diff --git a/.github/workflows/images.yaml b/.github/workflows/images.yaml index 8ace6b23b..626ab6fa8 100644 --- a/.github/workflows/images.yaml +++ b/.github/workflows/images.yaml @@ -32,28 +32,28 @@ jobs: include: - image: executor - dockerfile: ./deploy/Dockerfile + target: kaniko-executor platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le image-name: gcr.io/kaniko-project/executor tag: ${{ github.sha }} release-tag: latest - image: executor-debug - dockerfile: ./deploy/Dockerfile_debug + target: kaniko-debug platforms: linux/amd64,linux/arm64,linux/s390x image-name: gcr.io/kaniko-project/executor tag: ${{ github.sha }}-debug release-tag: debug - image: executor-slim - dockerfile: ./deploy/Dockerfile_slim + target: kaniko-slim platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le image-name: gcr.io/kaniko-project/executor tag: ${{ github.sha }}-slim release-tag: slim - image: warmer - dockerfile: ./deploy/Dockerfile_warmer + target: kaniko-warmer platforms: linux/amd64,linux/arm64,linux/s390x,linux/ppc64le image-name: gcr.io/kaniko-project/warmer tag: ${{ github.sha }} @@ -91,7 +91,7 @@ jobs: id: build-and-push with: context: . - file: ${{ matrix.dockerfile }} + file: ./deploy/Dockerfile platforms: ${{ steps.platforms.outputs.platforms }} push: ${{ github.event_name != 'pull_request' }} # Only push if not a PR. tags: ${{ matrix.image-name }}:${{ matrix.tag }} @@ -99,6 +99,7 @@ jobs: # https://github.com/docker/build-push-action/blob/master/docs/advanced/cache.md#github-cache cache-from: type=gha cache-to: type=gha,mode=max + target: ${{ matrix.target }} # Sign images if not a PR. - if: github.event_name != 'pull_request' diff --git a/Makefile b/Makefile index a6c1e24f4..91f0af910 100644 --- a/Makefile +++ b/Makefile @@ -48,10 +48,10 @@ export GOFLAGS = -mod=vendor out/executor: $(GO_FILES) - GOARCH=$(GOARCH) GOOS=linux CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -o $@ $(EXECUTOR_PACKAGE) + GOARCH=$(GOARCH) GOOS=$(GOOS) CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -o $@ $(EXECUTOR_PACKAGE) out/warmer: $(GO_FILES) - GOARCH=$(GOARCH) GOOS=linux CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -o $@ $(WARMER_PACKAGE) + GOARCH=$(GOARCH) GOOS=$(GOOS) CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -o $@ $(WARMER_PACKAGE) .PHONY: install-container-diff install-container-diff: @@ -93,17 +93,17 @@ integration-test-misc: .PHONY: k8s-executor-build-push k8s-executor-build-push: - DOCKER_BUILDKIT=1 docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:latest -f deploy/Dockerfile . + DOCKER_BUILDKIT=1 docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) --build-arg=TARGETOS=linux -t $(REGISTRY)/executor:latest -f deploy/Dockerfile --target kaniko-executor . docker push $(REGISTRY)/executor:latest .PHONY: images images: DOCKER_BUILDKIT=1 images: - docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:latest -f deploy/Dockerfile . - docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:debug -f deploy/Dockerfile_debug . - docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/executor:slim -f deploy/Dockerfile_slim . - docker build ${BUILD_ARG} --build-arg=GOARCH=$(GOARCH) -t $(REGISTRY)/warmer:latest -f deploy/Dockerfile_warmer . + docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=TARGETOS=linux -t $(REGISTRY)/executor:latest -f deploy/Dockerfile --target kaniko-executor . + docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=TARGETOS=linux -t $(REGISTRY)/executor:debug -f deploy/Dockerfile --target kaniko-debug . + docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=TARGETOS=linux -t $(REGISTRY)/executor:slim -f deploy/Dockerfile --target kaniko-slim . + docker build ${BUILD_ARG} --build-arg=TARGETARCH=$(GOARCH) --build-arg=TARGETOS=linux -t $(REGISTRY)/warmer:latest -f deploy/Dockerfile --target kaniko-warmer . .PHONY: push push: diff --git a/deploy/Dockerfile b/deploy/Dockerfile index bdca25e0a..d1e5038fc 100644 --- a/deploy/Dockerfile +++ b/deploy/Dockerfile @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -FROM golang:1.20 +FROM golang:1.20 AS builder WORKDIR /src # This arg is passed by docker buildx & contains the target CPU architecture (e.g., amd64, arm64, etc.) @@ -20,6 +20,8 @@ ARG TARGETARCH ARG TARGETOS ENV GOARCH=$TARGETARCH +ENV GOOS=$TARGETOS + ENV CGO_ENABLED=0 ENV GOBIN=/usr/local/bin @@ -27,17 +29,19 @@ ENV GOBIN=/usr/local/bin # Until https://github.com/GoogleCloudPlatform/docker-credential-gcr/issues/128 is addressed, we need to use # the existing compiled versions distributed in GitHub releases ARG GCR_HELPER_VERSION="2.1.8" + +# Checksums can be obtained from https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v2.1.8/checksums.txt ARG GCR_HELPER_SHA_linux_amd64="0da9a0878d34dc8b38ae76519b7137f3179f573cf9c84fec1b81e973b565e2f9" ARG GCR_HELPER_SHA_linux_386="2421d3242beb239eb640daf9dbfa4582416049a92ed93a207a0a3102fde4ea11" ARG GCR_HELPER_SHA_linux_s390x="5d18e62c5952d43993b7ee292f87d812ccd161d4e9d932fbc1567eb5d5013632" ARG GCR_HELPER_SHA_linux_arm64="9d0e67c18fb3e1e048120d06edb9e54e1c11f88139ec77dbc9830e8a8b31745c" -# There is no linux/ppc64le available for docker-credential-gcr, at least let's install it using go install. -RUN if [ $TARGETARCH = "ppc64le"]; then \ - go install github.com/GoogleCloudPlatform/docker-credential-gcr@v${GCR_HELPER_VERSION}; \ +# There is no linux/ppc64le available for docker-credential-gcr, at least let's install it using go install pointing to the tag's commit +RUN if [ "$TARGETARCH" = "ppc64le" ]; then \ + GCR_HELPER_COMMIT=$(git ls-remote -t https://github.com/GoogleCloudPlatform/docker-credential-gcr v$GCR_HELPER_VERSION | head -1 | awk '{print $1}') \ + && go install github.com/GoogleCloudPlatform/docker-credential-gcr@${GCR_HELPER_COMMIT}; \ else \ - echo https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ - && curl -fsSL -o /tmp/gcr-helper.tar.gz https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ + curl -fsSL -o /tmp/gcr-helper.tar.gz https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ && eval "GCR_HELPER_SHA=\${GCR_HELPER_SHA_${TARGETOS}_${TARGETARCH}}" \ && echo "${GCR_HELPER_SHA} /tmp/gcr-helper.tar.gz" | sha256sum -c - \ && tar -xzf /tmp/gcr-helper.tar.gz --directory /usr/local/bin/; \ @@ -56,30 +60,68 @@ COPY . . RUN \ --mount=type=cache,target=/root/.cache/go-build \ --mount=type=cache,target=/go/pkg \ - make GOARCH=$TARGETARCH + make out/executor out/warmer # Generate latest ca-certificates FROM debian:bullseye-slim AS certs RUN apt update && apt install -y ca-certificates -FROM scratch -# Create kaniko directory with world write permission to allow non root run -# use musl busybox since it's staticly compiled -RUN --mount=from=busybox:musl,dst=/usr/ ["busybox", "sh", "-c", "mkdir -p /kaniko && chmod 777 /kaniko"] +# use musl busybox since it's staticly compiled on all platforms +FROM busybox:musl AS busybox + +FROM scratch AS kaniko-base-slim + +# Create kaniko directory with world write permission to allow non root run +RUN --mount=from=busybox,dst=/usr/ ["busybox", "sh", "-c", "mkdir -p /kaniko && chmod 777 /kaniko"] -COPY --from=0 /src/out/executor /kaniko/executor -COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr -COPY --from=0 /usr/local/bin/docker-credential-ecr-login /kaniko/docker-credential-ecr-login -COPY --from=0 /usr/local/bin/docker-credential-acr-env /kaniko/docker-credential-acr-env COPY --from=certs /etc/ssl/certs/ca-certificates.crt /kaniko/ssl/certs/ -COPY --from=0 /kaniko/.docker /kaniko/.docker COPY files/nsswitch.conf /etc/nsswitch.conf ENV HOME /root ENV USER root ENV PATH /usr/local/bin:/kaniko ENV SSL_CERT_DIR=/kaniko/ssl/certs + +FROM kaniko-base-slim AS kaniko-base + +COPY --from=builder --chown=0:0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr +COPY --from=builder --chown=0:0 /usr/local/bin/docker-credential-ecr-login /kaniko/docker-credential-ecr-login +COPY --from=builder --chown=0:0 /usr/local/bin/docker-credential-acr-env /kaniko/docker-credential-acr-env + +COPY --from=builder /kaniko/.docker /kaniko/.docker + ENV DOCKER_CONFIG /kaniko/.docker/ ENV DOCKER_CREDENTIAL_GCR_CONFIG /kaniko/.config/gcloud/docker_credential_gcr_config.json WORKDIR /workspace +### FINAL STAGES ### + +FROM kaniko-base AS kaniko-warmer + +COPY --from=builder /src/out/warmer /kaniko/warmer + +ENTRYPOINT ["/kaniko/warmer"] + +FROM kaniko-base AS kaniko-executor + +COPY --from=builder /src/out/executor /kaniko/executor + +ENTRYPOINT ["/kaniko/executor"] + +FROM kaniko-executor AS kaniko-debug + +ENV PATH /usr/local/bin:/kaniko:/busybox + +COPY --from=builder /src/out/warmer /kaniko/warmer + +COPY --from=busybox /bin /busybox +# Declare /busybox as a volume to get it automatically in the path to ignore +VOLUME /busybox + +RUN ["/busybox/mkdir", "-p", "/bin"] +RUN ["/busybox/ln", "-s", "/busybox/sh", "/bin/sh"] + +FROM kaniko-base-slim AS kaniko-slim + +COPY --from=builder /src/out/executor /kaniko/executor + ENTRYPOINT ["/kaniko/executor"] diff --git a/deploy/Dockerfile_debug b/deploy/Dockerfile_debug deleted file mode 100644 index e987b2f4e..000000000 --- a/deploy/Dockerfile_debug +++ /dev/null @@ -1,94 +0,0 @@ -# Copyright 2018 Google, Inc. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM golang:1.20 -WORKDIR /src - -# This arg is passed by docker buildx & contains the target CPU architecture (e.g., amd64, arm64, etc.) -ARG TARGETARCH -ARG TARGETOS - -ENV GOARCH=$TARGETARCH -ENV CGO_ENABLED=0 -ENV GOBIN=/usr/local/bin - -# Get GCR credential helper -# Until https://github.com/GoogleCloudPlatform/docker-credential-gcr/issues/128 is addressed, we need to use -# the existing compiled versions distributed in GitHub releases -ARG GCR_HELPER_VERSION="2.1.8" -ARG GCR_HELPER_SHA_linux_amd64="0da9a0878d34dc8b38ae76519b7137f3179f573cf9c84fec1b81e973b565e2f9" -ARG GCR_HELPER_SHA_linux_386="2421d3242beb239eb640daf9dbfa4582416049a92ed93a207a0a3102fde4ea11" -ARG GCR_HELPER_SHA_linux_s390x="5d18e62c5952d43993b7ee292f87d812ccd161d4e9d932fbc1567eb5d5013632" -ARG GCR_HELPER_SHA_linux_arm64="9d0e67c18fb3e1e048120d06edb9e54e1c11f88139ec77dbc9830e8a8b31745c" - -# There is no linux/ppc64le available for docker-credential-gcr, at least let's install it using go install. -RUN if [ $TARGETARCH = "ppc64le"]; then \ - go install github.com/GoogleCloudPlatform/docker-credential-gcr@v${GCR_HELPER_VERSION}; \ - else \ - echo https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ - && curl -fsSL -o /tmp/gcr-helper.tar.gz https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ - && eval "GCR_HELPER_SHA=\${GCR_HELPER_SHA_${TARGETOS}_${TARGETARCH}}" \ - && echo "${GCR_HELPER_SHA} /tmp/gcr-helper.tar.gz" | sha256sum -c - \ - && tar -xzf /tmp/gcr-helper.tar.gz --directory /usr/local/bin/; \ - fi - - -# Get Amazon ECR credential helper -RUN go install github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login@adf1bafd791ae7d4ff098108b1e91f36a4da5404 # v0.7.1 - -# Get ACR docker env credential helper -RUN go install github.com/chrismellard/docker-credential-acr-env@82a0ddb2758901b711d9d1614755b77e401598a1 - -# Add .docker config dir -RUN mkdir -p /kaniko/.docker - -COPY . . -RUN \ - --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg \ - make GOARCH=$TARGETARCH && \ - make GOARCH=$TARGETARCH out/warmer - -# Generate latest ca-certificates -FROM debian:bullseye-slim AS certs -RUN apt update && apt install -y ca-certificates - -# use musl busybox since it's staticly compiled on all platforms -FROM busybox:musl as busybox -FROM scratch -# Create kaniko directory with world write permission to allow non root run -RUN --mount=from=busybox,dst=/usr/ ["busybox", "sh", "-c", "mkdir -p /kaniko && chmod 777 /kaniko"] - -COPY --from=0 /src/out/executor /kaniko/executor -COPY --from=0 /src/out/warmer /kaniko/warmer -COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr -COPY --from=0 /usr/local/bin/docker-credential-ecr-login /kaniko/docker-credential-ecr-login -COPY --from=0 /usr/local/bin/docker-credential-acr-env /kaniko/docker-credential-acr-env -COPY --from=busybox /bin /busybox -# Declare /busybox as a volume to get it automatically in the path to ignore -VOLUME /busybox - -COPY --from=certs /etc/ssl/certs/ca-certificates.crt /kaniko/ssl/certs/ -COPY --from=0 /kaniko/.docker /kaniko/.docker -COPY files/nsswitch.conf /etc/nsswitch.conf -ENV HOME /root -ENV USER root -ENV PATH /usr/local/bin:/kaniko:/busybox -ENV SSL_CERT_DIR=/kaniko/ssl/certs -ENV DOCKER_CONFIG /kaniko/.docker/ -ENV DOCKER_CREDENTIAL_GCR_CONFIG /kaniko/.config/gcloud/docker_credential_gcr_config.json -WORKDIR /workspace -RUN ["/busybox/mkdir", "-p", "/bin"] -RUN ["/busybox/ln", "-s", "/busybox/sh", "/bin/sh"] -ENTRYPOINT ["/kaniko/executor"] diff --git a/deploy/Dockerfile_slim b/deploy/Dockerfile_slim deleted file mode 100644 index 8cce8e04d..000000000 --- a/deploy/Dockerfile_slim +++ /dev/null @@ -1,47 +0,0 @@ -# Copyright 2020 Google, Inc. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Builds the static Go image to execute in a Kubernetes job -FROM golang:1.20 - -# This arg is passed by docker buildx & contains the target CPU architecture (e.g., amd64, arm64, etc.) -ARG TARGETARCH - -WORKDIR /src -COPY . . - -RUN \ - --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg \ - make GOARCH=$TARGETARCH - -# Generate latest ca-certificates -FROM debian:bullseye-slim AS certs -RUN apt update && apt install -y ca-certificates - -FROM scratch - -# Create kaniko directory with world write permission to allow non root run -# use musl busybox since it's staticly compiled -RUN --mount=from=busybox:musl,dst=/usr/ ["busybox", "sh", "-c", "mkdir -p /kaniko && chmod 777 /kaniko"] -COPY --from=0 /src/out/executor /kaniko/executor -COPY files/nsswitch.conf /etc/nsswitch.conf -COPY --from=certs /etc/ssl/certs/ca-certificates.crt /kaniko/ssl/certs/ -ENV HOME /root -ENV USER root -ENV PATH /usr/local/bin:/kaniko -ENV SSL_CERT_DIR=/kaniko/ssl/certs - -ENTRYPOINT ["/kaniko/executor"] - diff --git a/deploy/Dockerfile_warmer b/deploy/Dockerfile_warmer deleted file mode 100644 index 27a1616f6..000000000 --- a/deploy/Dockerfile_warmer +++ /dev/null @@ -1,84 +0,0 @@ -# Copyright 2018 Google, Inc. All rights reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -FROM golang:1.20 -WORKDIR /src - -# This arg is passed by docker buildx & contains the target CPU architecture (e.g., amd64, arm64, etc.) -ARG TARGETARCH -ARG TARGETOS - -ENV GOARCH=$TARGETARCH -ENV CGO_ENABLED=0 -ENV GOBIN=/usr/local/bin - -# Get GCR credential helper -# Until https://github.com/GoogleCloudPlatform/docker-credential-gcr/issues/128 is addressed, we need to use -# the existing compiled versions distributed in GitHub releases -ARG GCR_HELPER_VERSION="2.1.8" -ARG GCR_HELPER_SHA_linux_amd64="0da9a0878d34dc8b38ae76519b7137f3179f573cf9c84fec1b81e973b565e2f9" -ARG GCR_HELPER_SHA_linux_386="2421d3242beb239eb640daf9dbfa4582416049a92ed93a207a0a3102fde4ea11" -ARG GCR_HELPER_SHA_linux_s390x="5d18e62c5952d43993b7ee292f87d812ccd161d4e9d932fbc1567eb5d5013632" -ARG GCR_HELPER_SHA_linux_arm64="9d0e67c18fb3e1e048120d06edb9e54e1c11f88139ec77dbc9830e8a8b31745c" - -# There is no linux/ppc64le available for docker-credential-gcr, at least let's install it using go install. -RUN if [ $TARGETARCH = "ppc64le"]; then \ - go install github.com/GoogleCloudPlatform/docker-credential-gcr@v${GCR_HELPER_VERSION}; \ - else \ - echo https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ - && curl -fsSL -o /tmp/gcr-helper.tar.gz https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v${GCR_HELPER_VERSION}/docker-credential-gcr_${TARGETOS}_${TARGETARCH}-${GCR_HELPER_VERSION}.tar.gz \ - && eval "GCR_HELPER_SHA=\${GCR_HELPER_SHA_${TARGETOS}_${TARGETARCH}}" \ - && echo "${GCR_HELPER_SHA} /tmp/gcr-helper.tar.gz" | sha256sum -c - \ - && tar -xzf /tmp/gcr-helper.tar.gz --directory /usr/local/bin/; \ - fi - -# Get Amazon ECR credential helper -RUN go install github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login@adf1bafd791ae7d4ff098108b1e91f36a4da5404 # v0.7.1 - -# Get ACR docker env credential helper -RUN go install github.com/chrismellard/docker-credential-acr-env@82a0ddb2758901b711d9d1614755b77e401598a1 - -# Add .docker config dir -RUN mkdir -p /kaniko/.docker - -COPY . . -RUN \ - --mount=type=cache,target=/root/.cache/go-build \ - --mount=type=cache,target=/go/pkg \ - make GOARCH=$TARGETARCH out/warmer - -# Generate latest ca-certificates -FROM debian:bullseye-slim AS certs -RUN apt update && apt install -y ca-certificates - -FROM scratch -# Create kaniko directory with world write permission to allow non root run -# use musl busybox since it's staticly compiled -RUN --mount=from=busybox:musl,dst=/usr/ ["busybox", "sh", "-c", "mkdir -p /kaniko && chmod 777 /kaniko"] - -COPY --from=0 /src/out/warmer /kaniko/warmer -COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr -COPY --from=0 /usr/local/bin/docker-credential-ecr-login /kaniko/docker-credential-ecr-login -COPY --from=0 /usr/local/bin/docker-credential-acr-env /kaniko/docker-credential-acr-env -COPY --from=certs /etc/ssl/certs/ca-certificates.crt /kaniko/ssl/certs/ -COPY --from=0 /kaniko/.docker /kaniko/.docker -COPY files/nsswitch.conf /etc/nsswitch.conf -ENV HOME /root -ENV USER /root -ENV PATH /usr/local/bin:/kaniko -ENV SSL_CERT_DIR=/kaniko/ssl/certs -ENV DOCKER_CONFIG /kaniko/.docker/ -ENV DOCKER_CREDENTIAL_GCR_CONFIG /kaniko/.config/gcloud/docker_credential_gcr_config.json -WORKDIR /workspace -ENTRYPOINT ["/kaniko/warmer"] diff --git a/integration/integration_test.go b/integration/integration_test.go index 521e38415..323901d00 100644 --- a/integration/integration_test.go +++ b/integration/integration_test.go @@ -153,10 +153,10 @@ func buildRequiredImages() error { command []string }{{ name: "Building kaniko image", - command: []string{"docker", "build", "-t", ExecutorImage, "-f", "../deploy/Dockerfile", ".."}, + command: []string{"docker", "build", "-t", ExecutorImage, "-f", "../deploy/Dockerfile", "--target", "kaniko-executor", ".."}, }, { name: "Building cache warmer image", - command: []string{"docker", "build", "-t", WarmerImage, "-f", "../deploy/Dockerfile_warmer", ".."}, + command: []string{"docker", "build", "-t", WarmerImage, "-f", "../deploy/Dockerfile", "--target", "kaniko-warmer", ".."}, }, { name: "Building onbuild base image", command: []string{"docker", "build", "-t", config.onbuildBaseImage, "-f", fmt.Sprintf("%s/Dockerfile_onbuild_base", dockerfilesPath), "."},