docs: update input docs

.gitlab-ci.yml

@@ -21,7 +21,6 @@ include:
 sast:
   stage: test
 
-
 # If we are tagging a release with a specific convention ("v" + number) and all
 # previous checks succeeded, we proceed with creating a release automatically.
 create-release:

README.md

@@ -13,16 +13,30 @@ include:
 
 where `<VERSION>` is the latest released tag or `main`.
 
-This will add a `container_scanning` job to the pipeline.
+This will add a `container_build` job to the pipeline.
 
 The template should work without modifications but you can customize the template settings.
 ### Inputs
 
 | Input | Default value | Description |
 | ----- | ------------- | ----------- |
-| `stage` | `test`      | The stage where you want the job to be added |
-| `build_image` | `$CI_TEMPLATE_REGISTRY_HOST/security-products/container-scanning:5` | The Docker image of the analyzer |
+| `stage` | `build`      | The stage where you want the job to be added |
+| `build_image` | `gcr.io/kaniko-project/executor:debug` | The Docker image of kaniko |
 | `force_run` | `false` | When set to `true` it always adds the job even if `$CONTAINER_SCANNING_DISABLED` is set |
+| `push` | `true` | When set to `true` the image will be pushed to the default registry. Set to `false` to only build without pushing the image. |
+| `kaniko_use_cache` | `false` | When set to `true` kaniko will push build cache layers to the registry. Currently only the gitlab registry is supported. |
+| `image_tag` | `$CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG` | The name/path of the image to build. |
+| `context` | `$CI_PROJECT_DIR` | The kaniko/docker build context. |
+| `dockerfile` | `$CI_PROJECT_DIR/Dockerfile` | The path to the Dockerfile. |
+| `authors` | `$CI_COMMIT_AUTHOR` | For OCI image label: Name of the image author(s).|
+| `source_url` | `$CI_PROJECT_URL` | For OCI image label: Url of the source code. |
+| `project_url` | `$CI_PROJECT_URL` | For OCI image label: Url of the project. |
+| `documentation_url` | `$CI_PROJECT_URL` | For OCI image label: Url of the documentation. |
+| `version` | `$CI_COMMIT_REF_NAME` | For OCI image label: Version of the image. |
+| `description` | `$CI_PROJECT_DESCRIPTION` | For OCI image label: Description. |
+| `base_img_name` | `UNKNOWN` | For OCI image label: Base image name. |
+| `vendor` | `UNKNOWN` | For OCI image label: Vendor name. |
+| `license` | `UNKNOWN` | For OCI image label: License. |
 
 ### Variables
 

templates/container-build.yml

@@ -1,7 +1,7 @@
 spec:
   inputs:
     stage:
-      default: test
+      default: build
     build_image:
       default: gcr.io/kaniko-project/executor:debug
     force_run:
@@ -14,7 +14,7 @@ spec:
       type: boolean
       default: false
     image_tag:
-        default: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME
+        default: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
     context:
         default: $CI_PROJECT_DIR
     dockerfile:
@@ -27,7 +27,7 @@ spec:
         default: $CI_PROJECT_URL
     version:
         default: $CI_COMMIT_REF_NAME
-    dokumentation_url:
+    documentation_url:
         default: $CI_PROJECT_URL
     description:
         default: $CI_PROJECT_DESCRIPTION
@@ -57,7 +57,7 @@ container_build:
     SOURCE_URL: "$[[ inputs.source_url ]]"
     PROJECT_URL: "$[[ inputs.project_url ]]"
     VERSION: "$[[ inputs.version ]]"
-    DOKUMENTATION_URL: "$[[ inputs.dokumentation_url ]]"
+    documentation_url: "$[[ inputs.documentation_url ]]"
     DESCRIPTION: "$[[ inputs.description ]]"
     VENDOR: "$[[ inputs.vendor ]]"
     LICENSE: "$[[ inputs.license ]]"
@@ -70,7 +70,7 @@ container_build:
       mkdir -p /kaniko/.docker && mkdir build-artifacts
     - |
       echo "Setting variables" > /dev/null
-      if [ "${KANIKO_USE_CACHE}" = "true" ]; then export KANIKO_CACHE_ARGS=$KANIKO_DEFAULT_CACHE_ARGS; fi
+      if [ "${KANIKO_USE_CACHE}" = "true" ]; then export KANIKO_EXTRA_ARGS_INTERNAL=${KANIKO_DEFAULT_CACHE_ARGS} ${KANIKO_EXTRA_ARGS_INTERNAL}; fi
       if [ "${KANIKO_PUSH}" = "false" ]; then export KANIKO_EXTRA_ARGS_INTERNAL="--no-push ${KANIKO_EXTRA_ARGS_INTERNAL}"; fi
       if [ ! -z ${KANIKO_EXTRA_BUILD_DST+x} ]; then KANIKO_EXTRA_ARGS_INTERNAL="--destination ${KANIKO_EXTRA_BUILD_DST} ${KANIKO_EXTRA_ARGS_INTERNAL}"; fi
       echo "Building ${BUILD_IMAGE_TAG}..."
@@ -83,14 +83,14 @@ container_build:
       --skip-unused-stages \
       --log-timestamp=true \
       --registry-mirror mirror.gcr.io \
-      --dockerfile $DOCKERFILE $KANIKO_CACHE_ARGS \
+      --dockerfile $DOCKERFILE \
       --build-arg COMMIT_HASH=$CI_COMMIT_SHORT_SHA \
       --build-arg COMMIT_TAG=$CI_COMMIT_REF_NAME \
       --build-arg BUILD_ENV=$BUILD_ENV \
       --label org.opencontainers.image.created="$(date -D FMT=minutes)" \
       --label org.opencontainers.image.authors="${AUTHORS}" \
       --label org.opencontainers.image.url="${PROJECT_URL}" \
-      --label org.opencontainers.image.documentation="${DOKUMENTATION_URL}" \
+      --label org.opencontainers.image.documentation="${documentation_url}" \
       --label org.opencontainers.image.source="${SOURCE_URL}" \
       --label org.opencontainers.image.version="${VERSION}" \
       --label org.opencontainers.image.revision="${CI_COMMIT_SHORT_SHA}" \