Skip to content

Commit 8a1b3f3

Browse files
committed
feat(docker): pin installed docker version
Signed-off-by: Emilien Escalle <emilien.escalle@escemi.com>
1 parent 7d62417 commit 8a1b3f3

4 files changed

Lines changed: 34 additions & 4 deletions

File tree

actions/docker/setup/README.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -59,6 +59,11 @@ Shared action to configure Docker tooling and OCI registry authentication.
5959
# ```
6060
buildkitd-config-inline: ""
6161

62+
# Docker version to install when Docker must be provisioned.
63+
# When set, this action installs the requested version even if Docker is already available on the runner.
64+
# See https://github.com/docker/setup-docker-action#inputsversion for supported formats.
65+
version: ""
66+
6267
# Optional built images payload used to resolve manifest publication registries.
6368
# When provided, registry authentication targets are inferred from the built image data.
6469
built-images: ""
@@ -92,6 +97,9 @@ Shared action to configure Docker tooling and OCI registry authentication.
9297
| | See <https://github.com/docker/setup-buildx-action#inputs>. | | |
9398
| | Example for insecure registry: | | |
9499
| | <!-- textlint-disable --><pre lang="ini">[registry."my-registry.local:5000"]&#13; http = true&#13; insecure = true</pre><!-- textlint-enable --> | | |
100+
| **`version`** | Docker version to install when Docker must be provisioned. | **false** | - |
101+
| | When set, this action installs the requested version even if Docker is already available on the runner. | | |
102+
| | See <https://github.com/docker/setup-docker-action#inputsversion> for supported formats. | | |
95103
| **`built-images`** | Optional built images payload used to resolve manifest publication registries. | **false** | - |
96104
| | When provided, registry authentication targets are inferred from the built image data. | | |
97105
| **`setup-buildx`** | Whether to install and configure Docker Buildx. | **false** | `true` |

actions/docker/setup/action.yml

Lines changed: 24 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -385,13 +385,35 @@ runs:
385385
386386
- id: detect-docker
387387
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
388+
env:
389+
# FIXME: upgrade version when available (https://hub.docker.com/r/dockereng/cli-bin/tags)
390+
EXPECTED_DOCKER_VERSION: 29.5.2
388391
with:
389392
script: |
390393
const dockerPath = await io.which('docker', false);
391-
core.setOutput('exists', dockerPath ? 'true' : 'false');
392394
393-
- if: steps.detect-docker.outputs.exists != 'true'
395+
if (!dockerPath) {
396+
core.setOutput('docker-install-version', process.env.EXPECTED_DOCKER_VERSION);
397+
return;
398+
}
399+
400+
try {
401+
const { stdout } = await exec.getExecOutput('docker', ['version', '--format', '{{.Server.Version}}']);
402+
const dockerVersion = stdout.trim();
403+
404+
// Check if the detected Docker version is the same as the expected version.
405+
if (dockerVersion !== process.env.EXPECTED_DOCKER_VERSION) {
406+
core.setOutput('docker-install-version', process.env.EXPECTED_DOCKER_VERSION);
407+
}
408+
} catch (error) {
409+
core.warning(`Failed to detect Docker version, defaulting to expected version: ${error}`);
410+
core.setOutput('docker-install-version', process.env.EXPECTED_DOCKER_VERSION);
411+
};
412+
413+
- if: steps.detect-docker.outputs.docker-install-version
394414
uses: docker/setup-docker-action@0234bb73ccb40f0c430b795634f9247e2b5c2d23 # v5.2.0
415+
with:
416+
version: ${{ steps.detect-docker.outputs.docker-install-version }}
395417

396418
- if: inputs.setup-buildx != 'false'
397419
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0

actions/helm/release-chart/README.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -137,7 +137,7 @@ This action requires the following permissions on the repository:
137137
| **`tag`** | The release tag to set to chart | **true** | - |
138138
| **`update-tag-paths`** | List of YAML paths to update with the tag. | **false** | `.version,.appVersion` |
139139
| | Comma separated list of paths. | | |
140-
| **`ref`** | The git ref to checkout before releasing the chart. | **false** | - |
140+
| **`ref`** | The Git ref to checkout before releasing the chart. | **false** | - |
141141
| | Can be a branch, tag or commit SHA. | | |
142142

143143
<!-- inputs:end -->

actions/helm/release-chart/action.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -67,7 +67,7 @@ inputs:
6767
default: ".version,.appVersion"
6868
ref:
6969
description: |
70-
The git ref to checkout before releasing the chart.
70+
The Git ref to checkout before releasing the chart.
7171
Can be a branch, tag or commit SHA.
7272
required: false
7373

0 commit comments

Comments
 (0)