snoopy/action-kaniko
1
0
Fork 0
mirror of https://github.com/aevea/action-kaniko.git synced 2025-05-12 02:20:01 +02:00
Code Releases Activity

Merge 5c7133f245 into 78060c4e9d

Browse source
This commit is contained in:
ricardojdsilva87 2023-05-02 14:50:20 +00:00 committed by GitHub
commit b147254344
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 96 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

18
README.md
View file

@ -10,6 +10,7 @@ more secure secret passing to the build context, as it happens in the user space
## Usage ## Usage
## Example pipeline ## Example pipeline
```yaml ```yaml
name: Docker build name: Docker build
on: push on: push
@ -26,6 +27,11 @@ jobs:
password: ${{ secrets.DOCKERHUB_PASSWORD }} password: ${{ secrets.DOCKERHUB_PASSWORD }}
cache: true cache: true
cache_registry: aevea/cache cache_registry: aevea/cache
tags: >-
test,
1.0.1,
latest
``` ```
## Required Arguments ## Required Arguments
@ -34,17 +40,17 @@ This action aims to be as flexible as possible, so it tries to define the defaul
the most used values. So, technically there is a single required argument the most used values. So, technically there is a single required argument
| variable | description | required | default | | variable | description | required | default |
|------------------|----------------------------------------------------------|----------|-----------------------------| | -------- | ---------------------------------------- | -------- | ------- |
| image | Name of the image you would like to push | true | | | image | Name of the image you would like to push | true | |
## Optional Arguments ## Optional Arguments
| variable | description | required | default | | variable | description | required | default |
|-----------------------|-----------------------------------------------------------------|----------|-----------------| | --------------------- | ------------------------------------------------------------------------------- | -------- | ------------- |
| registry | Docker registry where the image will be pushed | false | docker.io | | registry | Docker registry where the image will be pushed | false | docker.io |
| username | Username used for authentication to the Docker registry | false | $GITHUB_ACTOR | | username | Username used for authentication to the Docker registry | false | $GITHUB_ACTOR |
| password | Password used for authentication to the Docker registry | false | | | password | Password used for authentication to the Docker registry | false | |
| tag | Image tag | false | latest | | tags | Image tags, can be passed as a list with `,` as separator (Check example above) | false | latest |
| cache | Enables build cache | false | false | | cache | Enables build cache | false | false |
| cache_ttl | How long the cache should be considered valid | false | | | cache_ttl | How long the cache should be considered valid | false | |
| cache_registry | Docker registry meant to be used as cache | false | | | cache_registry | Docker registry meant to be used as cache | false | |
@ -150,9 +156,9 @@ with:
If you would like to publish the image to other registries, these actions might be helpful If you would like to publish the image to other registries, these actions might be helpful
| Registry | Action | | Registry | Action |
|------------------------------------------------------|-----------------------------------------------| | --------------------------------------------------- | ----------------------------------------------- |
| Amazon Webservices Elastic Container Registry (ECR) | https://github.com/elgohr/ecr-login-action | | Amazon Webservices Elastic Container Registry (ECR) | <https://github.com/elgohr/ecr-login-action> |
| Google Cloud Container Registry | https://github.com/elgohr/gcloud-login-action | | Google Cloud Container Registry | <https://github.com/elgohr/gcloud-login-action> |
### Other arguments details ### Other arguments details

4
action.yml
View file

@ -21,8 +21,8 @@ inputs:
image: image:
description: "Image name" description: "Image name"
required: true required: true
tag: tags:
description: "Image tag" description: "List of Image tags"
required: false required: false
cache: cache:
description: "Enables build cache" description: "Enables build cache"

108
entrypoint.sh
View file

@ -7,13 +7,12 @@ fi
export REGISTRY=${INPUT_REGISTRY:-"docker.io"} export REGISTRY=${INPUT_REGISTRY:-"docker.io"}
export IMAGE=${INPUT_IMAGE} export IMAGE=${INPUT_IMAGE}
export BRANCH=$(echo ${GITHUB_REF} | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g") export BRANCH=$(echo ${GITHUB_REF} | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g")
export TAG=${INPUT_TAG:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)} export TAGS=${INPUT_TAGS:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)}
export TAG=${TAG:-"latest"} export TAGS=${TAGS:-"latest"}
export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX} export TAGS=${TAGS#$INPUT_STRIP_TAG_PREFIX}
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR} export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN} export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
export REPOSITORY=$IMAGE export REPOSITORY=$IMAGE
export IMAGE=$IMAGE:$TAG
export CONTEXT_PATH=${INPUT_PATH} export CONTEXT_PATH=${INPUT_PATH}
if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
@ -31,52 +30,10 @@ ensure "${REGISTRY}" "registry"
ensure "${USERNAME}" "username" ensure "${USERNAME}" "username"
ensure "${PASSWORD}" "password" ensure "${PASSWORD}" "password"
ensure "${IMAGE}" "image" ensure "${IMAGE}" "image"
ensure "${TAG}" "tag" ensure "${TAGS}" "tags"
ensure "${CONTEXT_PATH}" "path" ensure "${CONTEXT_PATH}" "path"
if [ "$REGISTRY" == "ghcr.io" ]; then # Set credentials here
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$IMAGE_NAMESPACE/$IMAGE_LATEST"
fi
if [ ! -z $INPUT_CACHE_REGISTRY ]; then
export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY"
fi
fi
if [ "$REGISTRY" == "docker.io" ]; then
export REGISTRY="index.${REGISTRY}/v1/"
else
export IMAGE="$REGISTRY/$IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST"
fi
fi
export CACHE=${INPUT_CACHE:+"--cache=true"}
export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DESTINATION="--digest-file digest --no-push --tarPath image.tar --destination $IMAGE"
else
export DESTINATION="--destination $IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
fi
fi
export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DESTINATION $INPUT_EXTRA_ARGS"
cat <<EOF >/kaniko/.docker/config.json cat <<EOF >/kaniko/.docker/config.json
{ {
"auths": { "auths": {
@ -88,6 +45,59 @@ cat <<EOF >/kaniko/.docker/config.json
} }
EOF EOF
tags=$(echo $TAGS | tr "," "\n")
for tag in $tags; do
export TAGGED_IMAGE=$IMAGE:$tag
if [ "$REGISTRY" == "ghcr.io" ]; then
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
export TAGGED_IMAGE="$IMAGE_NAMESPACE/$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$IMAGE_NAMESPACE/$IMAGE_LATEST"
fi
if [ ! -z $INPUT_CACHE_REGISTRY ]; then
export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY"
fi
fi
if [ "$REGISTRY" == "docker.io" ]; then
export REGISTRY="index.${REGISTRY}/v1/"
else
export TAGGED_IMAGE="$REGISTRY/$TAGGED_IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST"
fi
fi
export DESTINATIONS="$DESTINATIONS --destination $TAGGED_IMAGE"
done
export CACHE=${INPUT_CACHE:+"--cache=true"}
export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DESTINATION="--digest-file digest --no-push --tarPath image.tar $DESTINATIONS"
else
export DESTINATION=$DESTINATIONS
if [ ! -z $IMAGE_LATEST ]; then
export DESTINATION="$DESTINATIONS --destination $IMAGE_LATEST"
fi
fi
export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DESTINATION $INPUT_EXTRA_ARGS"
# https://github.com/GoogleContainerTools/kaniko/issues/1349 # https://github.com/GoogleContainerTools/kaniko/issues/1349
/kaniko/executor --reproducible --force $ARGS /kaniko/executor --reproducible --force $ARGS
@ -106,7 +116,7 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
echo "Pushing image..." echo "Pushing image..."
/kaniko/crane push image.tar $IMAGE /kaniko/crane push image.tar $TAGGED_IMAGE
if [ ! -z $IMAGE_LATEST ]; then if [ ! -z $IMAGE_LATEST ]; then
echo "Tagging latest..." echo "Tagging latest..."