linux
variant: v7

15
go.mod
View File

@ -1,18 +1,19 @@
module github.com/thegeeklab/drone-docker-buildx
go 1.20
go 1.19
require (
github.com/coreos/go-semver v0.3.1
github.com/joho/godotenv v1.5.1
github.com/sirupsen/logrus v1.9.3
github.com/thegeeklab/drone-plugin-lib/v2 v2.3.4
github.com/urfave/cli/v2 v2.25.5
golang.org/x/sys v0.11.0
github.com/coreos/go-semver v0.3.0
github.com/joho/godotenv v1.4.0
github.com/sirupsen/logrus v1.9.0
github.com/thegeeklab/drone-plugin-lib/v2 v2.2.0
github.com/urfave/cli/v2 v2.23.5
)
require (
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
)

26
go.sum
View File

@ -1,31 +1,31 @@
github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec=
github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/thegeeklab/drone-plugin-lib/v2 v2.3.4 h1:Quzrike/xRAR0izxQ0d+ocJyIUm4h1497Oyo9grcRzg=
github.com/thegeeklab/drone-plugin-lib/v2 v2.3.4/go.mod h1:qWVUZCmwL0Ntwa/hvyqM03EeIr1ReBR2XJsmIc7MGus=
github.com/urfave/cli/v2 v2.25.5 h1:d0NIAyhh5shGscroL7ek/Ya9QYQE0KNabJgiUinIQkc=
github.com/urfave/cli/v2 v2.25.5/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
github.com/thegeeklab/drone-plugin-lib/v2 v2.2.0 h1:/rDyNZiR5GFbBLzEL5yges931H6lFmwX302kraFweBU=
github.com/thegeeklab/drone-plugin-lib/v2 v2.2.0/go.mod h1:/jLeBCFQRRyO/UFpU3cyx1Pt4fD20ejegmW4PioCSLo=
github.com/urfave/cli/v2 v2.23.5 h1:xbrU7tAYviSpqeR3X4nEFWUdB/uDZ6DE+HxmRU7Xtyw=
github.com/urfave/cli/v2 v2.23.5/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

40
plugin/coredns.go
View File

@ -1,40 +0,0 @@
package plugin
import (
"io"
"net"
"os"
"os/exec"
)
func (p Plugin) startCoredns() {
cmd := exec.Command("coredns", "-conf", "/etc/coredns/Corefile")
if p.settings.Daemon.Debug {
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
} else {
cmd.Stdout = io.Discard
cmd.Stderr = io.Discard
}
go func() {
trace(cmd)
_ = cmd.Run()
}()
}
func getContainerIP() (string, error) {
netInterfaceAddrList, err := net.InterfaceAddrs()
if err != nil {
return "", err
}
for _, netInterfaceAddr := range netInterfaceAddrList {
netIP, ok := netInterfaceAddr.(*net.IPNet)
if ok && !netIP.IP.IsLoopback() && netIP.IP.To4() != nil {
return netIP.IP.String(), nil
}
}
return "", nil
}

7
plugin/daemon.go
View File

@ -6,10 +6,10 @@ import (
)
const (
dockerBin = "/usr/local/bin/docker"
dockerdBin = "/usr/local/bin/dockerd"
dockerExe = "/usr/local/bin/docker"
dockerdExe = "/usr/local/bin/dockerd"
dockerHome = "/root/.docker/"
buildkitConfig = "/tmp/buildkit.toml"
buildkitConfig = "/tmp/buildkit.json"
)
func (p Plugin) startDaemon() {
@ -21,7 +21,6 @@ func (p Plugin) startDaemon() {
cmd.Stdout = io.Discard
cmd.Stderr = io.Discard
}
go func() {
trace(cmd)
_ = cmd.Run()

84
plugin/docker.go
View File

@ -3,56 +3,47 @@ package plugin
import (
"fmt"
"os"
"os/exec"
"strings"
"time"
"github.com/urfave/cli/v2"
"golang.org/x/sys/execabs"
)
// helper function to create the docker login command.
func commandLogin(login Login) *execabs.Cmd {
func commandLogin(login Login) *exec.Cmd {
if login.Email != "" {
return commandLoginEmail(login)
}
args := []string{
"login",
return exec.Command(
dockerExe, "login",
"-u", login.Username,
"-p", login.Password,
login.Registry,
}
return execabs.Command(
dockerBin, args...,
)
}
func commandLoginEmail(login Login) *execabs.Cmd {
args := []string{
"login",
func commandLoginEmail(login Login) *exec.Cmd {
return exec.Command(
dockerExe, "login",
"-u", login.Username,
"-p", login.Password,
"-e", login.Email,
login.Registry,
}
return execabs.Command(
dockerBin, args...,
)
}
// helper function to create the docker info command.
func commandVersion() *execabs.Cmd {
return execabs.Command(dockerBin, "version")
func commandVersion() *exec.Cmd {
return exec.Command(dockerExe, "version")
}
// helper function to create the docker info command.
func commandInfo() *execabs.Cmd {
return execabs.Command(dockerBin, "info")
func commandInfo() *exec.Cmd {
return exec.Command(dockerExe, "info")
}
func commandBuilder(daemon Daemon) *execabs.Cmd {
func commandBuilder(daemon Daemon) *exec.Cmd {
args := []string{
"buildx",
"create",
@ -63,15 +54,15 @@ func commandBuilder(daemon Daemon) *execabs.Cmd {
args = append(args, "--config", buildkitConfig)
}
return execabs.Command(dockerBin, args...)
return exec.Command(dockerExe, args...)
}
func commandBuildx() *execabs.Cmd {
return execabs.Command(dockerBin, "buildx", "ls")
func commandBuildx() *exec.Cmd {
return exec.Command(dockerExe, "buildx", "ls")
}
// helper function to create the docker build command.
func commandBuild(build Build, dryrun bool) *execabs.Cmd {
func commandBuild(build Build, dryrun bool) *exec.Cmd {
args := []string{
"buildx",
"build",
@ -87,51 +78,39 @@ func commandBuild(build Build, dryrun bool) *execabs.Cmd {
if !dryrun && build.Output == "" && len(build.Tags.Value()) > 0 {
args = append(args, "--push")
}
if build.Compress {
args = append(args, "--compress")
}
if build.Pull {
args = append(args, "--pull=true")
}
if build.NoCache {
args = append(args, "--no-cache")
}
for _, arg := range build.CacheFrom {
args = append(args, "--cache-from", arg)
}
if build.CacheTo != "" {
args = append(args, "--cache-to", build.CacheTo)
}
for _, arg := range build.ArgsEnv.Value() {
addProxyValue(&build, arg)
}
for _, arg := range append(defaultBuildArgs, build.Args.Value()...) {
args = append(args, "--build-arg", arg)
}
for _, host := range build.AddHost.Value() {
args = append(args, "--add-host", host)
}
if build.Target != "" {
args = append(args, "--target", build.Target)
}
if build.Quiet {
args = append(args, "--quiet")
}
if build.Output != "" {
args = append(args, "--output", build.Output)
}
for _, arg := range build.NamedContext.Value() {
args = append(args, "--build-context", arg)
}
@ -152,22 +131,10 @@ func commandBuild(build Build, dryrun bool) *execabs.Cmd {
args = append(args, "--label", arg)
}
if build.Provenance != "" {
args = append(args, "--provenance", build.Provenance)
}
if build.SBOM != "" {
args = append(args, "--sbom", build.SBOM)
}
for _, secret := range build.Secrets {
args = append(args, "--secret", secret)
}
return execabs.Command(dockerBin, args...)
return exec.Command(dockerExe, args...)
}
// helper function to add proxy values from the environment.
// helper function to add proxy values from the environment
func addProxyBuildArgs(build *Build) {
addProxyValue(build, "http_proxy")
addProxyValue(build, "https_proxy")
@ -211,7 +178,7 @@ func hasProxyBuildArg(build *Build, key string) bool {
}
// helper function to create the docker daemon command.
func commandDaemon(daemon Daemon) *execabs.Cmd {
func commandDaemon(daemon Daemon) *exec.Cmd {
args := []string{
"--data-root", daemon.StoragePath,
"--host=unix:///var/run/docker.sock",
@ -220,44 +187,35 @@ func commandDaemon(daemon Daemon) *execabs.Cmd {
if daemon.StorageDriver != "" {
args = append(args, "-s", daemon.StorageDriver)
}
if daemon.Insecure && daemon.Registry != "" {
args = append(args, "--insecure-registry", daemon.Registry)
}
if daemon.IPv6 {
args = append(args, "--ipv6")
}
if len(daemon.Mirror) != 0 {
args = append(args, "--registry-mirror", daemon.Mirror)
}
if len(daemon.Bip) != 0 {
args = append(args, "--bip", daemon.Bip)
}
for _, dns := range daemon.DNS.Value() {
args = append(args, "--dns", dns)
}
for _, dnsSearch := range daemon.DNSSearch.Value() {
args = append(args, "--dns-search", dnsSearch)
}
if len(daemon.MTU) != 0 {
args = append(args, "--mtu", daemon.MTU)
}
if daemon.Experimental {
args = append(args, "--experimental")
}
return execabs.Command(dockerdBin, args...)
return exec.Command(dockerdExe, args...)
}
// trace writes each command to stdout with the command wrapped in an xml
// tag so that it can be extracted and displayed in the logs.
func trace(cmd *execabs.Cmd) {
func trace(cmd *exec.Cmd) {
fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " "))
}

1
plugin/docker_test.go Normal file
View File

@ -0,0 +1 @@
package plugin

56
plugin/impl.go
View File

@ -3,12 +3,12 @@ package plugin
import (
"fmt"
"os"
"os/exec"
"path/filepath"
"time"
"github.com/sirupsen/logrus"
"github.com/urfave/cli/v2"
"golang.org/x/sys/execabs"
)
// Daemon defines Docker daemon parameters.
@ -63,9 +63,6 @@ type Build struct {
Output string // Docker build output folder
NamedContext cli.StringSlice // Docker build named context
Labels cli.StringSlice // Docker build labels
Provenance string // Docker build provenance attestation
SBOM string // Docker build sbom attestation
Secrets []string // Docker build secrets
}
// Settings for the Plugin.
@ -76,8 +73,6 @@ type Settings struct {
Dryrun bool
}
const strictFilePerm = 0o600
// Validate handles the settings validation of the plugin.
func (p *Plugin) Validate() error {
p.settings.Build.Branch = p.pipeline.Repo.Branch
@ -96,14 +91,11 @@ func (p *Plugin) Validate() error {
)
if err != nil {
logrus.Infof("cannot generate tags from %s, invalid semantic version", p.settings.Build.Ref)
return err
}
p.settings.Build.Tags = *cli.NewStringSlice(tag...)
} else {
logrus.Infof("skip auto-tagging for %s, not on default branch or tag", p.settings.Build.Ref)
return nil
}
}
@ -112,29 +104,9 @@ func (p *Plugin) Validate() error {
}
// Execute provides the implementation of the plugin.
//
//nolint:gocognit
func (p *Plugin) Execute() error {
// start the Docker daemon server
//nolint: nestif
if !p.settings.Daemon.Disabled {
// If no custom DNS value set start internal DNS server
if len(p.settings.Daemon.DNS.Value()) == 0 {
ip, err := getContainerIP()
if err != nil {
logrus.Warnf("error detecting IP address: %v", err)
}
if ip != "" {
logrus.Debugf("discovered IP address: %v", ip)
p.startCoredns()
if err := p.settings.Daemon.DNS.Set(ip); err != nil {
return fmt.Errorf("error setting daemon dns: %w", err)
}
}
}
p.startDaemon()
}
@ -142,59 +114,55 @@ func (p *Plugin) Execute() error {
// ready to accept connections before we proceed.
for i := 0; i < 15; i++ {
cmd := commandInfo()
err := cmd.Run()
if err == nil {
break
}
time.Sleep(time.Second * 1)
}
// Create Auth Config File
if p.settings.Login.Config != "" {
if err := os.MkdirAll(dockerHome, strictFilePerm); err != nil {
return fmt.Errorf("failed to create docker home: %w", err)
if err := os.MkdirAll(dockerHome, 0o600); err != nil {
return fmt.Errorf("failed to create docker home: %s", err)
}
path := filepath.Join(dockerHome, "config.json")
err := os.WriteFile(path, []byte(p.settings.Login.Config), strictFilePerm)
err := os.WriteFile(path, []byte(p.settings.Login.Config), 0o600)
if err != nil {
return fmt.Errorf("error writing config.json: %w", err)
return fmt.Errorf("error writing config.json: %s", err)
}
}
// login to the Docker registry
if p.settings.Login.Password != "" {
cmd := commandLogin(p.settings.Login)
err := cmd.Run()
if err != nil {
return fmt.Errorf("error authenticating: %w", err)
return fmt.Errorf("error authenticating: %s", err)
}
}
if p.settings.Daemon.BuildkitConfig != "" {
err := os.WriteFile(buildkitConfig, []byte(p.settings.Daemon.BuildkitConfig), strictFilePerm)
err := os.WriteFile(buildkitConfig, []byte(p.settings.Daemon.BuildkitConfig), 0o600)
if err != nil {
return fmt.Errorf("error writing buildkit.toml: %w", err)
return fmt.Errorf("error writing buildkit.json: %s", err)
}
}
switch {
case p.settings.Login.Password != "":
logrus.Info("Detected registry credentials")
fmt.Println("Detected registry credentials")
case p.settings.Login.Config != "":
logrus.Info("Detected registry credentials file")
fmt.Println("Detected registry credentials file")
default:
logrus.Info("Registry credentials or Docker config not provided. Guest mode enabled.")
fmt.Println("Registry credentials or Docker config not provided. Guest mode enabled.")
}
// add proxy build args
addProxyBuildArgs(&p.settings.Build)
var cmds []*execabs.Cmd
var cmds []*exec.Cmd
cmds = append(cmds, commandVersion()) // docker version
cmds = append(cmds, commandInfo()) // docker info
cmds = append(cmds, commandBuilder(p.settings.Daemon))

2
plugin/plugin.go
View File

@ -12,7 +12,7 @@ type Plugin struct {
}
// New initializes a plugin from the given Settings, Pipeline, and Network.
func New(settings Settings, pipeline drone.Pipeline, network drone.Network) *Plugin {
func New(settings Settings, pipeline drone.Pipeline, network drone.Network) drone.Plugin {
return &Plugin{
settings: settings,
pipeline: pipeline,

48
plugin/tags.go
View File

@ -14,11 +14,9 @@ func DefaultTagSuffix(ref, suffix string) ([]string, error) {
if err != nil {
return nil, err
}
if len(suffix) == 0 {
return tags, nil
}
for i, tag := range tags {
if tag == "latest" {
tags[i] = suffix
@ -26,15 +24,13 @@ func DefaultTagSuffix(ref, suffix string) ([]string, error) {
tags[i] = fmt.Sprintf("%s-%s", tag, suffix)
}
}
return tags, nil
}
func splitOff(input, delim string) string {
const splits = 2
parts := strings.SplitN(input, delim, splits)
parts := strings.SplitN(input, delim, 2)
if len(parts) == splits {
if len(parts) == 2 {
return parts[0]
}
@ -47,65 +43,42 @@ func DefaultTags(ref string) ([]string, error) {
if !strings.HasPrefix(ref, "refs/tags/") {
return []string{"latest"}, nil
}
rawVersion := stripTagPrefix(ref)
version, err := semver.NewVersion(rawVersion)
v := stripTagPrefix(ref)
version, err := semver.NewVersion(v)
if err != nil {
return []string{"latest"}, err
}
if version.PreRelease != "" || version.Metadata != "" {
return []string{
version.String(),
}, nil
}
rawVersion = stripTagPrefix(ref)
rawVersion = splitOff(splitOff(rawVersion, "+"), "-")
//nolint:gomnd
dotParts := strings.SplitN(rawVersion, ".", 3)
v = stripTagPrefix(ref)
v = splitOff(splitOff(v, "+"), "-")
dotParts := strings.SplitN(v, ".", 3)
if version.Major == 0 {
return []string{
fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
fmt.Sprintf(
"%0*d.%0*d.%0*d",
len(dotParts[0]),
version.Major,
len(dotParts[1]),
version.Minor,
len(dotParts[2]),
version.Patch,
),
fmt.Sprintf("%0*d.%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor, len(dotParts[2]), version.Patch),
}, nil
}
return []string{
fmt.Sprintf("%0*d", len(dotParts[0]), version.Major),
fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
fmt.Sprintf(
"%0*d.%0*d.%0*d",
len(dotParts[0]),
version.Major,
len(dotParts[1]),
version.Minor,
len(dotParts[2]),
version.Patch,
),
fmt.Sprintf("%0*d.%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor, len(dotParts[2]), version.Patch),
}, nil
}
// UseDefaultTag to keep only default branch for latest tag.
// UseDefaultTag for keep only default branch for latest tag
func UseDefaultTag(ref, defaultBranch string) bool {
if strings.HasPrefix(ref, "refs/tags/") {
return true
}
if stripHeadPrefix(ref) == defaultBranch {
return true
}
return false
}
@ -116,6 +89,5 @@ func stripHeadPrefix(ref string) string {
func stripTagPrefix(ref string) string {
ref = strings.TrimPrefix(ref, "refs/tags/")
ref = strings.TrimPrefix(ref, "v")
return ref
}

8
plugin/tags_test.go
View File

@ -40,10 +40,8 @@ func TestDefaultTags(t *testing.T) {
tags, err := DefaultTags(test.Before)
if err != nil {
t.Error(err)
continue
}
got, want := tags, test.After
if !reflect.DeepEqual(got, want) {
t.Errorf("Got tag %v, want %v", got, want)
@ -125,10 +123,8 @@ func TestDefaultTagSuffix(t *testing.T) {
tag, err := DefaultTagSuffix(test.Before, test.Suffix)
if err != nil {
t.Error(err)
continue
}
got, want := tag, test.After
if !reflect.DeepEqual(got, want) {
t.Errorf("Got tag %v, want %v", got, want)
@ -140,7 +136,6 @@ func Test_stripHeadPrefix(t *testing.T) {
type args struct {
ref string
}
tests := []struct {
args args
want string
@ -152,7 +147,6 @@ func Test_stripHeadPrefix(t *testing.T) {
want: "main",
},
}
for _, tt := range tests {
if got := stripHeadPrefix(tt.args.ref); got != tt.want {
t.Errorf("stripHeadPrefix() = %v, want %v", got, tt.want)
@ -165,7 +159,6 @@ func TestUseDefaultTag(t *testing.T) {
ref string
defaultBranch string
}
tests := []struct {
name string
args args
@ -196,7 +189,6 @@ func TestUseDefaultTag(t *testing.T) {
want: false,
},
}
for _, tt := range tests {
if got := UseDefaultTag(tt.args.ref, tt.args.defaultBranch); got != tt.want {
t.Errorf("%q. UseDefaultTag() = %v, want %v", tt.name, got, tt.want)

4
renovate.json Normal file
View File

@ -0,0 +1,4 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": ["github>thegeeklab/renovate-presets:golang"]
}