From 5e7bcabe6a0c6c7f38588b199861c8478bad3254 Mon Sep 17 00:00:00 2001 From: Shubham Agrawal Date: Mon, 18 Oct 2021 17:06:53 +0530 Subject: [PATCH] Make json key optional for GCR push (#30) --- cmd/kaniko-docker/main.go | 2 +- cmd/kaniko-ecr/main.go | 2 +- cmd/kaniko-gcr/main.go | 12 +++++------- kaniko.go | 2 +- {cmd => pkg}/artifact/artifact.go | 0 {cmd => pkg}/artifact/artifact.json | 0 {cmd => pkg}/artifact/artifact_test.go | 0 7 files changed, 8 insertions(+), 10 deletions(-) rename {cmd => pkg}/artifact/artifact.go (100%) rename {cmd => pkg}/artifact/artifact.json (100%) rename {cmd => pkg}/artifact/artifact_test.go (100%) diff --git a/cmd/kaniko-docker/main.go b/cmd/kaniko-docker/main.go index a72b2d3..b59cf05 100644 --- a/cmd/kaniko-docker/main.go +++ b/cmd/kaniko-docker/main.go @@ -12,7 +12,7 @@ import ( "github.com/urfave/cli" kaniko "github.com/drone/drone-kaniko" - "github.com/drone/drone-kaniko/cmd/artifact" + "github.com/drone/drone-kaniko/pkg/artifact" ) const ( diff --git a/cmd/kaniko-ecr/main.go b/cmd/kaniko-ecr/main.go index 72f2971..f6b57ff 100644 --- a/cmd/kaniko-ecr/main.go +++ b/cmd/kaniko-ecr/main.go @@ -14,7 +14,7 @@ import ( "github.com/aws/aws-sdk-go-v2/service/ecrpublic" "github.com/aws/smithy-go" kaniko "github.com/drone/drone-kaniko" - "github.com/drone/drone-kaniko/cmd/artifact" + "github.com/drone/drone-kaniko/pkg/artifact" "github.com/drone/drone-kaniko/pkg/docker" "github.com/joho/godotenv" "github.com/pkg/errors" diff --git a/cmd/kaniko-gcr/main.go b/cmd/kaniko-gcr/main.go index 7c5a18d..f96060c 100644 --- a/cmd/kaniko-gcr/main.go +++ b/cmd/kaniko-gcr/main.go @@ -11,7 +11,7 @@ import ( "github.com/urfave/cli" kaniko "github.com/drone/drone-kaniko" - "github.com/drone/drone-kaniko/cmd/artifact" + "github.com/drone/drone-kaniko/pkg/artifact" ) const ( @@ -141,8 +141,10 @@ func run(c *cli.Context) error { noPush := c.Bool("no-push") jsonKey := c.String("json-key") - // only setup auth when pushing or credentials are defined - if !noPush || jsonKey != "" { + // JSON key may not be set in the following cases: + // 1. Image does not need to be pushed to GCR. + // 2. Workload identity is set on GKE in which pod will inherit the credentials via service account. + if jsonKey != "" { if err := setupGCRAuth(jsonKey); err != nil { return err } @@ -178,10 +180,6 @@ func run(c *cli.Context) error { } func setupGCRAuth(jsonKey string) error { - if jsonKey == "" { - return fmt.Errorf("GCR JSON key must be specified") - } - err := ioutil.WriteFile(gcrKeyPath, []byte(jsonKey), 0644) if err != nil { return errors.Wrap(err, "failed to write GCR JSON key") diff --git a/kaniko.go b/kaniko.go index ee2b5f0..7e7aa14 100644 --- a/kaniko.go +++ b/kaniko.go @@ -7,7 +7,7 @@ import ( "os/exec" "strings" - "github.com/drone/drone-kaniko/cmd/artifact" + "github.com/drone/drone-kaniko/pkg/artifact" "golang.org/x/mod/semver" ) diff --git a/cmd/artifact/artifact.go b/pkg/artifact/artifact.go similarity index 100% rename from cmd/artifact/artifact.go rename to pkg/artifact/artifact.go diff --git a/cmd/artifact/artifact.json b/pkg/artifact/artifact.json similarity index 100% rename from cmd/artifact/artifact.json rename to pkg/artifact/artifact.json diff --git a/cmd/artifact/artifact_test.go b/pkg/artifact/artifact_test.go similarity index 100% rename from cmd/artifact/artifact_test.go rename to pkg/artifact/artifact_test.go