From e084dfe2652d280c92764f59b40b372cbb39b4f1 Mon Sep 17 00:00:00 2001 From: ytshih Date: Sat, 19 Apr 2025 17:13:27 +0800 Subject: [PATCH] Feat: add crane support --- Dockerfile | 11 ++++++++++- entrypoint.sh | 43 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 entrypoint.sh diff --git a/Dockerfile b/Dockerfile index e1e8e87..0e21f5d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,3 +1,12 @@ -FROM gcr.io/kaniko-project/executor:v1.23.2 +FROM gcr.io/go-containerregistry/crane:v0.20.3 AS crane + +##### + +FROM gcr.io/kaniko-project/executor:v1.23.2-debug ADD rootca.pem /usr/local/share/ca-certificates/rootca.pem + +COPY --from=crane /ko-app/crane /bin/crane +COPY entrypoint /kaniko/entrypoint.sh + +ENTRYPOINT ["/kaniko/entrypoint.sh"] diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100644 index 0000000..5490cdb --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,43 @@ +#!/busybox/sh +set -e pipefail + +OLDIFS=$IFS + +REGISTRY="${INPUT_PUSH_REGISTRY}" +REGISTRY_CERTIFICATE="${INPUT_REGISTRY_CERTIFICATE}" +USERNAME="${INPUT_USERNAME:-$GITHUB_ACTOR}" +PASSWORD="${INPUT_PASSWORD:-$GITHUB_TOKEN}" +crane auth login "$REGISTRY" -u "$USERNAME" -p "$PASSWORD" + +IMAGE="$(echo "${INPUT_TAGS}" | cut -f1 -d':')" +TAGS="${INPUT_TAGS:-$REGISTRY/$GITEA_REPO/$GITEA_REF_NAME}" + +DOCKERFILE="${INPUT_FILE}" +CONTEXT="${INPUT_CONTEXT}" + +LABELS="--label org.opencontainers.image.created=$(date -u +"%Y-%m-%dT%H:%M:%S.%3NZ")" +for label in $INPUT_LABELS; do + LABELS="$LABELS --label $label" +done +ARGS="$LABELS --context $CONTEXT --dockerfile $DOCKERFILE" + +if [ -n "$REGISTRY_CERTIFICATE" ]; then + ARGS="$ARGS --registry-certificate ${REGISTRY}:${REGISTRY_CERTIFICATE}" +fi + +runKaniko() { + IFS='' + EXECUTOR="executor ${1} --reproducible --force --cleanup" + echo "Build with: ${EXECUTOR}" + eval "${EXECUTOR}" + IFS=$OLDIFS +} + +echo "Building image $IMAGE" + +DESTINATION="--destination $IMAGE:latest --destination $TAGS" +runKaniko "${ARGS} $DESTINATION $DIGEST" + +DIGEST=$(head -n 1 '/kaniko/build/image-tag-digest' | cut -f2 -d '@') +echo "Image $IMAGE pushed" +echo "Digest: $DIGEST"