gitlab-ci-catalog/kaniko-ci.yml at main · cloud-pi-native/gitlab-ci-catalog · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
.kaniko:build-push:
  variables:
    DOCKERFILE: Dockerfile
    WORKING_DIR: .
    IMAGE_NAMES: $CI_PROJECT_NAME:$CI_COMMIT_BRANCH $CI_PROJECT_NAME:$CI_COMMIT_SHORT_SHA $CI_PROJECT_NAME:latest
    EXTRA_BUILD_ARGS: ""
  image:
    name: ghcr.io/kaniko-build/dist/chainguard-dev-kaniko/executor:v1.25.1-debug
    entrypoint: [""]
  script:
    # CA
    - if [ ! -z $CA_BUNDLE ]; then cat $CA_BUNDLE >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt; fi
    # Proxy
    - export BUILD_ARGS=""
    - |
      if [ ! -z "$http_proxy" ]; then
        export BUILD_ARGS="$BUILD_ARGS --build-arg http_proxy=$http_proxy"
        sed -i "0,/^RUN /s|^RUN |RUN echo \"proxy=$http_proxy\" >> /etc/dnf/dnf.conf && \
      echo \"proxy=$http_proxy\" >> /etc/yum.conf && \
      echo 'Acquire::http::Proxy \\\"$http_proxy\\\";' >> /etc/apt/apt.conf.d/01proxy && \
      echo \"http_proxy=$http_proxy\" >> /etc/environment && \
      |" "$CI_PROJECT_DIR/$DOCKERFILE"
      fi
    - |
      if [ ! -z "$https_proxy" ]; then
        export BUILD_ARGS="$BUILD_ARGS --build-arg https_proxy=$https_proxy"
        sed -i "0,/^RUN /s|^RUN |RUN echo \"proxy=$https_proxy\" >> /etc/dnf/dnf.conf && \
      echo \"proxy=$https_proxy\" >> /etc/yum.conf && \
      echo 'Acquire::https::Proxy \\\"$https_proxy\\\";' >> /etc/apt/apt.conf.d/01proxy && \
      echo \"https_proxy=$https_proxy\" >> /etc/environment && \
      |" "$CI_PROJECT_DIR/$DOCKERFILE"
      fi
    - if [ ! -z $no_proxy ]; then export BUILD_ARGS="$BUILD_ARGS --build-arg no_proxy=$no_proxy"; fi
    # Destinations
    - export ALL_DESTINATIONS=""
    - for I in $IMAGE_NAMES; do export ALL_DESTINATIONS="$ALL_DESTINATIONS --destination $IMAGE_REPOSITORY/$(echo $I | tr \/ '-')"; done
    - mkdir -p /kaniko/.docker
    - echo "$DOCKER_AUTH" > /kaniko/.docker/config.json
    - /kaniko/executor
      --single-snapshot
      --context="$CI_PROJECT_DIR/$WORKING_DIR"
      --dockerfile="$CI_PROJECT_DIR/$DOCKERFILE"
      $BUILD_ARGS $EXTRA_BUILD_ARGS $EXTRA_KANIKO_ARGS
      $ALL_DESTINATIONS

.kaniko:simple-build-push:
  variables:
    DOCKERFILE: Dockerfile
    WORKING_DIR: .
    IMAGE_NAME: $IMAGE_NAMES
    EXTRA_BUILD_ARGS: ""
  image:
    name: ghcr.io/kaniko-build/dist/chainguard-dev-kaniko/executor:v1.25.1-debug
    entrypoint: [""]
  script:
    # CA
    - if [ ! -z $CA_BUNDLE ]; then cat $CA_BUNDLE >> /kaniko/ssl/certs/additional-ca-cert-bundle.crt; fi
    - mkdir -p /kaniko/.docker
    - echo "$DOCKER_AUTH" > /kaniko/.docker/config.json
    - /kaniko/executor
      --single-snapshot
      --skip-unused-stages
      --build-arg http_proxy=$http_proxy
      --build-arg https_proxy=$https_proxy
      --build-arg no_proxy=$no_proxy
      --context="$CI_PROJECT_DIR"
      --dockerfile="$CI_PROJECT_DIR/$WORKING_DIR/$DOCKERFILE"
      --destination $REGISTRY_URL/$IMAGE_NAME:$TAG
      $EXTRA_BUILD_ARGS $EXTRA_KANIKO_ARGS