drone-kaniko/cmd/kaniko-docker/main.go

package main

import (
	"encoding/base64"
	"fmt"
	"io/ioutil"
	"os"

	"github.com/joho/godotenv"
	"github.com/pkg/errors"
	"github.com/sirupsen/logrus"
	"github.com/urfave/cli"

	kaniko "git.dotya.ml/wanderer/drone-kaniko"
	"git.dotya.ml/wanderer/drone-kaniko/cmd/artifact"
)

const (
	// Docker file path
	dockerPath       string = "/kaniko/.docker"
	dockerConfigPath string = "/kaniko/.docker/config.json"

	v1Registry string = "https://index.docker.io/v1/" // Default registry
	v2Registry string = "https://index.docker.io/v2/" // v2 registry is not supported

	defaultDigestFile string = "/kaniko/digest-file"
)

var (
	version = "unknown"
)

func main() {
	// Load env-file if it exists first
	if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
		godotenv.Load(env)
	}

	app := cli.NewApp()
	app.Name = "kaniko docker plugin"
	app.Usage = "kaniko docker plugin"
	app.Action = run
	app.Version = version
	app.Flags = []cli.Flag{
		cli.StringFlag{
			Name:   "dockerfile",
			Usage:  "build dockerfile",
			Value:  "Dockerfile",
			EnvVar: "PLUGIN_DOCKERFILE",
		},
		cli.StringFlag{
			Name:   "context",
			Usage:  "build context",
			Value:  ".",
			EnvVar: "PLUGIN_CONTEXT",
		},
		cli.StringSliceFlag{
			Name:     "tags",
			Usage:    "build tags",
			Value:    &cli.StringSlice{"latest"},
			EnvVar:   "PLUGIN_TAGS",
			FilePath: ".tags",
		},
		cli.StringSliceFlag{
			Name:   "args",
			Usage:  "build args",
			EnvVar: "PLUGIN_BUILD_ARGS",
		},
		cli.StringFlag{
			Name:   "target",
			Usage:  "build target",
			EnvVar: "PLUGIN_TARGET",
		},
		cli.StringFlag{
			Name:   "repo",
			Usage:  "docker repository",
			EnvVar: "PLUGIN_REPO",
		},
		cli.StringSliceFlag{
			Name:   "custom-labels",
			Usage:  "additional k=v labels",
			EnvVar: "PLUGIN_CUSTOM_LABELS",
		},
		cli.StringFlag{
			Name:   "registry",
			Usage:  "docker registry",
			Value:  v1Registry,
			EnvVar: "PLUGIN_REGISTRY",
		},
		cli.StringFlag{
			Name:   "username",
			Usage:  "docker username",
			EnvVar: "PLUGIN_USERNAME",
		},
		cli.StringFlag{
			Name:   "password",
			Usage:  "docker password",
			EnvVar: "PLUGIN_PASSWORD",
		},
		cli.BoolFlag{
			Name:   "skip-tls-verify",
			Usage:  "Skip registry tls verify",
			EnvVar: "PLUGIN_SKIP_TLS_VERIFY",
		},
		cli.StringFlag{
			Name:   "snapshot-mode",
			Usage:  "Specify one of full, redo or time as snapshot mode",
			EnvVar: "PLUGIN_SNAPSHOT_MODE",
		},
		cli.BoolFlag{
			Name:   "enable-cache",
			Usage:  "Set this flag to opt into caching with kaniko",
			EnvVar: "PLUGIN_ENABLE_CACHE",
		},
		cli.StringFlag{
			Name:   "cache-repo",
			Usage:  "Remote repository that will be used to store cached layers. enable-cache needs to be set to use this flag",
			EnvVar: "PLUGIN_CACHE_REPO",
		},
		cli.IntFlag{
			Name:   "cache-ttl",
			Usage:  "Cache timeout in hours. Defaults to two weeks.",
			EnvVar: "PLUGIN_CACHE_TTL",
		},
		cli.StringFlag{
			Name:   "artifact-file",
			Usage:  "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",
			EnvVar: "PLUGIN_ARTIFACT_FILE",
		},
		cli.BoolFlag{
			Name:   "no-push",
			Usage:  "Set this flag if you only want to build the image, without pushing to a registry",
			EnvVar: "PLUGIN_NO_PUSH",
		},
		cli.StringFlag{
			Name:   "verbosity",
			Usage:  "Set this flag with value as oneof <panic|fatal|error|warn|info|debug|trace> to set the logging level for kaniko. Defaults to info.",
			EnvVar: "PLUGIN_VERBOSITY",
		},
	}

	if err := app.Run(os.Args); err != nil {
		logrus.Fatal(err)
	}
}

func run(c *cli.Context) error {
	err := createDockerCfgFile(c.String("username"), c.String("password"), c.String("registry"))
	if err != nil {
		return err
	}

	plugin := kaniko.Plugin{
		Build: kaniko.Build{
			Dockerfile:    c.String("dockerfile"),
			Context:       c.String("context"),
			Tags:          c.StringSlice("tags"),
			Args:          c.StringSlice("args"),
			Target:        c.String("target"),
			Repo:          c.String("repo"),
			Labels:        c.StringSlice("custom-labels"),
			SkipTlsVerify: c.Bool("skip-tls-verify"),
			SnapshotMode:  c.String("snapshot-mode"),
			EnableCache:   c.Bool("enable-cache"),
			CacheRepo:     c.String("cache-repo"),
			CacheTTL:      c.Int("cache-ttl"),
			DigestFile:    defaultDigestFile,
			NoPush:        c.Bool("no-push"),
			Verbosity:     c.String("verbosity"),
		},
		Artifact: kaniko.Artifact{
			Tags:         c.StringSlice("tags"),
			Repo:         c.String("repo"),
			Registry:     c.String("registry"),
			ArtifactFile: c.String("artifact-file"),
			RegistryType: artifact.Docker,
		},
	}
	return plugin.Exec()
}

// Create the docker config file for authentication
func createDockerCfgFile(username, password, registry string) error {
	if username == "" {
		fmt.Println("no username provided, using empty string")
	}
	if password == "" {
		fmt.Println("no password provided, using empty string")
	}
	if registry == "" {
		fmt.Println("no registry string provided, using the default value")
		registry = v1Registry
	}

	if registry == v2Registry {
		fmt.Println("Docker v2 registry is not supported in kaniko. Refer issue: https://github.com/GoogleContainerTools/kaniko/issues/1209")
		fmt.Printf("Using v1 registry instead: %s\n", v1Registry)
		registry = v1Registry
	}

	err := os.MkdirAll(dockerPath, 0600)
	if err != nil {
		return errors.Wrap(err, fmt.Sprintf("failed to create %s directory", dockerPath))
	}

	authBytes := []byte(fmt.Sprintf("%s:%s", username, password))
	encodedString := base64.StdEncoding.EncodeToString(authBytes)
	jsonBytes := []byte(fmt.Sprintf(`{"auths": {"%s": {"auth": "%s"}}}`, registry, encodedString))
	err = ioutil.WriteFile(dockerConfigPath, jsonBytes, 0644)
	if err != nil {
		return errors.Wrap(err, "failed to create docker config file")
	}
	return nil
}
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`package main`

			`import (`
			`"encoding/base64"`
			`"fmt"`
			`"io/ioutil"`
			`"os"`

			`"github.com/joho/godotenv"`
			`"github.com/pkg/errors"`
			`"github.com/sirupsen/logrus"`
			`"github.com/urfave/cli"`

feat: build {amd64,pure docker} only * rm arm/arm64/gcr/ecr related build instructions in build.sh and .drone.ml, only build for amd64 * change autotag to manually specified tags (2 static, one dynamic) * change the branch referenced in .drone.yml as we're using dev by default * module path is now git.dotya.ml/wanderer/drone-kaniko/* 2021-04-21 02:14:05 +02:00			`kaniko "git.dotya.ml/wanderer/drone-kaniko"`
			`"git.dotya.ml/wanderer/drone-kaniko/cmd/artifact"`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`)`

			`const (`
Updated kaniko base image to v1.3.0 2020-11-21 11:43:01 +01:00			`// Docker file path`
			`dockerPath string = "/kaniko/.docker"`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`dockerConfigPath string = "/kaniko/.docker/config.json"`
fix docker v2 registry issue 2020-11-26 11:59:05 +01:00
			`v1Registry string = "https://index.docker.io/v1/" // Default registry`
			`v2Registry string = "https://index.docker.io/v2/" // v2 registry is not supported`
Add support for printing published docker image metadata to a file (#17) 2021-04-29 12:05:57 +02:00
			`defaultDigestFile string = "/kaniko/digest-file"`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`)`

			`var (`
			`version = "unknown"`
			`)`

			`func main() {`
			`// Load env-file if it exists first`
			`if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {`
			`godotenv.Load(env)`
			`}`

			`app := cli.NewApp()`
			`app.Name = "kaniko docker plugin"`
			`app.Usage = "kaniko docker plugin"`
			`app.Action = run`
			`app.Version = version`
			`app.Flags = []cli.Flag{`
			`cli.StringFlag{`
			`Name: "dockerfile",`
			`Usage: "build dockerfile",`
			`Value: "Dockerfile",`
			`EnvVar: "PLUGIN_DOCKERFILE",`
			`},`
			`cli.StringFlag{`
			`Name: "context",`
			`Usage: "build context",`
			`Value: ".",`
			`EnvVar: "PLUGIN_CONTEXT",`
			`},`
			`cli.StringSliceFlag{`
			`Name: "tags",`
			`Usage: "build tags",`
			`Value: &cli.StringSlice{"latest"},`
			`EnvVar: "PLUGIN_TAGS",`
			`FilePath: ".tags",`
			`},`
			`cli.StringSliceFlag{`
			`Name: "args",`
			`Usage: "build args",`
			`EnvVar: "PLUGIN_BUILD_ARGS",`
			`},`
			`cli.StringFlag{`
			`Name: "target",`
			`Usage: "build target",`
			`EnvVar: "PLUGIN_TARGET",`
			`},`
			`cli.StringFlag{`
			`Name: "repo",`
			`Usage: "docker repository",`
			`EnvVar: "PLUGIN_REPO",`
			`},`
			`cli.StringSliceFlag{`
			`Name: "custom-labels",`
			`Usage: "additional k=v labels",`
			`EnvVar: "PLUGIN_CUSTOM_LABELS",`
			`},`
			`cli.StringFlag{`
			`Name: "registry",`
			`Usage: "docker registry",`
fix docker v2 registry issue 2020-11-26 11:59:05 +01:00			`Value: v1Registry,`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`EnvVar: "PLUGIN_REGISTRY",`
			`},`
			`cli.StringFlag{`
			`Name: "username",`
			`Usage: "docker username",`
			`EnvVar: "PLUGIN_USERNAME",`
			`},`
			`cli.StringFlag{`
			`Name: "password",`
			`Usage: "docker password",`
			`EnvVar: "PLUGIN_PASSWORD",`
			`},`
Add snapshot mode support (#13) 2021-03-02 16:45:44 +01:00			`cli.BoolFlag{`
			`Name: "skip-tls-verify",`
			`Usage: "Skip registry tls verify",`
add skip-tls-verify flag for insecure private registries (#11) Co-authored-by: beniamin.calota <beniamin.calota@emag.ro> 2021-02-18 09:19:21 +01:00			`EnvVar: "PLUGIN_SKIP_TLS_VERIFY",`
			`},`
Add snapshot mode support (#13) 2021-03-02 16:45:44 +01:00			`cli.StringFlag{`
			`Name: "snapshot-mode",`
			`Usage: "Specify one of full, redo or time as snapshot mode",`
			`EnvVar: "PLUGIN_SNAPSHOT_MODE",`
			`},`
Allow remote caching of docker layers in kaniko build (#16) 2021-04-07 20:35:53 +02:00			`cli.BoolFlag{`
			`Name: "enable-cache",`
			`Usage: "Set this flag to opt into caching with kaniko",`
			`EnvVar: "PLUGIN_ENABLE_CACHE",`
			`},`
			`cli.StringFlag{`
			`Name: "cache-repo",`
			`Usage: "Remote repository that will be used to store cached layers. enable-cache needs to be set to use this flag",`
			`EnvVar: "PLUGIN_CACHE_REPO",`
			`},`
			`cli.IntFlag{`
			`Name: "cache-ttl",`
			`Usage: "Cache timeout in hours. Defaults to two weeks.",`
			`EnvVar: "PLUGIN_CACHE_TTL",`
			`},`
Add support for printing published docker image metadata to a file (#17) 2021-04-29 12:05:57 +02:00			`cli.StringFlag{`
			`Name: "artifact-file",`
			`Usage: "Artifact file location that will be generated by the plugin. This file will include information of docker images that are uploaded by the plugin.",`
			`EnvVar: "PLUGIN_ARTIFACT_FILE",`
			`},`
add flag --no-push (#21) 2021-04-29 17:23:43 +02:00			`cli.BoolFlag{`
			`Name: "no-push",`
			`Usage: "Set this flag if you only want to build the image, without pushing to a registry",`
			`EnvVar: "PLUGIN_NO_PUSH",`
			`},`
Add option to provide log verbosity (#23) 2021-08-20 13:08:35 +02:00			`cli.StringFlag{`
			`Name: "verbosity",`
			`Usage: "Set this flag with value as oneof <panic\|fatal\|error\|warn\|info\|debug\|trace> to set the logging level for kaniko. Defaults to info.",`
			`EnvVar: "PLUGIN_VERBOSITY",`
			`},`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`}`

			`if err := app.Run(os.Args); err != nil {`
			`logrus.Fatal(err)`
			`}`
			`}`

			`func run(c *cli.Context) error {`
			`err := createDockerCfgFile(c.String("username"), c.String("password"), c.String("registry"))`
			`if err != nil {`
			`return err`
			`}`

Working kaniko publish to docker 2020-11-16 19:11:59 +01:00			`plugin := kaniko.Plugin{`
			`Build: kaniko.Build{`
Add snapshot mode support (#13) 2021-03-02 16:45:44 +01:00			`Dockerfile: c.String("dockerfile"),`
			`Context: c.String("context"),`
			`Tags: c.StringSlice("tags"),`
			`Args: c.StringSlice("args"),`
			`Target: c.String("target"),`
			`Repo: c.String("repo"),`
			`Labels: c.StringSlice("custom-labels"),`
add skip-tls-verify flag for insecure private registries (#11) Co-authored-by: beniamin.calota <beniamin.calota@emag.ro> 2021-02-18 09:19:21 +01:00			`SkipTlsVerify: c.Bool("skip-tls-verify"),`
Add snapshot mode support (#13) 2021-03-02 16:45:44 +01:00			`SnapshotMode: c.String("snapshot-mode"),`
Allow remote caching of docker layers in kaniko build (#16) 2021-04-07 20:35:53 +02:00			`EnableCache: c.Bool("enable-cache"),`
			`CacheRepo: c.String("cache-repo"),`
			`CacheTTL: c.Int("cache-ttl"),`
Add support for printing published docker image metadata to a file (#17) 2021-04-29 12:05:57 +02:00			`DigestFile: defaultDigestFile,`
add flag --no-push (#21) 2021-04-29 17:23:43 +02:00			`NoPush: c.Bool("no-push"),`
Add option to provide log verbosity (#23) 2021-08-20 13:08:35 +02:00			`Verbosity: c.String("verbosity"),`
Add support for printing published docker image metadata to a file (#17) 2021-04-29 12:05:57 +02:00			`},`
			`Artifact: kaniko.Artifact{`
			`Tags: c.StringSlice("tags"),`
			`Repo: c.String("repo"),`
			`Registry: c.String("registry"),`
			`ArtifactFile: c.String("artifact-file"),`
			`RegistryType: artifact.Docker,`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`},`
			`}`
			`return plugin.Exec()`
			`}`

			`// Create the docker config file for authentication`
			`func createDockerCfgFile(username, password, registry string) error {`
			`if username == "" {`
option parsing logic: add fallback values * don't exit on no values provided but instead use sane defaults for username, password and registry * add "--no-push" flag if REPO name has not been specified * only allow setting of TAGS if REPO has been specified as well 2021-04-21 02:36:25 +02:00			`fmt.Println("no username provided, using empty string")`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`}`
			`if password == "" {`
option parsing logic: add fallback values * don't exit on no values provided but instead use sane defaults for username, password and registry * add "--no-push" flag if REPO name has not been specified * only allow setting of TAGS if REPO has been specified as well 2021-04-21 02:36:25 +02:00			`fmt.Println("no password provided, using empty string")`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`}`
			`if registry == "" {`
option parsing logic: add fallback values * don't exit on no values provided but instead use sane defaults for username, password and registry * add "--no-push" flag if REPO name has not been specified * only allow setting of TAGS if REPO has been specified as well 2021-04-21 02:36:25 +02:00			`fmt.Println("no registry string provided, using the default value")`
			`registry = v1Registry`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`}`

fix docker v2 registry issue 2020-11-26 11:59:05 +01:00			`if registry == v2Registry {`
			`fmt.Println("Docker v2 registry is not supported in kaniko. Refer issue: https://github.com/GoogleContainerTools/kaniko/issues/1209")`
			`fmt.Printf("Using v1 registry instead: %s\n", v1Registry)`
			`registry = v1Registry`
			`}`

Updated kaniko base image to v1.3.0 2020-11-21 11:43:01 +01:00			`err := os.MkdirAll(dockerPath, 0600)`
			`if err != nil {`
			`return errors.Wrap(err, fmt.Sprintf("failed to create %s directory", dockerPath))`
			`}`

Initial kaniko docker 2020-11-16 18:37:13 +01:00			`authBytes := []byte(fmt.Sprintf("%s:%s", username, password))`
			`encodedString := base64.StdEncoding.EncodeToString(authBytes)`
			jsonBytes := []byte(fmt.Sprintf(`{"auths": {"%s": {"auth": "%s"}}}`, registry, encodedString))
Updated kaniko base image to v1.3.0 2020-11-21 11:43:01 +01:00			`err = ioutil.WriteFile(dockerConfigPath, jsonBytes, 0644)`
Initial kaniko docker 2020-11-16 18:37:13 +01:00			`if err != nil {`
			`return errors.Wrap(err, "failed to create docker config file")`
			`}`
			`return nil`
			`}`