From 3b9302effbd8018b2cf8d7e89a08826215960778 Mon Sep 17 00:00:00 2001 From: Alex Viscreanu Date: Fri, 19 Jun 2020 13:19:32 +0200 Subject: [PATCH] feat: Add option for skip pushing if the digest hasn't changed --- Dockerfile | 15 +++++++++++++++ README.md | 27 ++++++++++++++------------- action.yml | 3 +++ entrypoint.sh | 24 +++++++++++++++++++++--- 4 files changed, 53 insertions(+), 16 deletions(-) diff --git a/Dockerfile b/Dockerfile index da2cfeb..8090a3f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,21 @@ +FROM alpine as certs + +RUN apk --update add ca-certificates + FROM gcr.io/kaniko-project/executor:debug +SHELL ["/busybox/sh", "-c"] + +RUN mkdir -p /usr/local/bin && \ + wget -O /usr/local/bin/jq \ + https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 && \ + chmod +x /usr/local/bin/jq && \ + wget -O /usr/local/bin/reg \ + https://github.com/genuinetools/reg/releases/download/v0.16.1/reg-linux-386 && \ + chmod +x /usr/local/bin/reg + COPY entrypoint.sh / +COPY --from=certs /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt ENTRYPOINT ["/entrypoint.sh"] diff --git a/README.md b/README.md index beab0e8..79b0900 100644 --- a/README.md +++ b/README.md @@ -39,19 +39,20 @@ the most used values. So, technically there is a single required argument ## Optional Arguments -| variable | description | required | default | -|------------------|----------------------------------------------------------|----------|-----------------------------| -| registry | Docker registry where the image will be pushed | false | docker.io | -| username | Username used for authentication to the Docker registry | false | $GITHUB_ACTOR | -| password | Password used for authentication to the Docker registry | false | | -| tag | Image tag | false | latest | -| cache | Enables build cache | false | false | -| cache_ttl | How long the cache should be considered valid | false | | -| cache_registry | Docker registry meant to be used as cache | false | | -| cache_directory | Filesystem path meant to be used as cache | false | | -| build_file | Dockerfile filename | false | Dockerfile | -| extra_args | Additional arguments to be passed to the kaniko executor | false | | -| strip_tag_prefix | Prefix to be stripped from the tag | false | | +| variable | description | required | default | +|-----------------------|-----------------------------------------------------------------|----------|-----------------| +| registry | Docker registry where the image will be pushed | false | docker.io | +| username | Username used for authentication to the Docker registry | false | $GITHUB_ACTOR | +| password | Password used for authentication to the Docker registry | false | | +| tag | Image tag | false | latest | +| cache | Enables build cache | false | false | +| cache_ttl | How long the cache should be considered valid | false | | +| cache_registry | Docker registry meant to be used as cache | false | | +| cache_directory | Filesystem path meant to be used as cache | false | | +| build_file | Dockerfile filename | false | Dockerfile | +| extra_args | Additional arguments to be passed to the kaniko executor | false | | +| strip_tag_prefix | Prefix to be stripped from the tag | false | | +| skip_unchanged_digest | Avoids pushing the image if the build generated the same digest | false | | **Here is where it gets specific, as the optional arguments become required depending on the registry targeted** diff --git a/action.yml b/action.yml index ae18609..91db459 100644 --- a/action.yml +++ b/action.yml @@ -41,6 +41,9 @@ inputs: extra_args: description: "Additional arguments to be passed to the kaniko executor" required: false + skip_unchanged_digest: + description: "Avoids pushing the image if the build generated the same digest" + required: false runs: using: "docker" image: "Dockerfile" diff --git a/entrypoint.sh b/entrypoint.sh index 6aa1bce..d2199c2 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -45,10 +45,9 @@ export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY" export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"} export CONTEXT="--context $GITHUB_WORKSPACE" export DOCKERFILE="--dockerfile ${INPUT_BUILD_FILE:-Dockerfile}" -export DESTINATION="--destination $IMAGE" +export DESTINATION="--no-push" export ARGS="$CACHE $CONTEXT $DOCKERFILE $DESTINATION $INPUT_EXTRA_ARGS" -echo $ARGS cat </kaniko/.docker/config.json { @@ -61,4 +60,23 @@ cat </kaniko/.docker/config.json } EOF -/kaniko/executor $ARGS +/kaniko/executor --digest-file digest --reproducible $ARGS + +export DIGEST=$(cat digest) +export REMOTE=$(reg digest "$IMAGE" | tail -1) + +if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then + if [ "$DIGEST" == "$REMOTE" ]; then + echo "Digest hasn't changed, skipping, $DIGEST" + exit 0 + fi +fi + +export DESTINATION="--destination $IMAGE" +export ARGS="$CACHE $CONTEXT $DOCKERFILE $DESTINATION $INPUT_EXTRA_ARGS" + +echo "Pushing image..." + +/kaniko/executor --reproducible $ARGS >/dev/null 2>&1 + +echo "Done 🎉️"