actions/buildah-build
2
0
Fork 0
mirror of https://github.com/redhat-actions/buildah-build.git synced 2025-04-20 17:11:23 +00:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: actions:main
Branches Tags
actions:main
actions:dependabot/npm_and_yarn/word-wrap-1.2.4
actions:pr-75
actions:fix-multiarch
actions:v2.13
actions:v2.12
actions:v2
actions:v2.11
actions:v2.10
actions:v2.9
actions:v2.8
actions:v2.7
actions:v2.6
actions:v2.6.2
actions:v2.6.1
actions:v2.5.2
actions:v2.5
actions:v2.5.1
actions:v2.4
actions:v2.4.1
actions:v2.3
actions:v2.3.1
actions:v2.2
actions:v2.2.2
actions:v1
actions:v2.2.1
actions:v2.1
actions:v0.1
..
compare: actions:v2.9
Branches Tags
actions:main
actions:dependabot/npm_and_yarn/word-wrap-1.2.4
actions:pr-75
actions:fix-multiarch
actions:v2.13
actions:v2.12
actions:v2
actions:v2.11
actions:v2.10
actions:v2.9
actions:v2.8
actions:v2.7
actions:v2.6
actions:v2.6.2
actions:v2.6.1
actions:v2.5.2
actions:v2.5
actions:v2.5.1
actions:v2.4
actions:v2.4.1
actions:v2.3
actions:v2.3.1
actions:v2.2
actions:v2.2.2
actions:v1
actions:v2.2.1
actions:v2.1
actions:v0.1

No commits in common. "main" and "v2.9" have entirely different histories.
main ... v2.9

23 changed files with 4999 additions and 3785 deletions
Show stats Expand all files Collapse all files

15
.editorconfig
View file

@ -1,15 +0,0 @@
root = true
[*]
charset = utf-8
tab_width = 4
indent_size = 4
end_of_line = lf
indent_style = space
max_line_length = 120
insert_final_newline = true
trim_trailing_whitespace = true
[*.{yml,yaml}]
tab_width = 2
indent_size = 2

4
.github/install_latest_buildah.sh vendored
View file

@ -1,3 +1,7 @@
# https://github.com/containers/buildah/blob/main/install.md
. /etc/os-release
sudo sh -c "echo 'deb http://download.opensuse.org/repositories/devel:/kubic:/libcontainers:/stable/x${ID^}_${VERSION_ID}/ /' > /etc/apt/sources.list.d/devel:kubic:libcontainers:stable.list"
wget -nv https://download.opensuse.org/repositories/devel:kubic:libcontainers:stable/x${ID^}_${VERSION_ID}/Release.key -O Release.key
sudo apt-key add - < Release.key
sudo apt-get update -qq
sudo apt-get -qq -y install buildah

66
.github/workflows/check-lowercase.yaml vendored
View file

@ -1,66 +0,0 @@
# This workflow will perform a test whenever there
# is some change in code done to ensure that the changes
# are not buggy and we are getting the desired output.
name: Check Case Normalization
on:
push:
pull_request:
workflow_dispatch:
schedule:
- cron: '0 0 * * *' # every day at midnight
env:
IMAGE_NAME: ImageCaseTest
IMAGE_TAGS: v1 TagCaseTest
jobs:
build:
name: Build image using Buildah
runs-on: ubuntu-22.04
strategy:
fail-fast: false
matrix:
install_latest: [ true, false ]
steps:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
with:
path: "buildah-build"
- name: Install latest buildah
if: matrix.install_latest
run: |
bash buildah-build/.github/install_latest_buildah.sh
- name: Create Dockerfile
run: |
cat > Containerfile<<EOF
FROM busybox
RUN echo "hello world"
EOF
# Build image using Buildah action
- name: Build Image
id: build_image
uses: ./buildah-build/
with:
image: ${{ env.IMAGE_NAME }}
layers: false
tags: ${{ env.IMAGE_TAGS }}
containerfiles: |
./Containerfile
extra-args: |
--pull
- name: Echo Outputs
run: |
echo "Image: ${{ steps.build_image.outputs.image }}"
echo "Tags: ${{ steps.build_image.outputs.tags }}"
echo "Tagged Image: ${{ steps.build_image.outputs.image-with-tag }}"
# Check if image is build
- name: Check images created
run: buildah images

12
.github/workflows/ci.yml vendored
View file

@ -6,21 +6,21 @@ on:
jobs:
lint:
name: Run ESLint
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- run: npm ci
- run: npm run lint
check-dist:
name: Check Distribution
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
env:
BUNDLE_FILE: "dist/index.js"
BUNDLE_COMMAND: "npm run bundle"
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- name: Install
run: npm ci
@ -33,11 +33,11 @@ jobs:
check-inputs-outputs:
name: Check Input and Output enums
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
env:
IO_FILE: ./src/generated/inputs-outputs.ts
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- name: Install dependencies
run: npm ci

4
.github/workflows/containerfile_build.yml vendored
View file

@ -15,7 +15,7 @@ env:
jobs:
build:
name: Build image using Buildah
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -25,7 +25,7 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
path: "buildah-build"

45
.github/workflows/docker_metadata_action.yml vendored
View file

@ -1,7 +1,7 @@
# This workflow will perform a test whenever there
# is some change in code done to ensure that the changes
# are not buggy and we are getting the desired output.
name: Build with docker/metadata-action
name: Build with docker/metadata-action@v2
on:
push:
pull_request:
@ -12,7 +12,7 @@ on:
jobs:
build-containerfile:
name: Build image with Containerfile
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -25,11 +25,11 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
- name: Docker Metadata
id: docker-metadata
uses: docker/metadata-action@v4
uses: docker/metadata-action@v3
with:
images: |
${{ env.IMAGE_NAME }}
@ -88,7 +88,7 @@ jobs:
build-scratch:
name: Build image without Containerfile
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -103,11 +103,11 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
- name: Docker Metadata
id: docker-metadata
uses: docker/metadata-action@v4
uses: docker/metadata-action@v3
with:
images: |
${{ env.IMAGE_NAME }}
@ -128,18 +128,31 @@ jobs:
# Checkout spring-petclinic github repository
- name: Checkout spring-petclinic project
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
repository: "spring-projects/spring-petclinic"
path: ${{ env.PROJECT_DIR }}
# If none of these files has changed, we assume that the contents of
# .m2/repository can be fetched from the cache.
- name: Hash Maven files
working-directory: ${{ env.PROJECT_DIR }}
run: |
echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
# Download the m2 repository from the cache to speed up the build.
- name: Check for Maven cache
id: check-mvn-cache
uses: actions/cache@v2
with:
path: ${{ env.MVN_REPO_DIR }}
key: ${{ env.MVN_HASH }}
# Setup java.
- name: Setup Java
uses: actions/setup-java@v3
uses: actions/setup-java@v1
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
java-version: 11
# Run maven to build the project
- name: Maven
@ -147,6 +160,14 @@ jobs:
run: |
mvn package -ntp -B
# If there was no cache hit above, store the output into the cache now.
- name: Save Maven repo into cache
if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
uses: actions/cache@v2
with:
path: ${{ env.MVN_REPO_DIR }}
key: ${{ env.MVN_HASH }}
# Build image using Buildah action
- name: Build Image
id: build_image

4
.github/workflows/link_check.yml vendored
View file

@ -12,9 +12,9 @@ on:
jobs:
markdown-link-check:
name: Check links in markdown
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- uses: gaurav-nelson/github-action-markdown-link-check@v1
with:
use-verbose-mode: true

45
.github/workflows/multiarch.yml vendored
View file

@ -16,7 +16,7 @@ jobs:
name: Build multi-architecture image using Containerfile
env:
IMAGE_NAME: hello-world-multiarch
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -26,7 +26,7 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
path: "buildah-build"
@ -84,7 +84,7 @@ jobs:
name: Build multi-platform image using Containerfile
env:
IMAGE_NAME: hello-world-multiplatform
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -94,7 +94,7 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
path: "buildah-build"
@ -112,7 +112,7 @@ jobs:
run: |
cat > Containerfile<<EOF
FROM docker.io/alpine:3.16
FROM docker.io/alpine:3.14
RUN echo "hello world"
@ -151,7 +151,7 @@ jobs:
name: Build multi-architecture image from scratch
env:
IMAGE_NAME: spring-petclinic-multiarch
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -161,7 +161,7 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
path: "buildah-build"
@ -177,18 +177,31 @@ jobs:
# Checkout spring-petclinic github repository
- name: Checkout spring-petclinic project
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
repository: "spring-projects/spring-petclinic"
path: ${{ env.PROJECT_DIR }}
# If none of these files has changed, we assume that the contents of
# .m2/repository can be fetched from the cache.
- name: Hash Maven files
working-directory: ${{ env.PROJECT_DIR }}
run: |
echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
# Download the m2 repository from the cache to speed up the build.
- name: Check for Maven cache
id: check-mvn-cache
uses: actions/cache@v2
with:
path: ${{ env.MVN_REPO_DIR }}
key: ${{ env.MVN_HASH }}
# Setup java.
- name: Setup Java
uses: actions/setup-java@v3
uses: actions/setup-java@v1
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
java-version: 11
# Run maven to build the project
- name: Maven
@ -196,6 +209,14 @@ jobs:
run: |
mvn package -ntp -B
# If there was no cache hit above, store the output into the cache now.
- name: Save Maven repo into cache
if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
uses: actions/cache@v2
with:
path: ${{ env.MVN_REPO_DIR }}
key: ${{ env.MVN_HASH }}
- name: Build Image
id: build_image_multiarch
uses: ./buildah-build/

35
.github/workflows/scratch_build.yml vendored
View file

@ -17,7 +17,7 @@ env:
jobs:
build:
name: Build image using Buildah
runs-on: ubuntu-22.04
runs-on: ubuntu-20.04
strategy:
fail-fast: false
matrix:
@ -27,7 +27,7 @@ jobs:
# Checkout buildah action github repository
- name: Checkout Buildah action
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
path: "buildah-build"
@ -38,18 +38,31 @@ jobs:
# Checkout spring-petclinic github repository
- name: Checkout spring-petclinic project
uses: actions/checkout@v4
uses: actions/checkout@v2
with:
repository: "spring-projects/spring-petclinic"
path: ${{ env.PROJECT_DIR }}
# If none of these files has changed, we assume that the contents of
# .m2/repository can be fetched from the cache.
- name: Hash Maven files
working-directory: ${{ env.PROJECT_DIR }}
run: |
echo "MVN_HASH=${{ hashFiles('**/pom.xml', '.mvn/**/*', 'mvnw*') }}" >> $GITHUB_ENV
# Download the m2 repository from the cache to speed up the build.
- name: Check for Maven cache
id: check-mvn-cache
uses: actions/cache@v2
with:
path: ${{ env.MVN_REPO_DIR }}
key: ${{ env.MVN_HASH }}
# Setup java.
- name: Setup Java
uses: actions/setup-java@v3
uses: actions/setup-java@v1
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
java-version: 11
# Run maven to build the project
- name: Maven
@ -57,6 +70,14 @@ jobs:
run: |
mvn package -ntp -B
# If there was no cache hit above, store the output into the cache now.
- name: Save Maven repo into cache
if: ${{ steps.check-mvn-cache.outputs.cache-hit }} != 'true'
uses: actions/cache@v2
with:
path: ${{ env.MVN_REPO_DIR }}
key: ${{ env.MVN_HASH }}
# Build image using Buildah action
- name: Build Image
id: build_image

36
.github/workflows/security_scan.yml vendored
View file

@ -1,36 +0,0 @@
name: Vulnerability Scan with CRDA
on:
# push:
workflow_dispatch:
# pull_request_target:
# types: [ assigned, opened, synchronize, reopened, labeled, edited ]
# schedule:
# - cron: '0 0 * * *' # every day at midnight
jobs:
crda-scan:
runs-on: ubuntu-22.04
name: Scan project vulnerability with CRDA
steps:
- uses: actions/checkout@v4
- name: Setup Node
uses: actions/setup-node@v3
with:
node-version: '20'
cache: 'npm'
- name: Install CRDA
uses: redhat-actions/openshift-tools-installer@v1
with:
source: github
github_pat: ${{ github.token }}
crda: "latest"
- name: CRDA Scan
id: scan
uses: redhat-actions/crda@v1
with:
crda_key: ${{ secrets.CRDA_KEY }}
fail_on: never

1
.gitignore vendored
View file

@ -1,3 +1,2 @@
node_modules/
out/
.idea/

14
CHANGELOG.md
View file

@ -1,19 +1,5 @@
# buildah-build Changelog
## v2.13
- Update action to run on Node20. https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/
## v2.12
- Forcibly remove existing manifest before creating a new one. [#103](https://github.com/redhat-actions/buildah-build/pull/103)
## v2.11
- Update action to run on Node16. https://github.blog/changelog/2022-05-20-actions-can-now-run-in-a-node-js-16-runtime/
## v2.10
- Make image and tag in lowercase, if found in uppercase. https://github.com/redhat-actions/buildah-build/issues/89
- Add `--tls-verify` and `extra-args` input for `buildah from` command. https://github.com/redhat-actions/buildah-build/issues/92
- Remove kubic packages from test workflows. https://github.com/redhat-actions/buildah-build/issues/93
## v2.9
- Add support for multiple archs and platforms.
- Allow building image manifest if multi arch or platform is provided.

9
README.md
View file

@ -30,13 +30,12 @@ After building your image, use [push-to-registry](https://github.com/redhat-acti
| build-args | Build arguments to pass to the Docker build using `--build-arg`, if using a Containerfile that requires ARGs. Use the form `arg_name=arg_value`, and separate arguments with newlines. | None
| context | Path to directory to use as the build context. | `.`
| containerfiles\* | The list of Containerfile paths to perform a build using docker instructions. Separate filenames by newline. | **Required**
| extra-args | Extra args to be passed to `buildah bud`. Separate arguments by newline. Do not use quotes. | None
| extra-args | Extra args to be passed to buildah bud. Separate arguments by newline. Do not use quotes. | None
| image | Name to give to the output image. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | **Required** - unless all `tags` include image name
| layers | Set to true to cache intermediate layers during the build process. | None
| oci | Build the image using the OCI metadata format, instead of the Docker format. | `false`
| tags | One or more tags to give the new image. Separate by whitespace. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | `latest`
| labels | One or more labels to give the new image. Separate by newline. | None
| tls-verify | Require HTTPS and verify certificates when accessing the registry. Set to `false` to skip the verification | `true`
> \* The `containerfiles` input was previously `dockerfiles`. Refer to [this issue](https://github.com/redhat-actions/buildah-build/issues/57).
@ -57,8 +56,6 @@ After building your image, use [push-to-registry](https://github.com/redhat-acti
| tags | One or more tags to give the new image. Separate by whitespace. Refer to the [Image and Tag Inputs](#image-tag-inputs) section. | `latest`
| labels | One or more labels to give the new image. Separate by newline. | None
| workdir | The working directory to use within the container. | None
| extra-args | Extra args to be passed to `buildah from`. Separate arguments by newline. Do not use quotes. | None
| tls-verify | Require HTTPS and verify certificates when accessing the registry. Set to `false` to skip the verification. This will be used with `buildah from` command. | `true`
<a id="image-tag-inputs"></a>
### Image and Tags Inputs
@ -126,7 +123,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- name: Buildah Action
uses: redhat-actions/buildah-build@v2
@ -166,7 +163,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@v2
- run: mvn package

9
action.yml
View file

@ -74,14 +74,9 @@ inputs:
required: false
extra-args:
description: |
Extra args to be passed to buildah bud and buildah from.
Extra args to be passed to buildah bud.
Separate arguments by newline. Do not use quotes - @actions/exec will do the quoting for you.
required: false
tls-verify:
description: |
Require HTTPS and verify certificates when accessing the registry. Defaults to true.
required: false
default: 'true'
outputs:
image:
description: 'Name of the image built'
@ -90,5 +85,5 @@ outputs:
image-with-tag:
description: 'Name of the image tagged with the first tag present'
runs:
using: 'node20'
using: 'node12'
main: 'dist/index.js'

2
dist/index.js vendored
View file

File diff suppressed because one or more lines are too long

2
dist/index.js.map vendored
View file

File diff suppressed because one or more lines are too long

3911
dist/sourcemap-register.js vendored
View file

File diff suppressed because one or more lines are too long

4320
package-lock.json generated
View file

File diff suppressed because it is too large Load diff

32
package.json
View file

@ -1,8 +1,8 @@
{
"name": "buildah-build",
"version": "3.0",
"version": "1.0.0",
"engines": {
"node": "20"
"node": "12"
},
"description": "Action for building OCI-compatible images using buildah",
"repository": {
@ -21,21 +21,21 @@
"author": "Red Hat",
"license": "MIT",
"dependencies": {
"@actions/core": "1.10.1",
"@actions/exec": "1.1.1",
"@actions/io": "1.1.3",
"ini": "4.1.1"
"@actions/core": "^1.2.6",
"@actions/exec": "^1.0.4",
"@actions/io": "^1.0.2",
"ini": "^2.0.0"
},
"devDependencies": {
"@redhat-actions/action-io-generator": "1.5.0",
"@redhat-actions/eslint-config": "1.3.2",
"@redhat-actions/tsconfig": "1.2.0",
"@types/ini": "1.3.31",
"@types/node": "^20.0",
"@typescript-eslint/eslint-plugin": "6.7.3",
"@typescript-eslint/parser": "6.7.3",
"@vercel/ncc": "0.38.0",
"eslint": "8.50.0",
"typescript": "5.2.2"
"@redhat-actions/action-io-generator": "^1.5.0",
"@redhat-actions/eslint-config": "^1.3.2",
"@redhat-actions/tsconfig": "^1.1.1",
"@types/ini": "^1.3.30",
"@types/node": "^12",
"@typescript-eslint/eslint-plugin": "^4.28.2",
"@typescript-eslint/parser": "^4.28.2",
"@vercel/ncc": "^0.25.1",
"eslint": "^7.30.0",
"typescript": "^4.3.5"
}
}

54
src/buildah.ts
View file

@ -22,9 +22,9 @@ interface Buildah {
buildUsingDocker(
image: string, context: string, containerFiles: string[], buildArgs: string[],
useOCI: boolean, labels: string[], layers: string,
extraArgs: string[], tlsVerify: boolean, arch?: string, platform?: string,
extraArgs: string[], arch?: string, platform?: string,
): Promise<CommandResult>;
from(baseImage: string, tlsVerify: boolean, extraArgs: string[]): Promise<CommandResult>;
from(baseImage: string): Promise<CommandResult>;
config(container: string, setting: BuildahConfigSettings): Promise<CommandResult>;
copy(container: string, contentToCopy: string[]): Promise<CommandResult | undefined>;
commit(container: string, newImageName: string, useOCI: boolean): Promise<CommandResult>;
@ -66,17 +66,9 @@ export class BuildahCli implements Buildah {
}
async buildUsingDocker(
image: string,
context: string,
containerFiles: string[],
buildArgs: string[],
useOCI: boolean,
labels: string[],
layers: string,
extraArgs: string[],
tlsVerify: boolean,
arch?: string,
platform?: string
image: string, context: string, containerFiles: string[], buildArgs: string[],
useOCI: boolean, labels: string[], layers: string,
extraArgs: string[], arch?: string, platform?: string
): Promise<CommandResult> {
const args: string[] = [ "bud" ];
if (arch) {
@ -100,7 +92,6 @@ export class BuildahCli implements Buildah {
args.push(buildArg);
});
args.push(...BuildahCli.getImageFormatOption(useOCI));
args.push(`--tls-verify=${tlsVerify}`);
if (layers) {
args.push(`--layers=${layers}`);
}
@ -113,14 +104,8 @@ export class BuildahCli implements Buildah {
return this.execute(args);
}
async from(baseImage: string, tlsVerify: boolean, extraArgs: string[]): Promise<CommandResult> {
const args: string[] = [ "from" ];
args.push(`--tls-verify=${tlsVerify}`);
if (extraArgs.length > 0) {
args.push(...extraArgs);
}
args.push(baseImage);
return this.execute(args);
async from(baseImage: string): Promise<CommandResult> {
return this.execute([ "from", baseImage ]);
}
async copy(container: string, contentToCopy: string[], contentPath?: string): Promise<CommandResult | undefined> {
@ -130,9 +115,8 @@ export class BuildahCli implements Buildah {
core.debug("copy");
core.debug(container);
core.debug("content: " + contentToCopy.join(" "));
if (contentToCopy.length > 0) {
const args: string[] = [ "copy", container ].concat(contentToCopy);
for (const content of contentToCopy) {
const args: string[] = [ "copy", container, content ];
if (contentPath) {
args.push(contentPath);
}
@ -201,26 +185,6 @@ export class BuildahCli implements Buildah {
core.info(`✅ Successfully built image${builtImage.length !== 1 ? "s" : ""} "${builtImage.join(", ")}"`);
}
// Unfortunately buildah doesn't support the exists command yet
// https://github.com/containers/buildah/issues/4217
// async manifestExists(manifest: string): Promise<boolean> {
// const args: string[] = [ "manifest", "exists" ];
// args.push(manifest);
// const execOptions: exec.ExecOptions = {ignoreReturnCode: true};
// core.info(`Checking if manifest ${manifest} exists`);
// const {exitCode} = await this.execute(args, execOptions);
// return exitCode ? false : true;
// }
async manifestRm(manifest: string): Promise<void> {
const execOptions: exec.ExecOptions = { ignoreReturnCode: true };
const args: string[] = [ "manifest", "rm" ];
args.push(manifest);
core.info(`Removing existing manifest ${manifest}`);
await this.execute(args, execOptions);
}
async manifestCreate(manifest: string): Promise<void> {
const args: string[] = [ "manifest", "create" ];
args.push(manifest);

8
src/generated/inputs-outputs.ts
View file

@ -62,7 +62,7 @@ export enum Inputs {
*/
ENVS = "envs",
/**
* Extra args to be passed to buildah bud and buildah from.
* Extra args to be passed to buildah bud.
* Separate arguments by newline. Do not use quotes - @actions/exec will do the quoting for you.
* Required: false
* Default: None.
@ -118,12 +118,6 @@ export enum Inputs {
* Default: "latest"
*/
TAGS = "tags",
/**
* Require HTTPS and verify certificates when accessing the registry. Defaults to true.
* Required: false
* Default: "true"
*/
TLS_VERIFY = "tls-verify",
/**
* The working directory to use within the container
* Required: false

144
src/index.ts
View file

@ -37,45 +37,22 @@ export async function run(): Promise<void> {
const labels = core.getInput(Inputs.LABELS);
const labelsList: string[] = labels ? splitByNewline(labels) : [];
const normalizedTagsList: string[] = [];
let isNormalized = false;
for (const tag of tagsList) {
normalizedTagsList.push(tag.toLowerCase());
if (tag.toLowerCase() !== tag) {
isNormalized = true;
}
}
const normalizedImage = image.toLowerCase();
if (isNormalized || image !== normalizedImage) {
core.warning(`Reference to image and/or tag must be lowercase.`
+ ` Reference has been converted to be compliant with standard.`);
}
// info message if user doesn't provides any tag
if (tagsList.length === 0) {
core.info(`Input "${Inputs.TAGS}" is not provided, using default tag "${DEFAULT_TAG}"`);
tagsList.push(DEFAULT_TAG);
}
const inputExtraArgsStr = core.getInput(Inputs.EXTRA_ARGS);
let buildahExtraArgs: string[] = [];
if (inputExtraArgsStr) {
// transform the array of lines into an array of arguments
// by splitting over lines, then over spaces, then trimming.
const lines = splitByNewline(inputExtraArgsStr);
buildahExtraArgs = lines.flatMap((line) => line.split(" ")).map((arg) => arg.trim());
}
// check if all tags provided are in `image:tag` format
const isFullImageNameTag = isFullImageName(normalizedTagsList[0]);
if (normalizedTagsList.some((tag) => isFullImageName(tag) !== isFullImageNameTag)) {
const isFullImageNameTag = isFullImageName(tagsList[0]);
if (tagsList.some((tag) => isFullImageName(tag) !== isFullImageNameTag)) {
throw new Error(`Input "${Inputs.TAGS}" cannot have a mix of full name and non full name tags. Refer to https://github.com/redhat-actions/buildah-build#image-tag-inputs`);
}
if (!isFullImageNameTag && !normalizedImage) {
if (!isFullImageNameTag && !image) {
throw new Error(`Input "${Inputs.IMAGE}" must be provided when not using full image name tags. Refer to https://github.com/redhat-actions/buildah-build#image-tag-inputs`);
}
const newImage = getFullImageName(normalizedImage, normalizedTagsList[0]);
const newImage = getFullImageName(image, tagsList[0]);
const useOCI = core.getInput(Inputs.OCI) === "true";
const archs = getArch();
@ -87,33 +64,21 @@ export async function run(): Promise<void> {
const builtImage = [];
if (containerFiles.length !== 0) {
builtImage.push(...await doBuildUsingContainerFiles(
cli,
newImage,
workspace,
containerFiles,
useOCI,
archs,
platforms,
labelsList,
buildahExtraArgs
));
builtImage.push(...await doBuildUsingContainerFiles(cli, newImage, workspace, containerFiles, useOCI,
archs, platforms, labelsList));
}
else {
if (platforms.length > 0) {
throw new Error("The --platform option is not supported for builds without containerfiles.");
}
builtImage.push(...await doBuildFromScratch(cli, newImage, useOCI, archs, labelsList, buildahExtraArgs));
builtImage.push(...await doBuildFromScratch(cli, newImage, useOCI, archs, labelsList));
}
if ((archs.length > 1) || (platforms.length > 1)) {
core.info(`Creating manifest with tag${normalizedTagsList.length !== 1 ? "s" : ""} `
+ `"${normalizedTagsList.join(", ")}"`);
core.info(`Creating manifest with tag${tagsList.length !== 1 ? "s" : ""} "${tagsList.join(", ")}"`);
const builtManifest = [];
for (const tag of normalizedTagsList) {
const manifestName = getFullImageName(normalizedImage, tag);
// Force-remove existing manifest to prevent errors on recurring build on the same machine
await cli.manifestRm(manifestName);
for (const tag of tagsList) {
const manifestName = getFullImageName(image, tag);
await cli.manifestCreate(manifestName);
builtManifest.push(manifestName);
@ -131,28 +96,21 @@ export async function run(): Promise<void> {
core.info(`✅ Successfully built image${builtImage.length !== 1 ? "s" : ""} "${builtImage.join(", ")}" `
+ `and manifest${builtManifest.length !== 1 ? "s" : ""} "${builtManifest.join(", ")}"`);
}
else if (normalizedTagsList.length > 1) {
await cli.tag(normalizedImage, normalizedTagsList);
else if (tagsList.length > 1) {
await cli.tag(image, tagsList);
}
else if (normalizedTagsList.length === 1) {
core.info(`✅ Successfully built image "${getFullImageName(normalizedImage, normalizedTagsList[0])}"`);
else if (tagsList.length === 1) {
core.info(`✅ Successfully built image "${getFullImageName(image, tagsList[0])}"`);
}
core.setOutput(Outputs.IMAGE, normalizedImage);
core.setOutput(Outputs.IMAGE, image);
core.setOutput(Outputs.TAGS, tags);
core.setOutput(Outputs.IMAGE_WITH_TAG, newImage);
}
async function doBuildUsingContainerFiles(
cli: BuildahCli,
newImage: string,
workspace: string,
containerFiles: string[],
useOCI: boolean,
archs: string[],
platforms: string[],
labels: string[],
extraArgs: string[]
cli: BuildahCli, newImage: string, workspace: string, containerFiles: string[], useOCI: boolean, archs: string[],
platforms: string[], labels: string[],
): Promise<string[]> {
if (containerFiles.length === 1) {
core.info(`Performing build from Containerfile`);
@ -165,8 +123,15 @@ async function doBuildUsingContainerFiles(
const buildArgs = getInputList(Inputs.BUILD_ARGS);
const containerFileAbsPaths = containerFiles.map((file) => path.join(workspace, file));
const layers = core.getInput(Inputs.LAYERS);
const tlsVerify = core.getInput(Inputs.TLS_VERIFY) === "true";
const inputExtraArgsStr = core.getInput(Inputs.EXTRA_ARGS);
let buildahBudExtraArgs: string[] = [];
if (inputExtraArgsStr) {
// transform the array of lines into an array of arguments
// by splitting over lines, then over spaces, then trimming.
const lines = splitByNewline(inputExtraArgsStr);
buildahBudExtraArgs = lines.flatMap((line) => line.split(" ")).map((arg) => arg.trim());
}
const builtImage = [];
// since multi arch image can not have same tag
// therefore, appending arch/platform in the tag
@ -179,16 +144,8 @@ async function doBuildUsingContainerFiles(
tagSuffix = `-${removeIllegalCharacters(arch)}`;
}
await cli.buildUsingDocker(
`${newImage}${tagSuffix}`,
context,
containerFileAbsPaths,
buildArgs,
useOCI,
labels,
layers,
extraArgs,
tlsVerify,
arch
`${newImage}${tagSuffix}`, context, containerFileAbsPaths, buildArgs,
useOCI, labels, layers, buildahBudExtraArgs, arch, undefined
);
builtImage.push(`${newImage}${tagSuffix}`);
}
@ -199,17 +156,8 @@ async function doBuildUsingContainerFiles(
tagSuffix = `-${removeIllegalCharacters(platform)}`;
}
await cli.buildUsingDocker(
`${newImage}${tagSuffix}`,
context,
containerFileAbsPaths,
buildArgs,
useOCI,
labels,
layers,
extraArgs,
tlsVerify,
undefined,
platform
`${newImage}${tagSuffix}`, context, containerFileAbsPaths, buildArgs,
useOCI, labels, layers, buildahBudExtraArgs, undefined, platform
);
builtImage.push(`${newImage}${tagSuffix}`);
}
@ -217,31 +165,15 @@ async function doBuildUsingContainerFiles(
else if (archs.length === 1 || platforms.length === 1) {
await cli.buildUsingDocker(
newImage,
context,
containerFileAbsPaths,
buildArgs,
useOCI,
labels,
layers,
extraArgs,
tlsVerify,
archs[0],
platforms[0]
newImage, context, containerFileAbsPaths, buildArgs,
useOCI, labels, layers, buildahBudExtraArgs, archs[0], platforms[0]
);
builtImage.push(newImage);
}
else {
await cli.buildUsingDocker(
newImage,
context,
containerFileAbsPaths,
buildArgs,
useOCI,
labels,
layers,
extraArgs,
tlsVerify
newImage, context, containerFileAbsPaths, buildArgs,
useOCI, labels, layers, buildahBudExtraArgs
);
builtImage.push(newImage);
}
@ -250,12 +182,7 @@ async function doBuildUsingContainerFiles(
}
async function doBuildFromScratch(
cli: BuildahCli,
newImage: string,
useOCI: boolean,
archs: string[],
labels: string[],
extraArgs: string[]
cli: BuildahCli, newImage: string, useOCI: boolean, archs: string[], labels: string[],
): Promise<string[]> {
core.info(`Performing build from scratch`);
@ -265,9 +192,8 @@ async function doBuildFromScratch(
const port = core.getInput(Inputs.PORT);
const workingDir = core.getInput(Inputs.WORKDIR);
const envs = getInputList(Inputs.ENVS);
const tlsVerify = core.getInput(Inputs.TLS_VERIFY) === "true";
const container = await cli.from(baseImage, tlsVerify, extraArgs);
const container = await cli.from(baseImage);
const containerId = container.output.replace("\n", "");
const builtImage = [];

4
src/utils.ts
View file

@ -55,9 +55,7 @@ export async function findFuseOverlayfsPath(): Promise<string | undefined> {
fuseOverlayfsPath = await io.which("fuse-overlayfs");
}
catch (err) {
if (err instanceof Error) {
core.debug(err.message);
}
core.debug(err);
}
return fuseOverlayfsPath;