mirror of
https://github.com/SAP/jenkins-library.git
synced 2024-12-14 11:03:09 +02:00
b93bcba2d1
This reverts commit 151ec040f9
.
135 lines
5.0 KiB
YAML
135 lines
5.0 KiB
YAML
metadata:
|
|
name: kanikoExecute
|
|
description: Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container.
|
|
longDescription: Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container.
|
|
spec:
|
|
inputs:
|
|
secrets:
|
|
- name: dockerConfigJsonCredentialsId
|
|
description: Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)). You can create it like explained in the [protocodeExecuteScan Prerequisites section](https://www.project-piper.io/steps/protecodeExecuteScan/#prerequisites).
|
|
type: jenkins
|
|
params:
|
|
- name: buildOptions
|
|
type: "[]string"
|
|
description: Defines a list of build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
default:
|
|
- --skip-tls-verify-pull
|
|
- name: containerBuildOptions
|
|
type: string
|
|
description: Deprected, please use buildOptions. Defines the build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: containerImage
|
|
aliases:
|
|
- name: containerImageNameAndTag
|
|
deprecated: true
|
|
type: string
|
|
description: Defines the full name of the Docker image to be created including registry, image name and tag like `my.docker.registry/path/myImageName:myTag`. If left empty, image will not be pushed.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: containerImageName
|
|
aliases:
|
|
- name: dockerImageName
|
|
type: string
|
|
description: Name of the container which will be built - will be used instead of parameter `containerImage`
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: containerImageTag
|
|
aliases:
|
|
- name: artifactVersion
|
|
type: string
|
|
description: Tag of the container which will be built - will be used instead of parameter `containerImage`
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: artifactVersion
|
|
- name: containerPreparationCommand
|
|
type: string
|
|
description: Defines the command to prepare the Kaniko container. By default the contained credentials are removed in order to allow anonymous access to container registries.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
default: rm -f /kaniko/.docker/config.json
|
|
- name: containerRegistryUrl
|
|
aliases:
|
|
- name: dockerRegistryUrl
|
|
type: string
|
|
description: http(s) url of the Container registry where the image should be pushed to - will be used instead of parameter `containerImage`
|
|
scope:
|
|
- GENERAL
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: container/registryUrl
|
|
- name: customTlsCertificateLinks
|
|
type: "[]string"
|
|
description: List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
- name: dockerConfigJSON
|
|
type: string
|
|
description: Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
secret: true
|
|
resourceRef:
|
|
- name: commonPipelineEnvironment
|
|
param: custom/dockerConfigJSON
|
|
- name: dockerConfigJsonCredentialsId
|
|
type: secret
|
|
- type: vaultSecretFile
|
|
paths:
|
|
- $(vaultPath)/docker-config
|
|
- $(vaultBasePath)/$(vaultPipelineName)/docker-config
|
|
- $(vaultBasePath)/GROUP-SECRETS/docker-config
|
|
- name: dockerfilePath
|
|
aliases:
|
|
- name: dockerfile
|
|
type: string
|
|
description: Defines the location of the Dockerfile relative to the Jenkins workspace.
|
|
scope:
|
|
- PARAMETERS
|
|
- STAGES
|
|
- STEPS
|
|
default: Dockerfile
|
|
outputs:
|
|
resources:
|
|
- name: commonPipelineEnvironment
|
|
type: piperEnvironment
|
|
params:
|
|
- name: container/registryUrl
|
|
- name: container/imageNameTag
|
|
containers:
|
|
# https://github.com/GoogleContainerTools/kaniko/issues/1586
|
|
- image: gcr.io/kaniko-project/executor:v1.3.0-debug
|
|
command:
|
|
- /busybox/tail -f /dev/null
|
|
shell: /busybox/sh
|
|
options:
|
|
- name: -u
|
|
value: "0"
|
|
- name: --entrypoint
|
|
value: ''
|