https://pantsbuild.org/ logo
Join Slack
Powered by
Should `pants peek --docker-build-args="X=A"` pop...
# general
a
Should 
pants peek --docker-build-args="X=A"
populate the build args of peek output? it doesn't, for now and i could see arguments for either behavior
Copy code
pants --changed-since=dev~1 peek --docker-build-args=REPO=x  --filter-target-type=docker_image | jq '.[].repository'
"{build_args.REPO}/x/y"
it might be good enough to run pants package
Copy code
pants --changed-since=dev~1 --docker-build-args=REPO=x  --filter-target-type=docker_image package ::
and then in CI/CD i can assume dist/ will have the list of docker images built?
w
What's the end goal you're trying to achieve?
a
Pre-publish hooks for docker images for things like CVEs: 1. Package the docker container(s) (done) 2. Run the docker image(s) through grype (not done, needs a plugin?) 3. If passed, publish the docker. (done) For now, I'm doing it this way: 1. 
pants package
2. Look in dist/ for docker-info.json files and run grype against image defined as a .json file. 3. If passed, 
pants publish
I thought I could use peek to get the list of images that would be generated. but luckily i can do that later via the dist/ folder
w
This feels like it could be related to something someone else was asking for peek not that long ago. Where peek doesn't necessarily resolve the final outputs, it just provides the inputs it sees
pants peek --resolve
would be an interesting idea, but I don't know how far down the rabbithole that goes
a
yeah and I would call it unnecessary in my use case
w
If I'm understanding it, your current solution feels more in the right spirit - but it would be nice to have some where, some way, to resolve metadata ahead of time without necessarily "doing everything" Mostly for scripting/tooling
Open in Slack
PreviousNext
Powered by