third/plugin-drone-kaniko-ecr
1
0
Fork 0
mirror of https://github.com/drone/drone-kaniko.git synced 2026-06-14 22:11:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: third/plugin-drone-kaniko-ecr:v1.13.0
Branches Tags
third/plugin-drone-kaniko-ecr:main third/plugin-drone-kaniko-ecr:CI-22323 third/plugin-drone-kaniko-ecr:main-patch-1 third/plugin-drone-kaniko-ecr:ci-14073 third/plugin-drone-kaniko-ecr:CI-20230-go-version-update third/plugin-drone-kaniko-ecr:CI-20230 third/plugin-drone-kaniko-ecr:CI-19670-1 third/plugin-drone-kaniko-ecr:CI-19933 third/plugin-drone-kaniko-ecr:CI-19670 third/plugin-drone-kaniko-ecr:CI-19672 third/plugin-drone-kaniko-ecr:CI-18923 third/plugin-drone-kaniko-ecr:CI-18100 third/plugin-drone-kaniko-ecr:CI-17708 third/plugin-drone-kaniko-ecr:CI-17517 third/plugin-drone-kaniko-ecr:CI-17122 third/plugin-drone-kaniko-ecr:main-patch third/plugin-drone-kaniko-ecr:harness-ci-patch third/plugin-drone-kaniko-ecr:CI-16588 third/plugin-drone-kaniko-ecr:CI-16392 third/plugin-drone-kaniko-ecr:CI-16330 third/plugin-drone-kaniko-ecr:CI-16193-fix third/plugin-drone-kaniko-ecr:CI-16193 third/plugin-drone-kaniko-ecr:CI-15946 third/plugin-drone-kaniko-ecr:CI-15370 third/plugin-drone-kaniko-ecr:CI-14845 third/plugin-drone-kaniko-ecr:CI-14242-2 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-09-20_01-08-13 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-09-13_01-07-18 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-09-06_01-05-27 third/plugin-drone-kaniko-ecr:CI-13961 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-08-30_01-05-43 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-08-23_01-04-53 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-08-16_01-05-35 third/plugin-drone-kaniko-ecr:CI-13178_go_upgrade_minor third/plugin-drone-kaniko-ecr:CI-13178_go_upgrade third/plugin-drone-kaniko-ecr:go_upgrade_1_22_42024-07-02_08-12-32 third/plugin-drone-kaniko-ecr:kaniko-flag-fix third/plugin-drone-kaniko-ecr:go_upgrade_1_22_42024-07-01_10-25-21 third/plugin-drone-kaniko-ecr:go_upgrade_1_22_42024-07-01_10-47-35 third/plugin-drone-kaniko-ecr:CI-10849 third/plugin-drone-kaniko-ecr:CI-11358 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-03-04_08-03-22 third/plugin-drone-kaniko-ecr:newargs third/plugin-drone-kaniko-ecr:addargs third/plugin-drone-kaniko-ecr:follow_next_link third/plugin-drone-kaniko-ecr:dockerignore third/plugin-drone-kaniko-ecr:fix_panic third/plugin-drone-kaniko-ecr:ci-10525 third/plugin-drone-kaniko-ecr:ci-9254 third/plugin-drone-kaniko-ecr:aman/revert third/plugin-drone-kaniko-ecr:aman/fix-drone-ver third/plugin-drone-kaniko-ecr:new third/plugin-drone-kaniko-ecr:smjt-h-patch-1 third/plugin-drone-kaniko-ecr:support_1-9-1 third/plugin-drone-kaniko-ecr:aman/rename-config third/plugin-drone-kaniko-ecr:aman/fix-config third/plugin-drone-kaniko-ecr:aman/fix-docker-plugin third/plugin-drone-kaniko-ecr:aman-fix-acr third/plugin-drone-kaniko-ecr:aman/acrInteg third/plugin-drone-kaniko-ecr:ecr_update third/plugin-drone-kaniko-ecr:fix_assume_role third/plugin-drone-kaniko-ecr:ecr_assume_role third/plugin-drone-kaniko-ecr:kaniko_ver_upgrade third/plugin-drone-kaniko-ecr:expand_repo third/plugin-drone-kaniko-ecr:rm_autotag_v1-8 third/plugin-drone-kaniko-ecr:fix_manifest_spec third/plugin-drone-kaniko-ecr:fix_drone_yml third/plugin-drone-kaniko-ecr:fix_yml third/plugin-drone-kaniko-ecr:kaniko_1-8_img third/plugin-drone-kaniko-ecr:upgrade_kaniko_ver third/plugin-drone-kaniko-ecr:custom_platform third/plugin-drone-kaniko-ecr:gcr_cred_inherit third/plugin-drone-kaniko-ecr:upgrade_go_version third/plugin-drone-kaniko-ecr:add_verbosity third/plugin-drone-kaniko-ecr:update_cache_repo third/plugin-drone-kaniko-ecr:fix_remote_cache third/plugin-drone-kaniko-ecr:remote_cache third/plugin-drone-kaniko-ecr:cache third/plugin-drone-kaniko-ecr:update_yaml third/plugin-drone-kaniko-ecr:snapshot_mode third/plugin-drone-kaniko-ecr:test_kaniko third/plugin-drone-kaniko-ecr:fix_pipeline third/plugin-drone-kaniko-ecr:improve_err third/plugin-drone-kaniko-ecr:ecr_iam third/plugin-drone-kaniko-ecr:fix_label third/plugin-drone-kaniko-ecr:fix_ecr third/plugin-drone-kaniko-ecr:fix_gcr third/plugin-drone-kaniko-ecr:v2_registry third/plugin-drone-kaniko-ecr:fix_build_script third/plugin-drone-kaniko-ecr:fix_image third/plugin-drone-kaniko-ecr:version_update
third/plugin-drone-kaniko-ecr:v1.13.7 third/plugin-drone-kaniko-ecr:v1.13.7-debug third/plugin-drone-kaniko-ecr:v1.13.6 third/plugin-drone-kaniko-ecr:v1.13.5 third/plugin-drone-kaniko-ecr:v1.13.4 third/plugin-drone-kaniko-ecr:v1.13.3 third/plugin-drone-kaniko-ecr:v1.13.2 third/plugin-drone-kaniko-ecr:v1.13.1 third/plugin-drone-kaniko-ecr:v1.13.0 third/plugin-drone-kaniko-ecr:v1.12.0 third/plugin-drone-kaniko-ecr:v1.11.5 third/plugin-drone-kaniko-ecr:v1.11.5-debug-1 third/plugin-drone-kaniko-ecr:v1.11.5-debug third/plugin-drone-kaniko-ecr:v1.11.4 third/plugin-drone-kaniko-ecr:v1.11.3 third/plugin-drone-kaniko-ecr:v1.11.3-debug third/plugin-drone-kaniko-ecr:v1.11.2 third/plugin-drone-kaniko-ecr:v1.11.2-debug third/plugin-drone-kaniko-ecr:v1.11.1 third/plugin-drone-kaniko-ecr:v1.11.1-debug3 third/plugin-drone-kaniko-ecr:v1.11.1-debug third/plugin-drone-kaniko-ecr:v1.11.0 third/plugin-drone-kaniko-ecr:v1.11.0-debug third/plugin-drone-kaniko-ecr:v1.10.9 third/plugin-drone-kaniko-ecr:v1.10.8 third/plugin-drone-kaniko-ecr:v1.10.8-debug third/plugin-drone-kaniko-ecr:v1.10.7 third/plugin-drone-kaniko-ecr:v1.10.7-debug third/plugin-drone-kaniko-ecr:v1.10.6 third/plugin-drone-kaniko-ecr:v1.10.6-debug third/plugin-drone-kaniko-ecr:v1.10.5 third/plugin-drone-kaniko-ecr:v1.10.4 third/plugin-drone-kaniko-ecr:v1.10.3 third/plugin-drone-kaniko-ecr:v1.10.2 third/plugin-drone-kaniko-ecr:v1.10.1 third/plugin-drone-kaniko-ecr:v1.10.0-debug third/plugin-drone-kaniko-ecr:v1.10.0 third/plugin-drone-kaniko-ecr:v1.9.0 third/plugin-drone-kaniko-ecr:v1.8.10 third/plugin-drone-kaniko-ecr:v1.8.9 third/plugin-drone-kaniko-ecr:v1.8.8 third/plugin-drone-kaniko-ecr:1.8.7 third/plugin-drone-kaniko-ecr:v1.8.6 third/plugin-drone-kaniko-ecr:v1.8.5 third/plugin-drone-kaniko-ecr:v1.8.4 third/plugin-drone-kaniko-ecr:v1.8.3 third/plugin-drone-kaniko-ecr:v1.8.2 third/plugin-drone-kaniko-ecr:v1.8.0 third/plugin-drone-kaniko-ecr:v1.8.1 third/plugin-drone-kaniko-ecr:v1.7.5 third/plugin-drone-kaniko-ecr:v1.7.4 third/plugin-drone-kaniko-ecr:v1.7.3 third/plugin-drone-kaniko-ecr:v1.7.2 third/plugin-drone-kaniko-ecr:1.7.2 third/plugin-drone-kaniko-ecr:v1.7.1 third/plugin-drone-kaniko-ecr:v1.7.0 third/plugin-drone-kaniko-ecr:v1.6.11 third/plugin-drone-kaniko-ecr:v1.6.10 third/plugin-drone-kaniko-ecr:v1.6.9 third/plugin-drone-kaniko-ecr:v1.6.8 third/plugin-drone-kaniko-ecr:v1.6.7 third/plugin-drone-kaniko-ecr:v1.6.6 third/plugin-drone-kaniko-ecr:v1.6.5 third/plugin-drone-kaniko-ecr:v1.6.4 third/plugin-drone-kaniko-ecr:v1.6.3 third/plugin-drone-kaniko-ecr:v1.6.2 third/plugin-drone-kaniko-ecr:v1.6.1 third/plugin-drone-kaniko-ecr:v1.6.0 third/plugin-drone-kaniko-ecr:v1.5.1 third/plugin-drone-kaniko-ecr:v1.5.0 third/plugin-drone-kaniko-ecr:v1.4.5 third/plugin-drone-kaniko-ecr:v1.4.4 third/plugin-drone-kaniko-ecr:v1.4.3 third/plugin-drone-kaniko-ecr:v1.4.2 third/plugin-drone-kaniko-ecr:v1.4.1 third/plugin-drone-kaniko-ecr:v1.4.0 third/plugin-drone-kaniko-ecr:v1.3.1 third/plugin-drone-kaniko-ecr:v1.3.0 third/plugin-drone-kaniko-ecr:v1.2.0 third/plugin-drone-kaniko-ecr:v1.1.2 third/plugin-drone-kaniko-ecr:v1.1.1 third/plugin-drone-kaniko-ecr:v1.1.0 third/plugin-drone-kaniko-ecr:v1.0.0
..
compare: third/plugin-drone-kaniko-ecr:main
Branches Tags
third/plugin-drone-kaniko-ecr:main third/plugin-drone-kaniko-ecr:CI-22323 third/plugin-drone-kaniko-ecr:main-patch-1 third/plugin-drone-kaniko-ecr:ci-14073 third/plugin-drone-kaniko-ecr:CI-20230-go-version-update third/plugin-drone-kaniko-ecr:CI-20230 third/plugin-drone-kaniko-ecr:CI-19670-1 third/plugin-drone-kaniko-ecr:CI-19933 third/plugin-drone-kaniko-ecr:CI-19670 third/plugin-drone-kaniko-ecr:CI-19672 third/plugin-drone-kaniko-ecr:CI-18923 third/plugin-drone-kaniko-ecr:CI-18100 third/plugin-drone-kaniko-ecr:CI-17708 third/plugin-drone-kaniko-ecr:CI-17517 third/plugin-drone-kaniko-ecr:CI-17122 third/plugin-drone-kaniko-ecr:main-patch third/plugin-drone-kaniko-ecr:harness-ci-patch third/plugin-drone-kaniko-ecr:CI-16588 third/plugin-drone-kaniko-ecr:CI-16392 third/plugin-drone-kaniko-ecr:CI-16330 third/plugin-drone-kaniko-ecr:CI-16193-fix third/plugin-drone-kaniko-ecr:CI-16193 third/plugin-drone-kaniko-ecr:CI-15946 third/plugin-drone-kaniko-ecr:CI-15370 third/plugin-drone-kaniko-ecr:CI-14845 third/plugin-drone-kaniko-ecr:CI-14242-2 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-09-20_01-08-13 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-09-13_01-07-18 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-09-06_01-05-27 third/plugin-drone-kaniko-ecr:CI-13961 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-08-30_01-05-43 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-08-23_01-04-53 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-08-16_01-05-35 third/plugin-drone-kaniko-ecr:CI-13178_go_upgrade_minor third/plugin-drone-kaniko-ecr:CI-13178_go_upgrade third/plugin-drone-kaniko-ecr:go_upgrade_1_22_42024-07-02_08-12-32 third/plugin-drone-kaniko-ecr:kaniko-flag-fix third/plugin-drone-kaniko-ecr:go_upgrade_1_22_42024-07-01_10-25-21 third/plugin-drone-kaniko-ecr:go_upgrade_1_22_42024-07-01_10-47-35 third/plugin-drone-kaniko-ecr:CI-10849 third/plugin-drone-kaniko-ecr:CI-11358 third/plugin-drone-kaniko-ecr:scheduled_go_upgrade2024-03-04_08-03-22 third/plugin-drone-kaniko-ecr:newargs third/plugin-drone-kaniko-ecr:addargs third/plugin-drone-kaniko-ecr:follow_next_link third/plugin-drone-kaniko-ecr:dockerignore third/plugin-drone-kaniko-ecr:fix_panic third/plugin-drone-kaniko-ecr:ci-10525 third/plugin-drone-kaniko-ecr:ci-9254 third/plugin-drone-kaniko-ecr:aman/revert third/plugin-drone-kaniko-ecr:aman/fix-drone-ver third/plugin-drone-kaniko-ecr:new third/plugin-drone-kaniko-ecr:smjt-h-patch-1 third/plugin-drone-kaniko-ecr:support_1-9-1 third/plugin-drone-kaniko-ecr:aman/rename-config third/plugin-drone-kaniko-ecr:aman/fix-config third/plugin-drone-kaniko-ecr:aman/fix-docker-plugin third/plugin-drone-kaniko-ecr:aman-fix-acr third/plugin-drone-kaniko-ecr:aman/acrInteg third/plugin-drone-kaniko-ecr:ecr_update third/plugin-drone-kaniko-ecr:fix_assume_role third/plugin-drone-kaniko-ecr:ecr_assume_role third/plugin-drone-kaniko-ecr:kaniko_ver_upgrade third/plugin-drone-kaniko-ecr:expand_repo third/plugin-drone-kaniko-ecr:rm_autotag_v1-8 third/plugin-drone-kaniko-ecr:fix_manifest_spec third/plugin-drone-kaniko-ecr:fix_drone_yml third/plugin-drone-kaniko-ecr:fix_yml third/plugin-drone-kaniko-ecr:kaniko_1-8_img third/plugin-drone-kaniko-ecr:upgrade_kaniko_ver third/plugin-drone-kaniko-ecr:custom_platform third/plugin-drone-kaniko-ecr:gcr_cred_inherit third/plugin-drone-kaniko-ecr:upgrade_go_version third/plugin-drone-kaniko-ecr:add_verbosity third/plugin-drone-kaniko-ecr:update_cache_repo third/plugin-drone-kaniko-ecr:fix_remote_cache third/plugin-drone-kaniko-ecr:remote_cache third/plugin-drone-kaniko-ecr:cache third/plugin-drone-kaniko-ecr:update_yaml third/plugin-drone-kaniko-ecr:snapshot_mode third/plugin-drone-kaniko-ecr:test_kaniko third/plugin-drone-kaniko-ecr:fix_pipeline third/plugin-drone-kaniko-ecr:improve_err third/plugin-drone-kaniko-ecr:ecr_iam third/plugin-drone-kaniko-ecr:fix_label third/plugin-drone-kaniko-ecr:fix_ecr third/plugin-drone-kaniko-ecr:fix_gcr third/plugin-drone-kaniko-ecr:v2_registry third/plugin-drone-kaniko-ecr:fix_build_script third/plugin-drone-kaniko-ecr:fix_image third/plugin-drone-kaniko-ecr:version_update
third/plugin-drone-kaniko-ecr:v1.13.7 third/plugin-drone-kaniko-ecr:v1.13.7-debug third/plugin-drone-kaniko-ecr:v1.13.6 third/plugin-drone-kaniko-ecr:v1.13.5 third/plugin-drone-kaniko-ecr:v1.13.4 third/plugin-drone-kaniko-ecr:v1.13.3 third/plugin-drone-kaniko-ecr:v1.13.2 third/plugin-drone-kaniko-ecr:v1.13.1 third/plugin-drone-kaniko-ecr:v1.13.0 third/plugin-drone-kaniko-ecr:v1.12.0 third/plugin-drone-kaniko-ecr:v1.11.5 third/plugin-drone-kaniko-ecr:v1.11.5-debug-1 third/plugin-drone-kaniko-ecr:v1.11.5-debug third/plugin-drone-kaniko-ecr:v1.11.4 third/plugin-drone-kaniko-ecr:v1.11.3 third/plugin-drone-kaniko-ecr:v1.11.3-debug third/plugin-drone-kaniko-ecr:v1.11.2 third/plugin-drone-kaniko-ecr:v1.11.2-debug third/plugin-drone-kaniko-ecr:v1.11.1 third/plugin-drone-kaniko-ecr:v1.11.1-debug3 third/plugin-drone-kaniko-ecr:v1.11.1-debug third/plugin-drone-kaniko-ecr:v1.11.0 third/plugin-drone-kaniko-ecr:v1.11.0-debug third/plugin-drone-kaniko-ecr:v1.10.9 third/plugin-drone-kaniko-ecr:v1.10.8 third/plugin-drone-kaniko-ecr:v1.10.8-debug third/plugin-drone-kaniko-ecr:v1.10.7 third/plugin-drone-kaniko-ecr:v1.10.7-debug third/plugin-drone-kaniko-ecr:v1.10.6 third/plugin-drone-kaniko-ecr:v1.10.6-debug third/plugin-drone-kaniko-ecr:v1.10.5 third/plugin-drone-kaniko-ecr:v1.10.4 third/plugin-drone-kaniko-ecr:v1.10.3 third/plugin-drone-kaniko-ecr:v1.10.2 third/plugin-drone-kaniko-ecr:v1.10.1 third/plugin-drone-kaniko-ecr:v1.10.0-debug third/plugin-drone-kaniko-ecr:v1.10.0 third/plugin-drone-kaniko-ecr:v1.9.0 third/plugin-drone-kaniko-ecr:v1.8.10 third/plugin-drone-kaniko-ecr:v1.8.9 third/plugin-drone-kaniko-ecr:v1.8.8 third/plugin-drone-kaniko-ecr:1.8.7 third/plugin-drone-kaniko-ecr:v1.8.6 third/plugin-drone-kaniko-ecr:v1.8.5 third/plugin-drone-kaniko-ecr:v1.8.4 third/plugin-drone-kaniko-ecr:v1.8.3 third/plugin-drone-kaniko-ecr:v1.8.2 third/plugin-drone-kaniko-ecr:v1.8.0 third/plugin-drone-kaniko-ecr:v1.8.1 third/plugin-drone-kaniko-ecr:v1.7.5 third/plugin-drone-kaniko-ecr:v1.7.4 third/plugin-drone-kaniko-ecr:v1.7.3 third/plugin-drone-kaniko-ecr:v1.7.2 third/plugin-drone-kaniko-ecr:1.7.2 third/plugin-drone-kaniko-ecr:v1.7.1 third/plugin-drone-kaniko-ecr:v1.7.0 third/plugin-drone-kaniko-ecr:v1.6.11 third/plugin-drone-kaniko-ecr:v1.6.10 third/plugin-drone-kaniko-ecr:v1.6.9 third/plugin-drone-kaniko-ecr:v1.6.8 third/plugin-drone-kaniko-ecr:v1.6.7 third/plugin-drone-kaniko-ecr:v1.6.6 third/plugin-drone-kaniko-ecr:v1.6.5 third/plugin-drone-kaniko-ecr:v1.6.4 third/plugin-drone-kaniko-ecr:v1.6.3 third/plugin-drone-kaniko-ecr:v1.6.2 third/plugin-drone-kaniko-ecr:v1.6.1 third/plugin-drone-kaniko-ecr:v1.6.0 third/plugin-drone-kaniko-ecr:v1.5.1 third/plugin-drone-kaniko-ecr:v1.5.0 third/plugin-drone-kaniko-ecr:v1.4.5 third/plugin-drone-kaniko-ecr:v1.4.4 third/plugin-drone-kaniko-ecr:v1.4.3 third/plugin-drone-kaniko-ecr:v1.4.2 third/plugin-drone-kaniko-ecr:v1.4.1 third/plugin-drone-kaniko-ecr:v1.4.0 third/plugin-drone-kaniko-ecr:v1.3.1 third/plugin-drone-kaniko-ecr:v1.3.0 third/plugin-drone-kaniko-ecr:v1.2.0 third/plugin-drone-kaniko-ecr:v1.1.2 third/plugin-drone-kaniko-ecr:v1.1.1 third/plugin-drone-kaniko-ecr:v1.1.0 third/plugin-drone-kaniko-ecr:v1.0.0

11 Commits
v1.13.0 .. main

Author SHA1 Message Date
Devansh Mathur 9e87be9c9a fix: [CI-22323]: Adding PLUGIN_ prefix for ACR vars. (#168) 2026-04-28 17:40:42 +05:30
Abhijeet ede8cf05b0 Update pipeline drone-kaniko-harness 2026-04-09 15:56:02 +05:30
Abhijeet 21a336ca17 Clone pipeline drone-kaniko-harness 2026-04-07 15:52:54 +05:30
ebtasam-faridy 7639ab9f70 Update pipeline drone-kaniko-harness (#166) 2026-03-18 16:59:47 +05:30
ebtasam-faridy 1cd7da5451 fix: [CI-21411] updating docker cli version to remove vulnerability (#165) 2026-03-18 16:34:40 +05:30
ebtasam-faridy 16758bd8cc fix: [CI-20436] adding fallback in case of del con (#164) 
* fix: [CI-20436] adding fallback in case of del con

* fix: [CI-20436] adding fallback in case of del con testcase

* fix: [CI-20436] adding fallback in case of del con testcase

* fix: [CI-20436] adding fallback in case of del con testcase

* fix: [CI-20436] adding fallback in case of del con testcase

* fix: [CI-20436] adding fallback in case of del con testcase

* fix: [CI-20436] reverting some changes
 2026-02-07 12:55:04 +05:30
Chirag S dd3c29c971 fix: [CI-14073]: Print absolute lookup path incase dockerfile not present (#163) 2026-01-29 14:01:55 +05:30
tapankarangiya c06fde824e fix: [CI-20230]: Updated go version (#160) 2026-01-20 18:03:38 +05:30
tapankarangiya 5bbe6ba026 Update pipeline drone-kaniko-harness (#161) 2026-01-20 13:43:16 +05:30
Abhay 9491e6b36f fix: [CI-19670]: fix vulnerabilty fron kaniko (#159) 
* fix: [CI-19670]: fix vulnerabilty fron kaniko

* Update docker/gcr/Dockerfile.linux.amd64

* Update docker/gcr/Dockerfile.linux.arm64

---------

Co-authored-by: OP (oppenheimer) <21008429+Ompragash@users.noreply.github.com>
 2025-11-26 11:39:40 +05:30
OP (oppenheimer) 594f1e2f23 fix: Consolidate platform flags to use --custom-platform and eliminate deprecation warning (#158) 2025-11-21 11:25:52 +05:30
15 changed files with 1576 additions and 77 deletions
Expand all files Collapse all files
.harness/harness.yaml
+675 -4
View File
@@ -1,6 +1,6 @@
pipeline: pipeline:
name: drone-kaniko-harness
identifier: dronekanikoharness identifier: dronekanikoharness
name: drone-kaniko-harness
projectIdentifier: Drone_Plugins projectIdentifier: Drone_Plugins
orgIdentifier: default orgIdentifier: default
tags: {} tags: {}
@@ -37,7 +37,7 @@ pipeline:
identifier: Build identifier: Build
spec: spec:
connectorRef: Plugins_Docker_Hub_Connector connectorRef: Plugins_Docker_Hub_Connector
image: golang:1.23.0 image: golang:1.25.7
shell: Sh shell: Sh
command: |- command: |-
go test ./... go test ./...
@@ -322,7 +322,7 @@ pipeline:
identifier: Build_and_Test identifier: Build_and_Test
spec: spec:
connectorRef: Plugins_Docker_Hub_Connector connectorRef: Plugins_Docker_Hub_Connector
image: golang:1.23.0 image: golang:1.25.7
shell: Sh shell: Sh
command: |- command: |-
go test ./... go test ./...
@@ -583,8 +583,618 @@ pipeline:
nodeName: _<+matrix.repo> nodeName: _<+matrix.repo>
when: when:
pipelineStatus: Success pipelineStatus: Success
- stage:
name: rf-linux-amd64
identifier: rf_linuxamd64
description: RapidFort hardened kaniko images - amd64
type: CI
spec:
cloneCodebase: true
caching:
enabled: false
paths: []
platform:
os: Linux
arch: Amd64
runtime:
type: Cloud
spec: {}
execution:
steps:
- step:
type: GitClone
name: Clone RF Dockerfiles
identifier: clone_rf
spec:
connectorRef: RapidFortPlugins
build:
type: branch
spec:
branch: main
cloneDirectory: rf-plugins
- step:
type: Run
name: Build Binary
identifier: build_binary
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: golang:1.25.7
shell: Sh
command: |-
go test ./...
sh scripts/build.sh
- parallel:
- step:
type: Plugin
name: RF Build and Push on Tag
identifier: rf_docker_build_push_tag
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: <+secrets.getValue("harnesssecureusername")>
password: <+secrets.getValue("dockerHarnessSecurePwd")>
repo: harnesssecure/kaniko<+matrix.image>
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.rf
auto_tag: "true"
auto_tag_suffix: linux-amd64
base_image_username: <+secrets.getValue("harness0HARUsername")>
base_image_password: <+secrets.getValue("harness0HARPAT")>
base_image_registry: harness0.harness.io/oci/docker_artifacts
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
- "-acr"
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gcr"
repo: acr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-gar"
repo: acr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
- image: "-ecr"
repo: acr
- image: "-acr"
repo: docker
- image: "-acr"
repo: gcr
- image: "-acr"
repo: gar
- image: "-acr"
repo: ecr
nodeName: rf_<+matrix.repo>
- step:
type: Plugin
name: RF Build and Push on Tag Kaniko191
identifier: rf_docker_build_push_tag_191
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: <+secrets.getValue("harnesssecureusername")>
password: <+secrets.getValue("dockerHarnessSecurePwd")>
repo: harnesssecure/kaniko<+matrix.image>
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
auto_tag: "true"
auto_tag_suffix: linux-amd64-kaniko1.9.1
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
nodeName: rf_191_<+matrix.repo>
- parallel:
- step:
type: BuildAndPushDockerRegistry
name: RF Build and Push on Branch
identifier: rf_build_push_branch
spec:
connectorRef: harnesssecure
repo: harnesssecure/kaniko<+matrix.image>
tags:
- linux-amd64
caching: false
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.rf
envVariables:
PLUGIN_BASE_IMAGE_USERNAME: <+secrets.getValue("harness0HARUsername")>
PLUGIN_BASE_IMAGE_PASSWORD: <+secrets.getValue("harness0HARPAT")>
PLUGIN_BASE_IMAGE_REGISTRY: harness0.harness.io/oci/docker_artifacts
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
- "-acr"
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gcr"
repo: acr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-gar"
repo: acr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
- image: "-ecr"
repo: acr
- image: "-acr"
repo: docker
- image: "-acr"
repo: gcr
- image: "-acr"
repo: gar
- image: "-acr"
repo: ecr
nodeName: rf_<+matrix.repo>
- step:
type: BuildAndPushDockerRegistry
name: RF Build and Push on Branch Kaniko191
identifier: rf_build_push_branch_191
spec:
connectorRef: harnesssecure
repo: harnesssecure/kaniko<+matrix.image>
tags:
- linux-amd64-kaniko1.9.1
caching: false
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
nodeName: rf_191_<+matrix.repo>
variables:
- name: CI_ENABLE_BARE_METAL
type: String
description: ""
required: false
value: "false"
- stage:
name: rf-linux-arm64
identifier: rf_linuxarm64
description: RapidFort hardened kaniko images - arm64
type: CI
spec:
cloneCodebase: true
caching:
enabled: false
paths: []
platform:
os: Linux
arch: Arm64
runtime:
type: Cloud
spec: {}
execution:
steps:
- step:
type: GitClone
name: Clone RF Dockerfiles
identifier: clone_rf
spec:
connectorRef: RapidFortPlugins
build:
type: branch
spec:
branch: main
cloneDirectory: rf-plugins
- step:
type: Run
name: Build Binary
identifier: build_binary
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: golang:1.25.7
shell: Sh
command: |-
go test ./...
sh scripts/build.sh
- parallel:
- step:
type: Plugin
name: RF Build and Push on Tag
identifier: rf_docker_build_push_tag
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: <+secrets.getValue("harnesssecureusername")>
password: <+secrets.getValue("dockerHarnessSecurePwd")>
repo: harnesssecure/kaniko<+matrix.image>
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.rf
auto_tag: "true"
auto_tag_suffix: linux-arm64
base_image_username: <+secrets.getValue("harness0HARUsername")>
base_image_password: <+secrets.getValue("harness0HARPAT")>
base_image_registry: harness0.harness.io/oci/docker_artifacts
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
- "-acr"
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gcr"
repo: acr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-gar"
repo: acr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
- image: "-ecr"
repo: acr
- image: "-acr"
repo: docker
- image: "-acr"
repo: gcr
- image: "-acr"
repo: gar
- image: "-acr"
repo: ecr
nodeName: rf_<+matrix.repo>
- step:
type: Plugin
name: RF Build and Push on Tag Kaniko191
identifier: rf_docker_build_push_tag_191
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: <+secrets.getValue("harnesssecureusername")>
password: <+secrets.getValue("dockerHarnessSecurePwd")>
repo: harnesssecure/kaniko<+matrix.image>
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
auto_tag: "true"
auto_tag_suffix: linux-arm64-kaniko1.9.1
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
nodeName: rf_191_<+matrix.repo>
- parallel:
- step:
type: BuildAndPushDockerRegistry
name: RF Build and Push on Branch
identifier: rf_build_push_branch
spec:
connectorRef: harnesssecure
repo: harnesssecure/kaniko<+matrix.image>
tags:
- linux-arm64
caching: false
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.rf
envVariables:
PLUGIN_BASE_IMAGE_USERNAME: <+secrets.getValue("harness0HARUsername")>
PLUGIN_BASE_IMAGE_PASSWORD: <+secrets.getValue("harness0HARPAT")>
PLUGIN_BASE_IMAGE_REGISTRY: harness0.harness.io/oci/docker_artifacts
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
- "-acr"
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gcr"
repo: acr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-gar"
repo: acr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
- image: "-ecr"
repo: acr
- image: "-acr"
repo: docker
- image: "-acr"
repo: gcr
- image: "-acr"
repo: gar
- image: "-acr"
repo: ecr
nodeName: rf_<+matrix.repo>
- step:
type: BuildAndPushDockerRegistry
name: RF Build and Push on Branch Kaniko191
identifier: rf_build_push_branch_191
spec:
connectorRef: harnesssecure
repo: harnesssecure/kaniko<+matrix.image>
tags:
- linux-arm64-kaniko1.9.1
caching: false
dockerfile: rf-plugins/drone-kaniko/docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- "-gcr"
- "-gar"
- "-ecr"
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: "-gcr"
repo: docker
- image: "-gcr"
repo: gar
- image: "-gcr"
repo: ecr
- image: "-gar"
repo: docker
- image: "-gar"
repo: gcr
- image: "-gar"
repo: ecr
- image: "-ecr"
repo: docker
- image: "-ecr"
repo: gcr
- image: "-ecr"
repo: gar
nodeName: rf_191_<+matrix.repo>
variables:
- name: CI_ENABLE_BARE_METAL
type: String
description: ""
required: false
value: "false"
- stage: - stage:
name: Manifest name: Manifest and Release
identifier: Manifest identifier: Manifest
description: "" description: ""
type: CI type: CI
@@ -601,6 +1211,18 @@ pipeline:
spec: {} spec: {}
execution: execution:
steps: steps:
- step:
type: GitClone
name: Clone RF Manifest Templates
identifier: clone_rf_manifest
spec:
connectorRef: RapidFortPlugins
build:
type: branch
spec:
branch: main
cloneDirectory: rf-plugins
contextType: Pipeline
- parallel: - parallel:
- step: - step:
type: Plugin type: Plugin
@@ -651,6 +1273,55 @@ pipeline:
- gar - gar
- ecr - ecr
nodeName: manifest_<+matrix.repo> nodeName: manifest_<+matrix.repo>
- step:
type: Plugin
name: RF Manifest
identifier: rf_manifest
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/manifest
settings:
username: <+secrets.getValue("harnesssecureusername")>
password: <+secrets.getValue("dockerHarnessSecurePwd")>
auto_tag: "true"
ignore_missing: "true"
spec: rf-plugins/drone-kaniko/docker/<+matrix.repo>/manifest.tmpl
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
repo:
- docker
- gcr
- gar
- ecr
- acr
nodeName: rf_manifest_<+matrix.repo>
- step:
type: Plugin
name: RF Manifest Kaniko191
identifier: rf_manifest_191
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/manifest
settings:
username: <+secrets.getValue("harnesssecureusername")>
password: <+secrets.getValue("dockerHarnessSecurePwd")>
auto_tag: "false"
ignore_missing: "true"
spec: rf-plugins/drone-kaniko/docker/<+matrix.repo>/manifest-kaniko1.9.1.tmpl
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
repo:
- docker
- gcr
- gar
- ecr
nodeName: rf_manifest_191_<+matrix.repo>
when: when:
pipelineStatus: Success pipelineStatus: Success
allowStageExecutions: true allowStageExecutions: true
.harness/orgs/default/projects/Drone_Plugins/pipelines/dronekanikoharness_Clone.yaml
+658
View File
@@ -0,0 +1,658 @@
pipeline:
projectIdentifier: Drone_Plugins
orgIdentifier: default
tags: {}
properties:
ci:
codebase:
connectorRef: GitHub_Drone_Org
repoName: drone-kaniko
build: <+input>
sparseCheckout: []
stages:
- parallel:
- stage:
name: linux-amd64
identifier: linuxamd64
description: ""
type: CI
spec:
cloneCodebase: true
caching:
enabled: false
paths: []
platform:
os: Linux
arch: Amd64
runtime:
type: Cloud
spec: {}
execution:
steps:
- step:
type: Run
name: Build Binary
identifier: Build
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: golang:1.25.7
shell: Sh
command: |-
go test ./...
sh scripts/build.sh
- parallel:
- step:
type: Plugin
name: BuildAndPushDockerTag
identifier: BuildAndPushDockerTag
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: drone
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
repo: plugins/kaniko<+matrix.image>
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64
auto_tag: "true"
auto_tag_suffix: linux-amd64
daemon_off: "false"
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
- -acr
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gcr
repo: acr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -gar
repo: acr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
- image: -ecr
repo: acr
- image: -acr
repo: docker
- image: -acr
repo: gcr
- image: -acr
repo: gar
- image: -acr
repo: ecr
nodeName: _<+matrix.repo>
- step:
type: Plugin
name: BuildAndPushDockerTag_Kaniko
identifier: BuildAndPushDockerTag_Kaniko
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: drone
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
repo: plugins/kaniko<+matrix.image>
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
auto_tag: "true"
auto_tag_suffix: linux-amd64-kaniko1.9.1
daemon_off: "false"
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
nodeName: <+matrix.repo>
- parallel:
- step:
type: BuildAndPushDockerRegistry
name: BuildAndPushDockerBranch
identifier: BuildAndPushDockerBranch
spec:
connectorRef: Plugins_Docker_Hub_Connector
repo: plugins/kaniko<+matrix.image>
tags:
- linux-amd64
caching: false
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
- -acr
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gcr
repo: acr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -gar
repo: acr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
- image: -ecr
repo: acr
- image: -acr
repo: docker
- image: -acr
repo: gcr
- image: -acr
repo: gar
- image: -acr
repo: ecr
nodeName: <+matrix.repo>
- step:
type: BuildAndPushDockerRegistry
name: BuildAndPushDockerBranch_Kaniko
identifier: BuildAndPushDockerBranch_Kaniko
spec:
connectorRef: Plugins_Docker_Hub_Connector
repo: plugins/kaniko<+matrix.image>
tags:
- linux-amd64-kaniko1.9.1
caching: false
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.amd64.kaniko1.9.1
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
nodeName: _<+matrix.repo>
when:
pipelineStatus: Success
- stage:
name: linux-arm64
identifier: linuxarm64
description: ""
type: CI
spec:
cloneCodebase: true
caching:
enabled: false
paths: []
platform:
os: Linux
arch: Arm64
runtime:
type: Cloud
spec: {}
execution:
steps:
- step:
type: Run
name: Build Binary
identifier: Build_and_Test
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: golang:1.25.7
shell: Sh
command: |-
go test ./...
sh scripts/build.sh
- parallel:
- step:
type: Plugin
name: BuildAndPushDockerTag
identifier: BuildAndPushDockerTag
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: drone
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
repo: plugins/kaniko<+matrix.image>
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64
auto_tag: "true"
auto_tag_suffix: linux-arm64
daemon_off: "false"
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
- -acr
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gcr
repo: acr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -gar
repo: acr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
- image: -ecr
repo: acr
- image: -acr
repo: docker
- image: -acr
repo: gcr
- image: -acr
repo: gar
- image: -acr
repo: ecr
nodeName: _<+matrix.repo>
- step:
type: Plugin
name: BuildAndPushDockerTag_Kaniko
identifier: BuildAndPushDockerTag_Kaniko
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/docker
settings:
username: drone
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
repo: plugins/kaniko<+matrix.image>
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
auto_tag: "true"
auto_tag_suffix: linux-arm64-kaniko1.9.1
daemon_off: "false"
when:
stageStatus: Success
condition: <+codebase.build.type> == "tag"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
nodeName: _<+matrix.repo>
- parallel:
- step:
type: BuildAndPushDockerRegistry
name: BuildAndPushDockerBranch
identifier: BuildAndPushDockerBranch
spec:
connectorRef: Plugins_Docker_Hub_Connector
repo: plugins/kaniko<+matrix.image>
tags:
- linux-arm64
caching: false
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
- -acr
repo:
- docker
- gcr
- gar
- ecr
- acr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: ""
repo: acr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gcr
repo: acr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -gar
repo: acr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
- image: -ecr
repo: acr
- image: -acr
repo: docker
- image: -acr
repo: gcr
- image: -acr
repo: gar
- image: -acr
repo: ecr
nodeName: <+matrix.repo>
- step:
type: BuildAndPushDockerRegistry
name: BuildAndPushDockerBranch_Kaniko
identifier: BuildAndPushDockerBranch_Kaniko
spec:
connectorRef: Plugins_Docker_Hub_Connector
repo: plugins/kaniko<+matrix.image>
tags:
- linux-arm64-kaniko1.9.1
caching: false
dockerfile: docker/<+matrix.repo>/Dockerfile.linux.arm64.kaniko1.9.1
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch"
strategy:
matrix:
image:
- ""
- -gcr
- -gar
- -ecr
repo:
- docker
- gcr
- gar
- ecr
exclude:
- image: ""
repo: gcr
- image: ""
repo: gar
- image: ""
repo: ecr
- image: -gcr
repo: docker
- image: -gcr
repo: gar
- image: -gcr
repo: ecr
- image: -gar
repo: docker
- image: -gar
repo: gcr
- image: -gar
repo: ecr
- image: -ecr
repo: docker
- image: -ecr
repo: gcr
- image: -ecr
repo: gar
nodeName: _<+matrix.repo>
when:
pipelineStatus: Success
- stage:
name: Manifest
identifier: Manifest
description: ""
type: CI
spec:
cloneCodebase: true
caching:
enabled: false
paths: []
platform:
os: Linux
arch: Amd64
runtime:
type: Cloud
spec: {}
execution:
steps:
- parallel:
- step:
type: Plugin
name: Manifest
identifier: Manifest
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/manifest
settings:
auto_tag: "true"
spec: docker/<+matrix.repo>/manifest.tmpl
username: drone
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
ignore_missing: "true"
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch" || <+codebase.build.type>
== "tag"
strategy:
matrix:
repo:
- docker
- gcr
- gar
- ecr
- acr
nodeName: manifest_<+matrix.repo>
- step:
type: Plugin
name: Manifest_kaniko191
identifier: Manifest_kaniko
spec:
connectorRef: Plugins_Docker_Hub_Connector
image: plugins/manifest
settings:
auto_tag: "false"
spec: docker/<+matrix.repo>/manifest-kaniko1.9.1.tmpl
username: drone
password: <+secrets.getValue("Plugins_Docker_Hub_Pat")>
ignore_missing: "true"
when:
stageStatus: Success
condition: <+codebase.build.type> == "branch" || <+codebase.build.type>
== "tag"
strategy:
matrix:
repo:
- docker
- gcr
- gar
- ecr
nodeName: manifest_<+matrix.repo>
when:
pipelineStatus: Success
allowStageExecutions: true
identifier: dronekanikoharness_Clone
name: drone-kaniko-harness - Clone
cmd/kaniko-acr/main.go
+62 -27
View File
@@ -159,12 +159,12 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "client-secret", Name: "client-secret",
Usage: "Azure client secret", Usage: "Azure client secret",
EnvVar: "CLIENT_SECRET", EnvVar: "CLIENT_SECRET,PLUGIN_CLIENT_SECRET",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "client-cert", Name: "client-cert",
Usage: "Azure client certificate encoded in base64 format", Usage: "Azure client certificate encoded in base64 format",
EnvVar: "CLIENT_CERTIFICATE", EnvVar: "CLIENT_CERTIFICATE,PLUGIN_CLIENT_CERTIFICATE",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "tenant-id", Name: "tenant-id",
@@ -174,7 +174,7 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "subscription-id", Name: "subscription-id",
Usage: "Azure Subscription Id", Usage: "Azure Subscription Id",
EnvVar: "SUBSCRIPTION_ID", EnvVar: "SUBSCRIPTION_ID,PLUGIN_SUBSCRIPTION_ID",
}, },
cli.StringFlag{ cli.StringFlag{
Name: "client-id", Name: "client-id",
@@ -254,7 +254,7 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "platform", Name: "platform",
Usage: "Allows to build with another default platform than the host, similarly to docker build --platform", Usage: "Allows to build with another default platform than the host, similarly to docker build --platform",
EnvVar: "PLUGIN_PLATFORM", EnvVar: "PLUGIN_PLATFORM,PLUGIN_CUSTOM_PLATFORM",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "skip-unused-stages", Name: "skip-unused-stages",
@@ -292,11 +292,6 @@ func main() {
Usage: "Sub-path within the context to build.", Usage: "Sub-path within the context to build.",
EnvVar: "PLUGIN_CONTEXT_SUB_PATH", EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
}, },
cli.StringFlag{
Name: "custom-platform",
Usage: "Platform to use for building.",
EnvVar: "PLUGIN_CUSTOM_PLATFORM",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "force", Name: "force",
Usage: "Force building the image even if it already exists.", Usage: "Force building the image even if it already exists.",
@@ -477,14 +472,13 @@ func run(c *cli.Context) error {
DigestFile: defaultDigestFile, DigestFile: defaultDigestFile,
NoPush: noPush, NoPush: noPush,
Verbosity: c.String("verbosity"), Verbosity: c.String("verbosity"),
Platform: c.String("platform"), CustomPlatform: c.String("platform"),
SkipUnusedStages: c.Bool("skip-unused-stages"), SkipUnusedStages: c.Bool("skip-unused-stages"),
CacheDir: c.String("cache-dir"), CacheDir: c.String("cache-dir"),
CacheCopyLayers: c.Bool("cache-copy-layers"), CacheCopyLayers: c.Bool("cache-copy-layers"),
CacheRunLayers: c.Bool("cache-run-layers"), CacheRunLayers: c.Bool("cache-run-layers"),
Cleanup: c.Bool("cleanup"), Cleanup: c.Bool("cleanup"),
ContextSubPath: c.String("context-sub-path"), ContextSubPath: c.String("context-sub-path"),
CustomPlatform: c.String("custom-platform"),
Force: c.Bool("force"), Force: c.Bool("force"),
ImageNameWithDigestFile: c.String("image-name-with-digest-file"), ImageNameWithDigestFile: c.String("image-name-with-digest-file"),
ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"), ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"),
@@ -542,21 +536,21 @@ func setupAuth(tenantId, clientId, oidcIdToken, cert,
return "", fmt.Errorf("registry must be specified") return "", fmt.Errorf("registry must be specified")
} }
// Determine auth path: OIDC or Service Principal (secret/cert)
if tenantId == "" || clientId == "" {
if noPush {
logrus.Warnf("NO_PUSH mode: tenantId or clientId not provided")
return "", nil
}
return "", fmt.Errorf("tenantId and clientId must be provided")
}
var aadAccessToken string var aadAccessToken string
var acrToken string var acrToken string
var publicUrl string var publicUrl string
var err error var err error
if oidcIdToken != "" { if oidcIdToken != "" {
// OIDC authentication flow requires tenantId and clientId
if tenantId == "" || clientId == "" {
if noPush {
logrus.Warnf("NO_PUSH mode: tenantId or clientId not provided for OIDC")
return "", nil
}
return "", fmt.Errorf("tenantId and clientId must be provided for OIDC authentication")
}
logrus.Debug("Using OIDC authentication flow")
// Exchange OIDC ID token for AAD access token via client_assertion // Exchange OIDC ID token for AAD access token via client_assertion
aadAccessToken, err = azureutil.GetAADAccessTokenViaClientAssertion(context.Background(), tenantId, clientId, oidcIdToken, authorityHost) aadAccessToken, err = azureutil.GetAADAccessTokenViaClientAssertion(context.Background(), tenantId, clientId, oidcIdToken, authorityHost)
if err != nil { if err != nil {
@@ -571,16 +565,21 @@ func setupAuth(tenantId, clientId, oidcIdToken, cert,
if err != nil { if err != nil {
return handleError(noPush, err, "failed to fetch ACR token") return handleError(noPush, err, "failed to fetch ACR token")
} }
} else if clientSecret != "" || cert != "" { } else {
logrus.Debug("Using traditional Azure AD authentication flow")
// Validate that if tenantId is provided, clientId must also be provided
// (unless using managed identity with no explicit tenantId)
if tenantId != "" && clientId == "" && clientSecret == "" && cert == "" {
if noPush {
logrus.Warnf("NO_PUSH mode: tenantId provided but clientId is missing")
return "", nil
}
return "", fmt.Errorf("tenantId and clientId must be provided")
}
acrToken, publicUrl, err = getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry) acrToken, publicUrl, err = getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry)
if err != nil { if err != nil {
return handleError(noPush, err, "failed to fetch ACR Token") return handleError(noPush, err, "failed to fetch ACR Token")
} }
} else {
if noPush {
return "", nil
}
return "", fmt.Errorf("managed authentication is not supported")
} }
if err := setDockerAuth(username, acrToken, registry, dockerUsername, dockerPassword, dockerRegistry); err != nil { if err := setDockerAuth(username, acrToken, registry, dockerUsername, dockerPassword, dockerRegistry); err != nil {
@@ -599,10 +598,46 @@ func handleError(noPush bool, err error, msg string) (string, error) {
} }
func getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry string) (string, string, error) { func getACRToken(subscriptionId, tenantId, clientId, clientSecret, cert, registry string) (string, string, error) {
// Handle managed identity (when no clientSecret or cert provided)
if clientSecret == "" && cert == "" {
if tenantId == "" {
tenantId = os.Getenv("AZURE_TENANT_ID")
if tenantId == "" {
tenantId = os.Getenv("TENANT_ID")
}
}
opts := &azidentity.DefaultAzureCredentialOptions{}
if tenantId != "" {
opts.TenantID = tenantId
}
cred, err := azidentity.NewDefaultAzureCredential(opts)
if err != nil {
return "", "", errors.Wrap(err, "failed to get credentials")
}
policy := policy.TokenRequestOptions{
Scopes: []string{"https://management.azure.com/.default"},
}
azToken, err := cred.GetToken(context.Background(), policy)
if err != nil {
return "", "", errors.Wrap(err, "failed to fetch access token")
}
publicUrl, err := getPublicUrl(azToken.Token, registry, subscriptionId)
if err != nil {
fmt.Fprintf(os.Stderr, "failed to get public url with error: %s\n", err)
}
if tenantId == "" {
return "", "", fmt.Errorf("tenantId cannot be empty for ACR token exchange")
}
ACRToken, err := fetchACRToken(tenantId, azToken.Token, registry)
if err != nil {
return "", "", errors.Wrap(err, "failed to fetch ACR token")
}
return ACRToken, publicUrl, nil
}
if tenantId == "" { if tenantId == "" {
return "", "", fmt.Errorf("tenantId can't be empty for AAD authentication") return "", "", fmt.Errorf("tenantId can't be empty for AAD authentication")
} }
if clientId == "" { if clientId == "" {
return "", "", fmt.Errorf("clientId can't be empty for AAD authentication") return "", "", fmt.Errorf("clientId can't be empty for AAD authentication")
} }
cmd/kaniko-acr/main_test.go
+49
View File
@@ -387,3 +387,52 @@ func TestSetupAuth_NoCreds_NoPushTrue(t *testing.T) {
assert.NoError(t, err) assert.NoError(t, err)
assert.Equal(t, "", pub) assert.Equal(t, "", pub)
} }
// Test cases for managed identity support
func TestSetupAuth_ManagedIdentity_NoPush_Positive(t *testing.T) {
// Positive test: Managed identity flow with noPush=true should succeed
// This tests the new managed identity support when no credentials are provided
pub, err := setupAuth("tenant123", "", "", "", "", "sub", "myregistry.azurecr.io", "", "", "", "", true)
assert.NoError(t, err)
assert.Equal(t, "", pub)
}
func TestSetupAuth_TenantIdButNoClientId_ManagedIdentity(t *testing.T) {
// Negative test: When tenantId is provided but clientId is missing for managed identity,
// it should fail (unless noPush is true)
pub, err := setupAuth("tenant123", "", "", "", "", "sub", "myregistry.azurecr.io", "", "", "", "", false)
assert.Error(t, err)
assert.Contains(t, err.Error(), "tenantId and clientId must be provided")
assert.Equal(t, "", pub)
}
func TestGetACRToken_ManagedIdentity_NoTenantId(t *testing.T) {
// Negative test: Managed identity requires tenantId for ACR token exchange
// Clear environment variables to ensure tenantId is not available
originalTenantId := os.Getenv("AZURE_TENANT_ID")
originalTenantId2 := os.Getenv("TENANT_ID")
defer func() {
if originalTenantId != "" {
os.Setenv("AZURE_TENANT_ID", originalTenantId)
} else {
os.Unsetenv("AZURE_TENANT_ID")
}
if originalTenantId2 != "" {
os.Setenv("TENANT_ID", originalTenantId2)
} else {
os.Unsetenv("TENANT_ID")
}
}()
os.Unsetenv("AZURE_TENANT_ID")
os.Unsetenv("TENANT_ID")
// Managed identity path without tenantId should fail
// The failure occurs when DefaultAzureCredential tries to acquire a token
// since tenantId is required for ACR token exchange but not available
_, _, err := getACRToken("sub", "", "", "", "", "myregistry.azurecr.io")
assert.Error(t, err)
// The error will be from DefaultAzureCredential failing to acquire a token
// because tenantId is missing and no credentials are available
assert.Contains(t, err.Error(), "failed to fetch access token")
}
cmd/kaniko-docker/main.go
+2 -8
View File
@@ -213,7 +213,7 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "platform", Name: "platform",
Usage: "Allows to build with another default platform than the host, similarly to docker build --platform", Usage: "Allows to build with another default platform than the host, similarly to docker build --platform",
EnvVar: "PLUGIN_PLATFORM", EnvVar: "PLUGIN_PLATFORM,PLUGIN_CUSTOM_PLATFORM",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "skip-unused-stages", Name: "skip-unused-stages",
@@ -257,11 +257,6 @@ func main() {
Usage: "Sub-path within the context to build.", Usage: "Sub-path within the context to build.",
EnvVar: "PLUGIN_CONTEXT_SUB_PATH", EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
}, },
cli.StringFlag{
Name: "custom-platform",
Usage: "Platform to use for building.",
EnvVar: "PLUGIN_CUSTOM_PLATFORM",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "force", Name: "force",
Usage: "Force building the image even if it already exists.", Usage: "Force building the image even if it already exists.",
@@ -449,7 +444,7 @@ func run(c *cli.Context) error {
NoPush: noPush, NoPush: noPush,
TarPath: c.String("tar-path"), TarPath: c.String("tar-path"),
Verbosity: c.String("verbosity"), Verbosity: c.String("verbosity"),
Platform: c.String("platform"), CustomPlatform: c.String("platform"),
PushOnly: c.Bool("push-only"), PushOnly: c.Bool("push-only"),
SkipUnusedStages: c.Bool("skip-unused-stages"), SkipUnusedStages: c.Bool("skip-unused-stages"),
CacheDir: c.String("cache-dir"), CacheDir: c.String("cache-dir"),
@@ -457,7 +452,6 @@ func run(c *cli.Context) error {
CacheRunLayers: c.Bool("cache-run-layers"), CacheRunLayers: c.Bool("cache-run-layers"),
Cleanup: c.Bool("cleanup"), Cleanup: c.Bool("cleanup"),
ContextSubPath: c.String("context-sub-path"), ContextSubPath: c.String("context-sub-path"),
CustomPlatform: c.String("custom-platform"),
Force: c.Bool("force"), Force: c.Bool("force"),
ImageNameWithDigestFile: c.String("image-name-with-digest-file"), ImageNameWithDigestFile: c.String("image-name-with-digest-file"),
ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"), ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"),
cmd/kaniko-docker/main_test.go
+58
View File
@@ -206,6 +206,64 @@ func TestDockerBuildArgsProcessing(t *testing.T) {
} }
} }
func TestPlatformEnvVarMapping(t *testing.T) {
tests := []struct {
name string
envVar string
envValue string
expectedValue string
}{
{
name: "PLUGIN_PLATFORM env var",
envVar: "PLUGIN_PLATFORM",
envValue: "linux/amd64",
expectedValue: "linux/amd64",
},
{
name: "PLUGIN_CUSTOM_PLATFORM env var",
envVar: "PLUGIN_CUSTOM_PLATFORM",
envValue: "linux/arm64",
expectedValue: "linux/arm64",
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
// Set the environment variable
os.Setenv(tt.envVar, tt.envValue)
defer os.Unsetenv(tt.envVar)
app := cli.NewApp()
app.Name = "kaniko-docker-test"
var capturedPlatform string
app.Flags = []cli.Flag{
cli.StringFlag{
Name: "platform",
Usage: "Allows to build with another default platform than the host",
EnvVar: "PLUGIN_PLATFORM,PLUGIN_CUSTOM_PLATFORM",
},
}
app.Action = func(c *cli.Context) error {
capturedPlatform = c.String("platform")
return nil
}
err := app.Run([]string{"kaniko-docker-test"})
if err != nil {
t.Errorf("CLI run error = %v, want nil", err)
return
}
if capturedPlatform != tt.expectedValue {
t.Errorf("Got platform = %v, want %v", capturedPlatform, tt.expectedValue)
}
})
}
}
func TestCreateDockerConfig(t *testing.T) { func TestCreateDockerConfig(t *testing.T) {
config := docker.NewConfig() config := docker.NewConfig()
tempDir, err := ioutil.TempDir("", "docker-config-test") tempDir, err := ioutil.TempDir("", "docker-config-test")
cmd/kaniko-ecr/main.go
+2 -8
View File
@@ -244,7 +244,7 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "platform", Name: "platform",
Usage: "Allows to build with another default platform than the host, similarly to docker build --platform", Usage: "Allows to build with another default platform than the host, similarly to docker build --platform",
EnvVar: "PLUGIN_PLATFORM", EnvVar: "PLUGIN_PLATFORM,PLUGIN_CUSTOM_PLATFORM",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "skip-unused-stages", Name: "skip-unused-stages",
@@ -282,11 +282,6 @@ func main() {
Usage: "Sub-path within the context to build.", Usage: "Sub-path within the context to build.",
EnvVar: "PLUGIN_CONTEXT_SUB_PATH", EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
}, },
cli.StringFlag{
Name: "custom-platform",
Usage: "Platform to use for building.",
EnvVar: "PLUGIN_CUSTOM_PLATFORM",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "force", Name: "force",
Usage: "Force building the image even if it already exists.", Usage: "Force building the image even if it already exists.",
@@ -518,14 +513,13 @@ func run(c *cli.Context) error {
DigestFile: defaultDigestFile, DigestFile: defaultDigestFile,
NoPush: noPush, NoPush: noPush,
Verbosity: c.String("verbosity"), Verbosity: c.String("verbosity"),
Platform: c.String("platform"), CustomPlatform: c.String("platform"),
SkipUnusedStages: c.Bool("skip-unused-stages"), SkipUnusedStages: c.Bool("skip-unused-stages"),
CacheDir: c.String("cache-dir"), CacheDir: c.String("cache-dir"),
CacheCopyLayers: c.Bool("cache-copy-layers"), CacheCopyLayers: c.Bool("cache-copy-layers"),
CacheRunLayers: c.Bool("cache-run-layers"), CacheRunLayers: c.Bool("cache-run-layers"),
Cleanup: c.Bool("cleanup"), Cleanup: c.Bool("cleanup"),
ContextSubPath: c.String("context-sub-path"), ContextSubPath: c.String("context-sub-path"),
CustomPlatform: c.String("custom-platform"),
Force: c.Bool("force"), Force: c.Bool("force"),
ImageNameWithDigestFile: c.String("image-name-with-digest-file"), ImageNameWithDigestFile: c.String("image-name-with-digest-file"),
ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"), ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"),
cmd/kaniko-gar/main.go
+2 -8
View File
@@ -207,7 +207,7 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "platform", Name: "platform",
Usage: "Allows to build with another default platform than the host, similarly to docker build --platform", Usage: "Allows to build with another default platform than the host, similarly to docker build --platform",
EnvVar: "PLUGIN_PLATFORM", EnvVar: "PLUGIN_PLATFORM,PLUGIN_CUSTOM_PLATFORM",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "skip-unused-stages", Name: "skip-unused-stages",
@@ -245,11 +245,6 @@ func main() {
Usage: "Sub-path within the context to build.", Usage: "Sub-path within the context to build.",
EnvVar: "PLUGIN_CONTEXT_SUB_PATH", EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
}, },
cli.StringFlag{
Name: "custom-platform",
Usage: "Platform to use for building.",
EnvVar: "PLUGIN_CUSTOM_PLATFORM",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "force", Name: "force",
Usage: "Force building the image even if it already exists.", Usage: "Force building the image even if it already exists.",
@@ -430,14 +425,13 @@ func run(c *cli.Context) error {
SourceTarPath: c.String("source-tar-path"), SourceTarPath: c.String("source-tar-path"),
TarPath: c.String("tar-path"), TarPath: c.String("tar-path"),
Verbosity: c.String("verbosity"), Verbosity: c.String("verbosity"),
Platform: c.String("platform"), CustomPlatform: c.String("platform"),
SkipUnusedStages: c.Bool("skip-unused-stages"), SkipUnusedStages: c.Bool("skip-unused-stages"),
CacheDir: c.String("cache-dir"), CacheDir: c.String("cache-dir"),
CacheCopyLayers: c.Bool("cache-copy-layers"), CacheCopyLayers: c.Bool("cache-copy-layers"),
CacheRunLayers: c.Bool("cache-run-layers"), CacheRunLayers: c.Bool("cache-run-layers"),
Cleanup: c.Bool("cleanup"), Cleanup: c.Bool("cleanup"),
ContextSubPath: c.String("context-sub-path"), ContextSubPath: c.String("context-sub-path"),
CustomPlatform: c.String("custom-platform"),
Force: c.Bool("force"), Force: c.Bool("force"),
ImageNameWithDigestFile: c.String("image-name-with-digest-file"), ImageNameWithDigestFile: c.String("image-name-with-digest-file"),
ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"), ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"),
cmd/kaniko-gcr/main.go
+2 -8
View File
@@ -176,7 +176,7 @@ func main() {
cli.StringFlag{ cli.StringFlag{
Name: "platform", Name: "platform",
Usage: "Allows to build with another default platform than the host, similarly to docker build --platform", Usage: "Allows to build with another default platform than the host, similarly to docker build --platform",
EnvVar: "PLUGIN_PLATFORM", EnvVar: "PLUGIN_PLATFORM,PLUGIN_CUSTOM_PLATFORM",
}, },
cli.BoolFlag{ cli.BoolFlag{
Name: "skip-unused-stages", Name: "skip-unused-stages",
@@ -214,11 +214,6 @@ func main() {
Usage: "Sub-path within the context to build.", Usage: "Sub-path within the context to build.",
EnvVar: "PLUGIN_CONTEXT_SUB_PATH", EnvVar: "PLUGIN_CONTEXT_SUB_PATH",
}, },
cli.StringFlag{
Name: "custom-platform",
Usage: "Platform to use for building.",
EnvVar: "PLUGIN_CUSTOM_PLATFORM",
},
cli.BoolFlag{ cli.BoolFlag{
Name: "force", Name: "force",
Usage: "Force building the image even if it already exists.", Usage: "Force building the image even if it already exists.",
@@ -404,14 +399,13 @@ func run(c *cli.Context) error {
DigestFile: defaultDigestFile, DigestFile: defaultDigestFile,
NoPush: noPush, NoPush: noPush,
Verbosity: c.String("verbosity"), Verbosity: c.String("verbosity"),
Platform: c.String("platform"), CustomPlatform: c.String("platform"),
SkipUnusedStages: c.Bool("skip-unused-stages"), SkipUnusedStages: c.Bool("skip-unused-stages"),
CacheDir: c.String("cache-dir"), CacheDir: c.String("cache-dir"),
CacheCopyLayers: c.Bool("cache-copy-layers"), CacheCopyLayers: c.Bool("cache-copy-layers"),
CacheRunLayers: c.Bool("cache-run-layers"), CacheRunLayers: c.Bool("cache-run-layers"),
Cleanup: c.Bool("cleanup"), Cleanup: c.Bool("cleanup"),
ContextSubPath: c.String("context-sub-path"), ContextSubPath: c.String("context-sub-path"),
CustomPlatform: c.String("custom-platform"),
Force: c.Bool("force"), Force: c.Bool("force"),
ImageNameWithDigestFile: c.String("image-name-with-digest-file"), ImageNameWithDigestFile: c.String("image-name-with-digest-file"),
ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"), ImageNameTagWithDigestFile: c.String("image-name-tag-with-digest-file"),
docker/gcr/Dockerfile.linux.amd64
+1 -1
View File
@@ -1,4 +1,4 @@
FROM gcr.io/kaniko-project/executor:v1.23.2 FROM harnesscommunity/kaniko-executor:1.25.0-linux-amd64
ENV KANIKO_VERSION=1.23.2 ENV KANIKO_VERSION=1.23.2
ADD release/linux/amd64/kaniko-gcr /kaniko/ ADD release/linux/amd64/kaniko-gcr /kaniko/
docker/gcr/Dockerfile.linux.arm64
+1 -1
View File
@@ -1,4 +1,4 @@
FROM gcr.io/kaniko-project/executor:v1.23.2 FROM harnesscommunity/kaniko-executor:1.25.0-linux-arm64
ENV HOME /root ENV HOME /root
ENV USER root ENV USER root
go.mod
+2 -4
View File
@@ -35,7 +35,7 @@ require (
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect github.com/cpuguy83/go-md2man/v2 v2.0.6 // indirect
github.com/davecgh/go-spew v1.1.1 // indirect github.com/davecgh/go-spew v1.1.1 // indirect
github.com/docker/cli v27.5.0+incompatible // indirect github.com/docker/cli v29.3.0+incompatible // indirect
github.com/docker/distribution v2.8.3+incompatible // indirect github.com/docker/distribution v2.8.3+incompatible // indirect
github.com/docker/docker-credential-helpers v0.8.2 // indirect github.com/docker/docker-credential-helpers v0.8.2 // indirect
github.com/golang-jwt/jwt/v5 v5.3.0 // indirect github.com/golang-jwt/jwt/v5 v5.3.0 // indirect
@@ -58,6 +58,4 @@ require (
gopkg.in/yaml.v3 v3.0.1 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect
) )
go 1.23.0 go 1.25.7
toolchain go1.23.8
go.sum
+2 -2
View File
@@ -49,8 +49,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6N
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/docker/cli v27.5.0+incompatible h1:aMphQkcGtpHixwwhAXJT1rrK/detk2JIvDaFkLctbGM= github.com/docker/cli v29.3.0+incompatible h1:z3iWveU7h19Pqx7alZES8j+IeFQZ1lhTwb2F+V9SVvk=
github.com/docker/cli v27.5.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/cli v29.3.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo= github.com/docker/docker-credential-helpers v0.8.2 h1:bX3YxiGzFP5sOXWc3bTPEXdEaZSeVMrFgOr3T+zrFAo=
kaniko.go
+9 -6
View File
@@ -37,7 +37,6 @@ type (
Labels []string // Label map Labels []string // Label map
Mirrors []string // Docker repository mirrors Mirrors []string // Docker repository mirrors
NoPush bool // Set this flag if you only want to build the image, without pushing to a registry NoPush bool // Set this flag if you only want to build the image, without pushing to a registry
Platform string // Allows to build with another default platform than the host, similarly to docker build --platform
PushOnly bool // Specify if the operation is push-only. PushOnly bool // Specify if the operation is push-only.
Repo string // Docker build repository Repo string // Docker build repository
SkipTlsVerify bool // Docker skip tls certificate verify for registry SkipTlsVerify bool // Docker skip tls certificate verify for registry
@@ -228,7 +227,15 @@ func (p Plugin) Exec() error {
} }
if _, err := os.Stat(p.Build.Dockerfile); os.IsNotExist(err) { if _, err := os.Stat(p.Build.Dockerfile); os.IsNotExist(err) {
return fmt.Errorf("dockerfile does not exist at path: %s", p.Build.Dockerfile)
// Get absolute path for better error message. If path is empty, this will
// return the current working directory, showing where the plugin looked.
absPath, absErr := filepath.Abs(p.Build.Dockerfile)
if absErr != nil {
absPath = p.Build.Dockerfile
}
return fmt.Errorf("dockerfile does not exist at path: %s", absPath)
} }
var tags = p.Build.Tags var tags = p.Build.Tags
@@ -311,10 +318,6 @@ func (p Plugin) Exec() error {
cmdArgs = append(cmdArgs, fmt.Sprintf("--verbosity=%s", p.Build.Verbosity)) cmdArgs = append(cmdArgs, fmt.Sprintf("--verbosity=%s", p.Build.Verbosity))
} }
if p.Build.Platform != "" {
cmdArgs = append(cmdArgs, fmt.Sprintf("--customPlatform=%s", p.Build.Platform))
}
if p.Build.SkipUnusedStages { if p.Build.SkipUnusedStages {
cmdArgs = append(cmdArgs, "--skip-unused-stages") cmdArgs = append(cmdArgs, "--skip-unused-stages")
} }
kaniko_test.go
+51
View File
@@ -283,6 +283,57 @@ func TestTarPathValidation(t *testing.T) {
} }
} }
func TestCustomPlatformFlag(t *testing.T) {
tests := []struct {
name string
customPlatform string
expectFlag bool
}{
{
name: "with_custom_platform",
customPlatform: "linux/amd64",
expectFlag: true,
},
{
name: "with_custom_platform_arm",
customPlatform: "linux/arm64",
expectFlag: true,
},
{
name: "empty_custom_platform",
customPlatform: "",
expectFlag: false,
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
p := Plugin{
Build: Build{
Dockerfile: "Dockerfile",
Context: ".",
Repo: "test/repo",
Tags: []string{"latest"},
CustomPlatform: tt.customPlatform,
NoPush: true, // Don't actually push
},
}
// We can't actually run Exec() without kaniko installed,
// but we can verify the logic by checking the field is set correctly
if tt.expectFlag && p.Build.CustomPlatform == "" {
t.Errorf("Expected CustomPlatform to be set to %q, but got empty string", tt.customPlatform)
}
if !tt.expectFlag && p.Build.CustomPlatform != "" {
t.Errorf("Expected CustomPlatform to be empty, but got %q", p.Build.CustomPlatform)
}
if tt.expectFlag && p.Build.CustomPlatform != tt.customPlatform {
t.Errorf("Expected CustomPlatform to be %q, but got %q", tt.customPlatform, p.Build.CustomPlatform)
}
})
}
}
func TestSourceTarballPush(t *testing.T) { func TestSourceTarballPush(t *testing.T) {
tests := []struct { tests := []struct {
name string name string