fix windows drone yml (#388)

Add option to mount host ssh agent (--ssh)

.drone.jsonnet

@@ -1,50 +0,0 @@
-local pipeline = import 'pipeline.libsonnet';
-
-[
-  pipeline.test('linux', 'amd64'),
-
-  pipeline.build('docker', 'linux', 'amd64'),
-  pipeline.build('docker', 'linux', 'arm64'),
-  pipeline.build('docker', 'linux', 'arm'),
-  pipeline.notifications('docker', depends_on=[
-    'linux-amd64',
-    'linux-arm64',
-    'linux-arm',
-  ]),
-
-  pipeline.build('gcr', 'linux', 'amd64'),
-  pipeline.build('gcr', 'linux', 'arm64'),
-  pipeline.build('gcr', 'linux', 'arm'),
-  pipeline.notifications('gcr', depends_on=[
-    'linux-amd64',
-    'linux-arm64',
-    'linux-arm',
-  ]),
-
-  pipeline.build('acr', 'linux', 'amd64'),
-  pipeline.build('acr', 'linux', 'arm64'),
-  pipeline.build('acr', 'linux', 'arm'),
-  pipeline.notifications('acr', depends_on=[
-    'linux-amd64',
-    'linux-arm64',
-    'linux-arm',
-  ]),
-
-  pipeline.build('ecr', 'linux', 'amd64'),
-  pipeline.build('ecr', 'linux', 'arm64'),
-  pipeline.build('ecr', 'linux', 'arm'),
-  pipeline.notifications('ecr', depends_on=[
-    'linux-amd64',
-    'linux-arm64',
-    'linux-arm',
-  ]),
-
-  pipeline.build('heroku', 'linux', 'amd64'),
-  pipeline.build('heroku', 'linux', 'arm64'),
-  pipeline.build('heroku', 'linux', 'arm'),
-  pipeline.notifications('heroku', depends_on=[
-    'linux-amd64',
-    'linux-arm64',
-    'linux-arm',
-  ]),
-]

.gitignore

@@ -1,3 +1,5 @@
 release
 coverage.out
 vendor
+.vscode/
+Dockerfile

CHANGELOG.md

@@ -1,11 +1,82 @@
 # Changelog
 
-## [v20.10.9](https://github.com/drone-plugins/drone-docker/tree/v20.10.9) (2021-11-02)
+## [v20.14.0](https://github.com/drone-plugins/drone-docker/tree/v20.14.0) (2022-11-17)
+
+[Full Changelog](https://github.com/drone-plugins/drone-docker/compare/v20.13.0...v20.14.0)
+
+**Implemented enhancements:**
+
+- Add support for docker --platform flag [\#376](https://github.com/drone-plugins/drone-docker/pull/376) ([tphoney](https://github.com/tphoney))
+
+**Fixed bugs:**
+
+- Use full path to docker when creating card [\#373](https://github.com/drone-plugins/drone-docker/pull/373) ([donny-dont](https://github.com/donny-dont))
+
+## [v20.13.0](https://github.com/drone-plugins/drone-docker/tree/v20.13.0) (2022-06-08)
+
+[Full Changelog](https://github.com/drone-plugins/drone-docker/compare/v20.12.0...v20.13.0)
+
+**Implemented enhancements:**
+
+- update docker linux amd64/arm64 to 20.10.14 [\#365](https://github.com/drone-plugins/drone-docker/pull/365) ([tphoney](https://github.com/tphoney))
+
+**Merged pull requests:**
+
+- v20.13.0 prep [\#367](https://github.com/drone-plugins/drone-docker/pull/367) ([tphoney](https://github.com/tphoney))
+
+## [v20.12.0](https://github.com/drone-plugins/drone-docker/tree/v20.12.0) (2022-05-16)
+
+[Full Changelog](https://github.com/drone-plugins/drone-docker/compare/v20.11.0...v20.12.0)
+
+**Implemented enhancements:**
+
+- Add support for multiple Buildkit secrets with env vars or files as source [\#359](https://github.com/drone-plugins/drone-docker/pull/359) ([ste93cry](https://github.com/ste93cry))
+- \(DRON-237\) cards add link to image repo, minor cleanup [\#358](https://github.com/drone-plugins/drone-docker/pull/358) ([tphoney](https://github.com/tphoney))
+- \(DRON-232\) enable build-kit for secrets consumption [\#356](https://github.com/drone-plugins/drone-docker/pull/356) ([tphoney](https://github.com/tphoney))
+
+**Fixed bugs:**
+
+- \(fix\) Update card.json with UX [\#355](https://github.com/drone-plugins/drone-docker/pull/355) ([tphoney](https://github.com/tphoney))
+
+**Merged pull requests:**
+
+- prep for v20.12.0 [\#363](https://github.com/drone-plugins/drone-docker/pull/363) ([tphoney](https://github.com/tphoney))
+
+## [v20.11.0](https://github.com/drone-plugins/drone-docker/tree/v20.11.0) (2022-01-19)
+
+[Full Changelog](https://github.com/drone-plugins/drone-docker/compare/v20.10.9.1...v20.11.0)
+
+**Merged pull requests:**
+
+- new release to fix window semver error [\#354](https://github.com/drone-plugins/drone-docker/pull/354) ([eoinmcafee00](https://github.com/eoinmcafee00))
+- \(feat\) publish docker data to create drone card [\#347](https://github.com/drone-plugins/drone-docker/pull/347) ([eoinmcafee00](https://github.com/eoinmcafee00))
+
+## [v20.10.9.1](https://github.com/drone-plugins/drone-docker/tree/v20.10.9.1) (2022-01-13)
+
+[Full Changelog](https://github.com/drone-plugins/drone-docker/compare/v20.10.9...v20.10.9.1)
+
+**Implemented enhancements:**
+
+- Serialize windows 1809 pipelines [\#348](https://github.com/drone-plugins/drone-docker/pull/348) ([shubham149](https://github.com/shubham149))
+- Support for windows images for tags [\#346](https://github.com/drone-plugins/drone-docker/pull/346) ([shubham149](https://github.com/shubham149))
+
+**Fixed bugs:**
+
+- Fix ECR & GCR docker publish on windows [\#352](https://github.com/drone-plugins/drone-docker/pull/352) ([shubham149](https://github.com/shubham149))
+- Fix windows docker builds [\#351](https://github.com/drone-plugins/drone-docker/pull/351) ([shubham149](https://github.com/shubham149))
+- Fix powershell script to publish windows images [\#350](https://github.com/drone-plugins/drone-docker/pull/350) ([shubham149](https://github.com/shubham149))
+
+**Merged pull requests:**
+
+- release prep for 20.10.9.1 [\#353](https://github.com/drone-plugins/drone-docker/pull/353) ([eoinmcafee00](https://github.com/eoinmcafee00))
+
+## [v20.10.9](https://github.com/drone-plugins/drone-docker/tree/v20.10.9) (2021-11-03)
 
 [Full Changelog](https://github.com/drone-plugins/drone-docker/compare/v19.03.9...v20.10.9)
 
 **Merged pull requests:**
 
+- bump to version 20.10.9: [\#342](https://github.com/drone-plugins/drone-docker/pull/342) ([eoinmcafee00](https://github.com/eoinmcafee00))
 - Upgrade Docker dind to 20.10.9 for 64bit platforms [\#334](https://github.com/drone-plugins/drone-docker/pull/334) ([gzm0](https://github.com/gzm0))
 
 ## [v19.03.9](https://github.com/drone-plugins/drone-docker/tree/v19.03.9) (2021-10-13)

README.md

@@ -62,6 +62,46 @@ docker build \
 
 > Notice: Be aware that the Docker plugin currently requires privileged capabilities, otherwise the integrated Docker daemon is not able to start.
 
+### Using Docker buildkit Secrets
+
+```yaml
+kind: pipeline
+name: default
+
+steps:
+- name: build dummy docker file and publish
+  image: plugins/docker
+  pull: never
+  settings:
+    repo: tphoney/test
+    tags: latest
+    secret: id=mysecret,src=secret-file
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+```
+
+Using a dockerfile that references the secret-file 
+
+```bash
+# syntax=docker/dockerfile:1.2
+
+FROM alpine
+
+# shows secret from default secret location:
+RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret
+```
+
+and a secret file called secret-file
+
+```
+COOL BANANAS
+```
+
+
+### Running from the CLI
+
 ```console
 docker run --rm \
   -e PLUGIN_TAG=latest \
@@ -73,6 +113,11 @@ docker run --rm \
   plugins/docker --dry-run
 ```
 
+## Developer Notes
+
+- When updating the base image, you will need to update for each architecture and OS.
+- Arm32 base images are no longer being updated.
+
 ## Release procedure
 
 Run the changelog generator.
@@ -91,4 +136,4 @@ Run the changelog generator again with the future version according to semver.
 docker run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-plugins -p drone-docker -t <secret token> --future-release v1.0.0
 ```
 
-Create your pull request for the release. Get it merged then tag the release.
+Create your pull request for the release. Get it merged then tag the release.

card.go

@@ -0,0 +1,88 @@
+package docker
+
+import (
+	"encoding/base64"
+	"encoding/json"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"os"
+	"os/exec"
+	"path"
+	"strings"
+	"time"
+
+	"github.com/drone/drone-go/drone"
+
+	"github.com/inhies/go-bytesize"
+)
+
+func (p Plugin) writeCard() error {
+	cmd := exec.Command(dockerExe, "inspect", p.Build.Name)
+	data, err := cmd.CombinedOutput()
+	if err != nil {
+		return err
+	}
+
+	out := Card{}
+	if err := json.Unmarshal(data, &out); err != nil {
+		return err
+	}
+
+	inspect := out[0]
+	inspect.SizeString = fmt.Sprint(bytesize.New(float64(inspect.Size)))
+	inspect.VirtualSizeString = fmt.Sprint(bytesize.New(float64(inspect.VirtualSize)))
+	inspect.Time = fmt.Sprint(inspect.Metadata.LastTagTime.Format(time.RFC3339))
+	// change slice of tags to slice of TagStruct
+	var sliceTagStruct []TagStruct
+	for _, tag := range inspect.RepoTags {
+		sliceTagStruct = append(sliceTagStruct, TagStruct{Tag: tag})
+	}
+	inspect.ParsedRepoTags = sliceTagStruct[1:] // remove the first tag which is always "hash:latest"
+	// create the url from repo and registry
+	inspect.URL = mapRegistryToURL(p.Daemon.Registry, p.Build.Repo)
+	cardData, _ := json.Marshal(inspect)
+
+	card := drone.CardInput{
+		Schema: "https://drone-plugins.github.io/drone-docker/card.json",
+		Data:   cardData,
+	}
+
+	writeCard(p.CardPath, &card)
+	return nil
+}
+
+func writeCard(path string, card interface{}) {
+	data, _ := json.Marshal(card)
+	switch {
+	case path == "/dev/stdout":
+		writeCardTo(os.Stdout, data)
+	case path == "/dev/stderr":
+		writeCardTo(os.Stderr, data)
+	case path != "":
+		ioutil.WriteFile(path, data, 0644)
+	}
+}
+
+func writeCardTo(out io.Writer, data []byte) {
+	encoded := base64.StdEncoding.EncodeToString(data)
+	io.WriteString(out, "\u001B]1338;")
+	io.WriteString(out, encoded)
+	io.WriteString(out, "\u001B]0m")
+	io.WriteString(out, "\n")
+}
+
+func mapRegistryToURL(registry, repo string) (url string) {
+	url = "https://"
+	var domain string
+	if strings.Contains(registry, "amazonaws.com") {
+		domain = "gallery.ecr.aws/"
+	} else if strings.Contains(registry, "gcr.io") {
+		domain = "console.cloud.google.com/gcr/images"
+	} else {
+		// default to docker hub
+		domain = "hub.docker.com/r/"
+	}
+	url = path.Join(url, domain, repo)
+	return url
+}

cmd/drone-acr/main.go

@@ -7,6 +7,9 @@ import (
 	"strings"
 
 	"github.com/joho/godotenv"
+	"github.com/sirupsen/logrus"
+
+	docker "github.com/drone-plugins/drone-docker"
 )
 
 func main() {
@@ -40,12 +43,12 @@ func main() {
 	os.Setenv("DOCKER_PASSWORD", password)
 
 	// invoke the base docker plugin binary
-	cmd := exec.Command("drone-docker")
+	cmd := exec.Command(docker.GetDroneDockerExecCmd())
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	err := cmd.Run()
 	if err != nil {
-		os.Exit(1)
+		logrus.Fatal(err)
 	}
 }
 

cmd/drone-docker/main.go

@@ -2,6 +2,7 @@ package main
 
 import (
 	"os"
+	"runtime"
 
 	"github.com/joho/godotenv"
 	"github.com/sirupsen/logrus"
@@ -248,6 +249,36 @@ func main() {
 			Usage:  "additional host:IP mapping",
 			EnvVar: "PLUGIN_ADD_HOST",
 		},
+		cli.StringFlag{
+			Name:   "secret",
+			Usage:  "secret key value pair eg id=MYSECRET",
+			EnvVar: "PLUGIN_SECRET",
+		},
+		cli.StringSliceFlag{
+			Name:   "secrets-from-env",
+			Usage:  "secret key value pair eg secret_name=secret",
+			EnvVar: "PLUGIN_SECRETS_FROM_ENV",
+		},
+		cli.StringSliceFlag{
+			Name:   "secrets-from-file",
+			Usage:  "secret key value pairs eg secret_name=/path/to/secret",
+			EnvVar: "PLUGIN_SECRETS_FROM_FILE",
+		},
+		cli.StringFlag{
+			Name:   "drone-card-path",
+			Usage:  "card path location to write to",
+			EnvVar: "DRONE_CARD_PATH",
+		},
+		cli.StringFlag{
+			Name:   "platform",
+			Usage:  "platform value to pass to docker",
+			EnvVar: "PLUGIN_PLATFORM",
+		},
+		cli.StringFlag{
+			Name:   "ssh-agent-key",
+			Usage:  "ssh agent key to use",
+			EnvVar: "PLUGIN_SSH_AGENT_KEY",
+		},
 	}
 
 	if err := app.Run(os.Args); err != nil {
@@ -266,27 +297,33 @@ func run(c *cli.Context) error {
 			Email:    c.String("docker.email"),
 			Config:   c.String("docker.config"),
 		},
+		CardPath: c.String("drone-card-path"),
 		Build: docker.Build{
-			Remote:        c.String("remote.url"),
-			Name:          c.String("commit.sha"),
-			Dockerfile:    c.String("dockerfile"),
-			Context:       c.String("context"),
-			Tags:          c.StringSlice("tags"),
-			Args:          c.StringSlice("args"),
-			ArgsEnv:       c.StringSlice("args-from-env"),
-			Target:        c.String("target"),
-			Squash:        c.Bool("squash"),
-			Pull:          c.BoolT("pull-image"),
-			CacheFrom:     c.StringSlice("cache-from"),
-			Compress:      c.Bool("compress"),
-			Repo:          c.String("repo"),
-			Labels:        c.StringSlice("custom-labels"),
-			LabelSchema:   c.StringSlice("label-schema"),
-			AutoLabel:     c.BoolT("auto-label"),
-			Link:          c.String("link"),
-			NoCache:       c.Bool("no-cache"),
-			AddHost:       c.StringSlice("add-host"),
-			Quiet:         c.Bool("quiet"),
+			Remote:      c.String("remote.url"),
+			Name:        c.String("commit.sha"),
+			Dockerfile:  c.String("dockerfile"),
+			Context:     c.String("context"),
+			Tags:        c.StringSlice("tags"),
+			Args:        c.StringSlice("args"),
+			ArgsEnv:     c.StringSlice("args-from-env"),
+			Target:      c.String("target"),
+			Squash:      c.Bool("squash"),
+			Pull:        c.BoolT("pull-image"),
+			CacheFrom:   c.StringSlice("cache-from"),
+			Compress:    c.Bool("compress"),
+			Repo:        c.String("repo"),
+			Labels:      c.StringSlice("custom-labels"),
+			LabelSchema: c.StringSlice("label-schema"),
+			AutoLabel:   c.BoolT("auto-label"),
+			Link:        c.String("link"),
+			NoCache:     c.Bool("no-cache"),
+			Secret:      c.String("secret"),
+			SecretEnvs:  c.StringSlice("secrets-from-env"),
+			SecretFiles: c.StringSlice("secrets-from-file"),
+			AddHost:     c.StringSlice("add-host"),
+			Quiet:       c.Bool("quiet"),
+			Platform:    c.String("platform"),
+			SSHAgentKey: c.String("ssh-agent-key"),
 		},
 		Daemon: docker.Daemon{
 			Registry:      c.String("docker.registry"),
@@ -327,3 +364,11 @@ func run(c *cli.Context) error {
 
 	return plugin.Exec()
 }
+
+func GetExecCmd() string {
+	if runtime.GOOS == "windows" {
+		return "C:/bin/drone-docker.exe"
+	}
+
+	return "drone-docker"
+}

cmd/drone-ecr/main.go

@@ -11,12 +11,15 @@ import (
 	"strings"
 
 	"github.com/joho/godotenv"
+	"github.com/sirupsen/logrus"
 
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/credentials/stscreds"
 	"github.com/aws/aws-sdk-go/aws/session"
 	"github.com/aws/aws-sdk-go/service/ecr"
+
+	docker "github.com/drone-plugins/drone-docker"
 )
 
 const defaultRegion = "us-east-1"
@@ -110,11 +113,11 @@ func main() {
 	os.Setenv("DOCKER_PASSWORD", password)
 
 	// invoke the base docker plugin binary
-	cmd := exec.Command("drone-docker")
+	cmd := exec.Command(docker.GetDroneDockerExecCmd())
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	if err = cmd.Run(); err != nil {
-		os.Exit(1)
+		logrus.Fatal(err)
 	}
 }
 

cmd/drone-gcr/main.go

@@ -8,6 +8,9 @@ import (
 	"strings"
 
 	"github.com/joho/godotenv"
+	"github.com/sirupsen/logrus"
+
+	docker "github.com/drone-plugins/drone-docker"
 )
 
 // gcr default username
@@ -54,12 +57,12 @@ func main() {
 	os.Setenv("DOCKER_PASSWORD", password)
 
 	// invoke the base docker plugin binary
-	cmd := exec.Command("drone-docker")
+	cmd := exec.Command(docker.GetDroneDockerExecCmd())
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
 	err = cmd.Run()
 	if err != nil {
-		os.Exit(1)
+		logrus.Fatal(err)
 	}
 }
 

daemon.go

@@ -1,9 +1,10 @@
+//go:build !windows
 // +build !windows
 
 package docker
 
 import (
-	"io/ioutil"
+	"io"
 	"os"
 )
 
@@ -17,8 +18,8 @@ func (p Plugin) startDaemon() {
 		cmd.Stdout = os.Stdout
 		cmd.Stderr = os.Stderr
 	} else {
-		cmd.Stdout = ioutil.Discard
-		cmd.Stderr = ioutil.Discard
+		cmd.Stdout = io.Discard
+		cmd.Stderr = io.Discard
 	}
 	go func() {
 		trace(cmd)

docker.go

@@ -2,10 +2,10 @@ package docker
 
 import (
 	"fmt"
-	"io/ioutil"
 	"os"
 	"os/exec"
 	"path/filepath"
+	"runtime"
 	"strings"
 	"time"
 )
@@ -57,22 +57,57 @@ type (
 		Labels      []string // Label map
 		Link        string   // Git repo link
 		NoCache     bool     // Docker build no-cache
+		Secret      string   // secret keypair
+		SecretEnvs  []string // Docker build secrets with env var as source
+		SecretFiles []string // Docker build secrets with file as source
 		AddHost     []string // Docker build add-host
 		Quiet       bool     // Docker build quiet
+		Platform    string   // Docker build platform
+		SSHAgentKey string   // Docker build ssh agent key
+		SSHKeyPath  string   // Docker build ssh key path
 	}
 
 	// Plugin defines the Docker plugin parameters.
 	Plugin struct {
-		Login   Login  // Docker login configuration
-		Build   Build  // Docker build configuration
-		Daemon  Daemon // Docker daemon configuration
-		Dryrun  bool   // Docker push is skipped
-		Cleanup bool   // Docker purge is enabled
+		Login    Login  // Docker login configuration
+		Build    Build  // Docker build configuration
+		Daemon   Daemon // Docker daemon configuration
+		Dryrun   bool   // Docker push is skipped
+		Cleanup  bool   // Docker purge is enabled
+		CardPath string // Card path to write file to
+	}
+
+	Card []struct {
+		ID             string        `json:"Id"`
+		RepoTags       []string      `json:"RepoTags"`
+		ParsedRepoTags []TagStruct   `json:"ParsedRepoTags"`
+		RepoDigests    []interface{} `json:"RepoDigests"`
+		Parent         string        `json:"Parent"`
+		Comment        string        `json:"Comment"`
+		Created        time.Time     `json:"Created"`
+		Container      string        `json:"Container"`
+		DockerVersion  string        `json:"DockerVersion"`
+		Author         string        `json:"Author"`
+		Architecture   string        `json:"Architecture"`
+		Os             string        `json:"Os"`
+		Size           int           `json:"Size"`
+		VirtualSize    int           `json:"VirtualSize"`
+		Metadata       struct {
+			LastTagTime time.Time `json:"LastTagTime"`
+		} `json:"Metadata"`
+		SizeString        string
+		VirtualSizeString string
+		Time              string
+		URL               string `json:"URL"`
+	}
+	TagStruct struct {
+		Tag string `json:"Tag"`
 	}
 )
 
 // Exec executes the plugin step
 func (p Plugin) Exec() error {
+
 	// start the Docker daemon server
 	if !p.Daemon.Disabled {
 		p.startDaemon()
@@ -111,7 +146,7 @@ func (p Plugin) Exec() error {
 		os.MkdirAll(dockerHome, 0600)
 
 		path := filepath.Join(dockerHome, "config.json")
-		err := ioutil.WriteFile(path, []byte(p.Login.Config), 0600)
+		err := os.WriteFile(path, []byte(p.Login.Config), 0600)
 		if err != nil {
 			return fmt.Errorf("Error writing config.json: %s", err)
 		}
@@ -146,21 +181,25 @@ func (p Plugin) Exec() error {
 		cmds = append(cmds, commandPull(img))
 	}
 
+	// setup for using ssh agent (https://docs.docker.com/develop/develop-images/build_enhancements/#using-ssh-to-access-private-data-in-builds)
+	if p.Build.SSHAgentKey != "" {
+		var sshErr error
+		p.Build.SSHKeyPath, sshErr = writeSSHPrivateKey(p.Build.SSHAgentKey)
+		if sshErr != nil {
+			return sshErr
+		}
+	}
+
 	cmds = append(cmds, commandBuild(p.Build)) // docker build
 
 	for _, tag := range p.Build.Tags {
 		cmds = append(cmds, commandTag(p.Build, tag)) // docker tag
 
-		if p.Dryrun == false {
+		if !p.Dryrun {
 			cmds = append(cmds, commandPush(p.Build, tag)) // docker push
 		}
 	}
 
-	if p.Cleanup {
-		cmds = append(cmds, commandRmi(p.Build.Name)) // docker rmi
-		cmds = append(cmds, commandPrune())           // docker system prune -f
-	}
-
 	// execute all commands in batch mode.
 	for _, cmd := range cmds {
 		cmd.Stdout = os.Stdout
@@ -179,6 +218,26 @@ func (p Plugin) Exec() error {
 		}
 	}
 
+	// output the adaptive card
+	if err := p.writeCard(); err != nil {
+		fmt.Printf("Could not create adaptive card. %s\n", err)
+	}
+
+	// execute cleanup routines in batch mode
+	if p.Cleanup {
+		// clear the slice
+		cmds = nil
+
+		cmds = append(cmds, commandRmi(p.Build.Name)) // docker rmi
+		cmds = append(cmds, commandPrune())           // docker system prune -f
+
+		for _, cmd := range cmds {
+			cmd.Stdout = os.Stdout
+			cmd.Stderr = os.Stderr
+			trace(cmd)
+		}
+	}
+
 	return nil
 }
 
@@ -258,12 +317,31 @@ func commandBuild(build Build) *exec.Cmd {
 	for _, host := range build.AddHost {
 		args = append(args, "--add-host", host)
 	}
+	if build.Secret != "" {
+		args = append(args, "--secret", build.Secret)
+	}
+	for _, secret := range build.SecretEnvs {
+		if arg, err := getSecretStringCmdArg(secret); err == nil {
+			args = append(args, "--secret", arg)
+		}
+	}
+	for _, secret := range build.SecretFiles {
+		if arg, err := getSecretFileCmdArg(secret); err == nil {
+			args = append(args, "--secret", arg)
+		}
+	}
 	if build.Target != "" {
 		args = append(args, "--target", build.Target)
 	}
 	if build.Quiet {
 		args = append(args, "--quiet")
 	}
+	if build.Platform != "" {
+		args = append(args, "--platform", build.Platform)
+	}
+	if build.SSHKeyPath != "" {
+		args = append(args, "--ssh", build.SSHKeyPath)
+	}
 
 	if build.AutoLabel {
 		labelSchema := []string{
@@ -289,9 +367,41 @@ func commandBuild(build Build) *exec.Cmd {
 		}
 	}
 
+	// we need to enable buildkit, for secret support and ssh agent support
+	if build.Secret != "" || len(build.SecretEnvs) > 0 || len(build.SecretFiles) > 0 || build.SSHAgentKey != "" {
+		os.Setenv("DOCKER_BUILDKIT", "1")
+	}
 	return exec.Command(dockerExe, args...)
 }
 
+func getSecretStringCmdArg(kvp string) (string, error) {
+	return getSecretCmdArg(kvp, false)
+}
+
+func getSecretFileCmdArg(kvp string) (string, error) {
+	return getSecretCmdArg(kvp, true)
+}
+
+func getSecretCmdArg(kvp string, file bool) (string, error) {
+	delimIndex := strings.IndexByte(kvp, '=')
+	if delimIndex == -1 {
+		return "", fmt.Errorf("%s is not a valid secret", kvp)
+	}
+
+	key := kvp[:delimIndex]
+	value := kvp[delimIndex+1:]
+
+	if key == "" || value == "" {
+		return "", fmt.Errorf("%s is not a valid secret", kvp)
+	}
+
+	if file {
+		return fmt.Sprintf("id=%s,src=%s", key, value), nil
+	}
+
+	return fmt.Sprintf("id=%s,env=%s", key, value), nil
+}
+
 // helper function to add proxy values from the environment
 func addProxyBuildArgs(build *Build) {
 	addProxyValue(build, "http_proxy")
@@ -411,8 +521,33 @@ func commandRmi(tag string) *exec.Cmd {
 	return exec.Command(dockerExe, "rmi", tag)
 }
 
+func writeSSHPrivateKey(key string) (path string, err error) {
+	home, err := os.UserHomeDir()
+	if err != nil {
+		return "", fmt.Errorf("unable to determine home directory: %s", err)
+	}
+	if err := os.MkdirAll(filepath.Join(home, ".ssh"), 0700); err != nil {
+		return "", fmt.Errorf("unable to create .ssh directory: %s", err)
+	}
+	pathToKey := filepath.Join(home, ".ssh", "id_rsa")
+	if err := os.WriteFile(pathToKey, []byte(key), 0400); err != nil {
+		return "", fmt.Errorf("unable to write ssh key %s: %s", pathToKey, err)
+	}
+	path = fmt.Sprintf("default=%s", pathToKey)
+
+	return path, nil
+}
+
 // trace writes each command to stdout with the command wrapped in an xml
 // tag so that it can be extracted and displayed in the logs.
 func trace(cmd *exec.Cmd) {
 	fmt.Fprintf(os.Stdout, "+ %s\n", strings.Join(cmd.Args, " "))
 }
+
+func GetDroneDockerExecCmd() string {
+	if runtime.GOOS == "windows" {
+		return "C:/bin/drone-docker.exe"
+	}
+
+	return "drone-docker"
+}

docker/acr/Dockerfile.linux.arm

@@ -1,4 +0,0 @@
-FROM plugins/docker:linux-arm
-
-ADD release/linux/arm/drone-acr /bin/
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/drone-acr"]

docker/acr/Dockerfile.windows.amd64.1909

@@ -1,10 +0,0 @@
-# escape=`
-FROM plugins/docker:windows-1909-amd64
-
-LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
-  org.label-schema.name="Drone ACR" `
-  org.label-schema.vendor="Drone.IO Community" `
-  org.label-schema.schema-version="1.0"
-
-ADD release/windows/amd64/drone-acr.exe C:/bin/drone-acr.exe
-ENTRYPOINT [ "C:\\bin\\drone-acr.exe" ]

docker/acr/Dockerfile.windows.amd64.ltsc2022

@@ -1,5 +1,5 @@
 # escape=`
-FROM plugins/docker:windows-1803-amd64
+FROM plugins/docker:windows-ltsc2022-amd64
 
 LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
   org.label-schema.name="Drone ACR" `

docker/acr/manifest.tmpl

@@ -17,18 +17,6 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
-  -
-    image: plugins/acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7
-  -
-    image: plugins/acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1803-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1803
   -
     image: plugins/acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64
     platform:
@@ -36,14 +24,8 @@ manifests:
       os: windows
       version: 1809
   -
-    image: plugins/acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1903-amd64
+    image: plugins/acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64
     platform:
       architecture: amd64
       os: windows
-      version: 1903
-  -
-    image: plugins/acr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1909-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1909
+      version: ltsc2022

docker/docker/Dockerfile.linux.amd64

@@ -1,4 +1,4 @@
-FROM docker:20.10.9-dind
+FROM docker:20.10.14-dind
 
 ENV DOCKER_HOST=unix:///var/run/docker.sock
 

docker/docker/Dockerfile.linux.arm

@@ -1,15 +0,0 @@
-FROM arm32v6/docker:19.03.8-dind
-
-ENV DOCKER_HOST=unix:///var/run/docker.sock
-
-RUN apk --update add --virtual .build-deps curl && \
-    mkdir -p /etc/docker/ && \
-    curl -SsL -o /etc/docker/default.json https://raw.githubusercontent.com/moby/moby/19.03/profiles/seccomp/default.json && \
-    sed -i 's/SCMP_ACT_ERRNO/SCMP_ACT_TRACE/g' /etc/docker/default.json && \
-    chmod 600 /etc/docker/default.json && \
-    apk del .build-deps && \
-    rm -rf /var/cache/apk/* && \
-    rm -rf /tmp/*
-
-ADD release/linux/arm/drone-docker /bin/
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/drone-docker"]

docker/docker/Dockerfile.linux.arm64

@@ -1,4 +1,4 @@
-FROM arm64v8/docker:20.10.9-dind
+FROM arm64v8/docker:20.10.14-dind
 
 ENV DOCKER_HOST=unix:///var/run/docker.sock
 

docker/docker/Dockerfile.windows.amd64.1803

@@ -1,26 +0,0 @@
-# escape=`
-FROM mcr.microsoft.com/windows/servercore:1803 as download
-
-SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-
-ENV DOCKER_VERSION 18.09.1
-
-RUN Invoke-WebRequest 'http://constexpr.org/innoextract/files/innoextract-1.6-windows.zip' -OutFile 'innoextract.zip' -UseBasicParsing ; `
-    Expand-Archive innoextract.zip -DestinationPath C:\ ; `
-    Remove-Item -Path innoextract.zip
-
-RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; `
-    Invoke-WebRequest $('https://github.com/docker/toolbox/releases/download/v{0}/DockerToolbox-{0}.exe' -f $env:DOCKER_VERSION) -OutFile 'dockertoolbox.exe' -UseBasicParsing
-RUN /innoextract.exe dockertoolbox.exe
-
-FROM plugins/base:windows-1803
-
-LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
-  org.label-schema.name="Drone Docker" `
-  org.label-schema.vendor="Drone.IO Community" `
-  org.label-schema.schema-version="1.0"
-
-COPY --from=download /windows/system32/netapi32.dll /windows/system32/netapi32.dll
-COPY --from=download /app/docker.exe C:/bin/docker.exe
-ADD release/windows/amd64/drone-docker.exe C:/bin/drone-docker.exe
-ENTRYPOINT [ "C:\\bin\\drone-docker.exe" ]

docker/docker/Dockerfile.windows.amd64.1809

@@ -1,9 +1,10 @@
 # escape=`
-FROM mcr.microsoft.com/windows/servercore:1809 as download
+# using 1809-KB5021237-amd64 as base image, 1809-KB5022286-amd64 does not work
+FROM mcr.microsoft.com/windows/servercore:1809-KB5021237 as download
 
 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
 
-ENV DOCKER_VERSION 18.09.1
+ENV DOCKER_VERSION 19.03.1
 
 RUN Invoke-WebRequest 'http://constexpr.org/innoextract/files/innoextract-1.6-windows.zip' -OutFile 'innoextract.zip' -UseBasicParsing ; `
     Expand-Archive innoextract.zip -DestinationPath C:\ ; `
@@ -13,7 +14,8 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Invoke-WebRequest $('https://github.com/docker/toolbox/releases/download/v{0}/DockerToolbox-{0}.exe' -f $env:DOCKER_VERSION) -OutFile 'dockertoolbox.exe' -UseBasicParsing
 RUN /innoextract.exe dockertoolbox.exe
 
-FROM mcr.microsoft.com/windows/nanoserver:1809
+FROM mcr.microsoft.com/windows/nanoserver:1809-KB5021237-amd64
+
 USER ContainerAdministrator
 
 LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
@@ -21,6 +23,7 @@ LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
   org.label-schema.vendor="Drone.IO Community" `
   org.label-schema.schema-version="1.0"
 
+RUN mkdir C:\bin
 COPY --from=download /windows/system32/netapi32.dll /windows/system32/netapi32.dll
 COPY --from=download /app/docker.exe C:/bin/docker.exe
 ADD release/windows/amd64/drone-docker.exe C:/bin/drone-docker.exe

docker/docker/Dockerfile.windows.amd64.1909

@@ -1,28 +0,0 @@
-# escape=`
-FROM mcr.microsoft.com/windows/servercore:1909 as download
-
-SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
-
-ENV DOCKER_VERSION 19.03.1
-
-RUN Invoke-WebRequest 'http://constexpr.org/innoextract/files/innoextract-1.7-windows.zip' -OutFile 'innoextract.zip' -UseBasicParsing ; `
-    Expand-Archive innoextract.zip -DestinationPath C:\ ; `
-    Remove-Item -Path innoextract.zip
-
-RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 ; `
-    Invoke-WebRequest $('https://github.com/docker/toolbox/releases/download/v{0}/DockerToolbox-{0}.exe' -f $env:DOCKER_VERSION) -OutFile 'dockertoolbox.exe' -UseBasicParsing
-RUN /innoextract.exe dockertoolbox.exe
-
-FROM mcr.microsoft.com/windows/nanoserver:1909
-USER ContainerAdministrator
-
-LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
-  org.label-schema.name="Drone Docker" `
-  org.label-schema.vendor="Drone.IO Community" `
-  org.label-schema.schema-version="1.0"
-
-RUN mkdir C:\bin
-COPY --from=download /windows/system32/netapi32.dll /windows/system32/netapi32.dll
-COPY --from=download /app/docker.exe C:/bin/docker.exe
-ADD release/windows/amd64/drone-docker.exe C:/bin/drone-docker.exe
-ENTRYPOINT [ "C:\\bin\\drone-docker.exe" ]

docker/docker/Dockerfile.windows.amd64.ltsc2022

@@ -1,5 +1,5 @@
 # escape=`
-FROM mcr.microsoft.com/windows/servercore:1903 as download
+FROM mcr.microsoft.com/windows/servercore:ltsc2022 as download
 
 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
 
@@ -13,7 +13,7 @@ RUN [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tl
     Invoke-WebRequest $('https://github.com/docker/toolbox/releases/download/v{0}/DockerToolbox-{0}.exe' -f $env:DOCKER_VERSION) -OutFile 'dockertoolbox.exe' -UseBasicParsing
 RUN /innoextract.exe dockertoolbox.exe
 
-FROM mcr.microsoft.com/windows/nanoserver:1903
+FROM mcr.microsoft.com/windows/nanoserver:ltsc2022
 USER ContainerAdministrator
 
 LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `

docker/docker/manifest.tmpl

@@ -17,18 +17,6 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
-  -
-    image: plugins/docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7
-  -
-    image: plugins/docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1803-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1803
   -
     image: plugins/docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64
     platform:
@@ -36,14 +24,8 @@ manifests:
       os: windows
       version: 1809
   -
-    image: plugins/docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1903-amd64
+    image: plugins/docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64
     platform:
       architecture: amd64
       os: windows
-      version: 1903
-  -
-    image: plugins/docker:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1909-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1909
+      version: ltsc2022

docker/ecr/Dockerfile.linux.arm

@@ -1,4 +0,0 @@
-FROM plugins/docker:linux-arm
-
-ADD release/linux/arm/drone-ecr /bin/
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/drone-ecr"]

docker/ecr/Dockerfile.windows.amd64.1803

@@ -1,10 +0,0 @@
-# escape=`
-FROM plugins/docker:windows-1803-amd64
-
-LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
-  org.label-schema.name="Drone ECR" `
-  org.label-schema.vendor="Drone.IO Community" `
-  org.label-schema.schema-version="1.0"
-
-ADD release/windows/amd64/drone-ecr.exe C:/bin/drone-ecr.exe
-ENTRYPOINT [ "C:\\bin\\drone-ecr.exe" ]

docker/ecr/Dockerfile.windows.amd64.ltsc2022

@@ -1,5 +1,5 @@
 # escape=`
-FROM plugins/docker:windows-1909-amd64
+FROM plugins/docker:windows-ltsc2022-amd64
 
 LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
   org.label-schema.name="Drone ECR" `

docker/ecr/manifest.tmpl

@@ -17,18 +17,6 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
-  -
-    image: plugins/ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7
-  -
-    image: plugins/ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1803-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1803
   -
     image: plugins/ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64
     platform:
@@ -36,14 +24,8 @@ manifests:
       os: windows
       version: 1809
   -
-    image: plugins/ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1903-amd64
+    image: plugins/ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64
     platform:
       architecture: amd64
       os: windows
-      version: 1903
-  -
-    image: plugins/ecr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1909-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1909
+      version: ltsc2022

docker/gcr/Dockerfile.linux.arm

@@ -1,4 +0,0 @@
-FROM plugins/docker:linux-arm
-
-ADD release/linux/arm/drone-gcr /bin/
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/drone-gcr"]

docker/gcr/Dockerfile.windows.amd64.1909

@@ -1,10 +0,0 @@
-# escape=`
-FROM plugins/docker:windows-1909-amd64
-
-LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
-  org.label-schema.name="Drone GCR" `
-  org.label-schema.vendor="Drone.IO Community" `
-  org.label-schema.schema-version="1.0"
-
-ADD release/windows/amd64/drone-gcr.exe C:/bin/drone-gcr.exe
-ENTRYPOINT [ "C:\\bin\\drone-gcr.exe" ]

docker/gcr/Dockerfile.windows.amd64.ltsc2022

@@ -1,5 +1,5 @@
 # escape=`
-FROM plugins/docker:windows-1803-amd64
+FROM plugins/docker:windows-ltsc2022-amd64
 
 LABEL maintainer="Drone.IO Community <drone-dev@googlegroups.com>" `
   org.label-schema.name="Drone GCR" `

docker/gcr/manifest.tmpl

@@ -17,18 +17,6 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
-  -
-    image: plugins/gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7
-  -
-    image: plugins/gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1803-amd64
-    platform:
-      architecture: amd64
-      os: windows
-      version: 1803
   -
     image: plugins/gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1809-amd64
     platform:
@@ -36,8 +24,8 @@ manifests:
       os: windows
       version: 1809
   -
-    image: plugins/gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-1909-amd64
+    image: plugins/gcr:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}windows-ltsc2022-amd64
     platform:
       architecture: amd64
       os: windows
-      version: 1909
+      version: ltsc2022

docker/heroku/Dockerfile.linux.arm

@@ -1,4 +0,0 @@
-FROM plugins/docker:linux-arm
-
-ADD release/linux/arm/drone-heroku /bin/
-ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/drone-heroku"]

docker/heroku/manifest.tmpl

@@ -17,9 +17,3 @@ manifests:
       architecture: arm64
       os: linux
       variant: v8
-  -
-    image: plugins/heroku:{{#if build.tag}}{{trimPrefix "v" build.tag}}-{{/if}}linux-arm
-    platform:
-      architecture: arm
-      os: linux
-      variant: v7

docker_test.go

@@ -1 +1,171 @@
 package docker
+
+import (
+	"os/exec"
+	"reflect"
+	"testing"
+)
+
+func TestCommandBuild(t *testing.T) {
+	tcs := []struct {
+		name  string
+		build Build
+		want  *exec.Cmd
+	}{
+		{
+			name: "secret from env var",
+			build: Build{
+				Name:       "plugins/drone-docker:latest",
+				Dockerfile: "Dockerfile",
+				Context:    ".",
+				SecretEnvs: []string{
+					"foo_secret=FOO_SECRET_ENV_VAR",
+				},
+			},
+			want: exec.Command(
+				dockerExe,
+				"build",
+				"--rm=true",
+				"-f",
+				"Dockerfile",
+				"-t",
+				"plugins/drone-docker:latest",
+				".",
+				"--secret id=foo_secret,env=FOO_SECRET_ENV_VAR",
+			),
+		},
+		{
+			name: "secret from file",
+			build: Build{
+				Name:       "plugins/drone-docker:latest",
+				Dockerfile: "Dockerfile",
+				Context:    ".",
+				SecretFiles: []string{
+					"foo_secret=/path/to/foo_secret",
+				},
+			},
+			want: exec.Command(
+				dockerExe,
+				"build",
+				"--rm=true",
+				"-f",
+				"Dockerfile",
+				"-t",
+				"plugins/drone-docker:latest",
+				".",
+				"--secret id=foo_secret,src=/path/to/foo_secret",
+			),
+		},
+		{
+			name: "multiple mixed secrets",
+			build: Build{
+				Name:       "plugins/drone-docker:latest",
+				Dockerfile: "Dockerfile",
+				Context:    ".",
+				SecretEnvs: []string{
+					"foo_secret=FOO_SECRET_ENV_VAR",
+					"bar_secret=BAR_SECRET_ENV_VAR",
+				},
+				SecretFiles: []string{
+					"foo_secret=/path/to/foo_secret",
+					"bar_secret=/path/to/bar_secret",
+				},
+			},
+			want: exec.Command(
+				dockerExe,
+				"build",
+				"--rm=true",
+				"-f",
+				"Dockerfile",
+				"-t",
+				"plugins/drone-docker:latest",
+				".",
+				"--secret id=foo_secret,env=FOO_SECRET_ENV_VAR",
+				"--secret id=bar_secret,env=BAR_SECRET_ENV_VAR",
+				"--secret id=foo_secret,src=/path/to/foo_secret",
+				"--secret id=bar_secret,src=/path/to/bar_secret",
+			),
+		},
+		{
+			name: "invalid mixed secrets",
+			build: Build{
+				Name:       "plugins/drone-docker:latest",
+				Dockerfile: "Dockerfile",
+				Context:    ".",
+				SecretEnvs: []string{
+					"foo_secret=",
+					"=FOO_SECRET_ENV_VAR",
+					"",
+				},
+				SecretFiles: []string{
+					"foo_secret=",
+					"=/path/to/bar_secret",
+					"",
+				},
+			},
+			want: exec.Command(
+				dockerExe,
+				"build",
+				"--rm=true",
+				"-f",
+				"Dockerfile",
+				"-t",
+				"plugins/drone-docker:latest",
+				".",
+			),
+		},
+		{
+			name: "platform argument",
+			build: Build{
+				Name:       "plugins/drone-docker:latest",
+				Dockerfile: "Dockerfile",
+				Context:    ".",
+				Platform:   "test/platform",
+			},
+			want: exec.Command(
+				dockerExe,
+				"build",
+				"--rm=true",
+				"-f",
+				"Dockerfile",
+				"-t",
+				"plugins/drone-docker:latest",
+				".",
+				"--platform",
+				"test/platform",
+			),
+		},
+		{
+			name: "ssh agent",
+			build: Build{
+				Name:       "plugins/drone-docker:latest",
+				Dockerfile: "Dockerfile",
+				Context:    ".",
+				SSHKeyPath: "id_rsa=/root/.ssh/id_rsa",
+			},
+			want: exec.Command(
+				dockerExe,
+				"build",
+				"--rm=true",
+				"-f",
+				"Dockerfile",
+				"-t",
+				"plugins/drone-docker:latest",
+				".",
+				"--ssh id_rsa=/root/.ssh/id_rsa",
+			),
+		},
+	}
+
+	for _, tc := range tcs {
+		tc := tc
+
+		t.Run(tc.name, func(t *testing.T) {
+			cmd := commandBuild(tc.build)
+
+			if !reflect.DeepEqual(cmd.String(), tc.want.String()) {
+				t.Errorf("Got cmd %v, want %v", cmd, tc.want)
+			}
+		})
+	}
+}

docs/card.data.json

@@ -0,0 +1,41 @@
+{
+    "Id": "sha256:3b0709c9afb41629c79c93355feed114d08a8c1bedd975eb53af08f4b867fd91",
+    "RepoTags": [
+        "798a0dae10d63d281eff4c06eaa12001ffd23740:latest",
+        "tphoney/test:latest"
+    ],
+    "ParsedRepoTags": [
+        {
+            "Tag": ""
+        },
+        {
+            "Tag": ""
+        },
+        {
+            "Tag": "798a0dae10d63d281eff4c06eaa12001ffd23740:latest"
+        },
+        {
+            "Tag": "tphoney/test:latest"
+        }
+    ],
+    "RepoDigests": [
+        "tphoney/test@sha256:93f8b95aaae7d194208b72e94a3a90544b00c8f2ad45aeb89d81a0c6ccbc5e19"
+    ],
+    "Parent": "sha256:493aa330a5929027dd8ecded9fa8c473a1508d17c0fd7d6a94a7f197f8d22c60",
+    "Comment": "",
+    "Created": "2022-02-16T11:13:40.8956582Z",
+    "Container": "a57c0ca4dd2e081df8758e00549f7abe83803f1a1a7aaaf1cd8e685a5eb5a097",
+    "DockerVersion": "20.10.9",
+    "Author": "",
+    "Architecture": "amd64",
+    "Os": "linux",
+    "Size": 14045949,
+    "VirtualSize": 14045949,
+    "Metadata": {
+        "LastTagTime": "2022-02-16T11:13:40.9433973Z"
+    },
+    "SizeString": "13.40MB",
+    "VirtualSizeString": "13.40MB",
+    "Time": "2022-02-16T11:13:40Z",
+    "URL": "http://hub.docker.com/repositories/tphoney/test/"
+}

docs/card.json

@@ -0,0 +1,138 @@
+{
+    "type": "AdaptiveCard",
+    "body": [
+        {
+            "type": "ColumnSet",
+            "columns": [
+                {
+                    "type": "Column",
+                    "items": [
+                        {
+                            "type": "Image",
+                            "url": "https://d36jcksde1wxzq.cloudfront.net/be7833db9bddb4494d2a7c3dd659199a.png",
+                            "size": "small"
+                        }
+                    ],
+                    "width": "auto"
+                },
+                {
+                    "type": "Column",
+                    "items": [
+                        {
+                            "type": "TextBlock",
+                            "text": "Plugin: Drone Docker",
+                            "wrap": true,
+                            "size": "Small",
+                            "weight": "Bolder",
+                            "isSubtle": false,
+                            "spacing": "Small"
+                        },
+                        {
+                            "type": "TextBlock",
+                            "text": "DIGEST: ${RepoDigests[0]}",
+                            "wrap": true,
+                            "size": "Small",
+                            "weight": "Lighter",
+                            "isSubtle": true,
+                            "spacing": "Small"
+                        }
+                    ],
+                    "width": "stretch"
+                }
+            ],
+            "style": "default"
+        },
+        {
+            "type": "ColumnSet",
+            "columns": [
+                {
+                    "type": "Column",
+                    "items": [
+                        {
+                            "type": "TextBlock",
+                            "weight": "Lighter",
+                            "text": "TAGS",
+                            "wrap": true,
+                            "size": "Small",
+                            "isSubtle": true,
+                            "spacing": "Medium"
+                        },
+                        {
+                            "type": "FactSet",
+                            "facts": [
+                                {
+                                    "title": "${Tag}",
+                                    "value": ""
+                                }
+                            ],
+                            "spacing": "Small",
+                            "$data": "${ParsedRepoTags}",
+                            "wrap": true,
+                            "size": "Small",
+                            "weight": "Bolder"
+                        }
+                    ],
+                    "separator": true,
+                    "width": "auto"
+                },
+                {
+                    "type": "Column",
+                    "items": [
+                        {
+                            "type": "TextBlock",
+                            "weight": "Lighter",
+                            "text": "SIZE",
+                            "wrap": true,
+                            "size": "Small",
+                            "isSubtle": true
+                        },
+                        {
+                            "type": "TextBlock",
+                            "spacing": "Small",
+                            "text": "${SizeString}",
+                            "wrap": true,
+                            "weight": "Bolder"
+                        }
+                    ],
+                    "width": "auto",
+                    "separator": true,
+                    "spacing": "Medium"
+                },
+                {
+                    "type": "Column",
+                    "items": [
+                        {
+                            "type": "TextBlock",
+                            "weight": "Lighter",
+                            "text": "LAST PUSHED",
+                            "wrap": true,
+                            "size": "Small",
+                            "isSubtle": true
+                        },
+                        {
+                            "type": "TextBlock",
+                            "spacing": "Small",
+                            "text": "{{DATE(${Time})}} - {{TIME(${Time})}}",
+                            "wrap": true,
+                            "weight": "Bolder"
+                        }
+                    ],
+                    "width": "auto",
+                    "separator": true,
+                    "spacing": "Medium"
+                }
+            ],
+            "style": "default",
+            "separator": true
+        }
+    ],
+    "actions": [
+        {
+            "type": "Action.OpenUrl",
+            "title": "Go to image",
+            "url": "${url}"
+        }
+    ],
+    "$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
+    "version": "1.5"
+}

go.mod

@@ -3,6 +3,8 @@ module github.com/drone-plugins/drone-docker
 require (
 	github.com/aws/aws-sdk-go v1.26.7
 	github.com/coreos/go-semver v0.3.0
+	github.com/drone/drone-go v1.7.1
+	github.com/inhies/go-bytesize v0.0.0-20210819104631-275770b98743
 	github.com/joho/godotenv v1.3.0
 	github.com/sirupsen/logrus v1.3.0
 	github.com/urfave/cli v1.22.2
@@ -16,6 +18,7 @@ require (
 	github.com/shurcooL/sanitized_anchor_name v1.0.0 // indirect
 	golang.org/x/crypto v0.0.0-20180904163835-0709b304e793 // indirect
 	golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33 // indirect
+	gopkg.in/yaml.v2 v2.2.8 // indirect
 )
 
 go 1.17

go.sum

@@ -1,3 +1,4 @@
+github.com/99designs/httpsignatures-go v0.0.0-20170731043157-88528bf4ca7e/go.mod h1:Xa6lInWHNQnuWoF0YPSsx+INFA9qk7/7pTjwb3PInkY=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/aws/aws-sdk-go v1.26.7 h1:ObjEnmzvSdYy8KVd3me7v/UMyCn81inLy2SyoIPoBkg=
 github.com/aws/aws-sdk-go v1.26.7/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
@@ -7,6 +8,12 @@ github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d h1:U+s90UTSY
 github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/drone/drone-go v1.7.1 h1:ZX+3Rs8YHUSUQ5mkuMLmm1zr1ttiiE2YGNxF3AnyDKw=
+github.com/drone/drone-go v1.7.1/go.mod h1:fxCf9jAnXDZV1yDr0ckTuWd1intvcQwfJmTRpTZ1mXg=
+github.com/google/go-cmp v0.2.0 h1:+dTQ8DZQJz0Mb/HjFlkptS1FeQ4cWSnN941F8aEG4SQ=
+github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
+github.com/inhies/go-bytesize v0.0.0-20210819104631-275770b98743 h1:X3Xxno5Ji8idrNiUoFc7QyXpqhSYlDRYQmc7mlpMBzU=
+github.com/inhies/go-bytesize v0.0.0-20210819104631-275770b98743/go.mod h1:KrtyD5PFj++GKkFS/7/RRrfnRhAMGQwy75GLCHWrCNs=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af h1:pmfjZENx5imkbgOkpRUYLnmbU7UEFbjtDA2hxJ1ichM=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
 github.com/joho/godotenv v1.3.0 h1:Zjp+RcGpHhGlrMbJzXTrZZPrWj+1vfm90La1wgB6Bhc=
@@ -31,5 +38,6 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33 h1:I6FyU15t786LL7oL/hn43zqTuEGr4PN7F4XJ1p4E3Y8=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.2.8 h1:obN1ZagJSUGI0Ek/LBmuj4SNLPfIny3KsKFopxRdj10=
+gopkg.in/yaml.v2 v2.2.8/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=

pipeline.libsonnet

@@ -1,206 +0,0 @@
-local windows_pipe = '\\\\\\\\.\\\\pipe\\\\docker_engine';
-local windows_pipe_volume = 'docker_pipe';
-local test_pipeline_name = 'testing';
-
-local windows(os) = os == 'windows';
-
-local golang_image(os, version) =
-  'golang:' + '1.13' + if windows(os) then '-windowsservercore-' + version else '';
-
-{
-  test(os='linux', arch='amd64', version='')::
-    local is_windows = windows(os);
-    local golang = golang_image(os, version);
-    local volumes = if is_windows then [{name: 'gopath', path: 'C:\\\\gopath'}] else [{name: 'gopath', path: '/go',}];
-    {
-      kind: 'pipeline',
-      name: test_pipeline_name,
-      platform: {
-        os: os,
-        arch: arch,
-        version: if std.length(version) > 0 then version,
-      },
-      steps: [
-        {
-          name: 'vet',
-          image: golang,
-          pull: 'always',
-          environment: {
-            GO111MODULE: 'on',
-          },
-          commands: [
-            'go vet ./...',
-          ],
-          volumes: volumes,
-        },
-        {
-          name: 'test',
-          image: golang,
-          pull: 'always',
-          environment: {
-            GO111MODULE: 'on',
-          },
-          commands: [
-            'go test -cover ./...',
-          ],
-          volumes: volumes,
-        },
-      ],
-      trigger: {
-        ref: [
-          'refs/heads/master',
-          'refs/tags/**',
-          'refs/pull/**',
-        ],
-      },
-      volumes: [{name: 'gopath', temp: {}}]
-    },
-
-  build(name, os='linux', arch='amd64', version='')::
-    local is_windows = windows(os);
-    local tag = if is_windows then os + '-' + version else os + '-' + arch;
-    local file_suffix = std.strReplace(tag, '-', '.');
-    local volumes = if is_windows then [{ name: windows_pipe_volume, path: windows_pipe }] else [];
-    local golang = golang_image(os, version);
-    local plugin_repo = 'plugins/' + name;
-    local extension = if is_windows then '.exe' else '';
-    local depends_on = if name == 'docker' then [test_pipeline_name] else [tag + '-docker'];
-    {
-      kind: 'pipeline',
-      name: tag + '-' + name,
-      platform: {
-        os: os,
-        arch: arch,
-        version: if std.length(version) > 0 then version,
-      },
-      steps: [
-        {
-          name: 'build-push',
-          image: golang,
-          pull: 'always',
-          environment: {
-            CGO_ENABLED: '0',
-            GO111MODULE: 'on',
-          },
-          commands: [
-            'go build -v -ldflags "-X main.version=${DRONE_COMMIT_SHA:0:8}" -a -tags netgo -o release/' + os + '/' + arch + '/drone-' + name + extension + ' ./cmd/drone-' + name,
-          ],
-          when: {
-            event: {
-              exclude: ['tag'],
-            },
-          },
-        },
-        {
-          name: 'build-tag',
-          image: golang,
-          pull: 'always',
-          environment: {
-            CGO_ENABLED: '0',
-            GO111MODULE: 'on',
-          },
-          commands: [
-            'go build -v -ldflags "-X main.version=${DRONE_TAG##v}" -a -tags netgo -o release/' + os + '/' + arch + '/drone-' + name + extension + ' ./cmd/drone-' + name,
-          ],
-          when: {
-            event: ['tag'],
-          },
-        },
-        if name == "docker" then {
-          name: 'executable',
-          image: golang,
-          pull: 'always',
-          commands: [
-            './release/' + os + '/' + arch + '/drone-' + name + extension + ' --help',
-          ],
-        },
-        {
-          name: 'dryrun',
-          image: 'plugins/docker:' + tag,
-          pull: 'always',
-          settings: {
-            dry_run: true,
-            tags: tag,
-            dockerfile: 'docker/'+ name +'/Dockerfile.' + file_suffix,
-            daemon_off: if is_windows then 'true' else 'false',
-            repo: plugin_repo,
-            username: { from_secret: 'docker_username' },
-            password: { from_secret: 'docker_password' },
-          },
-          volumes: if std.length(volumes) > 0 then volumes,
-          when: {
-            event: ['pull_request'],
-          },
-        },
-        {
-          name: 'publish',
-          image: 'plugins/docker:' + tag,
-          pull: 'always',
-          settings: {
-            auto_tag: true,
-            auto_tag_suffix: tag,
-            daemon_off: if is_windows then 'true' else 'false',
-            dockerfile: 'docker/' + name + '/Dockerfile.' + file_suffix,
-            repo: plugin_repo,
-            username: { from_secret: 'docker_username' },
-            password: { from_secret: 'docker_password' },
-          },
-          volumes: if std.length(volumes) > 0 then volumes,
-          when: {
-            event: {
-              exclude: ['pull_request'],
-            },
-          },
-        },
-      ],
-      trigger: {
-        ref: [
-          'refs/heads/master',
-          'refs/tags/**',
-          'refs/pull/**',
-        ],
-      },
-      depends_on: depends_on,
-      volumes: if is_windows then [{ name: windows_pipe_volume, host: { path: windows_pipe } }],
-    },
-
-  notifications(name, os='linux', arch='amd64', version='', depends_on=[])::
-    {
-      kind: 'pipeline',
-      name: 'notifications-' + name,
-      platform: {
-        os: os,
-        arch: arch,
-        version: if std.length(version) > 0 then version,
-      },
-      steps: [
-        {
-          name: 'manifest',
-          image: 'plugins/manifest',
-          pull: 'always',
-          settings: {
-            username: { from_secret: 'docker_username' },
-            password: { from_secret: 'docker_password' },
-            spec: 'docker/' + name + '/manifest.tmpl',
-            ignore_missing: true,
-            auto_tag: true,
-          },
-        },
-        {
-          name: 'microbadger',
-          image: 'plugins/webhook',
-          pull: 'always',
-          settings: {
-            urls: { from_secret: 'microbadger_' + name },
-          },
-        },
-      ],
-      depends_on: [x + '-' + name for x in depends_on],
-      trigger: {
-        ref: [
-          'refs/heads/master',
-          'refs/tags/**',
-        ],
-      },
-    },
-}

scripts/windows/latest.ps1

@@ -1,5 +1,6 @@
 # this script is used by the continuous integration server to
 # build and publish the docker image for a commit to master.
+$ErrorActionPreference = "Stop"
 
 $env:GOOS="windows"
 $env:GOARCH="amd64"
@@ -13,18 +14,22 @@ if (-not (Test-Path env:REGISTRY)) {
     $env:REGISTRY="docker"
 }
 
-
 echo $env:GOOS
 echo $env:GOARCH
 echo $env:VERSION
+echo $env:REGISTRY
 
 # build the binary
-go build -o release/windows/amd64/drone-$env:REGISTRY.exe
+Write-Host "+ go build -o release/windows/amd64/drone-${env:REGISTRY}.exe ./cmd/drone-${env:REGISTRY}";
+go build -o release/windows/amd64/drone-${env:REGISTRY}.exe ./cmd/drone-${env:REGISTRY}
 
 # build and publish the docker image
-docker login -u $env:USERNAME -p $env:PASSWORD
-docker build -f docker/$env:REGISTRY/Dockerfile.windows.amd64.$env:VERSION -t plugins/$env:REGISTRY:windows-$env:VERSION-amd64 .
-docker push plugins/$env:REGISTRY:windows-$env:VERSION-amd64
+docker login -u ${env:USERNAME} -p ${env:PASSWORD}
+Write-Host "+ docker build -f docker/${env:REGISTRY}/Dockerfile.windows.amd64.${env:VERSION} -t plugins/${env:REGISTRY}:windows-${env:VERSION}-amd64 .";
+docker build -f docker/${env:REGISTRY}/Dockerfile.windows.amd64.${env:VERSION} -t plugins/${env:REGISTRY}:windows-${env:VERSION}-amd64 .
+Write-Host "+ docker push plugins/${env:REGISTRY}:windows-${env:VERSION}-amd64"
+docker push plugins/${env:REGISTRY}:windows-${env:VERSION}-amd64
 
 # remove images from local cache
-docker rmi plugins/$env:REGISTRY:windows-$env:VERSION-amd64
+Write-Host "+ docker rmi plugins/${env:REGISTRY}:windows-${env:VERSION}-amd64"
+docker rmi plugins/${env:REGISTRY}:windows-${env:VERSION}-amd64

scripts/windows/tag.ps1

@@ -1,5 +1,6 @@
 # this script is used by the continuous integration server to
 # build and publish the docker image for a tagged revsision.
+$ErrorActionPreference = "Stop"
 
 $env:GOOS="windows"
 $env:GOARCH="amd64"
@@ -19,9 +20,9 @@ if (-not (Test-Path env:REGISTRY)) {
 }
 
 # define the image tags
-$env:IMAGE_PATCH="plugins/$env:REGISTRY:$env:DRONE_SEMVER_SHORT-windows-$env:VERSION-amd64"
-$env:IMAGE_MAJOR="plugins/$env:REGISTRY:$env:DRONE_SEMVER_MAJOR-windows-$env:VERSION-amd64"
-$env:IMAGE_MINOR="plugins/$env:REGISTRY:$env:DRONE_SEMVER_MAJOR.$env:DRONE_SEMVER_MINOR-windows-$env:VERSION-amd64"
+$env:IMAGE_PATCH="plugins/${env:REGISTRY}:${env:DRONE_SEMVER_SHORT}-windows-${env:VERSION}-amd64"
+$env:IMAGE_MAJOR="plugins/${env:REGISTRY}:${env:DRONE_SEMVER_MAJOR}-windows-${env:VERSION}-amd64"
+$env:IMAGE_MINOR="plugins/${env:REGISTRY}:${env:DRONE_SEMVER_MAJOR}.${env:DRONE_SEMVER_MINOR}-windows-${env:VERSION}-amd64"
 
 echo "build environment:"
 echo $env:GOOS
@@ -29,27 +30,37 @@ echo $env:GOARCH
 echo $env:VERSION
 
 # build the binary
-go build -o release/windows/amd64/drone-$env:REGISTRY.exe
+Write-Host "+ go build -o release/windows/amd64/drone-${env:REGISTRY}.exe ./cmd/drone-${env:REGISTRY}"
+go build -o release/windows/amd64/drone-${env:REGISTRY}.exe ./cmd/drone-${env:REGISTRY}
 
 # authenticate with the docker registry
-docker login -u $env:USERNAME -p $env:PASSWORD
+docker login -u ${env:USERNAME} -p ${env:PASSWORD}
 
 echo "building images:"
-echo $env:IMAGE_PATCH
-echo $env:IMAGE_MINOR
-echo $env:IMAGE_MAJOR
+echo ${env:IMAGE_PATCH}
+echo ${env:IMAGE_MINOR}
+echo ${env:IMAGE_MAJOR}
 
 # build and tag the docker images
-docker build -f docker/$env:REGISTRY/Dockerfile.windows.amd64.$env:VERSION -t $env:IMAGE_PATCH .
-docker tag $env:IMAGE_PATCH $env:IMAGE_MAJOR
-docker tag $env:IMAGE_PATCH $env:IMAGE_MINOR
+Write-Host "+ docker build -f docker/${env:REGISTRY}/Dockerfile.windows.amd64.${env:VERSION} -t ${env:IMAGE_PATCH} ."
+docker build -f docker/${env:REGISTRY}/Dockerfile.windows.amd64.${env:VERSION} -t ${env:IMAGE_PATCH} .
+Write-Host "+ docker tag ${env:IMAGE_PATCH} ${env:IMAGE_MAJOR}"
+docker tag ${env:IMAGE_PATCH} ${env:IMAGE_MAJOR}
+Write-Host "+ docker tag ${env:IMAGE_PATCH} ${env:IMAGE_MINOR}"
+docker tag ${env:IMAGE_PATCH} ${env:IMAGE_MINOR}
 
 # publish the docker images
-docker push $env:IMAGE_MAJOR
-docker push $env:IMAGE_MINOR
-docker push $env:IMAGE_PATCH
+Write-Host "+ docker push ${env:IMAGE_MAJOR}"
+docker push ${env:IMAGE_MAJOR}
+Write-Host "+ docker push ${env:IMAGE_MINOR}"
+docker push ${env:IMAGE_MINOR}
+Write-Host "+ docker push ${env:IMAGE_PATCH}"
+docker push ${env:IMAGE_PATCH}
 
 # remove images after from local cache
-docker rmi $env:IMAGE_MAJOR
-docker rmi $env:IMAGE_MINOR
-docker rmi $env:IMAGE_PATCH
+Write-Host "+ docker rmi ${env:IMAGE_MAJOR}"
+docker rmi ${env:IMAGE_MAJOR}
+Write-Host "+ docker rmi ${env:IMAGE_MINOR}"
+docker rmi ${env:IMAGE_MINOR}
+Write-Host "+ docker rmi ${env:IMAGE_PATCH}"
+docker rmi ${env:IMAGE_PATCH}