snoopy/action-kaniko
1
0
Fork 0
mirror of https://github.com/aevea/action-kaniko.git synced 2025-01-30 22:09:37 +01:00
Code Releases Activity
action-kaniko/entrypoint.sh
Doron Somech 79ed56ad90 feat: Add tag_with_latest option for tagging with latest additionally 
When skipping the push on unchanged digests, it's not enough to push the current tag,
which is probably semver, we also need to push the latest, so we can later check if
the latest digest equals the currently built image
2020-06-22 08:18:11 +02:00

114 lines
3.5 KiB
Bash
Executable file
Raw Blame History

#!/busybox/sh
set -e pipefail
export REGISTRY=${INPUT_REGISTRY:-"docker.io"}
export IMAGE=${INPUT_IMAGE}
export BRANCH=$(echo ${GITHUB_REF} | sed -E "s/refs\/(heads|tags)\///g" | sed -e "s/\//-/g")
export TAG=${INPUT_TAG:-$([ "$BRANCH" == "master" ] && echo latest || echo $BRANCH)}
export TAG=${TAG:-"latest"}
export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX}
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
export REPOSITORY=$IMAGE
export IMAGE_LATEST=${INPUT_TAG_WITH_LATEST:+"$IMAGE:latest"}
export IMAGE=$IMAGE:$TAG
export CONTEXT_PATH=${INPUT_PATH}
function ensure() {
if [ -z "${1}" ]; then
echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?"
exit 1
fi
}
ensure "${REGISTRY}" "registry"
ensure "${USERNAME}" "username"
ensure "${PASSWORD}" "password"
ensure "${IMAGE}" "image"
ensure "${TAG}" "tag"
ensure "${CONTEXT_PATH}" "path"
if [ "$REGISTRY" == "docker.pkg.github.com" ]; then
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$IMAGE_NAMESPACE/$IMAGE_LATEST"
fi
if [ ! -z $INPUT_CACHE_REGISTRY ]; then
export INPUT_CACHE_REGISTRY="$REGISTRY/$IMAGE_NAMESPACE/$INPUT_CACHE_REGISTRY"
fi
fi
if [ "$REGISTRY" == "docker.io" ]; then
export REGISTRY="index.${REGISTRY}/v1/"
else
export IMAGE="$REGISTRY/$IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export IMAGE_LATEST="$REGISTRY/$IMAGE_LATEST"
fi
fi
export CACHE=${INPUT_CACHE:+"--cache=true"}
export CACHE=$CACHE${INPUT_CACHE_TTL:+" --cache-ttl=$INPUT_CACHE_TTL"}
export CACHE=$CACHE${INPUT_CACHE_REGISTRY:+" --cache-repo=$INPUT_CACHE_REGISTRY"}
export CACHE=$CACHE${INPUT_CACHE_DIRECTORY:+" --cache-dir=$INPUT_CACHE_DIRECTORY"}
export CONTEXT="--context $GITHUB_WORKSPACE/$CONTEXT_PATH"
export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DESTINATION="--no-push --digest-file digest"
else
export DESTINATION="--destination $IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
fi
fi
export ARGS="$CACHE $CONTEXT $DOCKERFILE $DESTINATION $INPUT_EXTRA_ARGS"
cat <<EOF >/kaniko/.docker/config.json
{
"auths": {
"https://${REGISTRY}": {
"username": "${USERNAME}",
"password": "${PASSWORD}"
}
}
}
EOF
/kaniko/executor --reproducible $ARGS
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DIGEST=$(cat digest)
if [ "$REGISTRY" == "docker.pkg.github.com" ]; then
wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64)" https://docker.pkg.github.com/v2/$REPOSITORY/manifests/latest || true
export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')"
else
export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1)
fi
if [ "$DIGEST" == "$REMOTE" ]; then
echo "Digest hasn't changed, skipping, $DIGEST"
echo "Done 🎉️"
exit 0
fi
export DESTINATION="--destination $IMAGE"
if [ ! -z $IMAGE_LATEST ]; then
export DESTINATION="$DESTINATION --destination $IMAGE_LATEST"
fi
export ARGS="$CACHE $CONTEXT $DOCKERFILE $DESTINATION $INPUT_EXTRA_ARGS"
echo "Pushing image..."
/kaniko/executor --reproducible $ARGS >/dev/null 2>&1
echo "Done 🎉️"
fi
View git blame Copy permalink