use methods from toolkit to handle provenance attrs

Signed-off-by: CrazyMax <[email protected]>

Author: crazy-max

__tests__/context.test.ts

@@ -4,7 +4,7 @@ import * as path from 'path';
 import {Builder} from '@docker/actions-toolkit/lib/buildx/builder';
 import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx';
 import {Context} from '@docker/actions-toolkit/lib/context';
-import {Docker} from '@docker/actions-toolkit/lib/docker';
+import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
 import {BuilderInfo} from '@docker/actions-toolkit/lib/types/builder';
@@ -42,9 +42,9 @@ jest.spyOn(Builder.prototype, 'inspect').mockImplementation(async (): Promise<Bu
     lastActivity: new Date('2023-01-16 09:45:23 +0000 UTC'),
     nodes: [
       {
-        buildkitVersion: 'v0.11.0',
-        buildkitdFlags: '--debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
-        driverOpts: ['BUILDKIT_STEP_LOG_MAX_SIZE=10485760', 'BUILDKIT_STEP_LOG_MAX_SPEED=10485760', 'JAEGER_TRACE=localhost:6831', 'image=moby/buildkit:latest', 'network=host'],
+        buildkit: 'v0.11.0',
+        'buildkitd-flags': '--debug --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host',
+        'driver-opts': ['BUILDKIT_STEP_LOG_MAX_SIZE=10485760', 'BUILDKIT_STEP_LOG_MAX_SPEED=10485760', 'JAEGER_TRACE=localhost:6831', 'image=moby/buildkit:latest', 'network=host'],
         endpoint: 'unix:///var/run/docker.sock',
         name: 'builder20',
         platforms: 'linux/amd64,linux/amd64/v2,linux/amd64/v3,linux/arm64,linux/riscv64,linux/ppc64le,linux/s390x,linux/386,linux/mips64le,linux/mips64,linux/arm/v7,linux/arm/v6',
@@ -609,7 +609,7 @@ nproc=3`],
       jest.spyOn(Buildx.prototype, 'version').mockImplementation(async (): Promise<string> => {
         return buildxVersion;
       });
-      const inp = await context.getInputs();
+      const inp = await context.getInputs(toolkit);
       const res = await context.getArgs(inp, toolkit);
       expect(res).toEqual(expected);
     }

package.json

@@ -30,7 +30,6 @@
   "dependencies": {
     "@actions/core": "^1.10.0",
     "@docker/actions-toolkit": "^0.1.0-beta.19",
-    "csv-parse": "^5.3.5",
     "handlebars": "^4.7.7"
   },
   "devDependencies": {

src/context.ts

@@ -1,5 +1,4 @@
 import * as core from '@actions/core';
-import {parse} from 'csv-parse/sync';
 import * as handlebars from 'handlebars';
 import {Context} from '@docker/actions-toolkit/lib/context';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
@@ -40,7 +39,7 @@ export interface Inputs {
   githubToken: string;
 }
 
-export async function getInputs(): Promise<Inputs> {
+export async function getInputs(toolkit: Toolkit): Promise<Inputs> {
   return {
     addHosts: Util.getInputList('add-hosts'),
     allow: Util.getInputList('allow'),
@@ -60,7 +59,7 @@ export async function getInputs(): Promise<Inputs> {
     noCacheFilters: Util.getInputList('no-cache-filters'),
     outputs: Util.getInputList('outputs', {ignoreComma: true}),
     platforms: Util.getInputList('platforms'),
-    provenance: getProvenanceInput('provenance'),
+    provenance: toolkit.buildx.inputs.getProvenanceInput('provenance'),
     pull: core.getBooleanInput('pull'),
     push: core.getBooleanInput('push'),
     sbom: core.getInput('sbom'),
@@ -145,10 +144,10 @@ async function getBuildArgs(inputs: Inputs, context: string, toolkit: Toolkit):
       if (GitHub.context.payload.repository?.private ?? false) {
         // if this is a private repository, we set the default provenance
         // attributes being set in buildx: https://github.com/docker/buildx/blob/fb27e3f919dcbf614d7126b10c2bc2d0b1927eb6/build/build.go#L603
-        args.push('--provenance', getProvenanceAttrs(`mode=min,inline-only=true`));
+        args.push('--provenance', toolkit.buildx.inputs.resolveProvenanceAttrs(`mode=min,inline-only=true`));
       } else {
         // for a public repository, we set max provenance mode.
-        args.push('--provenance', getProvenanceAttrs(`mode=max`));
+        args.push('--provenance', toolkit.buildx.inputs.resolveProvenanceAttrs(`mode=max`));
       }
     }
     if (inputs.sbom) {
@@ -215,37 +214,3 @@ async function getCommonArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
   }
   return args;
 }
-
-function getProvenanceInput(name: string): string {
-  const input = core.getInput(name);
-  if (!input) {
-    // if input is not set, default values will be set later.
-    return input;
-  }
-  try {
-    return core.getBooleanInput(name) ? `builder-id=${Context.provenanceBuilderID()}` : 'false';
-  } catch (err) {
-    // not a valid boolean, so we assume it's a string
-    return getProvenanceAttrs(input);
-  }
-}
-
-function getProvenanceAttrs(input: string): string {
-  // parse attributes from input
-  const fields = parse(input, {
-    relaxColumnCount: true,
-    skipEmptyLines: true
-  })[0];
-  // check if builder-id attribute exists in the input
-  for (const field of fields) {
-    const parts = field
-      .toString()
-      .split(/(?<=^[^=]+?)=/)
-      .map(item => item.trim());
-    if (parts[0] == 'builder-id') {
-      return input;
-    }
-  }
-  // if not add builder-id attribute
-  return `${input},builder-id=${Context.provenanceBuilderID()}`;
-}

src/main.ts

@@ -3,7 +3,7 @@ import * as stateHelper from './state-helper';
 import * as core from '@actions/core';
 import * as actionsToolkit from '@docker/actions-toolkit';
 import {Context} from '@docker/actions-toolkit/lib/context';
-import {Docker} from '@docker/actions-toolkit/lib/docker';
+import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
 import {Exec} from '@docker/actions-toolkit/lib/exec';
 import {GitHub} from '@docker/actions-toolkit/lib/github';
 import {Toolkit} from '@docker/actions-toolkit/lib/toolkit';
@@ -13,8 +13,8 @@ import * as context from './context';
 actionsToolkit.run(
   // main
   async () => {
-    const inputs: context.Inputs = await context.getInputs();
     const toolkit = new Toolkit();
+    const inputs: context.Inputs = await context.getInputs(toolkit);
 
     await core.group(`GitHub Actions runtime token ACs`, async () => {
       try {