diff --git a/.drone.yml b/.drone.yml index 42e712a..c774150 100644 --- a/.drone.yml +++ b/.drone.yml @@ -77,43 +77,43 @@ trigger: depends_on: - testing ---- -kind: pipeline -type: ssh -name: windows-1903-amd64-docker +# --- +# kind: pipeline +# type: ssh +# name: windows-1903-amd64-docker -platform: - os: windows +# platform: +# os: windows -server: - host: windows.1903.amd64.plugins.drone.ci - password: - from_secret: windows_password - user: - from_secret: windows_username +# server: +# host: windows.1903.amd64.plugins.drone.ci +# password: +# from_secret: windows_password +# user: +# from_secret: windows_username -steps: -- name: build - commands: - # TODO use the new DRONE_SEMVER_SHORT environment variables to - # publish docker images for tag events. - - go build -o release/windows/amd64/drone-docker.exe ./cmd/drone-docker - - docker login -u $env:USERNAME -p $env:PASSWORD - - docker build -f docker/docker/Dockerfile.windows.1903 -t plugins/docker:windows-1903-amd64 . - - docker push plugins/docker:windows-1903-amd64 - environment: - CGO_ENABLED: "0" - USERNAME: - from_secret: docker_username - PASSWORD: - from_secret: docker_password +# steps: +# - name: build +# commands: +# # TODO use the new DRONE_SEMVER_SHORT environment variables to +# # publish docker images for tag events. +# - go build -o release/windows/amd64/drone-docker.exe ./cmd/drone-docker +# - docker login -u $env:USERNAME -p $env:PASSWORD +# - docker build -f docker/docker/Dockerfile.windows.1903 -t plugins/docker:windows-1903-amd64 . +# - docker push plugins/docker:windows-1903-amd64 +# environment: +# CGO_ENABLED: "0" +# USERNAME: +# from_secret: docker_username +# PASSWORD: +# from_secret: docker_password -trigger: - event: - - push +# trigger: +# event: +# - push -depends_on: -- testing +# depends_on: +# - testing --- kind: pipeline @@ -441,11 +441,11 @@ trigger: depends_on: - windows-1809-amd64-docker -- windows-1903-amd64-docker - windows-1909-amd64-docker - linux-amd64-docker - linux-arm64-docker - linux-arm-docker +# - windows-1903-amd64-dfocker --- kind: pipeline diff --git a/cmd/drone-docker/main.go b/cmd/drone-docker/main.go index a1d92ba..f6448c2 100644 --- a/cmd/drone-docker/main.go +++ b/cmd/drone-docker/main.go @@ -50,7 +50,7 @@ func main() { cli.StringFlag{ Name: "daemon.mirror", Usage: "docker daemon registry mirror", - EnvVar: "PLUGIN_MIRROR", + EnvVar: "PLUGIN_MIRROR,DOCKER_PLUGIN_MIRROR", }, cli.StringFlag{ Name: "daemon.storage-driver", @@ -216,7 +216,7 @@ func main() { cli.StringFlag{ Name: "docker.config", Usage: "docker json dockerconfig content", - EnvVar: "PLUGIN_CONFIG", + EnvVar: "PLUGIN_CONFIG,DOCKER_PLUGIN_CONFIG", }, cli.BoolTFlag{ Name: "docker.purge", diff --git a/docker.go b/docker.go index 44f860f..44ce44d 100644 --- a/docker.go +++ b/docker.go @@ -94,7 +94,7 @@ func (p Plugin) Exec() error { path := filepath.Join(dockerHome, "config.json") err := ioutil.WriteFile(path, []byte(p.Login.Config), 0600) if err != nil { - return fmt.Errorf("Error writeing config.json: %s", err) + return fmt.Errorf("Error writing config.json: %s", err) } } @@ -343,6 +343,10 @@ func commandDaemon(daemon Daemon) *exec.Cmd { "--host=unix:///var/run/docker.sock", } + if _, err := os.Stat("/etc/docker/default.json"); err == nil { + args = append(args, "--seccomp-profile=/etc/docker/default.json") + } + if daemon.StorageDriver != "" { args = append(args, "-s", daemon.StorageDriver) } @@ -373,7 +377,6 @@ func commandDaemon(daemon Daemon) *exec.Cmd { return exec.Command(dockerdExe, args...) } - // helper to check if args match "docker prune" func isCommandPrune(args []string) bool { return len(args) > 3 && args[2] == "prune" diff --git a/docker/docker/Dockerfile.linux.arm b/docker/docker/Dockerfile.linux.arm index 1a8d8b3..38c8992 100644 --- a/docker/docker/Dockerfile.linux.arm +++ b/docker/docker/Dockerfile.linux.arm @@ -2,5 +2,14 @@ FROM arm32v6/docker:19.03.8-dind ENV DOCKER_HOST=unix:///var/run/docker.sock +RUN apk --update add --virtual .build-deps curl && \ + mkdir -p /etc/docker/ && \ + curl -SsL -o /etc/docker/default.json https://raw.githubusercontent.com/moby/moby/19.03/profiles/seccomp/default.json && \ + sed -i 's/SCMP_ACT_ERRNO/SCMP_ACT_TRACE/g' /etc/docker/default.json && \ + chmod 600 /etc/docker/default.json && \ + apk del .build-deps && \ + rm -rf /var/cache/apk/* && \ + rm -rf /tmp/* + ADD release/linux/arm/drone-docker /bin/ ENTRYPOINT ["/usr/local/bin/dockerd-entrypoint.sh", "/bin/drone-docker"]