Merge pull request #2550 from crazy-max/provenance-mode-commands

build: read provenance response mode in commands pkg
docker · Jun 25, 2024 · 6ef443d · 6ef443d
2 parents 076e19d + d155747
commit 6ef443d
Show file tree

Hide file tree

Showing 8 changed files with 161 additions and 146 deletions.
diff --git a/build/build.go b/build/build.go
@@ -18,6 +18,7 @@ import (
 	"github.com/distribution/reference"
 	"github.com/docker/buildx/builder"
 	"github.com/docker/buildx/driver"
+	"github.com/docker/buildx/util/confutil"
 	"github.com/docker/buildx/util/desktop"
 	"github.com/docker/buildx/util/dockerutil"
 	"github.com/docker/buildx/util/imagetools"
@@ -82,7 +83,7 @@ type Options struct {
 	Session                []session.Attachable
 	Linked                 bool // Linked marks this target as exclusively linked (not requested by the user).
 	PrintFunc              *PrintFunc
-	WithProvenanceResponse bool
+	ProvenanceResponseMode confutil.MetadataProvenanceMode
 	SourcePolicy           *spb.Policy
 	GroupRef               string
 }
@@ -473,8 +474,8 @@ func BuildWithResultHandler(ctx context.Context, nodes []builder.Node, opt map[s
 						rr.ExporterResponse[k] = string(v)
 					}
 					rr.ExporterResponse["buildx.build.ref"] = buildRef
-					if opt.WithProvenanceResponse && node.Driver.HistoryAPISupported(ctx) {
-						if err := setRecordProvenance(ctx, c, rr, so.Ref, pw); err != nil {
+					if node.Driver.HistoryAPISupported(ctx) {
+						if err := setRecordProvenance(ctx, c, rr, so.Ref, opt.ProvenanceResponseMode, pw); err != nil {
 							return err
 						}
 					}

diff --git a/build/provenance.go b/build/provenance.go
@@ -29,8 +29,7 @@ type provenanceBuilder struct {
 	ID string `json:"id,omitempty"`
 }
 
-func setRecordProvenance(ctx context.Context, c *client.Client, sr *client.SolveResponse, ref string, pw progress.Writer) error {
-	mode := confutil.MetadataProvenance()
+func setRecordProvenance(ctx context.Context, c *client.Client, sr *client.SolveResponse, ref string, mode confutil.MetadataProvenanceMode, pw progress.Writer) error {
 	if mode == confutil.MetadataProvenanceModeDisabled {
 		return nil
 	}

diff --git a/commands/bake.go b/commands/bake.go
@@ -202,12 +202,17 @@ func runBake(ctx context.Context, dockerCli command.Cli, targets []string, in ba
 		return nil
 	}
 
+	prm := confutil.MetadataProvenance()
+	if len(in.metadataFile) == 0 {
+		prm = confutil.MetadataProvenanceModeDisabled
+	}
+
 	groupRef := identity.NewID()
 	var refs []string
 	for k, b := range bo {
 		b.Ref = identity.NewID()
 		b.GroupRef = groupRef
-		b.WithProvenanceResponse = len(in.metadataFile) > 0
+		b.ProvenanceResponseMode = prm
 		refs = append(refs, b.Ref)
 		bo[k] = b
 	}

diff --git a/commands/build.go b/commands/build.go
@@ -206,7 +206,11 @@ func (o *buildOptions) toControllerOptions() (*controllerapi.BuildOptions, error
 		return nil, err
 	}
 
-	opts.WithProvenanceResponse = opts.PrintFunc == nil && len(o.metadataFile) > 0
+	prm := confutil.MetadataProvenance()
+	if opts.PrintFunc != nil || len(o.metadataFile) == 0 {
+		prm = confutil.MetadataProvenanceModeDisabled
+	}
+	opts.ProvenanceResponseMode = string(prm)
 
 	return &opts, nil
 }

diff --git a/controller/build/build.go b/controller/build/build.go
@@ -67,7 +67,7 @@ func RunBuild(ctx context.Context, dockerCli command.Cli, in controllerapi.Build
 		Target:                 in.Target,
 		Ulimits:                controllerUlimitOpt2DockerUlimit(in.Ulimits),
 		GroupRef:               in.GroupRef,
-		WithProvenanceResponse: in.WithProvenanceResponse,
+		ProvenanceResponseMode: confutil.ParseMetadataProvenance(in.ProvenanceResponseMode),
 	}
 
 	platforms, err := platformutil.Parse(in.Platforms)

diff --git a/controller/pb/controller.pb.go b/controller/pb/controller.pb.go
diff --git a/controller/pb/controller.proto b/controller/pb/controller.proto
@@ -80,7 +80,7 @@ message BuildOptions {
   string Ref = 29;
   string GroupRef = 30;
   repeated string Annotations = 31;
-  bool WithProvenanceResponse = 32;
+  string ProvenanceResponseMode = 32;
 }
 
 message ExportEntry {

diff --git a/util/confutil/metadata.go b/util/confutil/metadata.go
@@ -5,30 +5,36 @@ import (
 	"strconv"
 )
 
-// MetadataProvenanceMode is the type for setting provenance in the metdata file
-type MetadataProvenanceMode int
+// MetadataProvenanceMode is the type for setting provenance in the metadata
+// file
+type MetadataProvenanceMode string
 
 const (
 	// MetadataProvenanceModeMin sets minimal provenance (default)
-	MetadataProvenanceModeMin MetadataProvenanceMode = iota
+	MetadataProvenanceModeMin MetadataProvenanceMode = "min"
 	// MetadataProvenanceModeMax sets full provenance
-	MetadataProvenanceModeMax
+	MetadataProvenanceModeMax MetadataProvenanceMode = "max"
 	// MetadataProvenanceModeDisabled doesn't set provenance
-	MetadataProvenanceModeDisabled
+	MetadataProvenanceModeDisabled MetadataProvenanceMode = "disabled"
 )
 
-// MetadataProvenance returns the provenance mode to set in the metadata file
+// MetadataProvenance returns the metadata provenance mode from
+// BUILDX_METADATA_PROVENANCE environment variable
 func MetadataProvenance() MetadataProvenanceMode {
-	bmp := os.Getenv("BUILDX_METADATA_PROVENANCE")
-	switch bmp {
+	return ParseMetadataProvenance(os.Getenv("BUILDX_METADATA_PROVENANCE"))
+}
+
+// ParseMetadataProvenance parses the metadata provenance mode from a string
+func ParseMetadataProvenance(inp string) MetadataProvenanceMode {
+	switch inp {
 	case "min":
 		return MetadataProvenanceModeMin
 	case "max":
 		return MetadataProvenanceModeMax
 	case "disabled":
 		return MetadataProvenanceModeDisabled
 	}
-	if ok, err := strconv.ParseBool(bmp); err == nil && !ok {
+	if ok, err := strconv.ParseBool(inp); err == nil && !ok {
 		return MetadataProvenanceModeDisabled
 	}
 	return MetadataProvenanceModeMin