// Code generated by pulumi-language-go DO NOT EDIT. // *** WARNING: Do not edit by hand unless you're certain you know what you are doing! *** package dockerbuild import ( "context" "reflect" "errors" "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild/internal" "github.com/pulumi/pulumi/sdk/v3/go/pulumi" "github.com/pulumi/pulumi/sdk/v3/go/pulumix" ) // A Docker image built using buildx -- Docker's interface to the improved // BuildKit backend. // // ## Stability // // **This resource is pre-1.0 and in public preview.** // // We will strive to keep APIs and behavior as stable as possible, but we // cannot guarantee stability until version 1.0. // // ## Migrating Pulumi Docker v3 and v4 Image resources // // This provider's `Image` resource provides a superset of functionality over the `Image` resources available in versions 3 and 4 of the Pulumi Docker provider. // Existing `Image` resources can be converted to the docker-build `Image` resources with minor modifications. // // ### Behavioral differences // // There are several key behavioral differences to keep in mind when transitioning images to the new `Image` resource. // // #### Previews // // Version `3.x` of the Pulumi Docker provider always builds images during preview operations. // This is helpful as a safeguard to prevent "broken" images from merging, but users found the behavior unnecessarily redundant when running previews and updates locally. // // Version `4.x` changed build-on-preview behavior to be opt-in. // By default, `v4.x` `Image` resources do _not_ build during previews, but this behavior can be toggled with the `buildOnPreview` option. // Several users reported outages due to the default behavior allowing bad images to accidentally sneak through CI. // // The default behavior of this provider's `Image` resource is similar to `3.x` and will build images during previews. // This behavior can be changed by specifying `buildOnPreview`. // // #### Push behavior // // Versions `3.x` and `4.x` of the Pulumi Docker provider attempt to push images to remote registries by default. // They expose a `skipPush: true` option to disable pushing. // // This provider's `Image` resource matches the Docker CLI's behavior and does not push images anywhere by default. // // To push images to a registry you can include `push: true` (equivalent to Docker's `--push` flag) or configure an `export` of type `registry` (equivalent to Docker's `--output type=registry`). // Like Docker, if an image is configured without exports you will see a warning with instructions for how to enable pushing, but the build will still proceed normally. // // #### Secrets // // Version `3.x` of the Pulumi Docker provider supports secrets by way of the `extraOptions` field. // // Version `4.x` of the Pulumi Docker provider does not support secrets. // // The `Image` resource supports secrets but does not require those secrets to exist on-disk or in environment variables. // Instead, they should be passed directly as values. // (Please be sure to familiarize yourself with Pulumi's [native secret handling](https://www.pulumi.com/docs/concepts/secrets/).) // Pulumi also provides [ESC](https://www.pulumi.com/product/esc/) to make it easier to share secrets across stacks and environments. // // #### Caching // // Version `3.x` of the Pulumi Docker provider exposes `cacheFrom: bool | { stages: [...] }`. // It builds targets individually and pushes them to separate images for caching. // // Version `4.x` exposes a similar parameter `cacheFrom: { images: [...] }` which pushes and pulls inline caches. // // Both versions 3 and 4 require specific environment variables to be set and deviate from Docker's native caching behavior. // This can result in inefficient builds due to unnecessary image pulls, repeated file transfers, etc. // // The `Image` resource delegates all caching behavior to Docker. // `cacheFrom` and `cacheTo` options (equivalent to Docker's `--cache-to` and `--cache-from`) are exposed and provide additional cache targets, such as local disk, S3 storage, etc. // // #### Outputs // // Versions `3.x` and `4.x` of the provider exposed a `repoDigest` output which was a fully qualified tag with digest. // In `4.x` this could also be a single sha256 hash if the image wasn't pushed. // // Unlike earlier providers the `Image` resource can push multiple tags. // As a convenience, it exposes a `ref` output consisting of a tag with digest as long as the image was pushed. // If multiple tags were pushed this uses one at random. // // If you need more control over tag references you can use the `digest` output, which is always a single sha256 hash as long as the image was exported somewhere. // // #### Tag deletion and refreshes // // Versions 3 and 4 of Pulumi Docker provider do not delete tags when the `Image` resource is deleted, nor do they confirm expected tags exist during `refresh` operations. // // The `buidx.Image` will query your registries during `refresh` to ensure the expected tags exist. // If any are missing a subsequent `update` will push them. // // When a `Image` is deleted, it will _attempt_ to also delete any pushed tags. // Deletion of remote tags is not guaranteed because not all registries support the manifest `DELETE` API (`docker.io` in particular). // Manifests are _not_ deleted in the same way during updates -- to do so safely would require a full build to determine whether a Pulumi operation should be an update or update-replace. // // Use the [`retainOnDelete: true`](https://www.pulumi.com/docs/concepts/options/retainondelete/) option if you do not want tags deleted. // // ### Example migration // // Examples of "fully-featured" `v3` and `v4` `Image` resources are shown below, along with an example `Image` resource showing how they would look after migration. // // The `v3` resource leverages `buildx` via a `DOCKER_BUILDKIT` environment variable and CLI flags passed in with `extraOption`. // After migration, the environment variable is no longer needed and CLI flags are now properties on the `Image`. // In almost all cases, properties of `Image` are named after the Docker CLI flag they correspond to. // // The `v4` resource is less functional than its `v3` counterpart because it lacks the flexibility of `extraOptions`. // It it is shown with parameters similar to the `v3` example for completeness. // // ## Example Usage // // ## Example Usage // ### Push to AWS ECR with caching // ```go // package main // // import ( // // "fmt" // // "github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ecr" // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // ecrRepository, err := ecr.NewRepository(ctx, "ecr-repository", nil) // if err != nil { // return err // } // authToken := ecr.GetAuthorizationTokenOutput(ctx, ecr.GetAuthorizationTokenOutputArgs{ // RegistryId: ecrRepository.RegistryId, // }, nil) // myImage, err := dockerbuild.NewImage(ctx, "my-image", &dockerbuild.ImageArgs{ // CacheFrom: dockerbuild.CacheFromArray{ // &dockerbuild.CacheFromArgs{ // Registry: &dockerbuild.CacheFromRegistryArgs{ // Ref: ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) { // return fmt.Sprintf("%v:cache", repositoryUrl), nil // }).(pulumi.StringOutput), // }, // }, // }, // CacheTo: dockerbuild.CacheToArray{ // &dockerbuild.CacheToArgs{ // Registry: &dockerbuild.CacheToRegistryArgs{ // ImageManifest: pulumi.Bool(true), // OciMediaTypes: pulumi.Bool(true), // Ref: ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) { // return fmt.Sprintf("%v:cache", repositoryUrl), nil // }).(pulumi.StringOutput), // }, // }, // }, // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("./app"), // }, // Push: pulumi.Bool(true), // Registries: dockerbuild.RegistryArray{ // &dockerbuild.RegistryArgs{ // Address: ecrRepository.RepositoryUrl, // Password: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) { // return &authToken.Password, nil // }).(pulumi.StringPtrOutput), // Username: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) { // return &authToken.UserName, nil // }).(pulumi.StringPtrOutput), // }, // }, // Tags: pulumi.StringArray{ // ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) { // return fmt.Sprintf("%v:latest", repositoryUrl), nil // }).(pulumi.StringOutput), // }, // }) // if err != nil { // return err // } // ctx.Export("ref", myImage.Ref) // return nil // }) // } // // ``` // ### Multi-platform image // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Platforms: docker - build.PlatformArray{ // dockerbuild.Platform_Plan9_amd64, // dockerbuild.Platform_Plan9_386, // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Registry export // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // image, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Push: pulumi.Bool(true), // Registries: dockerbuild.RegistryArray{ // &dockerbuild.RegistryArgs{ // Address: pulumi.String("docker.io"), // Password: pulumi.Any(dockerHubPassword), // Username: pulumi.String("pulumibot"), // }, // }, // Tags: pulumi.StringArray{ // pulumi.String("docker.io/pulumi/pulumi:3.107.0"), // }, // }) // if err != nil { // return err // } // ctx.Export("ref", image.Ref) // return nil // }) // } // // ``` // ### Caching // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // CacheFrom: dockerbuild.CacheFromArray{ // &dockerbuild.CacheFromArgs{ // Local: &dockerbuild.CacheFromLocalArgs{ // Src: pulumi.String("tmp/cache"), // }, // }, // }, // CacheTo: dockerbuild.CacheToArray{ // &dockerbuild.CacheToArgs{ // Local: &dockerbuild.CacheToLocalArgs{ // Dest: pulumi.String("tmp/cache"), // Mode: dockerbuild.CacheModeMax, // }, // }, // }, // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Docker Build Cloud // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Builder: &dockerbuild.BuilderConfigArgs{ // Name: pulumi.String("cloud-builder-name"), // }, // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Exec: pulumi.Bool(true), // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Build arguments // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // BuildArgs: pulumi.StringMap{ // "SET_ME_TO_TRUE": pulumi.String("true"), // }, // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Build target // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Push: pulumi.Bool(false), // Target: pulumi.String("build-me"), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Named contexts // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // Named: dockerbuild.ContextMap{ // "golang:latest": &dockerbuild.ContextArgs{ // Location: pulumi.String("docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984"), // }, // }, // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Remote context // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile"), // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Inline Dockerfile // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Dockerfile: &dockerbuild.DockerfileArgs{ // Inline: pulumi.String("FROM busybox\nCOPY hello.c ./\n"), // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Remote context // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("https://github.com/docker-library/hello-world.git"), // }, // Dockerfile: &dockerbuild.DockerfileArgs{ // Location: pulumi.String("app/Dockerfile"), // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` // ### Local export // ```go // package main // // import ( // // "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild" // "github.com/pulumi/pulumi/sdk/v3/go/pulumi" // // ) // // func main() { // pulumi.Run(func(ctx *pulumi.Context) error { // _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{ // Context: &dockerbuild.BuildContextArgs{ // Location: pulumi.String("app"), // }, // Exports: dockerbuild.ExportArray{ // &dockerbuild.ExportArgs{ // Docker: &dockerbuild.ExportDockerArgs{ // Tar: pulumi.Bool(true), // }, // }, // }, // Push: pulumi.Bool(false), // }) // if err != nil { // return err // } // return nil // }) // } // // ``` type Image struct { pulumi.CustomResourceState // Custom `host:ip` mappings to use during the build. // // Equivalent to Docker's `--add-host` flag. AddHosts pulumix.ArrayOutput[string] `pulumi:"addHosts"` // `ARG` names and values to set during the build. // // These variables are accessed like environment variables inside `RUN` // instructions. // // Build arguments are persisted in the image, so you should use `secrets` // if these arguments are sensitive. // // Equivalent to Docker's `--build-arg` flag. BuildArgs pulumix.MapOutput[string] `pulumi:"buildArgs"` // Setting this to `false` will always skip image builds during previews, // and setting it to `true` will always build images during previews. // // Images built during previews are never exported to registries, however // cache manifests are still exported. // // On-disk Dockerfiles are always validated for syntactic correctness // regardless of this setting. // // Defaults to `true` as a safeguard against broken images merging as part // of CI pipelines. BuildOnPreview pulumix.Output[*bool] `pulumi:"buildOnPreview"` // Builder configuration. Builder pulumix.GPtrOutput[BuilderConfig, BuilderConfigOutput] `pulumi:"builder"` // Cache export configuration. // // Equivalent to Docker's `--cache-from` flag. CacheFrom pulumix.GArrayOutput[CacheFrom, CacheFromOutput] `pulumi:"cacheFrom"` // Cache import configuration. // // Equivalent to Docker's `--cache-to` flag. CacheTo pulumix.GArrayOutput[CacheTo, CacheToOutput] `pulumi:"cacheTo"` // Build context settings. Defaults to the current directory. // // Equivalent to Docker's `PATH | URL | -` positional argument. Context pulumix.GPtrOutput[BuildContext, BuildContextOutput] `pulumi:"context"` // A preliminary hash of the image's build context. // // Pulumi uses this to determine if an image _may_ need to be re-built. ContextHash pulumix.Output[string] `pulumi:"contextHash"` // A SHA256 digest of the image if it was exported to a registry or // elsewhere. // // Empty if the image was not exported. // // Registry images can be referenced precisely as `@`. The // `ref` output provides one such reference as a convenience. Digest pulumix.Output[string] `pulumi:"digest"` // Dockerfile settings. // // Equivalent to Docker's `--file` flag. Dockerfile pulumix.GPtrOutput[Dockerfile, DockerfileOutput] `pulumi:"dockerfile"` // Use `exec` mode to build this image. // // By default the provider embeds a v25 Docker client with v0.12 buildx // support. This helps ensure consistent behavior across environments and // is compatible with alternative build backends (e.g. `buildkitd`), but // it may not be desirable if you require a specific version of buildx. // For example you may want to run a custom `docker-buildx` binary with // support for [Docker Build // Cloud](https://docs.docker.com/build/cloud/setup/) (DBC). // // When this is set to `true` the provider will instead execute the // `docker-buildx` binary directly to perform its operations. The user is // responsible for ensuring this binary exists, with correct permissions // and pre-configured builders, at a path Docker expects (e.g. // `~/.docker/cli-plugins`). // // Debugging `exec` mode may be more difficult as Pulumi will not be able // to surface fine-grained errors and warnings. Additionally credentials // are temporarily written to disk in order to provide them to the // `docker-buildx` binary. Exec pulumix.Output[*bool] `pulumi:"exec"` // Controls where images are persisted after building. // // Images are only stored in the local cache unless `exports` are // explicitly configured. // // Exporting to multiple destinations requires a daemon running BuildKit // 0.13 or later. // // Equivalent to Docker's `--output` flag. Exports pulumix.GArrayOutput[Export, ExportOutput] `pulumi:"exports"` // Attach arbitrary key/value metadata to the image. // // Equivalent to Docker's `--label` flag. Labels pulumix.MapOutput[string] `pulumi:"labels"` // When `true` the build will automatically include a `docker` export. // // Defaults to `false`. // // Equivalent to Docker's `--load` flag. Load pulumix.Output[*bool] `pulumi:"load"` // Set the network mode for `RUN` instructions. Defaults to `default`. // // For custom networks, configure your builder with `--driver-opt network=...`. // // Equivalent to Docker's `--network` flag. Network pulumix.Output[*NetworkMode] `pulumi:"network"` // Do not import cache manifests when building the image. // // Equivalent to Docker's `--no-cache` flag. NoCache pulumix.Output[*bool] `pulumi:"noCache"` // Set target platform(s) for the build. Defaults to the host's platform. // // Equivalent to Docker's `--platform` flag. Platforms pulumix.ArrayOutput[Platform] `pulumi:"platforms"` // Always pull referenced images. // // Equivalent to Docker's `--pull` flag. Pull pulumix.Output[*bool] `pulumi:"pull"` // When `true` the build will automatically include a `registry` export. // // Defaults to `false`. // // Equivalent to Docker's `--push` flag. Push pulumix.Output[bool] `pulumi:"push"` // If the image was pushed to any registries then this will contain a // single fully-qualified tag including the build's digest. // // If the image had tags but was not exported, this will take on a value // of one of those tags. // // This will be empty if the image had no exports and no tags. // // This is only for convenience and may not be appropriate for situations // where multiple tags or registries are involved. In those cases this // output is not guaranteed to be stable. // // For more control over tags consumed by downstream resources you should // use the `digest` output. Ref pulumix.Output[string] `pulumi:"ref"` // Registry credentials. Required if reading or exporting to private // repositories. // // Credentials are kept in-memory and do not pollute pre-existing // credentials on the host. // // Similar to `docker login`. Registries pulumix.GArrayOutput[Registry, RegistryOutput] `pulumi:"registries"` // A mapping of secret names to their corresponding values. // // Unlike the Docker CLI, these can be passed by value and do not need to // exist on-disk or in environment variables. // // Build arguments and environment variables are persistent in the final // image, so you should use this for sensitive values. // // Similar to Docker's `--secret` flag. Secrets pulumix.MapOutput[string] `pulumi:"secrets"` // SSH agent socket or keys to expose to the build. // // Equivalent to Docker's `--ssh` flag. Ssh pulumix.GArrayOutput[SSH, SSHOutput] `pulumi:"ssh"` // Name and optionally a tag (format: `name:tag`). // // If exporting to a registry, the name should include the fully qualified // registry address (e.g. `docker.io/pulumi/pulumi:latest`). // // Equivalent to Docker's `--tag` flag. Tags pulumix.ArrayOutput[string] `pulumi:"tags"` // Set the target build stage(s) to build. // // If not specified all targets will be built by default. // // Equivalent to Docker's `--target` flag. Target pulumix.Output[*string] `pulumi:"target"` } // NewImage registers a new resource with the given unique name, arguments, and options. func NewImage(ctx *pulumi.Context, name string, args *ImageArgs, opts ...pulumi.ResourceOption) (*Image, error) { if args == nil { return nil, errors.New("missing one or more required arguments") } if args.Push == nil { return nil, errors.New("invalid value for required argument 'Push'") } if args.BuildOnPreview == nil { args.BuildOnPreview = pulumix.Ptr(true) } if args.Network == nil { args.Network = pulumix.Ptr(NetworkMode("default")) } opts = internal.PkgResourceDefaultOpts(opts) var resource Image err := ctx.RegisterResource("docker-build:index:Image", name, args, &resource, opts...) if err != nil { return nil, err } return &resource, nil } // GetImage gets an existing Image resource's state with the given name, ID, and optional // state properties that are used to uniquely qualify the lookup (nil if not required). func GetImage(ctx *pulumi.Context, name string, id pulumi.IDInput, state *ImageState, opts ...pulumi.ResourceOption) (*Image, error) { var resource Image err := ctx.ReadResource("docker-build:index:Image", name, id, state, &resource, opts...) if err != nil { return nil, err } return &resource, nil } // Input properties used for looking up and filtering Image resources. type imageState struct { } type ImageState struct { } func (ImageState) ElementType() reflect.Type { return reflect.TypeOf((*imageState)(nil)).Elem() } type imageArgs struct { // Custom `host:ip` mappings to use during the build. // // Equivalent to Docker's `--add-host` flag. AddHosts []string `pulumi:"addHosts"` // `ARG` names and values to set during the build. // // These variables are accessed like environment variables inside `RUN` // instructions. // // Build arguments are persisted in the image, so you should use `secrets` // if these arguments are sensitive. // // Equivalent to Docker's `--build-arg` flag. BuildArgs map[string]string `pulumi:"buildArgs"` // Setting this to `false` will always skip image builds during previews, // and setting it to `true` will always build images during previews. // // Images built during previews are never exported to registries, however // cache manifests are still exported. // // On-disk Dockerfiles are always validated for syntactic correctness // regardless of this setting. // // Defaults to `true` as a safeguard against broken images merging as part // of CI pipelines. BuildOnPreview *bool `pulumi:"buildOnPreview"` // Builder configuration. Builder *BuilderConfig `pulumi:"builder"` // Cache export configuration. // // Equivalent to Docker's `--cache-from` flag. CacheFrom []CacheFrom `pulumi:"cacheFrom"` // Cache import configuration. // // Equivalent to Docker's `--cache-to` flag. CacheTo []CacheTo `pulumi:"cacheTo"` // Build context settings. Defaults to the current directory. // // Equivalent to Docker's `PATH | URL | -` positional argument. Context *BuildContext `pulumi:"context"` // Dockerfile settings. // // Equivalent to Docker's `--file` flag. Dockerfile *Dockerfile `pulumi:"dockerfile"` // Use `exec` mode to build this image. // // By default the provider embeds a v25 Docker client with v0.12 buildx // support. This helps ensure consistent behavior across environments and // is compatible with alternative build backends (e.g. `buildkitd`), but // it may not be desirable if you require a specific version of buildx. // For example you may want to run a custom `docker-buildx` binary with // support for [Docker Build // Cloud](https://docs.docker.com/build/cloud/setup/) (DBC). // // When this is set to `true` the provider will instead execute the // `docker-buildx` binary directly to perform its operations. The user is // responsible for ensuring this binary exists, with correct permissions // and pre-configured builders, at a path Docker expects (e.g. // `~/.docker/cli-plugins`). // // Debugging `exec` mode may be more difficult as Pulumi will not be able // to surface fine-grained errors and warnings. Additionally credentials // are temporarily written to disk in order to provide them to the // `docker-buildx` binary. Exec *bool `pulumi:"exec"` // Controls where images are persisted after building. // // Images are only stored in the local cache unless `exports` are // explicitly configured. // // Exporting to multiple destinations requires a daemon running BuildKit // 0.13 or later. // // Equivalent to Docker's `--output` flag. Exports []Export `pulumi:"exports"` // Attach arbitrary key/value metadata to the image. // // Equivalent to Docker's `--label` flag. Labels map[string]string `pulumi:"labels"` // When `true` the build will automatically include a `docker` export. // // Defaults to `false`. // // Equivalent to Docker's `--load` flag. Load *bool `pulumi:"load"` // Set the network mode for `RUN` instructions. Defaults to `default`. // // For custom networks, configure your builder with `--driver-opt network=...`. // // Equivalent to Docker's `--network` flag. Network *NetworkMode `pulumi:"network"` // Do not import cache manifests when building the image. // // Equivalent to Docker's `--no-cache` flag. NoCache *bool `pulumi:"noCache"` // Set target platform(s) for the build. Defaults to the host's platform. // // Equivalent to Docker's `--platform` flag. Platforms []Platform `pulumi:"platforms"` // Always pull referenced images. // // Equivalent to Docker's `--pull` flag. Pull *bool `pulumi:"pull"` // When `true` the build will automatically include a `registry` export. // // Defaults to `false`. // // Equivalent to Docker's `--push` flag. Push bool `pulumi:"push"` // Registry credentials. Required if reading or exporting to private // repositories. // // Credentials are kept in-memory and do not pollute pre-existing // credentials on the host. // // Similar to `docker login`. Registries []Registry `pulumi:"registries"` // A mapping of secret names to their corresponding values. // // Unlike the Docker CLI, these can be passed by value and do not need to // exist on-disk or in environment variables. // // Build arguments and environment variables are persistent in the final // image, so you should use this for sensitive values. // // Similar to Docker's `--secret` flag. Secrets map[string]string `pulumi:"secrets"` // SSH agent socket or keys to expose to the build. // // Equivalent to Docker's `--ssh` flag. Ssh []SSH `pulumi:"ssh"` // Name and optionally a tag (format: `name:tag`). // // If exporting to a registry, the name should include the fully qualified // registry address (e.g. `docker.io/pulumi/pulumi:latest`). // // Equivalent to Docker's `--tag` flag. Tags []string `pulumi:"tags"` // Set the target build stage(s) to build. // // If not specified all targets will be built by default. // // Equivalent to Docker's `--target` flag. Target *string `pulumi:"target"` } // The set of arguments for constructing a Image resource. type ImageArgs struct { // Custom `host:ip` mappings to use during the build. // // Equivalent to Docker's `--add-host` flag. AddHosts pulumix.Input[[]string] // `ARG` names and values to set during the build. // // These variables are accessed like environment variables inside `RUN` // instructions. // // Build arguments are persisted in the image, so you should use `secrets` // if these arguments are sensitive. // // Equivalent to Docker's `--build-arg` flag. BuildArgs pulumix.Input[map[string]string] // Setting this to `false` will always skip image builds during previews, // and setting it to `true` will always build images during previews. // // Images built during previews are never exported to registries, however // cache manifests are still exported. // // On-disk Dockerfiles are always validated for syntactic correctness // regardless of this setting. // // Defaults to `true` as a safeguard against broken images merging as part // of CI pipelines. BuildOnPreview pulumix.Input[*bool] // Builder configuration. Builder pulumix.Input[*BuilderConfigArgs] // Cache export configuration. // // Equivalent to Docker's `--cache-from` flag. CacheFrom pulumix.Input[[]*CacheFromArgs] // Cache import configuration. // // Equivalent to Docker's `--cache-to` flag. CacheTo pulumix.Input[[]*CacheToArgs] // Build context settings. Defaults to the current directory. // // Equivalent to Docker's `PATH | URL | -` positional argument. Context pulumix.Input[*BuildContextArgs] // Dockerfile settings. // // Equivalent to Docker's `--file` flag. Dockerfile pulumix.Input[*DockerfileArgs] // Use `exec` mode to build this image. // // By default the provider embeds a v25 Docker client with v0.12 buildx // support. This helps ensure consistent behavior across environments and // is compatible with alternative build backends (e.g. `buildkitd`), but // it may not be desirable if you require a specific version of buildx. // For example you may want to run a custom `docker-buildx` binary with // support for [Docker Build // Cloud](https://docs.docker.com/build/cloud/setup/) (DBC). // // When this is set to `true` the provider will instead execute the // `docker-buildx` binary directly to perform its operations. The user is // responsible for ensuring this binary exists, with correct permissions // and pre-configured builders, at a path Docker expects (e.g. // `~/.docker/cli-plugins`). // // Debugging `exec` mode may be more difficult as Pulumi will not be able // to surface fine-grained errors and warnings. Additionally credentials // are temporarily written to disk in order to provide them to the // `docker-buildx` binary. Exec pulumix.Input[*bool] // Controls where images are persisted after building. // // Images are only stored in the local cache unless `exports` are // explicitly configured. // // Exporting to multiple destinations requires a daemon running BuildKit // 0.13 or later. // // Equivalent to Docker's `--output` flag. Exports pulumix.Input[[]*ExportArgs] // Attach arbitrary key/value metadata to the image. // // Equivalent to Docker's `--label` flag. Labels pulumix.Input[map[string]string] // When `true` the build will automatically include a `docker` export. // // Defaults to `false`. // // Equivalent to Docker's `--load` flag. Load pulumix.Input[*bool] // Set the network mode for `RUN` instructions. Defaults to `default`. // // For custom networks, configure your builder with `--driver-opt network=...`. // // Equivalent to Docker's `--network` flag. Network pulumix.Input[*NetworkMode] // Do not import cache manifests when building the image. // // Equivalent to Docker's `--no-cache` flag. NoCache pulumix.Input[*bool] // Set target platform(s) for the build. Defaults to the host's platform. // // Equivalent to Docker's `--platform` flag. Platforms pulumix.Input[[]Platform] // Always pull referenced images. // // Equivalent to Docker's `--pull` flag. Pull pulumix.Input[*bool] // When `true` the build will automatically include a `registry` export. // // Defaults to `false`. // // Equivalent to Docker's `--push` flag. Push pulumix.Input[bool] // Registry credentials. Required if reading or exporting to private // repositories. // // Credentials are kept in-memory and do not pollute pre-existing // credentials on the host. // // Similar to `docker login`. Registries pulumix.Input[[]*RegistryArgs] // A mapping of secret names to their corresponding values. // // Unlike the Docker CLI, these can be passed by value and do not need to // exist on-disk or in environment variables. // // Build arguments and environment variables are persistent in the final // image, so you should use this for sensitive values. // // Similar to Docker's `--secret` flag. Secrets pulumix.Input[map[string]string] // SSH agent socket or keys to expose to the build. // // Equivalent to Docker's `--ssh` flag. Ssh pulumix.Input[[]*SSHArgs] // Name and optionally a tag (format: `name:tag`). // // If exporting to a registry, the name should include the fully qualified // registry address (e.g. `docker.io/pulumi/pulumi:latest`). // // Equivalent to Docker's `--tag` flag. Tags pulumix.Input[[]string] // Set the target build stage(s) to build. // // If not specified all targets will be built by default. // // Equivalent to Docker's `--target` flag. Target pulumix.Input[*string] } func (ImageArgs) ElementType() reflect.Type { return reflect.TypeOf((*imageArgs)(nil)).Elem() } type ImageOutput struct{ *pulumi.OutputState } func (ImageOutput) ElementType() reflect.Type { return reflect.TypeOf((*Image)(nil)).Elem() } func (o ImageOutput) ToImageOutput() ImageOutput { return o } func (o ImageOutput) ToImageOutputWithContext(ctx context.Context) ImageOutput { return o } func (o ImageOutput) ToOutput(ctx context.Context) pulumix.Output[Image] { return pulumix.Output[Image]{ OutputState: o.OutputState, } } // Custom `host:ip` mappings to use during the build. // // Equivalent to Docker's `--add-host` flag. func (o ImageOutput) AddHosts() pulumix.ArrayOutput[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.ArrayOutput[string] { return v.AddHosts }) unwrapped := pulumix.Flatten[[]string, pulumix.ArrayOutput[string]](value) return pulumix.ArrayOutput[string]{OutputState: unwrapped.OutputState} } // `ARG` names and values to set during the build. // // These variables are accessed like environment variables inside `RUN` // instructions. // // Build arguments are persisted in the image, so you should use `secrets` // if these arguments are sensitive. // // Equivalent to Docker's `--build-arg` flag. func (o ImageOutput) BuildArgs() pulumix.MapOutput[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.MapOutput[string] { return v.BuildArgs }) unwrapped := pulumix.Flatten[map[string]string, pulumix.MapOutput[string]](value) return pulumix.MapOutput[string]{OutputState: unwrapped.OutputState} } // Setting this to `false` will always skip image builds during previews, // and setting it to `true` will always build images during previews. // // Images built during previews are never exported to registries, however // cache manifests are still exported. // // On-disk Dockerfiles are always validated for syntactic correctness // regardless of this setting. // // Defaults to `true` as a safeguard against broken images merging as part // of CI pipelines. func (o ImageOutput) BuildOnPreview() pulumix.Output[*bool] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*bool] { return v.BuildOnPreview }) return pulumix.Flatten[*bool, pulumix.Output[*bool]](value) } // Builder configuration. func (o ImageOutput) Builder() pulumix.GPtrOutput[BuilderConfig, BuilderConfigOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GPtrOutput[BuilderConfig, BuilderConfigOutput] { return v.Builder }) unwrapped := pulumix.Flatten[*BuilderConfig, pulumix.GPtrOutput[BuilderConfig, BuilderConfigOutput]](value) return pulumix.GPtrOutput[BuilderConfig, BuilderConfigOutput]{OutputState: unwrapped.OutputState} } // Cache export configuration. // // Equivalent to Docker's `--cache-from` flag. func (o ImageOutput) CacheFrom() pulumix.GArrayOutput[CacheFrom, CacheFromOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GArrayOutput[CacheFrom, CacheFromOutput] { return v.CacheFrom }) unwrapped := pulumix.Flatten[[]CacheFrom, pulumix.GArrayOutput[CacheFrom, CacheFromOutput]](value) return pulumix.GArrayOutput[CacheFrom, CacheFromOutput]{OutputState: unwrapped.OutputState} } // Cache import configuration. // // Equivalent to Docker's `--cache-to` flag. func (o ImageOutput) CacheTo() pulumix.GArrayOutput[CacheTo, CacheToOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GArrayOutput[CacheTo, CacheToOutput] { return v.CacheTo }) unwrapped := pulumix.Flatten[[]CacheTo, pulumix.GArrayOutput[CacheTo, CacheToOutput]](value) return pulumix.GArrayOutput[CacheTo, CacheToOutput]{OutputState: unwrapped.OutputState} } // Build context settings. Defaults to the current directory. // // Equivalent to Docker's `PATH | URL | -` positional argument. func (o ImageOutput) Context() pulumix.GPtrOutput[BuildContext, BuildContextOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GPtrOutput[BuildContext, BuildContextOutput] { return v.Context }) unwrapped := pulumix.Flatten[*BuildContext, pulumix.GPtrOutput[BuildContext, BuildContextOutput]](value) return pulumix.GPtrOutput[BuildContext, BuildContextOutput]{OutputState: unwrapped.OutputState} } // A preliminary hash of the image's build context. // // Pulumi uses this to determine if an image _may_ need to be re-built. func (o ImageOutput) ContextHash() pulumix.Output[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[string] { return v.ContextHash }) return pulumix.Flatten[string, pulumix.Output[string]](value) } // A SHA256 digest of the image if it was exported to a registry or // elsewhere. // // Empty if the image was not exported. // // Registry images can be referenced precisely as `@`. The // `ref` output provides one such reference as a convenience. func (o ImageOutput) Digest() pulumix.Output[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[string] { return v.Digest }) return pulumix.Flatten[string, pulumix.Output[string]](value) } // Dockerfile settings. // // Equivalent to Docker's `--file` flag. func (o ImageOutput) Dockerfile() pulumix.GPtrOutput[Dockerfile, DockerfileOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GPtrOutput[Dockerfile, DockerfileOutput] { return v.Dockerfile }) unwrapped := pulumix.Flatten[*Dockerfile, pulumix.GPtrOutput[Dockerfile, DockerfileOutput]](value) return pulumix.GPtrOutput[Dockerfile, DockerfileOutput]{OutputState: unwrapped.OutputState} } // Use `exec` mode to build this image. // // By default the provider embeds a v25 Docker client with v0.12 buildx // support. This helps ensure consistent behavior across environments and // is compatible with alternative build backends (e.g. `buildkitd`), but // it may not be desirable if you require a specific version of buildx. // For example you may want to run a custom `docker-buildx` binary with // support for [Docker Build // Cloud](https://docs.docker.com/build/cloud/setup/) (DBC). // // When this is set to `true` the provider will instead execute the // `docker-buildx` binary directly to perform its operations. The user is // responsible for ensuring this binary exists, with correct permissions // and pre-configured builders, at a path Docker expects (e.g. // `~/.docker/cli-plugins`). // // Debugging `exec` mode may be more difficult as Pulumi will not be able // to surface fine-grained errors and warnings. Additionally credentials // are temporarily written to disk in order to provide them to the // `docker-buildx` binary. func (o ImageOutput) Exec() pulumix.Output[*bool] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*bool] { return v.Exec }) return pulumix.Flatten[*bool, pulumix.Output[*bool]](value) } // Controls where images are persisted after building. // // Images are only stored in the local cache unless `exports` are // explicitly configured. // // Exporting to multiple destinations requires a daemon running BuildKit // 0.13 or later. // // Equivalent to Docker's `--output` flag. func (o ImageOutput) Exports() pulumix.GArrayOutput[Export, ExportOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GArrayOutput[Export, ExportOutput] { return v.Exports }) unwrapped := pulumix.Flatten[[]Export, pulumix.GArrayOutput[Export, ExportOutput]](value) return pulumix.GArrayOutput[Export, ExportOutput]{OutputState: unwrapped.OutputState} } // Attach arbitrary key/value metadata to the image. // // Equivalent to Docker's `--label` flag. func (o ImageOutput) Labels() pulumix.MapOutput[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.MapOutput[string] { return v.Labels }) unwrapped := pulumix.Flatten[map[string]string, pulumix.MapOutput[string]](value) return pulumix.MapOutput[string]{OutputState: unwrapped.OutputState} } // When `true` the build will automatically include a `docker` export. // // Defaults to `false`. // // Equivalent to Docker's `--load` flag. func (o ImageOutput) Load() pulumix.Output[*bool] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*bool] { return v.Load }) return pulumix.Flatten[*bool, pulumix.Output[*bool]](value) } // Set the network mode for `RUN` instructions. Defaults to `default`. // // For custom networks, configure your builder with `--driver-opt network=...`. // // Equivalent to Docker's `--network` flag. func (o ImageOutput) Network() pulumix.Output[*NetworkMode] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*NetworkMode] { return v.Network }) return pulumix.Flatten[*NetworkMode, pulumix.Output[*NetworkMode]](value) } // Do not import cache manifests when building the image. // // Equivalent to Docker's `--no-cache` flag. func (o ImageOutput) NoCache() pulumix.Output[*bool] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*bool] { return v.NoCache }) return pulumix.Flatten[*bool, pulumix.Output[*bool]](value) } // Set target platform(s) for the build. Defaults to the host's platform. // // Equivalent to Docker's `--platform` flag. func (o ImageOutput) Platforms() pulumix.ArrayOutput[Platform] { value := pulumix.Apply[Image](o, func(v Image) pulumix.ArrayOutput[Platform] { return v.Platforms }) unwrapped := pulumix.Flatten[[]Platform, pulumix.ArrayOutput[Platform]](value) return pulumix.ArrayOutput[Platform]{OutputState: unwrapped.OutputState} } // Always pull referenced images. // // Equivalent to Docker's `--pull` flag. func (o ImageOutput) Pull() pulumix.Output[*bool] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*bool] { return v.Pull }) return pulumix.Flatten[*bool, pulumix.Output[*bool]](value) } // When `true` the build will automatically include a `registry` export. // // Defaults to `false`. // // Equivalent to Docker's `--push` flag. func (o ImageOutput) Push() pulumix.Output[bool] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[bool] { return v.Push }) return pulumix.Flatten[bool, pulumix.Output[bool]](value) } // If the image was pushed to any registries then this will contain a // single fully-qualified tag including the build's digest. // // If the image had tags but was not exported, this will take on a value // of one of those tags. // // This will be empty if the image had no exports and no tags. // // This is only for convenience and may not be appropriate for situations // where multiple tags or registries are involved. In those cases this // output is not guaranteed to be stable. // // For more control over tags consumed by downstream resources you should // use the `digest` output. func (o ImageOutput) Ref() pulumix.Output[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[string] { return v.Ref }) return pulumix.Flatten[string, pulumix.Output[string]](value) } // Registry credentials. Required if reading or exporting to private // repositories. // // Credentials are kept in-memory and do not pollute pre-existing // credentials on the host. // // Similar to `docker login`. func (o ImageOutput) Registries() pulumix.GArrayOutput[Registry, RegistryOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GArrayOutput[Registry, RegistryOutput] { return v.Registries }) unwrapped := pulumix.Flatten[[]Registry, pulumix.GArrayOutput[Registry, RegistryOutput]](value) return pulumix.GArrayOutput[Registry, RegistryOutput]{OutputState: unwrapped.OutputState} } // A mapping of secret names to their corresponding values. // // Unlike the Docker CLI, these can be passed by value and do not need to // exist on-disk or in environment variables. // // Build arguments and environment variables are persistent in the final // image, so you should use this for sensitive values. // // Similar to Docker's `--secret` flag. func (o ImageOutput) Secrets() pulumix.MapOutput[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.MapOutput[string] { return v.Secrets }) unwrapped := pulumix.Flatten[map[string]string, pulumix.MapOutput[string]](value) return pulumix.MapOutput[string]{OutputState: unwrapped.OutputState} } // SSH agent socket or keys to expose to the build. // // Equivalent to Docker's `--ssh` flag. func (o ImageOutput) Ssh() pulumix.GArrayOutput[SSH, SSHOutput] { value := pulumix.Apply[Image](o, func(v Image) pulumix.GArrayOutput[SSH, SSHOutput] { return v.Ssh }) unwrapped := pulumix.Flatten[[]SSH, pulumix.GArrayOutput[SSH, SSHOutput]](value) return pulumix.GArrayOutput[SSH, SSHOutput]{OutputState: unwrapped.OutputState} } // Name and optionally a tag (format: `name:tag`). // // If exporting to a registry, the name should include the fully qualified // registry address (e.g. `docker.io/pulumi/pulumi:latest`). // // Equivalent to Docker's `--tag` flag. func (o ImageOutput) Tags() pulumix.ArrayOutput[string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.ArrayOutput[string] { return v.Tags }) unwrapped := pulumix.Flatten[[]string, pulumix.ArrayOutput[string]](value) return pulumix.ArrayOutput[string]{OutputState: unwrapped.OutputState} } // Set the target build stage(s) to build. // // If not specified all targets will be built by default. // // Equivalent to Docker's `--target` flag. func (o ImageOutput) Target() pulumix.Output[*string] { value := pulumix.Apply[Image](o, func(v Image) pulumix.Output[*string] { return v.Target }) return pulumix.Flatten[*string, pulumix.Output[*string]](value) } func init() { pulumi.RegisterOutputType(ImageOutput{}) }