Merge pull request #5 from FrodeHus/feature/build-args

Feature/build args
ncoder · Sep 7, 2020 · bc2f02f · bc2f02f
2 parents 57539c0 + c79060c
commit bc2f02f
Show file tree

Hide file tree

Showing 3 changed files with 88 additions and 20 deletions.
diff --git a/README.md b/README.md
@@ -1,6 +1,51 @@
 # ACR Build Task Github action
 
-A Github action to use Azure Container Registry to build and store docker containers
+A Github action to use Azure Container Registry to build and store docker containers.
+
+## Parameters:
+
+
+`dockerfile` [OPTIONAL]
+
+Path to the Dockerfile relative to `folder`; defaults to `./Dockerfile`
+
+`folder` [OPTIONAL]
+
+Build context for Docker; default to the root of the git repository
+
+`repository` [MANDATORY]
+
+The repository on the Azure Container Registry to hold the `image`
+
+`image` [MANDATORY]
+
+Docker image name
+
+`tag` [OPTIONAL]
+
+Docker image tag; defaults to the first 8 charcater of the commit SHA
+
+`git_access_token` [OPTIONAL]
+
+The Github access token for private repositories
+
+`registry` [MANDATORY]
+
+The Azure Container Registry name
+
+`tenant` [MANDATORY]
+
+The Azure tenant where the ACR is located
+
+`service_principal`
+
+`service_principal_password`
+
+The Service Principal credentials (see below)
+
+`build_args` [OPTIONAL]
+
+Build arguments to be passed to the Docker build process
 
 ## Example usage
 
@@ -11,13 +56,14 @@ az ad sp create-for-rbac -n "acrtask0" --skip-assignment
 az role assignment create --assignee <spID> --scope <resourceID of the ACR> --role "Contributor"
 ```
 
-In your repository, create the following secrets:
+In your repository, create the following secrets (or set them in clear in the workflow definition):
 
 - service_principal
 - service_principal_password
 - tenant
 - registry
 - repository
+- (optional, for accessing private repositories) git_access_token 
 
 In `.github/workflows` create a workflow file like the following:
 
@@ -41,6 +87,7 @@ jobs:
           registry: ${{ secrets.registry }}
           repository: ${{ secrets.repository }}
           image: poi
+          git_access_token: ${{ secrets.git_access_token }}
           folder: src/poi
           dockerfile: ../../dockerfiles/Dockerfile_3
 ```
@@ -54,7 +101,10 @@ jobs:
 - `tenant` SP tenant (mandatory)
 - `registry` the Azure container registry, minus the `.azurecr.io` part (mandatory)
 - `repository` remote repository (mandatory)
+- `branch` git branch (optional)
+- `git_access_token` git access token (optional)
 - `image` the docker image name (optional)
 - `folder` the context for the docker build (optional)
 - `dockerfile` the location of the Dockerfile relative to the context (optional)
 - `tag` the docker image tag, defaults to the short git SHA (optional)
+- `build_args` (optional) the docker build args in JSON format (`[{"MY_ARG": "this_is_a_test"}]`)
diff --git a/action.yml b/action.yml
@@ -1,40 +1,46 @@
-name: 'Azure Container Registry Build'
-author: 'Alessandro Vozza'
+name: "Azure Container Registry Build"
+author: "Alessandro Vozza"
 branding:
-  icon: 'code'
-  color: 'blue'
-description: 'Use ACR to build a container image'
+  icon: "code"
+  color: "blue"
+description: "Use ACR to build a container image"
 inputs:
   service_principal:
-    description: 'Service Principal with Contributor role on the ACR'
+    description: "Service Principal with Contributor role on the ACR"
     required: true
   service_principal_password:
-    description: 'Service Principal password'
+    description: "Service Principal password"
     required: true
   tenant:
-    description: 'Azure Container Registry tenant'
+    description: "Azure Container Registry tenant"
     required: true
   registry:
-    description: 'The name of the ACR, minus the .azurecr.io'
+    description: "The name of the ACR, minus the .azurecr.io"
     required: true
   repository:
-    description: 'Repository to use'
+    description: "Repository to use"
+    required: true
+  git_access_token:
+    description: 'Github access token for private repositories'
     required: true
   image:
-    description: 'Docker image name'
+    description: "Docker image name"
     required: false
   tag:
-    description: 'Docker image tag, default to the commit SHA'
+    description: "Docker image tag, default to the commit SHA"
     required: false
   branch:
-    description: 'Branch to build from, defaults to master'
+    description: "Branch to build from, defaults to master"
     required: false
   folder:
-    description: 'The folder in the Github repo that holds the source'
+    description: "The folder in the Github repo that holds the source"
     required: true
   dockerfile:
-    description: 'The location of the Dockerfile; defaults to ./Dockerfile'
+    description: "The location of the Dockerfile; defaults to ./Dockerfile"
+    required: false
+  build_args:
+    description: "JSON specifying key=value pairs as as Docker build arguments"
     required: false
 runs:
-  using: 'docker'
-  image: 'Dockerfile'
+  using: "docker"
+  image: "Dockerfile"
diff --git a/entrypoint.sh b/entrypoint.sh
@@ -3,12 +3,24 @@ set -e
 
 INPUT_DOCKERFILE=${INPUT_DOCKERFILE:-Dockerfile}
 INPUT_TAG=${INPUT_TAG:-${GITHUB_SHA::8}}
+INPUT_BRANCH=${INPUT_BRANCH:-master}
 IMAGE_PART=""
+if [ -n "$INPUT_BUILD_ARGS" ]; then
+        BUILD_ARGS=`echo -n ${INPUT_BUILD_ARGS:-''} |jq -j '.[] | keys[] as $k | values[] as $v |  "--build-arg \($k)=\"\($v)\" "'`
+fi
 
 if [ "$INPUT_IMAGE" != "" ]; then
         IMAGE_PART="/${INPUT_IMAGE}"
 fi
 
+if [ -n "$INPUT_GIT_ACCESS_TOKEN" ]; then
+        GIT_ACCESS_TOKEN_FLAG="${INPUT_GIT_ACCESS_TOKEN}@"
+fi
+
 echo "Building Docker image ${INPUT_REPOSITORY}${IMAGE_PART}:${INPUT_TAG} from ${GITHUB_REPOSITORY} on ${INPUT_BRANCH} and using context ${INPUT_FOLDER} ; and pushing it to ${INPUT_REGISTRY} Azure Container Registry"
+
+echo "Logging into azure.."
 az login --service-principal -u ${INPUT_SERVICE_PRINCIPAL} -p ${INPUT_SERVICE_PRINCIPAL_PASSWORD} --tenant ${INPUT_TENANT}
-az acr build -r ${INPUT_REGISTRY} -f ${INPUT_DOCKERFILE} -t ${INPUT_REPOSITORY}${IMAGE_PART}:${INPUT_TAG} https://github.com/${GITHUB_REPOSITORY}.git#${INPUT_BRANCH}:${INPUT_FOLDER}
+
+echo "Sending build job to ACR.."
+az acr build -r ${INPUT_REGISTRY} ${BUILD_ARGS} -f ${INPUT_DOCKERFILE} -t ${INPUT_REPOSITORY}${IMAGE_PART}:${INPUT_TAG} https://${GIT_ACCESS_TOKEN_FLAG}github.com/${GITHUB_REPOSITORY}.git#${INPUT_BRANCH}:${INPUT_FOLDER}