Update action.yml

Escape spaces within args

.github/pull_request_template.md

@@ -0,0 +1,3 @@
+### Base branch for this PR
+
+Please target the `develop` branch for this Pull Request.

.github/workflows/verify.yml

@@ -25,7 +25,11 @@ jobs:
           ARG MY_ENV_VAR2
           ENV MY_ENV_VAR=$MY_ENV_VAR
           ENV MY_ENV_VAR2=$MY_ENV_VAR2
-          CMD ["sh", "-c", "echo Result: $MY_ENV_VAR $MY_ENV_VAR2"]' > Dockerfile
+          ARG EXTRA_ENV_VAR
+          ARG EXTRA_ENV_VAR2
+          ENV EXTRA_ENV_VAR=$EXTRA_ENV_VAR
+          ENV EXTRA_ENV_VAR2=$EXTRA_ENV_VAR2
+          CMD ["sh", "-c", "echo Result: $MY_ENV_VAR $MY_ENV_VAR2 ~$EXTRA_ENV_VAR~ ~$EXTRA_ENV_VAR2~"]' > Dockerfile
           cat Dockerfile
       - name: Use Build and Push action
         uses: ./
@@ -36,6 +40,7 @@ jobs:
           tags: ghcr.io/frozen-tapestry/podman-action-verify:latest
           dockerfile: Dockerfile
           build_args: MY_ENV_VAR=Test MY_ENV_VAR2=Test2
+          extra_args: --build-arg EXTRA_ENV_VAR="Extra\ env\ 1" --build-arg=EXTRA_ENV_VAR2=Extra\ env\ 2
           security: |
             --security-opt=seccomp=unconfined
             --security-opt=apparmor=unconfined
@@ -46,7 +51,7 @@ jobs:
           OUTPUT=$(docker run --rm ghcr.io/frozen-tapestry/podman-action-verify:latest)
           echo "Container Output: $OUTPUT"
           
-          if [ "$OUTPUT" != "Result: Test Test2" ]; then
+          if [ "$OUTPUT" != "Result: Test Test2 ~\"Extra env 1\"~ ~Extra env 2~" ]; then
             echo "Output does not match expected string"
             exit 1
           fi

README.md

@@ -46,13 +46,17 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Use Podman Build and Push Action
-        uses: frozen-tapestry/podman-build-push-action@v1
+        uses: Frozen-Tapestry/container-action@v1
         with:
           login_registry: ghcr.io
           login_username: ${{ secrets.REGISTRY_USERNAME }}
           login_password: ${{ secrets.REGISTRY_PASSWORD }}
           tags: ghcr.io/your-namespace/your-image:latest
           dockerfile: path/to/Dockerfile
+          # Use those security flags if using GitHub Action. Keep the defaults, if using Gitea.
+          security: |
+            --security-opt=seccomp=unconfined
+            --security-opt=apparmor=unconfined
           push: true
 ```
 

RELEASES.md

@@ -3,3 +3,12 @@
 ### v1.0.0
 
 - Initial release
+
+### v1.1.0
+
+- Permission error fix
+- Readme updates
+
+### v1.2.0
+
+- Added support for escaped spaces

action.yml

@@ -25,13 +25,13 @@ inputs:
     required: false
   build_args:
     description: |
-      Optional build arguments. Space-separated. e.g.
+      Optional build arguments. Space-separated, escape space if used within single arg. e.g.
       MY_ENV_VAR=Test MY_ENV_VAR2=Test2
     required: false
   extra_args:
     description: |
-      Extra args to be passed to podman. Space-separated. e.g.
+      Extra args to be passed to podman. Space-separated, escape space if used within single arg. e.g.
-      -e=MY_ENV=Test -e=MY_ENV=Test2
+      -e=MY_ENV=Test -e=MY_ENV=Test2 -e MY_ENV=Var\ with\ spaces
     required: false
   dockerfile:
     description: Path to the Dockerfile. If set, build step is performed.
@@ -49,7 +49,7 @@ runs:
   using: composite
   steps:
     - name: Run container steps
-      uses: frozen-tapestry/docker-run-action@v6
+      uses: https://git.zio.sh/astra/docker-run-action@bc0813212cba1c029615a08be520b15613988af3
       with:
         image: quay.io/podman/stable:latest
         mount_ws: true

scripts/run.sh

@@ -13,24 +13,48 @@ PODMAN_USER="podman"
 chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/auth
 chown $PODMAN_USER:$PODMAN_USER /home/$PODMAN_USER/.local/share/containers/storage
 
+run_cmd() {
+    local build_cmd=("$@")
+    cmd=$(printf "%q\t" "${build_cmd[@]}")
+    echo "Running: $cmd"
+    su "$PODMAN_USER" -c "$cmd"
+}
+
 ### LOGIN
 if [[ -n "$REGISTRY" && -n "$USERNAME" && -n "$PASSWORD" ]]; then
-  sudo -u $PODMAN_USER podman login \
+  build_cmd=(podman login
-    --storage-driver=overlay \
+    --storage-driver=overlay
-    --authfile="$REGISTRY_AUTH_FILE" \
+    --authfile="$REGISTRY_AUTH_FILE"
-    "$REGISTRY" -u "$USERNAME" -p "$PASSWORD"
+    "$REGISTRY"
+    --username="$USERNAME"
+    --password="$PASSWORD"
+  )
+  run_cmd "${build_cmd[@]}"
 fi
 
+# Function that splits on unescaped spaces (but not on escaped ones)
+# and outputs each processed token on a new line.
 generate_args() {
   local input_args="$1"
   local prefix="$2"
-  local output=""
+  local output=()
+  local placeholder="__ESCAPED_SPACE__"
 
   if [[ -n "$input_args" ]]; then
-    output="$(echo "$input_args" | tr -s ' ' '\n' | sed "s/[^ ]* */$prefix&/g")"
+    # Replace escaped spaces (\ ) with a unique placeholder.
+    local temp="${input_args//\\ /$placeholder}"
+    # Split on spaces (escaped ones are now hidden).
+    IFS=' ' read -r -a parts <<< "$temp"
+    for part in "${parts[@]}"; do
+      # Skip any empty parts.
+      [[ -z "$part" ]] && continue
+      # Restore escaped spaces.
+      part="${part//$placeholder/ }"
+      output+=("$prefix$part")
+    done
   fi
 
-  echo "$output"
+  printf "%s\n" "${output[@]}"
 }
 
 ### BUILD
@@ -42,34 +66,40 @@ if [[ -n "$DOCKERFILE" ]]; then
   echo "Main labels: $CREATED $REVISION $SOURCE"
 
   TAGS=$(generate_args "$ACTION_TAGS" "-t=")
-  echo "Tags: $TAGS"
+  echo "Tags: ${TAGS[@]}"
   LABELS=$(generate_args "$ACTION_LABELS" "--label=")
-  echo "Labels: $LABELS"
+  echo "Labels: ${LABELS[@]}"
   BUILD_ARGS=$(generate_args "$ACTION_BUILD_ARGS" "--build-arg=")
-  echo "Build args: $BUILD_ARGS"
+  echo "Build args: ${BUILD_ARGS[@]}"
   EXTRA_ARGS=$(generate_args "$ACTION_EXTRA_ARGS" "")
-  echo "Extra args: $EXTRA_ARGS"
+  echo "Extra args: ${EXTRA_ARGS[@]}"
 
-  sudo -u $PODMAN_USER podman build --platform="linux/amd64" \
+  build_cmd=(podman build
-    --storage-driver=overlay \
+    --platform="linux/amd64"
-    --authfile="$REGISTRY_AUTH_FILE" \
+    --storage-driver=overlay
-    --pull=true \
+    --authfile="$REGISTRY_AUTH_FILE"
-    --label image.created="$CREATED" \
+    --pull=true
-    --label image.revision="$REVISION" \
+    --label=image.created="$CREATED"
-    --label image.source="$SOURCE" \
+    --label=image.revision="$REVISION"
-    $TAGS \
+    --label=image.source="$SOURCE"
-    $LABELS \
+    $TAGS
-    $BUILD_ARGS \
+    $LABELS
-    $EXTRA_ARGS \
+    $BUILD_ARGS
-    -f "$DOCKERFILE" \
+    $EXTRA_ARGS
+    --file="$DOCKERFILE"
     .
+  )
+  run_cmd "${build_cmd[@]}"
 fi
 
 if [[ -n "$PUSH" && "$PUSH" == "true" ]]; then
   TAGS=$(generate_args "$ACTION_TAGS" "")
-  echo "Tags: $TAGS"
+  echo "Tags: ${TAGS[@]}"
 
-  sudo -u $PODMAN_USER podman push \
+  build_cmd=(podman push
-    --storage-driver=overlay \
+    --storage-driver=overlay
-    --authfile="$REGISTRY_AUTH_FILE" $TAGS
+    --authfile="$REGISTRY_AUTH_FILE"
+    $TAGS
+  )
+  run_cmd "${build_cmd[@]}"
 fi