Merge pull request #94 from priyawadhwa/certs

Allow snapshot of kaniko certs so kaniko can build kaniko

cmd/executor/cmd/root.go

@@ -100,10 +100,7 @@ func resolveSourceContext() error {
 	if srcContext == "" && bucket == "" {
 		return errors.New("please specify a path to the build context with the --context flag or a GCS bucket with the --bucket flag")
 	}
-	if srcContext != "" && bucket != "" {
+	if bucket == "" {
-		return errors.New("please specify either --bucket or --context as the desired build context")
-	}
-	if srcContext != "" {
 		return nil
 	}
 	logrus.Infof("Using GCS bucket %s as source context", bucket)

pkg/constants/constants.go

@@ -29,9 +29,6 @@ const (
 	//KanikoDir is the path to the Kaniko directory
 	KanikoDir = "/kaniko"
 
-	// KanikoExecutor is the path to the kaniko executor
-	KanikoExecutor = "/kaniko/executor"
-
 	WhitelistPath = "/proc/self/mountinfo"
 
 	Author = "kaniko"
@@ -50,3 +47,6 @@ const (
 	// NoBaseImage is the scratch image
 	NoBaseImage = "scratch"
 )
+
+// KanikoBuildFiles is the list of files required to build kaniko
+var KanikoBuildFiles = []string{"/kaniko/executor", "/kaniko/ssl/certs/ca-certificates.crt"}

pkg/util/fs_util.go

@@ -57,9 +57,11 @@ func ExtractFileSystemFromImage(img string) error {
 
 // PathInWhitelist returns true if the path is whitelisted
 func PathInWhitelist(path, directory string) bool {
-	if path == constants.KanikoExecutor {
+	for _, c := range constants.KanikoBuildFiles {
+		if path == c {
 			return false
 		}
+	}
 	for _, d := range whitelist {
 		dirPath := filepath.Join(directory, d)
 		if pkgutil.HasFilepathPrefix(path, dirPath) {