action/kaniko
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Activity

Compare commits

base: action:v0.6.1
Branches Tags
action:master action:renovate/gcr.io-kaniko-project-executor-1.x
action:v0.11.0 action:v0.10.0 action:v0.9.0 action:v0.8.0 action:v0.7.1 action:v0.7.0 action:v0.6.2 action:v0.6.1 action:v0.6.0 action:v0.5.1 action:v0.5.0 action:v0.4.0 action:v0.3.2 action:v0.3.1 action:v0.3 action:v0.2.1 action:v0.2 action:v0.1
..
compare: action:v0.7.1
Branches Tags
action:renovate/gcr.io-kaniko-project-executor-1.x action:master
action:v0.11.0 action:v0.10.0 action:v0.9.0 action:v0.8.0 action:v0.7.1 action:v0.7.0 action:v0.6.2 action:v0.6.1 action:v0.6.0 action:v0.5.1 action:v0.5.0 action:v0.4.0 action:v0.3.2 action:v0.3.1 action:v0.3 action:v0.2.1 action:v0.2 action:v0.1

11 Commits
v0.6.1 ... v0.7.1

Author SHA1 Message Date
Alex
a5055cd007 docs: update references to github's package registry host 2022-02-21 15:27:55 +01:00
Alex
3e397648f8 fix(ci): use updated github container registry host 2022-02-21 15:25:01 +01:00
Alex Viscreanu
dc591110cc fix: update github container registry host 2022-02-21 15:21:10 +01:00
Julien Semaan
8e9a423400 fix: tag with latest only when its config is true 2022-01-24 10:46:25 +01:00
Alex Viscreanu
f16a14fc0f fix(ci): fetch all necessary commits for commitsar and release notary 2022-01-24 10:45:57 +01:00
Renovate Bot
8bd3e02fd2 chore(deps): update actions/checkout action to v2 2022-01-24 10:13:55 +01:00
Renovate Bot
571e42aef3 chore(deps): update aevea/release-notary docker digest to 8b26ced 2022-01-24 10:11:09 +01:00
Renovate Bot
e846d42497 chore(deps): update aevea/commitsar docker digest to b77adeb 2022-01-24 10:04:50 +01:00
Renovate Bot
b7f0f661e3 chore(deps): update aevea/release-notary docker digest to fad8346 2022-01-24 10:04:40 +01:00
Dmitry Tsoy
7033a0543d fix: long base64 string may contain new-line 
if the base64 string has more than 76 characters, it is wrapped with \n
 2022-01-24 10:03:08 +01:00
Doron Somech
e03153c634 fix: don't push image when skip_unchanged_digest is set 
Kaniko default behavior changed, `--tarPath` alone is not enough to skip the push to registry, `--no-push` is now required as well.

Reference:
GoogleContainerTools/kaniko#1503
 2021-09-21 11:52:28 +02:00
5 changed files with 22 additions and 15 deletions
Expand all files Collapse all files

6
.github/workflows/pr.yml vendored
View File

@@ -6,6 +6,8 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
name: Verify commit messages name: Verify commit messages
steps: steps:
- uses: actions/checkout@v1 - uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Run commitsar - name: Run commitsar
uses: docker://aevea/commitsar@sha256:caf5539dd03309a539906c7ad45c2ecc0ae86a1ee2bf5dc538d7986c523526f3 uses: docker://aevea/commitsar@sha256:b77adebc0437d4f2bfdf9205a39003e88acbc77a9176fd086b386207a5f3f5cb

2
.github/workflows/push.yml vendored
View File

@@ -11,7 +11,7 @@ jobs:
- name: GitHub Package Registry - name: GitHub Package Registry
uses: aevea/action-kaniko@master uses: aevea/action-kaniko@master
with: with:
registry: docker.pkg.github.com registry: ghcr.io
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
image: kaniko image: kaniko
cache: true cache: true

8
.github/workflows/release.yml vendored
View File

@@ -10,17 +10,19 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@v1 uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Release Notary Action - name: Release Notary Action
uses: docker://aevea/release-notary@sha256:5eef3c539deb5397457a6acf001ef80df6004ec52bc4b8a0eac0577ad92759d0 uses: docker://aevea/release-notary@sha256:8b26ced466da96b23a947d5c9e58baac22ee1192fd08200011e5b178f42118a0
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- name: GitHub Package Registry - name: GitHub Package Registry
uses: aevea/action-kaniko@master uses: aevea/action-kaniko@master
with: with:
registry: docker.pkg.github.com registry: ghcr.io
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
image: kaniko image: kaniko
cache: true cache: true

8
README.md
View File

@@ -83,7 +83,7 @@ with:
cache_registry: aevea/cache cache_registry: aevea/cache
``` ```
### [docker.pkg.github.com](https://github.com/features/packages) ### [ghcr.io](https://github.com/features/packages)
GitHub's docker registry is a bit special. It doesn't allow top-level images, so this action will prefix any image with the GitHub namespace. GitHub's docker registry is a bit special. It doesn't allow top-level images, so this action will prefix any image with the GitHub namespace.
If you want to push your image like `aevea/action-kaniko/kaniko`, you'll only need to pass `kaniko` to this action. If you want to push your image like `aevea/action-kaniko/kaniko`, you'll only need to pass `kaniko` to this action.
@@ -93,7 +93,7 @@ passed by default, it will have to be explicitly set up.
```yaml ```yaml
with: with:
registry: docker.pkg.github.com registry: ghcr.io
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
image: kaniko image: kaniko
``` ```
@@ -104,7 +104,7 @@ cache layers to that image instead
```yaml ```yaml
with: with:
registry: docker.pkg.github.com registry: ghcr.io
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
image: kaniko image: kaniko
cache: true cache: true
@@ -167,7 +167,7 @@ Example:
```yaml ```yaml
with: with:
registry: docker.pkg.github.com registry: ghcr.io
password: ${{ secrets.GITHUB_TOKEN }} password: ${{ secrets.GITHUB_TOKEN }}
image: kaniko image: kaniko
strip_tag_prefix: pre- strip_tag_prefix: pre-

13
entrypoint.sh
View File

@@ -10,10 +10,13 @@ export TAG=${TAG#$INPUT_STRIP_TAG_PREFIX}
export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR} export USERNAME=${INPUT_USERNAME:-$GITHUB_ACTOR}
export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN} export PASSWORD=${INPUT_PASSWORD:-$GITHUB_TOKEN}
export REPOSITORY=$IMAGE export REPOSITORY=$IMAGE
export IMAGE_LATEST=${INPUT_TAG_WITH_LATEST:+"$IMAGE:latest"}
export IMAGE=$IMAGE:$TAG export IMAGE=$IMAGE:$TAG
export CONTEXT_PATH=${INPUT_PATH} export CONTEXT_PATH=${INPUT_PATH}
if [[ "$INPUT_TAG_WITH_LATEST" == "true" ]]; then
export IMAGE_LATEST="$IMAGE:latest"
fi
function ensure() { function ensure() {
if [ -z "${1}" ]; then if [ -z "${1}" ]; then
echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?" echo >&2 "Unable to find the ${2} variable. Did you set with.${2}?"
@@ -28,7 +31,7 @@ ensure "${IMAGE}" "image"
ensure "${TAG}" "tag" ensure "${TAG}" "tag"
ensure "${CONTEXT_PATH}" "path" ensure "${CONTEXT_PATH}" "path"
if [ "$REGISTRY" == "docker.pkg.github.com" ]; then if [ "$REGISTRY" == "ghcr.io" ]; then
IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')" IMAGE_NAMESPACE="$(echo $GITHUB_REPOSITORY | tr '[:upper:]' '[:lower:]')"
export IMAGE="$IMAGE_NAMESPACE/$IMAGE" export IMAGE="$IMAGE_NAMESPACE/$IMAGE"
export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY" export REPOSITORY="$IMAGE_NAMESPACE/$REPOSITORY"
@@ -61,7 +64,7 @@ export DOCKERFILE="--dockerfile $CONTEXT_PATH/${INPUT_BUILD_FILE:-Dockerfile}"
export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"} export TARGET=${INPUT_TARGET:+"--target=$INPUT_TARGET"}
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DESTINATION="--digest-file digest --tarPath image.tar --destination $IMAGE" export DESTINATION="--digest-file digest --no-push --tarPath image.tar --destination $IMAGE"
else else
export DESTINATION="--destination $IMAGE" export DESTINATION="--destination $IMAGE"
if [ ! -z $IMAGE_LATEST ]; then if [ ! -z $IMAGE_LATEST ]; then
@@ -88,8 +91,8 @@ EOF
if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then if [ ! -z $INPUT_SKIP_UNCHANGED_DIGEST ]; then
export DIGEST=$(cat digest) export DIGEST=$(cat digest)
if [ "$REGISTRY" == "docker.pkg.github.com" ]; then if [ "$REGISTRY" == "ghcr.io" ]; then
wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64)" https://docker.pkg.github.com/v2/$REPOSITORY/manifests/latest || true wget -q -O manifest --header "Authorization: Basic $(echo -n $USERNAME:$PASSWORD | base64 | tr -d \\n)" https://ghcr.io/v2/$REPOSITORY/manifests/latest || true
export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')" export REMOTE="sha256:$(cat manifest | sha256sum | awk '{ print $1 }')"
else else
export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1) export REMOTE=$(reg digest -u $USERNAME -p $PASSWORD $REGISTRY/$REPOSITORY | tail -1)