diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b65f9fb..5d36de1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -37,6 +37,9 @@ jobs: name: Set up Docker Buildx id: buildx uses: ./setup-buildx/ # change to docker/setup-buildx-action@master +# with: +# driver-opt: network=host +# buildkitd-flags: - name: Build and push uses: ./ @@ -45,6 +48,7 @@ jobs: file: ./test/Dockerfile-${{ matrix.dockerfile }} builder: ${{ steps.buildx.outputs.name }} platforms: linux/amd64,linux/arm64,linux/386 + allow: network.host,security.insecure #push: true tags: | localhost:5000/name/app:latest diff --git a/README.md b/README.md index 9eb0da5..fa28eab 100644 --- a/README.md +++ b/README.md @@ -82,6 +82,7 @@ Following inputs can be used as `step.with` keys | `tags` | String | | Newline-delimited list of tags **required** | | `pull` | Bool | `false` | Always attempt to pull a newer version of the image | | `target` | String | | Sets the target stage to build | +| `allow` | String | | Allow extra privileged entitlement (eg. network.host,security.insecure) | | `no-cache` | Bool | `false` | Do not use cache when building the image | | `platforms` | String | | Comma-delimited list of target platforms for build | | `load` | Bool | `false` | Shorthand for `--output=type=docker` | diff --git a/action.yml b/action.yml index 581a99a..b69fbab 100644 --- a/action.yml +++ b/action.yml @@ -33,6 +33,9 @@ inputs: target: description: "Sets the target stage to build" required: false + allow: + description: "Allow extra privileged entitlement (eg. network.host,security.insecure)" + required: false no-cache: description: "Do not use cache when building the image" required: false diff --git a/dist/index.js b/dist/index.js index 9204c00..39253ad 100644 --- a/dist/index.js +++ b/dist/index.js @@ -1041,6 +1041,9 @@ function run() { if (inputs.target) { buildArgs.push('--target', inputs.target); } + if (inputs.allow) { + buildArgs.push('--allow', inputs.allow); + } if (inputs.noCache) { buildArgs.push('--no-cache'); } @@ -1127,6 +1130,7 @@ function loadInputs() { tags: yield getInputList('tags'), pull: /true/i.test(core.getInput('pull')), target: core.getInput('target'), + allow: core.getInput('allow'), noCache: /true/i.test(core.getInput('no-cache')), builder: core.getInput('builder'), platforms: core.getInput('platforms'), diff --git a/src/context-helper.ts b/src/context-helper.ts index d4f5b9f..79881f8 100644 --- a/src/context-helper.ts +++ b/src/context-helper.ts @@ -8,6 +8,7 @@ export interface Inputs { tags: string[]; pull: boolean; target: string; + allow: string; noCache: boolean; builder: string; platforms: string; @@ -27,6 +28,7 @@ export async function loadInputs(): Promise { tags: await getInputList('tags'), pull: /true/i.test(core.getInput('pull')), target: core.getInput('target'), + allow: core.getInput('allow'), noCache: /true/i.test(core.getInput('no-cache')), builder: core.getInput('builder'), platforms: core.getInput('platforms'), diff --git a/src/main.ts b/src/main.ts index 458709c..e2b4b92 100644 --- a/src/main.ts +++ b/src/main.ts @@ -42,6 +42,9 @@ async function run(): Promise { if (inputs.target) { buildArgs.push('--target', inputs.target); } + if (inputs.allow) { + buildArgs.push('--allow', inputs.allow); + } if (inputs.noCache) { buildArgs.push('--no-cache'); }