docker/actions-toolkit
1
0
Fork 0
mirror of https://github.com/docker/actions-toolkit.git synced 2024-11-23 11:36:10 +08:00
Code Issues Packages Projects Releases Wiki Activity

disable DCT for docker commands

Browse Source 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2024-07-16 17:15:12 +02:00
parent 300c014384
commit d36bef4156
No known key found for this signature in database
GPG Key ID: ADE44D8C9D44FBE4
5 changed files with 150 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

113
__tests__/docker/docker.test.ts
View File

@ -22,7 +22,6 @@ import osm = require('os');
import * as rimraf from 'rimraf'; import * as rimraf from 'rimraf';
import {Docker} from '../../src/docker/docker'; import {Docker} from '../../src/docker/docker';
import {Exec} from '../../src/exec';
import {ConfigFile} from '../../src/types/docker/docker'; import {ConfigFile} from '../../src/types/docker/docker';
@ -105,48 +104,132 @@ describe('isAvailable', () => {
}); });
}); });
describe('context', () => { describe('exec', () => {
it('call docker context show', async () => { it('returns docker version', async () => {
const execSpy = jest.spyOn(Exec, 'getExecOutput'); const execSpy = jest.spyOn(Docker, 'exec');
await Docker.context().catch(() => { await Docker.exec(['version'], {
// noop
});
expect(execSpy).toHaveBeenCalledWith(`docker`, ['context', 'inspect', '--format', '{{.Name}}'], {
ignoreReturnCode: true, ignoreReturnCode: true,
silent: true silent: true
}); });
expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
expect(Object.keys(callfunc[1]?.env || {}).length).toBeGreaterThan(0);
const env = callfunc[1]?.env;
expect(env).toHaveProperty('DOCKER_CONTENT_TRUST');
expect(env?.DOCKER_CONTENT_TRUST).toBe('false');
if (callfunc[1]?.env) {
// already checked env
callfunc[1].env = undefined;
}
expect(callfunc).toEqual([
['version'],
{
ignoreReturnCode: true,
silent: true
}
]);
});
});
describe('getExecOutput', () => {
it('returns docker version', async () => {
const execSpy = jest.spyOn(Docker, 'getExecOutput');
await Docker.getExecOutput(['version'], {
ignoreReturnCode: true,
silent: true
});
expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
expect(Object.keys(callfunc[1]?.env || {}).length).toBeGreaterThan(0);
const env = callfunc[1]?.env;
expect(env).toHaveProperty('DOCKER_CONTENT_TRUST');
expect(env?.DOCKER_CONTENT_TRUST).toBe('false');
if (callfunc[1]?.env) {
// already checked env
callfunc[1].env = undefined;
}
expect(callfunc).toEqual([
['version'],
{
ignoreReturnCode: true,
silent: true
}
]);
});
});
describe('context', () => {
it('call docker context show', async () => {
const execSpy = jest.spyOn(Docker, 'getExecOutput');
await Docker.context().catch(() => {
// noop
});
expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
if (callfunc && callfunc[1]) {
// we don't want to check env opt
callfunc[1].env = undefined;
}
expect(callfunc).toEqual([
['context', 'inspect', '--format', '{{.Name}}'],
{
ignoreReturnCode: true,
silent: true
}
]);
}); });
}); });
describe('contextInspect', () => { describe('contextInspect', () => {
it('call docker context inspect', async () => { it('call docker context inspect', async () => {
const execSpy = jest.spyOn(Exec, 'getExecOutput'); const execSpy = jest.spyOn(Docker, 'getExecOutput');
await Docker.contextInspect('foo').catch(() => { await Docker.contextInspect('foo').catch(() => {
// noop // noop
}); });
expect(execSpy).toHaveBeenCalledWith(`docker`, ['context', 'inspect', '--format=json', 'foo'], { expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
if (callfunc && callfunc[1]) {
// we don't want to check env opt
callfunc[1].env = undefined;
}
expect(callfunc).toEqual([
['context', 'inspect', '--format=json', 'foo'],
{
ignoreReturnCode: true, ignoreReturnCode: true,
silent: true silent: true
}); }
]);
}); });
}); });
describe('printVersion', () => { describe('printVersion', () => {
it('call docker version', async () => { it('call docker version', async () => {
const execSpy = jest.spyOn(Exec, 'exec'); const execSpy = jest.spyOn(Docker, 'exec');
await Docker.printVersion().catch(() => { await Docker.printVersion().catch(() => {
// noop // noop
}); });
expect(execSpy).toHaveBeenCalledWith(`docker`, ['version']); expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
if (callfunc && callfunc[1]) {
// we don't want to check env opt
callfunc[1].env = undefined;
}
expect(callfunc).toEqual([['version']]);
}); });
}); });
describe('printInfo', () => { describe('printInfo', () => {
it('call docker info', async () => { it('call docker info', async () => {
const execSpy = jest.spyOn(Exec, 'exec'); const execSpy = jest.spyOn(Docker, 'exec');
await Docker.printInfo().catch(() => { await Docker.printInfo().catch(() => {
// noop // noop
}); });
expect(execSpy).toHaveBeenCalledWith(`docker`, ['info']); expect(execSpy).toHaveBeenCalledTimes(1);
const callfunc = execSpy.mock.calls[0];
if (callfunc && callfunc[1]) {
// we don't want to check env opt
callfunc[1].env = undefined;
}
expect(callfunc).toEqual([['info']]);
}); });
}); });

6
src/buildkit/buildkit.ts
View File

@ -19,8 +19,8 @@ import * as semver from 'semver';
import {Buildx} from '../buildx/buildx'; import {Buildx} from '../buildx/buildx';
import {Builder} from '../buildx/builder'; import {Builder} from '../buildx/builder';
import {Docker} from '../docker/docker';
import {Config} from './config'; import {Config} from './config';
import {Exec} from '../exec';
import {BuilderInfo, NodeInfo} from '../types/buildx/builder'; import {BuilderInfo, NodeInfo} from '../types/buildx/builder';
@ -51,13 +51,13 @@ export class BuildKit {
private async getVersionWithinImage(nodeName: string): Promise<string> { private async getVersionWithinImage(nodeName: string): Promise<string> {
core.debug(`BuildKit.getVersionWithinImage nodeName: ${nodeName}`); core.debug(`BuildKit.getVersionWithinImage nodeName: ${nodeName}`);
return Exec.getExecOutput(`docker`, ['inspect', '--format', '{{.Config.Image}}', `${Buildx.containerNamePrefix}${nodeName}`], { return Docker.getExecOutput(['inspect', '--format', '{{.Config.Image}}', `${Buildx.containerNamePrefix}${nodeName}`], {
ignoreReturnCode: true, ignoreReturnCode: true,
silent: true silent: true
}).then(bkitimage => { }).then(bkitimage => {
if (bkitimage.exitCode == 0 && bkitimage.stdout.length > 0) { if (bkitimage.exitCode == 0 && bkitimage.stdout.length > 0) {
core.debug(`BuildKit.getVersionWithinImage image: ${bkitimage.stdout.trim()}`); core.debug(`BuildKit.getVersionWithinImage image: ${bkitimage.stdout.trim()}`);
return Exec.getExecOutput(`docker`, ['run', '--rm', bkitimage.stdout.trim(), '--version'], { return Docker.getExecOutput(['run', '--rm', bkitimage.stdout.trim(), '--version'], {
ignoreReturnCode: true, ignoreReturnCode: true,
silent: true silent: true
}).then(bkitversion => { }).then(bkitversion => {

6
src/buildx/history.ts
View File

@ -137,7 +137,11 @@ export class History {
] ]
core.info(`[command]docker ${dockerRunArgs.join(' ')}`); core.info(`[command]docker ${dockerRunArgs.join(' ')}`);
dockerRunProc = spawn('docker', dockerRunArgs, { dockerRunProc = spawn('docker', dockerRunArgs, {
stdio: ['pipe', 'pipe', 'inherit'] stdio: ['pipe', 'pipe', 'inherit'],
env: {
...process.env,
DOCKER_CONTENT_TRUST: 'false'
}
}); });
fs.createReadStream(buildxOutFifoPath).pipe(dockerRunProc.stdin); fs.createReadStream(buildxOutFifoPath).pipe(dockerRunProc.stdin);
dockerRunProc.stdout.pipe(fs.createWriteStream(buildxInFifoPath)); dockerRunProc.stdout.pipe(fs.createWriteStream(buildxInFifoPath));

39
src/docker/docker.ts
View File

@ -18,6 +18,7 @@ import fs from 'fs';
import os from 'os'; import os from 'os';
import path from 'path'; import path from 'path';
import * as core from '@actions/core'; import * as core from '@actions/core';
import {ExecOptions, ExecOutput} from '@actions/exec';
import * as io from '@actions/io'; import * as io from '@actions/io';
import {Context} from '../context'; import {Context} from '../context';
@ -53,12 +54,36 @@ export class Docker {
}); });
} }
public static async exec(args?: string[], options?: ExecOptions): Promise<number> {
return Exec.exec('docker', args, Docker.execOptions(options));
}
public static async getExecOutput(args?: string[], options?: ExecOptions): Promise<ExecOutput> {
return Exec.getExecOutput('docker', args, Docker.execOptions(options));
}
private static execOptions(options?: ExecOptions): ExecOptions {
if (!options) {
options = {};
}
if (!options.env) {
options.env = Object.assign({}, process.env, {
DOCKER_CONTENT_TRUST: 'false'
}) as {
[key: string]: string;
};
} else {
options.env.DOCKER_CONTENT_TRUST = 'false';
}
return options;
}
public static async context(name?: string): Promise<string> { public static async context(name?: string): Promise<string> {
const args = ['context', 'inspect', '--format', '{{.Name}}']; const args = ['context', 'inspect', '--format', '{{.Name}}'];
if (name) { if (name) {
args.push(name); args.push(name);
} }
return await Exec.getExecOutput(`docker`, args, { return await Docker.getExecOutput(args, {
ignoreReturnCode: true, ignoreReturnCode: true,
silent: true silent: true
}).then(res => { }).then(res => {
@ -74,7 +99,7 @@ export class Docker {
if (name) { if (name) {
args.push(name); args.push(name);
} }
return await Exec.getExecOutput(`docker`, args, { return await Docker.getExecOutput(args, {
ignoreReturnCode: true, ignoreReturnCode: true,
silent: true silent: true
}).then(res => { }).then(res => {
@ -86,11 +111,11 @@ export class Docker {
} }
public static async printVersion(): Promise<void> { public static async printVersion(): Promise<void> {
await Exec.exec('docker', ['version']); await Docker.exec(['version']);
} }
public static async printInfo(): Promise<void> { public static async printInfo(): Promise<void> {
await Exec.exec('docker', ['info']); await Docker.exec(['info']);
} }
public static parseRepoTag(image: string): {repository: string; tag: string} { public static parseRepoTag(image: string): {repository: string; tag: string} {
@ -138,7 +163,7 @@ export class Docker {
cacheFoundPath = await imageCache.find(); cacheFoundPath = await imageCache.find();
if (cacheFoundPath) { if (cacheFoundPath) {
core.info(`Image found from cache in ${cacheFoundPath}`); core.info(`Image found from cache in ${cacheFoundPath}`);
await Exec.getExecOutput(`docker`, ['load', '-i', cacheFoundPath], { await Docker.getExecOutput(['load', '-i', cacheFoundPath], {
ignoreReturnCode: true ignoreReturnCode: true
}).then(res => { }).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) { if (res.stderr.length > 0 && res.exitCode != 0) {
@ -149,7 +174,7 @@ export class Docker {
} }
let pulled = true; let pulled = true;
await Exec.getExecOutput(`docker`, ['pull', image], { await Docker.getExecOutput(['pull', image], {
ignoreReturnCode: true ignoreReturnCode: true
}).then(res => { }).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) { if (res.stderr.length > 0 && res.exitCode != 0) {
@ -165,7 +190,7 @@ export class Docker {
if (cache && pulled) { if (cache && pulled) {
const imageTarPath = path.join(Context.tmpDir(), `${Util.hash(image)}.tar`); const imageTarPath = path.join(Context.tmpDir(), `${Util.hash(image)}.tar`);
await Exec.getExecOutput(`docker`, ['save', '-o', imageTarPath, image], { await Docker.getExecOutput(['save', '-o', imageTarPath, image], {
ignoreReturnCode: true ignoreReturnCode: true
}).then(async res => { }).then(async res => {
if (res.stderr.length > 0 && res.exitCode != 0) { if (res.stderr.length > 0 && res.exitCode != 0) {

19
src/docker/install.ts
View File

@ -28,6 +28,7 @@ import * as io from '@actions/io';
import * as tc from '@actions/tool-cache'; import * as tc from '@actions/tool-cache';
import {Context} from '../context'; import {Context} from '../context';
import {Docker} from './docker';
import {Exec} from '../exec'; import {Exec} from '../exec';
import {Util} from '../util'; import {Util} from '../util';
import {limaYamlData, dockerServiceLogsPs1, setupDockerWinPs1} from './assets'; import {limaYamlData, dockerServiceLogsPs1, setupDockerWinPs1} from './assets';
@ -219,8 +220,8 @@ export class Install {
}); });
await core.group('Create Docker context', async () => { await core.group('Create Docker context', async () => {
await Exec.exec('docker', ['context', 'create', this.contextName, '--docker', `host=${dockerHost}`]); await Docker.exec(['context', 'create', this.contextName, '--docker', `host=${dockerHost}`]);
await Exec.exec('docker', ['context', 'use', this.contextName]); await Docker.exec(['context', 'use', this.contextName]);
}); });
return dockerHost; return dockerHost;
@ -309,8 +310,8 @@ EOF`,
}); });
await core.group('Create Docker context', async () => { await core.group('Create Docker context', async () => {
await Exec.exec('docker', ['context', 'create', this.contextName, '--docker', `host=${dockerHost}`]); await Docker.exec(['context', 'create', this.contextName, '--docker', `host=${dockerHost}`]);
await Exec.exec('docker', ['context', 'use', this.contextName]); await Docker.exec(['context', 'use', this.contextName]);
}); });
return dockerHost; return dockerHost;
@ -352,8 +353,8 @@ EOF`,
}); });
await core.group('Create Docker context', async () => { await core.group('Create Docker context', async () => {
await Exec.exec('docker', ['context', 'create', this.contextName, '--docker', `host=${dockerHost}`]); await Docker.exec(['context', 'create', this.contextName, '--docker', `host=${dockerHost}`]);
await Exec.exec('docker', ['context', 'use', this.contextName]); await Docker.exec(['context', 'use', this.contextName]);
}); });
return dockerHost; return dockerHost;
@ -395,7 +396,7 @@ EOF`,
await Exec.exec('limactl', ['delete', '--tty=false', this.limaInstanceName, '--force']); await Exec.exec('limactl', ['delete', '--tty=false', this.limaInstanceName, '--force']);
}); });
await core.group('Removing Docker context', async () => { await core.group('Removing Docker context', async () => {
await Exec.exec('docker', ['context', 'rm', '-f', this.contextName]); await Docker.exec(['context', 'rm', '-f', this.contextName]);
}); });
await core.group(`Cleaning up runDir`, async () => { await core.group(`Cleaning up runDir`, async () => {
await Exec.exec('sudo', ['rm', '-rf', this.runDir]); await Exec.exec('sudo', ['rm', '-rf', this.runDir]);
@ -411,7 +412,7 @@ EOF`,
await Util.sleep(5); await Util.sleep(5);
}); });
await core.group('Removing Docker context', async () => { await core.group('Removing Docker context', async () => {
await Exec.exec('docker', ['context', 'rm', '-f', this.contextName]); await Docker.exec(['context', 'rm', '-f', this.contextName]);
}); });
await core.group(`Cleaning up runDir`, async () => { await core.group(`Cleaning up runDir`, async () => {
await Exec.exec('sudo', ['rm', '-rf', this.runDir], { await Exec.exec('sudo', ['rm', '-rf', this.runDir], {
@ -427,7 +428,7 @@ EOF`,
await Exec.exec(logCmd.command, logCmd.args); await Exec.exec(logCmd.command, logCmd.args);
}); });
await core.group('Removing Docker context', async () => { await core.group('Removing Docker context', async () => {
await Exec.exec('docker', ['context', 'rm', '-f', this.contextName]); await Docker.exec(['context', 'rm', '-f', this.contextName]);
}); });
} }