build-push-action/src/buildx.ts

import csvparse from 'csv-parse/lib/sync';
import fs from 'fs';
import path from 'path';
import * as semver from 'semver';
import * as exec from '@actions/exec';

import * as context from './context';

export async function getImageIDFile(): Promise<string> {
  return path.join(context.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);
}

export async function getImageID(): Promise<string | undefined> {
  const iidFile = await getImageIDFile();
  if (!fs.existsSync(iidFile)) {
    return undefined;
  }
  return fs.readFileSync(iidFile, {encoding: 'utf-8'});
}

export async function getSecretString(kvp: string): Promise<string> {
  return getSecret(kvp, false);
}

export async function getSecretFile(kvp: string): Promise<string> {
  return getSecret(kvp, true);
}

export async function getSecret(kvp: string, file: boolean): Promise<string> {
  const delimiterIndex = kvp.indexOf('=');
  const key = kvp.substring(0, delimiterIndex);
  let value = kvp.substring(delimiterIndex + 1);
  if (key.length == 0 || value.length == 0) {
    throw new Error(`${kvp} is not a valid secret`);
  }

  if (file) {
    if (!fs.existsSync(value)) {
      throw new Error(`secret file ${value} not found`);
    }
    value = fs.readFileSync(value, {encoding: 'utf-8'});
  }

  const secretFile = context.tmpNameSync({
    tmpdir: context.tmpDir()
  });
  fs.writeFileSync(secretFile, value);

  return `id=${key},src=${secretFile}`;
}

export function isLocalOrTarExporter(outputs: string[]): Boolean {
  for (let output of csvparse(outputs.join(`\n`), {
    delimiter: ',',
    trim: true,
    columns: false,
    relaxColumnCount: true
  })) {
    // Local if no type is defined
    // https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43
    if (output.length == 1 && !output[0].startsWith('type=')) {
      return true;
    }
    for (let [key, value] of output.map(chunk => chunk.split('=').map(item => item.trim()))) {
      if (key == 'type' && (value == 'local' || value == 'tar')) {
        return true;
      }
    }
  }
  return false;
}

export function hasGitAuthToken(secrets: string[]): Boolean {
  for (let secret of secrets) {
    if (secret.startsWith('GIT_AUTH_TOKEN=')) {
      return true;
    }
  }
  return false;
}

export async function isAvailable(): Promise<Boolean> {
  return await exec
    .getExecOutput('docker', ['buildx'], {
      ignoreReturnCode: true,
      silent: true
    })
    .then(res => {
      if (res.stderr.length > 0 && res.exitCode != 0) {
        return false;
      }
      return res.exitCode == 0;
    });
}

export async function getVersion(): Promise<string> {
  return await exec
    .getExecOutput('docker', ['buildx', 'version'], {
      ignoreReturnCode: true,
      silent: true
    })
    .then(res => {
      if (res.stderr.length > 0 && res.exitCode != 0) {
        throw new Error(res.stderr.trim());
      }
      return parseVersion(res.stdout.trim());
    });
}

export function parseVersion(stdout: string): string {
  const matches = /\sv?([0-9a-f]{7}|[0-9.]+)/.exec(stdout);
  if (!matches) {
    throw new Error(`Cannot parse buildx version`);
  }
  return matches[1];
}

export function satisfies(version: string, range: string): boolean {
  return semver.satisfies(version, range) || /^[0-9a-f]{7}$/.exec(version) !== null;
}
Handle multi-line secret value Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-11-17 21:38:45 +01:00			`import csvparse from 'csv-parse/lib/sync';`
Add digest output Fix platforms and allow inputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-17 22:18:15 +02:00			`import fs from 'fs';`
			`import path from 'path';`
Check Buildx version Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-23 03:31:38 +02:00			`import * as semver from 'semver';`
Use built-in `getExecOutput` Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-06-22 19:52:21 +02:00			`import * as exec from '@actions/exec';`
Handle multi-line secret value Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-11-17 21:38:45 +01:00
Add digest output Fix platforms and allow inputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-17 22:18:15 +02:00			`import * as context from './context';`
Build push action v2 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-16 00:36:41 +02:00
Add digest output Fix platforms and allow inputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-17 22:18:15 +02:00			`export async function getImageIDFile(): Promise<string> {`
Do not set --iidfile flag if local and tar exporters are used More tests for context module Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-19 21:17:06 +02:00			`return path.join(context.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);`
Add digest output Fix platforms and allow inputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-17 22:18:15 +02:00			`}`

			`export async function getImageID(): Promise<string \| undefined> {`
			`const iidFile = await getImageIDFile();`
			`if (!fs.existsSync(iidFile)) {`
			`return undefined;`
			`}`
			`return fs.readFileSync(iidFile, {encoding: 'utf-8'});`
			`}`

Allow to use secret file mount Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-02-15 10:08:19 +01:00			`export async function getSecretString(kvp: string): Promise<string> {`
			`return getSecret(kvp, false);`
			`}`

			`export async function getSecretFile(kvp: string): Promise<string> {`
			`return getSecret(kvp, true);`
			`}`

			`export async function getSecret(kvp: string, file: boolean): Promise<string> {`
Fix usage of deprecated substr (=> substring) Signed-off-by: Mathieu Bergeron <mathieu.bergeron@nuecho.com> 2020-10-23 19:49:33 +02:00			`const delimiterIndex = kvp.indexOf('=');`
			`const key = kvp.substring(0, delimiterIndex);`
Allow to use secret file mount Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-02-15 10:08:19 +01:00			`let value = kvp.substring(delimiterIndex + 1);`
Handle multi-line secret value Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-11-17 21:38:45 +01:00			`if (key.length == 0 \|\| value.length == 0) {`
			throw new Error(`${kvp} is not a valid secret`);
			`}`
Allow to use secret file mount Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-02-15 10:08:19 +01:00
			`if (file) {`
			`if (!fs.existsSync(value)) {`
			throw new Error(`secret file ${value} not found`);
			`}`
			`value = fs.readFileSync(value, {encoding: 'utf-8'});`
			`}`

Do not set --iidfile flag if local and tar exporters are used More tests for context module Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-19 21:17:06 +02:00			`const secretFile = context.tmpNameSync({`
			`tmpdir: context.tmpDir()`
Add secrets input Use Git as default context Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-09-02 10:07:11 +02:00			`});`
Allow to use secret file mount Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-02-15 10:08:19 +01:00			`fs.writeFileSync(secretFile, value);`

Add secrets input Use Git as default context Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-09-02 10:07:11 +02:00			return `id=${key},src=${secretFile}`;
			`}`

Better parsing of outputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-19 22:12:33 +02:00			`export function isLocalOrTarExporter(outputs: string[]): Boolean {`
Use csv-parse lib to parse outputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-20 15:18:02 +02:00			for (let output of csvparse(outputs.join(`\n`), {
			`delimiter: ',',`
			`trim: true,`
			`columns: false,`
Handle multi-line secret value Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-11-17 21:38:45 +01:00			`relaxColumnCount: true`
Use csv-parse lib to parse outputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-20 15:18:02 +02:00			`})) {`
Local if no type is defined for output Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-20 17:53:03 +02:00			`// Local if no type is defined`
			`// https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43`
			`if (output.length == 1 && !output[0].startsWith('type=')) {`
			`return true;`
			`}`
Use csv-parse lib to parse outputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-20 15:18:02 +02:00			`for (let [key, value] of output.map(chunk => chunk.split('=').map(item => item.trim()))) {`
Better parsing of outputs Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-10-19 22:12:33 +02:00			`if (key == 'type' && (value == 'local' \|\| value == 'tar')) {`
			`return true;`
			`}`
			`}`
			`}`
			`return false;`
			`}`

			`export function hasGitAuthToken(secrets: string[]): Boolean {`
			`for (let secret of secrets) {`
			`if (secret.startsWith('GIT_AUTH_TOKEN=')) {`
			`return true;`
			`}`
			`}`
			`return false;`
			`}`

Build push action v2 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-16 00:36:41 +02:00			`export async function isAvailable(): Promise<Boolean> {`
Use built-in `getExecOutput` Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-06-22 19:52:21 +02:00			`return await exec`
			`.getExecOutput('docker', ['buildx'], {`
			`ignoreReturnCode: true,`
			`silent: true`
			`})`
			`.then(res => {`
			`if (res.stderr.length > 0 && res.exitCode != 0) {`
			`return false;`
			`}`
			`return res.exitCode == 0;`
			`});`
Build push action v2 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-16 00:36:41 +02:00			`}`

Check Buildx version Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-23 03:31:38 +02:00			`export async function getVersion(): Promise<string> {`
Use built-in `getExecOutput` Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-06-22 19:52:21 +02:00			`return await exec`
			`.getExecOutput('docker', ['buildx', 'version'], {`
			`ignoreReturnCode: true,`
			`silent: true`
			`})`
			`.then(res => {`
			`if (res.stderr.length > 0 && res.exitCode != 0) {`
			`throw new Error(res.stderr.trim());`
			`}`
Small typo and ensure trimmed output Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-07-01 16:55:21 +02:00			`return parseVersion(res.stdout.trim());`
Use built-in `getExecOutput` Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-06-22 19:52:21 +02:00			`});`
Check Buildx version Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-23 03:31:38 +02:00			`}`

Handle git sha version of buildx Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-07-01 15:29:36 +02:00			`export function parseVersion(stdout: string): string {`
			`const matches = /\sv?([0-9a-f]{7}\|[0-9.]+)/.exec(stdout);`
Check Buildx version Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-23 03:31:38 +02:00			`if (!matches) {`
Remove os limitation Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-04-27 16:16:22 +02:00			throw new Error(`Cannot parse buildx version`);
Check Buildx version Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-23 03:31:38 +02:00			`}`
Handle git sha version of buildx Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2021-07-01 15:29:36 +02:00			`return matches[1];`
			`}`

			`export function satisfies(version: string, range: string): boolean {`
			`return semver.satisfies(version, range) \|\| /^[0-9a-f]{7}$/.exec(version) !== null;`
Check Buildx version Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> 2020-08-23 03:31:38 +02:00			`}`