Merge pull request #14 from chhawchharia/CI-21342

CI-21342: migrate AWS SDK Go v1 to v2 for ECR service
feat: [CI-21342]: Aws migrated and vulnerabilities fixed
2026-06-16 14:50:32 +08:00 · 2026-03-04 11:44:01 +05:30 · 2026-03-02 15:52:31 -08:00 · 2025-07-10 18:51:02 +05:30 · 2025-07-10 09:58:44 +05:30 · 2025-07-09 20:37:24 +05:30
12 changed files with 515 additions and 151 deletions
@@ -1,6 +1,12 @@
 kind: pipeline
-type: docker
 name: default
+type: vm
+
+platform:
+  os: linux
+  arch: amd64
+pool:
+  use: ubuntu

 steps:
 - name: build
@@ -96,12 +102,14 @@ steps:

 ---
 kind: pipeline
-type: docker
+type: vm
 name: notifications-docker

 platform:
  os: linux
  arch: amd64
+pool:
+  use: ubuntu

 steps:
 - name: manifest-docker
@@ -8,7 +8,7 @@
 [![Go Doc](https://godoc.org/github.com/drone-plugins/drone-buildah?status.svg)](http://godoc.org/github.com/drone-plugins/drone-buildah)
 [![Go Report](https://goreportcard.com/badge/github.com/drone-plugins/drone-buildah)](https://goreportcard.com/report/github.com/drone-plugins/drone-buildah)

-Drone plugin uses buildah to build and publish Docker images to a container registry. For the usage information and a listing of the available options please take a look at [the docs](http://plugins.drone.io/drone-plugins/drone-buildah/).
+Drone plugin uses buildah to build and publish Docker images to a container registry. For the usage information and a listing of the available options please take a look at [the docs](https://plugins.drone.io/plugins/buildah).

 ## Build

@@ -66,7 +66,6 @@ docker run --rm \
  -e PLUGIN_REPO=octocat/hello-world \
  -e DRONE_COMMIT_SHA=d8dbe4d94f15fe89232e0402c6e8a0ddf21af3ab \
  --cap-add=SYS_ADMIN \
-  -v /var/lib/containers/:/var/lib/containers/:Z \
  -v $(pwd):$(pwd) \
  -w $(pwd) \
  plugins/buildah-docker --dry-run
@@ -29,7 +29,7 @@ func main() {
 		cli.BoolFlag{
 			Name:   "dry-run",
 			Usage:  "dry run disables docker push",
-			EnvVar: "PLUGIN_DRY_RUN",
+			EnvVar: "PLUGIN_DRY_RUN,PLUGIN_NO_PUSH",
 		},
 		cli.StringFlag{
 			Name:   "remote.url",
@@ -182,6 +182,61 @@ func main() {
 			Usage:  "additional host:IP mapping",
 			EnvVar: "PLUGIN_ADD_HOST",
 		},
+		cli.StringFlag{
+			Name:   "s3-local-cache-dir",
+			Usage:  "local directory for S3 based cache",
+			EnvVar: "PLUGIN_S3_LOCAL_CACHE_DIR",
+		},
+		cli.StringFlag{
+			Name:   "s3-bucket",
+			Usage:  "S3 bucket name",
+			EnvVar: "PLUGIN_S3_BUCKET",
+		},
+		cli.StringFlag{
+			Name:   "s3-endpoint",
+			Usage:  "S3 endpoint address",
+			EnvVar: "PLUGIN_S3_ENDPOINT",
+		},
+		cli.StringFlag{
+			Name:   "s3-region",
+			Usage:  "S3 region",
+			EnvVar: "PLUGIN_S3_REGION",
+		},
+		cli.StringFlag{
+			Name:   "s3-key",
+			Usage:  "S3 access key",
+			EnvVar: "PLUGIN_S3_ACCESS_KEY",
+		},
+		cli.StringFlag{
+			Name:   "s3-secret",
+			Usage:  "S3 access secret",
+			EnvVar: "PLUGIN_S3_SECRET",
+		},
+		cli.BoolFlag{
+			Name:   "s3-use-ssl",
+			Usage:  "Enable SSL for S3 connections",
+			EnvVar: "PLUGIN_S3_USE_SSL",
+		},
+		cli.BoolFlag{
+			Name:   "layers",
+			Usage:  "User Layers",
+			EnvVar: "PLUGIN_LAYERS",
+		},
+		cli.BoolFlag{
+			Name:   "push-only",
+			Usage:  "Push existing Docker images without building",
+			EnvVar: "PLUGIN_PUSH_ONLY",
+		},
+		cli.StringFlag{
+			Name:   "source-tar-path",
+			Usage:  "Path to Docker image tar file to load and push",
+			EnvVar: "PLUGIN_SOURCE_TAR_PATH",
+		},
+		cli.StringFlag{
+			Name:   "tar-path",
+			Usage:  "Path to save Docker image as tar file",
+			EnvVar: "PLUGIN_TAR_PATH,PLUGIN_DESTINATION_TAR_PATH",
+		},
 	}

 	if err := app.Run(os.Args); err != nil {
@@ -191,8 +246,11 @@ func main() {

 func run(c *cli.Context) error {
 	plugin := docker.Plugin{
-		Dryrun:  c.Bool("dry-run"),
-		Cleanup: c.BoolT("docker.purge"),
+		Dryrun:        c.Bool("dry-run"),
+		Cleanup:       c.BoolT("docker.purge"),
+		PushOnly:      c.Bool("push-only"),
+		SourceTarPath: c.String("source-tar-path"),
+		TarPath:       c.String("tar-path"),
 		Login: docker.Login{
 			Registry: c.String("docker.registry"),
 			Username: c.String("docker.username"),
@@ -221,6 +279,14 @@ func run(c *cli.Context) error {
 			NoCache:     c.Bool("no-cache"),
 			AddHost:     c.StringSlice("add-host"),
 			Quiet:       c.Bool("quiet"),
+			S3CacheDir:  c.String("s3-local-cache-dir"),
+			S3Bucket:    c.String("s3-bucket"),
+			S3Endpoint:  c.String("s3-endpoint"),
+			S3Region:    c.String("s3-region"),
+			S3Key:       c.String("s3-key"),
+			S3Secret:    c.String("s3-secret"),
+			S3UseSSL:    c.Bool("s3-use-ssl"),
+			Layers:      c.Bool("layers"),
 		},
 	}

@@ -1,28 +1,28 @@
 package main

 import (
+	"context"
 	"encoding/base64"
+	"errors"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"os/exec"
 	"strconv"
 	"strings"

+	"github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
+	"github.com/aws/aws-sdk-go-v2/service/ecr"
+	ecrtypes "github.com/aws/aws-sdk-go-v2/service/ecr/types"
+	"github.com/aws/aws-sdk-go-v2/service/sts"
 	"github.com/joho/godotenv"
-
-	"github.com/aws/aws-sdk-go/aws"
-	"github.com/aws/aws-sdk-go/aws/awserr"
-	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
-	"github.com/aws/aws-sdk-go/aws/session"
-	"github.com/aws/aws-sdk-go/service/ecr"
 )

 const defaultRegion = "us-east-1"

 func main() {
-	// Load env-file if it exists first
 	if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
 		godotenv.Load(env)
 	}
@@ -37,10 +37,10 @@ func main() {
 		lifecyclePolicy  = getenv("PLUGIN_LIFECYCLE_POLICY")
 		repositoryPolicy = getenv("PLUGIN_REPOSITORY_POLICY")
 		assumeRole       = getenv("PLUGIN_ASSUME_ROLE")
+		externalId       = getenv("PLUGIN_EXTERNAL_ID")
 		scanOnPush       = parseBoolOrDefault(false, getenv("PLUGIN_SCAN_ON_PUSH"))
 	)

-	// set the region
 	if region == "" {
 		region = defaultRegion
 	}
@@ -52,13 +52,15 @@ func main() {
 		os.Setenv("AWS_SECRET_ACCESS_KEY", secret)
 	}

-	sess, err := session.NewSession(&aws.Config{Region: &region})
+	ctx := context.Background()
+
+	cfg, err := config.LoadDefaultConfig(ctx, config.WithRegion(region))
 	if err != nil {
-		log.Fatal(fmt.Sprintf("error creating aws session: %v", err))
+		log.Fatal(fmt.Sprintf("error creating aws config: %v", err))
 	}

-	svc := getECRClient(sess, assumeRole)
-	username, password, defaultRegistry, err := getAuthInfo(svc)
+	svc := getECRClient(cfg, assumeRole, externalId)
+	username, password, defaultRegistry, err := getAuthInfo(ctx, svc)

 	if registry == "" {
 		registry = defaultRegistry
@@ -73,32 +75,32 @@ func main() {
 	}

 	if create {
-		err = ensureRepoExists(svc, trimHostname(repo, registry), scanOnPush)
+		err = ensureRepoExists(ctx, svc, trimHostname(repo, registry), scanOnPush)
 		if err != nil {
 			log.Fatal(fmt.Sprintf("error creating ECR repo: %v", err))
 		}
-		err = updateImageScannningConfig(svc, trimHostname(repo, registry), scanOnPush)
+		err = updateImageScanningConfig(ctx, svc, trimHostname(repo, registry), scanOnPush)
 		if err != nil {
 			log.Fatal(fmt.Sprintf("error updating scan on push for ECR repo: %v", err))
 		}
 	}

 	if lifecyclePolicy != "" {
-		p, err := ioutil.ReadFile(lifecyclePolicy)
+		p, err := os.ReadFile(lifecyclePolicy)
 		if err != nil {
 			log.Fatal(err)
 		}
-		if err := uploadLifeCyclePolicy(svc, string(p), trimHostname(repo, registry)); err != nil {
+		if err := uploadLifeCyclePolicy(ctx, svc, string(p), trimHostname(repo, registry)); err != nil {
 			log.Fatal(fmt.Sprintf("error uploading ECR lifecycle policy: %v", err))
 		}
 	}

 	if repositoryPolicy != "" {
-		p, err := ioutil.ReadFile(repositoryPolicy)
+		p, err := os.ReadFile(repositoryPolicy)
 		if err != nil {
 			log.Fatal(err)
 		}
-		if err := uploadRepositoryPolicy(svc, string(p), trimHostname(repo, registry)); err != nil {
+		if err := uploadRepositoryPolicy(ctx, svc, string(p), trimHostname(repo, registry)); err != nil {
 			log.Fatal(fmt.Sprintf("error uploading ECR repository policy. %v", err))
 		}
 	}
@@ -108,7 +110,6 @@ func main() {
 	os.Setenv("DOCKER_USERNAME", username)
 	os.Setenv("DOCKER_PASSWORD", password)

-	// invoke the base docker plugin binary
 	cmd := exec.Command("drone-docker")
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
@@ -123,57 +124,63 @@ func trimHostname(repo, registry string) string {
 	return repo
 }

-func ensureRepoExists(svc *ecr.ECR, name string, scanOnPush bool) (err error) {
-	input := &ecr.CreateRepositoryInput{}
-	input.SetRepositoryName(name)
-	input.SetImageScanningConfiguration(&ecr.ImageScanningConfiguration{ScanOnPush: &scanOnPush})
-	_, err = svc.CreateRepository(input)
+func ensureRepoExists(ctx context.Context, svc *ecr.Client, name string, scanOnPush bool) error {
+	_, err := svc.CreateRepository(ctx, &ecr.CreateRepositoryInput{
+		RepositoryName: aws.String(name),
+		ImageScanningConfiguration: &ecrtypes.ImageScanningConfiguration{
+			ScanOnPush: scanOnPush,
+		},
+	})
 	if err != nil {
-		if aerr, ok := err.(awserr.Error); ok && aerr.Code() == ecr.ErrCodeRepositoryAlreadyExistsException {
-			// eat it, we skip checking for existing to save two requests
-			err = nil
+		var rae *ecrtypes.RepositoryAlreadyExistsException
+		if errors.As(err, &rae) {
+			return nil
 		}
+		return err
 	}
-
-	return
+	return nil
 }

-func updateImageScannningConfig(svc *ecr.ECR, name string, scanOnPush bool) (err error) {
-	input := &ecr.PutImageScanningConfigurationInput{}
-	input.SetRepositoryName(name)
-	input.SetImageScanningConfiguration(&ecr.ImageScanningConfiguration{ScanOnPush: &scanOnPush})
-	_, err = svc.PutImageScanningConfiguration(input)
-
+func updateImageScanningConfig(ctx context.Context, svc *ecr.Client, name string, scanOnPush bool) error {
+	_, err := svc.PutImageScanningConfiguration(ctx, &ecr.PutImageScanningConfigurationInput{
+		RepositoryName: aws.String(name),
+		ImageScanningConfiguration: &ecrtypes.ImageScanningConfiguration{
+			ScanOnPush: scanOnPush,
+		},
+	})
 	return err
 }

-func uploadLifeCyclePolicy(svc *ecr.ECR, lifecyclePolicy string, name string) (err error) {
-	input := &ecr.PutLifecyclePolicyInput{}
-	input.SetLifecyclePolicyText(lifecyclePolicy)
-	input.SetRepositoryName(name)
-	_, err = svc.PutLifecyclePolicy(input)
-
+func uploadLifeCyclePolicy(ctx context.Context, svc *ecr.Client, lifecyclePolicy string, name string) error {
+	_, err := svc.PutLifecyclePolicy(ctx, &ecr.PutLifecyclePolicyInput{
+		LifecyclePolicyText: aws.String(lifecyclePolicy),
+		RepositoryName:      aws.String(name),
+	})
 	return err
 }

-func uploadRepositoryPolicy(svc *ecr.ECR, repositoryPolicy string, name string) (err error) {
-	input := &ecr.SetRepositoryPolicyInput{}
-	input.SetPolicyText(repositoryPolicy)
-	input.SetRepositoryName(name)
-	_, err = svc.SetRepositoryPolicy(input)
-
+func uploadRepositoryPolicy(ctx context.Context, svc *ecr.Client, repositoryPolicy string, name string) error {
+	_, err := svc.SetRepositoryPolicy(ctx, &ecr.SetRepositoryPolicyInput{
+		PolicyText:     aws.String(repositoryPolicy),
+		RepositoryName: aws.String(name),
+	})
 	return err
 }

-func getAuthInfo(svc *ecr.ECR) (username, password, registry string, err error) {
+func getAuthInfo(ctx context.Context, svc *ecr.Client) (username, password, registry string, err error) {
 	var result *ecr.GetAuthorizationTokenOutput
 	var decoded []byte

-	result, err = svc.GetAuthorizationToken(&ecr.GetAuthorizationTokenInput{})
+	result, err = svc.GetAuthorizationToken(ctx, &ecr.GetAuthorizationTokenInput{})
 	if err != nil {
 		return
 	}

+	if len(result.AuthorizationData) == 0 {
+		err = fmt.Errorf("no authorization data returned from ECR")
+		return
+	}
+
 	auth := result.AuthorizationData[0]
 	token := *auth.AuthorizationToken
 	decoded, err = base64.StdEncoding.DecodeString(token)
@@ -182,7 +189,11 @@ func getAuthInfo(svc *ecr.ECR) (username, password, registry string, err error)
 	}

 	registry = strings.TrimPrefix(*auth.ProxyEndpoint, "https://")
-	creds := strings.Split(string(decoded), ":")
+	creds := strings.SplitN(string(decoded), ":", 2)
+	if len(creds) < 2 {
+		err = fmt.Errorf("invalid ECR authorization token format")
+		return
+	}
 	username = creds[0]
 	password = creds[1]
 	return
@@ -194,7 +205,6 @@ func parseBoolOrDefault(defaultValue bool, s string) (result bool) {
 	if err != nil {
 		result = false
 	}
-
 	return
 }

@@ -208,11 +218,19 @@ func getenv(key ...string) (s string) {
 	return
 }

-func getECRClient(sess *session.Session, role string) *ecr.ECR {
+func getECRClient(cfg aws.Config, role string, externalId string) *ecr.Client {
 	if role == "" {
-		return ecr.New(sess)
+		return ecr.NewFromConfig(cfg)
 	}
-	return ecr.New(sess, &aws.Config{
-		Credentials: stscreds.NewCredentials(sess, role),
-	})
+	stsSvc := sts.NewFromConfig(cfg)
+	var provider *stscreds.AssumeRoleProvider
+	if externalId != "" {
+		provider = stscreds.NewAssumeRoleProvider(stsSvc, role, func(o *stscreds.AssumeRoleOptions) {
+			o.ExternalID = &externalId
+		})
+	} else {
+		provider = stscreds.NewAssumeRoleProvider(stsSvc, role)
+	}
+	cfg.Credentials = aws.NewCredentialsCache(provider)
+	return ecr.NewFromConfig(cfg)
 }
@@ -5,6 +5,7 @@ import (
 	"io/ioutil"
 	"os"
 	"os/exec"
+	"os/user"
 	"path/filepath"
 	"strings"
 	"time"
@@ -44,14 +45,25 @@ type (
 		NoCache     bool     // Docker build no-cache
 		AddHost     []string // Docker build add-host
 		Quiet       bool     // Docker build quiet
+		S3CacheDir  string
+		S3Bucket    string
+		S3Endpoint  string
+		S3Region    string
+		S3Key       string
+		S3Secret    string
+		S3UseSSL    bool
+		Layers      bool
 	}

 	// Plugin defines the Docker plugin parameters.
 	Plugin struct {
-		Login   Login // Docker login configuration
-		Build   Build // Docker build configuration
-		Dryrun  bool  // Docker push is skipped
-		Cleanup bool  // Docker purge is enabled
+		Login         Login  // Docker login configuration
+		Build         Build  // Docker build configuration
+		Dryrun        bool   // Docker push is skipped
+		Cleanup       bool   // Docker purge is enabled
+		PushOnly      bool   // Push only mode, skips build process
+		SourceTarPath string // Path to Docker image tar file to load and push
+		TarPath       string // Path to save Docker image as tar file
 	}
 )

@@ -59,23 +71,28 @@ type (
 func (p Plugin) Exec() error {
 	// Create Auth Config File
 	if p.Login.Config != "" {
-		homeDir, err := os.UserHomeDir()
+		user, err := user.Current()
 		if err != nil {
-			return fmt.Errorf("failed to find home directory: %s", err)
+			return fmt.Errorf("Error getting the current user: %s", err)
+		}
+		root := fmt.Sprintf("/var/tmp/%s/containers/containers/", user.Uid)
+		if err := os.MkdirAll(root, 0777); err != nil {
+			return fmt.Errorf("Error writing runtime dir: %s", err)
 		}
-		dockerHome := fmt.Sprintf("%s/.docker/config.json", homeDir)
-		os.MkdirAll(dockerHome, 0600)

-		path := filepath.Join(dockerHome, "config.json")
-		err = ioutil.WriteFile(path, []byte(p.Login.Config), 0600)
-		if err != nil {
-			return fmt.Errorf("Error writing config.json: %s", err)
+		path := filepath.Join(root, "auth.json")
+		if err := ioutil.WriteFile(path, []byte(p.Login.Config), 0600); err != nil {
+			return fmt.Errorf("Error writing auth.json: %s", err)
 		}
+
+		fmt.Printf("Config written to %s\n", path)
 	}

 	// login to the Docker registry
 	if p.Login.Password != "" {
 		cmd := commandLogin(p.Login)
+		cmd.Stdout = os.Stdout
+		cmd.Stderr = os.Stderr
 		err := cmd.Run()
 		if err != nil {
 			return fmt.Errorf("Error authenticating: %s", err)
@@ -91,6 +108,11 @@ func (p Plugin) Exec() error {
 		fmt.Println("Registry credentials or Docker config not provided. Guest mode enabled.")
 	}

+	// Check if we're in push-only mode
+	if p.PushOnly {
+		return p.pushOnly()
+	}
+
 	// add proxy build args
 	addProxyBuildArgs(&p.Build)

@@ -108,11 +130,23 @@ func (p Plugin) Exec() error {
 	for _, tag := range p.Build.Tags {
 		cmds = append(cmds, commandTag(p.Build, tag)) // docker tag

-		if p.Dryrun == false {
+		if !p.Dryrun {
 			cmds = append(cmds, commandPush(p.Build, tag)) // docker push
 		}
 	}

+	// If TarPath is specified and Dryrun is enabled, save the image to a tar file
+	if p.TarPath != "" && p.Dryrun && len(p.Build.Tags) > 0 {
+		// Ensure parent directories exist
+		if err := os.MkdirAll(filepath.Dir(p.TarPath), 0755); err != nil {
+			return fmt.Errorf("failed to create parent directories for tar path: %s", err)
+		}
+
+		imageToSave := fmt.Sprintf("%s:%s", p.Build.Repo, p.Build.Tags[0])
+		fmt.Println("Saving image to tar:", p.TarPath)
+		cmds = append(cmds, commandSaveTar(imageToSave, p.TarPath))
+	}
+
 	if p.Cleanup {
 		cmds = append(cmds, commandRmi(p.Build.Name)) // buildah rmi
 	}
@@ -170,20 +204,21 @@ func commandLoginEmail(login Login) *exec.Cmd {
 	)
 }

-// helper function to create the docker info command.
+// helper function to create the docker version command.
 func commandVersion() *exec.Cmd {
 	return exec.Command(buildahExe, "version")
 }

 // helper function to create the docker info command.
 func commandInfo() *exec.Cmd {
-	return exec.Command(buildahExe, "info")
+	return exec.Command(buildahExe, "--storage-driver", "vfs", "info")
 }

 // helper function to create the docker build command.
 func commandBuild(build Build) *exec.Cmd {
 	args := []string{
 		"bud",
+		"--storage-driver", "vfs",
 		"-f", build.Dockerfile,
 	}

@@ -217,6 +252,30 @@ func commandBuild(build Build) *exec.Cmd {
 	if build.Quiet {
 		args = append(args, "--quiet")
 	}
+	if build.Layers {
+		args = append(args, "--layers=true")
+		if build.S3CacheDir != "" {
+			args = append(args, "--s3-local-cache-dir", build.S3CacheDir)
+			if build.S3Bucket != "" {
+				args = append(args, "--s3-bucket", build.S3Bucket)
+			}
+			if build.S3Endpoint != "" {
+				args = append(args, "--s3-endpoint", build.S3Endpoint)
+			}
+			if build.S3Region != "" {
+				args = append(args, "--s3-region", build.S3Region)
+			}
+			if build.S3Key != "" {
+				args = append(args, "--s3-key", build.S3Key)
+			}
+			if build.S3Secret != "" {
+				args = append(args, "--s3-secret", build.S3Secret)
+			}
+			if build.S3UseSSL {
+				args = append(args, "--s3-use-ssl=true")
+			}
+		}
+	}

 	if build.AutoLabel {
 		labelSchema := []string{
@@ -297,14 +356,14 @@ func commandTag(build Build, tag string) *exec.Cmd {
 		target = fmt.Sprintf("%s:%s", build.Repo, tag)
 	)
 	return exec.Command(
-		buildahExe, "tag", source, target,
+		buildahExe, "tag", "--storage-driver", "vfs", source, target,
 	)
 }

 // helper function to create the docker push command.
 func commandPush(build Build, tag string) *exec.Cmd {
 	target := fmt.Sprintf("%s:%s", build.Repo, tag)
-	return exec.Command(buildahExe, "push", target)
+	return exec.Command(buildahExe, "push", "--storage-driver", "vfs", target)
 }

 // helper to check if args match "docker prune"
@@ -318,7 +377,7 @@ func isCommandRmi(args []string) bool {
 }

 func commandRmi(tag string) *exec.Cmd {
-	return exec.Command(buildahExe, "rmi", tag)
+	return exec.Command(buildahExe, "--storage-driver", "vfs", "rmi", tag)
 }

 // trace writes each command to stdout with the command wrapped in an xml
@@ -326,3 +385,134 @@ func commandRmi(tag string) *exec.Cmd {
 func trace(cmd *exec.Cmd) {
 	fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " "))
 }
+
+// pushOnly handles pushing images without building them
+func (p Plugin) pushOnly() error {
+	// If source tar path is provided, load the image first
+	if p.SourceTarPath != "" {
+		fileInfo, err := os.Stat(p.SourceTarPath)
+		if err != nil {
+			if os.IsNotExist(err) {
+				return fmt.Errorf("source image tar file %s does not exist", p.SourceTarPath)
+			}
+			return fmt.Errorf("failed to access source image tar file: %s", err)
+		}
+
+		if !fileInfo.Mode().IsRegular() {
+			return fmt.Errorf("source image tar %s is not a regular file", p.SourceTarPath)
+		}
+
+		fmt.Println("Loading image from tar:", p.SourceTarPath)
+		loadCmd := commandLoadTar(p.SourceTarPath)
+		loadCmd.Stdout = os.Stdout
+		loadCmd.Stderr = os.Stderr
+		trace(loadCmd)
+		if err := loadCmd.Run(); err != nil {
+			return fmt.Errorf("failed to load image from tar: %s", err)
+		}
+	}
+
+	// Check for required tags
+	if len(p.Build.Tags) == 0 {
+		return fmt.Errorf("no tags specified for push")
+	}
+
+	// Use the repository name as the source image name
+	sourceImageName := p.Build.Repo
+	sourceTags := p.Build.Tags
+
+	// For each source tag and target tag combination
+	taggedForPush := make(map[string]bool)
+
+	for _, sourceTag := range sourceTags {
+		sourceFullImageName := fmt.Sprintf("%s:%s", sourceImageName, sourceTag)
+
+		// Check if the source image exists in local storage
+		existsCmd := commandImageExists(sourceFullImageName)
+		existsCmd.Stdout = nil // suppress output, we only care about the exit code
+		existsCmd.Stderr = os.Stderr
+		trace(existsCmd)
+
+		if err := existsCmd.Run(); err != nil {
+			fmt.Printf("Warning: Source image %s not found\n", sourceFullImageName)
+			// Continue to the next source tag if available, otherwise return error
+			if len(sourceTags) > 1 {
+				continue
+			}
+			return fmt.Errorf("source image %s not found, cannot push", sourceFullImageName)
+		}
+
+		// For each target tag, tag and push
+		for _, targetTag := range p.Build.Tags {
+			targetFullImageName := fmt.Sprintf("%s:%s", p.Build.Repo, targetTag)
+
+			// Skip if source and target are identical
+			if sourceFullImageName == targetFullImageName {
+				fmt.Printf("Source and target image names are identical: %s\n", sourceFullImageName)
+				taggedForPush[targetFullImageName] = true
+			} else {
+				// Tag the source image with the target name
+				fmt.Printf("Tagging %s as %s\n", sourceFullImageName, targetFullImageName)
+				tagCmd := exec.Command(buildahExe, "--storage-driver", "vfs", "tag", sourceFullImageName, targetFullImageName)
+				tagCmd.Stdout = os.Stdout
+				tagCmd.Stderr = os.Stderr
+				trace(tagCmd)
+				if err := tagCmd.Run(); err == nil {
+					taggedForPush[targetFullImageName] = true
+				} else {
+					fmt.Printf("Warning: Failed to tag %s as %s: %s\n", sourceFullImageName, targetFullImageName, err)
+				}
+			}
+		}
+	}
+
+	// If no images were tagged or found, we can't proceed
+	if len(taggedForPush) == 0 {
+		return fmt.Errorf("no images found or tagged for repository %s, cannot push", p.Build.Repo)
+	}
+
+	var cmds []*exec.Cmd
+
+	// Push all tagged images
+	for tag := range taggedForPush {
+		// Extract tag from the full image name
+		_, tagOnly, found := strings.Cut(tag, ":")
+		if !found {
+			continue
+		}
+
+		// Push the image if not in dry-run mode
+		if !p.Dryrun {
+			cmds = append(cmds, commandPush(p.Build, tagOnly))
+		}
+	}
+
+	// Execute all commands
+	for _, cmd := range cmds {
+		cmd.Stdout = os.Stdout
+		cmd.Stderr = os.Stderr
+		trace(cmd)
+		if err := cmd.Run(); err != nil {
+			return fmt.Errorf("command failed: %s", err)
+		}
+	}
+
+	return nil
+}
+
+
+
+// commandLoadTar creates a command to load an image from a tar file
+func commandLoadTar(tarPath string) *exec.Cmd {
+	return exec.Command(buildahExe, "--storage-driver", "vfs", "pull", "docker-archive:"+tarPath)
+}
+
+// commandImageExists creates a command to check if an image exists
+func commandImageExists(image string) *exec.Cmd {
+	return exec.Command(buildahExe, "inspect", "--storage-driver", "vfs", "--type", "image", image)
+}
+
+// commandSaveTar creates a command to save an image to a tar file
+func commandSaveTar(image string, tarPath string) *exec.Cmd {
+	return exec.Command(buildahExe, "push", "--storage-driver", "vfs", image, "docker-archive:"+tarPath)
+}
@@ -1,22 +1,12 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
-
-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
-
-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
-
-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+FROM quay.io/buildah/stable:v1.36.0

+# Set up the working directory
 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs

-# Add plugin binary
+# Add the plugin binary
 ADD release/linux/amd64/drone-docker /bin/
+
+# Set the entrypoint to the plugin binary
 ENTRYPOINT ["/bin/drone-docker"]
@@ -1,21 +1,39 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
+FROM fedora

-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
+RUN dnf -y install \
+    make \
+    golang \
+    bats \
+    btrfs-progs-devel \
+    device-mapper-devel \
+    glib2-devel \
+    gpgme-devel \
+    libassuan-devel \
+    libseccomp-devel \
+    git \
+    bzip2 \
+    go-md2man \
+    runc \
+    containers-common \
+    skopeo-containers

-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
+# Workaround - the first install somehow leaves the golang in a bad state
+RUN dnf -y install golang

-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+RUN mkdir /root/buildah && \
+    cd /root/buildah && \
+    git clone https://github.com/harness/buildah.git ./src/github.com/containers/buildah
+
+RUN cd /root/buildah/src/github.com/containers/buildah && make && sudo make install
+
+
+
+FROM quay.io/buildah/stable:v1.23.0

 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
+COPY --from=0 /root/buildah/src/github.com/containers/buildah/bin/. /bin/

 # Add plugin binary
 ADD release/linux/amd64/drone-docker /bin/
@@ -1,21 +1,39 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
+FROM fedora

-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
+RUN dnf -y install \
+    make \
+    golang \
+    bats \
+    btrfs-progs-devel \
+    device-mapper-devel \
+    glib2-devel \
+    gpgme-devel \
+    libassuan-devel \
+    libseccomp-devel \
+    git \
+    bzip2 \
+    go-md2man \
+    runc \
+    containers-common \
+    skopeo-containers

-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
+# Workaround - the first install somehow leaves the golang in a bad state
+RUN dnf -y install golang

-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+RUN mkdir /root/buildah && \
+    cd /root/buildah && \
+    git clone https://github.com/harness/buildah.git ./src/github.com/containers/buildah
+
+RUN cd /root/buildah/src/github.com/containers/buildah && make && sudo make install
+
+
+
+FROM quay.io/buildah/stable:v1.23.0

 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
+COPY --from=0 /root/buildah/src/github.com/containers/buildah/bin/. /bin/

 # Add plugin binary
 ADD release/linux/amd64/drone-docker /bin/
@@ -1,21 +1,39 @@
-# Source for dockerfile:
-# https://github.com/containers/buildah/blob/master/docs/tutorials/05-openshift-rootless-bud.md
-FROM quay.io/buildah/stable:v1.14.8
+FROM fedora

-RUN touch /etc/subgid /etc/subuid \
- && chmod g=u /etc/subgid /etc/subuid /etc/passwd \
- && echo build:10000:65536 > /etc/subuid \
- && echo build:10000:65536 > /etc/subgid
+RUN dnf -y install \
+    make \
+    golang \
+    bats \
+    btrfs-progs-devel \
+    device-mapper-devel \
+    glib2-devel \
+    gpgme-devel \
+    libassuan-devel \
+    libseccomp-devel \
+    git \
+    bzip2 \
+    go-md2man \
+    runc \
+    containers-common \
+    skopeo-containers

-# Use chroot since the default runc does not work when running rootless
-RUN echo "export BUILDAH_ISOLATION=chroot" >> /home/build/.bashrc
+# Workaround - the first install somehow leaves the golang in a bad state
+RUN dnf -y install golang

-# Use VFS since fuse does not work
-RUN mkdir -p /home/build/.config/containers \
- && echo "driver=\"vfs\"" > /home/build/.config/containers/storage.conf
+RUN mkdir /root/buildah && \
+    cd /root/buildah && \
+    git clone https://github.com/harness/buildah.git ./src/github.com/containers/buildah
+
+RUN cd /root/buildah/src/github.com/containers/buildah && make && sudo make install
+
+
+
+FROM quay.io/buildah/stable:v1.23.0

 USER build
 WORKDIR /home/build
+RUN export STORAGE_DRIVER=vfs
+COPY --from=0 /root/buildah/src/github.com/containers/buildah/bin/. /bin/

 # Add plugin binary
 ADD release/linux/amd64/drone-docker /bin/
@@ -1,13 +1,34 @@
 module github.com/drone-plugins/drone-buildah

 require (
-	github.com/aws/aws-sdk-go v1.26.7
+	github.com/aws/aws-sdk-go-v2 v1.41.2
+	github.com/aws/aws-sdk-go-v2/config v1.32.10
+	github.com/aws/aws-sdk-go-v2/credentials v1.19.10
+	github.com/aws/aws-sdk-go-v2/service/ecr v1.55.3
+	github.com/aws/aws-sdk-go-v2/service/sts v1.41.7
 	github.com/coreos/go-semver v0.2.0
 	github.com/joho/godotenv v1.3.0
 	github.com/sirupsen/logrus v1.3.0
 	github.com/urfave/cli v1.22.2
-	golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e // indirect
-	golang.org/x/text v0.3.0 // indirect
 )

-go 1.13
+require (
+	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.18 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.18 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.18 // indirect
+	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.5 // indirect
+	github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.18 // indirect
+	github.com/aws/aws-sdk-go-v2/service/signin v1.0.6 // indirect
+	github.com/aws/aws-sdk-go-v2/service/sso v1.30.11 // indirect
+	github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.15 // indirect
+	github.com/aws/smithy-go v1.24.1 // indirect
+	github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d // indirect
+	github.com/konsorten/go-windows-terminal-sequences v1.0.1 // indirect
+	github.com/russross/blackfriday/v2 v2.0.1 // indirect
+	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
+	golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 // indirect
+	golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33 // indirect
+)
+
+go 1.23
@@ -1,14 +1,40 @@
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/aws/aws-sdk-go v1.26.7 h1:ObjEnmzvSdYy8KVd3me7v/UMyCn81inLy2SyoIPoBkg=
-github.com/aws/aws-sdk-go v1.26.7/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
+github.com/aws/aws-sdk-go-v2 v1.41.2 h1:LuT2rzqNQsauaGkPK/7813XxcZ3o3yePY0Iy891T2ls=
+github.com/aws/aws-sdk-go-v2 v1.41.2/go.mod h1:IvvlAZQXvTXznUPfRVfryiG1fbzE2NGK6m9u39YQ+S4=
+github.com/aws/aws-sdk-go-v2/config v1.32.10 h1:9DMthfO6XWZYLfzZglAgW5Fyou2nRI5CuV44sTedKBI=
+github.com/aws/aws-sdk-go-v2/config v1.32.10/go.mod h1:2rUIOnA2JaiqYmSKYmRJlcMWy6qTj1vuRFscppSBMcw=
+github.com/aws/aws-sdk-go-v2/credentials v1.19.10 h1:EEhmEUFCE1Yhl7vDhNOI5OCL/iKMdkkYFTRpZXNw7m8=
+github.com/aws/aws-sdk-go-v2/credentials v1.19.10/go.mod h1:RnnlFCAlxQCkN2Q379B67USkBMu1PipEEiibzYN5UTE=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.18 h1:Ii4s+Sq3yDfaMLpjrJsqD6SmG/Wq/P5L/hw2qa78UAY=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.18.18/go.mod h1:6x81qnY++ovptLE6nWQeWrpXxbnlIex+4H4eYYGcqfc=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.18 h1:F43zk1vemYIqPAwhjTjYIz0irU2EY7sOb/F5eJ3HuyM=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.4.18/go.mod h1:w1jdlZXrGKaJcNoL+Nnrj+k5wlpGXqnNrKoP22HvAug=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.18 h1:xCeWVjj0ki0l3nruoyP2slHsGArMxeiiaoPN5QZH6YQ=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.7.18/go.mod h1:r/eLGuGCBw6l36ZRWiw6PaZwPXb6YOj+i/7MizNl5/k=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4 h1:WKuaxf++XKWlHWu9ECbMlha8WOEGm0OUEZqm4K/Gcfk=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.4/go.mod h1:ZWy7j6v1vWGmPReu0iSGvRiise4YI5SkR3OHKTZ6Wuc=
+github.com/aws/aws-sdk-go-v2/service/ecr v1.55.3 h1:RtGctYMmkTerGClvdY6bHXdtly4FeYw9wz/NPz62LF8=
+github.com/aws/aws-sdk-go-v2/service/ecr v1.55.3/go.mod h1:vBfBu24Ka3/5UZtepbTV0gnc9VPLT8ok+0oDDaYAzn4=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.5 h1:CeY9LUdur+Dxoeldqoun6y4WtJ3RQtzk0JMP2gfUay0=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.13.5/go.mod h1:AZLZf2fMaahW5s/wMRciu1sYbdsikT/UHwbUjOdEVTc=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.18 h1:LTRCYFlnnKFlKsyIQxKhJuDuA3ZkrDQMRYm6rXiHlLY=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.13.18/go.mod h1:XhwkgGG6bHSd00nO/mexWTcTjgd6PjuvWQMqSn2UaEk=
+github.com/aws/aws-sdk-go-v2/service/signin v1.0.6 h1:MzORe+J94I+hYu2a6XmV5yC9huoTv8NRcCrUNedDypQ=
+github.com/aws/aws-sdk-go-v2/service/signin v1.0.6/go.mod h1:hXzcHLARD7GeWnifd8j9RWqtfIgxj4/cAtIVIK7hg8g=
+github.com/aws/aws-sdk-go-v2/service/sso v1.30.11 h1:7oGD8KPfBOJGXiCoRKrrrQkbvCp8N++u36hrLMPey6o=
+github.com/aws/aws-sdk-go-v2/service/sso v1.30.11/go.mod h1:0DO9B5EUJQlIDif+XJRWCljZRKsAFKh3gpFz7UnDtOo=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.15 h1:edCcNp9eGIUDUCrzoCu1jWAXLGFIizeqkdkKgRlJwWc=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.35.15/go.mod h1:lyRQKED9xWfgkYC/wmmYfv7iVIM68Z5OQ88ZdcV1QbU=
+github.com/aws/aws-sdk-go-v2/service/sts v1.41.7 h1:NITQpgo9A5NrDZ57uOWj+abvXSb83BbyggcUBVksN7c=
+github.com/aws/aws-sdk-go-v2/service/sts v1.41.7/go.mod h1:sks5UWBhEuWYDPdwlnRFn1w7xWdH29Jcpe+/PJQefEs=
+github.com/aws/smithy-go v1.24.1 h1:VbyeNfmYkWoxMVpGUAbQumkODcYmfMRfZ8yQiH30SK0=
+github.com/aws/smithy-go v1.24.1/go.mod h1:LEj2LM3rBRQJxPZTB4KuzZkaZYnZPnvgIhb4pu07mx0=
 github.com/coreos/go-semver v0.2.0 h1:3Jm3tLmsgAYcjC+4Up7hJrFBPr+n7rAqYeSw/SZazuY=
 github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSYgptZMwQh2aRr3LuazLJIa+Pg3Kc1ylSYVY=
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
-github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
 github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1 h1:mweAR1A6xJ3oS2pRaGiHgQ4OO8tzTaLawm8vnODuwDk=
@@ -24,19 +50,12 @@ github.com/sirupsen/logrus v1.3.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPx
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/urfave/cli v1.20.0 h1:fDqGv3UG/4jbVl/QkFwEdddtEDjh/5Ov6X+0B/3bPaw=
-github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
 github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo=
 github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 h1:u+LnwYTOOW7Ukr/fppxEb1Nwz0AtPflrblfvUudpo+I=
 golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e h1:bRhVy7zSSasaqNksaRZiA5EEI+Ei4I1nO5Jh72wfHlg=
-golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33 h1:I6FyU15t786LL7oL/hn43zqTuEGr4PN7F4XJ1p4E3Y8=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
@@ -14,5 +14,4 @@ GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-gcr    ./cmd/drone
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-ecr    ./cmd/drone-ecr
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-docker ./cmd/drone-docker
 GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-acr    ./cmd/drone-acr
-GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-heroku   ./cmd/drone-heroku
-
+GOOS=linux GOARCH=amd64 go build -o release/linux/amd64/drone-heroku   ./cmd/drone-heroku
Author	SHA1	Message	Date
OP (oppenheimer)	93204d0eac	Merge pull request #14 from chhawchharia/CI-21342 CI-21342: migrate AWS SDK Go v1 to v2 for ECR service	2026-03-04 11:44:01 +05:30
Dhiraj Chhawchharia	ff538105f6	feat: [CI-21342]: Aws migrated and vulnerabilities fixed Made-with: Cursor	2026-03-02 15:52:31 -08:00
OP (oppenheimer)	f91fa71be0	Merge pull request #13 from drone-plugins/CI-18178 feat: [CI-18178]: Add tar save and load capability with Docker archive support for buildah plugin	2025-07-10 18:51:02 +05:30
Ompragash Viswanathan	a84121e813	Updated docker.go	2025-07-10 09:58:44 +05:30
Ompragash Viswanathan	291f18b59e	Updated docker.go	2025-07-09 20:37:24 +05:30
Ompragash Viswanathan	cb9793f014	Updated docker.go	2025-07-09 18:19:53 +05:30
Ompragash Viswanathan	f98d4c02f7	Updated docker.go	2025-07-09 17:02:57 +05:30
Ompragash Viswanathan	1b5c809703	Updated docker.go	2025-07-09 16:49:52 +05:30
Ompragash Viswanathan	5e1168c171	Updated docker.go	2025-07-09 13:39:05 +05:30
Ompragash Viswanathan	37d3008a9f	Updated docker.go	2025-07-09 12:56:43 +05:30
Ompragash Viswanathan	cd8c2ea2a5	Updated docker.go	2025-07-09 12:42:07 +05:30
Ompragash Viswanathan	1367829b3f	update buildah save command to use push with oci-archive format	2025-07-07 21:21:38 +05:30
Ompragash Viswanathan	c9f5cc5e37	feat: add push-only and tar path options for Docker image handling	2025-07-07 19:13:10 +05:30
OP (oppenheimer)	576fa63696	Merge pull request #11 from drone-plugins/CI-13848 CI-13848 - Fix "`GLIBC_2.34' not found" in buildah-docker	2024-08-22 23:18:02 +05:30
OP (oppenheimer)	0043db940d	Update Dockerfile.linux.amd64	2024-08-22 23:09:31 +05:30
OP (oppenheimer)	c99dbd8efa	Update Dockerfile.linux.amd64	2024-08-22 22:41:06 +05:30
TP Honey	018dd9ef61	Merge pull request #8 from tphoney/harness_move (maint) move to harness.drone.io	2022-12-07 14:01:27 +00:00
TP Honey	a6e0171dd5	(maint) move to harness.drone.io	2022-12-07 13:58:28 +00:00
TP Honey	8ad8465153	fix docs link	2022-05-31 12:00:36 +01:00
Shubham Agrawal	aacad6eca9	Merge pull request #5 from drone-plugins/layer-caching Support Buildah Layer caching	2021-10-21 23:33:36 +05:30
Jamie Li	3705ed06ac	change all dockerfile	2021-10-20 10:47:37 -04:00
Jamie Li	6d4ce8c5ac	two stage	2021-10-19 13:20:58 -04:00
Jamie Li	492e84d4b0	fix wrong file	2021-10-19 12:59:17 -04:00
Jamie Li	71af02818a	remove git username password	2021-10-19 12:41:00 -04:00
Jamie Li	39f70cdada	use single build file	2021-10-18 19:00:14 -04:00
Jamie Li	38f0f1bd3f	two stage building	2021-10-18 18:49:57 -04:00
Jamie Li	c8b68d31ab	use prebuilt binaries	2021-10-12 23:43:34 -04:00
Jamie Li	046362a937	add flags	2021-09-28 23:55:01 -04:00
Jamie Li	566cff614d	change dockerfile	2021-09-28 16:53:10 -04:00
Brad Rydzewski	cd4f459538	update readme [ci skip]	2021-06-29 18:47:52 -04:00
Brad Rydzewski	494d08375c	write auth.json file	2021-06-17 17:22:30 -04:00
Brad Rydzewski	904449e95e	Copy login stdout / stderr to console	2021-06-16 15:24:18 -04:00