imgpkg of the Tekton Cluster task cannot push the image #16
Description
Issue
imgpkg push command of the Tekton ClusterTask
apiVersion: tekton.dev/v1beta1
kind: ClusterTask
metadata:
name: image-writer
spec:
description: |-
a task that writes a given set of files (provided as a json base64-encoded)
to a container image registry as an image making use of the imgpkg bundle
format.
params:
- name: bundle
description: name of the registry + repository to push the bundle to
type: string
- name: files
type: string
description: >
base64-encoded json map of files to write to registry, for example -
eyAiUkVBRE1FLm1kIjogIiMgUmVhZG1lIiB9
steps:
- name: main
image: harbor-repo.vmware.com/kontinue/config-writer
securityContext:
runAsUser: 0
script: |-
#!/usr/bin/env bash
set -o errexit
set -o xtrace
cd `mktemp -d`
echo -e "$(params.files)" | base64 --decode > files.json
eval "$(cat files.json | jq -r 'to_entries | .[] | @sh "mkdir -p $(dirname \(.key)) && echo \(.value) > \(.key)"')"
mkdir -p .imgpkg
echo -e "---\napiVersion: imgpkg.carvel.dev/v1alpha1\nkind: ImagesLock" > ./.imgpkg/images.yml
export IMGPKG_ENABLE_IAAS_AUTH=false
imgpkg push -b $(params.bundle) -f .
cat ./.imgpkg/images.yml
defined within the Supply Chain ClusterTemplate/config-writer-template
- name: config-writer
templateRef:
kind: ClusterTemplate
name: config-writer-template
params:
- name: serviceAccount
value: #@ data.values.service_account
- name: registry
value:
server: #@ data.values.registry.server
repository: #@ data.values.registry.repository
configs:
- resource: app-config
name: config
cannot push the image as the CA Certificate of the private container repository is not mounted as volume and used part of the following command
imgpkg push --registry-ca-cert-path /etc/certs/ca.cert -b $(params.bundle) -f .