context: only append flags if we know the driver supports them

Background: before this change, if i tried to use GHA with an experimental
driver, it would automatically append the flags

``
--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host
```

even if the underlying driver did not support them.

Signed-off-by: Nick Santos <nick.santos@docker.com>
This commit is contained in:
Nick Santos 2023-06-28 09:12:40 -04:00
parent ecf95283f0
commit 922550f064
No known key found for this signature in database
GPG key ID: DB427670C81C3850
4 changed files with 24 additions and 5 deletions

View file

@ -148,6 +148,21 @@ describe('getCreateArgs', () => {
'--buildkitd-flags', '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host', '--buildkitd-flags', '--allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
'--platform', 'linux/amd64,linux/arm64,linux/arm/v7' '--platform', 'linux/amd64,linux/arm64,linux/arm/v7'
] ]
],
[
7,
'v0.10.3',
new Map<string, string>([
['install', 'false'],
['use', 'false'],
['driver', 'unknown'],
['cleanup', 'true'],
]),
[
'create',
'--name', 'builder-9b1deb4d-3b7d-4bad-9bdd-2b0d7b3dcb6d',
'--driver', 'unknown',
]
] ]
])( ])(
'[%d] given buildx %s and %p as inputs, returns %p', '[%d] given buildx %s and %p as inputs, returns %p',

2
dist/index.js generated vendored

File diff suppressed because one or more lines are too long

2
dist/index.js.map generated vendored

File diff suppressed because one or more lines are too long

View file

@ -51,7 +51,7 @@ export async function getCreateArgs(inputs: Inputs, toolkit: Toolkit): Promise<A
await Util.asyncForEach(inputs.driverOpts, async driverOpt => { await Util.asyncForEach(inputs.driverOpts, async driverOpt => {
args.push('--driver-opt', driverOpt); args.push('--driver-opt', driverOpt);
}); });
if (inputs.driver != 'remote' && inputs.buildkitdFlags) { if (driverSupportsFlags(inputs.driver) && inputs.buildkitdFlags) {
args.push('--buildkitd-flags', inputs.buildkitdFlags); args.push('--buildkitd-flags', inputs.buildkitdFlags);
} }
} }
@ -61,7 +61,7 @@ export async function getCreateArgs(inputs: Inputs, toolkit: Toolkit): Promise<A
if (inputs.use) { if (inputs.use) {
args.push('--use'); args.push('--use');
} }
if (inputs.driver != 'remote') { if (driverSupportsFlags(inputs.driver)) {
if (inputs.config) { if (inputs.config) {
args.push('--config', toolkit.buildkit.config.resolveFromFile(inputs.config)); args.push('--config', toolkit.buildkit.config.resolveFromFile(inputs.config));
} else if (inputs.configInline) { } else if (inputs.configInline) {
@ -85,7 +85,7 @@ export async function getAppendArgs(inputs: Inputs, node: Node, toolkit: Toolkit
await Util.asyncForEach(node['driver-opts'], async driverOpt => { await Util.asyncForEach(node['driver-opts'], async driverOpt => {
args.push('--driver-opt', driverOpt); args.push('--driver-opt', driverOpt);
}); });
if (inputs.driver != 'remote' && node['buildkitd-flags']) { if (driverSupportsFlags(inputs.driver) && node['buildkitd-flags']) {
args.push('--buildkitd-flags', node['buildkitd-flags']); args.push('--buildkitd-flags', node['buildkitd-flags']);
} }
} }
@ -105,3 +105,7 @@ export async function getInspectArgs(inputs: Inputs, toolkit: Toolkit): Promise<
} }
return args; return args;
} }
function driverSupportsFlags(driver: string): boolean {
return driver == '' || driver == 'docker-container' || driver == 'docker' || driver == 'kubernetes';
}