01b17f5954
Discussed in https://github.com/tektoncd/pipeline/pull/706 Fix https://github.com/tektoncd/pipeline/issues/848 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> |
||
|---|---|---|
| .. | ||
| kaniko.yaml | ||
| README.md | ||
Kaniko
This Task builds source into a container image using Google's
kaniko tool.
kaniko doesn't depend on a Docker daemon and executes each command within a Dockerfile completely in userspace. This enables building container images in environments that can't easily or securely run a Docker daemon, such as a standard Kubernetes cluster.
kaniko is meant to be run as an image, gcr.io/kaniko-project/executor. This
makes it a perfect tool to be part of Tekton.
Install the Task
kubectl apply -f https://raw.githubusercontent.com/tektoncd/catalog/master/kaniko/kaniko.yaml
Inputs
Parameters
- DOCKERFILE: The path to the
Dockerfileto execute (default:./Dockerfile)
Resources
- source: A
git-typePipelineResourcespecifying the location of the source to build.
Outputs
Resources
- image: An
image-typePipelineResourcespecifying the image that should be built.
ServiceAccount
kaniko builds an image and pushes it to the destination defined as a parameter.
In order to properly authenticate to the remote container registry, it needs to
have the proper credentials. This is achieved using a ServiceAccount.
For an example on how to create such a ServiceAccount to push an image to
DockerHub, see the
Authentication
documentation page.
Usage
This TaskRun runs the Task to fetch a Git repo, and build and push a container image using Kaniko
apiVersion: tekton.dev/v1alpha1
kind: TaskRun
metadata:
name: example-run
spec:
taskRef:
name: kaniko
inputs:
resources:
- name: source
resourceSpec:
type: git
params:
- name: url
value: https://github.com/my-user/my-repo
outputs:
resources:
- name: image
resourceSpec:
type: image
params:
- name: url
value: gcr.io/my-repo/my-image