sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity
Files
update-github-actions-workflows-1021
pulumi-docker-build/sdk/go/dockerbuild/image.go
Bryce Lampe 4e8cf8f4ba Fix a panic that could occur when context was omitted (#83) 
I could have sworn the context property was required, but evidently it
isn't and we weren't handling the case when it was missing.

This PR updates things to set a default location of the current
directory if the context is absent. Some unit tests are also added.

Fixes #78.
2024-05-31 14:41:22 +00:00

1364 lines
46 KiB
Go
Generated
Raw Permalink Blame History

// Code generated by pulumi-language-go DO NOT EDIT.
// *** WARNING: Do not edit by hand unless you're certain you know what you are doing! ***
package dockerbuild
import (
"context"
"reflect"
"errors"
"github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild/internal"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
"github.com/pulumi/pulumi/sdk/v3/go/pulumix"
)
// A Docker image built using buildx -- Docker's interface to the improved
// BuildKit backend.
//
// ## Stability
//
// **This resource is pre-1.0 and in public preview.**
//
// We will strive to keep APIs and behavior as stable as possible, but we
// cannot guarantee stability until version 1.0.
//
// ## Migrating Pulumi Docker v3 and v4 Image resources
//
// This provider's `Image` resource provides a superset of functionality over the `Image` resources available in versions 3 and 4 of the Pulumi Docker provider.
// Existing `Image` resources can be converted to the docker-build `Image` resources with minor modifications.
//
// ### Behavioral differences
//
// There are several key behavioral differences to keep in mind when transitioning images to the new `Image` resource.
//
// #### Previews
//
// Version `3.x` of the Pulumi Docker provider always builds images during preview operations.
// This is helpful as a safeguard to prevent "broken" images from merging, but users found the behavior unnecessarily redundant when running previews and updates locally.
//
// Version `4.x` changed build-on-preview behavior to be opt-in.
// By default, `v4.x` `Image` resources do _not_ build during previews, but this behavior can be toggled with the `buildOnPreview` option.
// Several users reported outages due to the default behavior allowing bad images to accidentally sneak through CI.
//
// The default behavior of this provider's `Image` resource is similar to `3.x` and will build images during previews.
// This behavior can be changed by specifying `buildOnPreview`.
//
// #### Push behavior
//
// Versions `3.x` and `4.x` of the Pulumi Docker provider attempt to push images to remote registries by default.
// They expose a `skipPush: true` option to disable pushing.
//
// This provider's `Image` resource matches the Docker CLI's behavior and does not push images anywhere by default.
//
// To push images to a registry you can include `push: true` (equivalent to Docker's `--push` flag) or configure an `export` of type `registry` (equivalent to Docker's `--output type=registry`).
// Like Docker, if an image is configured without exports you will see a warning with instructions for how to enable pushing, but the build will still proceed normally.
//
// #### Secrets
//
// Version `3.x` of the Pulumi Docker provider supports secrets by way of the `extraOptions` field.
//
// Version `4.x` of the Pulumi Docker provider does not support secrets.
//
// The `Image` resource supports secrets but does not require those secrets to exist on-disk or in environment variables.
// Instead, they should be passed directly as values.
// (Please be sure to familiarize yourself with Pulumi's [native secret handling](https://www.pulumi.com/docs/concepts/secrets/).)
// Pulumi also provides [ESC](https://www.pulumi.com/product/esc/) to make it easier to share secrets across stacks and environments.
//
// #### Caching
//
// Version `3.x` of the Pulumi Docker provider exposes `cacheFrom: bool | { stages: [...] }`.
// It builds targets individually and pushes them to separate images for caching.
//
// Version `4.x` exposes a similar parameter `cacheFrom: { images: [...] }` which pushes and pulls inline caches.
//
// Both versions 3 and 4 require specific environment variables to be set and deviate from Docker's native caching behavior.
// This can result in inefficient builds due to unnecessary image pulls, repeated file transfers, etc.
//
// The `Image` resource delegates all caching behavior to Docker.
// `cacheFrom` and `cacheTo` options (equivalent to Docker's `--cache-to` and `--cache-from`) are exposed and provide additional cache targets, such as local disk, S3 storage, etc.
//
// #### Outputs
//
// Versions `3.x` and `4.x` of the provider exposed a `repoDigest` output which was a fully qualified tag with digest.
// In `4.x` this could also be a single sha256 hash if the image wasn't pushed.
//
// Unlike earlier providers the `Image` resource can push multiple tags.
// As a convenience, it exposes a `ref` output consisting of a tag with digest as long as the image was pushed.
// If multiple tags were pushed this uses one at random.
//
// If you need more control over tag references you can use the `digest` output, which is always a single sha256 hash as long as the image was exported somewhere.
//
// #### Tag deletion and refreshes
//
// Versions 3 and 4 of Pulumi Docker provider do not delete tags when the `Image` resource is deleted, nor do they confirm expected tags exist during `refresh` operations.
//
// The `buidx.Image` will query your registries during `refresh` to ensure the expected tags exist.
// If any are missing a subsequent `update` will push them.
//
// When a `Image` is deleted, it will _attempt_ to also delete any pushed tags.
// Deletion of remote tags is not guaranteed because not all registries support the manifest `DELETE` API (`docker.io` in particular).
// Manifests are _not_ deleted in the same way during updates -- to do so safely would require a full build to determine whether a Pulumi operation should be an update or update-replace.
//
// Use the [`retainOnDelete: true`](https://www.pulumi.com/docs/concepts/options/retainondelete/) option if you do not want tags deleted.
//
// ### Example migration
//
// Examples of "fully-featured" `v3` and `v4` `Image` resources are shown below, along with an example `Image` resource showing how they would look after migration.
//
// The `v3` resource leverages `buildx` via a `DOCKER_BUILDKIT` environment variable and CLI flags passed in with `extraOption`.
// After migration, the environment variable is no longer needed and CLI flags are now properties on the `Image`.
// In almost all cases, properties of `Image` are named after the Docker CLI flag they correspond to.
//
// The `v4` resource is less functional than its `v3` counterpart because it lacks the flexibility of `extraOptions`.
// It it is shown with parameters similar to the `v3` example for completeness.
//
// ## Example Usage
//
// ## Example Usage
// ### Push to AWS ECR with caching
// ```go
// package main
//
// import (
//
// "fmt"
//
// "github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ecr"
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// ecrRepository, err := ecr.NewRepository(ctx, "ecr-repository", nil)
// if err != nil {
// return err
// }
// authToken := ecr.GetAuthorizationTokenOutput(ctx, ecr.GetAuthorizationTokenOutputArgs{
// RegistryId: ecrRepository.RegistryId,
// }, nil)
// myImage, err := dockerbuild.NewImage(ctx, "my-image", &dockerbuild.ImageArgs{
// CacheFrom: dockerbuild.CacheFromArray{
// &dockerbuild.CacheFromArgs{
// Registry: &dockerbuild.CacheFromRegistryArgs{
// Ref: ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
// return fmt.Sprintf("%v:cache", repositoryUrl), nil
// }).(pulumi.StringOutput),
// },
// },
// },
// CacheTo: dockerbuild.CacheToArray{
// &dockerbuild.CacheToArgs{
// Registry: &dockerbuild.CacheToRegistryArgs{
// ImageManifest: pulumi.Bool(true),
// OciMediaTypes: pulumi.Bool(true),
// Ref: ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
// return fmt.Sprintf("%v:cache", repositoryUrl), nil
// }).(pulumi.StringOutput),
// },
// },
// },
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("./app"),
// },
// Push: pulumi.Bool(true),
// Registries: dockerbuild.RegistryArray{
// &dockerbuild.RegistryArgs{
// Address: ecrRepository.RepositoryUrl,
// Password: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) {
// return &authToken.Password, nil
// }).(pulumi.StringPtrOutput),
// Username: authToken.ApplyT(func(authToken ecr.GetAuthorizationTokenResult) (*string, error) {
// return &authToken.UserName, nil
// }).(pulumi.StringPtrOutput),
// },
// },
// Tags: pulumi.StringArray{
// ecrRepository.RepositoryUrl.ApplyT(func(repositoryUrl string) (string, error) {
// return fmt.Sprintf("%v:latest", repositoryUrl), nil
// }).(pulumi.StringOutput),
// },
// })
// if err != nil {
// return err
// }
// ctx.Export("ref", myImage.Ref)
// return nil
// })
// }
//
// ```
// ### Multi-platform image
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Platforms: docker - build.PlatformArray{
// dockerbuild.Platform_Plan9_amd64,
// dockerbuild.Platform_Plan9_386,
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Registry export
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Push: pulumi.Bool(true),
// Registries: dockerbuild.RegistryArray{
// &dockerbuild.RegistryArgs{
// Address: pulumi.String("docker.io"),
// Password: pulumi.Any(dockerHubPassword),
// Username: pulumi.String("pulumibot"),
// },
// },
// Tags: pulumi.StringArray{
// pulumi.String("docker.io/pulumi/pulumi:3.107.0"),
// },
// })
// if err != nil {
// return err
// }
// ctx.Export("ref", myImage.Ref)
// return nil
// })
// }
//
// ```
// ### Caching
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// CacheFrom: dockerbuild.CacheFromArray{
// &dockerbuild.CacheFromArgs{
// Local: &dockerbuild.CacheFromLocalArgs{
// Src: pulumi.String("tmp/cache"),
// },
// },
// },
// CacheTo: dockerbuild.CacheToArray{
// &dockerbuild.CacheToArgs{
// Local: &dockerbuild.CacheToLocalArgs{
// Dest: pulumi.String("tmp/cache"),
// Mode: dockerbuild.CacheModeMax,
// },
// },
// },
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Docker Build Cloud
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Builder: &dockerbuild.BuilderConfigArgs{
// Name: pulumi.String("cloud-builder-name"),
// },
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Exec: pulumi.Bool(true),
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Build arguments
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// BuildArgs: pulumi.StringMap{
// "SET_ME_TO_TRUE": pulumi.String("true"),
// },
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Build target
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Push: pulumi.Bool(false),
// Target: pulumi.String("build-me"),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Named contexts
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// Named: dockerbuild.ContextMap{
// "golang:latest": &dockerbuild.ContextArgs{
// Location: pulumi.String("docker-image://golang@sha256:b8e62cf593cdaff36efd90aa3a37de268e6781a2e68c6610940c48f7cdf36984"),
// },
// },
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Remote context
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("https://raw.githubusercontent.com/pulumi/pulumi-docker/api-types/provider/testdata/Dockerfile"),
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Inline Dockerfile
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Dockerfile: &dockerbuild.DockerfileArgs{
// Inline: pulumi.String("FROM busybox\nCOPY hello.c ./\n"),
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Remote context
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("https://github.com/docker-library/hello-world.git"),
// },
// Dockerfile: &dockerbuild.DockerfileArgs{
// Location: pulumi.String("app/Dockerfile"),
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
// ### Local export
// ```go
// package main
//
// import (
//
// "github.com/pulumi/pulumi-docker-build/sdk/go/dockerbuild"
// "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
//
// )
//
// func main() {
// pulumi.Run(func(ctx *pulumi.Context) error {
// _, err := dockerbuild.NewImage(ctx, "image", &dockerbuild.ImageArgs{
// Context: &dockerbuild.BuildContextArgs{
// Location: pulumi.String("app"),
// },
// Exports: dockerbuild.ExportArray{
// &dockerbuild.ExportArgs{
// Docker: &dockerbuild.ExportDockerArgs{
// Tar: pulumi.Bool(true),
// },
// },
// },
// Push: pulumi.Bool(false),
// })
// if err != nil {
// return err
// }
// return nil
// })
// }
//
// ```
type Image struct {
pulumi.CustomResourceState
// Custom `host:ip` mappings to use during the build.
//
// Equivalent to Docker's `--add-host` flag.
AddHosts pulumi.StringArrayOutput `pulumi:"addHosts"`
// `ARG` names and values to set during the build.
//
// These variables are accessed like environment variables inside `RUN`
// instructions.
//
// Build arguments are persisted in the image, so you should use `secrets`
// if these arguments are sensitive.
//
// Equivalent to Docker's `--build-arg` flag.
BuildArgs pulumi.StringMapOutput `pulumi:"buildArgs"`
// Setting this to `false` will always skip image builds during previews,
// and setting it to `true` will always build images during previews.
//
// Images built during previews are never exported to registries, however
// cache manifests are still exported.
//
// On-disk Dockerfiles are always validated for syntactic correctness
// regardless of this setting.
//
// Defaults to `true` as a safeguard against broken images merging as part
// of CI pipelines.
BuildOnPreview pulumi.BoolPtrOutput `pulumi:"buildOnPreview"`
// Builder configuration.
Builder BuilderConfigPtrOutput `pulumi:"builder"`
// Cache export configuration.
//
// Equivalent to Docker's `--cache-from` flag.
CacheFrom CacheFromArrayOutput `pulumi:"cacheFrom"`
// Cache import configuration.
//
// Equivalent to Docker's `--cache-to` flag.
CacheTo CacheToArrayOutput `pulumi:"cacheTo"`
// Build context settings. Defaults to the current directory.
//
// Equivalent to Docker's `PATH | URL | -` positional argument.
Context BuildContextPtrOutput `pulumi:"context"`
// A preliminary hash of the image's build context.
//
// Pulumi uses this to determine if an image _may_ need to be re-built.
ContextHash pulumi.StringOutput `pulumi:"contextHash"`
// A SHA256 digest of the image if it was exported to a registry or
// elsewhere.
//
// Empty if the image was not exported.
//
// Registry images can be referenced precisely as `<tag>@<digest>`. The
// `ref` output provides one such reference as a convenience.
Digest pulumi.StringOutput `pulumi:"digest"`
// Dockerfile settings.
//
// Equivalent to Docker's `--file` flag.
Dockerfile DockerfilePtrOutput `pulumi:"dockerfile"`
// Use `exec` mode to build this image.
//
// By default the provider embeds a v25 Docker client with v0.12 buildx
// support. This helps ensure consistent behavior across environments and
// is compatible with alternative build backends (e.g. `buildkitd`), but
// it may not be desirable if you require a specific version of buildx.
// For example you may want to run a custom `docker-buildx` binary with
// support for [Docker Build
// Cloud](https://docs.docker.com/build/cloud/setup/) (DBC).
//
// When this is set to `true` the provider will instead execute the
// `docker-buildx` binary directly to perform its operations. The user is
// responsible for ensuring this binary exists, with correct permissions
// and pre-configured builders, at a path Docker expects (e.g.
// `~/.docker/cli-plugins`).
//
// Debugging `exec` mode may be more difficult as Pulumi will not be able
// to surface fine-grained errors and warnings. Additionally credentials
// are temporarily written to disk in order to provide them to the
// `docker-buildx` binary.
Exec pulumi.BoolPtrOutput `pulumi:"exec"`
// Controls where images are persisted after building.
//
// Images are only stored in the local cache unless `exports` are
// explicitly configured.
//
// Exporting to multiple destinations requires a daemon running BuildKit
// 0.13 or later.
//
// Equivalent to Docker's `--output` flag.
Exports ExportArrayOutput `pulumi:"exports"`
// Attach arbitrary key/value metadata to the image.
//
// Equivalent to Docker's `--label` flag.
Labels pulumi.StringMapOutput `pulumi:"labels"`
// When `true` the build will automatically include a `docker` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--load` flag.
Load pulumi.BoolPtrOutput `pulumi:"load"`
// Set the network mode for `RUN` instructions. Defaults to `default`.
//
// For custom networks, configure your builder with `--driver-opt network=...`.
//
// Equivalent to Docker's `--network` flag.
Network NetworkModePtrOutput `pulumi:"network"`
// Do not import cache manifests when building the image.
//
// Equivalent to Docker's `--no-cache` flag.
NoCache pulumi.BoolPtrOutput `pulumi:"noCache"`
// Set target platform(s) for the build. Defaults to the host's platform.
//
// Equivalent to Docker's `--platform` flag.
Platforms PlatformArrayOutput `pulumi:"platforms"`
// Always pull referenced images.
//
// Equivalent to Docker's `--pull` flag.
Pull pulumi.BoolPtrOutput `pulumi:"pull"`
// When `true` the build will automatically include a `registry` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--push` flag.
Push pulumi.BoolOutput `pulumi:"push"`
// If the image was pushed to any registries then this will contain a
// single fully-qualified tag including the build's digest.
//
// If the image had tags but was not exported, this will take on a value
// of one of those tags.
//
// This will be empty if the image had no exports and no tags.
//
// This is only for convenience and may not be appropriate for situations
// where multiple tags or registries are involved. In those cases this
// output is not guaranteed to be stable.
//
// For more control over tags consumed by downstream resources you should
// use the `digest` output.
Ref pulumi.StringOutput `pulumi:"ref"`
// Registry credentials. Required if reading or exporting to private
// repositories.
//
// Credentials are kept in-memory and do not pollute pre-existing
// credentials on the host.
//
// Similar to `docker login`.
Registries RegistryArrayOutput `pulumi:"registries"`
// A mapping of secret names to their corresponding values.
//
// Unlike the Docker CLI, these can be passed by value and do not need to
// exist on-disk or in environment variables.
//
// Build arguments and environment variables are persistent in the final
// image, so you should use this for sensitive values.
//
// Similar to Docker's `--secret` flag.
Secrets pulumi.StringMapOutput `pulumi:"secrets"`
// SSH agent socket or keys to expose to the build.
//
// Equivalent to Docker's `--ssh` flag.
Ssh SSHArrayOutput `pulumi:"ssh"`
// Name and optionally a tag (format: `name:tag`).
//
// If exporting to a registry, the name should include the fully qualified
// registry address (e.g. `docker.io/pulumi/pulumi:latest`).
//
// Equivalent to Docker's `--tag` flag.
Tags pulumi.StringArrayOutput `pulumi:"tags"`
// Set the target build stage(s) to build.
//
// If not specified all targets will be built by default.
//
// Equivalent to Docker's `--target` flag.
Target pulumi.StringPtrOutput `pulumi:"target"`
}
// NewImage registers a new resource with the given unique name, arguments, and options.
func NewImage(ctx *pulumi.Context,
name string, args *ImageArgs, opts ...pulumi.ResourceOption) (*Image, error) {
if args == nil {
return nil, errors.New("missing one or more required arguments")
}
if args.Push == nil {
return nil, errors.New("invalid value for required argument 'Push'")
}
if args.BuildOnPreview == nil {
args.BuildOnPreview = pulumi.BoolPtr(true)
}
if args.Network == nil {
args.Network = NetworkMode("default")
}
opts = internal.PkgResourceDefaultOpts(opts)
var resource Image
err := ctx.RegisterResource("docker-build:index:Image", name, args, &resource, opts...)
if err != nil {
return nil, err
}
return &resource, nil
}
// GetImage gets an existing Image resource's state with the given name, ID, and optional
// state properties that are used to uniquely qualify the lookup (nil if not required).
func GetImage(ctx *pulumi.Context,
name string, id pulumi.IDInput, state *ImageState, opts ...pulumi.ResourceOption) (*Image, error) {
var resource Image
err := ctx.ReadResource("docker-build:index:Image", name, id, state, &resource, opts...)
if err != nil {
return nil, err
}
return &resource, nil
}
// Input properties used for looking up and filtering Image resources.
type imageState struct {
}
type ImageState struct {
}
func (ImageState) ElementType() reflect.Type {
return reflect.TypeOf((*imageState)(nil)).Elem()
}
type imageArgs struct {
// Custom `host:ip` mappings to use during the build.
//
// Equivalent to Docker's `--add-host` flag.
AddHosts []string `pulumi:"addHosts"`
// `ARG` names and values to set during the build.
//
// These variables are accessed like environment variables inside `RUN`
// instructions.
//
// Build arguments are persisted in the image, so you should use `secrets`
// if these arguments are sensitive.
//
// Equivalent to Docker's `--build-arg` flag.
BuildArgs map[string]string `pulumi:"buildArgs"`
// Setting this to `false` will always skip image builds during previews,
// and setting it to `true` will always build images during previews.
//
// Images built during previews are never exported to registries, however
// cache manifests are still exported.
//
// On-disk Dockerfiles are always validated for syntactic correctness
// regardless of this setting.
//
// Defaults to `true` as a safeguard against broken images merging as part
// of CI pipelines.
BuildOnPreview *bool `pulumi:"buildOnPreview"`
// Builder configuration.
Builder *BuilderConfig `pulumi:"builder"`
// Cache export configuration.
//
// Equivalent to Docker's `--cache-from` flag.
CacheFrom []CacheFrom `pulumi:"cacheFrom"`
// Cache import configuration.
//
// Equivalent to Docker's `--cache-to` flag.
CacheTo []CacheTo `pulumi:"cacheTo"`
// Build context settings. Defaults to the current directory.
//
// Equivalent to Docker's `PATH | URL | -` positional argument.
Context *BuildContext `pulumi:"context"`
// Dockerfile settings.
//
// Equivalent to Docker's `--file` flag.
Dockerfile *Dockerfile `pulumi:"dockerfile"`
// Use `exec` mode to build this image.
//
// By default the provider embeds a v25 Docker client with v0.12 buildx
// support. This helps ensure consistent behavior across environments and
// is compatible with alternative build backends (e.g. `buildkitd`), but
// it may not be desirable if you require a specific version of buildx.
// For example you may want to run a custom `docker-buildx` binary with
// support for [Docker Build
// Cloud](https://docs.docker.com/build/cloud/setup/) (DBC).
//
// When this is set to `true` the provider will instead execute the
// `docker-buildx` binary directly to perform its operations. The user is
// responsible for ensuring this binary exists, with correct permissions
// and pre-configured builders, at a path Docker expects (e.g.
// `~/.docker/cli-plugins`).
//
// Debugging `exec` mode may be more difficult as Pulumi will not be able
// to surface fine-grained errors and warnings. Additionally credentials
// are temporarily written to disk in order to provide them to the
// `docker-buildx` binary.
Exec *bool `pulumi:"exec"`
// Controls where images are persisted after building.
//
// Images are only stored in the local cache unless `exports` are
// explicitly configured.
//
// Exporting to multiple destinations requires a daemon running BuildKit
// 0.13 or later.
//
// Equivalent to Docker's `--output` flag.
Exports []Export `pulumi:"exports"`
// Attach arbitrary key/value metadata to the image.
//
// Equivalent to Docker's `--label` flag.
Labels map[string]string `pulumi:"labels"`
// When `true` the build will automatically include a `docker` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--load` flag.
Load *bool `pulumi:"load"`
// Set the network mode for `RUN` instructions. Defaults to `default`.
//
// For custom networks, configure your builder with `--driver-opt network=...`.
//
// Equivalent to Docker's `--network` flag.
Network *NetworkMode `pulumi:"network"`
// Do not import cache manifests when building the image.
//
// Equivalent to Docker's `--no-cache` flag.
NoCache *bool `pulumi:"noCache"`
// Set target platform(s) for the build. Defaults to the host's platform.
//
// Equivalent to Docker's `--platform` flag.
Platforms []Platform `pulumi:"platforms"`
// Always pull referenced images.
//
// Equivalent to Docker's `--pull` flag.
Pull *bool `pulumi:"pull"`
// When `true` the build will automatically include a `registry` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--push` flag.
Push bool `pulumi:"push"`
// Registry credentials. Required if reading or exporting to private
// repositories.
//
// Credentials are kept in-memory and do not pollute pre-existing
// credentials on the host.
//
// Similar to `docker login`.
Registries []Registry `pulumi:"registries"`
// A mapping of secret names to their corresponding values.
//
// Unlike the Docker CLI, these can be passed by value and do not need to
// exist on-disk or in environment variables.
//
// Build arguments and environment variables are persistent in the final
// image, so you should use this for sensitive values.
//
// Similar to Docker's `--secret` flag.
Secrets map[string]string `pulumi:"secrets"`
// SSH agent socket or keys to expose to the build.
//
// Equivalent to Docker's `--ssh` flag.
Ssh []SSH `pulumi:"ssh"`
// Name and optionally a tag (format: `name:tag`).
//
// If exporting to a registry, the name should include the fully qualified
// registry address (e.g. `docker.io/pulumi/pulumi:latest`).
//
// Equivalent to Docker's `--tag` flag.
Tags []string `pulumi:"tags"`
// Set the target build stage(s) to build.
//
// If not specified all targets will be built by default.
//
// Equivalent to Docker's `--target` flag.
Target *string `pulumi:"target"`
}
// The set of arguments for constructing a Image resource.
type ImageArgs struct {
// Custom `host:ip` mappings to use during the build.
//
// Equivalent to Docker's `--add-host` flag.
AddHosts pulumi.StringArrayInput
// `ARG` names and values to set during the build.
//
// These variables are accessed like environment variables inside `RUN`
// instructions.
//
// Build arguments are persisted in the image, so you should use `secrets`
// if these arguments are sensitive.
//
// Equivalent to Docker's `--build-arg` flag.
BuildArgs pulumi.StringMapInput
// Setting this to `false` will always skip image builds during previews,
// and setting it to `true` will always build images during previews.
//
// Images built during previews are never exported to registries, however
// cache manifests are still exported.
//
// On-disk Dockerfiles are always validated for syntactic correctness
// regardless of this setting.
//
// Defaults to `true` as a safeguard against broken images merging as part
// of CI pipelines.
BuildOnPreview pulumi.BoolPtrInput
// Builder configuration.
Builder BuilderConfigPtrInput
// Cache export configuration.
//
// Equivalent to Docker's `--cache-from` flag.
CacheFrom CacheFromArrayInput
// Cache import configuration.
//
// Equivalent to Docker's `--cache-to` flag.
CacheTo CacheToArrayInput
// Build context settings. Defaults to the current directory.
//
// Equivalent to Docker's `PATH | URL | -` positional argument.
Context BuildContextPtrInput
// Dockerfile settings.
//
// Equivalent to Docker's `--file` flag.
Dockerfile DockerfilePtrInput
// Use `exec` mode to build this image.
//
// By default the provider embeds a v25 Docker client with v0.12 buildx
// support. This helps ensure consistent behavior across environments and
// is compatible with alternative build backends (e.g. `buildkitd`), but
// it may not be desirable if you require a specific version of buildx.
// For example you may want to run a custom `docker-buildx` binary with
// support for [Docker Build
// Cloud](https://docs.docker.com/build/cloud/setup/) (DBC).
//
// When this is set to `true` the provider will instead execute the
// `docker-buildx` binary directly to perform its operations. The user is
// responsible for ensuring this binary exists, with correct permissions
// and pre-configured builders, at a path Docker expects (e.g.
// `~/.docker/cli-plugins`).
//
// Debugging `exec` mode may be more difficult as Pulumi will not be able
// to surface fine-grained errors and warnings. Additionally credentials
// are temporarily written to disk in order to provide them to the
// `docker-buildx` binary.
Exec pulumi.BoolPtrInput
// Controls where images are persisted after building.
//
// Images are only stored in the local cache unless `exports` are
// explicitly configured.
//
// Exporting to multiple destinations requires a daemon running BuildKit
// 0.13 or later.
//
// Equivalent to Docker's `--output` flag.
Exports ExportArrayInput
// Attach arbitrary key/value metadata to the image.
//
// Equivalent to Docker's `--label` flag.
Labels pulumi.StringMapInput
// When `true` the build will automatically include a `docker` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--load` flag.
Load pulumi.BoolPtrInput
// Set the network mode for `RUN` instructions. Defaults to `default`.
//
// For custom networks, configure your builder with `--driver-opt network=...`.
//
// Equivalent to Docker's `--network` flag.
Network NetworkModePtrInput
// Do not import cache manifests when building the image.
//
// Equivalent to Docker's `--no-cache` flag.
NoCache pulumi.BoolPtrInput
// Set target platform(s) for the build. Defaults to the host's platform.
//
// Equivalent to Docker's `--platform` flag.
Platforms PlatformArrayInput
// Always pull referenced images.
//
// Equivalent to Docker's `--pull` flag.
Pull pulumi.BoolPtrInput
// When `true` the build will automatically include a `registry` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--push` flag.
Push pulumi.BoolInput
// Registry credentials. Required if reading or exporting to private
// repositories.
//
// Credentials are kept in-memory and do not pollute pre-existing
// credentials on the host.
//
// Similar to `docker login`.
Registries RegistryArrayInput
// A mapping of secret names to their corresponding values.
//
// Unlike the Docker CLI, these can be passed by value and do not need to
// exist on-disk or in environment variables.
//
// Build arguments and environment variables are persistent in the final
// image, so you should use this for sensitive values.
//
// Similar to Docker's `--secret` flag.
Secrets pulumi.StringMapInput
// SSH agent socket or keys to expose to the build.
//
// Equivalent to Docker's `--ssh` flag.
Ssh SSHArrayInput
// Name and optionally a tag (format: `name:tag`).
//
// If exporting to a registry, the name should include the fully qualified
// registry address (e.g. `docker.io/pulumi/pulumi:latest`).
//
// Equivalent to Docker's `--tag` flag.
Tags pulumi.StringArrayInput
// Set the target build stage(s) to build.
//
// If not specified all targets will be built by default.
//
// Equivalent to Docker's `--target` flag.
Target pulumi.StringPtrInput
}
func (ImageArgs) ElementType() reflect.Type {
return reflect.TypeOf((*imageArgs)(nil)).Elem()
}
type ImageInput interface {
pulumi.Input
ToImageOutput() ImageOutput
ToImageOutputWithContext(ctx context.Context) ImageOutput
}
func (*Image) ElementType() reflect.Type {
return reflect.TypeOf((**Image)(nil)).Elem()
}
func (i *Image) ToImageOutput() ImageOutput {
return i.ToImageOutputWithContext(context.Background())
}
func (i *Image) ToImageOutputWithContext(ctx context.Context) ImageOutput {
return pulumi.ToOutputWithContext(ctx, i).(ImageOutput)
}
func (i *Image) ToOutput(ctx context.Context) pulumix.Output[*Image] {
return pulumix.Output[*Image]{
OutputState: i.ToImageOutputWithContext(ctx).OutputState,
}
}
type ImageOutput struct{ *pulumi.OutputState }
func (ImageOutput) ElementType() reflect.Type {
return reflect.TypeOf((**Image)(nil)).Elem()
}
func (o ImageOutput) ToImageOutput() ImageOutput {
return o
}
func (o ImageOutput) ToImageOutputWithContext(ctx context.Context) ImageOutput {
return o
}
func (o ImageOutput) ToOutput(ctx context.Context) pulumix.Output[*Image] {
return pulumix.Output[*Image]{
OutputState: o.OutputState,
}
}
// Custom `host:ip` mappings to use during the build.
//
// Equivalent to Docker's `--add-host` flag.
func (o ImageOutput) AddHosts() pulumi.StringArrayOutput {
return o.ApplyT(func(v *Image) pulumi.StringArrayOutput { return v.AddHosts }).(pulumi.StringArrayOutput)
}
// `ARG` names and values to set during the build.
//
// These variables are accessed like environment variables inside `RUN`
// instructions.
//
// Build arguments are persisted in the image, so you should use `secrets`
// if these arguments are sensitive.
//
// Equivalent to Docker's `--build-arg` flag.
func (o ImageOutput) BuildArgs() pulumi.StringMapOutput {
return o.ApplyT(func(v *Image) pulumi.StringMapOutput { return v.BuildArgs }).(pulumi.StringMapOutput)
}
// Setting this to `false` will always skip image builds during previews,
// and setting it to `true` will always build images during previews.
//
// Images built during previews are never exported to registries, however
// cache manifests are still exported.
//
// On-disk Dockerfiles are always validated for syntactic correctness
// regardless of this setting.
//
// Defaults to `true` as a safeguard against broken images merging as part
// of CI pipelines.
func (o ImageOutput) BuildOnPreview() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Image) pulumi.BoolPtrOutput { return v.BuildOnPreview }).(pulumi.BoolPtrOutput)
}
// Builder configuration.
func (o ImageOutput) Builder() BuilderConfigPtrOutput {
return o.ApplyT(func(v *Image) BuilderConfigPtrOutput { return v.Builder }).(BuilderConfigPtrOutput)
}
// Cache export configuration.
//
// Equivalent to Docker's `--cache-from` flag.
func (o ImageOutput) CacheFrom() CacheFromArrayOutput {
return o.ApplyT(func(v *Image) CacheFromArrayOutput { return v.CacheFrom }).(CacheFromArrayOutput)
}
// Cache import configuration.
//
// Equivalent to Docker's `--cache-to` flag.
func (o ImageOutput) CacheTo() CacheToArrayOutput {
return o.ApplyT(func(v *Image) CacheToArrayOutput { return v.CacheTo }).(CacheToArrayOutput)
}
// Build context settings. Defaults to the current directory.
//
// Equivalent to Docker's `PATH | URL | -` positional argument.
func (o ImageOutput) Context() BuildContextPtrOutput {
return o.ApplyT(func(v *Image) BuildContextPtrOutput { return v.Context }).(BuildContextPtrOutput)
}
// A preliminary hash of the image's build context.
//
// Pulumi uses this to determine if an image _may_ need to be re-built.
func (o ImageOutput) ContextHash() pulumi.StringOutput {
return o.ApplyT(func(v *Image) pulumi.StringOutput { return v.ContextHash }).(pulumi.StringOutput)
}
// A SHA256 digest of the image if it was exported to a registry or
// elsewhere.
//
// Empty if the image was not exported.
//
// Registry images can be referenced precisely as `<tag>@<digest>`. The
// `ref` output provides one such reference as a convenience.
func (o ImageOutput) Digest() pulumi.StringOutput {
return o.ApplyT(func(v *Image) pulumi.StringOutput { return v.Digest }).(pulumi.StringOutput)
}
// Dockerfile settings.
//
// Equivalent to Docker's `--file` flag.
func (o ImageOutput) Dockerfile() DockerfilePtrOutput {
return o.ApplyT(func(v *Image) DockerfilePtrOutput { return v.Dockerfile }).(DockerfilePtrOutput)
}
// Use `exec` mode to build this image.
//
// By default the provider embeds a v25 Docker client with v0.12 buildx
// support. This helps ensure consistent behavior across environments and
// is compatible with alternative build backends (e.g. `buildkitd`), but
// it may not be desirable if you require a specific version of buildx.
// For example you may want to run a custom `docker-buildx` binary with
// support for [Docker Build
// Cloud](https://docs.docker.com/build/cloud/setup/) (DBC).
//
// When this is set to `true` the provider will instead execute the
// `docker-buildx` binary directly to perform its operations. The user is
// responsible for ensuring this binary exists, with correct permissions
// and pre-configured builders, at a path Docker expects (e.g.
// `~/.docker/cli-plugins`).
//
// Debugging `exec` mode may be more difficult as Pulumi will not be able
// to surface fine-grained errors and warnings. Additionally credentials
// are temporarily written to disk in order to provide them to the
// `docker-buildx` binary.
func (o ImageOutput) Exec() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Image) pulumi.BoolPtrOutput { return v.Exec }).(pulumi.BoolPtrOutput)
}
// Controls where images are persisted after building.
//
// Images are only stored in the local cache unless `exports` are
// explicitly configured.
//
// Exporting to multiple destinations requires a daemon running BuildKit
// 0.13 or later.
//
// Equivalent to Docker's `--output` flag.
func (o ImageOutput) Exports() ExportArrayOutput {
return o.ApplyT(func(v *Image) ExportArrayOutput { return v.Exports }).(ExportArrayOutput)
}
// Attach arbitrary key/value metadata to the image.
//
// Equivalent to Docker's `--label` flag.
func (o ImageOutput) Labels() pulumi.StringMapOutput {
return o.ApplyT(func(v *Image) pulumi.StringMapOutput { return v.Labels }).(pulumi.StringMapOutput)
}
// When `true` the build will automatically include a `docker` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--load` flag.
func (o ImageOutput) Load() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Image) pulumi.BoolPtrOutput { return v.Load }).(pulumi.BoolPtrOutput)
}
// Set the network mode for `RUN` instructions. Defaults to `default`.
//
// For custom networks, configure your builder with `--driver-opt network=...`.
//
// Equivalent to Docker's `--network` flag.
func (o ImageOutput) Network() NetworkModePtrOutput {
return o.ApplyT(func(v *Image) NetworkModePtrOutput { return v.Network }).(NetworkModePtrOutput)
}
// Do not import cache manifests when building the image.
//
// Equivalent to Docker's `--no-cache` flag.
func (o ImageOutput) NoCache() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Image) pulumi.BoolPtrOutput { return v.NoCache }).(pulumi.BoolPtrOutput)
}
// Set target platform(s) for the build. Defaults to the host's platform.
//
// Equivalent to Docker's `--platform` flag.
func (o ImageOutput) Platforms() PlatformArrayOutput {
return o.ApplyT(func(v *Image) PlatformArrayOutput { return v.Platforms }).(PlatformArrayOutput)
}
// Always pull referenced images.
//
// Equivalent to Docker's `--pull` flag.
func (o ImageOutput) Pull() pulumi.BoolPtrOutput {
return o.ApplyT(func(v *Image) pulumi.BoolPtrOutput { return v.Pull }).(pulumi.BoolPtrOutput)
}
// When `true` the build will automatically include a `registry` export.
//
// Defaults to `false`.
//
// Equivalent to Docker's `--push` flag.
func (o ImageOutput) Push() pulumi.BoolOutput {
return o.ApplyT(func(v *Image) pulumi.BoolOutput { return v.Push }).(pulumi.BoolOutput)
}
// If the image was pushed to any registries then this will contain a
// single fully-qualified tag including the build's digest.
//
// If the image had tags but was not exported, this will take on a value
// of one of those tags.
//
// This will be empty if the image had no exports and no tags.
//
// This is only for convenience and may not be appropriate for situations
// where multiple tags or registries are involved. In those cases this
// output is not guaranteed to be stable.
//
// For more control over tags consumed by downstream resources you should
// use the `digest` output.
func (o ImageOutput) Ref() pulumi.StringOutput {
return o.ApplyT(func(v *Image) pulumi.StringOutput { return v.Ref }).(pulumi.StringOutput)
}
// Registry credentials. Required if reading or exporting to private
// repositories.
//
// Credentials are kept in-memory and do not pollute pre-existing
// credentials on the host.
//
// Similar to `docker login`.
func (o ImageOutput) Registries() RegistryArrayOutput {
return o.ApplyT(func(v *Image) RegistryArrayOutput { return v.Registries }).(RegistryArrayOutput)
}
// A mapping of secret names to their corresponding values.
//
// Unlike the Docker CLI, these can be passed by value and do not need to
// exist on-disk or in environment variables.
//
// Build arguments and environment variables are persistent in the final
// image, so you should use this for sensitive values.
//
// Similar to Docker's `--secret` flag.
func (o ImageOutput) Secrets() pulumi.StringMapOutput {
return o.ApplyT(func(v *Image) pulumi.StringMapOutput { return v.Secrets }).(pulumi.StringMapOutput)
}
// SSH agent socket or keys to expose to the build.
//
// Equivalent to Docker's `--ssh` flag.
func (o ImageOutput) Ssh() SSHArrayOutput {
return o.ApplyT(func(v *Image) SSHArrayOutput { return v.Ssh }).(SSHArrayOutput)
}
// Name and optionally a tag (format: `name:tag`).
//
// If exporting to a registry, the name should include the fully qualified
// registry address (e.g. `docker.io/pulumi/pulumi:latest`).
//
// Equivalent to Docker's `--tag` flag.
func (o ImageOutput) Tags() pulumi.StringArrayOutput {
return o.ApplyT(func(v *Image) pulumi.StringArrayOutput { return v.Tags }).(pulumi.StringArrayOutput)
}
// Set the target build stage(s) to build.
//
// If not specified all targets will be built by default.
//
// Equivalent to Docker's `--target` flag.
func (o ImageOutput) Target() pulumi.StringPtrOutput {
return o.ApplyT(func(v *Image) pulumi.StringPtrOutput { return v.Target }).(pulumi.StringPtrOutput)
}
func init() {
pulumi.RegisterInputType(reflect.TypeOf((*ImageInput)(nil)).Elem(), &Image{})
pulumi.RegisterOutputType(ImageOutput{})
}
View Git Blame Copy Permalink