build: refactor inputs #55
Conversation
crazy-max
force-pushed
the
build-inputs
branch
9 times, most recently
from
65a88d8 to
ee9ed7a
Compare
|
Yes @crazy-max would be great to keep examples here until we have something on docs.docker.com |
crazy-max
force-pushed
the
build-inputs
branch
3 times, most recently
from
c13ca88 to
e9c5806
Compare
|
@tonistiigi Pushed extra commit to remove GHA cache for now related to #56 |
crazy-max
force-pushed
the
build-inputs
branch
2 times, most recently
from
bb98b55 to
d99e23b
Compare
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
crazy-max
force-pushed
the
build-inputs
branch
from
d99e23b to
f432c1b
Compare
| default: . | ||
| output: | ||
| default: false | ||
| setup-qemu-image: |
There was a problem hiding this comment.
This should not be configurable in reusable workflow. If needed then we can let users choose the tag/version. This image runs privieleged so could have side-effects. Once the builder is integrated to the binfmt repo, signature of this image needs to be verified(we can create tracking issues).
| envs: | ||
| type: string | ||
| description: "Which scope cache object belongs to if cache enabled (defaults to target name if set)" | ||
| description: "Environment variables to inject in the reusable workflow as list of key-value pair. This is similar to the GitHub Actions env context but as it cannot be used when calling a reusable workflow, we need to define our own input" |
| description: "List of build-time variables. If you want to set a build-arg through an environment variable, use the envs input" | ||
| required: false | ||
| meta-tags: | ||
| context: |
There was a problem hiding this comment.
Do we validate that this can only be subpath for now? Should we call something like subpath.
I think we could be open to supporting external repositories here in the future but it should be create from the validation side that these would require a different kind of policy rules.
| required: false | ||
| pull: | ||
| type: boolean | ||
| description: "Always attempt to pull all referenced images" |
| description: "Raw authentication to registries, defined as YAML objects (for image output)" | ||
| required: false | ||
| github-token: | ||
| description: "GitHub Token used to authenticate against a repository for Git context" |
There was a problem hiding this comment.
So this is for external Git repositories?
relates to docker/buildx#3520 (review) and internal discussions.
Refactor the inputs for our build workflow to be more consistent with our
build-push-actionand also avoid confusion like docker/buildx#3520 (review).The following
build-push-actioninputs are missing in our reusable workflow but some are not needed:add-hostsdocker:10.180.0.1)allownetwork.host,security.insecure)atteststype=sbom,generator=image)builderbuild-contextsname=path)cache-fromtype=local,src=path/to/dir)cache-totype=local,dest=path/to/dir)callcheck)cgroup-parentload--output=type=docker(defaultfalse)networkRUNinstructions during buildno-cachefalse)no-cache-filtersprovenance--attest=type=provenance)secretskey=string,GIT_AUTH_TOKEN=mytoken)sshtags@dvdksn I wonder if we could start having examples in this repo for now under a
docsdir before having them on docs repo on GA?