public_git
/
kaniko
mirror of https://github.com/GoogleContainerTools/kaniko
1
0
Fork 0
Code Issues Releases Wiki Activity

Make sure necessary files aren't deleted for multistage builds

This commit is contained in:
Priya Wadhwa 2018-05-21 11:20:32 -07:00
parent e673e36576
commit 577f448993
No known key found for this signature in database
GPG Key ID: 0D0DAFD8F7AA73AE
2 changed files with 11 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/constants/constants.go
View File

@ -48,5 +48,7 @@ const (
NoBaseImage = "scratch"
)
// KanikoBuildFiles is the list of files required to build kaniko
var KanikoBuildFiles = []string{"/kaniko/executor", "/kaniko/ssl/certs/ca-certificates.crt"}
// KanikoFiles is the list of files that shouldn't be deleted from kaniko
var KanikoFiles = []string{"/kaniko/executor", "/kaniko/ssl/certs/ca-certificates.crt",
"/root/.docker/config.json", "/usr/local/bin/docker-credential-gcr",
"/usr/local/bin/docker-credential-ecr-login"}

8
pkg/util/fs_util.go
View File

@ -128,6 +128,12 @@ func DeleteFilesystem() error {
// ChildDirInWhitelist returns true if there is a child file or directory of the path in the whitelist
func ChildDirInWhitelist(path, directory string) bool {
for _, d := range constants.KanikoFiles {
dirPath := filepath.Join(directory, d)
if HasFilepathPrefix(dirPath, path) {
return true
}
}
for _, d := range whitelist {
dirPath := filepath.Join(directory, d)
if HasFilepathPrefix(dirPath, path) {
@ -217,7 +223,7 @@ func extractFile(dest string, hdr *tar.Header, tr io.Reader) error {
}
func PathInWhitelist(path, directory string) bool {
for _, c := range constants.KanikoBuildFiles {
for _, c := range constants.KanikoFiles {
if path == c {
return false
}