kaniko

kaniko/.gitlab-ci.yml

@@ -1,3 +1,6 @@
 
 kaniko:
-  extends: .build-with-kaniko
+  extends: .deploy
+  stage: kaniko
+  script:
+    - ./kaniko/build.sh

kaniko/Dockerfile

@@ -1,11 +1,6 @@
 FROM gcr.io/kaniko-project/executor:v1.7.0-debug AS kaniko-src
 
-# kaniko cannot place files under /kaniko, therefore we move 
-# the kaniko folder to /kaniko-dist
-# https://github.com/GoogleContainerTools/kaniko/issues/960#issuecomment-573160390
-RUN cp -r /kaniko /kaniko-dist
-
-FROM gcr.io/go-containerregistry/crane as crane
+FROM gcr.io/go-containerregistry/crane as crane-src
 
 FROM alpine/git
 
@@ -13,21 +8,21 @@ ENV HOME /root
 ENV USER root
 
 # See https://github.com/GoogleContainerTools/kaniko/blob/master/deploy/Dockerfile#L65-L70
-# Modified to use /kaniko-dist however, due to the limitation above
-COPY --from=kaniko-src /kaniko-dist/ /kaniko-dist/
+# Modified to use /kaniko however, due to the limitation above
+COPY --from=kaniko-src /kaniko/ /kaniko/
 COPY --from=kaniko-src /etc/nsswitch.conf /etc/nsswitch.conf
 
-ENV PATH /kaniko-dist:$PATH
-ENV SSL_CERT_DIR=/kaniko-dist/ssl/certs
-ENV DOCKER_CONFIG /kaniko-dist/.docker/
-ENV DOCKER_CREDENTIAL_GCR_CONFIG /kaniko-dist/.config/gcloud/docker_credential_gcr_config.json
+ENV PATH /kaniko:$PATH
+ENV SSL_CERT_DIR=/kaniko/ssl/certs
+ENV DOCKER_CONFIG /kaniko/.docker/
+ENV DOCKER_CREDENTIAL_GCR_CONFIG /kaniko/.config/gcloud/docker_credential_gcr_config.json
 
 ## add aliases for kaniko-executor and kaniko-warmer for better convenience
-RUN ln -s /kaniko-dist/executor /kaniko-dist/kaniko-executor && \
-    ln -s /kaniko-dist/warmer /kaniko-dist/kaniko-warmer
+RUN ln -s /kaniko/executor /kaniko/kaniko-executor && \
+    ln -s /kaniko/warmer /kaniko/kaniko-warmer
 
 # Adding crane to the image
-COPY --from=crane  /ko-app/crane /usr/local/bin/crane
+COPY --from=crane-src  /ko-app/crane /usr/local/bin/crane
 
 # Adding jq to the image
 RUN apk add --no-cache jq

kaniko/build.sh

@@ -0,0 +1,31 @@
+#!/bin/sh
+
+set -e
+
+if ! [ "$CI" = "true" ]; then
+    echo "This script is supposed to run on CI"
+    exit 1
+fi
+
+KANIKO_DIR="$CI_PROJECT_DIR/kaniko"
+
+IMAGE_TAG=$(cat "$KANIKO_DIR/VERSION")
+
+if [ "$CI_COMMIT_REF_NAME" = "$CI_DEFAULT_BRANCH" ]; then
+    DOCKER_IMAGE="$CI_REGISTRY_IMAGE/kaniko:$IMAGE_TAG"
+else
+    DOCKER_IMAGE="$CI_REGISTRY_IMAGE/unstable/kaniko:$IMAGE_TAG-$CI_COMMIT_SHORT_SHA"
+fi
+
+echo "Building image $DOCKER_IMAGE"
+
+docker build -f "$KANIKO_DIR/Dockerfile" "$KANIKO_DIR"
+
+echo "Pushing $DOCKER_IMAGE"
+docker push "$DOCKER_IMAGE"
+
+if [ "$CI_COMMIT_REF_NAME" = "$CI_DEFAULT_BRANCH" ]; then
+      echo "Tagging $DOCKER_IMAGE as latest"
+      docker tag "$DOCKER_IMAGE" "$CI_REGISTRY_IMAGE/kaniko"
+      docker push "$DOCKER_IMAGE"
+fi

kaniko/entry_point.sh

@@ -1,9 +1,5 @@
 #!/bin/sh
 
-# Force a symlink to circumvent:
-# https://github.com/GoogleContainerTools/kaniko/issues/960#issuecomment-573160390
-ln -sf /kaniko-dist /kaniko 
-
 if [ -z "$BUILD_IMAGE_NO_MESSAGE" ]; then
     echo "You are using a GitLab CI build-image with kaniko and crane"
     echo "You can suppress this message by setting BUILD_IMAGE_NO_MESSAGE"