Do not require username/password with `no_push: true` (#25)
* allow --no-push to build without authentication * linting * setup no-push auth when credentials are not empty
This commit is contained in:
Colin Hoglund
parent
00a65ec0b5
commit
6b4393acf8
GPG Key ID:
4AEE18F83AFDEB23
|
|
@ -33,7 +33,9 @@ var (
|
|||
func main() {
|
||||
// Load env-file if it exists first
|
||||
if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
|
||||
godotenv.Load(env)
|
||||
if err := godotenv.Load(env); err != nil {
|
||||
logrus.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
app := cli.NewApp()
|
||||
|
|
@ -145,9 +147,14 @@ func main() {
|
|||
}
|
||||
|
||||
func run(c *cli.Context) error {
|
||||
err := createDockerCfgFile(c.String("username"), c.String("password"), c.String("registry"))
|
||||
if err != nil {
|
||||
return err
|
||||
username := c.String("username")
|
||||
noPush := c.Bool("no-push")
|
||||
|
||||
// only setup auth when pushing or credentials are defined
|
||||
if !noPush || username != "" {
|
||||
if err := createDockerCfgFile(username, c.String("password"), c.String("registry")); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
plugin := kaniko.Plugin{
|
||||
|
|
@ -165,7 +172,7 @@ func run(c *cli.Context) error {
|
|||
CacheRepo: c.String("cache-repo"),
|
||||
CacheTTL: c.Int("cache-ttl"),
|
||||
DigestFile: defaultDigestFile,
|
||||
NoPush: c.Bool("no-push"),
|
||||
NoPush: noPush,
|
||||
Verbosity: c.String("verbosity"),
|
||||
},
|
||||
Artifact: kaniko.Artifact{
|
||||
|
|
|
|||
|
|
@ -155,21 +155,22 @@ func main() {
|
|||
}
|
||||
|
||||
func run(c *cli.Context) error {
|
||||
repo := c.String("repo")
|
||||
registry := c.String("registry")
|
||||
accessKey := c.String("access-key")
|
||||
noPush := c.Bool("no-push")
|
||||
|
||||
if err := checkEmptyStringFlags(repo, registry); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := setupECRAuth(c.String("access-key"), c.String("secret-key"), registry); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if c.Bool("create-repository") {
|
||||
if err := createRepository(c.String("region"), repo, registry); err != nil {
|
||||
// only setup auth when pushing or credentials are defined
|
||||
if !noPush || accessKey != "" {
|
||||
if err := setupECRAuth(accessKey, c.String("secret-key"), registry); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// only create repository when pushing and create-repository is true
|
||||
if !noPush && c.Bool("create-repository") {
|
||||
if err := createRepository(c.String("region"), c.String("repo"), registry); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
plugin := kaniko.Plugin{
|
||||
|
|
@ -186,7 +187,7 @@ func run(c *cli.Context) error {
|
|||
CacheRepo: fmt.Sprintf("%s/%s", c.String("registry"), c.String("cache-repo")),
|
||||
CacheTTL: c.Int("cache-ttl"),
|
||||
DigestFile: defaultDigestFile,
|
||||
NoPush: c.Bool("no-push"),
|
||||
NoPush: noPush,
|
||||
Verbosity: c.String("verbosity"),
|
||||
},
|
||||
Artifact: kaniko.Artifact{
|
||||
|
|
@ -200,17 +201,11 @@ func run(c *cli.Context) error {
|
|||
return plugin.Exec()
|
||||
}
|
||||
|
||||
func checkEmptyStringFlags(flags ...string) error {
|
||||
for _, flag := range flags {
|
||||
if flag == "" {
|
||||
return fmt.Errorf("%s must be specified", flag)
|
||||
}
|
||||
func setupECRAuth(accessKey, secretKey, registry string) error {
|
||||
if registry == "" {
|
||||
return fmt.Errorf("registry must be specified")
|
||||
}
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
func setupECRAuth(accessKey, secretKey, registry string) error {
|
||||
// If IAM role is used, access key & secret key are not required
|
||||
if accessKey != "" && secretKey != "" {
|
||||
err := os.Setenv(accessKeyEnv, accessKey)
|
||||
|
|
@ -233,6 +228,14 @@ func setupECRAuth(accessKey, secretKey, registry string) error {
|
|||
}
|
||||
|
||||
func createRepository(region, repo, registry string) error {
|
||||
if registry == "" {
|
||||
return fmt.Errorf("registry must be specified")
|
||||
}
|
||||
|
||||
if repo == "" {
|
||||
return fmt.Errorf("repo must be specified")
|
||||
}
|
||||
|
||||
cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(region))
|
||||
if err != nil {
|
||||
return errors.Wrap(err, "failed to load aws config")
|
||||
|
|
|
|||
|
|
@ -29,7 +29,9 @@ var (
|
|||
func main() {
|
||||
// Load env-file if it exists first
|
||||
if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
|
||||
godotenv.Load(env)
|
||||
if err := godotenv.Load(env); err != nil {
|
||||
logrus.Fatal(err)
|
||||
}
|
||||
}
|
||||
|
||||
app := cli.NewApp()
|
||||
|
|
@ -131,13 +133,14 @@ func main() {
|
|||
}
|
||||
|
||||
func run(c *cli.Context) error {
|
||||
err := setupGCRAuth(c.String("json-key"))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
noPush := c.Bool("no-push")
|
||||
jsonKey := c.String("json-key")
|
||||
|
||||
if c.String("repo") == "" {
|
||||
return fmt.Errorf("repo must be specified")
|
||||
// only setup auth when pushing or credentials are defined
|
||||
if !noPush || jsonKey != "" {
|
||||
if err := setupGCRAuth(jsonKey); err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
|
||||
plugin := kaniko.Plugin{
|
||||
|
|
@ -154,7 +157,7 @@ func run(c *cli.Context) error {
|
|||
CacheRepo: fmt.Sprintf("%s/%s", c.String("registry"), c.String("cache-repo")),
|
||||
CacheTTL: c.Int("cache-ttl"),
|
||||
DigestFile: defaultDigestFile,
|
||||
NoPush: c.Bool("no-push"),
|
||||
NoPush: noPush,
|
||||
Verbosity: c.String("verbosity"),
|
||||
},
|
||||
Artifact: kaniko.Artifact{
|
||||
|
|
|
|||
16
kaniko.go
16
kaniko.go
|
|
@ -47,7 +47,7 @@ type (
|
|||
|
||||
// Exec executes the plugin step
|
||||
func (p Plugin) Exec() error {
|
||||
if p.Build.Repo == "" {
|
||||
if !p.Build.NoPush && p.Build.Repo == "" {
|
||||
return fmt.Errorf("repository name to publish image must be specified")
|
||||
}
|
||||
|
||||
|
|
@ -61,8 +61,10 @@ func (p Plugin) Exec() error {
|
|||
}
|
||||
|
||||
// Set the destination repository
|
||||
for _, tag := range p.Build.Tags {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--destination=%s:%s", p.Build.Repo, tag))
|
||||
if !p.Build.NoPush {
|
||||
for _, tag := range p.Build.Tags {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--destination=%s:%s", p.Build.Repo, tag))
|
||||
}
|
||||
}
|
||||
// Set the build arguments
|
||||
for _, arg := range p.Build.Args {
|
||||
|
|
@ -78,15 +80,15 @@ func (p Plugin) Exec() error {
|
|||
}
|
||||
|
||||
if p.Build.SkipTlsVerify {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--skip-tls-verify=true"))
|
||||
cmdArgs = append(cmdArgs, "--skip-tls-verify=true")
|
||||
}
|
||||
|
||||
if p.Build.SnapshotMode != "" {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--snapshotMode=%s", p.Build.SnapshotMode))
|
||||
}
|
||||
|
||||
if p.Build.EnableCache == true {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--cache=true"))
|
||||
if p.Build.EnableCache {
|
||||
cmdArgs = append(cmdArgs, "--cache=true")
|
||||
|
||||
if p.Build.CacheRepo != "" {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--cache-repo=%s", p.Build.CacheRepo))
|
||||
|
|
@ -102,7 +104,7 @@ func (p Plugin) Exec() error {
|
|||
}
|
||||
|
||||
if p.Build.NoPush {
|
||||
cmdArgs = append(cmdArgs, fmt.Sprintf("--no-push"))
|
||||
cmdArgs = append(cmdArgs, "--no-push")
|
||||
}
|
||||
|
||||
if p.Build.Verbosity != "" {
|
||||
|
|
|
|||
Loading…
Reference in New Issue