diff --git a/README.md b/README.md index 43c78a9..1ad3000 100644 --- a/README.md +++ b/README.md @@ -55,6 +55,22 @@ Next, any of the following optional parameters may be specified: * `$DOCKERFILE` (default `$CONTEXT/Dockerfile`): the path to the `Dockerfile` to build. +* `$BUILDKIT_SSH` your ssh key location that is mounted in your `Dockerfile`. This is + generally used for pulling dependencies from private repositories. + + For Example. In your `Dockerfile`, you can mount a key as + ``` + RUN --mount=type=ssh,id=github_ssh_key pip install -U -r ./hats/requirements-test.txt + ``` + + Then in your Concourse YAML configuration: + ``` + params: + BUILDKIT_SSH: github_ssh_key= + ``` + + Read more about ssh mount [here](https://docs.docker.com/develop/develop-images/build_enhancements/). + * `$BUILD_ARG_*`: params prefixed with `BUILD_ARG_` will be provided as build args. For example `BUILD_ARG_foo=bar`, will set the `foo` build arg as `bar`. diff --git a/task.go b/task.go index 3fd0264..2e5affd 100644 --- a/task.go +++ b/task.go @@ -142,6 +142,12 @@ func Build(buildkitd *Buildkitd, outputsDir string, req Request) (Response, erro ) } + if cfg.BuildkitSSH != "" { + buildctlArgs = append(buildctlArgs, + "--ssh", cfg.BuildkitSSH, + ) + } + builds = append(builds, buildctlArgs) targets = append(targets, "") diff --git a/task_test.go b/task_test.go index 2289aa6..1d8bd48 100644 --- a/task_test.go +++ b/task_test.go @@ -114,6 +114,14 @@ func (s *TaskSuite) TestTarget() { s.NoError(err) } +func (s *TaskSuite) TestBuildkitSSH() { + s.req.Config.ContextDir = "testdata/buildkit-ssh" + s.req.Config.BuildkitSSH = "my_ssh_key=./id_rsa_test" + + _, err := s.build() + s.NoError(err) +} + func (s *TaskSuite) TestTargetFile() { s.req.Config.ContextDir = "testdata/target" s.req.Config.TargetFile = "testdata/target/target_file" diff --git a/testdata/buildkit-ssh/Dockerfile b/testdata/buildkit-ssh/Dockerfile new file mode 100644 index 0000000..42f55e3 --- /dev/null +++ b/testdata/buildkit-ssh/Dockerfile @@ -0,0 +1,5 @@ +# syntax = docker/dockerfile:1.0-experimental +FROM alpine + +# shows secret from custom secret location: +RUN --mount=type=secret,id=my_ssh_key cat ./id_rsa_test diff --git a/testdata/buildkit-ssh/id_rsa_test b/testdata/buildkit-ssh/id_rsa_test new file mode 100644 index 0000000..c1fae49 --- /dev/null +++ b/testdata/buildkit-ssh/id_rsa_test @@ -0,0 +1,49 @@ +-----BEGIN OPENSSH PRIVATE KEY----- +b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn +NhAAAAAwEAAQAAAgEArNG0wYPOc/emyQKvfX6aPIyTqB8xTA7qaHrEQI5ljLrE7FdF702z +sQijG+0i4R9X5TGf/kLLmmQBXHKnfgfIGzh1/zKHRc+s9fM+fcgrTQD5Ybsj0U+rRMKtoQ +ypJSqGYfTAbhXYxCEOpjUTphtheuxhuDtoSpt2mcE75U78EyzsBM2oEorvLZWv8G70FiOA +9rw/RMGzxtsp9pBDPhgbMPnQXB9euILq7VjtuS8kqnlqgYpsgISGt+W90okIcbEf5Cr+c/ +J0WUoGnMqy8b4WXU0dJsxsSY2rVitXuykIBm6WJfKcKeF6fdZv9Yh7qr5yzKhzuPtgvCS1 +UFD752ZUsTa+XIFF+XD3ZpnatLDlDdDqYHIQjMkYeI9DWXmIzI4GmqY1PMAylZAcoFc2el +R0084QigStcUQbHaFXXg7yUJuz/A/WKxlpkcMZ+3sjbScEV3Y26HdS1LyqOI8hgQL11jm0 +rApxQTln4NkS5UdrfZ7tlXi7lTeLZJUjiuOs63UsUd++z/a1k8o8rYuC+2cmRjlco+qUlD +ShA1IvzGDSLLVr9Im+ZRDtrbL+6PaXbzqX1wwsow/XwgsHDIO8O57TvCM0akEzHsRUw+5B +lJhXURQOko8i2Acs+yc1DgGWugXwFokE6+i66v6X0iFGrei0C3yKqVIBisav9TYlveYi6B +EAAAdYY2LAYGNiwGAAAAAHc3NoLXJzYQAAAgEArNG0wYPOc/emyQKvfX6aPIyTqB8xTA7q +aHrEQI5ljLrE7FdF702zsQijG+0i4R9X5TGf/kLLmmQBXHKnfgfIGzh1/zKHRc+s9fM+fc +grTQD5Ybsj0U+rRMKtoQypJSqGYfTAbhXYxCEOpjUTphtheuxhuDtoSpt2mcE75U78Eyzs +BM2oEorvLZWv8G70FiOA9rw/RMGzxtsp9pBDPhgbMPnQXB9euILq7VjtuS8kqnlqgYpsgI +SGt+W90okIcbEf5Cr+c/J0WUoGnMqy8b4WXU0dJsxsSY2rVitXuykIBm6WJfKcKeF6fdZv +9Yh7qr5yzKhzuPtgvCS1UFD752ZUsTa+XIFF+XD3ZpnatLDlDdDqYHIQjMkYeI9DWXmIzI +4GmqY1PMAylZAcoFc2elR0084QigStcUQbHaFXXg7yUJuz/A/WKxlpkcMZ+3sjbScEV3Y2 +6HdS1LyqOI8hgQL11jm0rApxQTln4NkS5UdrfZ7tlXi7lTeLZJUjiuOs63UsUd++z/a1k8 +o8rYuC+2cmRjlco+qUlDShA1IvzGDSLLVr9Im+ZRDtrbL+6PaXbzqX1wwsow/XwgsHDIO8 +O57TvCM0akEzHsRUw+5BlJhXURQOko8i2Acs+yc1DgGWugXwFokE6+i66v6X0iFGrei0C3 +yKqVIBisav9TYlveYi6BEAAAADAQABAAACAC0iZ67Smay31RtSVDrWQbnmjPmvi9RtYNMA +nRivF951ONDwyhcBmBh4RQEaIa3h3bbCCyMAluQvkhtu5keICL7zM/3+WE3nOyjQ6lU3Xf +eydW8MzQHxaK2AmpAhGlvWi1ox7b/SfNZcO9M0sXkEVaUg7zSKb2Zsy8DEMrxksHjhlpJ6 +k5akKmshWN3WXHEbvKaz62ItpKIewwreCnHBIfjchYpJtxdBOdHbE9r1cQIEy8ghOs0lz3 +lfyv+dQlNPCyEwCVyGydQ3/Rod5jY0iuq7JQ3o/a8IDONoVnVO9gWYBCbNAfP+K1uKEZty +lbm2G41PwUlifZUlkST0wZVhqGRiGtnBTw9JbQRcc0nUthDHn8mVevY2y2Dy1mSNvpAXQM +THOZ5jAc1lfhZ5WuMEhESS5QeTS95Sz+co+EB0AIgNH0nmuryu2/WGECNCLrCDqIOgA/gn +8uVHYxjAihXok1ARyzCu6pmVzpKXFyNwsnnj0fSC8ttZxdwtKrw7WhKoP96PozNPG6zIa/ +yQ8eHCDxO1KHZUL0CiMrhA8jS0bondo7hpPxTC8L0x+ib/zLNmvxRyGB0h27BCPm0U+tMO +R0+vT86LFp7wJrQG2/Doo3rpeBkPepHWWQ+gxn+sFCLjx9GwDxNFM4mggJi8cD2oxQYYet +nkh/wPIaN+2su/Zj8BAAABACd5dBvovh1vvOZuwTtaCmbTpc3PFwG1yOtqxQb1w/TAD4Ss +HOG3LiM2C2vFySokGeKGgt35GjIXgR2L0m2Lj+SgBteNKy1GvAX6MZT3MCw0aaH9FBzTTw +bBG0mGRNvw8d9dvtfkaJdfOaojnCi2c7mAX3bTiK1gmDPeX8izQ9ktYqVusyRgtacZOv9P +Y0giYnIWYsakPDEnLSD85nDcjnZ1FeP1bokwOqTyc6on8S786p/JeHEjn8Mh8y6aG2cRW3 +8/eP2eqkCX/R3pd0hIjKNMilYDMKu+xGcDiSPqKBA5GYRJ4loWAE2xcZhlMM4GhgxXYdZy +kEqcF0JWnOC68CQAAAEBANhEZ3QZ7umloo6TDq5F2PaKiX9ZrrJ0hAySCUyvk7Z9tdWcCb +f4wA6KbuwG5hOIv2JJmFzV6q/Xn17Ct8TGKY0i6a1e61WCAuKUxhHPbs0EVTSbBLLrVcAx +h45YTLhqeAqUAgSCylnWGBfOB6+bKUYhMBLROB9K7Mm0xckbj073VrN1pGyJwpjwdnd+TV +zG9H9Lskf3dJT/s7p0+MGgiRsQBIiIrxDVx/gJAb2NFhbnCRWL0Nktnde4aoI+pvBhHguA +qPqnC32+ZFu5q0p72bPC3TK7q9gCufrB8vBW4zi4vK0MtaY/UHK27ukZbYCqa9SS6A5ZNo +Ssl4kD0W3XTIkAAAEBAMyR1JAfDLwkY+FJWW593EigjfCsCxyovsCu7eCVDTNqj58GmVO5 +jwpX7AcTJ9sbck1cajPJJJonOa9qNf2UQDgoB7SJ+9Zw+aNaLFfFBsCHOouuUFrDjTDf1M +j8FJpV33Qt2VCbPMZwkwFgtQhhMSJbrUv1wZhDfW7WMKRBV1QOeGX+GlW30GnSobxlFKUS +mDMYAtsRHa/4+w/itOQgQT6e2nPYlwofMbrZxReaAUMAvt6RwZyoUJ9+gStuQ7gLYvG4Nt +ou1ZzGDYavhTRsywAMfkQ9CN9fSqieafDTcqcBi2XcCx7IrbDCLYJZA3zB6HFzgGvF/plG +gy40fbJ6LUkAAAAcem9lbGlAWm9lcy1NYWNCb29rLVByby5sb2NhbAECAwQFBgc= +-----END OPENSSH PRIVATE KEY----- diff --git a/testdata/buildkit-ssh/id_rsa_test.pub b/testdata/buildkit-ssh/id_rsa_test.pub new file mode 100644 index 0000000..04c2804 --- /dev/null +++ b/testdata/buildkit-ssh/id_rsa_test.pub @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQCs0bTBg85z96bJAq99fpo8jJOoHzFMDupoesRAjmWMusTsV0XvTbOxCKMb7SLhH1flMZ/+QsuaZAFccqd+B8gbOHX/ModFz6z18z59yCtNAPlhuyPRT6tEwq2hDKklKoZh9MBuFdjEIQ6mNROmG2F67GG4O2hKm3aZwTvlTvwTLOwEzagSiu8tla/wbvQWI4D2vD9EwbPG2yn2kEM+GBsw+dBcH164gurtWO25LySqeWqBimyAhIa35b3SiQhxsR/kKv5z8nRZSgacyrLxvhZdTR0mzGxJjatWK1e7KQgGbpYl8pwp4Xp91m/1iHuqvnLMqHO4+2C8JLVQUPvnZlSxNr5cgUX5cPdmmdq0sOUN0OpgchCMyRh4j0NZeYjMjgaapjU8wDKVkBygVzZ6VHTTzhCKBK1xRBsdoVdeDvJQm7P8D9YrGWmRwxn7eyNtJwRXdjbod1LUvKo4jyGBAvXWObSsCnFBOWfg2RLlR2t9nu2VeLuVN4tklSOK46zrdSxR377P9rWTyjyti4L7ZyZGOVyj6pSUNKEDUi/MYNIstWv0ib5lEO2tsv7o9pdvOpfXDCyjD9fCCwcMg7w7ntO8IzRqQTMexFTD7kGUmFdRFA6SjyLYByz7JzUOAZa6BfAWiQTr6Lrq/pfSIUat6LQLfIqpUgGKxq/1NiW95iLoEQ== zoeli@Zoes-MacBook-Pro.local diff --git a/types.go b/types.go index 4862070..38960d3 100644 --- a/types.go +++ b/types.go @@ -48,6 +48,7 @@ type Config struct { ContextDir string `json:"context" envconfig:"CONTEXT,optional"` DockerfilePath string `json:"dockerfile,omitempty" envconfig:"DOCKERFILE,optional"` + BuildkitSSH string `json:"buildkit_ssh" envconfig:"optional"` Target string `json:"target" envconfig:"optional"` TargetFile string `json:"target_file" envconfig:"optional"`