docker/buildx
1
0
Fork 0
mirror of https://gitea.com/Lydanne/buildx.git synced 2025-05-18 09:17:49 +08:00
Code Issues Packages Projects Releases 1 Wiki Activity

bake: support compose build secrets

Browse Source 
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2022-04-14 01:27:55 +02:00
parent 3a90f99635
commit c0f8a8314b
No known key found for this signature in database
GPG Key ID: 3248E46B6BB8C7F7
2 changed files with 40 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
bake/compose.go
View File

@ -74,6 +74,16 @@ func ParseCompose(dt []byte) (*Config, error) {
dockerfilePath := s.Build.Dockerfile dockerfilePath := s.Build.Dockerfile
dockerfilePathP = &dockerfilePath dockerfilePathP = &dockerfilePath
} }
var secrets []string
for _, bs := range s.Build.Secrets {
secret, err := composeToBuildkitSecret(bs, cfg.Secrets[bs.Source])
if err != nil {
return nil, err
}
secrets = append(secrets, secret)
}
g.Targets = append(g.Targets, s.Name) g.Targets = append(g.Targets, s.Name)
t := &Target{ t := &Target{
Name: s.Name, Name: s.Name,
@ -89,6 +99,7 @@ func ParseCompose(dt []byte) (*Config, error) {
})), })),
CacheFrom: s.Build.CacheFrom, CacheFrom: s.Build.CacheFrom,
NetworkMode: &s.Build.Network, NetworkMode: &s.Build.Network,
Secrets: secrets,
} }
if err = t.composeExtTarget(s.Build.Extensions); err != nil { if err = t.composeExtTarget(s.Build.Extensions); err != nil {
return nil, err return nil, err
@ -209,3 +220,21 @@ func (t *Target) composeExtTarget(exts map[string]interface{}) error {
} }
return nil return nil
} }
// composeToBuildkitSecret converts secret from compose format to buildkit's
// csv format.
func composeToBuildkitSecret(inp compose.ServiceSecretConfig, psecret compose.SecretConfig) (string, error) {
if psecret.External.External {
return "", errors.Errorf("unsupported external secret %s", psecret.Name)
}
var bkattrs []string
if inp.Source != "" {
bkattrs = append(bkattrs, "id="+inp.Source)
}
if psecret.File != "" {
bkattrs = append(bkattrs, "src="+psecret.File)
}
return strings.Join(bkattrs, ","), nil
}

11
bake/compose_test.go
View File

@ -23,6 +23,13 @@ services:
none none
args: args:
buildno: 123 buildno: 123
secrets:
- ENV_TOKEN
- aws
secrets:
ENV_TOKEN: {}
aws:
file: /root/.aws/credentials
`) `)
c, err := ParseCompose(dt) c, err := ParseCompose(dt)
@ -46,6 +53,10 @@ services:
require.Equal(t, 1, len(c.Targets[1].Args)) require.Equal(t, 1, len(c.Targets[1].Args))
require.Equal(t, "123", c.Targets[1].Args["buildno"]) require.Equal(t, "123", c.Targets[1].Args["buildno"])
require.Equal(t, "none", *c.Targets[1].NetworkMode) require.Equal(t, "none", *c.Targets[1].NetworkMode)
require.Equal(t, []string{
"id=ENV_TOKEN",
"id=aws,src=/root/.aws/credentials",
}, c.Targets[1].Secrets)
} }
func TestNoBuildOutOfTreeService(t *testing.T) { func TestNoBuildOutOfTreeService(t *testing.T) {