From 8b850f86dc46ba7eb11e02c7d3db66aeb2b0f022 Mon Sep 17 00:00:00 2001
From: CrazyMax <1951866+crazy-max@users.noreply.github.com>
Date: Fri, 5 Jul 2024 13:17:52 +0200
Subject: [PATCH] create docker context if default one has TLS data loaded

Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
---
 action.yml          |  2 +-
 src/main.ts         | 40 ++++++++++++++++++++++++++++++++++++++++
 src/state-helper.ts |  5 +++++
 3 files changed, 46 insertions(+), 1 deletion(-)

diff --git a/action.yml b/action.yml
index de61801..da3b05a 100644
--- a/action.yml
+++ b/action.yml
@@ -52,7 +52,7 @@ inputs:
     description: 'Cleanup temp files and remove builder at the end of a job'
     default: 'true'
     required: false
-  # deprecated inputs
+  # TODO: remove deprecated config and config-inline inputs
   config:
     description: 'BuildKit daemon config file'
     deprecationMessage: 'Use buildkitd-config instead'
diff --git a/src/main.ts b/src/main.ts
index 8d74a15..da080bb 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -1,5 +1,6 @@
 import * as fs from 'fs';
 import * as yaml from 'js-yaml';
+import * as uuid from 'uuid';
 import * as core from '@actions/core';
 import * as actionsToolkit from '@docker/actions-toolkit';
 
@@ -68,6 +69,33 @@ actionsToolkit.run(
     fs.mkdirSync(Buildx.certsDir, {recursive: true});
     stateHelper.setCertsDir(Buildx.certsDir);
 
+    // if the default context has TLS data loaded and endpoint is not set, then
+    // we create a temporary docker context only if driver is docker-container
+    // https://github.com/docker/buildx/blob/b96ad59f64d40873e4959336d294b648bb3937fe/builder/builder.go#L489
+    // https://github.com/docker/setup-buildx-action/issues/105
+    if (!standalone && inputs.driver == 'docker-container' && (await Docker.context()) == 'default' && inputs.endpoint.length == 0) {
+      const contextInfo = await Docker.contextInspect('default');
+      core.debug(`context info: ${JSON.stringify(contextInfo, undefined, 2)}`);
+      const hasTLSData = Object.keys(contextInfo.Endpoints).length > 0 && Object.values(contextInfo.Endpoints)[0].TLSData;
+      const hasTLSMaterial = Object.keys(contextInfo.TLSMaterial).length > 0 && Object.values(contextInfo.TLSMaterial)[0].length > 0;
+      if (hasTLSData || hasTLSMaterial) {
+        const tmpDockerContext = `buildx-${uuid.v4()}`;
+        await core.group(`Creating temp docker context (TLS data loaded in default one)`, async () => {
+          await Docker.getExecOutput(['context', 'create', tmpDockerContext], {
+            ignoreReturnCode: true
+          }).then(res => {
+            if (res.stderr.length > 0 && res.exitCode != 0) {
+              core.warning(`cannot create docker context ${tmpDockerContext}: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
+            } else {
+              core.info(`Setting builder endpoint to ${tmpDockerContext} context`);
+              inputs.endpoint = tmpDockerContext;
+              stateHelper.setTmpDockerContext(tmpDockerContext);
+            }
+          });
+        });
+      }
+    }
+
     if (inputs.driver !== 'docker') {
       await core.group(`Creating a new builder instance`, async () => {
         const certsDriverOpts = Buildx.resolveCertsDriverOpts(inputs.driver, inputs.endpoint, {
@@ -214,6 +242,18 @@ actionsToolkit.run(
       });
     }
 
+    if (stateHelper.tmpDockerContext) {
+      await core.group(`Removing temp docker context`, async () => {
+        await Exec.getExecOutput('docker', ['context', 'rm', '-f', stateHelper.tmpDockerContext], {
+          ignoreReturnCode: true
+        }).then(res => {
+          if (res.stderr.length > 0 && res.exitCode != 0) {
+            core.warning(`${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
+          }
+        });
+      });
+    }
+
     if (stateHelper.certsDir.length > 0 && fs.existsSync(stateHelper.certsDir)) {
       await core.group(`Cleaning up certificates`, async () => {
         fs.rmSync(stateHelper.certsDir, {recursive: true});
diff --git a/src/state-helper.ts b/src/state-helper.ts
index 5f513ca..d67c8c6 100644
--- a/src/state-helper.ts
+++ b/src/state-helper.ts
@@ -6,6 +6,7 @@ export const builderName = process.env['STATE_builderName'] || '';
 export const builderDriver = process.env['STATE_builderDriver'] || '';
 export const containerName = process.env['STATE_containerName'] || '';
 export const certsDir = process.env['STATE_certsDir'] || '';
+export const tmpDockerContext = process.env['STATE_tmpDockerContext'] || '';
 export const cleanup = /true/i.test(process.env['STATE_cleanup'] || '');
 
 export function setDebug(debug: string) {
@@ -32,6 +33,10 @@ export function setCertsDir(certsDir: string) {
   core.saveState('certsDir', certsDir);
 }
 
+export function setTmpDockerContext(tmpDockerContext: string) {
+  core.saveState('tmpDockerContext', tmpDockerContext);
+}
+
 export function setCleanup(cleanup: boolean) {
   core.saveState('cleanup', cleanup);
 }