a

2025-06-07 21:57:10 +02:00 · 2025-06-07 21:57:10 +02:00 · bc68379c52
commit bc68379c52
parent 5de9ffb979
5 changed files with 54 additions and 31 deletions
--- a/.woodpecker/build.yaml
+++ b/.woodpecker/build.yaml
@ -1,7 +1,7 @@
 when:
  instance: ci.kokuwa.io
  repo: woodpecker/buildctl
-  event: [manual, push]
+  event: [manual, push, pull_request]
  branch: main
  path: [.woodpecker/build.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh]
--- a/.woodpecker/test.yaml
+++ b/.woodpecker/test.yaml
@ -1,7 +1,7 @@
 when:
  instance: ci.kokuwa.io
  repo: woodpecker/buildctl
-  event: [manual, push]
+  event: [manual, push, pull_request]
  branch: main
  path: [.woodpecker/build.yaml, Dockerfile, Dockerfile.dockerignore, entrypoint.sh]
@ -14,17 +14,25 @@ labels:
 steps:
-  kokuwa.io:
+  pr:
    image: registry.kokuwa.io/buildctl:$CI_PIPELINE_NUMBER
    pull: true
    commands: buildctl --version
    when:
      event: pull_request
  kokuwa.io: &version
    image: kokuwa.io/buildctl
    pull: true
    commands: buildctl --version
    when:
      event: [manual, push]
      branch: main
  docker.io:
    image: docker.io/kokuwaio/buildctl
-    pull: true
+    <<: *version
    commands: buildctl --version
  ghcr.io:
    image: ghcr.io/kokuwaio/buildctl
-    pull: true
+    <<: *version
    commands: buildctl --version
--- a/17
+++ b/17
@ -1,16 +1,21 @@
 FROM docker.io/library/bash:5.2.37@sha256:01a15c6f48f6a3c08431cd77e11567823530b18159889dca3b7309b707beef91
 SHELL ["/usr/local/bin/bash", "-u", "-e", "-o", "pipefail", "-c"]
 # ignore pipefail because
 # bash is non-default location https://github.com/tianon/docker-bash/issues/29
 # hadolint only uses default locations https://github.com/hadolint/hadolint/issues/977
-# hadolint ignore=DL4006
+# hadolint global ignore=DL4006
 FROM docker.io/library/bash:5.2.37@sha256:01a15c6f48f6a3c08431cd77e11567823530b18159889dca3b7309b707beef91
 SHELL ["/usr/local/bin/bash", "-u", "-e", "-o", "pipefail", "-c"]
 RUN ARCH=$(uname -m) && \
 	[[ $ARCH == x86_64 ]] && export SUFFIX=amd64; \
 	[[ $ARCH == aarch64 ]] && export SUFFIX=arm64; \
 	[[ -z ${SUFFIX:-} ]] && echo "Unknown arch: $ARCH" && exit 1; \
-	set -o pipefail && \
+	wget -q "https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux-$SUFFIX" --output-document=/usr/local/bin/jq && \
-	wget -q "https://github.com/moby/buildkit/releases/download/v0.21.0/buildkit-v0.21.0.linux-$SUFFIX.tar.gz" --output-document=- | \
+	chmod 555 /usr/local/bin/jq
-	tar --gz --extract --directory=/usr/local bin/buildctl
+RUN ARCH=$(uname -m) && \
 	[[ $ARCH == x86_64 ]] && export SUFFIX=amd64; \
 	[[ $ARCH == aarch64 ]] && export SUFFIX=arm64; \
 	[[ -z ${SUFFIX:-} ]] && echo "Unknown arch: $ARCH" && exit 1; \
 	wget -q "https://github.com/moby/buildkit/releases/download/v0.21.0/buildkit-v0.21.0.linux-$SUFFIX.tar.gz" --output-document=- | tar --gz --extract --directory=/usr/local bin/buildctl && \
 	chmod 555 /usr/local/bin/jq
 COPY --chmod=555 entrypoint.sh /usr/local/bin/entrypoint.sh
 ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 USER 1000:1000
--- a/entrypoint.sh
+++ b/entrypoint.sh
@ -1,8 +1,5 @@
 #!/usr/bin/env bash
 set -eu;
 env | sort | grep PLUGIN
 echo $PLUGIN_AUTH | base64 -w0
 ##
 ## check input
@ -25,9 +22,10 @@ SOURCE_DATE_EPOCH=${PLUGIN_SOURCE_DATE_EPOCH:-0}
 if [[ -n "${PLUGIN_AUTH:-}" ]]; then
 	DOCKER_CONFIG=${DOCKER_CONFIG:-$PWD}
-	mkdir -p $DOCKER_CONFIG
+	mkdir -p "$DOCKER_CONFIG"
-	echo $PLUGIN_AUTH > $DOCKER_CONFIG/config.json
+	echo "$PLUGIN_AUTH" > "$DOCKER_CONFIG/config.json"
-	echo Stored credentials at $DOCKER_CONFIG/config.json
+	echo Stored credentials at "$DOCKER_CONFIG/config.json"
 	echo
 fi
 ##
@ -46,17 +44,14 @@ if [[ "${PLUGIN_PLATFORM:-}" == "true" ]]; then
 	COMMAND="$COMMAND --opt platform='$PLUGIN_PLATFORM'"
 fi
 # https://github.com/moby/buildkit/blob/master/README.md#output
-OUTPUT=""
+BUILDCTL_OUTPUT=""
 if [[ -n "${PLUGIN_NAME:-}" ]]; then
-	OUTPUT="$OUTPUT --output type=image,\"name=$PLUGIN_NAME\",push=${PLUGIN_PUSH:-true},oci-mediatypes=true,oci-artifact=true,compression=estargz"
+	BUILDCTL_OUTPUT="$BUILDCTL_OUTPUT --output type=image,\"name=$PLUGIN_NAME\",push=${PLUGIN_PUSH:-true}"
-	OUTPUT="$OUTPUT,oci-mediatypes=true,oci-artifact=true,compression=estargz,compression-level=9"
+	BUILDCTL_OUTPUT="$BUILDCTL_OUTPUT,oci-mediatypes=true,oci-artifact=true,compression=estargz,compression-level=9"
-	OUTPUT="$OUTPUT,rewrite-timestamp=true"
+	BUILDCTL_OUTPUT="$BUILDCTL_OUTPUT,rewrite-timestamp=true"
-	export IFS=";"
+	BUILDCTL_OUTPUT="$BUILDCTL_OUTPUT$(echo "$PLUGIN_ANNOTATION" | jq --join-output 'keys[] as $k|",annotation.\($k)=\"\(.[$k])\""')"
 	for PLUGIN_ANNOTATION_ITEM in "${PLUGIN_ANNOTATION:-}"; do
 		OUTPUT="$OUTPUT,annotation.$PLUGIN_ANNOTATION_ITEM"
 	done
 fi
-COMMAND="$COMMAND $OUTPUT"
+COMMAND="$COMMAND $BUILDCTL_OUTPUT"
 # custom args, e.g. docker run --rm --volume=$HOME:HOME:ro --workdir=$PWD kokuwaio/buildkit --opt buildarg=foo=bar
 if [[ -n "${1:-}" ]]; then
@ -67,12 +62,21 @@ fi
 ## execute command
 ##
 echo
 echo Reproduce with docker:
 echo
 echo "SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH docker buildx build ${PLUGIN_CONTEXT:-.}"
 	echo "  --no-cache"
 if [[ "${PLUGIN_PLATFORM:-}" == "true" ]]; then
 	echo "  --platform='$PLUGIN_PLATFORM'"
 	echo "  $OUTPUT"
 fi
-
+if [[ -n "${PLUGIN_ADDR:-}" ]]; then
-echo -e "SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH ${COMMAND// --/\\n  --}\n"
+	echo "  $BUILDCTL_OUTPUT"
 fi
 echo
 echo Running now:
 echo
 echo "SOURCE_DATE_EPOCH=$SOURCE_DATE_EPOCH ${COMMAND// --/\\n  --}"
 echo
 eval "$COMMAND"
 echo 1
--- a/renovate.json
+++ b/renovate.json
@ -50,6 +50,12 @@
 			],
 			"datasourceTemplate": "github-tags",
 			"packageNameTemplate": "moby/buildkit"
 		},{
 			"customType": "regex",
 			"managerFilePatterns": ["Dockerfile", ".woodpecker/build.yaml"],
 			"matchStrings": ["https://github.com/jqlang/jq/releases/download/(?<currentValue>jq-[0-9]+\\.[0-9]+\\.[0-9]+)/jq-linux-$SUFFIX"],
 			"datasourceTemplate": "github-tags",
 			"packageNameTemplate": "qlang/jq"
 		}
 	]
 }