mirror of
https://github.com/drone/drone-kaniko.git
synced 2026-06-14 14:02:35 +08:00
Compare commits
1 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Aman Singh
|
d96c3d05e8 |
@@ -26,7 +26,7 @@ const (
|
|||||||
clientSecretKeyEnv string = "AZURE_CLIENT_SECRET"
|
clientSecretKeyEnv string = "AZURE_CLIENT_SECRET"
|
||||||
tenantKeyEnv string = "AZURE_TENANT_ID"
|
tenantKeyEnv string = "AZURE_TENANT_ID"
|
||||||
certPathEnv string = "AZURE_CLIENT_CERTIFICATE_PATH"
|
certPathEnv string = "AZURE_CLIENT_CERTIFICATE_PATH"
|
||||||
dockerConfigPath string = "/kaniko/.docker/config.json"
|
dockerConfigPath string = "/kaniko/.docker"
|
||||||
defaultDigestFile string = "/kaniko/digest-file"
|
defaultDigestFile string = "/kaniko/digest-file"
|
||||||
)
|
)
|
||||||
|
|
||||||
@@ -296,7 +296,7 @@ func getACRToken(tenantId, clientId, clientSecret, cert, registry string) (strin
|
|||||||
}
|
}
|
||||||
|
|
||||||
if clientSecret == "" && cert == "" {
|
if clientSecret == "" && cert == "" {
|
||||||
return "", fmt.Errorf("one of client secert or cert should be defined")
|
return "", fmt.Errorf("one of client secret or cert should be defined")
|
||||||
}
|
}
|
||||||
|
|
||||||
// in case of authentication via cert
|
// in case of authentication via cert
|
||||||
@@ -311,6 +311,7 @@ func getACRToken(tenantId, clientId, clientSecret, cert, registry string) (strin
|
|||||||
os.Setenv(clientIdEnv, clientId)
|
os.Setenv(clientIdEnv, clientId)
|
||||||
os.Setenv(clientSecretKeyEnv, clientSecret)
|
os.Setenv(clientSecretKeyEnv, clientSecret)
|
||||||
os.Setenv(tenantKeyEnv, tenantId)
|
os.Setenv(tenantKeyEnv, tenantId)
|
||||||
|
os.Setenv(certPathEnv, ACRCertPath)
|
||||||
env, err := azidentity.NewEnvironmentCredential(nil)
|
env, err := azidentity.NewEnvironmentCredential(nil)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", errors.Wrap(err, "failed to get env credentials from azure")
|
return "", errors.Wrap(err, "failed to get env credentials from azure")
|
||||||
@@ -366,14 +367,10 @@ func fetchACRToken(tenantId, token, registry string) (string, error) {
|
|||||||
return "", errors.New("failed to get refresh token from acr")
|
return "", errors.New("failed to get refresh token from acr")
|
||||||
}
|
}
|
||||||
|
|
||||||
func setupACRCert(jsonKey string) error {
|
func setupACRCert(cert string) error {
|
||||||
err := ioutil.WriteFile(ACRCertPath, []byte(jsonKey), 0644)
|
err := ioutil.WriteFile(ACRCertPath, []byte(cert), 0644)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrap(err, "failed to write ACR certificate")
|
return errors.Wrap(err, "failed to write ACR certificate")
|
||||||
}
|
}
|
||||||
err = os.Setenv(certPathEnv, ACRCertPath)
|
|
||||||
if err != nil {
|
|
||||||
return errors.Wrap(err, fmt.Sprintf("failed to set %s environment variable", certPathEnv))
|
|
||||||
}
|
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -26,7 +26,8 @@ func CreateDockerCfgFile(username, password, registry, path string) error {
|
|||||||
authBytes := []byte(fmt.Sprintf("%s:%s", username, password))
|
authBytes := []byte(fmt.Sprintf("%s:%s", username, password))
|
||||||
encodedString := base64.StdEncoding.EncodeToString(authBytes)
|
encodedString := base64.StdEncoding.EncodeToString(authBytes)
|
||||||
jsonBytes := []byte(fmt.Sprintf(`{"auths": {"%s": {"auth": "%s"}}}`, "https://"+registry, encodedString))
|
jsonBytes := []byte(fmt.Sprintf(`{"auths": {"%s": {"auth": "%s"}}}`, "https://"+registry, encodedString))
|
||||||
err = ioutil.WriteFile(path, jsonBytes, 0644)
|
filePath := path + "/config.json"
|
||||||
|
err = ioutil.WriteFile(filePath, jsonBytes, 0644)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return errors.Wrap(err, "failed to create docker config file")
|
return errors.Wrap(err, "failed to create docker config file")
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user