2024-01-12 23:22:01 +01:00
# plugin-kaniko
2018-11-21 15:45:09 +01:00
2024-01-12 23:22:01 +01:00
A thin shim-wrapper around the official [Google Kaniko ](https://cloud.google.com/blog/products/gcp/introducing-kaniko-build-container-images-in-kubernetes-and-google-container-builder-even-without-root-access ) Docker image to make it behave similar to the [Woodpecker Docker Buildx ](https://woodpecker-ci.org/plugins/Docker%20Buildx ) plugin.
2018-11-21 15:45:09 +01:00
2024-01-12 23:22:01 +01:00
Example `.woodpecker.yaml` :
2019-01-07 17:35:43 -05:00
```yaml
steps:
- name: publish
2024-01-12 23:22:01 +01:00
image: woodpeckerci/plugin-kaniko
2019-01-07 17:35:43 -05:00
settings:
2024-01-12 23:22:01 +01:00
registry: registry.example.com # if not provided index.docker.io is used
2019-01-07 17:35:43 -05:00
repo: registry.example.com/example-project
2024-01-12 23:22:01 +01:00
tags: ${CI_COMMIT_SHA}
2019-01-07 17:35:43 -05:00
cache: true
2019-08-05 15:32:48 +02:00
skip_tls_verify: false # set to true for testing registries ONLY with self-signed certs
2019-01-07 17:35:43 -05:00
build_args:
2024-01-12 23:22:01 +01:00
- COMMIT_SHA=${CI_COMMIT_SHA}
- COMMIT_AUTHOR_EMAIL=${CI_COMMIT_AUTHOR_EMAIL}
2019-01-07 17:35:43 -05:00
username:
from_secret: docker-username
password:
from_secret: docker-password
```
2019-06-01 15:00:26 +02:00
Pushing to GCR:
```yaml
steps:
- name: publish
2024-01-12 23:22:01 +01:00
image: woodpeckerci/plugin-kaniko
2019-06-01 15:00:26 +02:00
settings:
2019-06-02 13:31:57 +02:00
registry: gcr.io
repo: example.com/example-project
2024-01-12 23:22:01 +01:00
tags: ${CI_COMMIT_SHA}
2019-06-01 15:00:26 +02:00
cache: true
2019-06-02 13:31:57 +02:00
json_key:
2019-06-01 15:00:26 +02:00
from_secret: google-application-credentials
```
2019-08-05 16:31:58 +02:00
## Use `.tags` file for tagging
2024-01-12 23:22:01 +01:00
Similarily to [Woodpecker Docker Buildx Plugin ](https://woodpecker-ci.org/plugins/Docker%20Buildx )
you can use `.tags` file to embed some custom logic for creating tags for an image.
2019-08-05 16:31:58 +02:00
```yaml
steps:
- name: build
image: golang
commands:
2024-01-12 22:13:24 +01:00
- go get
2019-08-05 16:31:58 +02:00
- go build
- make versiontags > .tags
- name: publish
2024-01-12 23:22:01 +01:00
image: woodpeckerci/plugin-kaniko
2019-08-05 16:31:58 +02:00
settings:
2024-01-12 22:13:24 +01:00
registry: registry.example.com
2019-08-05 16:31:58 +02:00
repo: registry.example.com/example-project
2024-01-12 23:22:01 +01:00
# tags: ${CI_COMMIT_SHA} < = it must be left undefined
2019-08-05 16:31:58 +02:00
username:
from_secret: docker-username
password:
from_secret: docker-password
```
2019-11-04 22:45:51 +08:00
## Auto tag
Set `auto_tag: true` .
```yaml
steps:
- name: build
image: golang
commands:
2024-01-12 22:13:24 +01:00
- go get
2019-11-04 22:45:51 +08:00
- go build
- name: publish
2024-01-12 23:22:01 +01:00
image: woodpeckerci/plugin-kaniko
2019-11-04 22:45:51 +08:00
settings:
2024-01-12 22:13:24 +01:00
registry: registry.example.com
2019-11-04 22:45:51 +08:00
repo: registry.example.com/example-project
auto_tag: true # higher priority then .tags file
2024-01-12 23:22:01 +01:00
# tags: ${CI_COMMIT_SHA} < = it must be left undefined to use auto_tag
2019-11-04 22:45:51 +08:00
username:
from_secret: docker-username
password:
from_secret: docker-password
```
2018-11-24 17:29:40 +01:00
## Test that it can build
2018-11-21 15:45:09 +01:00
```bash
2024-01-12 23:22:01 +01:00
docker run -it --rm -w /src -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=woodpeckerci/plugin-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test woodpeckerci/plugin-kaniko
2018-11-21 15:45:09 +01:00
```
2018-11-25 15:59:05 +01:00
## Test that caching works
Start a Docker registry at 127.0.0.1:5000:
```bash
docker run -d -p 5000:5000 --restart always --name registry --hostname registry.local registry:2
```
Add the following lines to plugin.sh's final command and build a new image from it:
```diff
+ --cache=true \
+ --cache-repo=127.0.0.1:5000/${PLUGIN_REPO} \
```
```bash
2024-01-12 23:22:01 +01:00
docker build -t woodpeckerci/plugin-kaniko .
2018-11-25 15:59:05 +01:00
```
Warm up the alpine image to the cache:
```bash
2019-06-01 14:09:24 +02:00
docker run -v $PWD:/cache gcr.io/kaniko-project/warmer:latest --verbosity=debug --image=alpine:3.8
2018-11-25 15:59:05 +01:00
```
2019-06-01 15:00:26 +02:00
Run the builder (on the host network to be able to access the registry, if any specified) with mounting the local disk cache, this example pushes to Docker Hub:
2018-11-25 15:59:05 +01:00
```bash
2024-01-12 23:22:01 +01:00
docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=woodpeckerci/plugin-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true woodpeckerci/plugin-kaniko
2018-11-25 15:59:05 +01:00
```
2019-06-01 15:00:26 +02:00
The very same example just pushing to GCR instead of Docker Hub:
```bash
2024-01-12 23:22:01 +01:00
docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_REGISTRY=gcr.io -e PLUGIN_REPO=paas-dev1/kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true -e PLUGIN_JSON_KEY="$(< $HOME/google-application-credentials.json)" woodpeckerci/plugin-kaniko
2019-06-01 15:00:26 +02:00
```