Compare commits

...

17 Commits

Author SHA1 Message Date
CrazyMax
28218f9b04 Merge pull request #66 from crazy-max/remove-os-limitation
Remove os limitation
2021-04-28 00:38:38 +02:00
CrazyMax
7439f8b467 Remove os limitation
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-04-28 00:34:32 +02:00
CrazyMax
4b206288bd Merge pull request #61 from crazy-max/workflow
Enhance workflow
2021-03-31 18:49:11 +02:00
CrazyMax
4abf7e9de3 Enhance workflow
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-03-31 18:34:49 +02:00
CrazyMax
175e20ba61 Merge pull request #60 from syscll/docs-quay-io
Add Quay.io usage docs
2021-03-31 09:37:40 +02:00
Dan Bond
92a2593650 Update TOC 2021-03-26 14:58:30 -07:00
Dan Bond
957a8f0d4a README: add quay.io usage docs 2021-03-26 11:37:33 -07:00
CrazyMax
971b76aea9 Merge pull request #59 from crazy-max/ghcr-github-token
Use GITHUB_TOKEN with GHCR
2021-03-25 00:14:10 +01:00
CrazyMax
5b092cf2f7 Use GITHUB_TOKEN with GHCR
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-03-24 23:24:06 +01:00
CrazyMax
ab81ae06bb Merge pull request #58 from crazy-max/cleanup
Remove label workflow
2021-03-18 20:09:00 +01:00
CrazyMax
f4a3bbc2c6 Remove label workflow
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-03-18 20:07:30 +01:00
CrazyMax
e2302b10cc Merge pull request #55 from crazy-max/ghcr-doc
Improve GHCR doc
2021-02-16 13:30:19 +01:00
CrazyMax
c2c723b5d1 Improve GHCR doc
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-02-16 13:28:22 +01:00
CrazyMax
ab80d026d4 Merge pull request #48 from crazy-max/e2e-gar
Test login against GAR
2020-12-22 17:34:18 +01:00
CrazyMax
13fa0663e1 Test login against GAR
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2020-12-22 11:27:40 +01:00
CrazyMax
75e7be0db4 Merge pull request #42 from crazy-max/login-test-3
Test login against GCR
2020-12-22 11:12:35 +01:00
CrazyMax
d6f5c68835 Test login against GCR
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2020-12-22 11:11:31 +01:00
18 changed files with 305 additions and 211 deletions

2
.dockerignore Normal file
View File

@@ -0,0 +1,2 @@
/coverage
/node_modules

View File

@@ -2,20 +2,24 @@
Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great. Hi there! We're thrilled that you'd like to contribute to this project. Your help is essential for keeping it great.
Contributions to this project are [released](https://help.github.com/articles/github-terms-of-service/#6-contributions-under-repository-license) to the public under the [project's open source license](LICENSE). Contributions to this project are [released](https://docs.github.com/en/github/site-policy/github-terms-of-service#6-contributions-under-repository-license)
to the public under the [project's open source license](LICENSE).
## Submitting a pull request ## Submitting a pull request
1. [Fork](https://github.com/docker/login-action/fork) and clone the repository 1. [Fork](https://github.com/docker/login-action/fork) and clone the repository
2. Configure and install the dependencies: `yarn install` 2. Configure and install the dependencies: `yarn install`
4. Create a new branch: `git checkout -b my-branch-name` 3. Create a new branch: `git checkout -b my-branch-name`
5. Make your change 4. Make your changes
6. Run pre-checkin: `yarn run pre-checkin` 5. Make sure the tests pass: `docker buildx bake test`
7. Push to your fork and [submit a pull request](https://github.com/docker/login-action/compare) 6. Format code and build javascript artifacts: `docker buildx bake pre-checkin`
8. Pat your self on the back and wait for your pull request to be reviewed and merged. 7. Validate all code has correctly formatted and built: `docker buildx bake validate`
8. Push to your fork and [submit a pull request](https://github.com/docker/login-action/compare)
9. Pat your self on the back and wait for your pull request to be reviewed and merged.
Here are a few things you can do that will increase the likelihood of your pull request being accepted: Here are a few things you can do that will increase the likelihood of your pull request being accepted:
- Write tests.
- Make sure the `README.md` and any other relevant **documentation are kept up-to-date**. - Make sure the `README.md` and any other relevant **documentation are kept up-to-date**.
- We try to follow [SemVer v2.0.0](https://semver.org/). Randomly breaking public APIs is not an option. - We try to follow [SemVer v2.0.0](https://semver.org/). Randomly breaking public APIs is not an option.
- Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as **separate pull requests**. - Keep your change as focused as possible. If there are multiple changes you would like to make that are not dependent upon each other, consider submitting them as **separate pull requests**.
@@ -24,5 +28,5 @@ Here are a few things you can do that will increase the likelihood of your pull
## Resources ## Resources
- [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/) - [How to Contribute to Open Source](https://opensource.guide/how-to-contribute/)
- [Using Pull Requests](https://help.github.com/articles/about-pull-requests/) - [Using Pull Requests](https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests)
- [GitHub Help](https://help.github.com) - [GitHub Help](https://docs.github.com/en)

View File

@@ -30,4 +30,5 @@ about: Create a report to help us improve
### Logs ### Logs
> Download the [log file of your build](https://help.github.com/en/actions/configuring-and-managing-workflows/managing-a-workflow-run#downloading-logs) and [attach it](https://help.github.com/en/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests) to this issue. > Download the [log file of your build](https://docs.github.com/en/actions/managing-workflow-runs/using-workflow-run-logs#downloading-logs)
> and [attach it](https://docs.github.com/en/github/managing-your-work-on-github/file-attachments-on-issues-and-pull-requests) to this issue.

Binary file not shown.

Before

Width:  |  Height:  |  Size: 5.0 KiB

After

Width:  |  Height:  |  Size: 4.3 KiB

BIN
.github/ghcr-manage-actions-access.gif vendored Normal file

Binary file not shown.

After

Width:  |  Height:  |  Size: 99 KiB

77
.github/labels.yml vendored
View File

@@ -1,77 +0,0 @@
## more info https://github.com/crazy-max/ghaction-github-labeler
- # automerge
name: ":bell: automerge"
color: "8f4fbc"
description: ""
- # bot
name: ":robot: bot"
color: "69cde9"
description: ""
- # bug
name: ":bug: bug"
color: "b60205"
description: ""
- # dependencies
name: ":game_die: dependencies"
color: "0366d6"
description: ""
- # documentation
name: ":memo: documentation"
color: "c5def5"
description: ""
- # duplicate
name: ":busts_in_silhouette: duplicate"
color: "cccccc"
description: ""
- # enhancement
name: ":sparkles: enhancement"
color: "0054ca"
description: ""
- # feature request
name: ":bulb: feature request"
color: "0e8a16"
description: ""
- # feedback
name: ":mega: feedback"
color: "03a9f4"
description: ""
- # future maybe
name: ":rocket: future maybe"
color: "fef2c0"
description: ""
- # good first issue
name: ":hatching_chick: good first issue"
color: "7057ff"
description: ""
- # help wanted
name: ":pray: help wanted"
color: "4caf50"
description: ""
- # hold
name: ":hand: hold"
color: "24292f"
description: ""
- # invalid
name: ":no_entry_sign: invalid"
color: "e6e6e6"
description: ""
- # maybe bug
name: ":interrobang: maybe bug"
color: "ff5722"
description: ""
- # needs more info
name: ":thinking: needs more info"
color: "795548"
description: ""
- # question
name: ":question: question"
color: "3f51b5"
description: ""
- # upstream
name: ":eyes: upstream"
color: "fbca04"
description: ""
- # wontfix
name: ":coffin: wontfix"
color: "ffffff"
description: ""

View File

@@ -6,9 +6,28 @@ on:
- cron: '0 10 * * *' # everyday at 10am - cron: '0 10 * * *' # everyday at 10am
push: push:
branches: branches:
- master - 'master'
- 'releases/v*'
jobs: jobs:
stop-docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Stop docker
run: |
sudo systemctl stop docker
-
name: Login to GitHub Container Registry
uses: ./
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
dind: dind:
runs-on: ubuntu-latest runs-on: ubuntu-latest
env: env:
@@ -149,8 +168,8 @@ jobs:
uses: ./ uses: ./
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }} username: ${{ github.repository_owner }}
password: ${{ secrets.GHCR_PAT }} password: ${{ secrets.GITHUB_TOKEN }}
gitlab: gitlab:
runs-on: ubuntu-latest runs-on: ubuntu-latest
@@ -166,30 +185,30 @@ jobs:
username: ${{ secrets.GITLAB_USERNAME }} username: ${{ secrets.GITLAB_USERNAME }}
password: ${{ secrets.GITLAB_TOKEN }} password: ${{ secrets.GITLAB_TOKEN }}
# google-artifact: google-artifact:
# runs-on: ubuntu-latest runs-on: ubuntu-latest
# steps: steps:
# - -
# name: Checkout name: Checkout
# uses: actions/checkout@v2 uses: actions/checkout@v2
# - -
# name: Login to Google Artifact Registry name: Login to Google Artifact Registry
# uses: ./ uses: ./
# with: with:
# registry: ${{ secrets.GAR_LOCATION }}-docker.pkg.dev registry: ${{ secrets.GAR_LOCATION }}-docker.pkg.dev
# username: _json_key username: _json_key
# password: ${{ secrets.GAR_JSON_KEY }} password: ${{ secrets.GAR_JSON_KEY }}
#
# google-container: google-container:
# runs-on: ubuntu-latest runs-on: ubuntu-latest
# steps: steps:
# - -
# name: Checkout name: Checkout
# uses: actions/checkout@v2 uses: actions/checkout@v2
# - -
# name: Login to Google Container Registry name: Login to Google Container Registry
# uses: ./ uses: ./
# with: with:
# registry: gcr.io registry: gcr.io
# username: _json_key username: _json_key
# password: ${{ secrets.GCR_JSON_KEY }} password: ${{ secrets.GCR_JSON_KEY }}

View File

@@ -1,20 +0,0 @@
name: labels
on:
push:
branches:
- 'master'
paths:
- '.github/labels.yml'
- '.github/workflows/labels.yml'
jobs:
labeler:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Run Labeler
uses: crazy-max/ghaction-github-labeler@v3

View File

@@ -3,38 +3,32 @@ name: test
on: on:
push: push:
branches: branches:
- master - 'master'
- releases/v* - 'releases/v*'
paths-ignore:
- '**.md'
pull_request: pull_request:
paths-ignore: branches:
- '**.md' - 'master'
- 'releases/v*'
jobs: jobs:
test: test:
runs-on: ${{ matrix.os }} runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
os:
- ubuntu-20.04
- ubuntu-18.04
- ubuntu-16.04
steps: steps:
- -
name: Checkout name: Checkout
uses: actions/checkout@v2 uses: actions/checkout@v2
- -
name: Install name: Validate
run: yarn install uses: docker/bake-action@v1
with:
targets: validate
- -
name: Test name: Test
run: yarn run test uses: docker/bake-action@v1
with:
targets: test
- -
name: Upload coverage name: Upload coverage
uses: codecov/codecov-action@v1 uses: codecov/codecov-action@v1
if: success()
with: with:
token: ${{ secrets.CODECOV_TOKEN }}
file: ./coverage/clover.xml file: ./coverage/clover.xml

View File

@@ -8,11 +8,6 @@
GitHub Action to login against a Docker registry. GitHub Action to login against a Docker registry.
> :bulb: See also:
> * [setup-buildx](https://github.com/docker/setup-buildx-action) action
> * [setup-qemu](https://github.com/docker/setup-qemu-action) action
> * [build-push](https://github.com/docker/build-push-action) action
![Screenshot](.github/docker-login.png) ![Screenshot](.github/docker-login.png)
___ ___
@@ -28,10 +23,10 @@ ___
* [AWS Elastic Container Registry (ECR)](#aws-elastic-container-registry-ecr) * [AWS Elastic Container Registry (ECR)](#aws-elastic-container-registry-ecr)
* [AWS Public Elastic Container Registry (ECR)](#aws-public-elastic-container-registry-ecr) * [AWS Public Elastic Container Registry (ECR)](#aws-public-elastic-container-registry-ecr)
* [OCI Oracle Cloud Infrastructure Registry (OCIR)](#oci-oracle-cloud-infrastructure-registry-ocir) * [OCI Oracle Cloud Infrastructure Registry (OCIR)](#oci-oracle-cloud-infrastructure-registry-ocir)
* [Quay.io](#quayio)
* [Customizing](#customizing) * [Customizing](#customizing)
* [inputs](#inputs) * [inputs](#inputs)
* [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot) * [Keep up-to-date with GitHub Dependabot](#keep-up-to-date-with-github-dependabot)
* [Limitation](#limitation)
## Usage ## Usage
@@ -89,9 +84,12 @@ jobs:
### GitHub Container Registry ### GitHub Container Registry
To authenticate against the [GitHub Container Registry](https://docs.github.com/en/packages/getting-started-with-github-container-registry), To use the [GitHub Container Registry](https://docs.github.com/en/packages/getting-started-with-github-container-registry),
you will need to create a new [personal access token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token) you need to [enable this feature for your personal or organization account](https://docs.github.com/en/packages/guides/enabling-improved-container-support).
with the [appropriate scopes](https://docs.github.com/en/packages/getting-started-with-github-container-registry/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry).
To [authenticate against it](https://docs.github.com/en/packages/guides/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry),
use the [`GITHUB_TOKEN`](https://docs.github.com/en/actions/reference/authentication-in-a-workflow) for the best
security and experience.
```yaml ```yaml
name: ci name: ci
@@ -110,9 +108,16 @@ jobs:
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ github.repository_owner }} username: ${{ github.repository_owner }}
password: ${{ secrets.CR_PAT }} password: ${{ secrets.GITHUB_TOKEN }}
``` ```
You may need to manage write and read access of GitHub Actions for repositories in the container settings:
![Manage Actions access](.github/ghcr-manage-actions-access.gif)
You can also use a [personal access token (PAT)](https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token)
with the [appropriate scopes](https://docs.github.com/en/packages/getting-started-with-github-container-registry/migrating-to-github-container-registry-for-docker-images#authenticating-with-the-container-registry).
### GitLab ### GitLab
```yaml ```yaml
@@ -370,6 +375,30 @@ jobs:
> Replace `<region>` with their respective values from [availability regions](https://docs.cloud.oracle.com/iaas/Content/Registry/Concepts/registryprerequisites.htm#Availab) > Replace `<region>` with their respective values from [availability regions](https://docs.cloud.oracle.com/iaas/Content/Registry/Concepts/registryprerequisites.htm#Availab)
### Quay.io
Use a [Robot account](https://docs.quay.io/glossary/robot-accounts.html) with the ability to push to a public/private Quay.io repository.
```yaml
name: ci
on:
push:
branches: master
jobs:
login:
runs-on: ubuntu-latest
steps:
-
name: Login to Quay.io
uses: docker/login-action@v1
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
```
## Customizing ## Customizing
### inputs ### inputs
@@ -398,7 +427,3 @@ updates:
schedule: schedule:
interval: "daily" interval: "daily"
``` ```
## Limitation
This action is only available for Linux [virtual environments](https://help.github.com/en/articles/virtual-environments-for-github-actions#supported-virtual-environments-and-hardware-resources).

View File

@@ -6,17 +6,6 @@ import * as stateHelper from '../src/state-helper';
import * as core from '@actions/core'; import * as core from '@actions/core';
test('errors when not run on linux platform', async () => {
const platSpy = jest.spyOn(osm, 'platform');
platSpy.mockImplementation(() => 'netbsd');
const coreSpy: jest.SpyInstance = jest.spyOn(core, 'setFailed');
await run();
expect(coreSpy).toHaveBeenCalledWith('Only supported on linux platform');
});
test('errors without username and password', async () => { test('errors without username and password', async () => {
const platSpy = jest.spyOn(osm, 'platform'); const platSpy = jest.spyOn(osm, 'platform');
platSpy.mockImplementation(() => 'linux'); platSpy.mockImplementation(() => 'linux');

26
dist/index.js generated vendored
View File

@@ -497,18 +497,14 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
}; };
Object.defineProperty(exports, "__esModule", { value: true }); Object.defineProperty(exports, "__esModule", { value: true });
exports.run = void 0; exports.run = void 0;
const os = __importStar(__webpack_require__(87));
const core = __importStar(__webpack_require__(186)); const core = __importStar(__webpack_require__(186));
const context_1 = __webpack_require__(842); const context = __importStar(__webpack_require__(842));
const docker = __importStar(__webpack_require__(758)); const docker = __importStar(__webpack_require__(758));
const stateHelper = __importStar(__webpack_require__(647)); const stateHelper = __importStar(__webpack_require__(647));
function run() { function run() {
return __awaiter(this, void 0, void 0, function* () { return __awaiter(this, void 0, void 0, function* () {
try { try {
if (os.platform() !== 'linux') { const { registry, username, password, logout } = context.getInputs();
throw new Error('Only supported on linux platform');
}
const { registry, username, password, logout } = context_1.getInputs();
stateHelper.setRegistry(registry); stateHelper.setRegistry(registry);
stateHelper.setLogout(logout); stateHelper.setLogout(logout);
yield docker.login(registry, username, password); yield docker.login(registry, username, password);
@@ -3069,16 +3065,16 @@ function loginStandard(registry, username, password) {
loginArgs.push('--username', username); loginArgs.push('--username', username);
loginArgs.push(registry); loginArgs.push(registry);
if (registry) { if (registry) {
core.info(`🔑 Logging into ${registry}...`); core.info(`Logging into ${registry}...`);
} }
else { else {
core.info(`🔑 Logging into Docker Hub...`); core.info(`Logging into Docker Hub...`);
} }
yield execm.exec('docker', loginArgs, true, password).then(res => { yield execm.exec('docker', loginArgs, true, password).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
throw new Error(res.stderr); throw new Error(res.stderr);
} }
core.info('🎉 Login Succeeded!'); core.info(`Login Succeeded!`);
}); });
}); });
} }
@@ -3090,26 +3086,26 @@ function loginECR(registry, username, password) {
const region = yield aws.getRegion(registry); const region = yield aws.getRegion(registry);
const accountIDs = yield aws.getAccountIDs(registry); const accountIDs = yield aws.getAccountIDs(registry);
if (yield aws.isPubECR(registry)) { if (yield aws.isPubECR(registry)) {
core.info(`💡 AWS Public ECR detected with ${region} region`); core.info(`AWS Public ECR detected with ${region} region`);
} }
else { else {
core.info(`💡 AWS ECR detected with ${region} region`); core.info(`AWS ECR detected with ${region} region`);
} }
process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID;
process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY;
core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); core.info(`Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`);
const loginCmds = yield aws.getDockerLoginCmds(cliVersion, registry, region, accountIDs); const loginCmds = yield aws.getDockerLoginCmds(cliVersion, registry, region, accountIDs);
core.info(`🔑 Logging into ${registry}...`); core.info(`Logging into ${registry}...`);
loginCmds.forEach((loginCmd, index) => { loginCmds.forEach((loginCmd, index) => {
execm.exec(loginCmd, [], true).then(res => { execm.exec(loginCmd, [], true).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
throw new Error(res.stderr); throw new Error(res.stderr);
} }
if (loginCmds.length > 1) { if (loginCmds.length > 1) {
core.info(`🎉 Login Succeeded! (${index}/${loginCmds.length})`); core.info(`Login Succeeded! (${index}/${loginCmds.length})`);
} }
else { else {
core.info('🎉 Login Succeeded!'); core.info('Login Succeeded!');
} }
}); });
}); });

67
docker-bake.hcl Normal file
View File

@@ -0,0 +1,67 @@
variable "NODE_VERSION" {
default = "12"
}
target "node-version" {
args = {
NODE_VERSION = NODE_VERSION
}
}
group "default" {
targets = ["build"]
}
group "pre-checkin" {
targets = ["vendor-update", "format", "build"]
}
group "validate" {
targets = ["format-validate", "build-validate", "vendor-validate"]
}
target "build" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
target = "build-update"
output = ["."]
}
target "build-validate" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
target = "build-validate"
}
target "format" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
target = "format-update"
output = ["."]
}
target "format-validate" {
inherits = ["node-version"]
dockerfile = "./hack/build.Dockerfile"
target = "format-validate"
}
target "vendor-update" {
inherits = ["node-version"]
dockerfile = "./hack/vendor.Dockerfile"
target = "update"
output = ["."]
}
target "vendor-validate" {
inherits = ["node-version"]
dockerfile = "./hack/vendor.Dockerfile"
target = "validate"
}
target "test" {
inherits = ["node-version"]
dockerfile = "./hack/test.Dockerfile"
target = "test-coverage"
output = ["./coverage"]
}

42
hack/build.Dockerfile Normal file
View File

@@ -0,0 +1,42 @@
# syntax=docker/dockerfile:1.2
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache cpio findutils git
WORKDIR /src
FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install
FROM deps AS build
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run build && mkdir /out && cp -Rf dist /out/
FROM scratch AS build-update
COPY --from=build /out /
FROM build AS build-validate
RUN --mount=type=bind,target=.,rw \
git add -A && cp -rf /out/* .; \
if [ -n "$(git status --porcelain -- dist)" ]; then \
echo >&2 'ERROR: Build result differs. Please build first with "docker buildx bake build"'; \
git status --porcelain -- dist; \
exit 1; \
fi
FROM deps AS format
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run format \
&& mkdir /out && find . -name '*.ts' -not -path './node_modules/*' | cpio -pdm /out
FROM scratch AS format-update
COPY --from=format /out /
FROM deps AS format-validate
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn run format-check \

34
hack/test.Dockerfile Normal file
View File

@@ -0,0 +1,34 @@
# syntax=docker/dockerfile:1.2
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache binutils curl git unzip
ENV GLIBC_VER=2.31-r0
RUN curl -sL "https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub" -o "/etc/apk/keys/sgerrand.rsa.pub" \
&& curl -sLO "https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-${GLIBC_VER}.apk" \
&& curl -sLO "https://github.com/sgerrand/alpine-pkg-glibc/releases/download/${GLIBC_VER}/glibc-bin-${GLIBC_VER}.apk" \
&& apk add --no-cache \
glibc-${GLIBC_VER}.apk \
glibc-bin-${GLIBC_VER}.apk \
&& curl -sL "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip" \
&& unzip -qq "awscliv2.zip" \
&& ./aws/install \
&& aws --version
WORKDIR /src
FROM base AS deps
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install
FROM deps AS test
ENV RUNNER_TEMP=/tmp/github_runner
ENV RUNNER_TOOL_CACHE=/tmp/github_tool_cache
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
--mount=type=bind,from=crazymax/docker,source=/usr/libexec/docker/cli-plugins/docker-buildx,target=/usr/libexec/docker/cli-plugins/docker-buildx \
--mount=type=bind,from=crazymax/docker,source=/usr/local/bin/docker,target=/usr/bin/docker \
yarn run test --coverageDirectory=/tmp/coverage
FROM scratch AS test-coverage
COPY --from=test /tmp/coverage /

23
hack/vendor.Dockerfile Normal file
View File

@@ -0,0 +1,23 @@
# syntax=docker/dockerfile:1.2
ARG NODE_VERSION
FROM node:${NODE_VERSION}-alpine AS base
RUN apk add --no-cache git
WORKDIR /src
FROM base AS vendored
RUN --mount=type=bind,target=.,rw \
--mount=type=cache,target=/src/node_modules \
yarn install && mkdir /out && cp yarn.lock /out
FROM scratch AS update
COPY --from=vendored /out /
FROM vendored AS validate
RUN --mount=type=bind,target=.,rw \
git add -A && cp -rf /out/* .; \
if [ -n "$(git status --porcelain -- yarn.lock)" ]; then \
echo >&2 'ERROR: Vendor result differs. Please vendor your package with "docker buildx bake vendor-update"'; \
git status --porcelain -- yarn.lock; \
exit 1; \
fi

View File

@@ -28,15 +28,15 @@ export async function loginStandard(registry: string, username: string, password
loginArgs.push(registry); loginArgs.push(registry);
if (registry) { if (registry) {
core.info(`🔑 Logging into ${registry}...`); core.info(`Logging into ${registry}...`);
} else { } else {
core.info(`🔑 Logging into Docker Hub...`); core.info(`Logging into Docker Hub...`);
} }
await execm.exec('docker', loginArgs, true, password).then(res => { await execm.exec('docker', loginArgs, true, password).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
throw new Error(res.stderr); throw new Error(res.stderr);
} }
core.info('🎉 Login Succeeded!'); core.info(`Login Succeeded!`);
}); });
} }
@@ -47,27 +47,27 @@ export async function loginECR(registry: string, username: string, password: str
const accountIDs = await aws.getAccountIDs(registry); const accountIDs = await aws.getAccountIDs(registry);
if (await aws.isPubECR(registry)) { if (await aws.isPubECR(registry)) {
core.info(`💡 AWS Public ECR detected with ${region} region`); core.info(`AWS Public ECR detected with ${region} region`);
} else { } else {
core.info(`💡 AWS ECR detected with ${region} region`); core.info(`AWS ECR detected with ${region} region`);
} }
process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID; process.env.AWS_ACCESS_KEY_ID = username || process.env.AWS_ACCESS_KEY_ID;
process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY; process.env.AWS_SECRET_ACCESS_KEY = password || process.env.AWS_SECRET_ACCESS_KEY;
core.info(`⬇️ Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`); core.info(`Retrieving docker login command through AWS CLI ${cliVersion} (${cliPath})...`);
const loginCmds = await aws.getDockerLoginCmds(cliVersion, registry, region, accountIDs); const loginCmds = await aws.getDockerLoginCmds(cliVersion, registry, region, accountIDs);
core.info(`🔑 Logging into ${registry}...`); core.info(`Logging into ${registry}...`);
loginCmds.forEach((loginCmd, index) => { loginCmds.forEach((loginCmd, index) => {
execm.exec(loginCmd, [], true).then(res => { execm.exec(loginCmd, [], true).then(res => {
if (res.stderr != '' && !res.success) { if (res.stderr != '' && !res.success) {
throw new Error(res.stderr); throw new Error(res.stderr);
} }
if (loginCmds.length > 1) { if (loginCmds.length > 1) {
core.info(`🎉 Login Succeeded! (${index}/${loginCmds.length})`); core.info(`Login Succeeded! (${index}/${loginCmds.length})`);
} else { } else {
core.info('🎉 Login Succeeded!'); core.info('Login Succeeded!');
} }
}); });
}); });

View File

@@ -1,16 +1,11 @@
import * as os from 'os';
import * as core from '@actions/core'; import * as core from '@actions/core';
import {getInputs, Inputs} from './context'; import * as context from './context';
import * as docker from './docker'; import * as docker from './docker';
import * as stateHelper from './state-helper'; import * as stateHelper from './state-helper';
export async function run(): Promise<void> { export async function run(): Promise<void> {
try { try {
if (os.platform() !== 'linux') { const {registry, username, password, logout} = context.getInputs();
throw new Error('Only supported on linux platform');
}
const {registry, username, password, logout} = getInputs();
stateHelper.setRegistry(registry); stateHelper.setRegistry(registry);
stateHelper.setLogout(logout); stateHelper.setLogout(logout);
await docker.login(registry, username, password); await docker.login(registry, username, password);