(DRON-232) enable build-kit for secrets consumption

card.go

@@ -22,7 +22,7 @@ func (p Plugin) writeCard() error {
 		return err
 	}
 
-	out := Inspect{}
+	out := Card{}
 	if err := json.Unmarshal(data, &out); err != nil {
 		return err
 	}
@@ -31,6 +31,12 @@ func (p Plugin) writeCard() error {
 	inspect.SizeString = fmt.Sprint(bytesize.New(float64(inspect.Size)))
 	inspect.VirtualSizeString = fmt.Sprint(bytesize.New(float64(inspect.VirtualSize)))
 	inspect.Time = fmt.Sprint(inspect.Metadata.LastTagTime.Format(time.RFC3339))
+	// change slice of tags to slice of TagStruct
+	var sliceTagStruct []TagStruct
+	for _, tag := range inspect.RepoTags {
+		sliceTagStruct = append(sliceTagStruct, TagStruct{Tag: tag})
+	}
+	inspect.ParsedRepoTags = sliceTagStruct
 	cardData, _ := json.Marshal(inspect)
 
 	card := drone.CardInput{

cmd/drone-docker/main.go

@@ -249,6 +249,11 @@ func main() {
 			Usage:  "additional host:IP mapping",
 			EnvVar: "PLUGIN_ADD_HOST",
 		},
+		cli.StringFlag{
+			Name:   "secret",
+			Usage:  "secret key value pair eg id=MYSECRET",
+			EnvVar: "PLUGIN_SECRET",
+		},
 		cli.StringFlag{
 			Name:   "drone-card-path",
 			Usage:  "card path location to write to",
@@ -292,6 +297,7 @@ func run(c *cli.Context) error {
 			AutoLabel:   c.BoolT("auto-label"),
 			Link:        c.String("link"),
 			NoCache:     c.Bool("no-cache"),
+			Secret:      c.String("secret"),
 			AddHost:     c.StringSlice("add-host"),
 			Quiet:       c.Bool("quiet"),
 		},

docker.go

@@ -58,6 +58,7 @@ type (
 		Labels      []string // Label map
 		Link        string   // Git repo link
 		NoCache     bool     // Docker build no-cache
+		Secret      string   // secret keypair
 		AddHost     []string // Docker build add-host
 		Quiet       bool     // Docker build quiet
 	}
@@ -72,27 +73,31 @@ type (
 		CardPath string // Card path to write file to
 	}
 
-	Inspect []struct {
-		ID            string        `json:"Id"`
-		RepoTags      []string      `json:"RepoTags"`
-		RepoDigests   []interface{} `json:"RepoDigests"`
-		Parent        string        `json:"Parent"`
-		Comment       string        `json:"Comment"`
-		Created       time.Time     `json:"Created"`
-		Container     string        `json:"Container"`
-		DockerVersion string        `json:"DockerVersion"`
-		Author        string        `json:"Author"`
-		Architecture  string        `json:"Architecture"`
-		Os            string        `json:"Os"`
-		Size          int           `json:"Size"`
-		VirtualSize   int           `json:"VirtualSize"`
-		Metadata      struct {
+	Card []struct {
+		ID             string        `json:"Id"`
+		RepoTags       []string      `json:"RepoTags"`
+		ParsedRepoTags []TagStruct   `json:"ParsedRepoTags"`
+		RepoDigests    []interface{} `json:"RepoDigests"`
+		Parent         string        `json:"Parent"`
+		Comment        string        `json:"Comment"`
+		Created        time.Time     `json:"Created"`
+		Container      string        `json:"Container"`
+		DockerVersion  string        `json:"DockerVersion"`
+		Author         string        `json:"Author"`
+		Architecture   string        `json:"Architecture"`
+		Os             string        `json:"Os"`
+		Size           int           `json:"Size"`
+		VirtualSize    int           `json:"VirtualSize"`
+		Metadata       struct {
 			LastTagTime time.Time `json:"LastTagTime"`
 		} `json:"Metadata"`
 		SizeString        string
 		VirtualSizeString string
 		Time              string
 	}
+	TagStruct struct {
+		Tag string `json:"Tag"`
+	}
 )
 
 // Exec executes the plugin step
@@ -175,7 +180,7 @@ func (p Plugin) Exec() error {
 	for _, tag := range p.Build.Tags {
 		cmds = append(cmds, commandTag(p.Build, tag)) // docker tag
 
-		if p.Dryrun == false {
+		if !p.Dryrun {
 			cmds = append(cmds, commandPush(p.Build, tag)) // docker push
 		}
 	}
@@ -297,6 +302,9 @@ func commandBuild(build Build) *exec.Cmd {
 	for _, host := range build.AddHost {
 		args = append(args, "--add-host", host)
 	}
+	if build.Secret != "" {
+		args = append(args, "--secret", build.Secret)
+	}
 	if build.Target != "" {
 		args = append(args, "--target", build.Target)
 	}
@@ -328,6 +336,10 @@ func commandBuild(build Build) *exec.Cmd {
 		}
 	}
 
+	// we need to enable buildkit, for secret support
+	if build.Secret != "" {
+		os.Setenv("DOCKER_BUILDKIT", "1")
+	}
 	return exec.Command(dockerExe, args...)
 }
 

docs/card.data.json

@@ -0,0 +1,40 @@
+{
+    "Id": "sha256:3b0709c9afb41629c79c93355feed114d08a8c1bedd975eb53af08f4b867fd91",
+    "RepoTags": [
+        "798a0dae10d63d281eff4c06eaa12001ffd23740:latest",
+        "tphoney/test:latest"
+    ],
+    "ParsedRepoTags": [
+        {
+            "Tag": ""
+        },
+        {
+            "Tag": ""
+        },
+        {
+            "Tag": "798a0dae10d63d281eff4c06eaa12001ffd23740:latest"
+        },
+        {
+            "Tag": "tphoney/test:latest"
+        }
+    ],
+    "RepoDigests": [
+        "tphoney/test@sha256:93f8b95aaae7d194208b72e94a3a90544b00c8f2ad45aeb89d81a0c6ccbc5e19"
+    ],
+    "Parent": "sha256:493aa330a5929027dd8ecded9fa8c473a1508d17c0fd7d6a94a7f197f8d22c60",
+    "Comment": "",
+    "Created": "2022-02-16T11:13:40.8956582Z",
+    "Container": "a57c0ca4dd2e081df8758e00549f7abe83803f1a1a7aaaf1cd8e685a5eb5a097",
+    "DockerVersion": "20.10.9",
+    "Author": "",
+    "Architecture": "amd64",
+    "Os": "linux",
+    "Size": 14045949,
+    "VirtualSize": 14045949,
+    "Metadata": {
+        "LastTagTime": "2022-02-16T11:13:40.9433973Z"
+    },
+    "SizeString": "13.40MB",
+    "VirtualSizeString": "13.40MB",
+    "Time": "2022-02-16T11:13:40Z"
+}

docs/card.json

@@ -51,19 +51,22 @@
                         {
                             "type": "TextBlock",
                             "weight": "Lighter",
-                            "text": "OS/ARCH",
+                            "text": "TAGS",
                             "wrap": true,
                             "size": "Small",
                             "isSubtle": true,
                             "spacing": "Medium"
                         },
                         {
-                            "type": "TextBlock",
-                            "text": "${OS}/${Architecture}",
-                            "wrap": true,
-                            "size": "Small",
+                            "type": "FactSet",
+                            "facts": [
+                                {
+                                    "title": "-",
+                                    "value": "${Tag}"
+                                }
+                            ],
                             "spacing": "Small",
-                            "weight": "Bolder"
+                            "$data": "${ParsedRepoTags}"
                         }
                     ],
                     "separator": true,
@@ -124,4 +127,4 @@
     ],
     "$schema": "http://adaptivecards.io/schemas/adaptive-card.json",
     "version": "1.5"
-}
+}