From 24d2451163213ee5ef91f6d471bd4456d7bde60d Mon Sep 17 00:00:00 2001 From: Ryan Ling Date: Mon, 4 Nov 2024 09:57:40 +1100 Subject: [PATCH] Include `--additional-build-args` in checksum --- README.md | 38 +++++++++++++++++++------------------- docker-compose.yml | 4 +--- hooks/lib/stdlib.bash | 5 +++++ tests/stdlib.bats | 36 ++++++++++++++++++++++++++++++++++++ 4 files changed, 61 insertions(+), 22 deletions(-) diff --git a/README.md b/README.md index eb2f5de..fd07f61 100644 --- a/README.md +++ b/README.md @@ -27,7 +27,7 @@ RUN echo 'my expensive build step' steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0 + - seek-oss/docker-ecr-cache#v2.2.1 - docker#v5.10.0 ``` @@ -52,7 +52,7 @@ RUN pnpm install steps: - command: pnpm test plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: cache-on: - package.json # avoid cache hits on stale lockfiles - pnpm-lock.yaml @@ -67,7 +67,7 @@ The `cache-on` property also supports Bash globbing with `globstar`: steps: - command: pnpm test plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: cache-on: - '**/package.json' # monorepo with multiple manifest files - pnpm-lock.yaml @@ -84,7 +84,7 @@ A given entry cannot contain both bash globbing and a jq path. steps: - command: pnpm test plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: cache-on: - .npmrc - package.json#.dependencies @@ -105,7 +105,7 @@ It's possible to specify the Dockerfile to use by: steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: dockerfile: my-dockerfile - docker#v5.10.0 ``` @@ -116,7 +116,7 @@ Alternatively, Dockerfile can be embedded inline: steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: dockerfile-inline: | FROM node:20-alpine WORKDIR /workdir @@ -145,7 +145,7 @@ steps: --build-arg BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_EXPORT_TAG --file Dockerfile.secondary plugins: - - seek-oss/docker-ecr-cache#v2.2.0 + - seek-oss/docker-ecr-cache#v2.2.1 ``` Your `Dockerfile.secondary` can then [dynamically use these args](https://docs.docker.com/engine/reference/builder/#understand-how-arg-and-from-interact): @@ -173,7 +173,7 @@ stage to run commands against: steps: - command: cargo test plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: target: build-deps - docker#v5.10.0 ``` @@ -188,7 +188,7 @@ The `context` property can be used to specify a different path. steps: - command: cargo test plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: dockerfile: dockerfiles/test/Dockerfile context: '.' - docker#v5.10.0 @@ -217,7 +217,7 @@ steps: env: ARG_1: wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: build-args: - ARG_1 - ARG_2=such @@ -232,7 +232,7 @@ steps: env: ARG_1: wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: additional-build-args: '--ssh= default=\$SSH_AUTH_SOCK' - docker#v5.10.0 ``` @@ -260,7 +260,7 @@ steps: env: SECRET: wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: secrets: - SECRET - docker#v5.10.0 @@ -276,7 +276,7 @@ steps: plugins: - seek-oss/private-npm#v1.2.0: env: SECRET - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: secrets: - id=npmrc,src=.npmrc - docker#v5.10.0 @@ -294,7 +294,7 @@ By default images are kept in ECR for up to 30 days. This can be changed by spec steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: max-age-days: 7 - docker#v5.10.0 ``` @@ -307,7 +307,7 @@ By default, image name and computed tag are exported to the Docker buildkite plu steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: export-env-variable: BUILDKITE_PLUGIN_MY_CUSTOM_PLUGIN_CACHE_IMAGE - my-custom-plugin#v1.0.0: ``` @@ -321,7 +321,7 @@ steps: - label: Build Cache command: ':' plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: skip-pull-from-cache: true ``` @@ -337,7 +337,7 @@ optionally use a custom repository name: steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: ecr-name: my-unique-repository-name ecr-tags: Key: Value @@ -353,7 +353,7 @@ By default, the plugin uses the region specified in the `AWS_DEFAULT_REGION` env steps: - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: region: ap-southeast-2 - docker#v5.10.0 ``` @@ -395,7 +395,7 @@ Example: ```yaml - command: echo wow plugins: - - seek-oss/docker-ecr-cache#v2.2.0: + - seek-oss/docker-ecr-cache#v2.2.1: registry-provider: gcr gcp-project: foo-bar-123456 ``` diff --git a/docker-compose.yml b/docker-compose.yml index f57abbf..719f7c0 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,12 +1,10 @@ -version: '3.4' services: tests: image: buildkite/plugin-tester:v4.1.0 volumes: - '.:/plugin:ro' environment: - - BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_ECR_TAGS_SEEK:OWNER:TEAM=Candidate - - BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_ECR_TAGS_MYKEY2=mykeyvalue2 + - BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_ECR_TAGS_MYKEY=mykeyvalue lint: image: buildkite/plugin-linter command: ['--name', 'seek-oss/docker-ecr-cache'] diff --git a/hooks/lib/stdlib.bash b/hooks/lib/stdlib.bash index c06772f..f1c110c 100644 --- a/hooks/lib/stdlib.bash +++ b/hooks/lib/stdlib.bash @@ -90,6 +90,11 @@ compute_tag() { sums+="$(echo "${arg}" | sha1sum)" done + + if [[ -n "${BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_ADDITIONAL_BUILD_ARGS:-}" ]]; then + echoerr 'ADDITIONAL_BUILD_ARGS' + sums+="$(echo "${BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_ADDITIONAL_BUILD_ARGS}" | sha1sum)" + fi # expand ** in cache-on properties shopt -s globstar diff --git a/tests/stdlib.bats b/tests/stdlib.bats index 955493c..db619ae 100644 --- a/tests/stdlib.bats +++ b/tests/stdlib.bats @@ -63,6 +63,7 @@ pre_command_hook="$PWD/hooks/pre-command" assert_line "ARCHITECTURE" assert_line "+ my-architecture" assert_line "BUILD_ARGS" + refute_line "ADDITIONAL_BUILD_ARGS" assert_line "CACHE_ON" unstub uname @@ -91,6 +92,7 @@ pre_command_hook="$PWD/hooks/pre-command" assert_line "ARCHITECTURE" assert_line "+ my-architecture" assert_line "BUILD_ARGS" + refute_line "ADDITIONAL_BUILD_ARGS" assert_line "CACHE_ON" unstub uname @@ -122,6 +124,7 @@ pre_command_hook="$PWD/hooks/pre-command" assert_line "+ my-architecture" assert_line "BUILD_ARGS" assert_line "+ foo=1" + refute_line "ADDITIONAL_BUILD_ARGS" assert_line "CACHE_ON" unstub uname @@ -155,6 +158,7 @@ pre_command_hook="$PWD/hooks/pre-command" assert_line "+ my-architecture" assert_line "BUILD_ARGS" assert_line "+ foo=1" + refute_line "ADDITIONAL_BUILD_ARGS" assert_line "CACHE_ON" unstub uname @@ -187,9 +191,41 @@ pre_command_hook="$PWD/hooks/pre-command" assert_line "ARCHITECTURE" assert_line "+ my-architecture" assert_line "BUILD_ARGS" + refute_line "ADDITIONAL_BUILD_ARGS" assert_line "CACHE_ON" unstub uname unstub jq unstub sha1sum } + +@test "Can compute image tag with additional-build-args" { + # this var leaks in via pre-command + target="my-multi-stage-container" + export BUILDKITE_PLUGIN_DOCKER_ECR_CACHE_ADDITIONAL_BUILD_ARGS='--platform=linux/amd64,linux/arm64' + + stub uname \ + "-m : echo my-architecture" \ + "-m : echo my-architecture" + stub sha1sum \ + "pretend-dockerfile : echo sha1sum(pretend-dockerfile)" \ + ": echo sha1sum(target: my-multi-stage-container)" \ + ": echo sha1sum(uname: my-architecture)" \ + ": echo sha1sum(--platform=linux/amd64,linux/arm64)" \ + ": echo sha1sum(hashes so far)" + + run compute_tag "pretend-dockerfile" + + assert_success + assert_line "--- Computing tag" + assert_line "DOCKERFILE" + assert_line "+ pretend-dockerfile:my-multi-stage-container" + assert_line "ARCHITECTURE" + assert_line "+ my-architecture" + assert_line "BUILD_ARGS" + assert_line "ADDITIONAL_BUILD_ARGS" + assert_line "CACHE_ON" + + unstub uname + unstub sha1sum +}