Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable provenance feature on docker build for unsupported platforms #4142

Closed
wants to merge 1 commit into from
Closed

Disable provenance feature on docker build for unsupported platforms #4142

wants to merge 1 commit into from
+13 −0

Conversation

kurochan
Copy link
Contributor

What this PR does / why we need it:

Explicitly set provenance=false on docker build. Because of PipeCD supports CloudRun and related to issue docker/buildx#1533 .

However, the provenance is a part of security feature, I am wondering whether it should be uniformly disabled.

Which issue(s) this PR fixes:

Related:

Does this PR introduce a user-facing change?:

NONE

knanao
knanao reviewed Jan 24, 2023
View reviewed changes
Copy link
Member

@knanao knanao left a comment
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All images used by Cloud Run are pushed to GCR.
Hence how about just fixing the image used by Cloud Run?

@knanao
Copy link
Member

knanao commented Feb 10, 2023

Thank you for sharing the issue.

From this comment, I've actually checked whether Cloud Run has already supported multi-platform built, and it works as expected in both GCR and GAR.
docker/buildx#1533 (comment)

But currently, the actions' version which we're using is not affected by this.
Hence let us update the necessary config when using this feature.
https://github.com/docker/build-push-action#:~:text=Subdirectory%20for%20Git,at%20the%20moment.

That's why let me close this temporarily.

@knanao knanao closed this Feb 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@knanao knanao knanao left review comments

@nghialv nghialv Awaiting requested review from nghialv nghialv is a code owner

@khanhtc1202 khanhtc1202 Awaiting requested review from khanhtc1202 khanhtc1202 is a code owner

Assignees
No one assigned
Labels
area/build
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@kurochan @knanao