128 lines
6.6 KiB
Markdown
128 lines
6.6 KiB
Markdown
<p align="center">
|
|
<a href="https://odit.services" target="blank"><img src="https://odit.services/img/profile-pic-no_bg.webp" width="200" alt="ODIT Logo" /></a>
|
|
</p>
|
|
<h1 align="center">Drone Kaniko</h1>
|
|
|
|
![](https://img.shields.io/badge/renovate-enabled-brightgreen?style=for-the-badge&logo=data:image/svg+xml;base64,PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAwMC9zdmciIHZpZXdCb3g9IjUgNSAzNzAgMzcwIj48Y2lyY2xlIGN4PSIxODkiIGN5PSIxOTAiIHI9IjE4NCIgZmlsbD0iI2ZlMiIvPjxwYXRoIGZpbGw9IiM4YmIiIGQ9Ik0yNTEgMjU2bC0zOC0zOGExNyAxNyAwIDAxMC0yNGw1Ni01NmMyLTIgMi02IDAtN2wtMjAtMjFhNSA1IDAgMDAtNyAwbC0xMyAxMi05LTggMTMtMTNhMTcgMTcgMCAwMTI0IDBsMjEgMjFjNyA3IDcgMTcgMCAyNGwtNTYgNTdhNSA1IDAgMDAwIDdsMzggMzh6Ii8+PHBhdGggZmlsbD0iI2Q1MSIgZD0iTTMwMCAyODhsLTggOGMtNCA0LTExIDQtMTYgMGwtNDYtNDZjLTUtNS01LTEyIDAtMTZsOC04YzQtNCAxMS00IDE1IDBsNDcgNDdjNCA0IDQgMTEgMCAxNXoiLz48cGF0aCBmaWxsPSIjYjMwIiBkPSJNMjg1IDI1OGw3IDdjNCA0IDQgMTEgMCAxNWwtOCA4Yy00IDQtMTEgNC0xNiAwbC02LTdjNCA1IDExIDUgMTUgMGw4LTdjNC01IDQtMTIgMC0xNnoiLz48cGF0aCBmaWxsPSIjYTMwIiBkPSJNMjkxIDI2NGw4IDhjNCA0IDQgMTEgMCAxNmwtOCA3Yy00IDUtMTEgNS0xNSAwbC05LThjNSA1IDEyIDUgMTYgMGw4LThjNC00IDQtMTEgMC0xNXoiLz48cGF0aCBmaWxsPSIjZTYyIiBkPSJNMjYwIDIzM2wtNC00Yy02LTYtMTctNi0yMyAwLTcgNy03IDE3IDAgMjRsNCA0Yy00LTUtNC0xMSAwLTE2bDgtOGM0LTQgMTEtNCAxNSAweiIvPjxwYXRoIGZpbGw9IiNiNDAiIGQ9Ik0yODQgMzA0Yy00IDAtOC0xLTExLTRsLTQ3LTQ3Yy02LTYtNi0xNiAwLTIybDgtOGM2LTYgMTYtNiAyMiAwbDQ3IDQ2YzYgNyA2IDE3IDAgMjNsLTggOGMtMyAzLTcgNC0xMSA0em0tMzktNzZjLTEgMC0zIDAtNCAybC04IDdjLTIgMy0yIDcgMCA5bDQ3IDQ3YTYgNiAwIDAwOSAwbDctOGMzLTIgMy02IDAtOWwtNDYtNDZjLTItMi0zLTItNS0yeiIvPjxwYXRoIGZpbGw9IiMxY2MiIGQ9Ik0xNTIgMTEzbDE4LTE4IDE4IDE4LTE4IDE4em0xLTM1bDE4LTE4IDE4IDE4LTE4IDE4em0tOTAgODlsMTgtMTggMTggMTgtMTggMTh6bTM1LTM2bDE4LTE4IDE4IDE4LTE4IDE4eiIvPjxwYXRoIGZpbGw9IiMxZGQiIGQ9Ik0xMzQgMTMxbDE4LTE4IDE4IDE4LTE4IDE4em0tMzUgMzZsMTgtMTggMTggMTgtMTggMTh6Ii8+PHBhdGggZmlsbD0iIzJiYiIgZD0iTTExNiAxNDlsMTgtMTggMTggMTgtMTggMTh6bTU0LTU0bDE4LTE4IDE4IDE4LTE4IDE4em0tODkgOTBsMTgtMTggMTggMTgtMTggMTh6bTEzOS04NWwyMyAyM2M0IDQgNCAxMSAwIDE2TDE0MiAyNDBjLTQgNC0xMSA0LTE1IDBsLTI0LTI0Yy00LTQtNC0xMSAwLTE1bDEwMS0xMDFjNS01IDEyLTUgMTYgMHoiLz48cGF0aCBmaWxsPSIjM2VlIiBkPSJNMTM0IDk1bDE4LTE4IDE4IDE4LTE4IDE4em0tNTQgMThsMTgtMTcgMTggMTctMTggMTh6bTU1LTUzbDE4LTE4IDE4IDE4LTE4IDE4em05MyA0OGwtOC04Yy00LTUtMTEtNS0xNiAwTDEwMyAyMDFjLTQgNC00IDExIDAgMTVsOCA4Yy00LTQtNC0xMSAwLTE1bDEwMS0xMDFjNS00IDEyLTQgMTYgMHoiLz48cGF0aCBmaWxsPSIjOWVlIiBkPSJNMjcgMTMxbDE4LTE4IDE4IDE4LTE4IDE4em01NC01M2wxOC0xOCAxOCAxOC0xOCAxOHoiLz48cGF0aCBmaWxsPSIjMGFhIiBkPSJNMjMwIDExMGwxMyAxM2M0IDQgNCAxMSAwIDE2TDE0MiAyNDBjLTQgNC0xMSA0LTE1IDBsLTEzLTEzYzQgNCAxMSA0IDE1IDBsMTAxLTEwMWM1LTUgNS0xMSAwLTE2eiIvPjxwYXRoIGZpbGw9IiMxYWIiIGQ9Ik0xMzQgMjQ4Yy00IDAtOC0yLTExLTVsLTIzLTIzYTE2IDE2IDAgMDEwLTIzTDIwMSA5NmExNiAxNiAwIDAxMjIgMGwyNCAyNGM2IDYgNiAxNiAwIDIyTDE0NiAyNDNjLTMgMy03IDUtMTIgNXptNzgtMTQ3bC00IDItMTAxIDEwMWE2IDYgMCAwMDAgOWwyMyAyM2E2IDYgMCAwMDkgMGwxMDEtMTAxYTYgNiAwIDAwMC05bC0yNC0yMy00LTJ6Ii8+PC9zdmc+) ![Drone (self-hosted) with branch](https://img.shields.io/drone/build/odit/drone-kaniko/main?server=https%3A%2F%2Fci.odit.services&style=for-the-badge&logo=drone)
|
|
|
|
|
|
A thin shim-wrapper around the official [Google Kaniko](https://cloud.google.com/blog/products/gcp/introducing-kaniko-build-container-images-in-kubernetes-and-google-container-builder-even-without-root-access) Docker image to make it behave like the [Drone Docker plugin](http://plugins.drone.io/drone-plugins/drone-docker/).
|
|
|
|
Based on the original [drone-kaniko](https://github.com/banzaicloud/drone-kaniko) by [Banzai Cloud](https://github.com/banzaicloud)
|
|
Modified by [ODIT.Services](https://odit.services) to enable local builds to tar.
|
|
|
|
|
|
## Settings 🛠️
|
|
* `registry`: Your registry (defaults to docker hub)
|
|
* `repo`: The image repository
|
|
* `tags`: The image tags (as a simple string or an array)
|
|
* `username`: Username for the chosen docker registry
|
|
* `password`: Password for the chosen docker registry
|
|
* `nopush`: Disable Pushing to registry (boolean)
|
|
* `tarpath`: Export the image to tar (relative path)
|
|
* `cache`: Use cached intermediate containers (boolean)
|
|
* `newrun`: Use the experimental run implementation for detecting changes without requiring file system snapshots. (boolean)
|
|
* `snapshot_mode`: Set how kaniko will snapshot the filesystem (full,redo,time).
|
|
* `skip_tls_verify`: Skip SSL/TLS certificate verification (boolean)
|
|
* `build_args`: Pass custom arguments to docker build
|
|
* `build_args_from_env`: Pass the envvars as custom arguments to docker build
|
|
* `json_key`: Provide registry auth data via json_key (mostly for gcr)
|
|
* `auto_tag`: generate tag names automatically based on git branch and git tag
|
|
|
|
## Examples
|
|
|
|
```yaml
|
|
kind: pipeline
|
|
name: default
|
|
|
|
steps:
|
|
- name: publish
|
|
image: registry.odit.services/library/drone-kaniko
|
|
settings:
|
|
registry: registry.example.com # if not provided index.docker.io is supposed
|
|
repo: registry.example.com/example-project
|
|
tags: ${DRONE_COMMIT_SHA}
|
|
cache: true
|
|
skip_tls_verify: false # set to true for testing registries ONLY with self-signed certs
|
|
build_args:
|
|
- COMMIT_SHA=${DRONE_COMMIT_SHA}
|
|
- COMMIT_AUTHOR_EMAIL=${DRONE_COMMIT_AUTHOR_EMAIL}
|
|
username:
|
|
from_secret: docker-username
|
|
password:
|
|
from_secret: docker-password
|
|
```
|
|
|
|
Pushing to GCR:
|
|
|
|
```yaml
|
|
kind: pipeline
|
|
name: default
|
|
|
|
steps:
|
|
- name: publish
|
|
image: registry.odit.services/library/drone-kaniko
|
|
settings:
|
|
registry: gcr.io
|
|
repo: example.com/example-project
|
|
tags: ${DRONE_COMMIT_SHA}
|
|
cache: true
|
|
json_key:
|
|
from_secret: google-application-credentials
|
|
```
|
|
|
|
## Use `.tags` file for tagging
|
|
|
|
Similarily to official
|
|
[drone-docker](https://github.com/drone-plugins/drone-docker) plugin you can use
|
|
`.tags` file to embed some custom logic for creating tags for an image.
|
|
|
|
```yaml
|
|
kind: pipeline
|
|
name: default
|
|
|
|
steps:
|
|
- name: build
|
|
image: golang
|
|
commands:
|
|
- go get
|
|
- go build
|
|
- make versiontags > .tags
|
|
- name: publish
|
|
image: registry.odit.services/library/drone-kaniko
|
|
settings:
|
|
registry: registry.example.com
|
|
repo: registry.example.com/example-project
|
|
# tags: ${DRONE_COMMIT_SHA} <= it must be left undefined
|
|
username:
|
|
from_secret: docker-username
|
|
password:
|
|
from_secret: docker-password
|
|
```
|
|
|
|
## Auto tag
|
|
|
|
Set `auto_tag: true`.
|
|
|
|
```yaml
|
|
kind: pipeline
|
|
name: default
|
|
|
|
steps:
|
|
- name: build
|
|
image: golang
|
|
commands:
|
|
- go get
|
|
- go build
|
|
- name: publish
|
|
image: registry.odit.services/library/drone-kaniko
|
|
settings:
|
|
registry: registry.example.com
|
|
repo: registry.example.com/example-project
|
|
auto_tag: true # higher priority then .tags file
|
|
# tags: ${DRONE_COMMIT_SHA} <= it must be left undefined to use auto_tag
|
|
username:
|
|
from_secret: docker-username
|
|
password:
|
|
from_secret: docker-password
|
|
``` |