feat: add support for docker build secrets (#282)

2024-11-24 12:50:41 +00:00 · 2023-06-28 21:26:07 +03:00 · 2023-06-28 21:26:07 +03:00 · a572b72527
commit a572b72527
parent 471b9e046d
4 changed files with 17 additions and 0 deletions
--- a/_docs/data/data.yaml
+++ b/_docs/data/data.yaml
@ -265,3 +265,8 @@ properties:
    description: Generate [sbom](https://docs.docker.com/build/attestations/sbom/) attestation for the build (shorthand for `--attest type=sbom`).
    type: string
    required: false
  - name: secrets
    description: Pass [secrets](https://docs.docker.com/engine/reference/commandline/buildx_build/#secret) when building.
    type: list
    required: false
--- a/cmd/drone-docker-buildx/config.go
+++ b/cmd/drone-docker-buildx/config.go
@ -321,5 +321,12 @@ func settingsFlags(settings *plugin.Settings, category string) []cli.Flag {
 			Destination: &settings.Build.SBOM,
 			Category:    category,
 		},
 		&cli.StringSliceFlag{
 			Name:        "secrets",
 			EnvVars:     []string{"PLUGIN_SECRETS"},
 			Usage:       "secret key-value pairs",
 			Destination: &settings.Build.Secrets,
 			Category:    category,
 		},
 	}
 }
--- a/plugin/docker.go
+++ b/plugin/docker.go
@ -160,6 +160,10 @@ func commandBuild(build Build, dryrun bool) *execabs.Cmd {
 		args = append(args, "--sbom", build.SBOM)
 	}
 	for _, secret := range build.Secrets.Value() {
 		args = append(args, "--secret", secret)
 	}
 	return execabs.Command(dockerBin, args...)
 }
--- a/plugin/impl.go
+++ b/plugin/impl.go
@ -65,6 +65,7 @@ type Build struct {
 	Labels       cli.StringSlice // Docker build labels
 	Provenance   string          // Docker build provenance attestation
 	SBOM         string          // Docker build sbom attestation
 	Secrets      cli.StringSlice // Docker build secret key-pairs
 }
 // Settings for the Plugin.