skip to Main Content

I’m trying to pass some dynamically created arguments within a composite GitHub Action.

The documentation however is lacking examples on how to pass arguments in this case to the docker container.

https://docs.github.com/en/actions/creating-actions/metadata-syntax-for-github-actions#runsstepsuses

See here the thing I’m trying to achieve.

runs:
  using: 'composite'
  steps:
    - name: compose arguments
      id: compose-args
      shell: bash
      run: |
        encoded_github="$(echo '${{ inputs.github_context }}' | base64)"
        encoded_runner="$(echo '${{ inputs.runner_context }}' | base64)"

        args=('${{ inputs.command }}')
        args+=('${{ inputs.subcommand }}')
        args+=('--github-context')
        args+=("${encoded_github}")
        args+=('--runner-context')
        args+=("${encoded_runner}")
        args+=('${{ inputs.arguments }}')

        echo "::set-output name=provenance_args::$(echo "[$(printf ""%s"," ${args[*]})]" | sed 's/,]$/]/')"
    - name: Debug arguments
      shell: bash
      run: |
        echo Running slsa-provenance with following arguments
        echo ${{ steps.compose-args.outputs.provenance_args }}
    - uses: 'docker://ghcr.io/philips-labs/slsa-provenance:v0.5.0-draft'
      with:
        args: ${{ fromJSON(steps.compose-args.outputs.provenance_args) }}

fromJSON is giving me a JSON object from the composed array of bash arguments. I made the assumption this uses: 'docker://…part should receive it’s arguments in the same way a docker based action would receive.

e.g.:

runs:
  using: 'docker'
  image: 'docker://ghcr.io/philips-labs/slsa-provenance:v0.4.0'
  args:
    - "generate"
    - '${{ inputs.subcommand }}'
    - "-artifact_path"
    - '${{ inputs.artifact_path }}'
    - "-output_path"
    - '${{ inputs.output_path }}'
    - "-github_context"
    - '${{ inputs.github_context }}'
    - "-runner_context"
    - '${{ inputs.runner_context }}'
    - "-tag_name"
    - '${{ inputs.tag_name }}'

Unfortunately I’m getting the following error in the GitHub actions workflow.

The template is not valid. philips-labs/slsa-provenance-action/v0.5.0-draft/action.yaml (Line: 47, Col: 15): A sequence was not expected

See here the workflow. https://github.com/philips-labs/slsa-provenance-action/runs/4618706311?check_suite_focus=true

  • How can I resolve this error?
  • Is it resolvable with current approach?
  • Is this a missing feature?
  • What would be an alternative?

2

Answers


  1. I think you can just run via bash command:

    - name: pull image
      shell: bash
      run: |
        docker pull ghcr.io/philips-labs/slsa-provenance:v0.4.0
    
    - name: run container
      shell: bash
      run: |
        docker run --rm -i 
        --workdir /github/workspace 
        -v "/var/run/docker.sock":"/var/run/docker.sock" 
        -v ${{ runner.temp }}/_github_home:"/github/home" 
        -v ${{ github.workflow }}:"/github/workflow" 
        -v ${{ runner.temp }}/_runner_file_commands:"/github/file_commands" 
        -v ${{ github.workspace }}:"/github/workspace" 
        ghcr.io/philips-labs/slsa-provenance:v0.4.0  # image
        generate  # start pass the args here, after the image
        ${{ inputs.subcommand }} 
        -artifact_path ${{ inputs.artifact_path }} 
        -output_path ${{ inputs.output_path }} 
        -github_context ${{ inputs.github_context }} 
        -runner_context ${{ inputs.runner_context }} 
        -tag_name ${{ inputs.tag_name }} 
    
    Login or Signup to reply.
  2. Take a look at this GitHub Action https://github.com/mr-smithers-excellent/docker-build-push

    it has buildArgs as an input so it can be a solution for your case

    for instance:

    steps:
      - uses: actions/checkout@v2
        name: Check out the code
    
      - uses: mr-smithers-excellent/docker-build-push@v5
        name: Build & push Docker image
        with:
          image: repo/image
          tags: v1, latest
          registry: registry-url.io
          dockerfile: ./your/path/Dockerfile
          buildArgs: Test=true
    
    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search