mirror of
https://github.com/docker/build-push-action.git
synced 2026-07-03 05:21:38 +00:00
Compare commits
6 Commits
33fd15f6c0
...
514fbd217b
| Author | SHA1 | Date | |
|---|---|---|---|
|
|
514fbd217b | ||
|
|
b0312962ef | ||
|
|
96acf63e4c | ||
|
|
f8bc7f4600 | ||
|
|
c2064be02c | ||
|
|
4f02f34098 |
@ -538,7 +538,7 @@ nproc=3`],
|
||||
[
|
||||
'build',
|
||||
'--iidfile', path.join(tmpDir, 'iidfile'),
|
||||
'--attest', 'type=provenance,false',
|
||||
'--attest', 'type=provenance,disabled=true',
|
||||
'--metadata-file', path.join(tmpDir, 'metadata-file'),
|
||||
'.'
|
||||
]
|
||||
@ -742,7 +742,7 @@ ANOTHER_SECRET=ANOTHER_SECRET_ENV`]
|
||||
'build',
|
||||
'--iidfile', path.join(tmpDir, 'iidfile'),
|
||||
'--attest', `type=provenance,mode=max,builder-id=https://github.com/docker/build-push-action/actions/runs/123456789`,
|
||||
'--attest', `type=sbom,true`,
|
||||
'--attest', `type=sbom,disabled=false`,
|
||||
'--metadata-file', path.join(tmpDir, 'metadata-file'),
|
||||
'.'
|
||||
]
|
||||
|
||||
4
dist/index.js
generated
vendored
4
dist/index.js
generated
vendored
File diff suppressed because one or more lines are too long
2
dist/index.js.map
generated
vendored
2
dist/index.js.map
generated
vendored
File diff suppressed because one or more lines are too long
@ -27,8 +27,7 @@
|
||||
"license": "Apache-2.0",
|
||||
"dependencies": {
|
||||
"@actions/core": "^1.10.1",
|
||||
"@docker/actions-toolkit": "0.19.0",
|
||||
"csv-parse": "^5.5.5",
|
||||
"@docker/actions-toolkit": "0.20.0",
|
||||
"handlebars": "^4.7.7"
|
||||
},
|
||||
"devDependencies": {
|
||||
|
||||
@ -1,6 +1,5 @@
|
||||
import * as core from '@actions/core';
|
||||
import * as handlebars from 'handlebars';
|
||||
import {parse} from 'csv-parse/sync';
|
||||
import {Context} from '@docker/actions-toolkit/lib/context';
|
||||
import {GitHub} from '@docker/actions-toolkit/lib/github';
|
||||
import {Inputs as BuildxInputs} from '@docker/actions-toolkit/lib/buildx/inputs';
|
||||
@ -222,7 +221,7 @@ async function getAttestArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
|
||||
// check if provenance attestation is set in attests input
|
||||
let hasAttestProvenance = false;
|
||||
await Util.asyncForEach(inputs.attests, async (attest: string) => {
|
||||
if (hasAttestationType('provenance', attest)) {
|
||||
if (BuildxInputs.hasAttestationType('provenance', attest)) {
|
||||
hasAttestProvenance = true;
|
||||
}
|
||||
});
|
||||
@ -230,7 +229,7 @@ async function getAttestArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
|
||||
let provenanceSet = false;
|
||||
let sbomSet = false;
|
||||
if (inputs.provenance) {
|
||||
args.push('--attest', `type=provenance,${inputs.provenance}`);
|
||||
args.push('--attest', BuildxInputs.resolveAttestationAttrs(`type=provenance,${inputs.provenance}`));
|
||||
provenanceSet = true;
|
||||
} else if (!hasAttestProvenance && (await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !BuildxInputs.hasDockerExporter(inputs.outputs, inputs.load)) {
|
||||
// if provenance not specified in provenance or attests inputs and BuildKit
|
||||
@ -246,38 +245,21 @@ async function getAttestArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
|
||||
}
|
||||
}
|
||||
if (inputs.sbom) {
|
||||
args.push('--attest', `type=sbom,${inputs.sbom}`);
|
||||
args.push('--attest', BuildxInputs.resolveAttestationAttrs(`type=sbom,${inputs.sbom}`));
|
||||
sbomSet = true;
|
||||
}
|
||||
|
||||
// set attests but check if provenance or sbom types already set as
|
||||
// provenance and sbom inputs take precedence over attests input.
|
||||
await Util.asyncForEach(inputs.attests, async (attest: string) => {
|
||||
if (!hasAttestationType('provenance', attest) && !hasAttestationType('sbom', attest)) {
|
||||
args.push('--attest', attest);
|
||||
} else if (!provenanceSet && hasAttestationType('provenance', attest)) {
|
||||
if (!BuildxInputs.hasAttestationType('provenance', attest) && !BuildxInputs.hasAttestationType('sbom', attest)) {
|
||||
args.push('--attest', BuildxInputs.resolveAttestationAttrs(attest));
|
||||
} else if (!provenanceSet && BuildxInputs.hasAttestationType('provenance', attest)) {
|
||||
args.push('--attest', BuildxInputs.resolveProvenanceAttrs(attest));
|
||||
} else if (!sbomSet && hasAttestationType('sbom', attest)) {
|
||||
} else if (!sbomSet && BuildxInputs.hasAttestationType('sbom', attest)) {
|
||||
args.push('--attest', attest);
|
||||
}
|
||||
});
|
||||
|
||||
return args;
|
||||
}
|
||||
|
||||
function hasAttestationType(name: string, attrs: string): boolean {
|
||||
const attributes = parse(attrs, {
|
||||
delimiter: ',',
|
||||
trim: true,
|
||||
columns: false,
|
||||
relaxColumnCount: true
|
||||
});
|
||||
for (const attr of attributes) {
|
||||
for (const [key, value] of attr.map((chunk: string) => chunk.split('=').map(item => item.trim()))) {
|
||||
if (key == 'type' && value == name) {
|
||||
return true;
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -765,10 +765,10 @@
|
||||
dependencies:
|
||||
"@jridgewell/trace-mapping" "0.3.9"
|
||||
|
||||
"@docker/actions-toolkit@0.19.0":
|
||||
version "0.19.0"
|
||||
resolved "https://registry.yarnpkg.com/@docker/actions-toolkit/-/actions-toolkit-0.19.0.tgz#3b17d06c46d60142423651ddb9d390f65f109a8c"
|
||||
integrity sha512-Es08sgfIBOsEBQLfrJQtfgf5mM9Rl4nfZ7byYQ+umbI7VcUEF4AusyNfqsZob7ZRGu+YUw2jJivZysjVCz6LMg==
|
||||
"@docker/actions-toolkit@0.20.0":
|
||||
version "0.20.0"
|
||||
resolved "https://registry.yarnpkg.com/@docker/actions-toolkit/-/actions-toolkit-0.20.0.tgz#9619ff5da7f282e02e22509a5f2f1d707d4437fe"
|
||||
integrity sha512-oAHSQnWjEyRGmGXePt5A/rZG76U/gddQWF/JmD8lZQOL5WZ7WgfUd2MucOaxq3cd66rMew+iwkfqDzFJQewQQw==
|
||||
dependencies:
|
||||
"@actions/cache" "^3.2.4"
|
||||
"@actions/core" "^1.10.1"
|
||||
|
||||
Loading…
Reference in New Issue
Block a user