add deprecation notice

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.dictionary

@@ -9,9 +9,12 @@ config
 dockerfile
 og
 gzip
-json
+toml
 config
 host:ip
 drone-docker-buildx
 multiarch
 buildx
+DockerHub
+ECR
+GHCR

.dockerignore

@@ -1,2 +0,0 @@
-*
-!dist/

.drone.jsonnet

@@ -1,348 +0,0 @@
-local PipelineTest = {
-  kind: 'pipeline',
-  name: 'test',
-  platform: {
-    os: 'linux',
-    arch: 'amd64',
-  },
-  steps: [
-    {
-      name: 'deps',
-      image: 'golang:1.19',
-      commands: [
-        'make deps',
-      ],
-      volumes: [
-        {
-          name: 'godeps',
-          path: '/go',
-        },
-      ],
-    },
-    {
-      name: 'lint',
-      image: 'golang:1.19',
-      commands: [
-        'make lint',
-      ],
-      volumes: [
-        {
-          name: 'godeps',
-          path: '/go',
-        },
-      ],
-    },
-    {
-      name: 'test',
-      image: 'golang:1.19',
-      commands: [
-        'make test',
-      ],
-      volumes: [
-        {
-          name: 'godeps',
-          path: '/go',
-        },
-      ],
-    },
-  ],
-  volumes: [
-    {
-      name: 'godeps',
-      temp: {},
-    },
-  ],
-  trigger: {
-    ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
-  },
-};
-
-
-local PipelineBuildBinaries = {
-  kind: 'pipeline',
-  name: 'build-binaries',
-  platform: {
-    os: 'linux',
-    arch: 'amd64',
-  },
-  steps: [
-    {
-      name: 'build',
-      image: 'techknowlogick/xgo:go-1.19.x',
-      commands: [
-        'make release',
-      ],
-    },
-    {
-      name: 'executable',
-      image: 'alpine',
-      commands: [
-        '$(find dist/ -executable -type f -iname ${DRONE_REPO_NAME}-linux-amd64) --help',
-      ],
-    },
-    {
-      name: 'changelog-generate',
-      image: 'thegeeklab/git-chglog',
-      commands: [
-        'git fetch -tq',
-        'git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}',
-      ],
-    },
-    {
-      name: 'changelog-format',
-      image: 'thegeeklab/alpine-tools',
-      commands: [
-        'prettier CHANGELOG.md',
-        'prettier -w CHANGELOG.md',
-      ],
-    },
-    {
-      name: 'publish',
-      image: 'plugins/github-release',
-      settings: {
-        overwrite: true,
-        api_key: {
-          from_secret: 'github_token',
-        },
-        files: ['dist/*'],
-        title: '${DRONE_TAG}',
-        note: 'CHANGELOG.md',
-      },
-      when: {
-        ref: [
-          'refs/tags/**',
-        ],
-      },
-    },
-  ],
-  depends_on: [
-    'test',
-  ],
-  trigger: {
-    ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
-  },
-};
-
-local PipelineBuildContainer(arch='amd64') = {
-  kind: 'pipeline',
-  name: 'build-container-' + arch,
-  platform: {
-    os: 'linux',
-    arch: arch,
-  },
-  steps: [
-    {
-      name: 'build',
-      image: 'golang:1.19',
-      commands: [
-        'make build',
-      ],
-    },
-    {
-      name: 'dryrun',
-      image: 'thegeeklab/drone-docker:19',
-      settings: {
-        dry_run: true,
-        dockerfile: 'docker/Dockerfile.' + arch,
-        repo: 'thegeeklab/${DRONE_REPO_NAME}',
-      },
-      depends_on: ['build'],
-      when: {
-        ref: ['refs/pull/**'],
-      },
-    },
-    {
-      name: 'publish-dockerhub',
-      image: 'thegeeklab/drone-docker:19',
-      settings: {
-        auto_tag: true,
-        auto_tag_suffix: arch,
-        dockerfile: 'docker/Dockerfile.' + arch,
-        repo: 'thegeeklab/${DRONE_REPO_NAME}',
-        username: { from_secret: 'docker_username' },
-        password: { from_secret: 'docker_password' },
-      },
-      when: {
-        ref: ['refs/heads/main', 'refs/tags/**'],
-      },
-      depends_on: ['dryrun'],
-    },
-    {
-      name: 'publish-quay',
-      image: 'thegeeklab/drone-docker:19',
-      settings: {
-        auto_tag: true,
-        auto_tag_suffix: arch,
-        dockerfile: 'docker/Dockerfile.' + arch,
-        registry: 'quay.io',
-        repo: 'quay.io/thegeeklab/${DRONE_REPO_NAME}',
-        username: { from_secret: 'quay_username' },
-        password: { from_secret: 'quay_password' },
-      },
-      when: {
-        ref: ['refs/heads/main', 'refs/tags/**'],
-      },
-      depends_on: ['dryrun'],
-    },
-  ],
-  depends_on: [
-    'test',
-  ],
-  trigger: {
-    ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
-  },
-};
-
-local PipelineDocs = {
-  kind: 'pipeline',
-  name: 'docs',
-  platform: {
-    os: 'linux',
-    arch: 'amd64',
-  },
-  concurrency: {
-    limit: 1,
-  },
-  steps: [
-    {
-      name: 'markdownlint',
-      image: 'thegeeklab/markdownlint-cli',
-      commands: [
-        "markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'",
-      ],
-    },
-    {
-      name: 'spellcheck',
-      image: 'thegeeklab/alpine-tools',
-      commands: [
-        "spellchecker --files '_docs/**/*.md' 'README.md' 'CONTRIBUTING.md' -d .dictionary -p spell indefinite-article syntax-urls --no-suggestions",
-      ],
-      environment: {
-        FORCE_COLOR: true,
-        NPM_CONFIG_LOGLEVEL: 'error',
-      },
-    },
-    {
-      name: 'publish',
-      image: 'plugins/gh-pages',
-      settings: {
-        username: { from_secret: 'github_username' },
-        password: { from_secret: 'github_token' },
-        pages_directory: '_docs/',
-        target_branch: 'docs',
-      },
-      when: {
-        ref: ['refs/heads/main'],
-      },
-    },
-  ],
-  depends_on: [
-    'build-binaries',
-    'build-container-amd64',
-    'build-container-arm64',
-  ],
-  trigger: {
-    ref: ['refs/heads/main', 'refs/tags/**', 'refs/pull/**'],
-  },
-};
-
-local PipelineNotifications = {
-  kind: 'pipeline',
-  name: 'notifications',
-  platform: {
-    os: 'linux',
-    arch: 'amd64',
-  },
-  steps: [
-    {
-      image: 'plugins/manifest',
-      name: 'manifest-dockerhub',
-      settings: {
-        ignore_missing: true,
-        auto_tag: true,
-        username: { from_secret: 'docker_username' },
-        password: { from_secret: 'docker_password' },
-        spec: 'docker/manifest.tmpl',
-      },
-      when: {
-        status: ['success'],
-      },
-    },
-    {
-      image: 'plugins/manifest',
-      name: 'manifest-quay',
-      settings: {
-        ignore_missing: true,
-        auto_tag: true,
-        username: { from_secret: 'quay_username' },
-        password: { from_secret: 'quay_password' },
-        spec: 'docker/manifest-quay.tmpl',
-      },
-      when: {
-        status: ['success'],
-      },
-    },
-    {
-      name: 'pushrm-dockerhub',
-      image: 'chko/docker-pushrm:1',
-      environment: {
-        DOCKER_PASS: {
-          from_secret: 'docker_password',
-        },
-        DOCKER_USER: {
-          from_secret: 'docker_username',
-        },
-        PUSHRM_FILE: 'README.md',
-        PUSHRM_SHORT: 'Drone plugin to build multiarch Docker images with buildx',
-        PUSHRM_TARGET: 'thegeeklab/${DRONE_REPO_NAME}',
-      },
-      when: {
-        status: ['success'],
-      },
-    },
-    {
-      name: 'pushrm-quay',
-      image: 'chko/docker-pushrm:1',
-      environment: {
-        APIKEY__QUAY_IO: {
-          from_secret: 'quay_token',
-        },
-        PUSHRM_FILE: 'README.md',
-        PUSHRM_TARGET: 'quay.io/thegeeklab/${DRONE_REPO_NAME}',
-      },
-      when: {
-        status: ['success'],
-      },
-    },
-    {
-      name: 'matrix',
-      image: 'thegeeklab/drone-matrix',
-      settings: {
-        homeserver: { from_secret: 'matrix_homeserver' },
-        roomid: { from_secret: 'matrix_roomid' },
-        template: 'Status: **{{ build.Status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.Link }}){{#if build.Branch}} ({{ build.Branch }}){{/if}} by {{ commit.Author }}<br/> Message: {{ commit.Message.Title }}',
-        username: { from_secret: 'matrix_username' },
-        password: { from_secret: 'matrix_password' },
-      },
-      when: {
-        status: ['success', 'failure'],
-      },
-    },
-  ],
-  depends_on: [
-    'docs',
-  ],
-  trigger: {
-    ref: ['refs/heads/main', 'refs/tags/**'],
-    status: ['success', 'failure'],
-  },
-};
-
-[
-  PipelineTest,
-  PipelineBuildBinaries,
-  PipelineBuildContainer(arch='amd64'),
-  PipelineBuildContainer(arch='arm64'),
-  PipelineDocs,
-  PipelineNotifications,
-]

.drone.yml

@@ -1,385 +0,0 @@
----
-kind: pipeline
-name: test
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: deps
-    image: golang:1.19
-    commands:
-      - make deps
-    volumes:
-      - name: godeps
-        path: /go
-
-  - name: lint
-    image: golang:1.19
-    commands:
-      - make lint
-    volumes:
-      - name: godeps
-        path: /go
-
-  - name: test
-    image: golang:1.19
-    commands:
-      - make test
-    volumes:
-      - name: godeps
-        path: /go
-
-volumes:
-  - name: godeps
-    temp: {}
-
-trigger:
-  ref:
-    - refs/heads/main
-    - refs/tags/**
-    - refs/pull/**
-
----
-kind: pipeline
-name: build-binaries
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: build
-    image: techknowlogick/xgo:go-1.19.x
-    commands:
-      - make release
-
-  - name: executable
-    image: alpine
-    commands:
-      - $(find dist/ -executable -type f -iname ${DRONE_REPO_NAME}-linux-amd64) --help
-
-  - name: changelog-generate
-    image: thegeeklab/git-chglog
-    commands:
-      - git fetch -tq
-      - git-chglog --no-color --no-emoji -o CHANGELOG.md ${DRONE_TAG:---next-tag unreleased unreleased}
-
-  - name: changelog-format
-    image: thegeeklab/alpine-tools
-    commands:
-      - prettier CHANGELOG.md
-      - prettier -w CHANGELOG.md
-
-  - name: publish
-    image: plugins/github-release
-    settings:
-      api_key:
-        from_secret: github_token
-      files:
-        - dist/*
-      note: CHANGELOG.md
-      overwrite: true
-      title: ${DRONE_TAG}
-    when:
-      ref:
-        - refs/tags/**
-
-trigger:
-  ref:
-    - refs/heads/main
-    - refs/tags/**
-    - refs/pull/**
-
-depends_on:
-  - test
-
----
-kind: pipeline
-name: build-container-amd64
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: build
-    image: golang:1.19
-    commands:
-      - make build
-
-  - name: dryrun
-    image: thegeeklab/drone-docker:19
-    settings:
-      dockerfile: docker/Dockerfile.amd64
-      dry_run: true
-      repo: thegeeklab/${DRONE_REPO_NAME}
-    when:
-      ref:
-        - refs/pull/**
-    depends_on:
-      - build
-
-  - name: publish-dockerhub
-    image: thegeeklab/drone-docker:19
-    settings:
-      auto_tag: true
-      auto_tag_suffix: amd64
-      dockerfile: docker/Dockerfile.amd64
-      password:
-        from_secret: docker_password
-      repo: thegeeklab/${DRONE_REPO_NAME}
-      username:
-        from_secret: docker_username
-    when:
-      ref:
-        - refs/heads/main
-        - refs/tags/**
-    depends_on:
-      - dryrun
-
-  - name: publish-quay
-    image: thegeeklab/drone-docker:19
-    settings:
-      auto_tag: true
-      auto_tag_suffix: amd64
-      dockerfile: docker/Dockerfile.amd64
-      password:
-        from_secret: quay_password
-      registry: quay.io
-      repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
-      username:
-        from_secret: quay_username
-    when:
-      ref:
-        - refs/heads/main
-        - refs/tags/**
-    depends_on:
-      - dryrun
-
-trigger:
-  ref:
-    - refs/heads/main
-    - refs/tags/**
-    - refs/pull/**
-
-depends_on:
-  - test
-
----
-kind: pipeline
-name: build-container-arm64
-
-platform:
-  os: linux
-  arch: arm64
-
-steps:
-  - name: build
-    image: golang:1.19
-    commands:
-      - make build
-
-  - name: dryrun
-    image: thegeeklab/drone-docker:19
-    settings:
-      dockerfile: docker/Dockerfile.arm64
-      dry_run: true
-      repo: thegeeklab/${DRONE_REPO_NAME}
-    when:
-      ref:
-        - refs/pull/**
-    depends_on:
-      - build
-
-  - name: publish-dockerhub
-    image: thegeeklab/drone-docker:19
-    settings:
-      auto_tag: true
-      auto_tag_suffix: arm64
-      dockerfile: docker/Dockerfile.arm64
-      password:
-        from_secret: docker_password
-      repo: thegeeklab/${DRONE_REPO_NAME}
-      username:
-        from_secret: docker_username
-    when:
-      ref:
-        - refs/heads/main
-        - refs/tags/**
-    depends_on:
-      - dryrun
-
-  - name: publish-quay
-    image: thegeeklab/drone-docker:19
-    settings:
-      auto_tag: true
-      auto_tag_suffix: arm64
-      dockerfile: docker/Dockerfile.arm64
-      password:
-        from_secret: quay_password
-      registry: quay.io
-      repo: quay.io/thegeeklab/${DRONE_REPO_NAME}
-      username:
-        from_secret: quay_username
-    when:
-      ref:
-        - refs/heads/main
-        - refs/tags/**
-    depends_on:
-      - dryrun
-
-trigger:
-  ref:
-    - refs/heads/main
-    - refs/tags/**
-    - refs/pull/**
-
-depends_on:
-  - test
-
----
-kind: pipeline
-name: docs
-
-platform:
-  os: linux
-  arch: amd64
-
-concurrency:
-  limit: 1
-
-steps:
-  - name: markdownlint
-    image: thegeeklab/markdownlint-cli
-    commands:
-      - markdownlint 'docs/content/**/*.md' 'README.md' 'CONTRIBUTING.md'
-
-  - name: spellcheck
-    image: thegeeklab/alpine-tools
-    commands:
-      - spellchecker --files '_docs/**/*.md' 'README.md' 'CONTRIBUTING.md' -d .dictionary -p spell indefinite-article syntax-urls --no-suggestions
-    environment:
-      FORCE_COLOR: true
-      NPM_CONFIG_LOGLEVEL: error
-
-  - name: publish
-    image: plugins/gh-pages
-    settings:
-      pages_directory: _docs/
-      password:
-        from_secret: github_token
-      target_branch: docs
-      username:
-        from_secret: github_username
-    when:
-      ref:
-        - refs/heads/main
-
-trigger:
-  ref:
-    - refs/heads/main
-    - refs/tags/**
-    - refs/pull/**
-
-depends_on:
-  - build-binaries
-  - build-container-amd64
-  - build-container-arm64
-
----
-kind: pipeline
-name: notifications
-
-platform:
-  os: linux
-  arch: amd64
-
-steps:
-  - name: manifest-dockerhub
-    image: plugins/manifest
-    settings:
-      auto_tag: true
-      ignore_missing: true
-      password:
-        from_secret: docker_password
-      spec: docker/manifest.tmpl
-      username:
-        from_secret: docker_username
-    when:
-      status:
-        - success
-
-  - name: manifest-quay
-    image: plugins/manifest
-    settings:
-      auto_tag: true
-      ignore_missing: true
-      password:
-        from_secret: quay_password
-      spec: docker/manifest-quay.tmpl
-      username:
-        from_secret: quay_username
-    when:
-      status:
-        - success
-
-  - name: pushrm-dockerhub
-    image: chko/docker-pushrm:1
-    environment:
-      DOCKER_PASS:
-        from_secret: docker_password
-      DOCKER_USER:
-        from_secret: docker_username
-      PUSHRM_FILE: README.md
-      PUSHRM_SHORT: Drone plugin to build multiarch Docker images with buildx
-      PUSHRM_TARGET: thegeeklab/${DRONE_REPO_NAME}
-    when:
-      status:
-        - success
-
-  - name: pushrm-quay
-    image: chko/docker-pushrm:1
-    environment:
-      APIKEY__QUAY_IO:
-        from_secret: quay_token
-      PUSHRM_FILE: README.md
-      PUSHRM_TARGET: quay.io/thegeeklab/${DRONE_REPO_NAME}
-    when:
-      status:
-        - success
-
-  - name: matrix
-    image: thegeeklab/drone-matrix
-    settings:
-      homeserver:
-        from_secret: matrix_homeserver
-      password:
-        from_secret: matrix_password
-      roomid:
-        from_secret: matrix_roomid
-      template: "Status: **{{ build.Status }}**<br/> Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.Link }}){{#if build.Branch}} ({{ build.Branch }}){{/if}} by {{ commit.Author }}<br/> Message: {{ commit.Message.Title }}"
-      username:
-        from_secret: matrix_username
-    when:
-      status:
-        - success
-        - failure
-
-trigger:
-  ref:
-    - refs/heads/main
-    - refs/tags/**
-  status:
-    - success
-    - failure
-
-depends_on:
-  - docs
-
----
-kind: signature
-hmac: b3fcec8e8669cb90bbf5cf5e17db99f2b3b813f117a69f43045cefbb59c5c862
-
-...

.golangci.yml

@@ -1,25 +1,91 @@
 linters:
-  enable:
-    - gosimple
-    - deadcode
-    - typecheck
-    - govet
-    - errcheck
-    - staticcheck
-    - unused
-    - structcheck
-    - varcheck
-    - dupl
-    - gofmt
-    - misspell
-    - gocritic
-    - bidichk
-    - ineffassign
-    - revive
-    - gofumpt
-    - depguard
   enable-all: false
   disable-all: true
+  enable:
+    - errcheck
+    - gosimple
+    - govet
+    - ineffassign
+    - staticcheck
+    - typecheck
+    - unused
+    - asasalint
+    - asciicheck
+    - bidichk
+    - bodyclose
+    - containedctx
+    - contextcheck
+    - decorder
+    - dogsled
+    - dupl
+    - dupword
+    - durationcheck
+    - errchkjson
+    - errname
+    - errorlint
+    - execinquery
+    - exhaustive
+    - exportloopref
+    - forcetypeassert
+    - ginkgolinter
+    - gocheckcompilerdirectives
+    - gochecknoglobals
+    - gochecknoinits
+    - gocognit
+    - goconst
+    - gocritic
+    - gocyclo
+    - godot
+    - godox
+    - goerr113
+    - gofmt
+    - gofumpt
+    - goheader
+    - goimports
+    - gomnd
+    - gomoddirectives
+    - gomodguard
+    - goprintffuncname
+    - gosec
+    - grouper
+    - importas
+    - interfacebloat
+    - ireturn
+    - lll
+    - loggercheck
+    - maintidx
+    - makezero
+    - misspell
+    - musttag
+    - nakedret
+    - nestif
+    - nilerr
+    - nilnil
+    - nlreturn
+    - noctx
+    - nolintlint
+    - nonamedreturns
+    - nosprintfhostport
+    - prealloc
+    - predeclared
+    - promlinter
+    - reassign
+    - revive
+    # - rowserrcheck
+    # - sqlclosecheck
+    # - structcheck
+    - stylecheck
+    - tagliatelle
+    - tenv
+    - testableexamples
+    - thelper
+    - tparallel
+    - unconvert
+    - unparam
+    - usestdlibvars
+    # - wastedassign
+    - whitespace
+    - wsl
   fast: false
 
 run:
@@ -28,4 +94,4 @@ run:
 linters-settings:
   gofumpt:
     extra-rules: true
-    lang-version: "1.18"
+    lang-version: "1.20"

CONTRIBUTING.md

@@ -3,7 +3,7 @@
 ## Security
 
 If you think you have found a **security issue**, please do not mention it in this repository.
-Instead, send an email to security@thegeeklab.de with as many details as possible so it can be handled confidential.
+Instead, send an email to `security@thegeeklab.de` with as many details as possible so it can be handled confidential.
 
 ## Bug Reports and Feature Requests
 

Corefile

@@ -0,0 +1,3 @@
+.:53 {
+    forward . /etc/resolv.conf
+}

Dockerfile.multiarch

@@ -1,4 +1,14 @@
-FROM arm32v7/docker:20.10-dind
+FROM --platform=$BUILDPLATFORM golang:1.20@sha256:741d6f9bcab778441efe05c8e4369d4f8ff56c9a635a97d77f55d8b0ec62f907 as build
+
+ARG TARGETOS
+ARG TARGETARCH
+
+ADD . /src
+WORKDIR /src
+
+RUN make build
+
+FROM docker:24.0-dind@sha256:020562d22f11c27997e00da910ed6b580d93094bc25841cb87aacab4ced4a882
 
 LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
 LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
@@ -7,21 +17,25 @@ LABEL org.opencontainers.image.url="https://github.com/thegeeklab/drone-docker-b
 LABEL org.opencontainers.image.source="https://github.com/thegeeklab/drone-docker-buildx"
 LABEL org.opencontainers.image.documentation="https://github.com/thegeeklab/drone-docker-buildx"
 
+ARG TARGETOS
+ARG TARGETARCH
 ARG BUILDX_VERSION
 
 # renovate: datasource=github-releases depName=docker/buildx
-ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.8.2}"
+ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.11.2}"
 
 ENV DOCKER_HOST=unix:///var/run/docker.sock
 
 RUN apk --update add --virtual .build-deps curl && \
+    apk --update add --no-cache git coredns && \
     mkdir -p /usr/lib/docker/cli-plugins/ && \
-    curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.linux-arm-v7" && \
+    curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx \
+        "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.${TARGETOS:-linux}-${TARGETARCH:-amd64}" && \
     chmod 755 /usr/lib/docker/cli-plugins/docker-buildx && \
     apk del .build-deps && \
     rm -rf /var/cache/apk/* && \
     rm -rf /tmp/*
 
-ADD dist/drone-docker-buildx /bin/
+COPY --from=build /src/Corefile /etc/coredns/Corefile
-
+COPY --from=build /src/dist/drone-docker-buildx /bin/drone-docker-buildx
 ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "drone-docker-buildx"]

Makefile

@@ -1,7 +1,7 @@
 # renovate: datasource=github-releases depName=mvdan/gofumpt
-GOFUMPT_PACKAGE_VERSION := v0.3.1
+GOFUMPT_PACKAGE_VERSION := v0.5.0
 # renovate: datasource=github-releases depName=golangci/golangci-lint
-GOLANGCI_LINT_PACKAGE_VERSION := v1.48.0
+GOLANGCI_LINT_PACKAGE_VERSION := v1.54.2
 
 EXECUTABLE := drone-docker-buildx
 
@@ -19,9 +19,14 @@ GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@$(G
 XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
 
 GENERATE ?=
-XGO_VERSION := go-1.19.x
+XGO_VERSION := go-1.20.x
-XGO_TARGETS ?= linux/amd64,linux/arm-6,linux/arm-7,linux/arm64
+XGO_TARGETS ?= linux/amd64,linux/arm64
 
+TARGETOS ?= linux
+TARGETARCH ?= amd64
+ifneq ("$(TARGETVARIANT)","")
+GOARM ?= $(subst v,,$(TARGETVARIANT))
+endif
 TAGS ?= netgo
 
 ifndef VERSION
@@ -69,7 +74,7 @@ test:
 build: $(DIST)/$(EXECUTABLE)
 
 $(DIST)/$(EXECUTABLE): $(SOURCES)
-	$(GO) build -v -tags '$(TAGS)' -ldflags '-extldflags "-static" $(LDFLAGS)' -o $@ ./cmd/$(EXECUTABLE)
+	GOOS=$(TARGETOS) GOARCH=$(TARGETARCH) GOARM=$(GOARM) $(GO) build -v -tags '$(TAGS)' -ldflags '-extldflags "-static" $(LDFLAGS)' -o $@ ./cmd/$(EXECUTABLE)
 
 $(DIST_DIRS):
 	mkdir -p $(DIST_DIRS)

README.md

@@ -1,6 +1,6 @@
 # drone-docker-buildx
 
-Drone plugin to build multiarch Docker images with buildx
+DISCONTINUED: Drone plugin to build multiarch Docker images with buildx
 
 [![Build Status](https://img.shields.io/drone/build/thegeeklab/drone-docker-buildx?logo=drone&server=https%3A%2F%2Fdrone.thegeeklab.de)](https://drone.thegeeklab.de/thegeeklab/drone-docker-buildx)
 [![Docker Hub](https://img.shields.io/badge/dockerhub-latest-blue.svg?logo=docker&logoColor=white)](https://hub.docker.com/r/thegeeklab/drone-docker-buildx)
@@ -10,6 +10,8 @@ Drone plugin to build multiarch Docker images with buildx
 [![Source: GitHub](https://img.shields.io/badge/source-github-blue.svg?logo=github&logoColor=white)](https://github.com/thegeeklab/drone-docker-buildx)
 [![License: Apache-2.0](https://img.shields.io/github/license/thegeeklab/drone-docker-buildx)](https://github.com/thegeeklab/drone-docker-buildx/blob/main/LICENSE)
 
+> **DISCONTINUED:** As I don't use Drone CI anymore, this project is unmaintained. If you are interested in a free and open source CI system check out [Woodpecker CI](https://woodpecker-ci.org/).
+
 Drone plugin to build multiarch Docker images with buildx. This plugin is a fork of [drone-plugins/drone-docker](https://github.com/drone-plugins/drone-docker). You can find the full documentation at [https://drone-plugin-index.geekdocs.de](https://drone-plugin-index.geekdocs.de/plugins/drone-docker-buildx).
 
 ## Versioning

_docs/content/_index.md

@@ -27,13 +27,13 @@ The tags follow the major version of Docker, e.g. `20`, and the minor and patch
 Be aware that the this plugin requires [privileged](https://docs.drone.io/pipeline/docker/syntax/steps/#privileged-mode) capabilities, otherwise the integrated Docker daemon is not able to start.
 {{< /hint >}}
 
-```YAML
+```yaml
 kind: pipeline
 name: default
 
 steps:
   - name: docker
-    image: thegeeklab/drone-docker-buildx
+    image: thegeeklab/drone-docker-buildx:23
     privileged: true
     settings:
       username: octocat
@@ -46,15 +46,60 @@ steps:
 
 <!-- prettier-ignore-start -->
 <!-- spellchecker-disable -->
-{{< propertylist name=drone-docker-buildx.data >}}
+{{< propertylist name=drone-docker-buildx.data sort=name >}}
 <!-- spellchecker-enable -->
 <!-- prettier-ignore-end -->
 
+### Examples
+
+#### Push to other registries than DockerHub
+
+If the created image is to be pushed to registries other than the default DockerHub, it is necessary to set `registry` and `repo` as fully-qualified name.
+
+**GHCR:**
+
+```yaml
+kind: pipeline
+name: default
+
+steps:
+  - name: docker
+    image: thegeeklab/drone-docker-buildx:23
+    privileged: true
+    settings:
+      registry: ghcr.io
+      username: octocat
+      password: secret-access-token
+      repo: ghcr.io/octocat/example
+      tags: latest
+```
+
+**AWS ECR:**
+
+```yaml
+kind: pipeline
+name: default
+
+steps:
+  - name: docker
+    image: thegeeklab/drone-docker-buildx:23
+    privileged: true
+    environment:
+      AWS_ACCESS_KEY_ID:
+        from_secret: aws_access_key_id
+      AWS_SECRET_ACCESS_KEY:
+        from_secret: aws_secret_access_key
+    settings:
+      registry: <account_id>.dkr.ecr.<region>.amazonaws.com
+      repo: <account_id>.dkr.ecr.<region>.amazonaws.com/octocat/example
+      tags: latest
+```
+
 ## Build
 
 Build the binary with the following command:
 
-```Shell
+```shell
 export GOOS=linux
 export GOARCH=amd64
 export CGO_ENABLED=0
@@ -65,13 +110,13 @@ make build
 
 Build the Docker image with the following command:
 
-```Shell
+```shell
 docker build --file docker/Dockerfile.amd64 --tag thegeeklab/drone-docker-buildx .
 ```
 
 ## Test
 
-```Shell
+```shell
 docker run --rm \
   -e PLUGIN_TAG=latest \
   -e PLUGIN_REPO=octocat/hello-world \

_docs/data/data.yaml

@@ -1,106 +1,119 @@
 ---
 properties:
-  dry_run:
+  - name: dry_run
     description: Disable docker push.
     type: bool
     required: false
 
-  mirror:
+  - name: mirror
     description: Use a registry mirror to pull images.
     type: string
     required: false
 
-  storage_driver:
+  - name: storage_driver
     description: The docker daemon storage driver.
     type: string
     required: false
 
-  storage_path:
+  - name: storage_path
     description: The docker daemon storage path.
     defaultValue: /var/lib/docker
     type: string
     required: false
 
-  bip:
+  - name: bip
     description: Allows the docker daemon to bride IP address.
     type: string
     required: false
 
-  mtu:
+  - name: mtu
     description: A docker daemon custom MTU.
     type: string
     required: false
 
-  custom_dns:
+  - name: custom_dns
     description: Custom docker daemon DNS server.
     type: list
     required: false
 
-  custom_dns_search:
+  - name: custom_dns_search
     description: Custom docker daemon DNS search domain.
     type: list
     required: false
 
-  insecure:
+  - name: insecure
     description: Enable the usage of insecure registries.
     type: bool
     defaultValue: false
     required: false
 
-  ipv6:
+  - name: ipv6
     description: Enable docker daemon IPv6 support.
     type: bool
     defaultValue: false
     required: false
 
-  experimental:
+  - name: experimental
     description: Enable docker daemon experimental mode.
     type: bool
     defaultValue: false
     required: false
 
-  debug:
+  - name: debug
     description: Enable verbose debug mode for the docker daemon.
     type: string
     defaultValue: false
     required: false
 
-  daemon_off:
+  - name: daemon_off
     description: Disable the startup of the docker daemon.
     type: string
     defaultValue: false
     required: false
 
-  buildkit_config:
+  - name: buildkit_config
-    description: Content of the docker buildkit json config.
+    description: |
+      Content of the docker buildkit toml [config](https://github.com/moby/buildkit/blob/master/docs/buildkitd.toml.md). Example:
+
+      ```yaml
+      steps:
+        - name: Build
+          image: thegeeklab/drone-docker-buildx:23
+          settings:
+            repo: example/repo
+            buildkit_config: |
+            [registry."registry.local:30081"]
+              http = true
+              insecure = true
+      ```
     type: string
     defaultValue: false
     required: false
 
-  dockerfile:
+  - name: dockerfile
     description: Set dockerfile to use for the image build.
     defaultValue: Dockerfile
     type: string
     required: false
 
-  context:
+  - name: context
     description: Set the path of the build context to use.
     defaultValue: .
     type: string
     required: false
 
-  named_context:
+  - name: named_context
     description: Set additional named [build contexts](https://docs.docker.com/engine/reference/commandline/buildx_build/#build-context) (e.g., name=path).
     type: list
     required: false
 
-  tags:
+  - name: tags
     description: Set repository tags to use for the image. Tags can also be loaded from a `.tags` file.
     defaultValue: latest
     type: list
     required: false
 
-  auto_tag:
+  - name: auto_tag
     description: |
       Generate tag names automatically based on git branch and git tag. When this feature is enabled and the event type is `tag`,
       the plugin will automatically tag the image using the standard semVer convention. For example:
@@ -112,55 +125,78 @@ properties:
     type: bool
     required: false
 
-  auto_tag_suffix:
+  - name: auto_tag_suffix
     description: Generate tag names with the given suffix.
     type: string
     required: false
 
-  build_args:
+  - name: extra_tags
-    description: Ccustom build arguments to pass to the build.
+    description: |
+      Set additional tags to be used for the image. Additional tags can also be loaded from an `.extratags` file. This function can be used
+      to push images to multiple registries at once. Therefore, it is necessary to use the `config` flag to provide a configuration file
+      that contains the authentication information for all used registries.
     type: list
     required: false
 
-  build_args_from_env:
+  - name: build_args
+    description: Custom build arguments to pass to the build.
+    type: list
+    required: false
+
+  - name: build_args_from_env
     description: Forward environment variables as custom arguments to the build.
     type: list
     required: false
 
-  quiet:
+  - name: quiet
     description: Enable suppression of the build output.
     defaultValue: false
     type: bool
     required: false
 
-  target:
+  - name: target
     description: The docker build target.
     type: string
     required: false
 
+  - name: cache_from
+    description: |
+      Images to consider as [cache sources](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-from). To properly work,
+      commas used in the cache source entries need to be escaped:
+
+      ```yaml
+      steps:
+        - name: Build
+          image: thegeeklab/drone-docker-buildx:23
+          settings:
+            repo: example/repo
             cache_from:
-    description: Images to consider as cache sources.
+              # while using quotes, double-escaping is required
+              - "type=registry\\\\,ref=example"
+              - 'type=foo\\,ref=bar'
+      ```
     type: list
     required: false
 
-  cache_to:
+  - name: cache_to
-    description: [Cache destination](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-to) for the build cache.
+    description: |
+      [Cache destination](https://docs.docker.com/engine/reference/commandline/buildx_build/#cache-to) for the build cache.
     type: string
     required: false
 
-  pull_image:
+  - name: pull_image
     description: Enforce to pull the base image at build time.
     defaultValue: true
     type: bool
     required: false
 
-  compress:
+  - name: compress
     description: Enable compression of the build context using gzip.
     defaultValue: false
     type: bool
     required: false
 
-  output:
+  - name: output
     description: |
       [Export action](https://docs.docker.com/engine/reference/commandline/buildx_build/#output) for the build result
       (format: `path` or `type=TYPE[,KEY=VALUE]`).
@@ -168,55 +204,92 @@ properties:
     type: bool
     required: false
 
-  repo:
+  - name: repo
-    description: Repository name for the image.
+    description: |
+      Repository name for the image. If the image is to be pushed to registries other than the default DockerHub,
+      it is necessary to set `repo` as fully-qualified name.
     type: string
     required: false
 
-  registry:
+  - name: registry
     description: Docker registry to upload images.
     defaultValue: https://index.docker.io/v1/
     type: string
     required: false
 
-  username:
+  - name: username
     description: Username for authentication with the registry.
     type: string
     required: false
 
-  password:
+  - name: password
     description: Password for authentication with the registry.
     type: string
     required: false
 
-  email:
+  - name: email
     description: E-Mail address for authentication with the registry.
     type: string
     required: false
 
-  config:
+  - name: config
     description: Content of the docker daemon json config.
     type: string
     required: false
 
-  purge:
+  - name: no_cache
-    description: Enable cleanup of the docker environment at the end of a build.
-    defaultValue: true
-    type: bool
-    required: false
-
-  no_cache:
     description: Disable the usage of cached intermediate containers.
     defaultValue: false
     type: string
     required: false
 
-  add_host:
+  - name: add_host
     description: Additional `host:ip` mapping.
     type: list
     required: false
 
-  platforms:
+  - name: platforms
     description: Target platforms for build.
     type: list
     required: false
+
+  - name: labels
+    description: Labels to add to the image.
+    type: list
+    required: false
+
+  - name: provenance
+    description: Generate [provenance](https://docs.docker.com/build/attestations/slsa-provenance/) attestation for the build (shorthand for `--attest=type=provenance`).
+    type: string
+    required: false
+
+  - name: sbom
+    description: Generate [sbom](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest type=sbom`).
+    type: string
+    required: false
+
+  - name: secrets
+    description: |
+      Exposes [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) to the build.
+      The secrets can be used by the build using `RUN --mount=type=secret` mount.
+
+      ```yaml
+      steps:
+        - name: Build
+          image: thegeeklab/drone-docker-buildx:23
+          privileged: true
+          environment:
+            SECURE_TOKEN:
+              from_secret: secure_token
+          settings:
+            secrets:
+              # while using quotes, double-escaping is required
+              - "id=raw_file_secret\\\\,src=file.txt"
+              - 'id=other_raw_file_secret\\,src=other_file.txt'
+              - "id=SECRET_TOKEN"
+      ```
+
+      To use secrets from files a [host volume](https://docs.drone.io/pipeline/docker/syntax/volumes/host/) is required.
+      This should be used with caution and avoided whenever possible.
+    type: list
+    required: false

cmd/drone-docker-buildx/config.go

@@ -2,10 +2,13 @@ package main
 
 import (
 	"github.com/thegeeklab/drone-docker-buildx/plugin"
+	"github.com/thegeeklab/drone-plugin-lib/v2/drone"
 	"github.com/urfave/cli/v2"
 )
 
 // settingsFlags has the cli.Flags for the plugin.Settings.
+//
+//nolint:maintidx
 func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 	return []cli.Flag{
 		&cli.BoolFlag{
@@ -108,7 +111,7 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 		&cli.StringFlag{
 			Name:        "daemon.buildkit-config",
 			EnvVars:     []string{"PLUGIN_BUILDKIT_CONFIG"},
-			Usage:       "content of the docker buildkit json config",
+			Usage:       "content of the docker buildkit toml config",
 			Destination: &settings.Daemon.BuildkitConfig,
 			Category:    category,
 		},
@@ -158,6 +161,14 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 			Destination: &settings.Build.TagsSuffix,
 			Category:    category,
 		},
+		&cli.StringSliceFlag{
+			Name:        "extra.tags",
+			EnvVars:     []string{"PLUGIN_EXTRA_TAGS"},
+			Usage:       "additional tags to use for the image including registry",
+			FilePath:    ".extratags",
+			Destination: &settings.Build.ExtraTags,
+			Category:    category,
+		},
 		&cli.StringSliceFlag{
 			Name:        "args",
 			EnvVars:     []string{"PLUGIN_BUILD_ARGS"},
@@ -194,11 +205,11 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 			Destination: &settings.Build.Target,
 			Category:    category,
 		},
-		&cli.StringSliceFlag{
+		&cli.GenericFlag{
 			Name:     "cache-from",
 			EnvVars:  []string{"PLUGIN_CACHE_FROM"},
 			Usage:    "images to consider as cache sources",
-			Destination: &settings.Build.CacheFrom,
+			Value:    &drone.StringSliceFlag{},
 			Category: category,
 		},
 		&cli.StringFlag{
@@ -267,14 +278,6 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 			Destination: &settings.Login.Config,
 			Category:    category,
 		},
-		&cli.BoolFlag{
-			Name:        "docker.purge",
-			EnvVars:     []string{"PLUGIN_PURGE"},
-			Usage:       "enable cleanup of the docker environment at the end of a build",
-			Value:       true,
-			Destination: &settings.Cleanup,
-			Category:    category,
-		},
 		&cli.BoolFlag{
 			Name:        "no-cache",
 			EnvVars:     []string{"PLUGIN_NO_CACHE"},
@@ -297,5 +300,33 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 			Destination: &settings.Build.Platforms,
 			Category:    category,
 		},
+		&cli.StringSliceFlag{
+			Name:        "labels",
+			EnvVars:     []string{"PLUGIN_LABELS"},
+			Usage:       "labels to add to image",
+			Destination: &settings.Build.Labels,
+			Category:    category,
+		},
+		&cli.StringFlag{
+			Name:        "provenance",
+			EnvVars:     []string{"PLUGIN_PROVENANCE"},
+			Usage:       "generates provenance attestation for the build",
+			Destination: &settings.Build.Provenance,
+			Category:    category,
+		},
+		&cli.StringFlag{
+			Name:        "sbom",
+			EnvVars:     []string{"PLUGIN_SBOM"},
+			Usage:       "generates sbom attestation for the build",
+			Destination: &settings.Build.SBOM,
+			Category:    category,
+		},
+		&cli.GenericFlag{
+			Name:     "secrets",
+			EnvVars:  []string{"PLUGIN_SECRETS"},
+			Usage:    "exposes secrets to the build",
+			Value:    &drone.StringSliceFlag{},
+			Category: category,
+		},
 	}
 }

cmd/drone-docker-buildx/main.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"errors"
 	"fmt"
 	"os"
 
@@ -9,14 +10,18 @@ import (
 	"github.com/thegeeklab/drone-docker-buildx/plugin"
 	"github.com/urfave/cli/v2"
 
+	"github.com/thegeeklab/drone-plugin-lib/v2/drone"
 	"github.com/thegeeklab/drone-plugin-lib/v2/urfave"
 )
 
+//nolint:gochecknoglobals
 var (
 	BuildVersion = "devel"
 	BuildDate    = "00000000"
 )
 
+var ErrTypeAssertionFailed = errors.New("type assertion failed")
+
 func main() {
 	settings := &plugin.Settings{}
 
@@ -45,6 +50,20 @@ func run(settings *plugin.Settings) cli.ActionFunc {
 	return func(ctx *cli.Context) error {
 		urfave.LoggingFromContext(ctx)
 
+		cacheFrom, ok := ctx.Generic("cache-from").(*drone.StringSliceFlag)
+		if !ok {
+			return fmt.Errorf("%w: failed to read cache-from input", ErrTypeAssertionFailed)
+		}
+
+		settings.Build.CacheFrom = cacheFrom.Get()
+
+		secrets, ok := ctx.Generic("secrets").(*drone.StringSliceFlag)
+		if !ok {
+			return fmt.Errorf("%w: failed to read secrets input", ErrTypeAssertionFailed)
+		}
+
+		settings.Build.Secrets = secrets.Get()
+
 		plugin := plugin.New(
 			*settings,
 			urfave.PipelineFromContext(ctx),

docker/Dockerfile.amd64

@@ -1,27 +0,0 @@
-FROM docker:20.10-dind@sha256:f8c65c9a3ecaa40c8f6e90e67c23c79c4dd6a2bee646a8c7c71bf9e49bea4eae
-
-LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
-LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
-LABEL org.opencontainers.image.title="drone-docker-buildx"
-LABEL org.opencontainers.image.url="https://github.com/thegeeklab/drone-docker-buildx"
-LABEL org.opencontainers.image.source="https://github.com/thegeeklab/drone-docker-buildx"
-LABEL org.opencontainers.image.documentation="https://github.com/thegeeklab/drone-docker-buildx"
-
-ARG BUILDX_VERSION
-
-# renovate: datasource=github-releases depName=docker/buildx
-ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.8.2}"
-
-ENV DOCKER_HOST=unix:///var/run/docker.sock
-
-RUN apk --update add --virtual .build-deps curl && \
-    mkdir -p /usr/lib/docker/cli-plugins/ && \
-    curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.linux-amd64" && \
-    chmod 755 /usr/lib/docker/cli-plugins/docker-buildx && \
-    apk del .build-deps && \
-    rm -rf /var/cache/apk/* && \
-    rm -rf /tmp/*
-
-ADD dist/drone-docker-buildx /bin/
-
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "drone-docker-buildx"]

docker/Dockerfile.arm64

@@ -1,27 +0,0 @@
-FROM arm64v8/docker:20.10-dind@sha256:4d4e2a47b293435242a3161ce6209d5b05f892b81085a25ce079e7e8c1ea0081
-
-LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
-LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
-LABEL org.opencontainers.image.title="drone-docker-buildx"
-LABEL org.opencontainers.image.url="https://github.com/thegeeklab/drone-docker-buildx"
-LABEL org.opencontainers.image.source="https://github.com/thegeeklab/drone-docker-buildx"
-LABEL org.opencontainers.image.documentation="https://github.com/thegeeklab/drone-docker-buildx"
-
-ARG BUILDX_VERSION
-
-# renovate: datasource=github-releases depName=docker/buildx
-ENV BUILDX_VERSION="${BUILDX_VERSION:-v0.8.2}"
-
-ENV DOCKER_HOST=unix:///var/run/docker.sock
-
-RUN apk --update add --virtual .build-deps curl && \
-    mkdir -p /usr/lib/docker/cli-plugins/ && \
-    curl -SsL -o /usr/lib/docker/cli-plugins/docker-buildx "https://github.com/docker/buildx/releases/download/v${BUILDX_VERSION##v}/buildx-v${BUILDX_VERSION##v}.linux-arm64" && \
-    chmod 755 /usr/lib/docker/cli-plugins/docker-buildx && \
-    apk del .build-deps && \
-    rm -rf /var/cache/apk/* && \
-    rm -rf /tmp/*
-
-ADD dist/drone-docker-buildx /bin/
-
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "drone-docker-buildx"]

docker/manifest-quay.tmpl

@@ -1,24 +0,0 @@
-image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  - image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64
-    platform:
-      architecture: amd64
-      os: linux
-
-  - image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm64
-    platform:
-      architecture: arm64
-      os: linux
-      variant: v8
-
-  - image: quay.io/thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7

docker/manifest.tmpl

@@ -1,24 +0,0 @@
-image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}{{else}}latest{{/if}}
-{{#if build.tags}}
-tags:
-{{#each build.tags}}
-  - {{this}}
-{{/each}}
-{{/if}}
-manifests:
-  - image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}amd64
-    platform:
-      architecture: amd64
-      os: linux
-
-  - image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm64
-    platform:
-      architecture: arm64
-      os: linux
-      variant: v8
-
-  - image: thegeeklab/drone-docker-buildx:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7

go.mod

@@ -1,19 +1,18 @@
 module github.com/thegeeklab/drone-docker-buildx
 
-go 1.19
+go 1.20
 
 require (
-	github.com/coreos/go-semver v0.3.0
+	github.com/coreos/go-semver v0.3.1
-	github.com/joho/godotenv v1.4.0
+	github.com/joho/godotenv v1.5.1
-	github.com/sirupsen/logrus v1.9.0
+	github.com/sirupsen/logrus v1.9.3
-	github.com/thegeeklab/drone-plugin-lib/v2 v2.1.0
+	github.com/thegeeklab/drone-plugin-lib/v2 v2.3.4
-	github.com/urfave/cli/v2 v2.11.1
+	github.com/urfave/cli/v2 v2.25.5
+	golang.org/x/sys v0.11.0
 )
 
 require (
 	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
-	golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
 )

go.sum

@@ -1,31 +1,31 @@
-github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
+github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4=
-github.com/coreos/go-semver v0.3.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
+github.com/coreos/go-semver v0.3.1/go.mod h1:irMmmIw/7yzSRPWryHsK7EYSg09caPQL03VsM8rvUec=
 github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/joho/godotenv v1.4.0 h1:3l4+N6zfMWnkbPEXKng2o2/MR5mSwTrBih4ZEkkz1lg=
+github.com/joho/godotenv v1.5.1 h1:7eLL/+HRGLY0ldzfGMeQkb7vMd0as4CfYvUVzLqw0N0=
-github.com/joho/godotenv v1.4.0/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
+github.com/joho/godotenv v1.5.1/go.mod h1:f4LDr5Voq0i2e/R5DDNOoa2zzDfwtkZa6DnEwAbqwq4=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
+github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
-github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
+github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/thegeeklab/drone-plugin-lib/v2 v2.1.0 h1:RtEiRTQFCeMEnLQOmbswETWoNHVEvb9W4EnV3ZbuIdg=
+github.com/thegeeklab/drone-plugin-lib/v2 v2.3.4 h1:Quzrike/xRAR0izxQ0d+ocJyIUm4h1497Oyo9grcRzg=
-github.com/thegeeklab/drone-plugin-lib/v2 v2.1.0/go.mod h1:2sHIUXma4CozXNTgh55MxGcvSK8u0ITlkOKZwDDmVAk=
+github.com/thegeeklab/drone-plugin-lib/v2 v2.3.4/go.mod h1:qWVUZCmwL0Ntwa/hvyqM03EeIr1ReBR2XJsmIc7MGus=
-github.com/urfave/cli/v2 v2.11.1 h1:UKK6SP7fV3eKOefbS87iT9YHefv7iB/53ih6e+GNAsE=
+github.com/urfave/cli/v2 v2.25.5 h1:d0NIAyhh5shGscroL7ek/Ya9QYQE0KNabJgiUinIQkc=
-github.com/urfave/cli/v2 v2.11.1/go.mod h1:f8iq5LtQ/bLxafbdBSLPPNsgaW0l/2fYYEHhAyPlwvo=
+github.com/urfave/cli/v2 v2.25.5/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 h1:bAn7/zixMGCfxrRTfdpNzjtPYqr8smhKouy9mxVdGPU=
 github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
-golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8 h1:0A+M6Uqn+Eje4kHMK80dtF3JCXC4ykBgQG4Fe06QRhQ=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
-gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
+gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

plugin/coredns.go

@@ -0,0 +1,40 @@
+package plugin
+
+import (
+	"io"
+	"net"
+	"os"
+	"os/exec"
+)
+
+func (p Plugin) startCoredns() {
+	cmd := exec.Command("coredns", "-conf", "/etc/coredns/Corefile")
+	if p.settings.Daemon.Debug {
+		cmd.Stdout = os.Stdout
+		cmd.Stderr = os.Stderr
+	} else {
+		cmd.Stdout = io.Discard
+		cmd.Stderr = io.Discard
+	}
+
+	go func() {
+		trace(cmd)
+		_ = cmd.Run()
+	}()
+}
+
+func getContainerIP() (string, error) {
+	netInterfaceAddrList, err := net.InterfaceAddrs()
+	if err != nil {
+		return "", err
+	}
+
+	for _, netInterfaceAddr := range netInterfaceAddrList {
+		netIP, ok := netInterfaceAddr.(*net.IPNet)
+		if ok && !netIP.IP.IsLoopback() && netIP.IP.To4() != nil {
+			return netIP.IP.String(), nil
+		}
+	}
+
+	return "", nil
+}

plugin/daemon.go

@@ -6,10 +6,10 @@ import (
 )
 
 const (
-	dockerExe      = "/usr/local/bin/docker"
+	dockerBin      = "/usr/local/bin/docker"
-	dockerdExe     = "/usr/local/bin/dockerd"
+	dockerdBin     = "/usr/local/bin/dockerd"
 	dockerHome     = "/root/.docker/"
-	buildkitConfig = "/tmp/buildkit.json"
+	buildkitConfig = "/tmp/buildkit.toml"
 )
 
 func (p Plugin) startDaemon() {
@@ -21,6 +21,7 @@ func (p Plugin) startDaemon() {
 		cmd.Stdout = io.Discard
 		cmd.Stderr = io.Discard
 	}
+
 	go func() {
 		trace(cmd)
 		_ = cmd.Run()

plugin/docker.go

@@ -3,47 +3,56 @@ package plugin
 import (
 	"fmt"
 	"os"
-	"os/exec"
 	"strings"
 	"time"
 
 	"github.com/urfave/cli/v2"
+	"golang.org/x/sys/execabs"
 )
 
 // helper function to create the docker login command.
-func commandLogin(login Login) *exec.Cmd {
+func commandLogin(login Login) *execabs.Cmd {
 	if login.Email != "" {
 		return commandLoginEmail(login)
 	}
-	return exec.Command(
+
-		dockerExe, "login",
+	args := []string{
+		"login",
 		"-u", login.Username,
 		"-p", login.Password,
 		login.Registry,
+	}
+
+	return execabs.Command(
+		dockerBin, args...,
 	)
 }
 
-func commandLoginEmail(login Login) *exec.Cmd {
+func commandLoginEmail(login Login) *execabs.Cmd {
-	return exec.Command(
+	args := []string{
-		dockerExe, "login",
+		"login",
 		"-u", login.Username,
 		"-p", login.Password,
 		"-e", login.Email,
 		login.Registry,
+	}
+
+	return execabs.Command(
+		dockerBin, args...,
 	)
 }
 
 // helper function to create the docker info command.
-func commandVersion() *exec.Cmd {
+func commandVersion() *execabs.Cmd {
-	return exec.Command(dockerExe, "version")
+	return execabs.Command(dockerBin, "version")
 }
 
 // helper function to create the docker info command.
-func commandInfo() *exec.Cmd {
+func commandInfo() *execabs.Cmd {
-	return exec.Command(dockerExe, "info")
+	return execabs.Command(dockerBin, "info")
 }
 
-func commandBuilder(daemon Daemon) *exec.Cmd {
+func commandBuilder(daemon Daemon) *execabs.Cmd {
 	args := []string{
 		"buildx",
 		"create",
@@ -54,15 +63,15 @@ func commandBuilder(daemon Daemon) *exec.Cmd {
 		args = append(args, "--config", buildkitConfig)
 	}
 
-	return exec.Command(dockerExe, args...)
+	return execabs.Command(dockerBin, args...)
 }
 
-func commandBuildx() *exec.Cmd {
+func commandBuildx() *execabs.Cmd {
-	return exec.Command(dockerExe, "buildx", "ls")
+	return execabs.Command(dockerBin, "buildx", "ls")
 }
 
 // helper function to create the docker build command.
-func commandBuild(build Build, dryrun bool) *exec.Cmd {
+func commandBuild(build Build, dryrun bool) *execabs.Cmd {
 	args := []string{
 		"buildx",
 		"build",
@@ -78,39 +87,51 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd {
 	if !dryrun && build.Output == "" && len(build.Tags.Value()) > 0 {
 		args = append(args, "--push")
 	}
+
 	if build.Compress {
 		args = append(args, "--compress")
 	}
+
 	if build.Pull {
 		args = append(args, "--pull=true")
 	}
+
 	if build.NoCache {
 		args = append(args, "--no-cache")
 	}
-	for _, arg := range build.CacheFrom.Value() {
+
+	for _, arg := range build.CacheFrom {
 		args = append(args, "--cache-from", arg)
 	}
+
 	if build.CacheTo != "" {
 		args = append(args, "--cache-to", build.CacheTo)
 	}
+
 	for _, arg := range build.ArgsEnv.Value() {
 		addProxyValue(&build, arg)
 	}
+
 	for _, arg := range append(defaultBuildArgs, build.Args.Value()...) {
 		args = append(args, "--build-arg", arg)
 	}
+
 	for _, host := range build.AddHost.Value() {
 		args = append(args, "--add-host", host)
 	}
+
 	if build.Target != "" {
 		args = append(args, "--target", build.Target)
 	}
+
 	if build.Quiet {
 		args = append(args, "--quiet")
 	}
+
 	if build.Output != "" {
 		args = append(args, "--output", build.Output)
 	}
+
 	for _, arg := range build.NamedContext.Value() {
 		args = append(args, "--build-context", arg)
 	}
@@ -123,10 +144,30 @@ func commandBuild(build Build, dryrun bool) *exec.Cmd {
 		args = append(args, "-t", fmt.Sprintf("%s:%s", build.Repo, arg))
 	}
 
-	return exec.Command(dockerExe, args...)
+	for _, arg := range build.ExtraTags.Value() {
+		args = append(args, "-t", arg)
 	}
 
-// helper function to add proxy values from the environment
+	for _, arg := range build.Labels.Value() {
+		args = append(args, "--label", arg)
+	}
+
+	if build.Provenance != "" {
+		args = append(args, "--provenance", build.Provenance)
+	}
+
+	if build.SBOM != "" {
+		args = append(args, "--sbom", build.SBOM)
+	}
+
+	for _, secret := range build.Secrets {
+		args = append(args, "--secret", secret)
+	}
+
+	return execabs.Command(dockerBin, args...)
+}
+
+// helper function to add proxy values from the environment.
 func addProxyBuildArgs(build *Build) {
 	addProxyValue(build, "http_proxy")
 	addProxyValue(build, "https_proxy")
@@ -170,7 +211,7 @@ func hasProxyBuildArg(build *Build, key string) bool {
 }
 
 // helper function to create the docker daemon command.
-func commandDaemon(daemon Daemon) *exec.Cmd {
+func commandDaemon(daemon Daemon) *execabs.Cmd {
 	args := []string{
 		"--data-root", daemon.StoragePath,
 		"--host=unix:///var/run/docker.sock",
@@ -179,35 +220,44 @@ func commandDaemon(daemon Daemon) *exec.Cmd {
 	if daemon.StorageDriver != "" {
 		args = append(args, "-s", daemon.StorageDriver)
 	}
+
 	if daemon.Insecure && daemon.Registry != "" {
 		args = append(args, "--insecure-registry", daemon.Registry)
 	}
+
 	if daemon.IPv6 {
 		args = append(args, "--ipv6")
 	}
+
 	if len(daemon.Mirror) != 0 {
 		args = append(args, "--registry-mirror", daemon.Mirror)
 	}
+
 	if len(daemon.Bip) != 0 {
 		args = append(args, "--bip", daemon.Bip)
 	}
+
 	for _, dns := range daemon.DNS.Value() {
 		args = append(args, "--dns", dns)
 	}
+
 	for _, dnsSearch := range daemon.DNSSearch.Value() {
 		args = append(args, "--dns-search", dnsSearch)
 	}
+
 	if len(daemon.MTU) != 0 {
 		args = append(args, "--mtu", daemon.MTU)
 	}
+
 	if daemon.Experimental {
 		args = append(args, "--experimental")
 	}
-	return exec.Command(dockerdExe, args...)
+
+	return execabs.Command(dockerdBin, args...)
 }
 
 // trace writes each command to stdout with the command wrapped in an xml
 // tag so that it can be extracted and displayed in the logs.
-func trace(cmd *exec.Cmd) {
+func trace(cmd *execabs.Cmd) {
 	fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " "))
 }

plugin/docker_test.go

@@ -1 +0,0 @@
-package plugin

plugin/impl.go

@@ -3,12 +3,12 @@ package plugin
 import (
 	"fmt"
 	"os"
-	"os/exec"
 	"path/filepath"
 	"time"
 
 	"github.com/sirupsen/logrus"
 	"github.com/urfave/cli/v2"
+	"golang.org/x/sys/execabs"
 )
 
 // Daemon defines Docker daemon parameters.
@@ -47,12 +47,13 @@ type Build struct {
 	TagsAuto     bool            // Docker build auto tag
 	TagsSuffix   string          // Docker build tags with suffix
 	Tags         cli.StringSlice // Docker build tags
+	ExtraTags    cli.StringSlice // Docker build tags including registry
 	Platforms    cli.StringSlice // Docker build target platforms
 	Args         cli.StringSlice // Docker build args
 	ArgsEnv      cli.StringSlice // Docker build args from env
 	Target       string          // Docker build target
 	Pull         bool            // Docker build pull
-	CacheFrom    cli.StringSlice // Docker build cache-from
+	CacheFrom    []string        // Docker build cache-from
 	CacheTo      string          // Docker build cache-to
 	Compress     bool            // Docker build compress
 	Repo         string          // Docker build repository
@@ -61,6 +62,10 @@ type Build struct {
 	Quiet        bool            // Docker build quiet
 	Output       string          // Docker build output folder
 	NamedContext cli.StringSlice // Docker build named context
+	Labels       cli.StringSlice // Docker build labels
+	Provenance   string          // Docker build provenance attestation
+	SBOM         string          // Docker build sbom attestation
+	Secrets      []string        // Docker build secrets
 }
 
 // Settings for the Plugin.
@@ -69,9 +74,10 @@ type Settings struct {
 	Login  Login
 	Build  Build
 	Dryrun bool
-	Cleanup bool
 }
 
+const strictFilePerm = 0o600
+
 // Validate handles the settings validation of the plugin.
 func (p *Plugin) Validate() error {
 	p.settings.Build.Branch = p.pipeline.Repo.Branch
@@ -90,11 +96,14 @@ func (p *Plugin) Validate() error {
 			)
 			if err != nil {
 				logrus.Infof("cannot generate tags from %s, invalid semantic version", p.settings.Build.Ref)
+
 				return err
 			}
+
 			p.settings.Build.Tags = *cli.NewStringSlice(tag...)
 		} else {
 			logrus.Infof("skip auto-tagging for %s, not on default branch or tag", p.settings.Build.Ref)
+
 			return nil
 		}
 	}
@@ -103,9 +112,29 @@ func (p *Plugin) Validate() error {
 }
 
 // Execute provides the implementation of the plugin.
+//
+//nolint:gocognit
 func (p *Plugin) Execute() error {
 	// start the Docker daemon server
+	//nolint: nestif
 	if !p.settings.Daemon.Disabled {
+		// If no custom DNS value set start internal DNS server
+		if len(p.settings.Daemon.DNS.Value()) == 0 {
+			ip, err := getContainerIP()
+			if err != nil {
+				logrus.Warnf("error detecting IP address: %v", err)
+			}
+
+			if ip != "" {
+				logrus.Debugf("discovered IP address: %v", ip)
+				p.startCoredns()
+
+				if err := p.settings.Daemon.DNS.Set(ip); err != nil {
+					return fmt.Errorf("error setting daemon dns: %w", err)
+				}
+			}
+		}
+
 		p.startDaemon()
 	}
 
@@ -113,55 +142,59 @@ func (p *Plugin) Execute() error {
 	// ready to accept connections before we proceed.
 	for i := 0; i < 15; i++ {
 		cmd := commandInfo()
+
 		err := cmd.Run()
 		if err == nil {
 			break
 		}
+
 		time.Sleep(time.Second * 1)
 	}
 
 	// Create Auth Config File
 	if p.settings.Login.Config != "" {
-		if err := os.MkdirAll(dockerHome, 0o600); err != nil {
+		if err := os.MkdirAll(dockerHome, strictFilePerm); err != nil {
-			return fmt.Errorf("failed to create docker home: %s", err)
+			return fmt.Errorf("failed to create docker home: %w", err)
 		}
 
 		path := filepath.Join(dockerHome, "config.json")
-		err := os.WriteFile(path, []byte(p.settings.Login.Config), 0o600)
+
+		err := os.WriteFile(path, []byte(p.settings.Login.Config), strictFilePerm)
 		if err != nil {
-			return fmt.Errorf("error writing config.json: %s", err)
+			return fmt.Errorf("error writing config.json: %w", err)
 		}
 	}
 
 	// login to the Docker registry
 	if p.settings.Login.Password != "" {
 		cmd := commandLogin(p.settings.Login)
+
 		err := cmd.Run()
 		if err != nil {
-			return fmt.Errorf("error authenticating: %s", err)
+			return fmt.Errorf("error authenticating: %w", err)
 		}
 	}
 
 	if p.settings.Daemon.BuildkitConfig != "" {
-		err := os.WriteFile(buildkitConfig, []byte(p.settings.Daemon.BuildkitConfig), 0o600)
+		err := os.WriteFile(buildkitConfig, []byte(p.settings.Daemon.BuildkitConfig), strictFilePerm)
 		if err != nil {
-			return fmt.Errorf("error writing buildkit.json: %s", err)
+			return fmt.Errorf("error writing buildkit.toml: %w", err)
 		}
 	}
 
 	switch {
 	case p.settings.Login.Password != "":
-		fmt.Println("Detected registry credentials")
+		logrus.Info("Detected registry credentials")
 	case p.settings.Login.Config != "":
-		fmt.Println("Detected registry credentials file")
+		logrus.Info("Detected registry credentials file")
 	default:
-		fmt.Println("Registry credentials or Docker config not provided. Guest mode enabled.")
+		logrus.Info("Registry credentials or Docker config not provided. Guest mode enabled.")
 	}
 
 	// add proxy build args
 	addProxyBuildArgs(&p.settings.Build)
 
-	var cmds []*exec.Cmd
+	var cmds []*execabs.Cmd
 	cmds = append(cmds, commandVersion()) // docker version
 	cmds = append(cmds, commandInfo())    // docker info
 	cmds = append(cmds, commandBuilder(p.settings.Daemon))

plugin/plugin.go

@@ -12,7 +12,7 @@ type Plugin struct {
 }
 
 // New initializes a plugin from the given Settings, Pipeline, and Network.
-func New(settings Settings, pipeline drone.Pipeline, network drone.Network) drone.Plugin {
+func New(settings Settings, pipeline drone.Pipeline, network drone.Network) *Plugin {
 	return &Plugin{
 		settings: settings,
 		pipeline: pipeline,

plugin/tags.go

@@ -14,9 +14,11 @@ func DefaultTagSuffix(ref, suffix string) ([]string, error) {
 	if err != nil {
 		return nil, err
 	}
+
 	if len(suffix) == 0 {
 		return tags, nil
 	}
+
 	for i, tag := range tags {
 		if tag == "latest" {
 			tags[i] = suffix
@@ -24,13 +26,15 @@ func DefaultTagSuffix(ref, suffix string) ([]string, error) {
 			tags[i] = fmt.Sprintf("%s-%s", tag, suffix)
 		}
 	}
+
 	return tags, nil
 }
 
 func splitOff(input, delim string) string {
-	parts := strings.SplitN(input, delim, 2)
+	const splits = 2
+	parts := strings.SplitN(input, delim, splits)
 
-	if len(parts) == 2 {
+	if len(parts) == splits {
 		return parts[0]
 	}
 
@@ -43,42 +47,65 @@ func DefaultTags(ref string) ([]string, error) {
 	if !strings.HasPrefix(ref, "refs/tags/") {
 		return []string{"latest"}, nil
 	}
-	v := stripTagPrefix(ref)
+
-	version, err := semver.NewVersion(v)
+	rawVersion := stripTagPrefix(ref)
+
+	version, err := semver.NewVersion(rawVersion)
 	if err != nil {
 		return []string{"latest"}, err
 	}
+
 	if version.PreRelease != "" || version.Metadata != "" {
 		return []string{
 			version.String(),
 		}, nil
 	}
 
-	v = stripTagPrefix(ref)
+	rawVersion = stripTagPrefix(ref)
-	v = splitOff(splitOff(v, "+"), "-")
+	rawVersion = splitOff(splitOff(rawVersion, "+"), "-")
-	dotParts := strings.SplitN(v, ".", 3)
+	//nolint:gomnd
+	dotParts := strings.SplitN(rawVersion, ".", 3)
 
 	if version.Major == 0 {
 		return []string{
 			fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
-			fmt.Sprintf("%0*d.%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor, len(dotParts[2]), version.Patch),
+			fmt.Sprintf(
-		}, nil
+				"%0*d.%0*d.%0*d",
-	}
+				len(dotParts[0]),
-	return []string{
+				version.Major,
-		fmt.Sprintf("%0*d", len(dotParts[0]), version.Major),
+				len(dotParts[1]),
-		fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
+				version.Minor,
-		fmt.Sprintf("%0*d.%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor, len(dotParts[2]), version.Patch),
+				len(dotParts[2]),
+				version.Patch,
+			),
 		}, nil
 	}
 
-// UseDefaultTag for keep only default branch for latest tag
+	return []string{
+		fmt.Sprintf("%0*d", len(dotParts[0]), version.Major),
+		fmt.Sprintf("%0*d.%0*d", len(dotParts[0]), version.Major, len(dotParts[1]), version.Minor),
+		fmt.Sprintf(
+			"%0*d.%0*d.%0*d",
+			len(dotParts[0]),
+			version.Major,
+			len(dotParts[1]),
+			version.Minor,
+			len(dotParts[2]),
+			version.Patch,
+		),
+	}, nil
+}
+
+// UseDefaultTag to keep only default branch for latest tag.
 func UseDefaultTag(ref, defaultBranch string) bool {
 	if strings.HasPrefix(ref, "refs/tags/") {
 		return true
 	}
+
 	if stripHeadPrefix(ref) == defaultBranch {
 		return true
 	}
+
 	return false
 }
 
@@ -89,5 +116,6 @@ func stripHeadPrefix(ref string) string {
 func stripTagPrefix(ref string) string {
 	ref = strings.TrimPrefix(ref, "refs/tags/")
 	ref = strings.TrimPrefix(ref, "v")
+
 	return ref
 }

plugin/tags_test.go

@@ -40,8 +40,10 @@ func TestDefaultTags(t *testing.T) {
 		tags, err := DefaultTags(test.Before)
 		if err != nil {
 			t.Error(err)
+
 			continue
 		}
+
 		got, want := tags, test.After
 		if !reflect.DeepEqual(got, want) {
 			t.Errorf("Got tag %v, want %v", got, want)
@@ -123,8 +125,10 @@ func TestDefaultTagSuffix(t *testing.T) {
 		tag, err := DefaultTagSuffix(test.Before, test.Suffix)
 		if err != nil {
 			t.Error(err)
+
 			continue
 		}
+
 		got, want := tag, test.After
 		if !reflect.DeepEqual(got, want) {
 			t.Errorf("Got tag %v, want %v", got, want)
@@ -136,6 +140,7 @@ func Test_stripHeadPrefix(t *testing.T) {
 	type args struct {
 		ref string
 	}
+
 	tests := []struct {
 		args args
 		want string
@@ -147,6 +152,7 @@ func Test_stripHeadPrefix(t *testing.T) {
 			want: "main",
 		},
 	}
+
 	for _, tt := range tests {
 		if got := stripHeadPrefix(tt.args.ref); got != tt.want {
 			t.Errorf("stripHeadPrefix() = %v, want %v", got, tt.want)
@@ -159,6 +165,7 @@ func TestUseDefaultTag(t *testing.T) {
 		ref           string
 		defaultBranch string
 	}
+
 	tests := []struct {
 		name string
 		args args
@@ -189,6 +196,7 @@ func TestUseDefaultTag(t *testing.T) {
 			want: false,
 		},
 	}
+
 	for _, tt := range tests {
 		if got := UseDefaultTag(tt.args.ref, tt.args.defaultBranch); got != tt.want {
 			t.Errorf("%q. UseDefaultTag() = %v, want %v", tt.name, got, tt.want)

renovate.json

@@ -1,4 +0,0 @@
-{
-  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
-  "extends": ["github>thegeeklab/renovate-presets:golang"]
-}