Add digestfile argument, input, and output

Signed-off-by: Tim Etchells <tetchell@redhat.com>
2025-02-22 18:21:20 +01:00 · 2021-01-07 18:49:38 -05:00 · 2021-01-07 18:49:38 -05:00 · 2d063fde99
commit 2d063fde99
parent f89a81fade
5 changed files with 45 additions and 11 deletions
--- a/.github/workflows/verify-push.yaml
+++ b/.github/workflows/verify-push.yaml
@ -2,7 +2,7 @@
 # is some change in code done to ensure that the changes
 # are not buggy and we are getting the desired output.
 name: Test Push
-on: [push, pull_request, workflow_dispatch]
+on: [ push, pull_request, workflow_dispatch ]
 env:
  IMAGE_NAME: hello-world
  IMAGE_REGISTRY: quay.io
@ -11,7 +11,7 @@ env:
 jobs:
  build:
    name: Push image to Quay.io
-    runs-on: ubuntu-latest
+    runs-on: ubuntu-20.04
    steps:
      # Checkout push-to-registry action github repository
      - name: Checkout Push to Registry action
@ -24,9 +24,16 @@ jobs:
      # Push the image to image registry
      - name: Push To Quay
        uses: ./
+        id: push
        with:
          image: ${{ env.IMAGE_NAME }}
          tag: ${{ env.IMAGE_TAG }}
          registry: ${{ env.IMAGE_REGISTRY }}/${{ secrets.REGISTRY_USER }}
          username: ${{ secrets.REGISTRY_USER }}
          password: ${{ secrets.REGISTRY_PASSWORD }}
+
+
+      - name: Echo outputs
+        run: |
+          echo "registry-path ${{ steps.push.outputs.registry-path }}"
+          echo "digest ${{ steps.push.outputs.digest }}"
--- a/README.md
+++ b/README.md
@ -11,6 +11,8 @@ This action only runs on Linux, as it uses [podman](https://github.com/container

 ## Action Inputs

+Refer to the [`podman push`](http://docs.podman.io/en/latest/markdown/podman-manifest-push.1.html) documentation for more information.
+
 <table>
  <thead>
    <tr>
@ -61,15 +63,22 @@ This action only runs on Linux, as it uses [podman](https://github.com/container
    <td>No</td>
    <td>Verify TLS certificates when contacting the registry. Set to "false" to skip certificate verification.</td>
  </tr>
+
+  <tr>
+    <td>digestfile</td>
+    <td>No</td>
+    <td>After copying the image, write the digest of the resulting image to the file. By default, the filename will be determined from the image and tag.
+    The contents of this file are the <code>digest</code> output.
 </table>

 ## Action Outputs

-This action produces one output which can be referenced in other workflow `steps`.
-
 `registry-path`: The registry path to which the image was pushed.<br>
 For example, `quay.io/username/spring-image:v1`.

+`digest`: The pushed image digest, as written to the `digestfile`.<br>
+For example, `sha256:66ce924069ec4181725d15aa27f34afbaf082f434f448dc07a42daa3305cdab3`.
+
 ## Examples

 The example below shows how the `push-to-registry` action can be used to push an image created by the [buildah-build](https://github.com/redhat-actions/buildah-build) action.
--- a/dist/index.js
+++ b/dist/index.js
--- a/dist/index.js.map
+++ b/dist/index.js.map
--- a/src/index.ts
+++ b/src/index.ts
@ -1,20 +1,22 @@
 import * as core from '@actions/core';
 import * as exec from '@actions/exec';
 import * as io from '@actions/io';
+import * as fs from "fs";
 import * as path from "path";

 export async function run(): Promise<void> {
-    let imageToPush = core.getInput('image', { required: true });
+    const imageInput = core.getInput('image', { required: true });
    const tag = core.getInput('tag') || 'latest';
    const registry = core.getInput('registry', { required: true });
    const username = core.getInput('username', { required: true });
    const password = core.getInput('password', { required: true });
    const tlsVerify = core.getInput('tls-verify');
+    const digestFileInput = core.getInput('digestfile');

    // get podman cli
    const podman = await io.which('podman', true);

-    imageToPush = `${imageToPush}:${tag}`;
+    const imageToPush = `${imageInput}:${tag}`;
    let pushMsg = `Pushing ${imageToPush} to ${registry}`;
    if (username) {
        pushMsg += ` as ${username}`;
@ -34,7 +36,7 @@ export async function run(): Promise<void> {

    if (imagesFound.length === 0) {
        //check inside the docker daemon local storage
-        await execute(podman, ['pull', `docker-daemon:${imageToPush}`]);
+        await execute(podman, [ 'pull', `docker-daemon:${imageToPush}` ]);
    }

    // push image
@ -42,7 +44,15 @@ export async function run(): Promise<void> {

    const creds: string = `${username}:${password}`;

-    const args: string[] = ['push', '--quiet', '--creds', creds, imageToPush, registryPath];
+    const digestFile = digestFileInput || `${imageToPush.replace(":", "_")}_digest.txt`;
+
+    const args = [ 'push',
+        '--quiet',
+        '--digestfile', digestFile,
+        '--creds', creds,
+        imageToPush,
+        registryPath
+    ];

    // check if tls-verify is not set to null
    if (tlsVerify) {
@ -52,8 +62,16 @@ export async function run(): Promise<void> {
    await execute(podman, args);

    core.info(`Successfully pushed ${imageToPush} to ${registryPath}.`);
-
    core.setOutput('registry-path', registryPath);
+
+    try {
+        const digest = (await fs.promises.readFile(digestFile)).toString();
+        core.info(digest);
+        core.setOutput('digest', digest);
+    }
+    catch (err) {
+        core.warning(`Failed to read digest file "${digestFile}": ${err}`);
+    }
 }

 async function execute(executable: string, args: string[], execOptions: exec.ExecOptions = {}): Promise<{ exitCode: number, stdout: string, stderr: string }> {