mirror of
https://github.com/drone-plugins/drone-docker.git
synced 2026-06-04 18:24:24 +08:00
Add support for AAD auth for docker-acr (#395)
* Add support for AAD auth for docker-acr * Update go version --------- Co-authored-by: TP Honey <tp@harness.io>
This commit is contained in:
Rutvij Mehta
+26
-26
@@ -12,7 +12,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: vet
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- go vet ./...
|
||||
environment:
|
||||
@@ -22,7 +22,7 @@ steps:
|
||||
path: /go
|
||||
|
||||
- name: test
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- go test -cover ./...
|
||||
environment:
|
||||
@@ -55,7 +55,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: go build
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
environment:
|
||||
CGO_ENABLED: 0
|
||||
commands:
|
||||
@@ -146,7 +146,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: go build
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
environment:
|
||||
CGO_ENABLED: 0
|
||||
commands:
|
||||
@@ -234,7 +234,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/amd64/drone-docker ./cmd/drone-docker'
|
||||
environment:
|
||||
@@ -245,7 +245,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/amd64/drone-docker ./cmd/drone-docker'
|
||||
environment:
|
||||
@@ -255,7 +255,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: executable
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- ./release/linux/amd64/drone-docker --help
|
||||
|
||||
@@ -299,7 +299,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/arm64/drone-docker ./cmd/drone-docker'
|
||||
environment:
|
||||
@@ -310,7 +310,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/arm64/drone-docker ./cmd/drone-docker'
|
||||
environment:
|
||||
@@ -320,7 +320,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: executable
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- ./release/linux/arm64/drone-docker --help
|
||||
|
||||
@@ -399,7 +399,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/amd64/drone-gcr ./cmd/drone-gcr'
|
||||
environment:
|
||||
@@ -410,7 +410,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/amd64/drone-gcr ./cmd/drone-gcr'
|
||||
environment:
|
||||
@@ -459,7 +459,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/arm64/drone-gcr ./cmd/drone-gcr'
|
||||
environment:
|
||||
@@ -470,7 +470,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/arm64/drone-gcr ./cmd/drone-gcr'
|
||||
environment:
|
||||
@@ -554,7 +554,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/amd64/drone-ecr ./cmd/drone-ecr'
|
||||
environment:
|
||||
@@ -564,7 +564,7 @@ steps:
|
||||
exclude:
|
||||
- tag
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/amd64/drone-ecr ./cmd/drone-ecr'
|
||||
environment:
|
||||
@@ -612,7 +612,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/arm64/drone-ecr ./cmd/drone-ecr'
|
||||
environment:
|
||||
@@ -622,7 +622,7 @@ steps:
|
||||
exclude:
|
||||
- tag
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/arm64/drone-ecr ./cmd/drone-ecr'
|
||||
environment:
|
||||
@@ -705,7 +705,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/amd64/drone-heroku ./cmd/drone-heroku'
|
||||
environment:
|
||||
@@ -715,7 +715,7 @@ steps:
|
||||
exclude:
|
||||
- tag
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/amd64/drone-heroku ./cmd/drone-heroku'
|
||||
environment:
|
||||
@@ -764,7 +764,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/linux/arm64/drone-heroku ./cmd/drone-heroku'
|
||||
environment:
|
||||
@@ -774,7 +774,7 @@ steps:
|
||||
exclude:
|
||||
- tag
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/linux/arm64/drone-heroku ./cmd/drone-heroku'
|
||||
environment:
|
||||
@@ -855,7 +855,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.build=${DRONE_BUILD_NUMBER}" -a -tags netgo -o release/linux/amd64/drone-acr ./cmd/drone-acr'
|
||||
environment:
|
||||
@@ -865,7 +865,7 @@ steps:
|
||||
exclude:
|
||||
- tag
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}" -a -tags netgo -o release/linux/amd64/drone-acr ./cmd/drone-acr'
|
||||
environment:
|
||||
@@ -913,7 +913,7 @@ platform:
|
||||
|
||||
steps:
|
||||
- name: build-push
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.build=${DRONE_BUILD_NUMBER}" -a -tags netgo -o release/linux/arm64/drone-acr ./cmd/drone-acr'
|
||||
environment:
|
||||
@@ -924,7 +924,7 @@ steps:
|
||||
- tag
|
||||
|
||||
- name: build-tag
|
||||
image: golang:1.17
|
||||
image: golang:1.20
|
||||
commands:
|
||||
- 'go build -v -ldflags "-X main.version=${DRONE_TAG##v} -X main.build=${DRONE_BUILD_NUMBER}" -a -tags netgo -o release/linux/arm64/drone-acr ./cmd/drone-acr'
|
||||
environment:
|
||||
|
||||
@@ -1,17 +1,40 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"context"
|
||||
"encoding/base64"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"os"
|
||||
"os/exec"
|
||||
"strings"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
"github.com/joho/godotenv"
|
||||
"github.com/pkg/errors"
|
||||
"github.com/sirupsen/logrus"
|
||||
|
||||
docker "github.com/drone-plugins/drone-docker"
|
||||
)
|
||||
|
||||
const (
|
||||
acrCertPath = "/tmp/acr-cert.pem"
|
||||
azSubscriptionApiVersion = "2021-04-01"
|
||||
azSubscriptionBaseUrl = "https://management.azure.com/subscriptions/"
|
||||
basePublicUrl = "https://portal.azure.com/#view/Microsoft_Azure_ContainerRegistries/TagMetadataBlade/registryId/"
|
||||
defaultUsername = "00000000-0000-0000-0000-000000000000"
|
||||
|
||||
// Environment variable names for Azure Environment Credential
|
||||
clientIdEnv = "AZURE_CLIENT_ID"
|
||||
clientSecretKeyEnv = "AZURE_CLIENT_SECRET"
|
||||
tenantKeyEnv = "AZURE_TENANT_ID"
|
||||
certPathEnv = "AZURE_CLIENT_CERTIFICATE_PATH"
|
||||
)
|
||||
|
||||
func main() {
|
||||
// Load env-file if it exists first
|
||||
if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
|
||||
@@ -21,8 +44,19 @@ func main() {
|
||||
var (
|
||||
repo = getenv("PLUGIN_REPO")
|
||||
registry = getenv("PLUGIN_REGISTRY")
|
||||
|
||||
// If these credentials are provided, they will be directly used
|
||||
// for docker login
|
||||
username = getenv("SERVICE_PRINCIPAL_CLIENT_ID")
|
||||
password = getenv("SERVICE_PRINCIPAL_CLIENT_SECRET")
|
||||
|
||||
// Service principal credentials
|
||||
clientId = getenv("CLIENT_ID")
|
||||
clientSecret = getenv("CLIENT_SECRET")
|
||||
clientCert = getenv("CLIENT_CERTIFICATE")
|
||||
tenantId = getenv("TENANT_ID")
|
||||
subscriptionId = getenv("SUBSCRIPTION_ID")
|
||||
publicUrl = getenv("DAEMON_REGISTRY")
|
||||
)
|
||||
|
||||
// default registry value
|
||||
@@ -30,6 +64,17 @@ func main() {
|
||||
registry = "azurecr.io"
|
||||
}
|
||||
|
||||
// Get auth if username and password is not specified
|
||||
if username == "" && password == "" {
|
||||
// docker login credentials are not provided
|
||||
var err error
|
||||
username = defaultUsername
|
||||
password, publicUrl, err = getAuth(clientId, clientSecret, clientCert, tenantId, subscriptionId, registry)
|
||||
if err != nil {
|
||||
logrus.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
// must use the fully qualified repo name. If the
|
||||
// repo name does not have the registry prefix we
|
||||
// should prepend.
|
||||
@@ -42,6 +87,11 @@ func main() {
|
||||
os.Setenv("DOCKER_USERNAME", username)
|
||||
os.Setenv("DOCKER_PASSWORD", password)
|
||||
os.Setenv("PLUGIN_REGISTRY_TYPE", "ACR")
|
||||
if publicUrl != "" {
|
||||
// Set this env variable if public URL for artifact is available
|
||||
// If not, we will fall back to registry url
|
||||
os.Setenv("ARTIFACT_REGISTRY", publicUrl)
|
||||
}
|
||||
|
||||
// invoke the base docker plugin binary
|
||||
cmd := exec.Command(docker.GetDroneDockerExecCmd())
|
||||
@@ -53,6 +103,157 @@ func main() {
|
||||
}
|
||||
}
|
||||
|
||||
func getAuth(clientId, clientSecret, clientCert, tenantId, subscriptionId, registry string) (string, string, error) {
|
||||
// Verify inputs
|
||||
if tenantId == "" {
|
||||
return "", "", fmt.Errorf("tenantId cannot be empty for AAD authentication")
|
||||
}
|
||||
if clientId == "" {
|
||||
return "", "", fmt.Errorf("clientId cannot be empty for AAD authentication")
|
||||
}
|
||||
if clientSecret == "" && clientCert == "" {
|
||||
return "", "", fmt.Errorf("one of client secret or client cert should be defined")
|
||||
}
|
||||
|
||||
// Setup cert
|
||||
if clientCert != "" {
|
||||
err := setupACRCert(clientCert, acrCertPath)
|
||||
if err != nil {
|
||||
errors.Wrap(err, "failed to push setup cert file")
|
||||
}
|
||||
}
|
||||
|
||||
// Get AZ env
|
||||
if err := os.Setenv(clientIdEnv, clientId); err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to set env variable client Id")
|
||||
}
|
||||
if err := os.Setenv(clientSecretKeyEnv, clientSecret); err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to set env variable client secret")
|
||||
}
|
||||
if err := os.Setenv(tenantKeyEnv, tenantId); err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to set env variable tenant Id")
|
||||
}
|
||||
if err := os.Setenv(certPathEnv, acrCertPath); err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to set env variable cert path")
|
||||
}
|
||||
env, err := azidentity.NewEnvironmentCredential(nil)
|
||||
if err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to get env credentials from azure")
|
||||
}
|
||||
os.Unsetenv(clientIdEnv)
|
||||
os.Unsetenv(clientSecretKeyEnv)
|
||||
os.Unsetenv(tenantKeyEnv)
|
||||
os.Unsetenv(certPathEnv)
|
||||
|
||||
// Fetch AAD token
|
||||
policy := policy.TokenRequestOptions{
|
||||
Scopes: []string{"https://management.azure.com/.default"},
|
||||
}
|
||||
aadToken, err := env.GetToken(context.Background(), policy)
|
||||
if err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to fetch access token")
|
||||
}
|
||||
|
||||
// Get public URL for artifacts
|
||||
publicUrl, err := getPublicUrl(aadToken.Token, registry, subscriptionId)
|
||||
if err != nil {
|
||||
// execution should not fail because of this error
|
||||
fmt.Fprintf(os.Stderr, "failed to get public url with error: %s\n", err)
|
||||
}
|
||||
|
||||
// Fetch token
|
||||
ACRToken, err := fetchACRToken(tenantId, aadToken.Token, registry)
|
||||
if err != nil {
|
||||
return "", "", errors.Wrap(err, "failed to fetch ACR token")
|
||||
}
|
||||
return ACRToken, publicUrl, nil
|
||||
}
|
||||
|
||||
func fetchACRToken(tenantId, token, registry string) (string, error) {
|
||||
// oauth exchange
|
||||
formData := url.Values{
|
||||
"grant_type": {"access_token"},
|
||||
"service": {registry},
|
||||
"tenant": {tenantId},
|
||||
"access_token": {token},
|
||||
}
|
||||
jsonResponse, err := http.PostForm(fmt.Sprintf("https://%s/oauth2/exchange", registry), formData)
|
||||
if err != nil || jsonResponse == nil {
|
||||
return "", errors.Wrap(err, "failed to fetch ACR token")
|
||||
}
|
||||
|
||||
// fetch token from response
|
||||
var response map[string]interface{}
|
||||
err = json.NewDecoder(jsonResponse.Body).Decode(&response)
|
||||
if err != nil {
|
||||
return "", errors.Wrap(err, "failed to decode oauth exchange response")
|
||||
}
|
||||
|
||||
// Parse the refresh_token from the response
|
||||
if t, found := response["refresh_token"]; found {
|
||||
if refreshToken, ok := t.(string); ok {
|
||||
return refreshToken, nil
|
||||
}
|
||||
return "", errors.New("failed to cast refresh token from acr")
|
||||
}
|
||||
return "", errors.Wrap(err, "refresh token not found in response of oauth exchange call")
|
||||
}
|
||||
|
||||
func setupACRCert(cert, certPath string) error {
|
||||
decoded, err := base64.StdEncoding.DecodeString(cert)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "failed to base64 decode ACR certificate")
|
||||
}
|
||||
err = ioutil.WriteFile(certPath, decoded, 0644)
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "failed to write ACR certificate")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func getPublicUrl(token, registryUrl, subscriptionId string) (string, error) {
|
||||
if len(subscriptionId) == 0 || registryUrl == "" {
|
||||
return "", nil
|
||||
}
|
||||
|
||||
registry := strings.Split(registryUrl, ".")[0]
|
||||
filter := fmt.Sprintf("resourceType eq 'Microsoft.ContainerRegistry/registries' and name eq '%s'", registry)
|
||||
params := url.Values{}
|
||||
params.Add("$filter", filter)
|
||||
params.Add("api-version", azSubscriptionApiVersion)
|
||||
params.Add("$select", "id")
|
||||
url := azSubscriptionBaseUrl + subscriptionId + "/resources?" + params.Encode()
|
||||
|
||||
client := &http.Client{}
|
||||
req, err := http.NewRequest("GET", url, nil)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return "", errors.Wrap(err, "failed to create request for getting container registry setting")
|
||||
}
|
||||
|
||||
req.Header.Add("Authorization", "Bearer "+token)
|
||||
res, err := client.Do(req)
|
||||
if err != nil {
|
||||
fmt.Println(err)
|
||||
return "", errors.Wrap(err, "failed to send request for getting container registry setting")
|
||||
}
|
||||
defer res.Body.Close()
|
||||
|
||||
var response subscriptionUrlResponse
|
||||
err = json.NewDecoder(res.Body).Decode(&response)
|
||||
if err != nil {
|
||||
return "", errors.Wrap(err, "failed to send request for getting container registry setting")
|
||||
}
|
||||
if len(response.Value) == 0 {
|
||||
return "", errors.New("no id present for base url")
|
||||
}
|
||||
return basePublicUrl + encodeParam(response.Value[0].ID), nil
|
||||
}
|
||||
|
||||
func encodeParam(s string) string {
|
||||
return url.QueryEscape(s)
|
||||
}
|
||||
|
||||
func getenv(key ...string) (s string) {
|
||||
for _, k := range key {
|
||||
s = os.Getenv(k)
|
||||
@@ -62,3 +263,9 @@ func getenv(key ...string) (s string) {
|
||||
}
|
||||
return
|
||||
}
|
||||
|
||||
type subscriptionUrlResponse struct {
|
||||
Value []struct {
|
||||
ID string `json:"id"`
|
||||
} `json:"value"`
|
||||
}
|
||||
|
||||
+21
-14
@@ -112,6 +112,12 @@ func main() {
|
||||
Usage: "don't start the docker daemon",
|
||||
EnvVar: "PLUGIN_DAEMON_OFF",
|
||||
},
|
||||
cli.StringFlag{
|
||||
Name: "artifact.registry",
|
||||
Usage: "artifact registry",
|
||||
Value: "https://index.docker.io/v1/",
|
||||
EnvVar: "ARTIFACT_REGISTRY,PLUGIN_REGISTRY,DOCKER_REGISTRY",
|
||||
},
|
||||
cli.StringFlag{
|
||||
Name: "dockerfile",
|
||||
Usage: "build dockerfile",
|
||||
@@ -346,20 +352,21 @@ func run(c *cli.Context) error {
|
||||
SSHAgentKey: c.String("ssh-agent-key"),
|
||||
},
|
||||
Daemon: docker.Daemon{
|
||||
Registry: c.String("docker.registry"),
|
||||
Mirror: c.String("daemon.mirror"),
|
||||
StorageDriver: c.String("daemon.storage-driver"),
|
||||
StoragePath: c.String("daemon.storage-path"),
|
||||
Insecure: c.Bool("daemon.insecure"),
|
||||
Disabled: c.Bool("daemon.off"),
|
||||
IPv6: c.Bool("daemon.ipv6"),
|
||||
Debug: c.Bool("daemon.debug"),
|
||||
Bip: c.String("daemon.bip"),
|
||||
DNS: c.StringSlice("daemon.dns"),
|
||||
DNSSearch: c.StringSlice("daemon.dns-search"),
|
||||
MTU: c.String("daemon.mtu"),
|
||||
Experimental: c.Bool("daemon.experimental"),
|
||||
RegistryType: registryType,
|
||||
Registry: c.String("docker.registry"),
|
||||
Mirror: c.String("daemon.mirror"),
|
||||
StorageDriver: c.String("daemon.storage-driver"),
|
||||
StoragePath: c.String("daemon.storage-path"),
|
||||
Insecure: c.Bool("daemon.insecure"),
|
||||
Disabled: c.Bool("daemon.off"),
|
||||
IPv6: c.Bool("daemon.ipv6"),
|
||||
Debug: c.Bool("daemon.debug"),
|
||||
Bip: c.String("daemon.bip"),
|
||||
DNS: c.StringSlice("daemon.dns"),
|
||||
DNSSearch: c.StringSlice("daemon.dns-search"),
|
||||
MTU: c.String("daemon.mtu"),
|
||||
Experimental: c.Bool("daemon.experimental"),
|
||||
RegistryType: registryType,
|
||||
ArtifactRegistry: c.String("artifact.registry"),
|
||||
},
|
||||
}
|
||||
|
||||
|
||||
@@ -16,20 +16,21 @@ import (
|
||||
type (
|
||||
// Daemon defines Docker daemon parameters.
|
||||
Daemon struct {
|
||||
Registry string // Docker registry
|
||||
Mirror string // Docker registry mirror
|
||||
Insecure bool // Docker daemon enable insecure registries
|
||||
StorageDriver string // Docker daemon storage driver
|
||||
StoragePath string // Docker daemon storage path
|
||||
Disabled bool // DOcker daemon is disabled (already running)
|
||||
Debug bool // Docker daemon started in debug mode
|
||||
Bip string // Docker daemon network bridge IP address
|
||||
DNS []string // Docker daemon dns server
|
||||
DNSSearch []string // Docker daemon dns search domain
|
||||
MTU string // Docker daemon mtu setting
|
||||
IPv6 bool // Docker daemon IPv6 networking
|
||||
Experimental bool // Docker daemon enable experimental mode
|
||||
RegistryType drone.RegistryType // Docker registry type
|
||||
Registry string // Docker registry
|
||||
Mirror string // Docker registry mirror
|
||||
Insecure bool // Docker daemon enable insecure registries
|
||||
StorageDriver string // Docker daemon storage driver
|
||||
StoragePath string // Docker daemon storage path
|
||||
Disabled bool // DOcker daemon is disabled (already running)
|
||||
Debug bool // Docker daemon started in debug mode
|
||||
Bip string // Docker daemon network bridge IP address
|
||||
DNS []string // Docker daemon dns server
|
||||
DNSSearch []string // Docker daemon dns search domain
|
||||
MTU string // Docker daemon mtu setting
|
||||
IPv6 bool // Docker daemon IPv6 networking
|
||||
Experimental bool // Docker daemon enable experimental mode
|
||||
RegistryType drone.RegistryType // Docker registry type
|
||||
ArtifactRegistry string // Docker registry where artifact can be viewed
|
||||
}
|
||||
|
||||
// Login defines Docker login parameters.
|
||||
@@ -231,7 +232,9 @@ func (p Plugin) Exec() error {
|
||||
|
||||
if p.ArtifactFile != "" {
|
||||
if digest, err := getDigest(p.Build.TempTag); err == nil {
|
||||
if err = drone.WritePluginArtifactFile(p.Daemon.RegistryType, p.ArtifactFile, p.Daemon.Registry, p.Build.Repo, digest, p.Build.Tags); err != nil {
|
||||
// ArtifactRegistry here will be read from env variable ARTIFACT_REGISTRY (valid for ACR). If this env
|
||||
// variable is not present, it'll be read from PLUGIN_REGISTRY then finally DOCKER_REGISTRY both are valid for docker / ecr / gcr / heroku.
|
||||
if err = drone.WritePluginArtifactFile(p.Daemon.RegistryType, p.ArtifactFile, p.Daemon.ArtifactRegistry, p.Build.Repo, digest, p.Build.Tags); err != nil {
|
||||
fmt.Printf("failed to write plugin artifact file at path: %s with error: %s\n", p.ArtifactFile, err)
|
||||
}
|
||||
} else {
|
||||
|
||||
@@ -1,24 +1,34 @@
|
||||
module github.com/drone-plugins/drone-docker
|
||||
|
||||
require (
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0
|
||||
github.com/aws/aws-sdk-go v1.26.7
|
||||
github.com/coreos/go-semver v0.3.0
|
||||
github.com/dchest/uniuri v1.2.0
|
||||
github.com/drone-plugins/drone-plugin-lib v0.4.1
|
||||
github.com/drone/drone-go v1.7.1
|
||||
github.com/inhies/go-bytesize v0.0.0-20210819104631-275770b98743
|
||||
github.com/joho/godotenv v1.3.0
|
||||
github.com/pkg/errors v0.9.1
|
||||
github.com/sirupsen/logrus v1.9.0
|
||||
github.com/urfave/cli v1.22.2
|
||||
)
|
||||
|
||||
require (
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 // indirect
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 // indirect
|
||||
github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
|
||||
github.com/dchest/uniuri v1.2.0 // indirect
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
|
||||
github.com/google/uuid v1.3.0 // indirect
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af // indirect
|
||||
github.com/kylelemons/godebug v1.1.0 // indirect
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 // indirect
|
||||
github.com/russross/blackfriday/v2 v2.1.0 // indirect
|
||||
golang.org/x/sys v0.0.0-20220731174439-a90be440212d // indirect
|
||||
gopkg.in/yaml.v2 v2.2.8 // indirect
|
||||
gopkg.in/yaml.v3 v3.0.1 // indirect
|
||||
golang.org/x/crypto v0.7.0 // indirect
|
||||
golang.org/x/net v0.8.0 // indirect
|
||||
golang.org/x/sys v0.6.0 // indirect
|
||||
golang.org/x/text v0.8.0 // indirect
|
||||
)
|
||||
|
||||
go 1.17
|
||||
go 1.20
|
||||
|
||||
@@ -1,6 +1,13 @@
|
||||
github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e/go.mod h1:Xa6lInWHNQnuWoF0YPSsx+INFA9qk7/7pTjwb3PInkY=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0 h1:8kDqDngH+DmVBiCtIjCFTGa7MBnsIOkF9IccInFEbjk=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.6.0/go.mod h1:bjGvMhVMb+EEm3VRNQawDMUyMMjo+S5ewNjflkep/0Q=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0 h1:vcYCAze6p19qBW7MhZybIsqD8sMV8js0NyQM8JDnVtg=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.3.0/go.mod h1:OQeznEEkTZ9OrhHJoDD8ZDq51FHgXjqtP9z6bEwBq9U=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0 h1:sXr+ck84g/ZlZUOZiNELInmMgOsuGwdjjVkEIde0OtY=
|
||||
github.com/Azure/azure-sdk-for-go/sdk/internal v1.3.0/go.mod h1:okt5dMMTOFjX/aovMlrjvvXoPMBVSPzk9185BT0+eZM=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0 h1:OBhqkivkhkMqLPymWEppkm7vgPQY2XsHoEkaMQ0AdZY=
|
||||
github.com/AzureAD/microsoft-authentication-library-for-go v1.0.0/go.mod h1:kgDmCTgBzIEPFElEF+FK0SdjAor06dRq2Go927dnQ6o=
|
||||
github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
|
||||
github.com/BurntSushi/toml v1.2.1/go.mod h1:CxXYINrC8qIiEnFrOxCa7Jy5BFHlXnUU2pbicEuybxQ=
|
||||
github.com/aws/aws-sdk-go v1.26.7 h1:ObjEnmzvSdYy8KVd3me7v/UMyCn81inLy2SyoIPoBkg=
|
||||
github.com/aws/aws-sdk-go v1.26.7/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
|
||||
github.com/coreos/go-semver v0.3.0 h1:wkHLiw0WNATZnSG7epLsujiMCgPAc9xhjJ4tgnAxmfM=
|
||||
@@ -13,18 +20,29 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
|
||||
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
|
||||
github.com/dchest/uniuri v1.2.0 h1:koIcOUdrTIivZgSLhHQvKgqdWZq5d7KdMEWF1Ud6+5g=
|
||||
github.com/dchest/uniuri v1.2.0/go.mod h1:fSzm4SLHzNZvWLvWJew423PhAzkpNQYq+uNLq4kxhkY=
|
||||
github.com/dnaeon/go-vcr v1.2.0 h1:zHCHvJYTMh1N7xnV7zf1m1GPBF9Ad0Jk/whtQ1663qI=
|
||||
github.com/drone-plugins/drone-plugin-lib v0.4.1 h1:47rZlmcMpr1hSp+6Gl+1Z4t+efi/gMQU3lxukC1Yg64=
|
||||
github.com/drone-plugins/drone-plugin-lib v0.4.1/go.mod h1:KwCu92jFjHV3xv2hu5Qg/8zBNvGwbhoJDQw/EwnTvoM=
|
||||
github.com/drone/drone-go v1.7.1 h1:ZX+3Rs8YHUSUQ5mkuMLmm1zr1ttiiE2YGNxF3AnyDKw=
|
||||
github.com/drone/drone-go v1.7.1/go.mod h1:fxCf9jAnXDZV1yDr0ckTuWd1intvcQwfJmTRpTZ1mXg=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
|
||||
github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
|
||||
github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ=
|
||||
github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
|
||||
github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
|
||||
github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
|
||||
github.com/inhies/go-bytesize v0.0.0-20210819104631-275770b98743 h1:X3Xxno5Ji8idrNiUoFc7QyXpqhSYlDRYQmc7mlpMBzU=
|
||||
github.com/inhies/go-bytesize v0.0.0-20210819104631-275770b98743/go.mod h1:KrtyD5PFj++GKkFS/7/RRrfnRhAMGQwy75GLCHWrCNs=
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
|
||||
github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
|
||||
github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
|
||||
github.com/joho/godotenv v1.3.0/go.mod h1:7hK45KPybAkOC6peb+G5yklZfMxEjkZhHbwpqxOKXbg=
|
||||
github.com/kylelemons/godebug v1.1.0 h1:RPNrshWIDI6G2gRW9EHilWtl7Z6Sb1BR0xunSBf0SNc=
|
||||
github.com/kylelemons/godebug v1.1.0/go.mod h1:9/0rRGxNHcop5bhtWyNeEfOS8JIWk580+fNqagV/RAw=
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8 h1:KoWmjvw+nsYOo29YJK9vDA65RGE3NrOnUtO7a+RF9HU=
|
||||
github.com/pkg/browser v0.0.0-20210911075715-681adbf594b8/go.mod h1:HKlIX3XHQyzLZPlr7++PzdhaXEj94dEiJgZDTsxEqUI=
|
||||
github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
|
||||
github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
|
||||
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
|
||||
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
|
||||
github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
|
||||
@@ -38,15 +56,18 @@ github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5Cc
|
||||
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
|
||||
github.com/urfave/cli v1.22.2 h1:gsqYFH8bb9ekPA12kRo0hfjngWQjkJPlN9R0N78BoUo=
|
||||
github.com/urfave/cli v1.22.2/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
|
||||
github.com/urfave/cli/v2 v2.23.6/go.mod h1:GHupkWPMM0M/sj1a2b4wUrWBPzazNrIjouW6fmdJLxc=
|
||||
github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673/go.mod h1:N3UwUGtsrSj3ccvlPHLoLsHnpR27oXr4ZE984MbSER8=
|
||||
golang.org/x/crypto v0.7.0 h1:AvwMYaRytfdeVt3u6mLaxYtErKYjxA2OXjJ1HHq6t3A=
|
||||
golang.org/x/crypto v0.7.0/go.mod h1:pYwdfH91IfpZVANVyUOhSIPZaFoJGxTFbZhFTx+dXZU=
|
||||
golang.org/x/net v0.8.0 h1:Zrh2ngAOFYneWTAIAPethzeaQLuHwhuBkuV6ZiRnUaQ=
|
||||
golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
|
||||
golang.org/x/sys v0.0.0-20210616045830-e2b7044e8c71/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.0.0-20220731174439-a90be440212d h1:Sv5ogFZatcgIMMtBSTTAgMYsicp25MXBubjXNDKwm80=
|
||||
golang.org/x/sys v0.0.0-20220731174439-a90be440212d/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
|
||||
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
|
||||
golang.org/x/text v0.8.0 h1:57P1ETyNKtuIjB4SRd15iJxuhj8Gc416Y78H3qgMh68=
|
||||
golang.org/x/text v0.8.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8=
|
||||
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
|
||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
|
||||
gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||
gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
|
||||
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
|
||||
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
|
||||
|
||||
Reference in New Issue
Block a user