docker
/
build-push-action
mirror of https://github.com/docker/build-push-action.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #127 from useblacksmith/refactor/remove-buildkit-management

Browse Source 
refactor: split build-push-action to separate infrastructure setup
pull/1395/head
Aditya Maru 5 months ago committed by GitHub
parent ac765fe619 6eb4580a2b
commit c213746489
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
13 changed files with 212 additions and 1539 deletions
Show Stats Download Patch File Download Diff File

49
.github/workflows/bump_tags_to_master.yaml vendored
Unescape Escape View File

@ -1,23 +1,28 @@
name: Bump Tags to master
# IMPORTANT: This workflow is commented out to prevent breaking existing customer workflows.
# v2 is a breaking version as it relies on setup-docker-builder being called before this action.
# To avoid bumping older version tags to the head of master and breaking existing customer workflows,
# we will keep this workflow only as a reference on how to bump tags.
on:
workflow_dispatch:
jobs:
bump-tags:
runs-on: blacksmith
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Update v1, v1.0.0-beta tags
run: |
git config user.name github-actions[bot]
git config user.email github-actions[bot]@users.noreply.github.com
git tag -fa v1.2 -m "Update v1.2 tag to latest commit on master"
git tag -fa v1.1 -m "Update v1.1 tag to latest commit on master"
git tag -fa v1 -m "Update v1 tag to latest commit on master"
git tag -fa v1.0.0-beta -m "Update v1.0.0-beta tag to latest commit on master"
git push origin v1.2 v1.1 v1 v1.0.0-beta --force
# name: Bump Tags to master
#
# on:
# workflow_dispatch:
#
# jobs:
# bump-tags:
# runs-on: blacksmith
# steps:
# - name: Checkout code
# uses: actions/checkout@v4
# with:
# fetch-depth: 0
#
# - name: Update v1, v1.0.0-beta tags
# run: |
# git config user.name github-actions[bot]
# git config user.email github-actions[bot]@users.noreply.github.com
# git tag -fa v1.2 -m "Update v1.2 tag to latest commit on master"
# git tag -fa v1.1 -m "Update v1.1 tag to latest commit on master"
# git tag -fa v1 -m "Update v1 tag to latest commit on master"
# git tag -fa v1.0.0-beta -m "Update v1.0.0-beta tag to latest commit on master"
# git push origin v1.2 v1.1 v1 v1.0.0-beta --force

12
action.yml
Unescape Escape View File

@ -7,14 +7,6 @@ branding:
color: 'blue'
inputs:
nofallback:
description: "Fail the build if the remote builder is not available; defaults to false"
required: false
default: 'false'
setup-only:
description: "Only setup the Blacksmith builder without running a Docker build; defaults to false"
required: false
default: 'false'
add-hosts:
description: "List of a customs host-to-IP mapping (e.g., docker:10.180.0.1)"
required: false
@ -36,10 +28,6 @@ inputs:
builder:
description: "Builder instance"
required: false
buildx-version:
description: "Version of Buildx to install"
required: false
default: 'v0.23.0'
cache-from:
description: "List of external cache sources for buildx (e.g., user/app:cache, type=local,src=path/to/dir)"
required: false

1
babel.config.js
Unescape Escape View File

@ -1,3 +1,4 @@
// eslint-disable-next-line no-undef
module.exports = {
presets: [
['@babel/preset-env', { targets: { node: 'current' } }],

36
dist/index.js generated vendored
View File

File diff suppressed because one or more lines are too long

2
dist/index.js.map generated vendored
View File

File diff suppressed because one or more lines are too long

526
dist/licenses.txt generated vendored
Unescape Escape View File

@ -624,24 +624,6 @@ LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
IN THE SOFTWARE.
@iarna/toml
ISC
Copyright (c) 2016, Rebecca Turner <me@re-becca.org>
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
@octokit/auth-token
MIT
The MIT License
@ -1206,44 +1188,6 @@ Apache-2.0
of your accepting any such warranty or additional liability.
@sec-ant/readable-stream
MIT
MIT License
Copyright (c) 2022 Ze-Zheng Wu
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
@sindresorhus/merge-streams
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
@vercel/ncc
MIT
Copyright 2018 ZEIT, Inc.
@ -2267,31 +2211,6 @@ WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
OTHER DEALINGS IN THE SOFTWARE.
cross-spawn
MIT
The MIT License (MIT)
Copyright (c) 2018 Made With MOXY Lda <hello@moxy.studio>
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in
all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
csv-parse
MIT
The MIT License (MIT)
@ -2412,19 +2331,6 @@ SOFTWARE.
execa
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
fast-fifo
MIT
The MIT License (MIT)
@ -2475,19 +2381,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
figures
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
follow-redirects
MIT
Copyright 2014present Olivier Lalonde <olalonde@gmail.com>, James Talmage <james@talmage.io>, Ruben Verborgh
@ -2533,19 +2426,6 @@ Copyright (c) 2012 Felix Geisendörfer (felix@debuggable.com) and contributors
THE SOFTWARE.
get-stream
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
glob
ISC
The ISC License
@ -2695,211 +2575,6 @@ CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
human-signals
Apache-2.0
Apache License
Version 2.0, January 2004
http://www.apache.org/licenses/
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
1. Definitions.
"License" shall mean the terms and conditions for use, reproduction,
and distribution as defined by Sections 1 through 9 of this document.
"Licensor" shall mean the copyright owner or entity authorized by
the copyright owner that is granting the License.
"Legal Entity" shall mean the union of the acting entity and all
other entities that control, are controlled by, or are under common
control with that entity. For the purposes of this definition,
"control" means (i) the power, direct or indirect, to cause the
direction or management of such entity, whether by contract or
otherwise, or (ii) ownership of fifty percent (50%) or more of the
outstanding shares, or (iii) beneficial ownership of such entity.
"You" (or "Your") shall mean an individual or Legal Entity
exercising permissions granted by this License.
"Source" form shall mean the preferred form for making modifications,
including but not limited to software source code, documentation
source, and configuration files.
"Object" form shall mean any form resulting from mechanical
transformation or translation of a Source form, including but
not limited to compiled object code, generated documentation,
and conversions to other media types.
"Work" shall mean the work of authorship, whether in Source or
Object form, made available under the License, as indicated by a
copyright notice that is included in or attached to the work
(an example is provided in the Appendix below).
"Derivative Works" shall mean any work, whether in Source or Object
form, that is based on (or derived from) the Work and for which the
editorial revisions, annotations, elaborations, or other modifications
represent, as a whole, an original work of authorship. For the purposes
of this License, Derivative Works shall not include works that remain
separable from, or merely link (or bind by name) to the interfaces of,
the Work and Derivative Works thereof.
"Contribution" shall mean any work of authorship, including
the original version of the Work and any modifications or additions
to that Work or Derivative Works thereof, that is intentionally
submitted to Licensor for inclusion in the Work by the copyright owner
or by an individual or Legal Entity authorized to submit on behalf of
the copyright owner. For the purposes of this definition, "submitted"
means any form of electronic, verbal, or written communication sent
to the Licensor or its representatives, including but not limited to
communication on electronic mailing lists, source code control systems,
and issue tracking systems that are managed by, or on behalf of, the
Licensor for the purpose of discussing and improving the Work, but
excluding communication that is conspicuously marked or otherwise
designated in writing by the copyright owner as "Not a Contribution."
"Contributor" shall mean Licensor and any individual or Legal Entity
on behalf of whom a Contribution has been received by Licensor and
subsequently incorporated within the Work.
2. Grant of Copyright License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
copyright license to reproduce, prepare Derivative Works of,
publicly display, publicly perform, sublicense, and distribute the
Work and such Derivative Works in Source or Object form.
3. Grant of Patent License. Subject to the terms and conditions of
this License, each Contributor hereby grants to You a perpetual,
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
(except as stated in this section) patent license to make, have made,
use, offer to sell, sell, import, and otherwise transfer the Work,
where such license applies only to those patent claims licensable
by such Contributor that are necessarily infringed by their
Contribution(s) alone or by combination of their Contribution(s)
with the Work to which such Contribution(s) was submitted. If You
institute patent litigation against any entity (including a
cross-claim or counterclaim in a lawsuit) alleging that the Work
or a Contribution incorporated within the Work constitutes direct
or contributory patent infringement, then any patent licenses
granted to You under this License for that Work shall terminate
as of the date such litigation is filed.
4. Redistribution. You may reproduce and distribute copies of the
Work or Derivative Works thereof in any medium, with or without
modifications, and in Source or Object form, provided that You
meet the following conditions:
(a) You must give any other recipients of the Work or
Derivative Works a copy of this License; and
(b) You must cause any modified files to carry prominent notices
stating that You changed the files; and
(c) You must retain, in the Source form of any Derivative Works
that You distribute, all copyright, patent, trademark, and
attribution notices from the Source form of the Work,
excluding those notices that do not pertain to any part of
the Derivative Works; and
(d) If the Work includes a "NOTICE" text file as part of its
distribution, then any Derivative Works that You distribute must
include a readable copy of the attribution notices contained
within such NOTICE file, excluding those notices that do not
pertain to any part of the Derivative Works, in at least one
of the following places: within a NOTICE text file distributed
as part of the Derivative Works; within the Source form or
documentation, if provided along with the Derivative Works; or,
within a display generated by the Derivative Works, if and
wherever such third-party notices normally appear. The contents
of the NOTICE file are for informational purposes only and
do not modify the License. You may add Your own attribution
notices within Derivative Works that You distribute, alongside
or as an addendum to the NOTICE text from the Work, provided
that such additional attribution notices cannot be construed
as modifying the License.
You may add Your own copyright statement to Your modifications and
may provide additional or different license terms and conditions
for use, reproduction, or distribution of Your modifications, or
for any such Derivative Works as a whole, provided Your use,
reproduction, and distribution of the Work otherwise complies with
the conditions stated in this License.
5. Submission of Contributions. Unless You explicitly state otherwise,
any Contribution intentionally submitted for inclusion in the Work
by You to the Licensor shall be under the terms and conditions of
this License, without any additional terms or conditions.
Notwithstanding the above, nothing herein shall supersede or modify
the terms of any separate license agreement you may have executed
with Licensor regarding such Contributions.
6. Trademarks. This License does not grant permission to use the trade
names, trademarks, service marks, or product names of the Licensor,
except as required for reasonable and customary use in describing the
origin of the Work and reproducing the content of the NOTICE file.
7. Disclaimer of Warranty. Unless required by applicable law or
agreed to in writing, Licensor provides the Work (and each
Contributor provides its Contributions) on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
implied, including, without limitation, any warranties or conditions
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
PARTICULAR PURPOSE. You are solely responsible for determining the
appropriateness of using or redistributing the Work and assume any
risks associated with Your exercise of permissions under this License.
8. Limitation of Liability. In no event and under no legal theory,
whether in tort (including negligence), contract, or otherwise,
unless required by applicable law (such as deliberate and grossly
negligent acts) or agreed to in writing, shall any Contributor be
liable to You for damages, including any direct, indirect, special,
incidental, or consequential damages of any character arising as a
result of this License or out of the use or inability to use the
Work (including but not limited to damages for loss of goodwill,
work stoppage, computer failure or malfunction, or any and all
other commercial damages or losses), even if such Contributor
has been advised of the possibility of such damages.
9. Accepting Warranty or Additional Liability. While redistributing
the Work or Derivative Works thereof, You may choose to offer,
and charge a fee for, acceptance of support, warranty, indemnity,
or other liability obligations and/or rights consistent with this
License. However, in accepting such obligations, You may act only
on Your own behalf and on Your sole responsibility, not on behalf
of any other Contributor, and only if You agree to indemnify,
defend, and hold each Contributor harmless for any liability
incurred by, or claims asserted against, such Contributor by reason
of your accepting any such warranty or additional liability.
END OF TERMS AND CONDITIONS
APPENDIX: How to apply the Apache License to your work.
To apply the Apache License to your work, attach the following
boilerplate notice, with the fields enclosed by brackets "[]"
replaced with your own identifying information. (Don't include
the brackets!) The text should be enclosed in the appropriate
comment syntax for the file format. We also recommend that a
file or class name and description of purpose be included on the
same "printed page" as the copyright notice for easier
identification within third-party archives.
Copyright 2025 ehmicky <ehmicky@gmail.com>
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
inherits
ISC
The ISC License
@ -2920,19 +2595,6 @@ PERFORMANCE OF THIS SOFTWARE.
is-plain-obj
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
is-plain-object
MIT
The MIT License (MIT)
@ -2985,41 +2647,9 @@ The above copyright notice and this permission notice shall be included in all c
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
is-unicode-supported
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
isarray
MIT
isexe
ISC
The ISC License
Copyright (c) Isaac Z. Schlueter and Contributors
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
js-yaml
MIT
(The MIT License)
@ -3360,19 +2990,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
npm-run-path
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
once
ISC
The ISC License
@ -3392,32 +3009,6 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
parse-ms
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
path-key
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
path-scurry
BlueOak-1.0.0
# Blue Oak Model License
@ -3477,19 +3068,6 @@ will be liable to anyone for any damages related to this
software or this license, under any kind of legal claim.***
pretty-ms
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
process
MIT
(The MIT License)
@ -3887,52 +3465,6 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
shebang-command
MIT
MIT License
Copyright (c) Kevin Mårtensson <kevinmartensson@gmail.com> (github.com/kevva)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
shebang-regex
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
signal-exit
ISC
The ISC License
Copyright (c) 2015-2023 Benjamin Coe, Isaac Z. Schlueter, and Contributors
Permission to use, copy, modify, and/or distribute this software
for any purpose with or without fee is hereby granted, provided
that the above copyright notice and this permission notice
appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES
OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE
LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES
OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS,
WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION,
ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
source-map
BSD-3-Clause
@ -4042,19 +3574,6 @@ IN THE SOFTWARE.
strip-final-newline
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
strnum
MIT
MIT License
@ -4446,19 +3965,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
unicorn-magic
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
universal-user-agent
ISC
# [ISC License](https://spdx.org/licenses/ISC)
@ -4589,25 +4095,6 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
which
ISC
The ISC License
Copyright (c) Isaac Z. Schlueter and Contributors
Permission to use, copy, modify, and/or distribute this software for any
purpose with or without fee is hereby granted, provided that the above
copyright notice and this permission notice appear in all copies.
THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
wrappy
ISC
The ISC License
@ -4627,19 +4114,6 @@ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR
IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
yoctocolors
MIT
MIT License
Copyright (c) Sindre Sorhus <sindresorhus@gmail.com> (https://sindresorhus.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
zip-stream
MIT
Copyright (c) 2014 Chris Talkington, contributors.

78
plan.md
Unescape Escape View File

@ -0,0 +1,78 @@
# Build-Push-Action Refactoring Plan
## Overview
Split the current `useblacksmith/build-push-action` into two separate actions:
1. `useblacksmith/setup-docker-builder` - Manages buildkitd lifecycle and stickydisk
2. `useblacksmith/build-push-action` - Focuses on Docker builds and metrics reporting
## Current Problems
- The existing action supports two modes: "setup-only" and normal mode
- Complex logic to manage buildkitd lifecycle across multiple invocations
- Buildkitd must be shut down after each build to support multiple builds in one job
- Post-action steps run in reverse order, complicating cleanup
## Proposed Architecture
### useblacksmith/setup-docker-builder
**Responsibilities:**
- Start buildkitd once per workflow job
- Mount stickydisk at `/var/lib/buildkit` for shared Docker layer cache
- Handle all cleanup, shutdown, and commit logic in post-action
- Manage the entire buildkitd lifecycle
**Key Features:**
- Single buildkitd instance for entire job
- All stickydisk logic centralized here
- Post-action handles:
- Buildkitd shutdown
- Stickydisk commit (conditional based on build success)
- Cleanup
### useblacksmith/build-push-action
**Responsibilities:**
- Execute Docker builds against running buildkitd
- Report build metrics to control plane
- No buildkitd lifecycle management
**Key Features:**
- Simplified logic - just build and push
- Can be invoked multiple times in same job
- Focuses on Docker operations and telemetry
## Usage Patterns
### Multiple Dockerfiles
```yaml
- uses: useblacksmith/setup-docker-builder
- uses: useblacksmith/build-push-action # dockerfile 1
- uses: useblacksmith/build-push-action # dockerfile 2
- uses: useblacksmith/build-push-action # dockerfile 3
```
### Custom Docker Commands
```yaml
- uses: useblacksmith/setup-docker-builder
- run: docker bake
- run: # other custom docker commands
```
## Open Questions
1. How can the post-action of `setup-docker-builder` access build results from `build-push-action` invocations?
- Need to determine if stickydisk should be committed based on build success
- Possible solutions:
- Environment variables
- File-based communication
- GitHub Actions outputs/state
## Benefits
1. **Cleaner separation of concerns** - Setup vs build logic separated
2. **Simpler maintenance** - Each action has focused responsibility
3. **Better user experience** - One buildkitd instance regardless of build count
4. **More flexible** - Users can mix our build action with custom Docker commands
## Migration Path
1. Create new `setup-docker-builder` repository/action
2. Move buildkitd setup and stickydisk logic from current action
3. Refactor `build-push-action` to remove setup logic
4. Update documentation and examples
5. Provide migration guide for existing users

127
src/__tests__/blacksmith-builder.test.ts
Unescape Escape View File

@ -2,8 +2,6 @@ import * as core from '@actions/core';
import * as main from '../main';
import * as reporter from '../reporter';
import {getDockerfilePath} from '../context';
import * as setupBuilder from '../setup_builder';
import {Metric_MetricType} from '@buf/blacksmith_vm-agent.bufbuild_es/stickydisk/v1/stickydisk_pb';
jest.mock('@actions/core', () => ({
debug: jest.fn(),
@ -26,135 +24,62 @@ jest.mock('../reporter', () => {
return {
...actual,
reportBuildPushActionFailure: jest.fn().mockResolvedValue(undefined),
reportMetric: jest.fn().mockImplementation((type: Metric_MetricType) => Promise.resolve())
reportBuild: jest.fn()
};
});
jest.mock('../setup_builder', () => ({
...jest.requireActual('../setup_builder'),
startAndConfigureBuildkitd: jest.fn(),
setupStickyDisk: jest.fn(),
getNumCPUs: jest.fn().mockResolvedValue(4),
leaveTailnet: jest.fn().mockResolvedValue(undefined),
getTailscaleIP: jest.fn()
}));
describe('startBlacksmithBuilder', () => {
describe('reportBuildStart', () => {
let mockInputs;
beforeEach(() => {
jest.clearAllMocks();
mockInputs = {
nofallback: false,
setupOnly: false,
platforms: []
};
});
test('should handle missing dockerfile path with nofallback=false', async () => {
test('should handle missing dockerfile path', async () => {
(getDockerfilePath as jest.Mock).mockReturnValue(null);
const result = await main.startBlacksmithBuilder(mockInputs);
const result = await main.reportBuildStart(mockInputs);
expect(result).toEqual({addr: null, buildId: null, exposeId: ''});
expect(core.warning).toHaveBeenCalledWith('Error during Blacksmith builder setup: Failed to resolve dockerfile path. Falling back to a local build.');
expect(reporter.reportBuildPushActionFailure).toHaveBeenCalledWith(new Error('Failed to resolve dockerfile path'), 'starting blacksmith builder');
});
test('should handle missing dockerfile path with nofallback=true', async () => {
(getDockerfilePath as jest.Mock).mockReturnValue(null);
mockInputs.nofallback = true;
await expect(main.startBlacksmithBuilder(mockInputs)).rejects.toThrow('Failed to resolve dockerfile path');
expect(core.warning).toHaveBeenCalledWith('Error during Blacksmith builder setup: Failed to resolve dockerfile path. Failing the build because nofallback is set.');
expect(reporter.reportBuildPushActionFailure).toHaveBeenCalledWith(new Error('Failed to resolve dockerfile path'), 'starting blacksmith builder');
expect(result).toBeNull();
expect(core.warning).toHaveBeenCalledWith('Error when reporting build metrics: Failed to resolve dockerfile path');
expect(reporter.reportBuildPushActionFailure).not.toHaveBeenCalled();
});
test('should handle error in setupStickyDisk with nofallback=false', async () => {
test('should successfully report build start', async () => {
const mockBuildId = 'test-build-id';
(getDockerfilePath as jest.Mock).mockReturnValue('/path/to/Dockerfile');
(setupBuilder.setupStickyDisk as jest.Mock).mockRejectedValue(new Error('Failed to obtain Blacksmith builder'));
(reporter.reportBuild as jest.Mock).mockResolvedValue({docker_build_id: mockBuildId});
mockInputs.nofallback = false;
const result = await main.startBlacksmithBuilder(mockInputs);
const result = await main.reportBuildStart(mockInputs);
expect(result).toEqual({addr: null, buildId: null, exposeId: ''});
expect(core.warning).toHaveBeenCalledWith('Error during Blacksmith builder setup: Failed to obtain Blacksmith builder. Falling back to a local build.');
expect(reporter.reportBuildPushActionFailure).toHaveBeenCalledWith(new Error('Failed to obtain Blacksmith builder'), 'starting blacksmith builder');
expect(result).toBe(mockBuildId);
expect(reporter.reportBuild).toHaveBeenCalledWith('/path/to/Dockerfile');
expect(reporter.reportBuildPushActionFailure).not.toHaveBeenCalled();
});
test('should handle error in setupStickyDisk with nofallback=true', async () => {
test('should handle reportBuildStart returning null', async () => {
(getDockerfilePath as jest.Mock).mockReturnValue('/path/to/Dockerfile');
const error = new Error('Failed to obtain Blacksmith builder');
(setupBuilder.setupStickyDisk as jest.Mock).mockRejectedValue(error);
mockInputs.nofallback = true;
(reporter.reportBuild as jest.Mock).mockResolvedValue(null);
await expect(main.startBlacksmithBuilder(mockInputs)).rejects.toThrow(error);
expect(core.warning).toHaveBeenCalledWith('Error during Blacksmith builder setup: Failed to obtain Blacksmith builder. Failing the build because nofallback is set.');
expect(reporter.reportBuildPushActionFailure).toHaveBeenCalledWith(error, 'starting blacksmith builder');
});
test('should successfully start buildkitd when setup succeeds', async () => {
const mockBuildkitdAddr = 'unix:///run/buildkit/buildkitd.sock';
const mockExposeId = 'test-expose-id';
const mockBuildId = 'test-build-id';
const mockDevice = '/dev/vdb';
const mockParallelism = 4;
const result = await main.reportBuildStart(mockInputs);
(getDockerfilePath as jest.Mock).mockReturnValue('/path/to/Dockerfile');
(setupBuilder.setupStickyDisk as jest.Mock).mockResolvedValue({
device: mockDevice,
buildId: mockBuildId,
exposeId: mockExposeId
});
(setupBuilder.getNumCPUs as jest.Mock).mockResolvedValue(mockParallelism);
(setupBuilder.startAndConfigureBuildkitd as jest.Mock).mockResolvedValue(mockBuildkitdAddr);
const result = await main.startBlacksmithBuilder(mockInputs);
expect(result).toEqual({
addr: mockBuildkitdAddr,
buildId: mockBuildId,
exposeId: mockExposeId
});
expect(setupBuilder.startAndConfigureBuildkitd).toHaveBeenCalledWith(mockParallelism, false, []);
expect(result).toBeNull();
expect(reporter.reportBuild).toHaveBeenCalledWith('/path/to/Dockerfile');
expect(reporter.reportBuildPushActionFailure).not.toHaveBeenCalled();
});
test('should handle buildkitd startup failure with nofallback=false', async () => {
const mockDevice = '/dev/vdb';
const mockParallelism = 4;
test('should handle error in reportBuildStart', async () => {
(getDockerfilePath as jest.Mock).mockReturnValue('/path/to/Dockerfile');
(setupBuilder.setupStickyDisk as jest.Mock).mockResolvedValue({
device: mockDevice,
buildId: 'test-build-id',
exposeId: 'test-expose-id'
});
(setupBuilder.getNumCPUs as jest.Mock).mockResolvedValue(mockParallelism);
(setupBuilder.startAndConfigureBuildkitd as jest.Mock).mockRejectedValue(new Error('Failed to start buildkitd'));
mockInputs.nofallback = false;
const result = await main.startBlacksmithBuilder(mockInputs);
expect(result).toEqual({addr: null, buildId: null, exposeId: ''});
expect(core.warning).toHaveBeenCalledWith('Error during buildkitd setup: Failed to start buildkitd. Falling back to a local build.');
expect(reporter.reportBuildPushActionFailure).toHaveBeenCalled();
});
(reporter.reportBuild as jest.Mock).mockRejectedValue(new Error('API error'));
test('should throw error when buildkitd fails and nofallback is true', async () => {
const mockDevice = '/dev/vdb';
const mockParallelism = 4;
(getDockerfilePath as jest.Mock).mockReturnValue('/path/to/Dockerfile');
(setupBuilder.setupStickyDisk as jest.Mock).mockResolvedValue({
device: mockDevice,
buildId: 'test-build-id',
exposeId: 'test-expose-id'
});
(setupBuilder.getNumCPUs as jest.Mock).mockResolvedValue(mockParallelism);
(setupBuilder.startAndConfigureBuildkitd as jest.Mock).mockRejectedValue(new Error('Failed to start buildkitd'));
mockInputs.nofallback = true;
await expect(main.startBlacksmithBuilder(mockInputs)).rejects.toThrow('Failed to start buildkitd');
expect(core.warning).toHaveBeenCalledWith('Error during buildkitd setup: Failed to start buildkitd. Failing the build because nofallback is set.');
expect(reporter.reportBuildPushActionFailure).toHaveBeenCalled();
const result = await main.reportBuildStart(mockInputs);
expect(result).toBeNull();
expect(core.warning).toHaveBeenCalledWith('Error reporting build start: API error');
expect(reporter.reportBuildPushActionFailure).not.toHaveBeenCalled();
});
});

8
src/context.ts
Unescape Escape View File

@ -57,9 +57,6 @@ export interface Inputs {
target: string;
ulimit: string[];
'github-token': string;
nofallback: boolean;
setupOnly: boolean;
'buildx-version': string;
}
export async function getInputs(): Promise<Inputs> {
@ -96,10 +93,7 @@ export async function getInputs(): Promise<Inputs> {
tags: Util.getInputList('tags'),
target: core.getInput('target'),
ulimit: Util.getInputList('ulimit', {ignoreComma: true}),
'github-token': core.getInput('github-token'),
nofallback: core.getBooleanInput('nofallback'),
setupOnly: core.getBooleanInput('setup-only'),
'buildx-version': core.getInput('buildx-version')
'github-token': core.getInput('github-token')
};
}

444
src/main.ts
Unescape Escape View File

@ -1,4 +1,3 @@
import * as fs from 'fs';
import * as path from 'path';
import * as stateHelper from './state-helper';
import * as core from '@actions/core';
@ -6,7 +5,6 @@ import * as actionsToolkit from '@docker/actions-toolkit';
import {Buildx} from '@docker/actions-toolkit/lib/buildx/buildx';
import {History as BuildxHistory} from '@docker/actions-toolkit/lib/buildx/history';
import {Context} from '@docker/actions-toolkit/lib/context';
import {Docker} from '@docker/actions-toolkit/lib/docker/docker';
import {Exec} from '@docker/actions-toolkit/lib/exec';
import {GitHub} from '@docker/actions-toolkit/lib/github';
@ -17,56 +15,12 @@ import {BuilderInfo} from '@docker/actions-toolkit/lib/types/buildx/builder';
import {ConfigFile} from '@docker/actions-toolkit/lib/types/docker/docker';
import * as context from './context';
import {promisify} from 'util';
import {exec} from 'child_process';
import * as reporter from './reporter';
import {setupStickyDisk, startAndConfigureBuildkitd, getNumCPUs, leaveTailnet, pruneBuildkitCache} from './setup_builder';
import {Metric_MetricType} from '@buf/blacksmith_vm-agent.bufbuild_es/stickydisk/v1/stickydisk_pb';
const DEFAULT_BUILDX_VERSION = 'v0.23.0';
const mountPoint = '/var/lib/buildkit';
const execAsync = promisify(exec);
async function retryWithBackoff<T>(operation: () => Promise<T>, maxRetries: number = 5, initialBackoffMs: number = 200): Promise<T> {
let lastError: Error = new Error('No error occurred');
for (let attempt = 0; attempt < maxRetries; attempt++) {
try {
return await operation();
} catch (error) {
lastError = error;
if (error.message?.includes('429') || error.status === 429) {
if (attempt < maxRetries - 1) {
const backoffMs = initialBackoffMs * Math.pow(2, attempt);
core.info(`Rate limited (429). Retrying in ${backoffMs}ms...`);
await new Promise(resolve => setTimeout(resolve, backoffMs));
continue;
}
}
throw error;
}
}
throw lastError;
}
async function setupBuildx(version: string, toolkit: Toolkit): Promise<void> {
let toolPath;
const standalone = await toolkit.buildx.isStandalone();
if (!(await toolkit.buildx.isAvailable()) || version) {
await core.group(`Download buildx from GitHub Releases`, async () => {
toolPath = await retryWithBackoff(() => toolkit.buildxInstall.download(version || 'latest', true));
});
}
if (toolPath) {
await core.group(`Install buildx`, async () => {
if (standalone) {
await toolkit.buildxInstall.installStandalone(toolPath);
} else {
await toolkit.buildxInstall.installPlugin(toolPath);
}
});
async function assertBuildxAvailable(toolkit: Toolkit): Promise<void> {
if (!(await toolkit.buildx.isAvailable())) {
core.setFailed(`Docker buildx is required. Please use setup-docker-builder action to configure buildx.`);
throw new Error('Docker buildx is not available');
}
await core.group(`Buildx version`, async () => {
@ -74,75 +28,37 @@ async function setupBuildx(version: string, toolkit: Toolkit): Promise<void> {
});
}
// Validates the version string to ensure it matches a basic expected pattern.
// Accepts versions of the form `v<MAJOR>.<MINOR>.<PATCH>` (e.g., v0.20.0) or the literal string `latest`.
function isValidBuildxVersion(version: string): boolean {
return version === 'latest' || /^v\d+\.\d+\.\d+$/.test(version);
}
/**
* Attempts to set up a Blacksmith builder for Docker builds.
* Reports the build start to the backend and gets a build ID for tracking.
*
* @param inputs - Configuration inputs including the nofallback flag
* @returns {Object} Builder configuration
* @returns {string|null} addr - The buildkit socket address if setup succeeded, null if using local build
* @param inputs - Configuration inputs
* @returns {string|null} buildId - ID used to track build progress and report metrics
* @returns {string} exposeId - ID used to track and cleanup sticky disk resources
*
* The addr is used to configure the Docker buildx builder instance.
* The buildId is used for build progress tracking and metrics reporting.
* The exposeId is used during cleanup to ensure proper resource cleanup of sticky disks.
*
* Throws an error if setup fails and nofallback is false.
* Returns null values if setup fails and nofallback is true.
*/
export async function startBlacksmithBuilder(inputs: context.Inputs): Promise<{addr: string | null; buildId: string | null; exposeId: string}> {
export async function reportBuildStart(inputs: context.Inputs): Promise<string | null> {
try {
// We only use the dockerfile path to report the build to our control plane.
// If setup-only is true, we don't want to report the build to our control plane
// since we are only setting up the builder and therefore cannot expose any analytics
// about the build.
const dockerfilePath = inputs.setupOnly ? '' : context.getDockerfilePath(inputs);
if (!inputs.setupOnly && !dockerfilePath) {
// Get the dockerfile path to report the build to our control plane.
const dockerfilePath = context.getDockerfilePath(inputs);
if (!dockerfilePath) {
throw new Error('Failed to resolve dockerfile path');
}
const stickyDiskStartTime = Date.now();
const stickyDiskSetup = await setupStickyDisk(dockerfilePath || '', inputs.setupOnly);
const stickyDiskDurationMs = Date.now() - stickyDiskStartTime;
await reporter.reportMetric(Metric_MetricType.BPA_HOTLOAD_DURATION_MS, stickyDiskDurationMs);
const parallelism = await getNumCPUs();
const buildkitdStartTime = Date.now();
const buildkitdAddr = await startAndConfigureBuildkitd(parallelism, inputs.setupOnly, inputs.platforms);
const buildkitdDurationMs = Date.now() - buildkitdStartTime;
await reporter.reportMetric(Metric_MetricType.BPA_BUILDKITD_READY_DURATION_MS, buildkitdDurationMs);
stateHelper.setExposeId(stickyDiskSetup.exposeId);
return {addr: buildkitdAddr, buildId: stickyDiskSetup.buildId || null, exposeId: stickyDiskSetup.exposeId};
} catch (error) {
// If the builder setup fails for any reason, we check if we should fallback to a local build.
// If we should not fallback, we rethrow the error and fail the build.
await reporter.reportBuildPushActionFailure(error, 'starting blacksmith builder');
let errorMessage = `Error during Blacksmith builder setup: ${error.message}`;
if (error.message.includes('buildkitd')) {
errorMessage = `Error during buildkitd setup: ${error.message}`;
}
if (inputs.nofallback) {
core.warning(`${errorMessage}. Failing the build because nofallback is set.`);
throw error;
// Report build start to get a build ID for tracking
try {
const buildInfo = await reporter.reportBuild(dockerfilePath);
return buildInfo?.docker_build_id || null;
} catch (error) {
core.warning(`Error reporting build start: ${(error as Error).message}`);
return null;
}
core.warning(`${errorMessage}. Falling back to a local build.`);
return {addr: null, buildId: null, exposeId: ''};
} finally {
await leaveTailnet();
} catch (error) {
core.warning(`Error when reporting build metrics: ${error.message}`);
return null;
}
}
actionsToolkit.run(
// main
async () => {
await reporter.reportMetric(Metric_MetricType.BPA_FEATURE_USAGE, 1);
const startedTime = new Date();
const inputs: context.Inputs = await context.getInputs();
stateHelper.setInputs(inputs);
@ -166,110 +82,49 @@ actionsToolkit.run(
}
});
// Determine which Buildx version to install. If the user provided an input, validate it;
// otherwise, fall back to the default.
let buildxVersion = DEFAULT_BUILDX_VERSION;
if (inputs['buildx-version'] && inputs['buildx-version'].trim() !== '') {
if (isValidBuildxVersion(inputs['buildx-version'])) {
buildxVersion = inputs['buildx-version'];
} else {
core.warning(`Invalid buildx-version '${inputs['buildx-version']}'. ` + `Expected 'latest' or a version in the form v<MAJOR>.<MINOR>.<PATCH>. ` + `Falling back to default ${DEFAULT_BUILDX_VERSION}.`);
}
}
await core.group(`Setup buildx`, async () => {
await setupBuildx(buildxVersion, toolkit);
if (!(await toolkit.buildx.isAvailable())) {
core.setFailed(`Docker buildx is required. See https://github.com/docker/setup-buildx-action to set up buildx.`);
return;
}
// Assert that buildx is available (should be installed by setup-docker-builder)
await core.group(`Check buildx availability`, async () => {
await assertBuildxAvailable(toolkit);
});
let builderInfo = {
addr: null as string | null,
buildId: null as string | null,
exposeId: '' as string
};
let buildId: string | null = null;
let buildError: Error | undefined;
let buildDurationSeconds: string | undefined;
let ref: string | undefined;
try {
await core.group(`Starting Blacksmith builder`, async () => {
builderInfo = await startBlacksmithBuilder(inputs);
});
let isBlacksmithBuilder = false;
let builder: BuilderInfo;
if (builderInfo.addr) {
await core.group(`Creating a builder instance`, async () => {
const name = `blacksmith-${Date.now().toString(36)}`;
const createCmd = await toolkit.buildx.getCommand(await context.getRemoteBuilderArgs(name, builderInfo.addr!, inputs.platforms));
core.info(`Creating builder with command: ${createCmd.command}`);
await Exec.getExecOutput(createCmd.command, createCmd.args, {
ignoreReturnCode: true
}).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error');
}
});
// Set this builder as the global default since future docker commands will use this builder.
if (inputs.setupOnly) {
const setDefaultCmd = await toolkit.buildx.getCommand(await context.getUseBuilderArgs(name));
core.info('Setting builder as global default');
await Exec.getExecOutput(setDefaultCmd.command, setDefaultCmd.args, {
ignoreReturnCode: true
}).then(res => {
if (res.stderr.length > 0 && res.exitCode != 0) {
throw new Error(res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error');
}
});
}
});
} else {
core.warning('Failed to setup Blacksmith builder, falling back to default builder');
await core.group(`Checking for configured builder`, async () => {
try {
const builder = await toolkit.builder.inspect();
if (builder) {
core.info(`Found configured builder: ${builder.name}`);
} else {
// Create a local builder using the docker-container driver (which is the default driver in setup-buildx)
const createLocalBuilderCmd = 'docker buildx create --name local --driver docker-container --use';
try {
await Exec.exec(createLocalBuilderCmd);
core.info('Created and set a local builder for use');
} catch (error) {
core.setFailed(`Failed to create local builder: ${error.message}`);
}
try {
// Check that a builder is available (either from setup-docker-builder or existing)
await core.group(`Checking for configured builder`, async () => {
try {
builder = await toolkit.builder.inspect();
if (builder) {
core.info(`Found configured builder: ${builder.name}`);
// Check if this is a Blacksmith builder
isBlacksmithBuilder = builder.name ? builder.name.toLowerCase().includes('blacksmith') : false;
if (!isBlacksmithBuilder) {
core.warning(`Not using a Blacksmith builder (current builder: ${builder.name || 'unknown'}). Build metrics will not be reported.`);
}
} catch (error) {
core.setFailed(`Error configuring builder: ${error.message}`);
} else {
core.setFailed(`No Docker builder found. Please use setup-docker-builder action or configure a builder before using build-push-action.`);
}
});
}
} catch (error) {
core.setFailed(`Error checking for builder: ${error.message}`);
}
});
// Write a sentinel file to indicate builder setup is complete.
const sentinelPath = path.join('/tmp', 'builder-setup-complete');
try {
fs.writeFileSync(sentinelPath, 'Builder setup completed successfully.');
core.debug(`Created builder setup sentinel file at ${sentinelPath}`);
} catch (error) {
core.warning(`Failed to create builder setup sentinel file: ${error.message}`);
// Only report build start if using a Blacksmith builder
if (isBlacksmithBuilder) {
await core.group(`Setting up build metrics tracking`, async () => {
buildId = await reportBuildStart(inputs);
});
}
let builder: BuilderInfo;
await core.group(`Builder info`, async () => {
builder = await toolkit.builder.inspect();
core.info(JSON.stringify(builder, null, 2));
});
// If setup-only is true, we don't want to continue configuring and running the build.
if (inputs.setupOnly) {
core.info('setup-only mode enabled, builder is ready for use by Docker');
stateHelper.setSetupOnly(true);
// Let's remove the default
process.exit(0);
}
await core.group(`Proxy configuration`, async () => {
let dockerConfig: ConfigFile | undefined;
let dockerConfigMalformed = false;
@ -295,8 +150,6 @@ actionsToolkit.run(
}
});
stateHelper.setTmpDir(Context.tmpDir());
const args: string[] = await context.getArgs(inputs, toolkit);
args.push('--debug');
core.debug(`context.getArgs: ${JSON.stringify(args)}`);
@ -346,7 +199,7 @@ actionsToolkit.run(
}
await core.group(`Reference`, async () => {
ref = await buildRef(toolkit, startedTime, builder.name);
ref = await buildRef(toolkit, startedTime, builder?.name);
if (ref) {
core.info(ref);
stateHelper.setBuildRef(ref);
@ -390,7 +243,7 @@ actionsToolkit.run(
buildError = error as Error;
}
await core.group('Cleaning up Blacksmith builder', async () => {
await core.group('Reporting build completion', async () => {
try {
let exportRes;
if (!buildError) {
@ -400,92 +253,15 @@ actionsToolkit.run(
});
}
try {
const {stdout} = await execAsync('pgrep buildkitd');
if (stdout.trim()) {
try {
core.info('Pruning BuildKit cache');
await pruneBuildkitCache();
core.info('BuildKit cache pruned');
} catch (error) {
// Log warning but don't fail the cleanup
core.warning(`Error pruning BuildKit cache: ${error.message}`);
}
const buildkitdShutdownStartTime = Date.now();
await shutdownBuildkitd();
const buildkitdShutdownDurationMs = Date.now() - buildkitdShutdownStartTime;
await reporter.reportMetric(Metric_MetricType.BPA_BUILDKITD_SHUTDOWN_DURATION_MS, buildkitdShutdownDurationMs);
core.info('Shutdown buildkitd');
} else {
core.debug('No buildkitd process found running');
}
} catch (error) {
if (error.code === 1) {
// pgrep returns non-zero if no processes found, which is fine
core.debug('No buildkitd process found running');
} else {
core.warning(`Error checking for buildkitd processes: ${error.message}`);
}
}
await leaveTailnet();
try {
// Run sync to flush any pending writes before unmounting.
await execAsync('sync');
const {stdout: mountOutput} = await execAsync(`mount | grep ${mountPoint}`);
if (mountOutput) {
for (let attempt = 1; attempt <= 3; attempt++) {
try {
await execAsync(`sudo umount ${mountPoint}`);
core.debug(`${mountPoint} has been unmounted`);
break;
} catch (error) {
if (attempt === 3) {
throw error;
}
core.warning(`Unmount failed, retrying (${attempt}/3)...`);
await new Promise(resolve => setTimeout(resolve, 100));
}
}
core.info('Unmounted device');
}
} catch (error) {
// grep returns exit code 1 when no matches are found.
if (error.code === 1) {
core.debug('No dangling mounts found to clean up');
} else {
// Only warn for actual errors, not for the expected case where grep finds nothing.
core.warning(`Error during cleanup: ${error.message}`);
}
}
if (builderInfo.addr) {
if (buildId && isBlacksmithBuilder) {
if (!buildError) {
await reporter.reportBuildCompleted(exportRes, builderInfo.buildId, ref, buildDurationSeconds, builderInfo.exposeId);
await reporter.reportBuildCompleted(exportRes, buildId, ref, buildDurationSeconds);
} else {
await reporter.reportBuildFailed(builderInfo.buildId, buildDurationSeconds, builderInfo.exposeId);
await reporter.reportBuildFailed(buildId, buildDurationSeconds);
}
}
} catch (error) {
core.warning(`Error during Blacksmith builder shutdown: ${error.message}`);
await reporter.reportBuildPushActionFailure(error, 'shutting down blacksmith builder');
} finally {
if (buildError) {
try {
const buildkitdLog = fs.readFileSync('/tmp/buildkitd.log', 'utf8');
core.info('buildkitd.log contents:');
core.info(buildkitdLog);
} catch (error) {
// Only log warning if the file was expected to exist (builder setup completed)
const sentinelPath = path.join('/tmp', 'builder-setup-complete');
if (fs.existsSync(sentinelPath)) {
core.warning(`Failed to read buildkitd.log: ${error.message}`);
} else {
core.debug(`buildkitd.log not found (builder setup incomplete): ${error.message}`);
}
}
}
core.warning(`Error when reporting build completion: ${error.message}`);
}
});
@ -495,85 +271,7 @@ actionsToolkit.run(
}
},
// post
async () => {
await core.group('Final cleanup', async () => {
try {
await leaveTailnet();
try {
const {stdout} = await execAsync('pgrep buildkitd');
if (stdout.trim()) {
try {
core.info('Pruning BuildKit cache');
await pruneBuildkitCache();
core.info('BuildKit cache pruned');
} catch (error) {
// Log warning but don't fail the cleanup
core.warning(`Error pruning BuildKit cache: ${error.message}`);
}
await shutdownBuildkitd();
core.info('Shutdown buildkitd');
}
} catch (error) {
if (error.code === 1) {
core.debug('No buildkitd process found running');
} else {
core.warning(`Error checking for buildkitd processes: ${error.message}`);
}
}
try {
// Run sync to flush any pending writes before unmounting.
await execAsync('sync');
const {stdout: mountOutput} = await execAsync(`mount | grep ${mountPoint}`);
if (mountOutput) {
for (let attempt = 1; attempt <= 3; attempt++) {
try {
await execAsync(`sudo umount ${mountPoint}`);
core.debug(`${mountPoint} has been unmounted`);
break;
} catch (error) {
if (attempt === 3) {
throw error;
}
core.warning(`Unmount failed, retrying (${attempt}/3)...`);
await new Promise(resolve => setTimeout(resolve, 100));
}
}
core.info('Unmounted device');
}
} catch (error) {
if (error.code === 1) {
core.debug('No dangling mounts found to clean up');
} else {
core.warning(`Error during cleanup: ${error.message}`);
}
}
// 4. Clean up temp directory if it exists.
if (stateHelper.tmpDir.length > 0) {
fs.rmSync(stateHelper.tmpDir, {recursive: true});
core.debug(`Removed temp folder ${stateHelper.tmpDir}`);
}
// 5. Commit sticky disk if the builder was booted in setup-only mode.
// If the builder was not booted in setup-only mode, the sticky disk was committed as part
// of the main routine.
if (stateHelper.getSetupOnly()) {
core.info('Committing sticky disk in post cleanup as setup-only mode was enabled');
if (stateHelper.getExposeId() !== '') {
await reporter.commitStickyDisk(stateHelper.getExposeId());
} else {
core.warning('Expose ID not found in state, skipping sticky disk commit');
}
}
} catch (error) {
core.warning(`Error during final cleanup: ${error.message}`);
await reporter.reportBuildPushActionFailure(error, 'final cleanup');
}
});
}
async () => {}
);
async function buildRef(toolkit: Toolkit, since: Date, builder?: string): Promise<string> {
@ -611,35 +309,3 @@ function buildSummaryEnabled(): boolean {
}
return true;
}
export async function shutdownBuildkitd(): Promise<void> {
const startTime = Date.now();
const timeout = 10000; // 10 seconds
const backoff = 300; // 300ms
try {
await execAsync(`sudo pkill -TERM buildkitd`);
// Wait for buildkitd to shutdown with backoff retry
while (Date.now() - startTime < timeout) {
try {
const {stdout} = await execAsync('pgrep buildkitd');
core.debug(`buildkitd process still running with PID: ${stdout.trim()}`);
await new Promise(resolve => setTimeout(resolve, backoff));
} catch (error) {
if (error.code === 1) {
// pgrep returns exit code 1 when no process is found, which means shutdown successful
core.debug('buildkitd successfully shutdown');
return;
}
// Some other error occurred
throw error;
}
}
throw new Error('Timed out waiting for buildkitd to shutdown after 10 seconds');
} catch (error) {
core.error('error shutting down buildkitd process:', error);
throw error;
}
}

69
src/reporter.ts
Unescape Escape View File

@ -1,12 +1,11 @@
import * as core from '@actions/core';
import axios, {AxiosError, AxiosInstance, AxiosResponse} from 'axios';
import axiosRetry from 'axios-retry';
import axiosRetry, {isNetworkOrIdempotentRequestError} from 'axios-retry';
import {ExportRecordResponse} from '@docker/actions-toolkit/lib/types/buildx/history';
import FormData from 'form-data';
import {createClient} from '@connectrpc/connect';
import {createGrpcTransport} from '@connectrpc/connect-node';
import {StickyDiskService} from '@buf/blacksmith_vm-agent.connectrpc_es/stickydisk/v1/stickydisk_connect';
import {Metric, Metric_MetricType} from '@buf/blacksmith_vm-agent.bufbuild_es/stickydisk/v1/stickydisk_pb';
// Configure base axios instance for Blacksmith API.
const createBlacksmithAPIClient = () => {
@ -25,8 +24,8 @@ const createBlacksmithAPIClient = () => {
axiosRetry(client, {
retries: 5,
retryDelay: axiosRetry.exponentialDelay,
retryCondition: (error: AxiosError) => {
return axiosRetry.isNetworkOrIdempotentRequestError(error) || (error.response?.status ? error.response.status >= 500 : false);
retryCondition: error => {
return isNetworkOrIdempotentRequestError(error) || (error.response?.status ? error.response.status >= 500 : false);
}
});
@ -60,24 +59,13 @@ export async function reportBuildPushActionFailure(error?: Error, event?: string
return response.data;
}
export async function reportBuildCompleted(exportRes?: ExportRecordResponse, blacksmithDockerBuildId?: string | null, buildRef?: string, dockerBuildDurationSeconds?: string, exposeId?: string): Promise<void> {
export async function reportBuildCompleted(exportRes?: ExportRecordResponse, blacksmithDockerBuildId?: string | null, buildRef?: string, dockerBuildDurationSeconds?: string): Promise<void> {
if (!blacksmithDockerBuildId) {
core.warning('No docker build ID found, skipping build completion report');
return;
}
try {
const agentClient = createBlacksmithAgentClient();
await agentClient.commitStickyDisk({
exposeId: exposeId || '',
stickyDiskKey: process.env.GITHUB_REPO_NAME || '',
vmId: process.env.BLACKSMITH_VM_ID || '',
shouldCommit: true,
repoName: process.env.GITHUB_REPO_NAME || '',
stickyDiskToken: process.env.BLACKSMITH_STICKYDISK_TOKEN || ''
});
// Report success to Blacksmith API
const requestOptions = {
docker_build_id: blacksmithDockerBuildId,
@ -111,23 +99,13 @@ export async function reportBuildCompleted(exportRes?: ExportRecordResponse, bla
}
}
export async function reportBuildFailed(dockerBuildId: string | null, dockerBuildDurationSeconds?: string, exposeId?: string | null): Promise<void> {
export async function reportBuildFailed(dockerBuildId: string | null, dockerBuildDurationSeconds?: string): Promise<void> {
if (!dockerBuildId) {
core.warning('No docker build ID found, skipping build completion report');
return;
}
try {
const blacksmithAgentClient = createBlacksmithAgentClient();
await blacksmithAgentClient.commitStickyDisk({
exposeId: exposeId || '',
stickyDiskKey: process.env.GITHUB_REPO_NAME || '',
vmId: process.env.BLACKSMITH_VM_ID || '',
shouldCommit: false,
repoName: process.env.GITHUB_REPO_NAME || '',
stickyDiskToken: process.env.BLACKSMITH_STICKYDISK_TOKEN || ''
});
// Report failure to Blacksmith API
const requestOptions = {
docker_build_id: dockerBuildId,
@ -176,40 +154,3 @@ export async function post(client: AxiosInstance, url: string, formData: FormDat
signal: options?.signal
});
}
export async function reportMetric(metricType: Metric_MetricType, value: number): Promise<void> {
try {
const agentClient = createBlacksmithAgentClient();
const metric = new Metric({
type: metricType,
value: {case: 'intValue', value: BigInt(value)}
});
await agentClient.reportMetric({
repoName: process.env.GITHUB_REPO_NAME || '',
region: process.env.BLACKSMITH_REGION || 'eu-central',
metric: metric
});
} catch (error) {
// We can enable this once all agents are updated to support metrics.
// core.warning('Error reporting metric to BlacksmithAgent:', error);
}
}
export async function commitStickyDisk(exposeId?: string, shouldCommit: boolean = true): Promise<void> {
try {
const agentClient = createBlacksmithAgentClient();
await agentClient.commitStickyDisk({
exposeId: exposeId || '',
stickyDiskKey: process.env.GITHUB_REPO_NAME || '',
vmId: process.env.BLACKSMITH_VM_ID || '',
shouldCommit,
repoName: process.env.GITHUB_REPO_NAME || '',
stickyDiskToken: process.env.BLACKSMITH_STICKYDISK_TOKEN || ''
});
} catch (error) {
core.warning('Error committing sticky disk:', error);
}
}

378
src/setup_builder.ts
Unescape Escape View File

@ -1,378 +0,0 @@
import * as fs from 'fs';
import * as core from '@actions/core';
import {ChildProcess, exec, spawn} from 'child_process';
import {promisify} from 'util';
import * as TOML from '@iarna/toml';
import * as reporter from './reporter';
import {execa} from 'execa';
// Constants for configuration.
const BUILDKIT_DAEMON_ADDR = 'tcp://127.0.0.1:1234';
const mountPoint = '/var/lib/buildkit';
const execAsync = promisify(exec);
export async function getTailscaleIP(): Promise<string | null> {
try {
const {stdout} = await execAsync('tailscale ip -4');
return stdout.trim();
} catch (error) {
core.debug(`Error getting tailscale IP: ${error.message}`);
return null;
}
}
async function maybeFormatBlockDevice(device: string): Promise<string> {
try {
// Check if device is formatted with ext4
try {
const {stdout} = await execAsync(`sudo blkid -o value -s TYPE ${device}`);
if (stdout.trim() === 'ext4') {
core.debug(`Device ${device} is already formatted with ext4`);
try {
// Run resize2fs to ensure filesystem uses full block device
await execAsync(`sudo resize2fs -f ${device}`);
core.debug(`Resized ext4 filesystem on ${device}`);
} catch (error) {
core.warning(`Error resizing ext4 filesystem on ${device}: ${error}`);
}
return device;
}
} catch (error) {
// blkid returns non-zero if no filesystem found, which is fine
core.debug(`No filesystem found on ${device}, will format it`);
}
// Format device with ext4
core.debug(`Formatting device ${device} with ext4`);
await execAsync(`sudo mkfs.ext4 -m0 -Enodiscard,lazy_itable_init=1,lazy_journal_init=1 -F ${device}`);
core.debug(`Successfully formatted ${device} with ext4`);
return device;
} catch (error) {
core.error(`Failed to format device ${device}:`, error);
throw error;
}
}
export async function getNumCPUs(): Promise<number> {
try {
const {stdout} = await execAsync('sudo nproc');
return parseInt(stdout.trim());
} catch (error) {
core.warning('Failed to get CPU count, defaulting to 1:', error);
return 1;
}
}
async function writeBuildkitdTomlFile(parallelism: number, addr: string): Promise<void> {
const jsonConfig: TOML.JsonMap = {
root: '/var/lib/buildkit',
grpc: {
address: [addr]
},
registry: {
'docker.io': {
mirrors: ['http://192.168.127.1:5000'],
http: true,
insecure: true
},
'192.168.127.1:5000': {
http: true,
insecure: true
}
},
worker: {
oci: {
enabled: true,
// Disable automatic garbage collection, since we will prune manually. Automatic GC
// has been seen to negatively affect startup times of the daemon.
gc: false,
'max-parallelism': parallelism,
snapshotter: 'overlayfs'
},
containerd: {
enabled: false
}
}
};
const tomlString = TOML.stringify(jsonConfig);
try {
await fs.promises.writeFile('buildkitd.toml', tomlString);
core.debug(`TOML configuration is ${tomlString}`);
} catch (err) {
core.warning('error writing TOML configuration:', err);
throw err;
}
}
export async function startBuildkitd(parallelism: number, addr: string, setupOnly: boolean): Promise<string> {
try {
await writeBuildkitdTomlFile(parallelism, addr);
// Creates a log stream to write buildkitd output to a file.
const logStream = fs.createWriteStream('/tmp/buildkitd.log', {flags: 'a'});
let buildkitd: ChildProcess;
if (!setupOnly) {
buildkitd = spawn('sudo', ['buildkitd', '--debug', '--config=buildkitd.toml', '--allow-insecure-entitlement', 'security.insecure', '--allow-insecure-entitlement', 'network.host'], {
stdio: ['ignore', 'pipe', 'pipe']
});
} else {
const buildkitdCommand = 'nohup sudo buildkitd --debug --config=buildkitd.toml --allow-insecure-entitlement security.insecure --allow-insecure-entitlement network.host > /tmp/buildkitd.log 2>&1 &';
buildkitd = execa(buildkitdCommand, {
shell: '/bin/bash',
stdio: ['ignore', 'pipe', 'pipe'],
detached: true,
cleanup: false
});
}
// Pipe stdout and stderr to log file
if (buildkitd.stdout) {
buildkitd.stdout.pipe(logStream);
}
if (buildkitd.stderr) {
buildkitd.stderr.pipe(logStream);
}
buildkitd.on('error', error => {
throw new Error(`Failed to start buildkitd: ${error.message}`);
});
// Wait for buildkitd PID to appear with backoff retry
const startTime = Date.now();
const timeout = 10000; // 10 seconds
const backoff = 300; // 300ms
while (Date.now() - startTime < timeout) {
try {
const {stdout} = await execAsync('pgrep buildkitd');
if (stdout.trim()) {
core.info(`buildkitd daemon started successfully with PID ${stdout.trim()}`);
return addr;
}
} catch (error) {
// pgrep returns non-zero if process not found, which is expected while waiting
await new Promise(resolve => setTimeout(resolve, backoff));
}
}
throw new Error('Timed out waiting for buildkitd to start after 10 seconds');
} catch (error) {
core.error('failed to start buildkitd daemon:', error);
throw error;
}
}
export async function getStickyDisk(options?: {signal?: AbortSignal}): Promise<{expose_id: string; device: string}> {
const client = await reporter.createBlacksmithAgentClient();
core.info(`Created Blacksmith agent client`);
// Test connection using up endpoint
try {
await client.up({}, {signal: options?.signal});
core.info('Successfully connected to Blacksmith agent');
} catch (error) {
throw new Error(`grpc connection test failed: ${error.message}`);
}
const stickyDiskKey = process.env.GITHUB_REPO_NAME || '';
if (stickyDiskKey === '') {
throw new Error('GITHUB_REPO_NAME is not set');
}
core.info(`Getting sticky disk for ${stickyDiskKey}`);
const response = await client.getStickyDisk(
{
stickyDiskKey: stickyDiskKey,
region: process.env.BLACKSMITH_REGION || 'eu-central',
installationModelId: process.env.BLACKSMITH_INSTALLATION_MODEL_ID || '',
vmId: process.env.BLACKSMITH_VM_ID || '',
stickyDiskType: 'dockerfile',
repoName: process.env.GITHUB_REPO_NAME || '',
stickyDiskToken: process.env.BLACKSMITH_STICKYDISK_TOKEN || ''
},
{
signal: options?.signal
}
);
return {
expose_id: response.exposeId || '',
device: response.diskIdentifier || ''
};
}
export async function joinTailnet(): Promise<void> {
const token = process.env.BLACKSMITH_TAILSCALE_TOKEN;
if (!token || token === 'unset') {
core.debug('BLACKSMITH_TAILSCALE_TOKEN environment variable not set, skipping tailnet join');
return;
}
try {
await execAsync(`sudo tailscale up --authkey=${token} --hostname=${process.env.BLACKSMITH_VM_ID}`);
core.info('Successfully joined tailnet');
} catch (error) {
throw new Error(`Failed to join tailnet: ${error.message}`);
}
}
export async function leaveTailnet(): Promise<void> {
try {
// Check if we're part of a tailnet before trying to leave
try {
const {stdout} = await execAsync('sudo tailscale status');
if (stdout.trim() !== '') {
await execAsync('sudo tailscale down');
core.debug('Successfully left tailnet.');
} else {
core.debug('Not part of a tailnet, skipping leave.');
}
} catch (error: unknown) {
// Type guard for ExecException which has the code property
if (error && typeof error === 'object' && 'code' in error && error.code === 1) {
core.debug('Not part of a tailnet, skipping leave.');
return;
}
// Any other exit code indicates a real error
throw error;
}
} catch (error) {
core.warning(`Error leaving tailnet: ${error instanceof Error ? error.message : String(error)}`);
}
}
// buildkitdTimeoutMs states the max amount of time this action will wait for the buildkitd
// daemon to start have its socket ready. It also additionally governs how long we will wait for
// the buildkitd workers to be ready.
const buildkitdTimeoutMs = 30000;
export async function startAndConfigureBuildkitd(parallelism: number, setupOnly: boolean, platforms?: string[]): Promise<string> {
// For multi-platform builds, we need to use the tailscale IP
let buildkitdAddr = BUILDKIT_DAEMON_ADDR;
const nativeMultiPlatformBuildsEnabled = false && (platforms?.length ?? 0 > 1);
// If we are doing a multi-platform build, we need to join the tailnet and bind buildkitd to the tailscale IP.
// We do this so that the remote VM can join the same buildkitd cluster as a worker.
if (nativeMultiPlatformBuildsEnabled) {
await joinTailnet();
const tailscaleIP = await getTailscaleIP();
if (!tailscaleIP) {
throw new Error('Failed to get tailscale IP for multi-platform build');
}
buildkitdAddr = `tcp://${tailscaleIP}:1234`;
core.info(`Using tailscale IP for multi-platform build: ${buildkitdAddr}`);
}
const addr = await startBuildkitd(parallelism, buildkitdAddr, setupOnly);
core.debug(`buildkitd daemon started at addr ${addr}`);
// Check that buildkit instance is ready by querying workers for up to 30s
const startTimeBuildkitReady = Date.now();
const timeoutBuildkitReady = buildkitdTimeoutMs;
while (Date.now() - startTimeBuildkitReady < timeoutBuildkitReady) {
try {
const {stdout} = await execAsync(`sudo buildctl --addr ${addr} debug workers`);
const lines = stdout.trim().split('\n');
// For multi-platform builds, we need at least 2 workers
const requiredWorkers = nativeMultiPlatformBuildsEnabled ? 2 : 1;
if (lines.length > requiredWorkers) {
core.info(`Found ${lines.length - 1} workers, required ${requiredWorkers}`);
break;
}
} catch (error) {
core.debug(`Error checking buildkit workers: ${error.message}`);
}
await new Promise(resolve => setTimeout(resolve, 1000));
}
// Final check after timeout.
try {
const {stdout} = await execAsync(`sudo buildctl --addr ${addr} debug workers`);
const lines = stdout.trim().split('\n');
const requiredWorkers = nativeMultiPlatformBuildsEnabled ? 2 : 1;
if (lines.length <= requiredWorkers) {
throw new Error(`buildkit workers not ready after ${buildkitdTimeoutMs}ms timeout. Found ${lines.length - 1} workers, required ${requiredWorkers}`);
}
} catch (error) {
core.warning(`Error checking buildkit workers: ${error.message}`);
throw error;
}
return addr;
}
/**
* Prunes buildkit cache data older than 7 days.
* We don't specify any keep bytes here since we are
* handling the ceph volume size limits ourselves in
* the VM Agent.
* @throws Error if buildctl prune command fails
*/
export async function pruneBuildkitCache(): Promise<void> {
try {
const sevenDaysInHours = 7 * 24;
await execAsync(`sudo buildctl --addr ${BUILDKIT_DAEMON_ADDR} prune --keep-duration ${sevenDaysInHours}h --all`);
core.debug('Successfully pruned buildkit cache');
} catch (error) {
core.warning(`Error pruning buildkit cache: ${error.message}`);
throw error;
}
}
// stickyDiskTimeoutMs states the max amount of time this action will wait for the VM agent to
// expose the sticky disk from the storage agent, map it onto the host and then patch the drive
// into the VM.
const stickyDiskTimeoutMs = 45000;
// setupStickyDisk mounts a sticky disk for the entity and returns the device information.
// throws an error if it is unable to do so because of a timeout or an error
export async function setupStickyDisk(dockerfilePath: string, setupOnly: boolean): Promise<{device: string; buildId?: string | null; exposeId: string}> {
try {
const controller = new AbortController();
const timeoutId = setTimeout(() => controller.abort(), stickyDiskTimeoutMs);
let buildResponse: {docker_build_id: string} | null = null;
let exposeId: string = '';
let device: string = '';
const stickyDiskResponse = await getStickyDisk({signal: controller.signal});
exposeId = stickyDiskResponse.expose_id;
device = stickyDiskResponse.device;
if (device === '') {
// TODO(adityamaru): Remove this once all of our VM agents are returning the device in the stickydisk response.
device = '/dev/vdb';
}
clearTimeout(timeoutId);
await maybeFormatBlockDevice(device);
// If setup-only is true, we don't want to report the build to our control plane.
let buildId: string | undefined = undefined;
if (!setupOnly) {
buildResponse = await reporter.reportBuild(dockerfilePath);
buildId = buildResponse?.docker_build_id;
}
await execAsync(`sudo mkdir -p ${mountPoint}`);
await execAsync(`sudo mount ${device} ${mountPoint}`);
core.debug(`${device} has been mounted to ${mountPoint}`);
core.info('Successfully obtained sticky disk');
// Check inode usage at mountpoint, and report if over 80%.
try {
const {stdout} = await execAsync(`df -i ${mountPoint} | tail -1 | awk '{print $5}' | sed 's/%//'`);
const inodePercentage = parseInt(stdout.trim());
if (!isNaN(inodePercentage) && inodePercentage > 80) {
// Report if over 80%
await reporter.reportBuildPushActionFailure(new Error(`High inode usage (${inodePercentage}%) detected at ${mountPoint}`), 'setupStickyDisk', true /* isWarning */);
core.warning(`High inode usage (${inodePercentage}%) detected at ${mountPoint}`);
}
} catch (error) {
core.debug(`Error checking inode usage: ${error.message}`);
}
return {device, buildId, exposeId};
} catch (error) {
core.warning(`Error in setupStickyDisk: ${(error as Error).message}`);
throw error;
}
}

21
src/state-helper.ts
Unescape Escape View File

@ -2,7 +2,6 @@ import * as core from '@actions/core';
import {Inputs, sanitizeInputs} from './context';
export const tmpDir = process.env['STATE_tmpDir'] || '';
export const inputs = process.env['STATE_inputs'] ? JSON.parse(process.env['STATE_inputs']) : undefined;
export const buildRef = process.env['STATE_buildRef'] || '';
export const isSummarySupported = !!process.env['STATE_isSummarySupported'];
@ -14,10 +13,6 @@ export const dockerBuildStatus = process.env['STATE_dockerBuildStatus'] || '';
export const blacksmithBuilderLaunchTime = process.env['STATE_blacksmithBuilderLaunchTime'] || '';
export const dockerBuildDurationSeconds = process.env['STATE_dockerBuildDurationSeconds'] || '';
export function setTmpDir(tmpDir: string) {
core.saveState('tmpDir', tmpDir);
}
export function setInputs(inputs: Inputs) {
core.saveState('inputs', JSON.stringify(sanitizeInputs(inputs)));
}
@ -58,19 +53,3 @@ export function setDockerBuildStatus(dockerBuildStatus: string) {
export function setDockerBuildDurationSeconds(dockerBuildDurationSeconds: string) {
core.saveState('dockerBuildDurationSeconds', dockerBuildDurationSeconds);
}
export function setExposeId(exposeId: string) {
core.saveState('exposeId', exposeId);
}
export function getExposeId(): string {
return core.getState('exposeId');
}
export function setSetupOnly(setupOnly: boolean) {
core.saveState('setupOnly', setupOnly.toString());
}
export function getSetupOnly(): boolean {
return core.getState('setupOnly') === 'true';
}

Write Preview
Loading…
Cancel
Save