A thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.
ad1fd17aa5
Apparently the busybox implementation of `base64` will line-wrap long output strings. This meant that long username+password combinations could produce base64 that contained spurious "\n" characters, which then led to: ``` 2019/05/06 00:47:39 Unable to parse "/kaniko/.docker/config.json": invalid character '\n' in string literal ``` Fixed by just removing the newlines in base64 output. A "better" solution would use a different base64 implementation that avoided line-wrapping in the first place. |
||
---|---|---|
.gitignore | ||
Dockerfile | ||
Dockerfile.test | ||
LICENSE | ||
plugin.sh | ||
README.md |
drone-kaniko
A thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.
Example .drone.yml for Drone 1.0
kind: pipeline
name: default
steps:
- name: publish
image: banzaicloud/drone-kaniko
settings:
registry: registry.example.com
repo: registry.example.com/example-project
tags: ${DRONE_COMMIT_SHA}
cache: true
build_args:
- COMMIT_SHA=${DRONE_COMMIT_SHA}
- COMMIT_AUTHOR_EMAIL=${DRONE_COMMIT_AUTHOR_EMAIL}
username:
from_secret: docker-username
password:
from_secret: docker-password
Test that it can build
docker run -it --rm -w /src -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=banzaicloud/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test banzaicloud/drone-kaniko
Test that caching works
Start a Docker registry at 127.0.0.1:5000:
docker run -d -p 5000:5000 --restart always --name registry --hostname registry.local registry:2
Add the following lines to plugin.sh's final command and build a new image from it:
+ --cache=true \
+ --cache-repo=127.0.0.1:5000/${PLUGIN_REPO} \
docker build -t banzaicloud/drone-kaniko .
Warm up the alpine image to the cache:
docker run -v $PWD:/cache gcr.io/kaniko-project/warmer:latest --image=alpine:3.8
Run the builder on the host network to be able to access the registry:
docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e DOCKER_USERNAME=${DOCKER_USERNAME} -e DOCKER_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=banzaicloud/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test banzaicloud/drone-kaniko