From ff26adc8c22b65ef86195f5a98d5d545f927345e Mon Sep 17 00:00:00 2001 From: Tommy Skaug Date: Sun, 22 Dec 2024 06:51:59 +0100 Subject: [PATCH] feat: add support for repeated build-args --- action.yml | 34 +++++++++++++++++------ entrypoint.sh | 74 ++++++++++++++++++++++++++++----------------------- 2 files changed, 67 insertions(+), 41 deletions(-) diff --git a/action.yml b/action.yml index daa4e41..d04abb2 100644 --- a/action.yml +++ b/action.yml @@ -1,40 +1,58 @@ ---- # SPDX-FileCopyrightText: 2024 Håvard Moen # # SPDX-License-Identifier: GPL-3.0-only + name: kaniko-action author: Håvard Moen description: | - Build and optionally push images using [Kaniko](https://github.com/GoogleContainerTools/kaniko) + Build and optionally push images using [Kaniko](https://github.com/GoogleContainerTools/kaniko) + inputs: cache: - description: 'Set this flag as true to opt into caching with kaniko.' + description: 'Set this flag as true to opt into caching with Kaniko.' required: false default: false cache_repo: description: 'Repository to use for cache, required if cache is true' + required: false cache_ttl: - description: Cache timeout in hours. Defaults to Kaniko default + description: 'Cache timeout in hours. Defaults to Kaniko default' required: false context: description: 'Path to the build context. Default to the workspace' required: false credentials: - description: Whitespace separated list of authentication credentials in the format registry_server=user:password + description: | + Whitespace-separated list of authentication credentials in the format + registry_server=user:password required: false destinations: - description: Destinations to push images to, whitespace separated . Required if push is true + description: | + Destinations to push images to, whitespace-separated. + Required if push is true. required: false docker_file: - description: 'Path to the Dockerfile. Default to Dockerfile. It must be in the context. If set, this action passes the relative path to Kaniko, same as the behavior of docker build --dockerfile' + description: | + Path to the Dockerfile. + Defaults to Dockerfile. It must be in the context. + If set, this action passes the relative path to Kaniko, + similar to the behavior of `docker build --dockerfile` required: false push: description: "Push an image to the registry. Default to true" required: false default: true version: - description: "Version of the software, to be added as org.opencontainers.image.version label" + description: | + Version of the software, to be added as + `org.opencontainers.image.version` label required: false + build_args: + description: | + Build arguments to pass to Kaniko. + Each line represents a separate build argument in the format KEY=VALUE. + required: false + runs: using: docker image: Dockerfile diff --git a/entrypoint.sh b/entrypoint.sh index bb6d41d..4281086 100644 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -1,72 +1,67 @@ #!/bin/sh -#SPDX-FileCopyrightText: 2024 Håvard Moen +# SPDX-FileCopyrightText: 2024 Håvard Moen # -#SPDX-License-Identifier: GPL-3.0-only +# SPDX-License-Identifier: GPL-3.0-only set -e +# Initialize the Kaniko executor command set -- /kaniko/executor -if [ -n "${INPUT_CREDENTIALS}" ] -then +# Handle Docker credentials +if [ -n "${INPUT_CREDENTIALS}" ]; then echo '{"auths": {' > /kaniko/.docker/config.json - for CREDENTIAL in ${INPUT_CREDENTIALS} - do - echo "${CREDENTIAL}" | ( IFS='=' read -r server creds + for CREDENTIAL in ${INPUT_CREDENTIALS}; do + echo "${CREDENTIAL}" | ( + IFS='=' read -r server creds auth="$(echo -n "${creds}" | base64 -w0)" echo "\"${server}\": {\"auth\": \"${auth}\"}," >> /kaniko/.docker/config.json ) done - # remove last comma + # Remove the trailing comma sed -i '$s/,$//' /kaniko/.docker/config.json echo '}}' >> /kaniko/.docker/config.json fi - -if [ -n "${INPUT_DOCKER_FILE}" ] -then +# Handle Dockerfile path +if [ -n "${INPUT_DOCKER_FILE}" ]; then set -- "$@" --dockerfile "${INPUT_DOCKER_FILE}" fi -if [ -n "${INPUT_CONTEXT}" ] -then +# Handle build context +if [ -n "${INPUT_CONTEXT}" ]; then CONTEXT="${INPUT_CONTEXT}" else CONTEXT=. fi set -- "$@" --context "dir://${CONTEXT}" -if [ "${INPUT_PUSH}" = "false" ] -then +# Handle push flag +if [ "${INPUT_PUSH}" = "false" ]; then set -- "$@" --no-push fi -if [ "${INPUT_CACHE}" = "true" ] && [ -n "${INPUT_CACHE_REPO}" ] -then - COMMAND="${COMMAND} --cache=true --cache-repo ${INPUT_CACHE_REPO}" - set -- "$@" --cache=true --cache-repo "${INPUT_CACHE_REPO}" - if [ -n "${INPUT_CACHE_TTL}" ] - then +# Handle caching +if [ "${INPUT_CACHE}" = "true" ] && [ -n "${INPUT_CACHE_REPO}" ]; then + set -- "$@" --cache=true --cache-repo "${INPUT_CACHE_REPO}" + if [ -n "${INPUT_CACHE_TTL}" ]; then set -- "$@" --cache-ttl="${INPUT_CACHE_TTL}" fi fi -if [ -n "${INPUT_DESTINATIONS}" ] -then - for DESTINATION in ${INPUT_DESTINATIONS} - do +# Handle destinations +if [ -n "${INPUT_DESTINATIONS}" ]; then + for DESTINATION in ${INPUT_DESTINATIONS}; do set -- "$@" --destination "${DESTINATION}" done fi -if [ -d "${CONTEXT}/LICENSES" ] -then +# Handle licenses +if [ -d "${CONTEXT}/LICENSES" ]; then licenses="" - for l in LICENSES/*; - do + for l in LICENSES/*; do license=$(basename "$l" .txt) - if [ -z "${licenses}" ] - then + if [ -z "${licenses}" ]; then licenses="${license}" else licenses="${licenses} AND ${license}" @@ -75,9 +70,22 @@ then set -- "$@" --label "org.opencontainers.image.licenses=${licenses}" fi -if [ -n "${INPUT_VERSION}" ] -then +# Handle version label +if [ -n "${INPUT_VERSION}" ]; then set -- "$@" --label "org.opencontainers.image.version=${INPUT_VERSION}" fi +# Handle build arguments +if [ -n "${INPUT_BUILD_ARGS}" ]; then + while IFS= read -r line; do + # Skip empty lines and comments + [ -z "$line" ] && continue + echo "$line" | grep -qE '^\s*#' && continue + set -- "$@" --build-arg "$line" + done <