1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
sap-jenkins-library/resources/metadata/kaniko.yaml
Oliver Nocon f455a8a4a0
fix(dockerOptions) properly pass empty values (#3024)
it is possible to overwrite the entrypoint for docker execution:
https://docs.docker.com/engine/reference/run/#entrypoint-default-command-to-execute-at-runtime

This is ideally done by passing `entrypoint=''` and not pass two options to the call.
This also helps with escaping issues of the empty value on other systems.

Co-authored-by: Sven Merk <33895725+nevskrem@users.noreply.github.com>
2021-08-02 10:21:14 +02:00

133 lines
5.1 KiB
YAML

metadata:
name: kanikoExecute
description: Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container.
longDescription: Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container.
spec:
inputs:
secrets:
- name: dockerConfigJsonCredentialsId
description: Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)). You can create it like explained in the Docker Success Center in the article about [how to generate a new auth in the config.json file](https://success.docker.com/article/generate-new-auth-in-config-json-file).
type: jenkins
params:
- name: buildOptions
type: "[]string"
description: Defines a list of build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.
scope:
- PARAMETERS
- STAGES
- STEPS
default:
- --skip-tls-verify-pull
- name: containerBuildOptions
type: string
description: Deprected, please use buildOptions. Defines the build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.
scope:
- PARAMETERS
- STAGES
- STEPS
- name: containerImage
aliases:
- name: containerImageNameAndTag
deprecated: true
type: string
description: Defines the full name of the Docker image to be created including registry, image name and tag like `my.docker.registry/path/myImageName:myTag`. If left empty, image will not be pushed.
scope:
- PARAMETERS
- STAGES
- STEPS
- name: containerImageName
aliases:
- name: dockerImageName
type: string
description: Name of the container which will be built - will be used instead of parameter `containerImage`
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
- name: containerImageTag
aliases:
- name: artifactVersion
type: string
description: Tag of the container which will be built - will be used instead of parameter `containerImage`
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
resourceRef:
- name: commonPipelineEnvironment
param: artifactVersion
- name: containerPreparationCommand
type: string
description: Defines the command to prepare the Kaniko container. By default the contained credentials are removed in order to allow anonymous access to container registries.
scope:
- PARAMETERS
- STAGES
- STEPS
default: rm -f /kaniko/.docker/config.json
- name: containerRegistryUrl
aliases:
- name: dockerRegistryUrl
type: string
description: http(s) url of the Container registry where the image should be pushed to - will be used instead of parameter `containerImage`
scope:
- GENERAL
- PARAMETERS
- STAGES
- STEPS
resourceRef:
- name: commonPipelineEnvironment
param: container/registryUrl
- name: customTlsCertificateLinks
type: "[]string"
description: List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates.
scope:
- PARAMETERS
- STAGES
- STEPS
- name: dockerConfigJSON
type: string
description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).
scope:
- PARAMETERS
secret: true
resourceRef:
- name: commonPipelineEnvironment
param: custom/dockerConfigJSON
- name: dockerConfigJsonCredentialsId
type: secret
- type: vaultSecretFile
paths:
- $(vaultPath)/docker-config
- $(vaultBasePath)/$(vaultPipelineName)/docker-config
- $(vaultBasePath)/GROUP-SECRETS/docker-config
- name: dockerfilePath
aliases:
- name: dockerfile
type: string
description: Defines the location of the Dockerfile relative to the Jenkins workspace.
scope:
- PARAMETERS
- STAGES
- STEPS
default: Dockerfile
outputs:
resources:
- name: commonPipelineEnvironment
type: piperEnvironment
params:
- name: container/registryUrl
- name: container/imageNameTag
containers:
# https://github.com/GoogleContainerTools/kaniko/issues/1586
- image: gcr.io/kaniko-project/executor:v1.3.0-debug
command:
- /busybox/tail -f /dev/null
shell: /busybox/sh
options:
- name: -u
value: "0"
- name: --entrypoint
value: ''