1
0
mirror of https://github.com/tektoncd/catalog.git synced 2024-11-29 06:34:08 +00:00
catalog/task/kaniko/0.1
vinamra28 fdca849a59 Bump images to 0.16.2
Signed-off-by: vinamra28 <vinjain@redhat.com>
2020-09-15 21:33:24 +01:00
..
tests Centralize all the git-clone apply task to a common function 2020-07-24 15:00:01 +01:00
kaniko.yaml Bump images to 0.16.2 2020-09-15 21:33:24 +01:00
README.md Remove word "volume" from "Workspace volume" in READMEs 2020-07-13 22:07:58 +01:00

Kaniko

This Task builds source into a container image using Google's kaniko tool.

kaniko doesn't depend on a Docker daemon and executes each command within a Dockerfile completely in userspace. This enables building container images in environments that can't easily or securely run a Docker daemon, such as a standard Kubernetes cluster.

kaniko is meant to be run as an image, gcr.io/kaniko-project/executor:v0.9.0. This makes it a perfect tool to be part of Tekton.

Install the Task

kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/task/kaniko/0.1/kaniko.yaml

Parameters

  • IMAGE: The name (reference) of the image to build.

  • DOCKERFILE: The path to the Dockerfile to execute (default: ./Dockerfile)

  • CONTEXT: The build context used by Kaniko (default: ./)

Workspaces

  • source: A Workspace containing the source to build.

Results

  • IMAGE-DIGEST: The digest of the image just built.

ServiceAccount

kaniko builds an image and pushes it to the destination defined as a parameter. In order to properly authenticate to the remote container registry, it needs to have the proper credentials. This is achieved using a ServiceAccount.

For an example on how to create such a ServiceAccount to push an image to DockerHub, see the Authentication documentation page.

Usage

This TaskRun runs the Task to fetch a Git repo, and build and push a container image using Kaniko

apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
  name: example-run
spec:
  taskRef:
    name: kaniko
  workspaces:
  - name: source
    persistentVolumeClaim:
      claimName: my-source