Merge pull request #185 from crazy-max/fix-iidfile

Do not set --iidfile flag if local or tar exporters are used

.github/workflows/ci.yml

@@ -9,6 +9,27 @@ on:
       - master
 
 jobs:
+  minimal:
+    runs-on: ubuntu-latest
+    steps:
+      -
+        name: Checkout
+        uses: actions/checkout@v2.3.3
+        with:
+          path: action
+      -
+        name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+      -
+        name: Build
+        uses: ./action
+        with:
+          file: ./test/Dockerfile
+      -
+        name: Dump context
+        if: always()
+        uses: crazy-max/ghaction-dump-context@v1
+
   git-context:
     runs-on: ubuntu-latest
     services:
@@ -240,6 +261,7 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v1
         with:
+          # TODO: Remove image=moby/buildkit:buildx-stable-1 when moby/buildkit#1727 fixed
           driver-opts: |
             network=host
             image=moby/buildkit:buildx-stable-1
@@ -327,6 +349,7 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v1
         with:
+          # TODO: Remove image=moby/buildkit:buildx-stable-1 when moby/buildkit#1727 fixed
           driver-opts: |
             network=host
             image=moby/buildkit:buildx-stable-1
@@ -391,6 +414,7 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v1
         with:
+          # TODO: Remove image=moby/buildkit:buildx-stable-1 when moby/buildkit#1727 fixed
           driver-opts: |
             network=host
             image=moby/buildkit:buildx-stable-1

README.md

@@ -56,7 +56,7 @@ build-secrets, remote cache, etc. and different builder deployment/namespacing o
 
 ### Git context
 
-The default behavior of this action is to use the [Git context invoked by your workflow](https://github.com/docker/build-push-action/blob/master/src/context.ts#L10-L12).
+The default behavior of this action is to use the [Git context invoked by your workflow](https://github.com/docker/build-push-action/blob/master/src/context.ts#L31-L35).
 
 ```yaml
 name: ci

__tests__/buildx.test.ts

@@ -1,10 +1,24 @@
-import fs from 'fs';
+import * as fs from 'fs';
+import * as path from 'path';
 import * as semver from 'semver';
 import * as buildx from '../src/buildx';
 import * as exec from '@actions/exec';
+import * as context from '../src/context';
 
 const digest = 'sha256:bfb45ab72e46908183546477a08f8867fc40cebadd00af54b071b097aed127a9';
 
+jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
+  const tmpDir = path.join('/tmp/.docker-build-push-jest').split(path.sep).join(path.posix.sep);
+  if (!fs.existsSync(tmpDir)) {
+    fs.mkdirSync(tmpDir, {recursive: true});
+  }
+  return tmpDir;
+});
+
+jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
+  return path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
+});
+
 describe('getImageID', () => {
   it('matches', async () => {
     const imageIDFile = await buildx.getImageIDFile();
@@ -16,6 +30,66 @@ describe('getImageID', () => {
   });
 });
 
+describe('isLocalOrTarExporter', () => {
+  // prettier-ignore
+  test.each([
+    [
+      [
+        'type=registry,ref=user/app',
+      ],
+      false
+    ],
+    [
+      [
+        'type=docker',
+      ],
+      false
+    ],
+    [
+      [
+        'type=local,dest=./release-out'
+      ],
+      true
+    ],
+    [
+      [
+        'type=tar,dest=/tmp/image.tar'
+      ],
+      true
+    ],
+    [
+      [
+        'type=docker',
+        'type=tar,dest=/tmp/image.tar'
+      ],
+      true
+    ],
+    [
+      [
+        '"type=tar","dest=/tmp/image.tar"'
+      ],
+      true
+    ],
+    [
+      [
+        '" type= local" , dest=./release-out'
+      ],
+      true
+    ],
+    [
+      [
+        '.'
+      ],
+      true
+    ],
+  ])(
+    'given %p returns %p',
+    async (outputs: Array<string>, expected: boolean) => {
+      expect(buildx.isLocalOrTarExporter(outputs)).toEqual(expected);
+    }
+  );
+});
+
 describe('getVersion', () => {
   it('valid', async () => {
     await exec.exec('docker', ['buildx', 'version']);

__tests__/context.test.ts

@@ -1,4 +1,120 @@
+import * as fs from 'fs';
+import * as path from 'path';
 import * as context from '../src/context';
+import * as buildx from '../src/buildx';
+
+jest.spyOn(context, 'defaultContext').mockImplementation((): string => {
+  return 'https://github.com/docker/build-push-action.git#test-jest';
+});
+
+jest.spyOn(context, 'tmpDir').mockImplementation((): string => {
+  const tmpDir = path.join('/tmp/.docker-build-push-jest').split(path.sep).join(path.posix.sep);
+  if (!fs.existsSync(tmpDir)) {
+    fs.mkdirSync(tmpDir, {recursive: true});
+  }
+  return tmpDir;
+});
+
+jest.spyOn(context, 'tmpNameSync').mockImplementation((): string => {
+  return path.join('/tmp/.docker-build-push-jest', '.tmpname-jest').split(path.sep).join(path.posix.sep);
+});
+
+describe('getArgs', () => {
+  beforeEach(() => {
+    process.env = Object.keys(process.env).reduce((object, key) => {
+      if (!key.startsWith('INPUT_')) {
+        object[key] = process.env[key];
+      }
+      return object;
+    }, {});
+  });
+
+  // prettier-ignore
+  test.each([
+    [
+      '0.4.2',
+      new Map<string, string>([
+        // noop
+      ]),
+      [
+        'buildx',
+        'build',
+        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--file', 'Dockerfile',
+        'https://github.com/docker/build-push-action.git#test-jest'
+      ]
+    ],
+    [
+      '0.4.2',
+      new Map<string, string>([
+        ['context', '.'],
+        ['outputs', 'type=local,dest=./release-out']
+      ]),
+      [
+        'buildx',
+        'build',
+        '--output', 'type=local,dest=./release-out',
+        '--file', 'Dockerfile',
+        '.'
+      ]
+    ],
+    [
+      '0.4.1',
+      new Map<string, string>([
+        ['context', '.']
+      ]),
+      [
+        'buildx',
+        'build',
+        '--file', 'Dockerfile',
+        '.'
+      ]
+    ],
+    [
+      '0.4.2',
+      new Map<string, string>([
+        ['context', '.'],
+        ['secrets', 'GIT_AUTH_TOKEN=abcdefghijklmno0123456789'],
+      ]),
+      [
+        'buildx',
+        'build',
+        '--iidfile', '/tmp/.docker-build-push-jest/iidfile',
+        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--file', 'Dockerfile',
+        '.'
+      ]
+    ],
+    [
+      '0.4.2',
+      new Map<string, string>([
+        ['github-token', 'abcdefghijklmno0123456789'],
+        ['outputs', '.']
+      ]),
+      [
+        'buildx',
+        'build',
+        '--output', '.',
+        '--secret', 'id=GIT_AUTH_TOKEN,src=/tmp/.docker-build-push-jest/.tmpname-jest',
+        '--file', 'Dockerfile',
+        'https://github.com/docker/build-push-action.git#test-jest'
+      ]
+    ]
+  ])(
+    'given %p with %p as inputs, returns %p',
+    async (buildxVersion: string, inputs: Map<string, any>, expected: Array<string>) => {
+      await inputs.forEach((value: string, name: string) => {
+        setInput(name, value);
+      });
+      const defContext = context.defaultContext();
+      const inp = await context.getInputs(defContext);
+      console.log(inp);
+      const res = await context.getArgs(inp, defContext, buildxVersion);
+      console.log(res);
+      expect(res).toEqual(expected);
+    }
+  );
+});
 
 describe('getInputList', () => {
   it('handles single line correctly', async () => {

jest.config.js

@@ -1,5 +1,5 @@
 module.exports = {
-  clearMocks: true,
+  clearMocks: false,
   moduleFileExtensions: ['js', 'ts'],
   setupFiles: ["dotenv/config"],
   testEnvironment: 'node',

package.json

@@ -31,10 +31,12 @@
     "@actions/core": "^1.2.6",
     "@actions/exec": "^1.0.4",
     "@actions/github": "^4.0.0",
+    "csv-parse": "^4.12.0",
     "semver": "^7.3.2",
     "tmp": "^0.2.1"
   },
   "devDependencies": {
+    "@types/csv-parse": "^1.2.2",
     "@types/jest": "^26.0.3",
     "@types/node": "^14.0.14",
     "@types/tmp": "^0.2.0",

src/buildx.ts

@@ -1,12 +1,12 @@
 import fs from 'fs';
 import path from 'path';
-import tmp from 'tmp';
+import csvparse from 'csv-parse/lib/sync';
 import * as semver from 'semver';
 import * as context from './context';
 import * as exec from './exec';
 
 export async function getImageIDFile(): Promise<string> {
-  return path.join(context.tmpDir, 'iidfile');
+  return path.join(context.tmpDir(), 'iidfile').split(path.sep).join(path.posix.sep);
 }
 
 export async function getImageID(): Promise<string | undefined> {
@@ -19,13 +19,43 @@ export async function getImageID(): Promise<string | undefined> {
 
 export async function getSecret(kvp: string): Promise<string> {
   const [key, value] = kvp.split('=');
-  const secretFile = tmp.tmpNameSync({
-    tmpdir: context.tmpDir
+  const secretFile = context.tmpNameSync({
+    tmpdir: context.tmpDir()
   });
   await fs.writeFileSync(secretFile, value);
   return `id=${key},src=${secretFile}`;
 }
 
+export function isLocalOrTarExporter(outputs: string[]): Boolean {
+  for (let output of csvparse(outputs.join(`\n`), {
+    delimiter: ',',
+    trim: true,
+    columns: false,
+    relax_column_count: true
+  })) {
+    // Local if no type is defined
+    // https://github.com/docker/buildx/blob/d2bf42f8b4784d83fde17acb3ed84703ddc2156b/build/output.go#L29-L43
+    if (output.length == 1 && !output[0].startsWith('type=')) {
+      return true;
+    }
+    for (let [key, value] of output.map(chunk => chunk.split('=').map(item => item.trim()))) {
+      if (key == 'type' && (value == 'local' || value == 'tar')) {
+        return true;
+      }
+    }
+  }
+  return false;
+}
+
+export function hasGitAuthToken(secrets: string[]): Boolean {
+  for (let secret of secrets) {
+    if (secret.startsWith('GIT_AUTH_TOKEN=')) {
+      return true;
+    }
+  }
+  return false;
+}
+
 export async function isAvailable(): Promise<Boolean> {
   return await exec.exec(`docker`, ['buildx'], true).then(res => {
     if (res.stderr != '' && !res.success) {

src/context.ts

@@ -2,15 +2,11 @@ import * as fs from 'fs';
 import * as os from 'os';
 import * as path from 'path';
 import * as semver from 'semver';
+import * as tmp from 'tmp';
 import * as buildx from './buildx';
 import * as core from '@actions/core';
 import * as github from '@actions/github';
 
-export const tmpDir: string = fs.mkdtempSync(path.join(os.tmpdir(), 'docker-build-push-'));
-const defaultContext: string = `https://github.com/${github.context.repo.owner}/${
-  github.context.repo.repo
-}.git#${github.context.ref.replace(/^refs\//, '')}`;
-
 export interface Inputs {
   context: string;
   file: string;
@@ -32,7 +28,21 @@ export interface Inputs {
   githubToken: string;
 }
 
-export async function getInputs(): Promise<Inputs> {
+export function defaultContext(): string {
+  return `https://github.com/${github.context.repo.owner}/${
+    github.context.repo.repo
+  }.git#${github.context?.ref?.replace(/^refs\//, '')}`;
+}
+
+export function tmpDir(): string {
+  return fs.mkdtempSync(path.join(os.tmpdir(), 'docker-build-push-')).split(path.sep).join(path.posix.sep);
+}
+
+export function tmpNameSync(options?: tmp.TmpNameOptions): string {
+  return tmp.tmpNameSync(options);
+}
+
+export async function getInputs(defaultContext: string): Promise<Inputs> {
   return {
     context: core.getInput('context') || defaultContext,
     file: core.getInput('file') || 'Dockerfile',
@@ -55,15 +65,15 @@ export async function getInputs(): Promise<Inputs> {
   };
 }
 
-export async function getArgs(inputs: Inputs, buildxVersion: string): Promise<Array<string>> {
+export async function getArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
   let args: Array<string> = ['buildx'];
-  args.push.apply(args, await getBuildArgs(inputs, buildxVersion));
+  args.push.apply(args, await getBuildArgs(inputs, defaultContext, buildxVersion));
   args.push.apply(args, await getCommonArgs(inputs));
   args.push(inputs.context);
   return args;
 }
 
-async function getBuildArgs(inputs: Inputs, buildxVersion: string): Promise<Array<string>> {
+async function getBuildArgs(inputs: Inputs, defaultContext: string, buildxVersion: string): Promise<Array<string>> {
   let args: Array<string> = ['build'];
   await asyncForEach(inputs.buildArgs, async buildArg => {
     args.push('--build-arg', buildArg);
@@ -83,26 +93,27 @@ async function getBuildArgs(inputs: Inputs, buildxVersion: string): Promise<Arra
   if (inputs.platforms.length > 0) {
     args.push('--platform', inputs.platforms.join(','));
   }
-  if (inputs.platforms.length == 0 || semver.satisfies(buildxVersion, '>=0.4.2')) {
-    args.push('--iidfile', await buildx.getImageIDFile());
-  }
   await asyncForEach(inputs.outputs, async output => {
     args.push('--output', output);
   });
+  // TODO: Remove platforms length cond when buildx >0.4.2 available on runner (docker/buildx#351)
+  if (
+    inputs.platforms.length == 0 &&
+    !buildx.isLocalOrTarExporter(inputs.outputs) &&
+    semver.satisfies(buildxVersion, '>=0.4.2')
+  ) {
+    args.push('--iidfile', await buildx.getImageIDFile());
+  }
   await asyncForEach(inputs.cacheFrom, async cacheFrom => {
     args.push('--cache-from', cacheFrom);
   });
   await asyncForEach(inputs.cacheTo, async cacheTo => {
     args.push('--cache-to', cacheTo);
   });
-  let hasGitAuthToken: boolean = false;
   await asyncForEach(inputs.secrets, async secret => {
-    if (secret.startsWith('GIT_AUTH_TOKEN=')) {
-      hasGitAuthToken = true;
-    }
     args.push('--secret', await buildx.getSecret(secret));
   });
-  if (inputs.githubToken && !hasGitAuthToken && inputs.context == defaultContext) {
+  if (inputs.githubToken && !buildx.hasGitAuthToken(inputs.secrets) && inputs.context == defaultContext) {
     args.push('--secret', await buildx.getSecret(`GIT_AUTH_TOKEN=${inputs.githubToken}`));
   }
   if (inputs.file) {

src/main.ts

@@ -17,15 +17,16 @@ async function run(): Promise<void> {
       core.setFailed(`Buildx is required. See https://github.com/docker/setup-buildx-action to set up buildx.`);
       return;
     }
-    stateHelper.setTmpDir(context.tmpDir);
+    stateHelper.setTmpDir(context.tmpDir());
 
     const buildxVersion = await buildx.getVersion();
     core.info(`📣 Buildx version: ${buildxVersion}`);
 
-    let inputs: context.Inputs = await context.getInputs();
+    const defContext = context.defaultContext();
+    let inputs: context.Inputs = await context.getInputs(defContext);
 
     core.info(`🏃 Starting build...`);
-    const args: string[] = await context.getArgs(inputs, buildxVersion);
+    const args: string[] = await context.getArgs(inputs, defContext, buildxVersion);
     await exec.exec('docker', args);
 
     const imageID = await buildx.getImageID();

yarn.lock

@@ -636,6 +636,13 @@
   resolved "https://registry.yarnpkg.com/@types/color-name/-/color-name-1.1.1.tgz#1c1261bbeaa10a8055bbc5d8ab84b7b2afc846a0"
   integrity sha512-rr+OQyAjxze7GgWrSaJwydHStIhHq2lvY3BOC2Mj7KnzI7XK0Uw1TOOdI9lDoajEbSWLiYgoo4f1R51erQfhPQ==
 
+"@types/csv-parse@^1.2.2":
+  version "1.2.2"
+  resolved "https://registry.yarnpkg.com/@types/csv-parse/-/csv-parse-1.2.2.tgz#713486235759d615dc8e6a6a979170ada76701d5"
+  integrity sha512-k33tLtRKTQxf7hQfMlkWoS2TQYsnpk1ibZN+rzbuCkeBs8m23nHTeDTF1wb/e7/MSLdtgCzqu3oM1I101kd6yw==
+  dependencies:
+    csv-parse "*"
+
 "@types/graceful-fs@^4.1.2":
   version "4.1.3"
   resolved "https://registry.yarnpkg.com/@types/graceful-fs/-/graceful-fs-4.1.3.tgz#039af35fe26bec35003e8d86d2ee9c586354348f"
@@ -1229,6 +1236,11 @@ cssstyle@^2.2.0:
   dependencies:
     cssom "~0.3.6"
 
+csv-parse@*, csv-parse@^4.12.0:
+  version "4.12.0"
+  resolved "https://registry.yarnpkg.com/csv-parse/-/csv-parse-4.12.0.tgz#fd42d6291bbaadd51d3009f6cadbb3e53b4ce026"
+  integrity sha512-wPQl3H79vWLPI8cgKFcQXl0NBgYYEqVnT1i6/So7OjMpsI540oD7p93r3w6fDSyPvwkTepG05F69/7AViX2lXg==
+
 dashdash@^1.12.0:
   version "1.14.1"
   resolved "https://registry.yarnpkg.com/dashdash/-/dashdash-1.14.1.tgz#853cfa0f7cbe2fed5de20326b8dd581035f6e2f0"