nyyu/plugin-kaniko
Archived
1
0
Fork 0
Code Issues 1 Pull Requests 3 Packages Projects Releases Wiki Activity

add support for gcr registries

Browse Source
This commit is contained in:
Nandor Kracser 2019-06-01 15:00:26 +02:00 committed by Nándor István Krácser
parent 9d134a40f2
commit 71dd35e3ec
2 changed files with 35 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
README.md
View File

@ -2,7 +2,7 @@
A thin shim-wrapper around the official [Google Kaniko](https://cloud.google.com/blog/products/gcp/introducing-kaniko-build-container-images-in-kubernetes-and-google-container-builder-even-without-root-access) Docker image to make it behave like the [Drone Docker plugin](http://plugins.drone.io/drone-plugins/drone-docker/). A thin shim-wrapper around the official [Google Kaniko](https://cloud.google.com/blog/products/gcp/introducing-kaniko-build-container-images-in-kubernetes-and-google-container-builder-even-without-root-access) Docker image to make it behave like the [Drone Docker plugin](http://plugins.drone.io/drone-plugins/drone-docker/).
Example .drone.yml for Drone 1.0 Example .drone.yml for Drone 1.0 (pushing to Docker Hub):
```yaml ```yaml
kind: pipeline kind: pipeline
@ -25,6 +25,23 @@ steps:
from_secret: docker-password from_secret: docker-password
``` ```
Pushing to GCR:
```yaml
kind: pipeline
name: default
steps:
- name: publish
image: banzaicloud/drone-kaniko
settings:
repo: gcr.io/example.com/example-project
tags: ${DRONE_COMMIT_SHA}
cache: true
google_application_credentials:
from_secret: google-application-credentials
```
## Test that it can build ## Test that it can build
```bash ```bash
@ -58,8 +75,14 @@ docker run -v $PWD:/cache gcr.io/kaniko-project/warmer:latest --verbosity=debug
``` ```
Run the builder on the host network to be able to access the registry and the local disk cache: Run the builder (on the host network to be able to access the registry, if any specified) with mounting the local disk cache, this example pushes to Docker Hub:
```bash ```bash
docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=banzaicloud/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true banzaicloud/drone-kaniko docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=banzaicloud/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true banzaicloud/drone-kaniko
``` ```
The very same example just pushing to GCR instead of Docker Hub:
```bash
docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_REPO=gcr.io/banzaicloud/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true -e PLUGIN_GOOGLE_APPLICATION_CREDENTIALS="$(<$HOME/google-application-credentials.json)" banzaicloud/drone-kaniko
```

13
plugin.sh
View File

@ -4,11 +4,12 @@ set -euo pipefail
export PATH=$PATH:/kaniko/ export PATH=$PATH:/kaniko/
DOCKER_AUTH=`echo -n "${PLUGIN_USERNAME}:${PLUGIN_PASSWORD}" | base64 | tr -d "\n"` if [ "${PLUGIN_USERNAME:-}" ] || [ "${PLUGIN_PASSWORD:-}" ]; then
DOCKER_AUTH=`echo -n "${PLUGIN_USERNAME}:${PLUGIN_PASSWORD}" | base64 | tr -d "\n"`
REGISTRY=${PLUGIN_REGISTRY:-https://index.docker.io/v1/} REGISTRY=${PLUGIN_REGISTRY:-https://index.docker.io/v1/}
cat > /kaniko/.docker/config.json <<DOCKERJSON cat > /kaniko/.docker/config.json <<DOCKERJSON
{ {
"auths": { "auths": {
"${REGISTRY}": { "${REGISTRY}": {
@ -17,6 +18,12 @@ cat > /kaniko/.docker/config.json <<DOCKERJSON
} }
} }
DOCKERJSON DOCKERJSON
fi
if [ "${PLUGIN_GOOGLE_APPLICATION_CREDENTIALS:-}" ];then
echo "${PLUGIN_GOOGLE_APPLICATION_CREDENTIALS}" > /kaniko/gcr.json
export GOOGLE_APPLICATION_CREDENTIALS=/kaniko/gcr.json
fi
DOCKERFILE=${PLUGIN_DOCKERFILE:-Dockerfile} DOCKERFILE=${PLUGIN_DOCKERFILE:-Dockerfile}
CONTEXT=${PLUGIN_CONTEXT:-$PWD} CONTEXT=${PLUGIN_CONTEXT:-$PWD}