From 3e397648f84051501dbc85b31b8d8585e27fb311 Mon Sep 17 00:00:00 2001
From: Alex <alexviscreanu@gmail.com>
Date: Mon, 21 Feb 2022 15:25:01 +0100
Subject: [PATCH 01/31] fix(ci): use updated github container registry host

---
 .github/workflows/push.yml    | 2 +-
 .github/workflows/release.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 3260341..fc0bb44 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -11,7 +11,7 @@ jobs:
       - name: GitHub Package Registry
         uses: aevea/action-kaniko@master
         with:
-          registry: docker.pkg.github.com
+          registry: ghcr.io
           password: ${{ secrets.GITHUB_TOKEN }}
           image: kaniko
           cache: true
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 7755bf4..0fe0aca 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -22,7 +22,7 @@ jobs:
       - name: GitHub Package Registry
         uses: aevea/action-kaniko@master
         with:
-          registry: docker.pkg.github.com
+          registry: ghcr.io
           password: ${{ secrets.GITHUB_TOKEN }}
           image: kaniko
           cache: true

From a5055cd00751f1beb018792aa62d34334a3185bf Mon Sep 17 00:00:00 2001
From: Alex <alexviscreanu@gmail.com>
Date: Mon, 21 Feb 2022 15:27:55 +0100
Subject: [PATCH 02/31] docs: update references to github's package registry
 host

---
 README.md | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/README.md b/README.md
index a09a7ca..76ea61b 100644
--- a/README.md
+++ b/README.md
@@ -83,7 +83,7 @@ with:
   cache_registry: aevea/cache
 ```
 
-### [docker.pkg.github.com](https://github.com/features/packages)
+### [ghcr.io](https://github.com/features/packages)
 
 GitHub's docker registry is a bit special. It doesn't allow top-level images, so this action will prefix any image with the GitHub namespace.
 If you want to push your image like `aevea/action-kaniko/kaniko`, you'll only need to pass `kaniko` to this action.
@@ -93,7 +93,7 @@ passed by default, it will have to be explicitly set up.
 
 ```yaml
 with:
-  registry: docker.pkg.github.com
+  registry: ghcr.io
   password: ${{ secrets.GITHUB_TOKEN }}
   image: kaniko
 ```
@@ -104,7 +104,7 @@ cache layers to that image instead
 
 ```yaml
 with:
-  registry: docker.pkg.github.com
+  registry: ghcr.io
   password: ${{ secrets.GITHUB_TOKEN }}
   image: kaniko
   cache: true
@@ -167,7 +167,7 @@ Example:
 
 ```yaml
 with:
-  registry: docker.pkg.github.com
+  registry: ghcr.io
   password: ${{ secrets.GITHUB_TOKEN }}
   image: kaniko
   strip_tag_prefix: pre-

From 17f90e5aa45fae7f51284c35b27d1c05b0fd2c12 Mon Sep 17 00:00:00 2001
From: Sandro Modarelli <sandro.modarelli@gmail.com>
Date: Fri, 25 Mar 2022 14:46:48 +0100
Subject: [PATCH 03/31] fix: use complete image name when computing latest
 target

---
 entrypoint.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index e124bfb..d2f4421 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -14,7 +14,7 @@ export IMAGE=$IMAGE:$TAG
 export CONTEXT_PATH=${INPUT_PATH}
 
 if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
-    export IMAGE_LATEST="$IMAGE:latest"
+    export IMAGE_LATEST="$REPOSITORY:latest"
 fi
 
 function ensure() {

From 20173de989ec7311b36c6a7f69f74d81dfbddbb5 Mon Sep 17 00:00:00 2001
From: Sandro Modarelli <sandro.modarelli@gmail.com>
Date: Fri, 25 Mar 2022 15:09:12 +0100
Subject: [PATCH 04/31] feat: adding debug flag

---
 README.md     | 1 +
 action.yml    | 3 +++
 entrypoint.sh | 3 +++
 3 files changed, 7 insertions(+)

diff --git a/README.md b/README.md
index 76ea61b..6dff48a 100644
--- a/README.md
+++ b/README.md
@@ -56,6 +56,7 @@ the most used values. So, technically there is a single required argument
 | path                  | Path to the build context. Defaults to `.`                      | false    | .               |
 | tag_with_latest       | Tags the built image with additional latest tag                 | false    |                 |
 | target                | Sets the target stage to build                                  | false    |                 |
+| debug                 | Enables trace for entrypoint.sh                                 | false    |                 |
 
 **Here is where it gets specific, as the optional arguments become required depending on the registry targeted**
 
diff --git a/action.yml b/action.yml
index bc41cfb..cb313e3 100644
--- a/action.yml
+++ b/action.yml
@@ -54,6 +54,9 @@ inputs:
   target:
     description: Sets the target stage to build
     required: false
+  debug:
+    description: Enables trace for entrypoint.sh
+    required: false
 runs:
   using: "docker"
   image: "Dockerfile"
diff --git a/entrypoint.sh b/entrypoint.sh
index d2f4421..bbeeff8 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,5 +1,8 @@
 #!/busybox/sh
 set -e pipefail
+if [[ "$INPUT_DEBUG" == "true" ]]; then
+    set -o xtrace
+fi
 
 export REGISTRY=${INPUT_REGISTRY:-"docker.io"}
 export IMAGE=${INPUT_IMAGE}

From 548ad7dd4a8871f8294cb54f1e6d591948287222 Mon Sep 17 00:00:00 2001
From: Renovate Bot <bot@renovateapp.com>
Date: Sun, 20 Mar 2022 11:45:22 +0000
Subject: [PATCH 05/31] chore(deps): update aevea/commitsar digest to 27ea5e5

---
 .github/workflows/pr.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 38b6ed2..0cd90b8 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -10,4 +10,4 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run commitsar
-        uses: docker://aevea/commitsar@sha256:b77adebc0437d4f2bfdf9205a39003e88acbc77a9176fd086b386207a5f3f5cb
+        uses: docker://aevea/commitsar@sha256:27ea5e528b153393e924d98764d6400a181f03768d972ba151b3ddc9f14ff12c

From 59bc747ae2717b1ca013661865876666738a0db3 Mon Sep 17 00:00:00 2001
From: Renovate Bot <bot@renovateapp.com>
Date: Wed, 16 Mar 2022 18:16:46 +0000
Subject: [PATCH 06/31] chore(deps): update aevea/release-notary digest to
 03e771a

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 0fe0aca..a7fe79f 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
           fetch-depth: 0
 
       - name: Release Notary Action
-        uses: docker://aevea/release-notary@sha256:8b26ced466da96b23a947d5c9e58baac22ee1192fd08200011e5b178f42118a0
+        uses: docker://aevea/release-notary@sha256:03e771a509881121758b05217a8938ca8379d29dfa69a2605ceca06ffca2db4d
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 

From a4abaead4857a69bbbcc82ef01452500d71f7b1d Mon Sep 17 00:00:00 2001
From: Renovate Bot <bot@renovateapp.com>
Date: Tue, 1 Mar 2022 18:45:14 +0000
Subject: [PATCH 07/31] chore(deps): update actions/checkout action to v3

---
 .github/workflows/pr.yml      | 2 +-
 .github/workflows/release.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 0cd90b8..36058e7 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -6,7 +6,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Verify commit messages
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
         with:
           fetch-depth: 0
       - name: Run commitsar
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a7fe79f..ba7010b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           fetch-depth: 0
 

From 1200c08dbadeeb08d95f56a7fc97fefec1993e40 Mon Sep 17 00:00:00 2001
From: Doron Somech <somdoron@gmail.com>
Date: Fri, 29 Apr 2022 12:12:49 +0300
Subject: [PATCH 08/31] fix: downloading manifest doesn't work for github
 packages

---
 entrypoint.sh | 12 ++++--------
 1 file changed, 4 insertions(+), 8 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index bbeeff8..d12889d 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -94,12 +94,9 @@ EOF
 if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
     export DIGEST=$(cat digest)
 
-    if [ "$REGISTRY" == "ghcr.io" ]; then
-        wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64 | tr -d \\n)" https://ghcr.io/v2/$REPOSITORY/manifests/latest || true
-        export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')"
-    else
-        export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1)
-    fi
+    /kaniko/crane auth login $REGISTRY -u $USERNAME -p $PASSWORD
+
+    export REMOTE=$(crane digest $REGISTRY/${REPOSITORY}:latest)
 
     if [ "$DIGEST" == "$REMOTE" ]; then
         echo "Digest hasn't changed, skipping, $DIGEST"
@@ -108,8 +105,7 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
     fi
 
     echo "Pushing image..."
-
-    /kaniko/crane auth login $REGISTRY -u $USERNAME -p $PASSWORD
+    
     /kaniko/crane push image.tar $IMAGE
 
     if [ ! -z $IMAGE_LATEST ]; then

From c97b90ade310a31002b2783c1c9364140d3a1aba Mon Sep 17 00:00:00 2001
From: Doron Somech <somdoron@gmail.com>
Date: Sat, 30 Apr 2022 18:26:59 +0300
Subject: [PATCH 09/31] chore(deps): update crane to 0.8.0

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 445159b..fc8715f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,7 +13,7 @@ RUN wget -O /kaniko/jq \
     https://github.com/genuinetools/reg/releases/download/v0.16.1/reg-linux-386 && \
     chmod +x /kaniko/reg && \
     wget -O /crane.tar.gz \ 
-    https://github.com/google/go-containerregistry/releases/download/v0.1.1/go-containerregistry_Linux_x86_64.tar.gz && \
+    https://github.com/google/go-containerregistry/releases/download/v0.8.0/go-containerregistry_Linux_x86_64.tar.gz && \
     tar -xvzf /crane.tar.gz crane -C /kaniko && \
     rm /crane.tar.gz
 

From 57fd639926c415a2fa4150ac72230eb5758ff48b Mon Sep 17 00:00:00 2001
From: Doron Somech <somdoron@gmail.com>
Date: Sat, 30 Apr 2022 20:08:50 +0300
Subject: [PATCH 10/31] fix: use version 1.7.0 of kaniko

Version 1.8.0 and above breaks reproducible builds.

https://github.com/GoogleContainerTools/kaniko/issues/2005
---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index fc8715f..2398b0f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:debug
+FROM gcr.io/kaniko-project/executor:v1.7.0-debug
 
 SHELL ["/busybox/sh", "-c"]
 

From 83ddee1c8b2f6e5b22b0985c5b3a8288f76c25b0 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sun, 20 Nov 2022 19:51:16 +0000
Subject: [PATCH 11/31] chore(deps): update gcr.io/kaniko-project/executor
 docker tag to v1.9.1

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 2398b0f..7a3cc1c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:v1.7.0-debug
+FROM gcr.io/kaniko-project/executor:v1.9.1-debug
 
 SHELL ["/busybox/sh", "-c"]
 

From 98d5caab7ff9147af1090b1013511350746e24d1 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sun, 20 Nov 2022 19:51:03 +0000
Subject: [PATCH 12/31] chore(deps): update aevea/commitsar docker digest to
 18c604f

---
 .github/workflows/pr.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 36058e7..827e2de 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -10,4 +10,4 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run commitsar
-        uses: docker://aevea/commitsar@sha256:27ea5e528b153393e924d98764d6400a181f03768d972ba151b3ddc9f14ff12c
+        uses: docker://aevea/commitsar@sha256:18c604faa349035b105bd3706a214d32f0fb87d8b1e9ac7c4b42450579acef33

From 78060c4e9d3a27c9d53824f67fa1b33ddfc2e7e1 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 27 Dec 2022 20:24:46 +0000
Subject: [PATCH 13/31] chore(deps): update aevea/release-notary docker digest
 to b77e86c

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ba7010b..9e97335 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
           fetch-depth: 0
 
       - name: Release Notary Action
-        uses: docker://aevea/release-notary@sha256:03e771a509881121758b05217a8938ca8379d29dfa69a2605ceca06ffca2db4d
+        uses: docker://aevea/release-notary@sha256:b77e86ce9ce4b0c8774cdb3b807b756d1d6139d73aca74388560250de259be4e
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 

From e54575cc707c209f2e99516c23198b604b4e1d93 Mon Sep 17 00:00:00 2001
From: Alex Viscreanu <alexviscreanu@gmail.com>
Date: Thu, 11 Jan 2024 22:02:42 +0100
Subject: [PATCH 14/31] chore(deps): bump kaniko to v1.19.2 and update
 dependencies

---
 Dockerfile | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 7a3cc1c..172249b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,18 +2,18 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:v1.9.1-debug
+FROM gcr.io/kaniko-project/executor:v1.19.2-debug
 
 SHELL ["/busybox/sh", "-c"]
 
 RUN wget -O /kaniko/jq \
-    https://github.com/stedolan/jq/releases/download/jq-1.6/jq-linux64 && \
+    https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux64 && \
     chmod +x /kaniko/jq && \
     wget -O /kaniko/reg \
     https://github.com/genuinetools/reg/releases/download/v0.16.1/reg-linux-386 && \
     chmod +x /kaniko/reg && \
-    wget -O /crane.tar.gz \ 
-    https://github.com/google/go-containerregistry/releases/download/v0.8.0/go-containerregistry_Linux_x86_64.tar.gz && \
+    wget -O /crane.tar.gz \
+    https://github.com/google/go-containerregistry/releases/download/v0.17.0/go-containerregistry_Linux_x86_64.tar.gz && \
     tar -xvzf /crane.tar.gz crane -C /kaniko && \
     rm /crane.tar.gz
 

From ca098255c542127940a1c857bcf1ef428c26fca2 Mon Sep 17 00:00:00 2001
From: Mikhail Nacharov <mike.nacharov@gmail.com>
Date: Wed, 1 Feb 2023 11:28:51 +0400
Subject: [PATCH 15/31] feat: output built image reference

---
 README.md     | 6 ++++++
 action.yml    | 3 +++
 entrypoint.sh | 1 +
 3 files changed, 10 insertions(+)

diff --git a/README.md b/README.md
index 6dff48a..30f8528 100644
--- a/README.md
+++ b/README.md
@@ -175,3 +175,9 @@ with:
 ```
 
 for the tag `pre-0.1` will push `kaniko:0.1`, as the `pre-` part will be stripped from the tag name.
+
+## Outputs
+
+### `image`
+
+Full reference to the built image with registry and tag.
diff --git a/action.yml b/action.yml
index cb313e3..7c51772 100644
--- a/action.yml
+++ b/action.yml
@@ -57,6 +57,9 @@ inputs:
   debug:
     description: Enables trace for entrypoint.sh
     required: false
+outputs:
+  image:
+    description: "Full reference to the built image with registry and tag"
 runs:
   using: "docker"
   image: "Dockerfile"
diff --git a/entrypoint.sh b/entrypoint.sh
index d12889d..5e30e41 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -90,6 +90,7 @@ EOF
 
 # https://github.com/GoogleContainerTools/kaniko/issues/1349
 /kaniko/executor --reproducible --force $ARGS
+echo "image=$IMAGE" >> $GITHUB_OUTPUT
 
 if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
     export DIGEST=$(cat digest)

From 4387eb381c35d67d86822849536a891ea1dcdf55 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 19 Oct 2023 11:12:28 +0000
Subject: [PATCH 16/31] chore(deps): update actions/checkout action to v4

---
 .github/workflows/pr.yml      | 2 +-
 .github/workflows/release.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index 827e2de..bf3fe46 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -6,7 +6,7 @@ jobs:
     runs-on: ubuntu-latest
     name: Verify commit messages
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
         with:
           fetch-depth: 0
       - name: Run commitsar
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9e97335..c6f52fa 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -10,7 +10,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           fetch-depth: 0
 

From 10b098cb525aed8497e905767ad75ad3f1084c09 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Sat, 25 Nov 2023 01:25:47 +0000
Subject: [PATCH 17/31] chore(deps): update aevea/commitsar docker digest to
 8d2db4e

---
 .github/workflows/pr.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index bf3fe46..ba7236d 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -10,4 +10,4 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run commitsar
-        uses: docker://aevea/commitsar@sha256:18c604faa349035b105bd3706a214d32f0fb87d8b1e9ac7c4b42450579acef33
+        uses: docker://aevea/commitsar@sha256:8d2db4e430dd06e3fcde173add43dada80b37150ba1191a69cda1c0bcdba9cb1

From a95ae7d70653e404655e84ccf0e177eb9e1e85bf Mon Sep 17 00:00:00 2001
From: Idriss Neumann <idriss.neumann@comwork.io>
Date: Fri, 24 Jun 2022 12:41:58 +0100
Subject: [PATCH 18/31] fix(kaniko): workaround for passing arguments
 containing spaces

set up input field separator as null and use eval to run kaniko executor
---
 entrypoint.sh | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 5e30e41..0626f1a 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -71,7 +71,7 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
 else
     export DESTINATION="--destination $IMAGE"
     if [ ! -z $IMAGE_LATEST ]; then
-        export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"  
+        export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
     fi
 fi
 
@@ -88,8 +88,13 @@ cat <<EOF >/kaniko/.docker/config.json
 }
 EOF
 
+# https://github.com/GoogleContainerTools/kaniko/issues/1803
 # https://github.com/GoogleContainerTools/kaniko/issues/1349
-/kaniko/executor --reproducible --force $ARGS
+export IFS=''
+kaniko_cmd="/kaniko/executor ${ARGS} --reproducible --force"
+echo "Running kaniko command ${kaniko_cmd}"
+eval "${kaniko_cmd}"
+
 echo "image=$IMAGE" >> $GITHUB_OUTPUT
 
 if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
@@ -106,13 +111,13 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
     fi
 
     echo "Pushing image..."
-    
+
     /kaniko/crane push image.tar $IMAGE
 
     if [ ! -z $IMAGE_LATEST ]; then
         echo "Tagging latest..."
-        /kaniko/crane tag $IMAGE latest  
+        /kaniko/crane tag $IMAGE latest
     fi
- 
+
     echo "Done 🎉️"
 fi

From 17bff7af73609de877334100ef0d9339f8f82c4e Mon Sep 17 00:00:00 2001
From: Mikael Elkiaer <2102306+MikaelElkiaer@users.noreply.github.com>
Date: Tue, 31 Jan 2023 10:35:34 +0100
Subject: [PATCH 19/31] fix(ghcr): omit separator in case image is prefixed
 with dash or slash

this allows local pushing to the repo running the action
---
 entrypoint.sh | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 0626f1a..484eca2 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -36,11 +36,13 @@ ensure "${CONTEXT_PATH}" "path"
 
 if [ "$REGISTRY" == "ghcr.io" ]; then
     IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
-    export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
-    export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
+    # Set `/` separator, unless image is pre-fixed with dash or slash
+    [ -n "$REPOSITORY" ] && [[ ! "$REPOSITORY" =~ ^[-/] ]] && SEPARATOR="/"
+    export IMAGE="$IMAGE_NAMESPACE$SEPARATOR$IMAGE"
+    export REPOSITORY="$IMAGE_NAMESPACE$SEPARATOR$REPOSITORY"
 
     if [ ! -z $IMAGE_LATEST ]; then
-        export IMAGE_LATEST="$IMAGE_NAMESPACE/$IMAGE_LATEST"
+        export IMAGE_LATEST="$IMAGE_NAMESPACE$SEPARATOR$IMAGE_LATEST"
     fi
 
     if [ ! -z $INPUT_CACHE_REGISTRY ]; then

From 81a26cb33ad8c4eb375aff8b83e48a6be4de115a Mon Sep 17 00:00:00 2001
From: Theo Cabrerizo Diem <theo.diem@carpediem.consulting>
Date: Mon, 17 Jul 2023 18:25:29 +0200
Subject: [PATCH 20/31] feat: expand output variables

add output variables for digests and if image was refreshed or not
---
 entrypoint.sh | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 484eca2..6a3fdaf 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -67,9 +67,10 @@ export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY
 export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
 export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
 export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
+export DIGEST="--digest-file /kaniko/digest --image-name-tag-with-digest-file=/kaniko/image-tag-digest"
 
 if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
-    export DESTINATION="--digest-file digest --no-push --tarPath image.tar --destination $IMAGE"
+    export DESTINATION="--no-push --tarPath image.tar --destination $IMAGE"
 else
     export DESTINATION="--destination $IMAGE"
     if [ ! -z $IMAGE_LATEST ]; then
@@ -77,7 +78,7 @@ else
     fi
 fi
 
-export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DESTINATION $INPUT_EXTRA_ARGS"
+export ARGS="$CACHE $CONTEXT $DOCKERFILE $TARGET $DIGEST $DESTINATION $INPUT_EXTRA_ARGS"
 
 cat <<EOF >/kaniko/.docker/config.json
 {
@@ -98,15 +99,18 @@ echo "Running kaniko command ${kaniko_cmd}"
 eval "${kaniko_cmd}"
 
 echo "image=$IMAGE" >> $GITHUB_OUTPUT
+echo "digest=$(cat /kaniko/digest)" >> $GITHUB_OUTPUT
+echo "image-tag-digest=$(cat /kaniko/image-tag-digest)" >> $GITHUB_OUTPUT
 
 if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
-    export DIGEST=$(cat digest)
+    export DIGEST=$(cat /kaniko/digest)
 
     /kaniko/crane auth login $REGISTRY -u $USERNAME -p $PASSWORD
 
     export REMOTE=$(crane digest $REGISTRY/${REPOSITORY}:latest)
 
     if [ "$DIGEST" == "$REMOTE" ]; then
+        echo "refreshed=false" >> $GITHUB_OUTPUT
         echo "Digest hasn't changed, skipping, $DIGEST"
         echo "Done 🎉️"
         exit 0
@@ -121,5 +125,6 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
         /kaniko/crane tag $IMAGE latest
     fi
 
+    echo "refreshed=false" >> $GITHUB_OUTPUT
     echo "Done 🎉️"
 fi

From 4f9a6a7f2caf5b323cf03ebddd672d2c31faf42d Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 18 Jan 2024 00:54:45 +0000
Subject: [PATCH 21/31] chore(deps): update gcr.io/kaniko-project/executor
 docker tag to v1.20.0

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 172249b..8e0f846 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:v1.19.2-debug
+FROM gcr.io/kaniko-project/executor:v1.20.0-debug
 
 SHELL ["/busybox/sh", "-c"]
 

From ec00be49b79f0c04e53d4d962001515f4c67daf5 Mon Sep 17 00:00:00 2001
From: Theo Cabrerizo Diem <theo.diem@carpediem.consulting>
Date: Mon, 17 Jul 2023 18:18:13 +0200
Subject: [PATCH 22/31] refactor: make entrypoint script more posix compliant

remove most of the 'bashisms' in the script, improve quoting, escaping
and make more consistent regarding references to variable names
---
 entrypoint.sh | 87 ++++++++++++++++++++++++++-------------------------
 1 file changed, 44 insertions(+), 43 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 6a3fdaf..e5394e7 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -1,26 +1,26 @@
 #!/busybox/sh
 set -e pipefail
-if [[ "$INPUT_DEBUG" == "true" ]]; then
+if [ "$INPUT_DEBUG" = "true" ]; then
     set -o xtrace
 fi
 
-export REGISTRY=${INPUT_REGISTRY:-"docker.io"}
-export IMAGE=${INPUT_IMAGE}
-export BRANCH=$(echo ${GITHUB_REF} | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g")
-export TAG=${INPUT_TAG:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)}
-export TAG=${TAG:-"latest"}
-export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX}
-export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
-export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
-export REPOSITORY=$IMAGE
-export IMAGE=$IMAGE:$TAG
-export CONTEXT_PATH=${INPUT_PATH}
+export REGISTRY="${INPUT_REGISTRY:-"docker.io"}"
+export IMAGE="$INPUT_IMAGE"
+export BRANCH=$(echo "$GITHUB_REF" | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g")
+export TAG=${INPUT_TAG:-$([ "$BRANCH" = "master" ] && echo latest || echo "$BRANCH")}
+export TAG="${TAG:-"latest"}"
+export TAG="${TAG#$INPUT_STRIP_TAG_PREFIX}"
+export USERNAME="${INPUT_USERNAME:-$GITHUB_ACTOR}"
+export PASSWORD="${INPUT_PASSWORD:-$GITHUB_TOKEN}"
+export REPOSITORY="$IMAGE"
+export IMAGE="${IMAGE}:${TAG}"
+export CONTEXT_PATH="$INPUT_PATH"
 
-if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
-    export IMAGE_LATEST="$REPOSITORY:latest"
+if [ "$INPUT_TAG_WITH_LATEST" = "true" ]; then
+    export IMAGE_LATEST="${REPOSITORY}:latest"
 fi
 
-function ensure() {
+ensure() {
     if [ -z "${1}" ]; then
         echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?"
         exit 1
@@ -34,46 +34,46 @@ ensure "${IMAGE}" "image"
 ensure "${TAG}" "tag"
 ensure "${CONTEXT_PATH}" "path"
 
-if [ "$REGISTRY" == "ghcr.io" ]; then
+if [ "$REGISTRY" = "ghcr.io" ]; then
     IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
     # Set `/` separator, unless image is pre-fixed with dash or slash
     [ -n "$REPOSITORY" ] && [[ ! "$REPOSITORY" =~ ^[-/] ]] && SEPARATOR="/"
     export IMAGE="$IMAGE_NAMESPACE$SEPARATOR$IMAGE"
     export REPOSITORY="$IMAGE_NAMESPACE$SEPARATOR$REPOSITORY"
 
-    if [ ! -z $IMAGE_LATEST ]; then
-        export IMAGE_LATEST="$IMAGE_NAMESPACE$SEPARATOR$IMAGE_LATEST"
+    if [ -n "$IMAGE_LATEST" ]; then
+        export IMAGE_LATEST="${IMAGE_NAMESPACE}/${IMAGE_LATEST}"
     fi
 
-    if [ ! -z $INPUT_CACHE_REGISTRY ]; then
-        export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY"
+    if [ -n "$INPUT_CACHE_REGISTRY" ]; then
+        export INPUT_CACHE_REGISTRY="${REGISTRY}/${IMAGE_NAMESPACE}/${INPUT_CACHE_REGISTRY}"
     fi
 fi
 
-if [ "$REGISTRY" == "docker.io" ]; then
+if [ "$REGISTRY" = "docker.io" ]; then
     export REGISTRY="index.${REGISTRY}/v1/"
 else
-    export IMAGE="$REGISTRY/$IMAGE"
+    export IMAGE="${REGISTRY}/${IMAGE}"
 
-    if [ ! -z $IMAGE_LATEST ]; then
-        export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST"
+    if [ -n "$IMAGE_LATEST" ]; then
+        export IMAGE_LATEST="${REGISTRY}/${IMAGE_LATEST}"
     fi
 fi
 
-export CACHE=${INPUT_CACHE:+"--cache=true"}
-export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
-export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
-export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
+export CACHE="${INPUT_CACHE:+"--cache=true"}"
+export CACHE="$CACHE"${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
+export CACHE="$CACHE"${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
+export CACHE="$CACHE"${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
 export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
 export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
 export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
 export DIGEST="--digest-file /kaniko/digest --image-name-tag-with-digest-file=/kaniko/image-tag-digest"
 
-if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
+if [ -n "$INPUT_SKIP_UNCHANGED_DIGEST" ]; then
     export DESTINATION="--no-push --tarPath image.tar --destination $IMAGE"
 else
     export DESTINATION="--destination $IMAGE"
-    if [ ! -z $IMAGE_LATEST ]; then
+    if [ -n "$IMAGE_LATEST" ]; then
         export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
     fi
 fi
@@ -98,19 +98,20 @@ kaniko_cmd="/kaniko/executor ${ARGS} --reproducible --force"
 echo "Running kaniko command ${kaniko_cmd}"
 eval "${kaniko_cmd}"
 
-echo "image=$IMAGE" >> $GITHUB_OUTPUT
-echo "digest=$(cat /kaniko/digest)" >> $GITHUB_OUTPUT
-echo "image-tag-digest=$(cat /kaniko/image-tag-digest)" >> $GITHUB_OUTPUT
+echo "image=$IMAGE" >> "$GITHUB_OUTPUT"
+echo "digest=$(cat /kaniko/digest)" >> "$GITHUB_OUTPUT"
+echo "image-tag-digest=$(cat /kaniko/image-tag-digest)" >> "$GITHUB_OUTPUT"
 
-if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
-    export DIGEST=$(cat /kaniko/digest)
 
-    /kaniko/crane auth login $REGISTRY -u $USERNAME -p $PASSWORD
+if [ -n "$INPUT_SKIP_UNCHANGED_DIGEST" ]; then
+    export DIGEST="$(cat /kaniko/digest)"
 
-    export REMOTE=$(crane digest $REGISTRY/${REPOSITORY}:latest)
+    /kaniko/crane auth login "$REGISTRY" -u "$USERNAME" -p "$PASSWORD"
 
-    if [ "$DIGEST" == "$REMOTE" ]; then
-        echo "refreshed=false" >> $GITHUB_OUTPUT
+    export REMOTE=$(crane digest "${REGISTRY}/${REPOSITORY}:latest")
+
+    if [ "$DIGEST" = "$REMOTE" ]; then
+        echo "refreshed=false" >> "$GITHUB_OUTPUT"
         echo "Digest hasn't changed, skipping, $DIGEST"
         echo "Done 🎉️"
         exit 0
@@ -118,13 +119,13 @@ if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
 
     echo "Pushing image..."
 
-    /kaniko/crane push image.tar $IMAGE
+    /kaniko/crane push image.tar "$IMAGE"
 
-    if [ ! -z $IMAGE_LATEST ]; then
+    if [ -n "$IMAGE_LATEST" ]; then
         echo "Tagging latest..."
-        /kaniko/crane tag $IMAGE latest
+        /kaniko/crane tag "$IMAGE" latest
     fi
 
-    echo "refreshed=false" >> $GITHUB_OUTPUT
+    echo "refreshed=false" >> "$GITHUB_OUTPUT"
     echo "Done 🎉️"
 fi

From 16c18d6aee7876c41524f5e6f920f76c0a99e7a0 Mon Sep 17 00:00:00 2001
From: Alex Viscreanu <alexviscreanu@gmail.com>
Date: Sat, 20 Jan 2024 11:17:50 +0100
Subject: [PATCH 23/31] ci: fix release notary action

explicitly define entrypoint and args
---
 .github/workflows/release.yml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c6f52fa..1a0ff39 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,6 +18,9 @@ jobs:
         uses: docker://aevea/release-notary@sha256:b77e86ce9ce4b0c8774cdb3b807b756d1d6139d73aca74388560250de259be4e
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          entrypoint: release-notary
+          args: publish
 
       - name: GitHub Package Registry
         uses: aevea/action-kaniko@master

From ef9c4ca42ec4a0b2040edfabda8497286f093b81 Mon Sep 17 00:00:00 2001
From: ykyr <yurii.kyrychynskyi@gmail.com>
Date: Thu, 7 Mar 2024 21:27:08 +0100
Subject: [PATCH 24/31] fix: entrypoint ARGS remove new line

---
 entrypoint.sh | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/entrypoint.sh b/entrypoint.sh
index e5394e7..4ce09ea 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -94,6 +94,8 @@ EOF
 # https://github.com/GoogleContainerTools/kaniko/issues/1803
 # https://github.com/GoogleContainerTools/kaniko/issues/1349
 export IFS=''
+# Removes a trailing new line
+ARGS=$(echo "${ARGS}" | sed 's/\n*$//')
 kaniko_cmd="/kaniko/executor ${ARGS} --reproducible --force"
 echo "Running kaniko command ${kaniko_cmd}"
 eval "${kaniko_cmd}"

From 8de7c88b27e89ec2a3087d3351b2fee0ced7d8f8 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 7 Mar 2024 00:39:15 +0000
Subject: [PATCH 25/31] chore(deps): update gcr.io/kaniko-project/executor
 docker tag to v1.21.1

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 8e0f846..147f951 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:v1.20.0-debug
+FROM gcr.io/kaniko-project/executor:v1.21.1-debug
 
 SHELL ["/busybox/sh", "-c"]
 

From fd47216104790b011ad758b5a793c6df2c860b07 Mon Sep 17 00:00:00 2001
From: Jason Kratz <jason.kratz@wescodist.com>
Date: Thu, 4 Apr 2024 15:36:38 -0500
Subject: [PATCH 26/31] fix: correctly handle multi-line tag digests output

kaniko outputs each tag on a new line, so users that push multiple tags
at once would get an error as the output wasn't prepared to handle multi-line
text
---
 entrypoint.sh | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index 4ce09ea..8a29b69 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -102,7 +102,9 @@ eval "${kaniko_cmd}"
 
 echo "image=$IMAGE" >> "$GITHUB_OUTPUT"
 echo "digest=$(cat /kaniko/digest)" >> "$GITHUB_OUTPUT"
-echo "image-tag-digest=$(cat /kaniko/image-tag-digest)" >> "$GITHUB_OUTPUT"
+echo "image-tag-digest<<EOF" >>"$GITHUB_OUTPUT"
+echo "$(cat /kaniko/image-tag-digest)" >>"$GITHUB_OUTPUT"
+echo 'EOF' >>"$GITHUB_OUTPUT"
 
 
 if [ -n "$INPUT_SKIP_UNCHANGED_DIGEST" ]; then

From 977090a03e2a33a8e917fcf83494c105b052a243 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 3 Apr 2024 09:39:41 +0000
Subject: [PATCH 27/31] chore(deps): update aevea/release-notary docker digest
 to 690915b

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 1a0ff39..4dbe99b 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,7 +15,7 @@ jobs:
           fetch-depth: 0
 
       - name: Release Notary Action
-        uses: docker://aevea/release-notary@sha256:b77e86ce9ce4b0c8774cdb3b807b756d1d6139d73aca74388560250de259be4e
+        uses: docker://aevea/release-notary@sha256:690915bf87458fd8eb1e1ff0be34b33377f920eda3f38b96c62ecbf897c831f4
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

From 12a3a8cc81dbbbee747b7e8a1927156154b47cc8 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 3 Apr 2024 09:39:37 +0000
Subject: [PATCH 28/31] chore(deps): update aevea/commitsar docker digest to
 e4aed72

---
 .github/workflows/pr.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
index ba7236d..cf1202d 100644
--- a/.github/workflows/pr.yml
+++ b/.github/workflows/pr.yml
@@ -10,4 +10,4 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run commitsar
-        uses: docker://aevea/commitsar@sha256:8d2db4e430dd06e3fcde173add43dada80b37150ba1191a69cda1c0bcdba9cb1
+        uses: docker://aevea/commitsar@sha256:e4aed72de9a00b990a53c678ad51fbe9bd04e127a617d10beab0ef0204b1dfa0

From 9223ef89b8302afed279fc956849bfd45d7686d2 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 4 Apr 2024 14:29:59 +0000
Subject: [PATCH 29/31] chore(deps): update gcr.io/kaniko-project/executor
 docker tag to v1.22.0

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 147f951..35a822c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:v1.21.1-debug
+FROM gcr.io/kaniko-project/executor:v1.22.0-debug
 
 SHELL ["/busybox/sh", "-c"]
 

From 58af85fb137af1cf493b130f5416170be56f2959 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 17 Oct 2024 08:34:15 +0000
Subject: [PATCH 30/31] chore(deps): update gcr.io/kaniko-project/executor
 docker tag to v1.23.2

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 35a822c..2c0fd25 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -2,7 +2,7 @@ FROM alpine as certs
 
 RUN apk --update add ca-certificates
 
-FROM gcr.io/kaniko-project/executor:v1.22.0-debug
+FROM gcr.io/kaniko-project/executor:v1.23.2-debug
 
 SHELL ["/busybox/sh", "-c"]
 

From be5ce625a52485739db88cc75ebb8a9f8d269bd4 Mon Sep 17 00:00:00 2001
From: Alex Viscreanu <alexviscreanu@gmail.com>
Date: Thu, 7 Nov 2024 19:00:36 +0100
Subject: [PATCH 31/31] docs: add warning about kaniko lacking maintainers

---
 README.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/README.md b/README.md
index 30f8528..56d6940 100644
--- a/README.md
+++ b/README.md
@@ -1,5 +1,8 @@
 # Kaniko image builder
 
+> [!WARNING]  
+> The kaniko project no longer seems to [have maintainers](https://github.com/GoogleContainerTools/kaniko/issues/3348). Keep this in mind before deciding to use kaniko as your image builder.
+
 This Action uses the [kaniko](https://github.com/GoogleContainerTools/kaniko) executor instead of the docker daemon. Kaniko builds the image
 by extracting the filesystem of the base image, making the changes in the user space, snapshotting any change and appending it to the base
 image filesystem.