Merge pull request #58 from drone/aman-fix-acr

Fix cert not working in ACR
addressed comments
2026-06-16 14:49:02 +08:00 · 2022-08-03 15:06:01 +05:30 · 2022-08-03 13:14:03 +05:30 · 2022-08-03 13:09:41 +05:30 · 2022-08-03 13:07:49 +05:30 · 2022-08-03 13:07:27 +05:30
3 changed files with 26 additions and 8 deletions
@@ -2,3 +2,4 @@ release
 coverage.out
 vendor
 .idea
+.vscode
@@ -17,6 +17,7 @@ export GO111MODULE=on
 go build -v -a -tags netgo -o release/linux/amd64/kaniko-docker ./cmd/kaniko-docker
 go build -v -a -tags netgo -o release/linux/amd64/kaniko-gcr ./cmd/kaniko-gcr
 go build -v -a -tags netgo -o release/linux/amd64/kaniko-ecr ./cmd/kaniko-ecr
+go build -v -a -tags netgo -o release/linux/amd64/kaniko-acr ./cmd/kaniko-acr
 ```

 ## Docker
@@ -28,6 +29,11 @@ docker build \
  --label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
  --label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
  --file docker/docker/Dockerfile.linux.amd64 --tag plugins/kaniko .
+  
+docker build \
+  --label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
+  --label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
+  --file docker/acr/Dockerfile.linux.amd64 --tag plugins/kaniko-acr .

 docker build \
  --label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
@@ -2,6 +2,7 @@ package main

 import (
 	"context"
+	"encoding/base64"
 	"encoding/json"
 	"fmt"
 	"io/ioutil"
@@ -130,7 +131,7 @@ func main() {
 		},
 		cli.StringFlag{
 			Name:   "client-cert",
-			Usage:  "Azure client certificate",
+			Usage:  "Azure client certificate encoded in base64 format",
 			EnvVar: "CLIENT_CERTIFICATE",
 		},
 		cli.StringFlag{
@@ -307,16 +308,22 @@ func getACRToken(tenantId, clientId, clientSecret, cert, registry string) (strin
 		}
 	}

-	// TODO check for presence of file as well.
-	os.Setenv(clientIdEnv, clientId)
-	os.Setenv(clientSecretKeyEnv, clientSecret)
-	os.Setenv(tenantKeyEnv, tenantId)
-	os.Setenv(certPathEnv, ACRCertPath)
+	if err := os.Setenv(clientIdEnv, clientId); err != nil {
+		return "", errors.Wrap(err, "failed to set env variable client Id")
+	}
+	if err := os.Setenv(clientSecretKeyEnv, clientSecret); err != nil {
+		return "", errors.Wrap(err, "failed to set env variable client secret")
+	}
+	if err := os.Setenv(tenantKeyEnv, tenantId); err != nil {
+		return "", errors.Wrap(err, "failed to set env variable tenant Id")
+	}
+	if err := os.Setenv(certPathEnv, ACRCertPath); err != nil {
+		return "", errors.Wrap(err, "failed to set env variable cert path")
+	}
 	env, err := azidentity.NewEnvironmentCredential(nil)
 	if err != nil {
 		return "", errors.Wrap(err, "failed to get env credentials from azure")
 	}
-
 	policy := policy.TokenRequestOptions{
 		Scopes: []string{"https://management.azure.com/.default"},
 	}
@@ -368,7 +375,11 @@ func fetchACRToken(tenantId, token, registry string) (string, error) {
 }

 func setupACRCert(cert string) error {
-	err := ioutil.WriteFile(ACRCertPath, []byte(cert), 0644)
+	decoded, err := base64.StdEncoding.DecodeString(cert)
+	if err != nil {
+		return errors.Wrap(err, "failed to base64 decode ACR certificate")
+	}
+	err = ioutil.WriteFile(ACRCertPath, []byte(decoded), 0644)
 	if err != nil {
 		return errors.Wrap(err, "failed to write ACR certificate")
 	}
Author	SHA1	Message	Date
Aman Singh	33e44ca23a	Merge pull request #58 from drone/aman-fix-acr Fix cert not working in ACR	2022-08-03 15:06:01 +05:30
Aman Singh	1409e80406	addressed comments	2022-08-03 13:14:03 +05:30
Aman Singh	97ecf9b992	addressed comments	2022-08-03 13:09:41 +05:30
Aman Singh	0ae1cbc382	addressed comments	2022-08-03 13:07:49 +05:30
Aman Singh	fe57a616ed	addressed comments	2022-08-03 13:07:27 +05:30
Aman Singh	4da1f904b0	Update README.md	2022-08-03 12:56:58 +05:30
Aman Singh	eaeab5fddb	updated .gitignore	2022-08-03 12:54:53 +05:30
Aman Singh	546dc21a7e	removed fmt.print	2022-08-03 12:53:16 +05:30
Aman Singh	d0df077e6e	fix cert issue in acr images	2022-08-03 12:50:10 +05:30