snoopy/action-kaniko
1
0
Fork 0
mirror of https://github.com/aevea/action-kaniko.git synced 2025-01-30 22:09:37 +01:00
Code Releases Activity

refactor: make entrypoint script more posix compliant

Browse source 
remove most of the 'bashisms' in the script, improve quoting, escaping
and make more consistent regarding references to variable names
This commit is contained in:
Theo Cabrerizo Diem 2023-07-17 18:18:13 +02:00 committed by Alex Viscreanu
parent 4f9a6a7f2c
commit ec00be49b7
No known key found for this signature in database
1 changed files with 44 additions and 43 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

87
entrypoint.sh
View file

@ -1,26 +1,26 @@
#!/busybox/sh #!/busybox/sh
set -e pipefail set -e pipefail
if [[ "$INPUT_DEBUG" == "true" ]]; then if [ "$INPUT_DEBUG" = "true" ]; then
set -o xtrace set -o xtrace
fi fi
export REGISTRY=${INPUT_REGISTRY:-"docker.io"} export REGISTRY="${INPUT_REGISTRY:-"docker.io"}"
export IMAGE=${INPUT_IMAGE} export IMAGE="$INPUT_IMAGE"
export BRANCH=$(echo ${GITHUB_REF} | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g") export BRANCH=$(echo "$GITHUB_REF" | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g")
export TAG=${INPUT_TAG:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)} export TAG=${INPUT_TAG:-$([ "$BRANCH" = "master" ] && echo latest || echo "$BRANCH")}
export TAG=${TAG:-"latest"} export TAG="${TAG:-"latest"}"
export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX} export TAG="${TAG#$INPUT_STRIP_TAG_PREFIX}"
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR} export USERNAME="${INPUT_USERNAME:-$GITHUB_ACTOR}"
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN} export PASSWORD="${INPUT_PASSWORD:-$GITHUB_TOKEN}"
export REPOSITORY=$IMAGE export REPOSITORY="$IMAGE"
export IMAGE=$IMAGE:$TAG export IMAGE="${IMAGE}:${TAG}"
export CONTEXT_PATH=${INPUT_PATH} export CONTEXT_PATH="$INPUT_PATH"
if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then if [ "$INPUT_TAG_WITH_LATEST" = "true" ]; then
export IMAGE_LATEST="$REPOSITORY:latest" export IMAGE_LATEST="${REPOSITORY}:latest"
fi fi
function ensure() { ensure() {
if [ -z "${1}" ]; then if [ -z "${1}" ]; then
echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?" echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?"
exit 1 exit 1
@ -34,46 +34,46 @@ ensure "${IMAGE}" "image"
ensure "${TAG}" "tag" ensure "${TAG}" "tag"
ensure "${CONTEXT_PATH}" "path" ensure "${CONTEXT_PATH}" "path"
if [ "$REGISTRY" == "ghcr.io" ]; then if [ "$REGISTRY" = "ghcr.io" ]; then
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')" IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
# Set `/` separator, unless image is pre-fixed with dash or slash # Set `/` separator, unless image is pre-fixed with dash or slash
[ -n "$REPOSITORY" ] && [[ ! "$REPOSITORY" =~ ^[-/] ]] && SEPARATOR="/" [ -n "$REPOSITORY" ] && [[ ! "$REPOSITORY" =~ ^[-/] ]] && SEPARATOR="/"
export IMAGE="$IMAGE_NAMESPACE$SEPARATOR$IMAGE" export IMAGE="$IMAGE_NAMESPACE$SEPARATOR$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE$SEPARATOR$REPOSITORY" export REPOSITORY="$IMAGE_NAMESPACE$SEPARATOR$REPOSITORY"
if [ ! -z $IMAGE_LATEST ]; then if [ -n "$IMAGE_LATEST" ]; then
export IMAGE_LATEST="$IMAGE_NAMESPACE$SEPARATOR$IMAGE_LATEST" export IMAGE_LATEST="${IMAGE_NAMESPACE}/${IMAGE_LATEST}"
fi fi
if [ ! -z $INPUT_CACHE_REGISTRY ]; then if [ -n "$INPUT_CACHE_REGISTRY" ]; then
export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY" export INPUT_CACHE_REGISTRY="${REGISTRY}/${IMAGE_NAMESPACE}/${INPUT_CACHE_REGISTRY}"
fi fi
fi fi
if [ "$REGISTRY" == "docker.io" ]; then if [ "$REGISTRY" = "docker.io" ]; then
export REGISTRY="index.${REGISTRY}/v1/" export REGISTRY="index.${REGISTRY}/v1/"
else else
export IMAGE="$REGISTRY/$IMAGE" export IMAGE="${REGISTRY}/${IMAGE}"
if [ ! -z $IMAGE_LATEST ]; then if [ -n "$IMAGE_LATEST" ]; then
export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST" export IMAGE_LATEST="${REGISTRY}/${IMAGE_LATEST}"
fi fi
fi fi
export CACHE=${INPUT_CACHE:+"--cache=true"} export CACHE="${INPUT_CACHE:+"--cache=true"}"
export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"} export CACHE="$CACHE"${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"} export CACHE="$CACHE"${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"} export CACHE="$CACHE"${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH" export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}" export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"} export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
export DIGEST="--digest-file /kaniko/digest --image-name-tag-with-digest-file=/kaniko/image-tag-digest" export DIGEST="--digest-file /kaniko/digest --image-name-tag-with-digest-file=/kaniko/image-tag-digest"
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then if [ -n "$INPUT_SKIP_UNCHANGED_DIGEST" ]; then
export DESTINATION="--no-push --tarPath image.tar --destination $IMAGE" export DESTINATION="--no-push --tarPath image.tar --destination $IMAGE"
else else
export DESTINATION="--destination $IMAGE" export DESTINATION="--destination $IMAGE"
if [ ! -z $IMAGE_LATEST ]; then if [ -n "$IMAGE_LATEST" ]; then
export DESTINATION="$DESTINATION --destination $IMAGE_LATEST" export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
fi fi
fi fi
@ -98,19 +98,20 @@ kaniko_cmd="/kaniko/executor ${ARGS} --reproducible --force"
echo "Running kaniko command ${kaniko_cmd}" echo "Running kaniko command ${kaniko_cmd}"
eval "${kaniko_cmd}" eval "${kaniko_cmd}"
echo "image=$IMAGE" >> $GITHUB_OUTPUT echo "image=$IMAGE" >> "$GITHUB_OUTPUT"
echo "digest=$(cat /kaniko/digest)" >> $GITHUB_OUTPUT echo "digest=$(cat /kaniko/digest)" >> "$GITHUB_OUTPUT"
echo "image-tag-digest=$(cat /kaniko/image-tag-digest)" >> $GITHUB_OUTPUT echo "image-tag-digest=$(cat /kaniko/image-tag-digest)" >> "$GITHUB_OUTPUT"
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DIGEST=$(cat /kaniko/digest)
/kaniko/crane auth login $REGISTRY -u $USERNAME -p $PASSWORD if [ -n "$INPUT_SKIP_UNCHANGED_DIGEST" ]; then
export DIGEST="$(cat /kaniko/digest)"
export REMOTE=$(crane digest $REGISTRY/${REPOSITORY}:latest) /kaniko/crane auth login "$REGISTRY" -u "$USERNAME" -p "$PASSWORD"
if [ "$DIGEST" == "$REMOTE" ]; then export REMOTE=$(crane digest "${REGISTRY}/${REPOSITORY}:latest")
echo "refreshed=false" >> $GITHUB_OUTPUT
if [ "$DIGEST" = "$REMOTE" ]; then
echo "refreshed=false" >> "$GITHUB_OUTPUT"
echo "Digest hasn't changed, skipping, $DIGEST" echo "Digest hasn't changed, skipping, $DIGEST"
echo "Done 🎉️" echo "Done 🎉️"
exit 0 exit 0
@ -118,13 +119,13 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
echo "Pushing image..." echo "Pushing image..."
/kaniko/crane push image.tar $IMAGE /kaniko/crane push image.tar "$IMAGE"
if [ ! -z $IMAGE_LATEST ]; then if [ -n "$IMAGE_LATEST" ]; then
echo "Tagging latest..." echo "Tagging latest..."
/kaniko/crane tag $IMAGE latest /kaniko/crane tag "$IMAGE" latest
fi fi
echo "refreshed=false" >> $GITHUB_OUTPUT echo "refreshed=false" >> "$GITHUB_OUTPUT"
echo "Done 🎉️" echo "Done 🎉️"
fi fi