Merge pull request #1197 from crazy-max/build-checks

generate GitHub annotations for build checks

.github/workflows/ci.yml

@@ -1463,3 +1463,51 @@ jobs:
  file: ./test/Dockerfile
  env:
  DOCKER_BUILD_RECORD_RETENTION_DAYS: ${{ matrix.days }}
+
+ checks:
+ runs-on: ubuntu-latest
+ strategy:
+ fail-fast: false
+ matrix:
+ buildx-version:
+ - latest
+ - v0.14.1
+ steps:
+ -
+ name: Checkout
+ uses: actions/checkout@v4
+ -
+ name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v3
+ with:
+ version: ${{ matrix.buildx-version }}
+ driver-opts: |
+ image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
+ -
+ name: Build
+ uses: ./
+ with:
+ context: ./test
+ file: ./test/lint.Dockerfile
+
+ annotations-disabled:
+ runs-on: ubuntu-latest
+ steps:
+ -
+ name: Checkout
+ uses: actions/checkout@v4
+ -
+ name: Set up Docker Buildx
+ uses: docker/setup-buildx-action@v3
+ with:
+ version: ${{ inputs.buildx-version || env.BUILDX_VERSION }}
+ driver-opts: |
+ image=${{ inputs.buildkit-image || env.BUILDKIT_IMAGE }}
+ -
+ name: Build
+ uses: ./
+ with:
+ context: ./test
+ file: ./test/lint.Dockerfile
+ env:
+ DOCKER_BUILD_CHECKS_ANNOTATIONS: false

README.md

@@ -258,6 +258,7 @@ The following outputs are available:
 
 | Name | Type | Default | Description |
 |--------------------------------------|--------|---------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
+| `DOCKER_BUILD_CHECKS_ANNOTATIONS` | Bool | `true` | If `false`, GitHub annotations are not generated for [build checks](https://docs.docker.com/build/checks/) |
 | `DOCKER_BUILD_SUMMARY` | Bool | `true` | If `false`, [build summary](https://docs.docker.com/build/ci/github-actions/build-summary/) generation is disabled |
 | `DOCKER_BUILD_RECORD_UPLOAD` | Bool | `true` | If `false`, build record upload as [GitHub artifact](https://docs.github.com/en/actions/using-workflows/storing-workflow-data-as-artifacts) is disabled |
 | `DOCKER_BUILD_RECORD_RETENTION_DAYS` | Number | | Duration after which build record artifact will expire in days. Defaults to repository/org [retention settings](https://docs.github.com/en/actions/learn-github-actions/usage-limits-billing-and-administration#artifact-and-log-retention-policy) if unset or `0` |

src/main.ts

@@ -97,7 +97,12 @@ actionsToolkit.run(
 
  let err: Error | undefined;
  await Exec.getExecOutput(buildCmd.command, buildCmd.args, {
- ignoreReturnCode: true
+ ignoreReturnCode: true,
+ env: Object.assign({}, process.env, {
+ BUILDX_METADATA_WARNINGS: 'true'
+ }) as {
+ [key: string]: string;
+ }
  }).then(res => {
  if (res.stderr.length > 0 && res.exitCode != 0) {
  err = Error(`buildx failed with: ${res.stderr.match(/(.*)\s*$/)?.[0]?.trim() ?? 'unknown error'}`);
@@ -106,7 +111,7 @@ actionsToolkit.run(
 
  const imageID = toolkit.buildxBuild.resolveImageID();
  const metadata = toolkit.buildxBuild.resolveMetadata();
- const digest = toolkit.buildxBuild.resolveDigest();
+ const digest = toolkit.buildxBuild.resolveDigest(metadata);
  if (imageID) {
  await core.group(`ImageID`, async () => {
  core.info(imageID);
@@ -127,7 +132,7 @@ actionsToolkit.run(
  });
  }
 
- let ref: string;
+ let ref: string | undefined;
  await core.group(`Reference`, async () => {
  ref = await buildRef(toolkit, startedTime, inputs.builder);
  if (ref) {
@@ -138,6 +143,21 @@ actionsToolkit.run(
  }
  });
 
+ if (buildChecksAnnotationsEnabled()) {
+ const warnings = toolkit.buildxBuild.resolveWarnings(metadata);
+ if (ref && warnings && warnings.length > 0) {
+ const annotations = await Buildx.convertWarningsToGitHubAnnotations(warnings, [ref]);
+ core.debug(`annotations: ${JSON.stringify(annotations, null, 2)}`);
+ if (annotations && annotations.length > 0) {
+ await core.group(`Generating GitHub annotations (${annotations.length} build checks found)`, async () => {
+ for (const annotation of annotations) {
+ core.warning(annotation.message, annotation);
+ }
+ });
+ }
+ }
+ }
+
  await core.group(`Check build summary support`, async () => {
  if (!buildSummaryEnabled()) {
  core.info('Build summary disabled');
@@ -222,6 +242,13 @@ async function buildRef(toolkit: Toolkit, since: Date, builder?: string): Promis
  return Object.keys(refs).length > 0 ? Object.keys(refs)[0] : '';
 }
 
+function buildChecksAnnotationsEnabled(): boolean {
+ if (process.env.DOCKER_BUILD_CHECKS_ANNOTATIONS) {
+ return Util.parseBool(process.env.DOCKER_BUILD_CHECKS_ANNOTATIONS);
+ }
+ return true;
+}
+
 function buildSummaryEnabled(): boolean {
  if (process.env.DOCKER_BUILD_NO_SUMMARY) {
  core.warning('DOCKER_BUILD_NO_SUMMARY is deprecated. Set DOCKER_BUILD_SUMMARY to false instead.');

test/lint.Dockerfile

@@ -0,0 +1,12 @@
+frOM busybox as base
+cOpy lint.Dockerfile .
+
+from scratch
+MAINTAINER moby@example.com
+COPy --from=base \
+ /lint.Dockerfile \
+ /
+
+CMD [ "echo", "Hello, Norway!" ]
+CMD [ "echo", "Hello, Sweden!" ]
+ENTRYPOINT my-program start