From 8b850f86dc46ba7eb11e02c7d3db66aeb2b0f022 Mon Sep 17 00:00:00 2001 From: CrazyMax <1951866+crazy-max@users.noreply.github.com> Date: Fri, 5 Jul 2024 13:17:52 +0200 Subject: [PATCH] create docker context if default one has TLS data loaded Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com> --- action.yml | 2 +- src/main.ts | 40 ++++++++++++++++++++++++++++++++++++++++ src/state-helper.ts | 5 +++++ 3 files changed, 46 insertions(+), 1 deletion(-) diff --git a/action.yml b/action.yml index de61801..da3b05a 100644 --- a/action.yml +++ b/action.yml @@ -52,7 +52,7 @@ inputs: description: 'Cleanup temp files and remove builder at the end of a job' default: 'true' required: false - # deprecated inputs + # TODO: remove deprecated config and config-inline inputs config: description: 'BuildKit daemon config file' deprecationMessage: 'Use buildkitd-config instead' diff --git a/src/main.ts b/src/main.ts index 8d74a15..da080bb 100644 --- a/src/main.ts +++ b/src/main.ts @@ -1,5 +1,6 @@ import * as fs from 'fs'; import * as yaml from 'js-yaml'; +import * as uuid from 'uuid'; import * as core from '@actions/core'; import * as actionsToolkit from '@docker/actions-toolkit'; @@ -68,6 +69,33 @@ actionsToolkit.run( fs.mkdirSync(Buildx.certsDir, {recursive: true}); stateHelper.setCertsDir(Buildx.certsDir); + // if the default context has TLS data loaded and endpoint is not set, then + // we create a temporary docker context only if driver is docker-container + // https://github.com/docker/buildx/blob/b96ad59f64d40873e4959336d294b648bb3937fe/builder/builder.go#L489 + // https://github.com/docker/setup-buildx-action/issues/105 + if (!standalone && inputs.driver == 'docker-container' && (await Docker.context()) == 'default' && inputs.endpoint.length == 0) { + const contextInfo = await Docker.contextInspect('default'); + core.debug(`context info: ${JSON.stringify(contextInfo, undefined, 2)}`); + const hasTLSData = Object.keys(contextInfo.Endpoints).length > 0 && Object.values(contextInfo.Endpoints)[0].TLSData; + const hasTLSMaterial = Object.keys(contextInfo.TLSMaterial).length > 0 && Object.values(contextInfo.TLSMaterial)[0].length > 0; + if (hasTLSData || hasTLSMaterial) { + const tmpDockerContext = `buildx-${uuid.v4()}`; + await core.group(`Creating temp docker context (TLS data loaded in default one)`, async () => { + await Docker.getExecOutput(['context', 'create', tmpDockerContext], { + ignoreReturnCode: true + }).then(res => { + if (res.stderr.length > 0 && res.exitCode != 0) { + core.warning(`cannot create docker context ${tmpDockerContext}: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`); + } else { + core.info(`Setting builder endpoint to ${tmpDockerContext} context`); + inputs.endpoint = tmpDockerContext; + stateHelper.setTmpDockerContext(tmpDockerContext); + } + }); + }); + } + } + if (inputs.driver !== 'docker') { await core.group(`Creating a new builder instance`, async () => { const certsDriverOpts = Buildx.resolveCertsDriverOpts(inputs.driver, inputs.endpoint, { @@ -214,6 +242,18 @@ actionsToolkit.run( }); } + if (stateHelper.tmpDockerContext) { + await core.group(`Removing temp docker context`, async () => { + await Exec.getExecOutput('docker', ['context', 'rm', '-f', stateHelper.tmpDockerContext], { + ignoreReturnCode: true + }).then(res => { + if (res.stderr.length > 0 && res.exitCode != 0) { + core.warning(`${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`); + } + }); + }); + } + if (stateHelper.certsDir.length > 0 && fs.existsSync(stateHelper.certsDir)) { await core.group(`Cleaning up certificates`, async () => { fs.rmSync(stateHelper.certsDir, {recursive: true}); diff --git a/src/state-helper.ts b/src/state-helper.ts index 5f513ca..d67c8c6 100644 --- a/src/state-helper.ts +++ b/src/state-helper.ts @@ -6,6 +6,7 @@ export const builderName = process.env['STATE_builderName'] || ''; export const builderDriver = process.env['STATE_builderDriver'] || ''; export const containerName = process.env['STATE_containerName'] || ''; export const certsDir = process.env['STATE_certsDir'] || ''; +export const tmpDockerContext = process.env['STATE_tmpDockerContext'] || ''; export const cleanup = /true/i.test(process.env['STATE_cleanup'] || ''); export function setDebug(debug: string) { @@ -32,6 +33,10 @@ export function setCertsDir(certsDir: string) { core.saveState('certsDir', certsDir); } +export function setTmpDockerContext(tmpDockerContext: string) { + core.saveState('tmpDockerContext', tmpDockerContext); +} + export function setCleanup(cleanup: boolean) { core.saveState('cleanup', cleanup); }