From c7bcc673fc352a57f1886db3283718bd7f1772cc Mon Sep 17 00:00:00 2001 From: Priya Wadhwa Date: Mon, 16 Apr 2018 10:38:38 -0700 Subject: [PATCH 1/2] allow snapshot of kaniko certs so kaniko can build kaniko --- cmd/executor/cmd/root.go | 5 +---- pkg/constants/constants.go | 2 ++ pkg/util/fs_util.go | 2 +- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/cmd/executor/cmd/root.go b/cmd/executor/cmd/root.go index c5b27e49e..825b893bc 100644 --- a/cmd/executor/cmd/root.go +++ b/cmd/executor/cmd/root.go @@ -100,10 +100,7 @@ func resolveSourceContext() error { if srcContext == "" && bucket == "" { return errors.New("please specify a path to the build context with the --context flag or a GCS bucket with the --bucket flag") } - if srcContext != "" && bucket != "" { - return errors.New("please specify either --bucket or --context as the desired build context") - } - if srcContext != "" { + if bucket == "" { return nil } logrus.Infof("Using GCS bucket %s as source context", bucket) diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 93bb37e0d..5755e5eed 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -31,6 +31,8 @@ const ( // KanikoExecutor is the path to the kaniko executor KanikoExecutor = "/kaniko/executor" + // KanikoCerts is the path to the kaniko certs + KanikoCerts = "/kaniko/ssl/certs/ca-certificates.crt" WhitelistPath = "/proc/self/mountinfo" diff --git a/pkg/util/fs_util.go b/pkg/util/fs_util.go index 7bdd6a6e1..4d4cfffbb 100644 --- a/pkg/util/fs_util.go +++ b/pkg/util/fs_util.go @@ -57,7 +57,7 @@ func ExtractFileSystemFromImage(img string) error { // PathInWhitelist returns true if the path is whitelisted func PathInWhitelist(path, directory string) bool { - if path == constants.KanikoExecutor { + if path == constants.KanikoExecutor || path == constants.KanikoCerts { return false } for _, d := range whitelist { From 52c5759fc46bca11063c9723823a46c4d7345815 Mon Sep 17 00:00:00 2001 From: Priya Wadhwa Date: Mon, 16 Apr 2018 11:08:40 -0700 Subject: [PATCH 2/2] create list of build files --- pkg/constants/constants.go | 8 +++----- pkg/util/fs_util.go | 6 ++++-- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/pkg/constants/constants.go b/pkg/constants/constants.go index 5755e5eed..1c036b53a 100644 --- a/pkg/constants/constants.go +++ b/pkg/constants/constants.go @@ -29,11 +29,6 @@ const ( //KanikoDir is the path to the Kaniko directory KanikoDir = "/kaniko" - // KanikoExecutor is the path to the kaniko executor - KanikoExecutor = "/kaniko/executor" - // KanikoCerts is the path to the kaniko certs - KanikoCerts = "/kaniko/ssl/certs/ca-certificates.crt" - WhitelistPath = "/proc/self/mountinfo" Author = "kaniko" @@ -52,3 +47,6 @@ const ( // NoBaseImage is the scratch image NoBaseImage = "scratch" ) + +// KanikoBuildFiles is the list of files required to build kaniko +var KanikoBuildFiles = []string{"/kaniko/executor", "/kaniko/ssl/certs/ca-certificates.crt"} diff --git a/pkg/util/fs_util.go b/pkg/util/fs_util.go index 4d4cfffbb..3c25a1878 100644 --- a/pkg/util/fs_util.go +++ b/pkg/util/fs_util.go @@ -57,8 +57,10 @@ func ExtractFileSystemFromImage(img string) error { // PathInWhitelist returns true if the path is whitelisted func PathInWhitelist(path, directory string) bool { - if path == constants.KanikoExecutor || path == constants.KanikoCerts { - return false + for _, c := range constants.KanikoBuildFiles { + if path == c { + return false + } } for _, d := range whitelist { dirPath := filepath.Join(directory, d)