docker/build-push-action
1
0
Fork 0
mirror of https://github.com/docker/build-push-action.git synced 2025-05-08 22:49:29 +02:00
Code Activity

tls (#12)

Browse source 
* tls

* set up tls while creating the remote builder
This commit is contained in:
Aayush Shah 2024-10-02 16:57:18 -04:00 committed by GitHub
parent 6960b243a5
commit 3f6698f877
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 79 additions and 33 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/context.ts
View file

@ -304,8 +304,17 @@ async function getAttestArgs(inputs: Inputs, toolkit: Toolkit): Promise<Array<st
return args;
}
export const tlsClientKeyPath = '/tmp/blacksmith_client_key.pem';
export const tlsClientCaCertificatePath = '/tmp/blacksmith_client_ca_certificate.pem';
export const tlsRootCaCertificatePath = '/tmp/blacksmith_root_ca_certificate.pem';
export async function getRemoteBuilderArgs(name: string, builderUrl: string): Promise<Array<string>> {
const args: Array<string> = ['create', '--name', name, '--driver', 'remote'];
// Add TLS paths as driver options
args.push('--driver-opt', `key=${tlsClientKeyPath},cert=${tlsClientCaCertificatePath},cacert=${tlsRootCaCertificatePath}`);
// TODO(aayush): Instead of hardcoding the platform, we should fail the build if the platform is
// unsupported.
args.push('--platform', 'linux/amd64');
// Always use the remote builder, overriding whatever has been configured so far.
args.push('--use');