snoopy/action-kaniko
1
0
Fork 0
mirror of https://github.com/aevea/action-kaniko.git synced 2025-05-11 10:00:00 +02:00
Code Releases Activity

Merge 5c7133f245 into 78060c4e9d

Browse source
This commit is contained in:
ricardojdsilva87 2023-05-02 14:50:20 +00:00 committed by GitHub
commit b147254344
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 96 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

18
README.md
View file

@ -10,6 +10,7 @@ more secure secret passing to the build context, as it happens in the user space
## Usage
## Example pipeline
```yaml
name: Docker build
on: push
@ -26,6 +27,11 @@ jobs:
password: ${{ secrets.DOCKERHUB_PASSWORD }}
cache: true
cache_registry: aevea/cache
tags: >-
test,
1.0.1,
latest
```
## Required Arguments
@ -34,17 +40,17 @@ This action aims to be as flexible as possible, so it tries to define the defaul
the most used values. So, technically there is a single required argument
| variable | description | required | default |
|------------------|----------------------------------------------------------|----------|-----------------------------|
| -------- | ---------------------------------------- | -------- | ------- |
| image | Name of the image you would like to push | true | |
## Optional Arguments
| variable | description | required | default |
|-----------------------|-----------------------------------------------------------------|----------|-----------------|
| --------------------- | ------------------------------------------------------------------------------- | -------- | ------------- |
| registry | Docker registry where the image will be pushed | false | docker.io |
| username | Username used for authentication to the Docker registry | false | $GITHUB_ACTOR |
| password | Password used for authentication to the Docker registry | false | |
| tag | Image tag | false | latest |
| tags | Image tags, can be passed as a list with `,` as separator (Check example above) | false | latest |
| cache | Enables build cache | false | false |
| cache_ttl | How long the cache should be considered valid | false | |
| cache_registry | Docker registry meant to be used as cache | false | |
@ -150,9 +156,9 @@ with:
If you would like to publish the image to other registries, these actions might be helpful
| Registry | Action |
|------------------------------------------------------|-----------------------------------------------|
| Amazon Webservices Elastic Container Registry (ECR) | https://github.com/elgohr/ecr-login-action |
| Google Cloud Container Registry | https://github.com/elgohr/gcloud-login-action |
| --------------------------------------------------- | ----------------------------------------------- |
| Amazon Webservices Elastic Container Registry (ECR) | <https://github.com/elgohr/ecr-login-action> |
| Google Cloud Container Registry | <https://github.com/elgohr/gcloud-login-action> |
### Other arguments details

4
action.yml
View file

@ -21,8 +21,8 @@ inputs:
image:
description: "Image name"
required: true
tag:
description: "Image tag"
tags:
description: "List of Image tags"
required: false
cache:
description: "Enables build cache"

108
entrypoint.sh
View file

@ -7,13 +7,12 @@ fi
export REGISTRY=${INPUT_REGISTRY:-"docker.io"}
export IMAGE=${INPUT_IMAGE}
export BRANCH=$(echo ${GITHUB_REF} | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g")
export TAG=${INPUT_TAG:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)}
export TAG=${TAG:-"latest"}
export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX}
export TAGS=${INPUT_TAGS:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)}
export TAGS=${TAGS:-"latest"}
export TAGS=${TAGS#$INPUT_STRIP_TAG_PREFIX}
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
export REPOSITORY=$IMAGE
export IMAGE=$IMAGE:$TAG
export CONTEXT_PATH=${INPUT_PATH}
if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
@ -31,52 +30,10 @@ ensure "${REGISTRY}" "registry"
ensure "${USERNAME}" "username"
ensure "${PASSWORD}" "password"
ensure "${IMAGE}" "image"
ensure "${TAG}" "tag"
ensure "${TAGS}" "tags"
ensure "${CONTEXT_PATH}" "path"
if [ "$REGISTRY" == "ghcr.io" ]; then
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$IMAGE_NAMESPACE/$IMAGE_LATEST"
fi
if [ ! -z $INPUT_CACHE_REGISTRY ]; then
export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY"
fi
fi
if [ "$REGISTRY" == "docker.io" ]; then
export REGISTRY="index.${REGISTRY}/v1/"
else
export IMAGE="$REGISTRY/$IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST"
fi
fi
export CACHE=${INPUT_CACHE:+"--cache=true"}
export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DESTINATION="--digest-file digest --no-push --tarPath image.tar --destination $IMAGE"
else
export DESTINATION="--destination $IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
fi
fi
export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DESTINATION $INPUT_EXTRA_ARGS"
# Set credentials here
cat <<EOF >/kaniko/.docker/config.json
{
"auths": {
@ -88,6 +45,59 @@ cat <<EOF >/kaniko/.docker/config.json
}
EOF
tags=$(echo $TAGS | tr "," "\n")
for tag in $tags; do
export TAGGED_IMAGE=$IMAGE:$tag
if [ "$REGISTRY" == "ghcr.io" ]; then
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
export TAGGED_IMAGE="$IMAGE_NAMESPACE/$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$IMAGE_NAMESPACE/$IMAGE_LATEST"
fi
if [ ! -z $INPUT_CACHE_REGISTRY ]; then
export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY"
fi
fi
if [ "$REGISTRY" == "docker.io" ]; then
export REGISTRY="index.${REGISTRY}/v1/"
else
export TAGGED_IMAGE="$REGISTRY/$TAGGED_IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST"
fi
fi
export DESTINATIONS="$DESTINATIONS --destination $TAGGED_IMAGE"
done
export CACHE=${INPUT_CACHE:+"--cache=true"}
export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DESTINATION="--digest-file digest --no-push --tarPath image.tar $DESTINATIONS"
else
export DESTINATION=$DESTINATIONS
if [ ! -z $IMAGE_LATEST ]; then
export DESTINATION="$DESTINATIONS --destination $IMAGE_LATEST"
fi
fi
export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DESTINATION $INPUT_EXTRA_ARGS"
# https://github.com/GoogleContainerTools/kaniko/issues/1349
/kaniko/executor --reproducible --force $ARGS
@ -106,7 +116,7 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
echo "Pushing image..."
/kaniko/crane push image.tar $IMAGE
/kaniko/crane push image.tar $TAGGED_IMAGE
if [ ! -z $IMAGE_LATEST ]; then
echo "Tagging latest..."