b910a42edf
* feat: read docker credentials from local docker config * fix: url.Parse requires protocol Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de> * fix: docker decides by the existence of . or : if... ... the image is in a custom registry or not. Co-authored-by: Björn Brauer <zaubernerd@zaubernerd.de> * fix: make docker hostname detection more robust * test: mock docker config for getImagePullOptions test By default github actions have a docker config set with a token to pull images from docker hub. Co-authored-by: Markus Wolf <markus.wolf@new-work.se> Co-authored-by: Markus Wolf <markus.wolf@new-work.se>
124 lines
2.8 KiB
Go
124 lines
2.8 KiB
Go
package container
|
|
|
|
import (
|
|
"context"
|
|
"encoding/base64"
|
|
"encoding/json"
|
|
|
|
"github.com/docker/distribution/reference"
|
|
"github.com/docker/docker/api/types"
|
|
"github.com/pkg/errors"
|
|
log "github.com/sirupsen/logrus"
|
|
|
|
"github.com/nektos/act/pkg/common"
|
|
)
|
|
|
|
// NewDockerPullExecutorInput the input for the NewDockerPullExecutor function
|
|
type NewDockerPullExecutorInput struct {
|
|
Image string
|
|
ForcePull bool
|
|
Platform string
|
|
Username string
|
|
Password string
|
|
}
|
|
|
|
// NewDockerPullExecutor function to create a run executor for the container
|
|
func NewDockerPullExecutor(input NewDockerPullExecutorInput) common.Executor {
|
|
return func(ctx context.Context) error {
|
|
logger := common.Logger(ctx)
|
|
logger.Debugf("%sdocker pull %v", logPrefix, input.Image)
|
|
|
|
if common.Dryrun(ctx) {
|
|
return nil
|
|
}
|
|
|
|
pull := input.ForcePull
|
|
if !pull {
|
|
imageExists, err := ImageExistsLocally(ctx, input.Image, input.Platform)
|
|
log.Debugf("Image exists? %v", imageExists)
|
|
if err != nil {
|
|
return errors.WithMessagef(err, "unable to determine if image already exists for image %q (%s)", input.Image, input.Platform)
|
|
}
|
|
|
|
if !imageExists {
|
|
pull = true
|
|
}
|
|
}
|
|
|
|
if !pull {
|
|
return nil
|
|
}
|
|
|
|
imageRef := cleanImage(input.Image)
|
|
logger.Debugf("pulling image '%v' (%s)", imageRef, input.Platform)
|
|
|
|
cli, err := GetDockerClient(ctx)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
defer cli.Close()
|
|
|
|
imagePullOptions, err := getImagePullOptions(ctx, input)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
reader, err := cli.ImagePull(ctx, imageRef, imagePullOptions)
|
|
|
|
_ = logDockerResponse(logger, reader, err != nil)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return nil
|
|
}
|
|
}
|
|
|
|
func getImagePullOptions(ctx context.Context, input NewDockerPullExecutorInput) (types.ImagePullOptions, error) {
|
|
imagePullOptions := types.ImagePullOptions{
|
|
Platform: input.Platform,
|
|
}
|
|
|
|
if input.Username != "" && input.Password != "" {
|
|
logger := common.Logger(ctx)
|
|
logger.Debugf("using authentication for docker pull")
|
|
|
|
authConfig := types.AuthConfig{
|
|
Username: input.Username,
|
|
Password: input.Password,
|
|
}
|
|
|
|
encodedJSON, err := json.Marshal(authConfig)
|
|
if err != nil {
|
|
return imagePullOptions, err
|
|
}
|
|
|
|
imagePullOptions.RegistryAuth = base64.URLEncoding.EncodeToString(encodedJSON)
|
|
} else {
|
|
authConfig, err := LoadDockerAuthConfig(input.Image)
|
|
if err != nil {
|
|
return imagePullOptions, err
|
|
}
|
|
if authConfig.Username == "" && authConfig.Password == "" {
|
|
return imagePullOptions, nil
|
|
}
|
|
|
|
encodedJSON, err := json.Marshal(authConfig)
|
|
if err != nil {
|
|
return imagePullOptions, err
|
|
}
|
|
|
|
imagePullOptions.RegistryAuth = base64.URLEncoding.EncodeToString(encodedJSON)
|
|
}
|
|
|
|
return imagePullOptions, nil
|
|
}
|
|
|
|
func cleanImage(image string) string {
|
|
ref, err := reference.ParseAnyReference(image)
|
|
if err != nil {
|
|
log.Error(err)
|
|
return ""
|
|
}
|
|
|
|
return ref.String()
|
|
}
|