Skip to content

merge workdir into source input #365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
crazy-max merged 2 commits into from
Mar 5, 2026
Merged

merge workdir into source input #365

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
8e8fbbb
merge workdir into source input
crazy-max Jan 7, 2026
7017b89
chore: update generated content
crazy-max Mar 5, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
54 changes: 32 additions & 22 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -121,6 +121,27 @@ jobs:
exit 1
fi

error-source:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v6
-
name: Build
id: bake
continue-on-error: true
uses: ./
with:
source: ./does-not-exist
-
name: Check
run: |
if [ "${{ steps.bake.outcome }}" != "failure" ] || [ "${{ steps.bake.conclusion }}" != "success" ]; then
echo "::error::Should have failed"
exit 1
fi

standalone:
runs-on: ubuntu-latest
steps:
Expand Down Expand Up @@ -190,8 +211,7 @@ jobs:
name: Build
uses: ./
with:
workdir: ./test/go
source: .
source: ./test/go
targets: binary
provenance: ${{ matrix.attrs }}
set: |
Expand Down Expand Up @@ -232,8 +252,7 @@ jobs:
name: Build
uses: ./
with:
workdir: ./test/go
source: .
source: ./test/go
targets: ${{ matrix.target }}
sbom: true
set: |
Expand Down Expand Up @@ -279,8 +298,7 @@ jobs:
name: Build
uses: ./
with:
workdir: ./test/go
source: .
source: ./test/go
set: |
*.platform=linux/amd64
*.output=type=image,"name=localhost:5000/name/app:v1.0.0,localhost:5000/name/app:latest",push=true
Expand Down Expand Up @@ -309,8 +327,7 @@ jobs:
name: Build and push
uses: ./
with:
workdir: ./test/group
source: .
source: ./test/group
push: true
set: |
t1.tags=localhost:5000/name/app:t1
Expand Down Expand Up @@ -472,8 +489,7 @@ jobs:
name: Build and push
uses: ./
with:
workdir: ./test/go
source: .
source: ./test/go
set: |
*.output=type=image,name=localhost:5000/name/app:latest,push=true
*.output=type=docker,name=app:local
Expand Down Expand Up @@ -516,8 +532,7 @@ jobs:
name: Build and push
uses: ./
with:
workdir: ./test/go
source: .
source: ./test/go
targets: image
load: true
push: true
Expand Down Expand Up @@ -651,8 +666,7 @@ jobs:
name: Build
uses: ./
with:
workdir: ./test
source: .
source: ./test
files: |
./lint.hcl

Expand All @@ -673,8 +687,7 @@ jobs:
name: Build
uses: ./
with:
workdir: ./test
source: .
source: ./test
files: |
./lint.hcl
env:
Expand Down Expand Up @@ -745,8 +758,7 @@ jobs:
continue-on-error: true
uses: ./
with:
workdir: ./test
source: .
source: ./test
files: |
./lint.hcl
call: check
Expand Down Expand Up @@ -778,8 +790,7 @@ jobs:
continue-on-error: true
uses: ./
with:
workdir: ./test
source: .
source: ./test
files: |
./lint.hcl
call: check
Expand Down Expand Up @@ -832,5 +843,4 @@ jobs:
name: Build and push
uses: ./
with:
workdir: ./test/attest
source: .
source: ./test/attest
77 changes: 60 additions & 17 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,8 @@ ___
* [environment variables](#environment-variables)
* [Subactions](#subactions)
* [`matrix`](subaction/matrix)
* [Notes](#notes)
* [Source semantics](#source-semantics)
* [Contributing](#contributing)

## Usage
Expand Down Expand Up @@ -143,6 +145,31 @@ jobs:
*.tags=user/app:latest
```

If you point `source` to a subdirectory, relative paths are resolved from that
subdirectory:

```yaml
-
name: Build and push
uses: docker/bake-action@v6
with:
source: ./subdir
files: ./docker-bake.hcl
```

For example, if `./subdir/docker-bake.hcl` contains:

```hcl
target "default" {
output = ["type=local,dest=./artifacts"]
}
```

The output will be written to `./subdir/artifacts` in the workspace.

> [!NOTE]
> More info about `source` semantics in the [Source semantics](#source-semantics) section.

## Summaries

This action generates a [job summary](https://github.blog/2022-05-09-supercharging-github-actions-with-job-summaries/)
Expand Down Expand Up @@ -197,23 +224,22 @@ The following inputs can be used as `step.with` keys
> targets: default,release
> ```

| Name | Type | Description |
|----------------|-------------|--------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `workdir` | String | Working directory of execution |
| `source` | String | Context to build from. Can be either local (`.`) or a [remote bake definition](https://docs.docker.com/build/bake/remote-definition/) |
| `allow` | List/CSV | Allow build to access specified resources (e.g., `network.host`) |
| `call` | String | Set method for evaluating build (e.g., check) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `no-cache` | Bool | Do not use cache when building the image (default `false`) |
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) |
| `load` | Bool | Load is a shorthand for `--set=*.output=type=docker` (default `false`) |
| `provenance` | Bool/String | [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance` |
| `push` | Bool | Push is a shorthand for `--set=*.output=type=registry` (default `false`) |
| `sbom` | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` |
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |
| Name | Type | Description |
|----------------|-------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| `builder` | String | Builder instance (see [setup-buildx](https://github.com/docker/setup-buildx-action) action) |
| `allow` | List/CSV | Allow build to access specified resources (e.g., `network.host`) |
| `call` | String | Set method for evaluating build (e.g., check) |
| `files` | List/CSV | List of [bake definition files](https://docs.docker.com/build/customize/bake/file-definition/) |
| `no-cache` | Bool | Do not use cache when building the image (default `false`) |
| `pull` | Bool | Always attempt to pull a newer version of the image (default `false`) |
| `load` | Bool | Load is a shorthand for `--set=*.output=type=docker` (default `false`) |
| `provenance` | Bool/String | [Provenance](https://docs.docker.com/build/attestations/slsa-provenance/) is a shorthand for `--set=*.attest=type=provenance` |
| `push` | Bool | Push is a shorthand for `--set=*.output=type=registry` (default `false`) |
| `sbom` | Bool/String | [SBOM](https://docs.docker.com/build/attestations/sbom/) is a shorthand for `--set=*.attest=type=sbom` |
| `set` | List | List of [targets values to override](https://docs.docker.com/engine/reference/commandline/buildx_bake/#set) (e.g., `targetpattern.key=value`) |
| `source` | String | Build source to use. Supports local path and [remote bake definition](https://docs.docker.com/build/bake/remote-definition/). With a local path, Bake runs from that directory, so all relative paths are resolved from it. See [Source semantics](#source-semantics). |
| `targets` | List/CSV | List of bake targets (`default` target used if empty) |
| `github-token` | String | API token used to authenticate to a Git repository for [remote definitions](https://docs.docker.com/build/bake/remote-definition/) (default `${{ github.token }}`) |

### outputs

Expand All @@ -236,6 +262,23 @@ The following outputs are available

* [`matrix`](subaction/matrix)

## Notes

### Source semantics

`source` accepts either a Git/remote bake definition (for example `{{defaultContext}}` or `{{defaultContext}}:subdir`)
or a local path (for example `.` or `./subdir`). When `source` is a local path,
the action runs Bake from that directory (equivalent to `cd <path> && docker buildx bake`).

This local path mode affects all relative paths resolved by Bake, not only
target `context` fields. This includes paths used by local outputs, cache
import/export, and `cwd://` references.

| `source` | Behavior |
|-----------------------------------------------------------------------|------------------------------------------------------------------------------------------------|
| Git/remote (`{{defaultContext}}`, `https://...git#ref`, `...:subdir`) | Uses [remote bake definition](https://docs.docker.com/build/bake/remote-definition/) behavior. |
| Local path (`.`, `./subdir`) | Changes Bake working directory to that path before invoking Bake. |

## Contributing

Want to contribute? Awesome! You can find information about contributing to
Expand Down
4 changes: 2 additions & 2 deletions __tests__/context.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -368,11 +368,11 @@ describe('getArgs', () => {
provenance: inp.provenance,
push: inp.push,
sbom: inp.sbom,
source: inp.source,
source: inp.source.remoteRef,
targets: inp.targets
},
{
cwd: inp.workdir
cwd: inp.source.workdir,
}
);
const res = await context.getArgs(inp, definition, toolkit);
Expand Down
10 changes: 3 additions & 7 deletions action.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,6 @@ inputs:
builder:
description: "Builder instance"
required: false
workdir:
description: "Working directory of bake execution"
required: false
default: '.'
source:
description: "Context to build from. Can be either local or a remote bake definition"
required: false
allow:
description: "Allow build to access specified resources (e.g., network.host)"
required: false
Expand Down Expand Up @@ -51,6 +44,9 @@ inputs:
set:
description: "List of targets values to override (eg. targetpattern.key=value)"
required: false
source:
description: "Context to build from. Can be either local to specify the working directory or a remote bake definition"
required: false
targets:
description: "List of bake targets"
required: false
Expand Down
2 changes: 1 addition & 1 deletion dist/index.js
View file
Open in desktop

Large diffs are not rendered by default.

2 changes: 1 addition & 1 deletion dist/index.js.map
View file
Open in desktop

Large diffs are not rendered by default.

39 changes: 26 additions & 13 deletions src/context.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import * as fs from 'fs';
import * as core from '@actions/core';
import * as handlebars from 'handlebars';

Expand All @@ -10,10 +11,13 @@ import {Util} from '@docker/actions-toolkit/lib/util.js';

import {BakeDefinition} from '@docker/actions-toolkit/lib/types/buildx/bake.js';

export interface BakeContext {
remoteRef?: string;
workdir?: string;
}

export interface Inputs {
builder: string;
workdir: string;
source: string;
allow: string[];
call: string;
files: string[];
Expand All @@ -24,15 +28,14 @@ export interface Inputs {
push: boolean;
sbom: string;
set: string[];
source: BakeContext;
targets: string[];
'github-token': string;
}

export async function getInputs(): Promise<Inputs> {
return {
builder: core.getInput('builder'),
workdir: core.getInput('workdir') || '.',
source: getSourceInput('source'),
allow: Util.getInputList('allow'),
call: core.getInput('call'),
files: Util.getInputList('files'),
Expand All @@ -43,6 +46,7 @@ export async function getInputs(): Promise<Inputs> {
push: core.getBooleanInput('push'),
sbom: core.getInput('sbom'),
set: Util.getInputList('set', {ignoreComma: true, quote: false}),
source: getBakeContext(core.getInput('source')),
targets: Util.getInputList('targets'),
'github-token': core.getInput('github-token')
};
Expand All @@ -59,8 +63,8 @@ export async function getArgs(inputs: Inputs, definition: BakeDefinition, toolki

async function getBakeArgs(inputs: Inputs, definition: BakeDefinition, toolkit: Toolkit): Promise<Array<string>> {
const args: Array<string> = ['bake'];
if (inputs.source) {
args.push(inputs.source);
if (inputs.source.remoteRef) {
args.push(inputs.source.remoteRef);
}
if (await toolkit.buildx.versionSatisfies('>=0.17.0')) {
if (await toolkit.buildx.versionSatisfies('>=0.18.0')) {
Expand Down Expand Up @@ -135,17 +139,26 @@ async function getCommonArgs(inputs: Inputs): Promise<Array<string>> {
return args;
}

function getSourceInput(name: string): string {
let source = handlebars.compile(core.getInput(name))({
function getBakeContext(sourceInput: string): BakeContext {
let bakeContext = handlebars.compile(sourceInput)({
defaultContext: Context.gitContext()
});
if (!source) {
source = Context.gitContext();
if (!bakeContext) {
bakeContext = Context.gitContext();
}
if (Util.isValidRef(bakeContext)) {
return {
remoteRef: bakeContext
};
}
if (source === '.') {
source = '';
try {
fs.statSync(sourceInput).isDirectory();
} catch {
throw new Error(`Invalid source: ${sourceInput} does not exist or is not a directory.`);
}
return source;
return {
workdir: bakeContext
};
}

function noDefaultAttestations(): boolean {
Expand Down
Loading
Loading