Closed elias-lundgren closed 9 months ago
@crazy-max bumped the toolkit to the rc ;)
It seems you forgot to run
docker buildx bake pre-checkin
.Also can you add a test in
I was also wondering if we should check for secret id collision but can be a follow-up.
I added some tests that passed here: https://github.com/docker/build-push-action/pull/980/files#diff-35112c3ed4be2816f18f19320c9c2e1fd2d10fede1dbd6ee023d75fe963ea722R622-R664 not sure if they are enough though. Also baked it as you said :)
Missing input in
action.yml
.Also squash your commits similar to https://github.com/docker/build-push-action/pull/957/commits. Thanks.
Not sure what you mean with the missing input as it is added here: https://github.com/docker/build-push-action/blob/4a0c05ce18d3e0967bdb0f790c39475ffcce40ad/action.yml#L83-L85
I will squash the commits :)
Not sure what you mean with the missing input as it is added here:
Sorry I'm blind :sweat_smile:
I will squash the commits :)
:pray:
There we go, hope it's good!
There we go, hope it's good!
Sorry for the misunderstanding but I was expected two commits:
feat: add secret-envs input
chore: update generated content
that is just the result of docker buildx bake pre-checkin
in ./dist
like https://github.com/docker/build-push-action/pull/957/commits/ec39ef320c442d2af669fd8555e7f3b7ad7026bd as this is just generated content. See the history.I have renamed your PR title so we are aligned.
There we go, hope it's good!
Sorry for the misunderstanding but I was expected two commits:
feat: add secret-envs input
chore: update generated content
that is just the result ofdocker buildx bake pre-checkin
in./dist
like ec39ef3 as this is just generated content. See the history.I have renamed your PR title so we are aligned.
No worries! Hopefully it's right this time.
The actions-toolkit is still on the rc.1, just wanted that known :)
The actions-toolkit is still on the rc.1, just wanted that known :)
Yes that's fine!
Thank you!
how exactly does this differ from secrets
?
how exactly does this differ from
secrets
?
@bendavies the secrets
input takes in a list of key value pairs which are then provided as secrets to the docker build command by first writing the value to disk and referencing it, this can be seen in resolveBuildSecretString
which then calls resolveBuildSecret
. The generated argument becomes --secret id=KEY,src=<temp-file-with-secret-value>
.
secret-envs
instead uses resolveBuildSecretEnv
and generates the argument --secret id=KEY,env=ENVIRONMENT_VARIABLE
which in turn uses the ENVIRONMENT_VARIABLE
defined on the GitHub runner as the secret value provided to the build.
Makes use of implementation in https://github.com/docker/actions-toolkit/commit/a1ffbe96065f5934066c01459a17967107273cc6 and the fix in https://github.com/docker/actions-toolkit/pull/176.
A new version of the npm package (@docker/actions-toolkit) with the fix implemented in the pull request has to be released before this can be merged as I understand it.
That version should be bumped in package-lock.json/package.json as well but I don't know if dependabot or me should do it.