publicWagsHome
/
buildx
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1699 from jedevc/bake-attestation-override

Browse Source
pull/1842/head
Justin Chadwell 2 years ago committed by GitHub
parent e5f701351c 90c849f5ef
commit 69a9c6609a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 57 additions and 3 deletions
Show Stats Download Patch File Download Diff File

23
bake/bake.go
Unescape Escape View File

@ -620,7 +620,7 @@ var _ hclparser.WithEvalContexts = &Group{}
var _ hclparser.WithGetName = &Group{} var _ hclparser.WithGetName = &Group{}
func (t *Target) normalize() { func (t *Target) normalize() {
t.Attest = removeDupes(t.Attest) t.Attest = removeAttestDupes(t.Attest)
t.Tags = removeDupes(t.Tags) t.Tags = removeDupes(t.Tags)
t.Secrets = removeDupes(t.Secrets) t.Secrets = removeDupes(t.Secrets)
t.SSH = removeDupes(t.SSH) t.SSH = removeDupes(t.SSH)
@ -682,6 +682,7 @@ func (t *Target) Merge(t2 *Target) {
} }
if t2.Attest != nil { // merge if t2.Attest != nil { // merge
t.Attest = append(t.Attest, t2.Attest...) t.Attest = append(t.Attest, t2.Attest...)
t.Attest = removeAttestDupes(t.Attest)
} }
if t2.Secrets != nil { // merge if t2.Secrets != nil { // merge
t.Secrets = append(t.Secrets, t2.Secrets...) t.Secrets = append(t.Secrets, t2.Secrets...)
@ -1193,6 +1194,26 @@ func removeDupes(s []string) []string {
return s[:i] return s[:i]
} }
func removeAttestDupes(s []string) []string {
res := []string{}
m := map[string]int{}
for _, v := range s {
att, err := buildflags.ParseAttest(v)
if err != nil {
res = append(res, v)
continue
}
if i, ok := m[att.Type]; ok {
res[i] = v
} else {
m[att.Type] = len(res)
res = append(res, v)
}
}
return res
}
func parseOutputType(str string) string { func parseOutputType(str string) string {
csvReader := csv.NewReader(strings.NewReader(str)) csvReader := csv.NewReader(strings.NewReader(str))
fields, err := csvReader.Read() fields, err := csvReader.Read()

33
bake/bake_test.go
Unescape Escape View File

@ -1417,3 +1417,36 @@ func TestReadLocalFilesDefault(t *testing.T) {
}) })
} }
} }
func TestAttestDuplicates(t *testing.T) {
fp := File{
Name: "docker-bake.hcl",
Data: []byte(
`target "default" {
attest = ["type=sbom", "type=sbom,generator=custom", "type=sbom,foo=bar", "type=provenance,mode=max"]
}`),
}
ctx := context.TODO()
m, _, err := ReadTargets(ctx, []File{fp}, []string{"default"}, nil, nil)
require.Equal(t, []string{"type=sbom,foo=bar", "type=provenance,mode=max"}, m["default"].Attest)
require.NoError(t, err)
opts, err := TargetsToBuildOpt(m, &Input{})
require.NoError(t, err)
require.Equal(t, map[string]*string{
"sbom": ptrstr("type=sbom,foo=bar"),
"provenance": ptrstr("type=provenance,mode=max"),
}, opts["default"].Attests)
m, _, err = ReadTargets(ctx, []File{fp}, []string{"default"}, []string{"*.attest=type=sbom,disabled=true"}, nil)
require.Equal(t, []string{"type=sbom,disabled=true", "type=provenance,mode=max"}, m["default"].Attest)
require.NoError(t, err)
opts, err = TargetsToBuildOpt(m, &Input{})
require.NoError(t, err)
require.Equal(t, map[string]*string{
"sbom": nil,
"provenance": ptrstr("type=provenance,mode=max"),
}, opts["default"].Attests)
}

4
util/buildflags/attests.go
Unescape Escape View File

@ -25,7 +25,7 @@ func ParseAttests(in []string) ([]*controllerapi.Attest, error) {
found := map[string]struct{}{} found := map[string]struct{}{}
for _, in := range in { for _, in := range in {
in := in in := in
attest, err := parseAttest(in) attest, err := ParseAttest(in)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -40,7 +40,7 @@ func ParseAttests(in []string) ([]*controllerapi.Attest, error) {
return out, nil return out, nil
} }
func parseAttest(in string) (*controllerapi.Attest, error) { func ParseAttest(in string) (*controllerapi.Attest, error) {
if in == "" { if in == "" {
return nil, nil return nil, nil
} }

Write Preview
Loading…
Cancel
Save