Skip to content
/ drone-kaniko Public
forked from Instapage/drone-kaniko

A thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.

License

Apache-2.0 license
0 stars 74 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

dillendev/drone-kaniko

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
.github/workflows
.github/workflows
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
Dockerfile.test
Dockerfile.test
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
plugin.sh
plugin.sh
 
 

Repository files navigation

drone-kaniko

A thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.

Versioning is not always based on every official Kaniko release

Example .drone.yml for Drone 1.0 (pushing to Docker Hub):

kind: pipeline
name: default

steps:
- name: publish
  image: postclick/drone-kaniko
  settings:
    registry: registry.example.com # if not provided index.docker.io is supposed
    repo: registry.example.com/example-project
    tags: ${DRONE_COMMIT_SHA}
    cache: true
    skip_tls_verify: false # set to true for testing registries ONLY with self-signed certs
    build_args:
    - COMMIT_SHA=${DRONE_COMMIT_SHA}
    - COMMIT_AUTHOR_EMAIL=${DRONE_COMMIT_AUTHOR_EMAIL}
    username:
      from_secret: docker-username
    password:
      from_secret: docker-password

Pushing to GCR:

kind: pipeline
name: default

steps:
- name: publish
  image: postclick/drone-kaniko
  settings:
    registry: gcr.io
    repo: example.com/example-project
    tags: ${DRONE_COMMIT_SHA}
    cache: true
    json_key:
      from_secret: google-application-credentials

Use the target option to build particular final stage

You can build specific target

kind: pipeline
name: default

steps:
- name: publish
  image: postclick/drone-kaniko
  settings:
    target: production
    skip_unused_stages: true # will not build unnecessary stages
    registry: gcr.io
    repo: example.com/example-project
    tags: ${DRONE_COMMIT_SHA}
    cache: true
    json_key:
      from_secret: google-application-credentials

Use .tags file for tagging

Similarly to official drone-docker plugin you can use .tags file to embed some custom logic for creating tags for an image.

kind: pipeline
name: default

steps:
- name: build
  image: golang
  commands:
      - go get 
      - go build
      - make versiontags > .tags
- name: publish
  image: postclick/drone-kaniko
  settings:
    registry: registry.example.com 
    repo: registry.example.com/example-project
    # tags: ${DRONE_COMMIT_SHA} <= it must be left undefined 
    username:
      from_secret: docker-username
    password:
      from_secret: docker-password

Auto tag

Set auto_tag: true.

kind: pipeline
name: default

steps:
- name: build
  image: golang
  commands:
      - go get 
      - go build
- name: publish
  image: postclick/drone-kaniko
  settings:
    registry: registry.example.com 
    repo: registry.example.com/example-project
    auto_tag: true # higher priority then .tags file
    # tags: ${DRONE_COMMIT_SHA} <= it must be left undefined to use auto_tag
    username:
      from_secret: docker-username
    password:
      from_secret: docker-password

Auto tag from env

Set auto_tag_from_env: [env1, env2, ..., envN].

kind: pipeline
name: default

steps:
- name: build
  image: golang
  commands:
      - go get 
      - go build
- name: publish
  image: postclick/drone-kaniko
  settings:
    registry: registry.example.com 
    repo: registry.example.com/example-project
    auto_tag_from_env: [ DRONE_COMMIT_SHA, DRONE_SOURCE_BRANCH ] # get values from env and use as tag
    # auto_tag: true # <= it must be left undefined to use auto_tag_from_env
    # tags: ${DRONE_COMMIT_SHA} <= it must be left undefined to use auto_tag_from_env
    username:
      from_secret: docker-username
    password:
      from_secret: docker-password

Test that it can build

docker run -it --rm -w /src -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=postclick/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test postclick/drone-kaniko

Test that caching works

Start a Docker registry at 127.0.0.1:5000:

docker run -d -p 5000:5000 --restart always --name registry --hostname registry.local registry:2

Add the following lines to plugin.sh's final command and build a new image from it:

+    --cache=true \
+    --cache-repo=127.0.0.1:5000/${PLUGIN_REPO} \
docker build -t postclick/drone-kaniko .

Warm up the alpine image to the cache:

docker run -v $PWD:/cache gcr.io/kaniko-project/warmer:latest --verbosity=debug --image=alpine:3.8

Run the builder (on the host network to be able to access the registry, if any specified) with mounting the local disk cache, this example pushes to Docker Hub:

docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_USERNAME=${DOCKER_USERNAME} -e PLUGIN_PASSWORD=${DOCKER_PASSWORD} -e PLUGIN_REPO=postclick/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true postclick/drone-kaniko

The very same example just pushing to GCR instead of Docker Hub:

docker run --net=host -it --rm -w /src -v $PWD:/cache -v $PWD:/src -e PLUGIN_REGISTRY=gcr.io -e PLUGIN_REPO=paas-dev1/drone-kaniko-test -e PLUGIN_TAGS=test -e PLUGIN_DOCKERFILE=Dockerfile.test -e PLUGIN_CACHE=true -e PLUGIN_JSON_KEY="$(<$HOME/google-application-credentials.json)" postclick/drone-kaniko

About

A thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 91.2%
  • Dockerfile 8.8%