docker/build-push-action
1
0
Fork 0
mirror of https://github.com/docker/build-push-action.git synced 2025-06-28 07:16:42 +02:00
Code Activity

handle no default attestations env var

Browse source 
Signed-off-by: CrazyMax <1951866+crazy-max@users.noreply.github.com>
This commit is contained in:
CrazyMax 2025-03-28 11:16:09 +01:00
parent 88844b95d8
commit 288d9e2e4a
No known key found for this signature in database
GPG key ID: ADE44D8C9D44FBE4
3 changed files with 130 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/context.ts
View file

@ -245,7 +245,7 @@ async function getAttestArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
if (inputs.provenance) {
args.push('--attest', Build.resolveAttestationAttrs(`type=provenance,${inputs.provenance}`));
provenanceSet = true;
} else if (!hasAttestProvenance && (await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !Build.hasDockerExporter(inputs.outputs, inputs.load)) {
} else if (!hasAttestProvenance && !noDefaultAttestations() && (await toolkit.buildkit.versionSatisfies(inputs.builder, '>=0.11.0')) && !Build.hasDockerExporter(inputs.outputs, inputs.load)) {
// if provenance not specified in provenance or attests inputs and BuildKit
// version compatible for attestation, set default provenance. Also needs
// to make sure user doesn't want to explicitly load the image to docker.
@ -277,3 +277,10 @@ async function getAttestArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
return args;
}
function noDefaultAttestations(): boolean {
if (process.env.BUILDX_NO_DEFAULT_ATTESTATIONS) {
return Util.parseBool(process.env.BUILDX_NO_DEFAULT_ATTESTATIONS);
}
return false;
}