From 89db4c201e2ef3ece80e7573c2462959d872d980 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9goire=20Joncour?= Date: Thu, 29 Jun 2023 21:16:20 +0200 Subject: [PATCH] fix: fix secrets format (#285) --- _docs/content/_index.md | 3 ++- cmd/drone-docker-buildx/config.go | 12 ++++++------ cmd/drone-docker-buildx/main.go | 7 +++++++ plugin/docker.go | 2 +- plugin/impl.go | 2 +- 5 files changed, 17 insertions(+), 9 deletions(-) diff --git a/_docs/content/_index.md b/_docs/content/_index.md index 8403946..bc166f6 100644 --- a/_docs/content/_index.md +++ b/_docs/content/_index.md @@ -112,7 +112,8 @@ steps: from_secret: secure_token settings: secrets: - - "id=raw_file_secret,src=file.txt" + - "id=raw_file_secret\\\\,src=file.txt" + - 'id=other_raw_file_secret\\,src=other_file.txt' - "id=SECRET_TOKEN" ``` diff --git a/cmd/drone-docker-buildx/config.go b/cmd/drone-docker-buildx/config.go index 0b44da6..8cc5415 100644 --- a/cmd/drone-docker-buildx/config.go +++ b/cmd/drone-docker-buildx/config.go @@ -321,12 +321,12 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag { Destination: &settings.Build.SBOM, Category: category, }, - &cli.StringSliceFlag{ - Name: "secrets", - EnvVars: []string{"PLUGIN_SECRETS"}, - Usage: "exposes secrets to the build", - Destination: &settings.Build.Secrets, - Category: category, + &cli.GenericFlag{ + Name: "secrets", + EnvVars: []string{"PLUGIN_SECRETS"}, + Usage: "exposes secrets to the build", + Value: &drone.StringSliceFlag{}, + Category: category, }, } } diff --git a/cmd/drone-docker-buildx/main.go b/cmd/drone-docker-buildx/main.go index a6a1a50..1240fcc 100644 --- a/cmd/drone-docker-buildx/main.go +++ b/cmd/drone-docker-buildx/main.go @@ -57,6 +57,13 @@ func run(settings *plugin.Settings) cli.ActionFunc { settings.Build.CacheFrom = cacheFrom.Get() + secrets, ok := ctx.Generic("secrets").(*drone.StringSliceFlag) + if !ok { + return fmt.Errorf("%w: failed to read secrets input", ErrTypeAssertionFailed) + } + + settings.Build.Secrets = secrets.Get() + plugin := plugin.New( *settings, urfave.PipelineFromContext(ctx), diff --git a/plugin/docker.go b/plugin/docker.go index cd44a2f..01db78d 100644 --- a/plugin/docker.go +++ b/plugin/docker.go @@ -160,7 +160,7 @@ func commandBuild(build Build, dryrun bool) *execabs.Cmd { args = append(args, "--sbom", build.SBOM) } - for _, secret := range build.Secrets.Value() { + for _, secret := range build.Secrets { args = append(args, "--secret", secret) } diff --git a/plugin/impl.go b/plugin/impl.go index 6f3f371..6651bac 100644 --- a/plugin/impl.go +++ b/plugin/impl.go @@ -65,7 +65,7 @@ type Build struct { Labels cli.StringSlice // Docker build labels Provenance string // Docker build provenance attestation SBOM string // Docker build sbom attestation - Secrets cli.StringSlice // Docker build secrets + Secrets []string // Docker build secrets } // Settings for the Plugin.