use methods from toolkit to handle provenance attrs

Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-03-12 23:34:24 +01:00 · 2023-03-12 23:34:24 +01:00 · b3435979d1
commit b3435979d1
parent 80def7c74e
4 changed files with 11 additions and 47 deletions
--- a/tests/context.test.ts
+++ b/tests/context.test.ts
@ -4,7 +4,7 @@ import * as path from 'path';
 import {Builder} from '@docker/actions-toolkit/lib/buildx/builder';
 import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx';
 import {Context} from '@docker/actions-toolkit/lib/context';
-import {Docker} from '@docker/actions-toolkit/lib/docker';
+import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 import {BuilderInfo} from '@docker/actions-toolkit/lib/types/builder';
@ -42,9 +42,9 @@ jest.spyOn(Builder.prototype, 'inspect').mockImplementation(async (): Promise<Bu
    lastActivity: new Date('2023-01-16 09:45:23 +0000 UTC'),
    nodes: [
      {
-        buildkitVersion: 'v0.11.0',
-        buildkitdFlags: '--debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
-        driverOpts: ['BUILDKIT_STEP_LOG_MAX_SIZE=10485760', 'BUILDKIT_STEP_LOG_MAX_SPEED=10485760', 'JAEGER_TRACE=localhost:6831', 'image=moby/buildkit:latest', 'network=host'],
+        buildkit: 'v0.11.0',
+        'buildkitd-flags': '--debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
+        'driver-opts': ['BUILDKIT_STEP_LOG_MAX_SIZE=10485760', 'BUILDKIT_STEP_LOG_MAX_SPEED=10485760', 'JAEGER_TRACE=localhost:6831', 'image=moby/buildkit:latest', 'network=host'],
        endpoint: 'unix:///var/run/docker.sock',
        name: 'builder20',
        platforms: 'linux/amd64,linux/amd64/v2,linux/amd64/v3,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6',
@ -609,7 +609,7 @@ nproc=3`],
      jest.spyOn(Buildx.prototype, 'version').mockImplementation(async (): Promise<string> => {
        return buildxVersion;
      });
-      const inp = await context.getInputs();
+      const inp = await context.getInputs(toolkit);
      const res = await context.getArgs(inp, toolkit);
      expect(res).toEqual(expected);
    }
--- a/package.json
+++ b/package.json
@ -30,7 +30,6 @@
  "dependencies": {
    "@actions/core": "^1.10.0",
    "@docker/actions-toolkit": "^0.1.0-beta.19",
-    "csv-parse": "^5.3.5",
    "handlebars": "^4.7.7"
  },
  "devDependencies": {
--- a/src/context.ts
+++ b/src/context.ts
@ -1,5 +1,4 @@
 import * as core from '@actions/core';
-import {parse} from 'csv-parse/sync';
 import * as handlebars from 'handlebars';
 import {Context} from '@docker/actions-toolkit/lib/context';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
@ -40,7 +39,7 @@ export interface Inputs {
  githubToken: string;
 }

-export async function getInputs(): Promise<Inputs> {
+export async function getInputs(toolkit: Toolkit): Promise<Inputs> {
  return {
    addHosts: Util.getInputList('add-hosts'),
    allow: Util.getInputList('allow'),
@ -60,7 +59,7 @@ export async function getInputs(): Promise<Inputs> {
    noCacheFilters: Util.getInputList('no-cache-filters'),
    outputs: Util.getInputList('outputs', {ignoreComma: true}),
    platforms: Util.getInputList('platforms'),
-    provenance: getProvenanceInput('provenance'),
+    provenance: toolkit.buildx.inputs.getProvenanceInput('provenance'),
    pull: core.getBooleanInput('pull'),
    push: core.getBooleanInput('push'),
    sbom: core.getInput('sbom'),
@ -145,10 +144,10 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
      if (GitHub.context.payload.repository?.private ?? false) {
        // if this is a private repository, we set the default provenance
        // attributes being set in buildx: https://github.com/docker/buildx/blob/fb27e3f919dcbf614d7126b10c2bc2d0b1927eb6/build/build.go#L603
-        args.push('--provenance', getProvenanceAttrs(`mode=min,inline-only=true`));
+        args.push('--provenance', toolkit.buildx.inputs.resolveProvenanceAttrs(`mode=min,inline-only=true`));
      } else {
        // for a public repository, we set max provenance mode.
-        args.push('--provenance', getProvenanceAttrs(`mode=max`));
+        args.push('--provenance', toolkit.buildx.inputs.resolveProvenanceAttrs(`mode=max`));
      }
    }
    if (inputs.sbom) {
@ -215,37 +214,3 @@ async function getCommonArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
  }
  return args;
 }
-
-function getProvenanceInput(name: string): string {
-  const input = core.getInput(name);
-  if (!input) {
-    // if input is not set, default values will be set later.
-    return input;
-  }
-  try {
-    return core.getBooleanInput(name) ? `builder-id=${Context.provenanceBuilderID()}` : 'false';
-  } catch (err) {
-    // not a valid boolean, so we assume it's a string
-    return getProvenanceAttrs(input);
-  }
-}
-
-function getProvenanceAttrs(input: string): string {
-  // parse attributes from input
-  const fields = parse(input, {
-    relaxColumnCount: true,
-    skipEmptyLines: true
-  })[0];
-  // check if builder-id attribute exists in the input
-  for (const field of fields) {
-    const parts = field
-      .toString()
-      .split(/(?<=^[^=]+?)=/)
-      .map(item => item.trim());
-    if (parts[0] == 'builder-id') {
-      return input;
-    }
-  }
-  // if not add builder-id attribute
-  return `${input},builder-id=${Context.provenanceBuilderID()}`;
-}
--- a/src/main.ts
+++ b/src/main.ts
@ -3,7 +3,7 @@ import * as stateHelper from './state-helper';
 import * as core from '@actions/core';
 import * as actionsToolkit from '@docker/actions-toolkit';
 import {Context} from '@docker/actions-toolkit/lib/context';
-import {Docker} from '@docker/actions-toolkit/lib/docker';
+import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {Exec} from '@docker/actions-toolkit/lib/exec';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
@ -13,8 +13,8 @@ import * as context from './context';
 actionsToolkit.run(
  // main
  async () => {
-    const inputs: context.Inputs = await context.getInputs();
    const toolkit = new Toolkit();
+    const inputs: context.Inputs = await context.getInputs(toolkit);

    await core.group(`GitHub Actions runtime token ACs`, async () => {
      try {