Merge pull request #64 from priyawadhwa/readme

Readme and change name to kaniko
2018-04-11 14:55:06 -07:00 · 2018-04-11 14:55:06 -07:00 · 620a95451e
parent ce2b515d49 885987076e
commit 620a95451e
21 changed files with 256 additions and 105 deletions
--- a/14
+++ b/14
@ -23,7 +23,7 @@ GOOS ?= $(shell go env GOOS)
 GOARCH = amd64
 ORG := github.com/GoogleCloudPlatform
 PROJECT := k8s-container-builder
-REGISTRY?=gcr.io/kbuild-project
+REGISTRY?=gcr.io/kaniko-project

 REPOPATH ?= $(ORG)/$(PROJECT)

@ -32,23 +32,23 @@ GO_LDFLAGS := '-extldflags "-static"'
 GO_BUILD_TAGS := "containers_image_ostree_stub containers_image_openpgp exclude_graphdriver_devicemapper exclude_graphdriver_btrfs exclude_graphdriver_overlay"

 EXECUTOR_PACKAGE = $(REPOPATH)/executor
-KBUILD_PACKAGE = $(REPOPATH)/kbuild
+KANIKO_PROJECT = $(REPOPATH)/kaniko

 out/executor: $(GO_FILES)
 	GOARCH=$(GOARCH) GOOS=linux CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -tags $(GO_BUILD_TAGS) -o $@ $(EXECUTOR_PACKAGE)


-out/kbuild: $(GO_FILES)
-	GOOS=$* GOARCH=$(GOARCH) CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -tags $(GO_BUILD_TAGS) -o $@ $(KBUILD_PACKAGE)
+out/kaniko: $(GO_FILES)
+	GOOS=$* GOARCH=$(GOARCH) CGO_ENABLED=0 go build -ldflags $(GO_LDFLAGS) -tags $(GO_BUILD_TAGS) -o $@ $(KANIKO_PROJECT)

 .PHONY: test
-test: out/executor out/kbuild
+test: out/executor out/kaniko
 	@ ./test.sh

 .PHONY: integration-test
-integration-test: out/executor out/kbuild
+integration-test: out/executor out/kaniko
 	@ ./integration-test.sh

 .PHONY: images
-images: out/executor out/kbuild
+images: out/executor out/kaniko
 	docker build -t $(REGISTRY)/executor:latest -f deploy/Dockerfile .
--- a/README.md
+++ b/README.md
@ -1 +1,142 @@
-kbuild is a tool to build container images from a Dockerfile in a Kubernetes cluster.
+# kaniko
+
+kaniko is a tool to build unpriviliged container images from a Dockerfile.
+kaniko doesn't depend on a Docker daemon and executes each command within a Dockerfile completely in userspace.
+This enables building container images in environments that can't easily or securely run a Docker daemon, such as a standard Kubernetes cluster. 
+
+The majority of Dockerfile commands can be executed with kaniko, but we're still working on supporting the following commands:
+* SHELL
+* HEALTHCHECK
+* STOPSIGNAL
+* ONBUILD
+* ARG
+
+We're currently in the process of building kaniko, so as of now it isn't production ready.
+Please let us know if you have any feature requests or find any bugs!
+
+## How does kaniko work?
+
+The kaniko executor image is responsible for building an image from a Dockerfile and pushing it to a registry.
+Within the executor image, we extract the filesystem of the base image (the FROM image in the Dockerfile).
+We then execute the commands in the Dockerfile, snapshotting the filesystem in userspace after each one.
+After each command, we append a layer of changed files to the base image (if there are any) and update image metadata.
+
+## kaniko Build Contexts
+kaniko supports local directories and GCS buckets as build contexts. To specify a local directory, pass in the `--context` flag as an argument to the executor image.
+To specify a GCS bucket, pass in the `--bucket` flag.
+The GCS bucket should contain a compressed tar of the build context called `context.tar.gz`, which kaniko will unpack and use as the build context. 
+
+To create `context.tar.gz`, run the following command:
+```shell
+tar -C <path to build context> -zcvf context.tar.gz .
+```
+
+Or, you can use [skaffold](https://github.com/GoogleCloudPlatform/skaffold) to create `context.tar.gz` by running
+```
+skaffold docker context
+```
+
+We can copy over the compressed tar to a GCS bucket with gsutil:
+
+```
+gsutil cp context.tar.gz gs://<bucket name>
+```
+
+## Running kaniko locally
+
+Requirements:
+* Docker
+* gcloud
+
+We can run the kaniko executor image locally in a Docker daemon to build and push an image from a Dockerfile.
+
+First, we want to load the executor image into the Docker daemon by running
+```shell
+make images
+```
+
+To run kaniko in Docker, run the following command:
+```shell
+./run_in_docker.sh <path to Dockerfile> <path to build context> <destination of final image>
+```
+
+## Running kaniko in a Kubernetes cluster
+
+Requirements:
+* Standard Kubernetes cluster
+* Kubernetes Secret
+
+To run kaniko in a Kubernetes cluster, you will need a standard running Kubernetes cluster and a Kubernetes secret, which contains the auth required to push the final image. 
+
+To create the secret, first you will need to create a service account in the Pantheon project you want to push the final image to, with `Storage Admin` permissions.
+You can download a JSON key for this service account, and rename it `kaniko-secret.json`.
+To create the secret, run:
+
+```shell
+kubectl create secret generic kaniko-secret --from-file=<path to kaniko-secret.json>
+```
+
+The Kubernetes Pod spec should look similar to this, with the args parameters filled in:
+
+```yaml
+apiVersion: v1
+kind: Pod
+metadata:
+  name: kaniko
+spec:
+  containers:
+  - name: kaniko
+    image: gcr.io/kaniko-project/executor:latest
+    args: ["--dockerfile=<path to Dockerfile>",
+            "--bucket=<GCS bucket>",
+            "--destination=<gcr.io/$PROJECT/$IMAGE:$TAG>"]
+    volumeMounts:
+      - name: kaniko-secret
+        mountPath: /secret
+    env:
+      - name: GOOGLE_APPLICATION_CREDENTIALS
+        value: /secret/kaniko-secret.json
+  restartPolicy: Never
+  volumes:
+    - name: kaniko-secret
+      secret:
+        secretName: kaniko-secret
+```
+
+This example pulls the build context from a GCS bucket.
+To use a local directory build context, you could consider using configMaps to mount in small build contexts.
+
+## Running kaniko in Google Container Builder 
+To run kaniko in GCB, add it to your build config as a build step:
+
+```yaml
+steps:
+  - name: gcr.io/kaniko-project/executor:latest
+    args: ["--dockerfile=<path to Dockerfile>",
+           "--context=<path to build context>",
+           "--destination=<gcr.io/$PROJECT/$IMAGE:$TAG>"]
+```
+kaniko will build and push the final image in this build step.
+
+## Comparison with Other Tools
+
+Similar tools include:
+* [img](https://github.com/genuinetools/img)
+* [orca-build](https://github.com/cyphar/orca-build)
+* [buildah](https://github.com/projectatomic/buildah)
+* [FTL](https://github.com/GoogleCloudPlatform/runtimes-common/tree/master/ftl)
+
+All of these tools build container images with different approaches.
+Both kaniko and img build unprivileged images, but they interpret “unprivileged” differently.
+img builds as a non root user from within the container, while kaniko is run in an unprivileged environment with root access inside the container. 
+
+orca-build depends on runC to build images from Dockerfiles; since kaniko doesn't use runC it doesn't require the use of kernel namespacing techniques.
+
+buildah requires the same root privilges as a Docker daemon does to run, while kaniko runs without any special privileges or permissions.  
+
+FTL aims to achieve the fastest possible creation of Docker images for a subset of images.
+It can be thought of as a special-case "fast path" that can be used in conjunction with the support for general Dockerfiles kaniko provides.
+
+## Community
+
+[kaniko-users](https://groups.google.com/forum/#!forum/kaniko-users) Google group
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@ -15,10 +15,11 @@
 # Builds the static Go image to execute in a Kubernetes job

 FROM scratch
-ADD out/executor /kbuild/executor
+ADD out/executor /kaniko/executor
 ADD files/ca-certificates.crt /etc/ssl/certs/
 ADD files/docker-credential-gcr /usr/local/bin/
 ADD files/config.json /root/.docker/
+RUN ["docker-credential-gcr", "config", "--token-source=env"]
 ENV HOME /root
 ENV PATH /usr/local/bin
-ENTRYPOINT ["/kbuild/executor"]
+ENTRYPOINT ["/kaniko/executor"]
--- a/executor/cmd/root.go
+++ b/executor/cmd/root.go
@ -50,13 +50,15 @@ func init() {
 var RootCmd = &cobra.Command{
 	Use: "executor",
 	PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
-		return util.SetLogLevel(logLevel)
+		if err := util.SetLogLevel(logLevel); err != nil {
+			return err
+		}
+		if err := resolveSourceContext(); err != nil {
+			return err
+		}
+		return checkDockerfilePath()
 	},
 	Run: func(cmd *cobra.Command, args []string) {
-		if err := resolveSourceContext(); err != nil {
-			logrus.Error(err)
-			os.Exit(1)
-		}
 		if err := execute(); err != nil {
 			logrus.Error(err)
 			os.Exit(1)
@ -64,6 +66,18 @@ var RootCmd = &cobra.Command{
 	},
 }

+func checkDockerfilePath() error {
+	if util.FilepathExists(dockerfilePath) {
+		return nil
+	}
+	// Otherwise, check if the path relative to the build context exists
+	if util.FilepathExists(filepath.Join(srcContext, dockerfilePath)) {
+		dockerfilePath = filepath.Join(srcContext, dockerfilePath)
+		return nil
+	}
+	return errors.New("please provide a valid path to a Dockerfile within the build context")
+}
+
 // resolveSourceContext unpacks the source context if it is a tar in a GCS bucket
 // it resets srcContext to be the path to the unpacked build context within the image
 func resolveSourceContext() error {
@ -83,11 +97,6 @@ func resolveSourceContext() error {
 	}
 	logrus.Debugf("Unpacked tar from %s to path %s", bucket, buildContextPath)
 	srcContext = buildContextPath
-	// If path to dockerfile doesn't exist, assume it is in the unpacked tar
-	if !util.FilepathExists(dockerfilePath) {
-		logrus.Debugf("Expecting dockerfile to be located at %s within the tar build context", dockerfilePath)
-		dockerfilePath = filepath.Join(srcContext, dockerfilePath)
-	}
 	return nil
 }

--- a/integration_tests/dockerfiles/config_test_add.json
+++ b/integration_tests/dockerfiles/config_test_add.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-add:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-add:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-add:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-add:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_bucket_buildcontext.json
+++ b/integration_tests/dockerfiles/config_test_bucket_buildcontext.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-bucket-buildcontext:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-bucket-buildcontext:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-bucket-buildcontext:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-bucket-buildcontext:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_copy.json
+++ b/integration_tests/dockerfiles/config_test_copy.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-copy:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-copy:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-copy:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-copy:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_extract_fs.json
+++ b/integration_tests/dockerfiles/config_test_extract_fs.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-extract-filesystem:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-extract-filesystem:latest",
+    "Image1": "gcr.io/kaniko-test/docker-extract-filesystem:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-extract-filesystem:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_run.json
+++ b/integration_tests/dockerfiles/config_test_run.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-run:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-run:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-run:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-run:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_run_2.json
+++ b/integration_tests/dockerfiles/config_test_run_2.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-run-2:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-run-2:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-run-2:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-run-2:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_volume.json
+++ b/integration_tests/dockerfiles/config_test_volume.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-volume:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-volume:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-volume:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-volume:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/dockerfiles/config_test_workdir.json
+++ b/integration_tests/dockerfiles/config_test_workdir.json
@ -1,7 +1,7 @@
 [
  {
-    "Image1": "gcr.io/kbuild-test/docker-test-workdir:latest",
-    "Image2": "gcr.io/kbuild-test/kbuild-test-workdir:latest",
+    "Image1": "gcr.io/kaniko-test/docker-test-workdir:latest",
+    "Image2": "gcr.io/kaniko-test/kaniko-test-workdir:latest",
    "DiffType": "File",
    "Diff": {
      "Adds": null,
--- a/integration_tests/integration_test_yaml.go
+++ b/integration_tests/integration_test_yaml.go
@ -26,12 +26,12 @@ const (
 	executorImage           = "executor-image"
 	dockerImage             = "gcr.io/cloud-builders/docker"
 	ubuntuImage             = "ubuntu"
-	testRepo                = "gcr.io/kbuild-test/"
+	testRepo                = "gcr.io/kaniko-test/"
 	dockerPrefix            = "docker-"
-	kbuildPrefix            = "kbuild-"
+	kanikoPrefix            = "kaniko-"
 	daemonPrefix            = "daemon://"
 	containerDiffOutputFile = "container-diff.json"
-	kbuildTestBucket        = "kbuild-test-bucket"
+	kanikoTestBucket        = "kaniko-test-bucket"
 	buildcontextPath        = "/workspace/integration_tests"
 	dockerfilesPath         = "/workspace/integration_tests/dockerfiles"
 )
@ -41,8 +41,8 @@ var fileTests = []struct {
 	dockerfilePath      string
 	configPath          string
 	dockerContext       string
-	kbuildContext       string
-	kbuildContextBucket bool
+	kanikoContext       string
+	kanikoContextBucket bool
 	repo                string
 }{
 	{
@ -50,7 +50,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_extract_fs",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_extract_fs.json",
 		dockerContext:  dockerfilesPath,
-		kbuildContext:  dockerfilesPath,
+		kanikoContext:  dockerfilesPath,
 		repo:           "extract-filesystem",
 	},
 	{
@ -58,7 +58,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_run",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_run.json",
 		dockerContext:  dockerfilesPath,
-		kbuildContext:  dockerfilesPath,
+		kanikoContext:  dockerfilesPath,
 		repo:           "test-run",
 	},
 	{
@ -66,7 +66,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_run_2",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_run_2.json",
 		dockerContext:  dockerfilesPath,
-		kbuildContext:  dockerfilesPath,
+		kanikoContext:  dockerfilesPath,
 		repo:           "test-run-2",
 	},
 	{
@ -74,7 +74,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_copy",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_copy.json",
 		dockerContext:  buildcontextPath,
-		kbuildContext:  buildcontextPath,
+		kanikoContext:  buildcontextPath,
 		repo:           "test-copy",
 	},
 	{
@ -82,8 +82,8 @@ var fileTests = []struct {
 		dockerfilePath:      "/workspace/integration_tests/dockerfiles/Dockerfile_test_copy",
 		configPath:          "/workspace/integration_tests/dockerfiles/config_test_bucket_buildcontext.json",
 		dockerContext:       buildcontextPath,
-		kbuildContext:       kbuildTestBucket,
-		kbuildContextBucket: true,
+		kanikoContext:       kanikoTestBucket,
+		kanikoContextBucket: true,
 		repo:                "test-bucket-buildcontext",
 	},
 	{
@ -91,7 +91,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_workdir",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_workdir.json",
 		dockerContext:  buildcontextPath,
-		kbuildContext:  buildcontextPath,
+		kanikoContext:  buildcontextPath,
 		repo:           "test-workdir",
 	},
 	{
@ -99,7 +99,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_volume",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_volume.json",
 		dockerContext:  buildcontextPath,
-		kbuildContext:  buildcontextPath,
+		kanikoContext:  buildcontextPath,
 		repo:           "test-volume",
 	},
 	{
@ -107,7 +107,7 @@ var fileTests = []struct {
 		dockerfilePath: "/workspace/integration_tests/dockerfiles/Dockerfile_test_add",
 		configPath:     "/workspace/integration_tests/dockerfiles/config_test_add.json",
 		dockerContext:  buildcontextPath,
-		kbuildContext:  buildcontextPath,
+		kanikoContext:  buildcontextPath,
 		repo:           "test-add",
 	},
 }
@ -117,7 +117,7 @@ var structureTests = []struct {
 	dockerfilePath        string
 	structureTestYamlPath string
 	dockerBuildContext    string
-	kbuildContext         string
+	kanikoContext         string
 	repo                  string
 }{
 	{
@ -125,7 +125,7 @@ var structureTests = []struct {
 		dockerfilePath:        "/workspace/integration_tests/dockerfiles/Dockerfile_test_env",
 		repo:                  "test-env",
 		dockerBuildContext:    dockerfilesPath,
-		kbuildContext:         dockerfilesPath,
+		kanikoContext:         dockerfilesPath,
 		structureTestYamlPath: "/workspace/integration_tests/dockerfiles/test_env.yaml",
 	},
 	{
@ -133,7 +133,7 @@ var structureTests = []struct {
 		dockerfilePath:        "/workspace/integration_tests/dockerfiles/Dockerfile_test_metadata",
 		repo:                  "test-metadata",
 		dockerBuildContext:    dockerfilesPath,
-		kbuildContext:         dockerfilesPath,
+		kanikoContext:         dockerfilesPath,
 		structureTestYamlPath: "/workspace/integration_tests/dockerfiles/test_metadata.yaml",
 	},
 	{
@ -141,7 +141,7 @@ var structureTests = []struct {
 		dockerfilePath:        "/workspace/integration_tests/dockerfiles/Dockerfile_test_user_run",
 		repo:                  "test-user",
 		dockerBuildContext:    dockerfilesPath,
-		kbuildContext:         dockerfilesPath,
+		kanikoContext:         dockerfilesPath,
 		structureTestYamlPath: "/workspace/integration_tests/dockerfiles/test_user.yaml",
 	},
 }
@ -182,7 +182,7 @@ func main() {
 	}
 	uploadTarBuildContext := step{
 		Name: "gcr.io/cloud-builders/gsutil",
-		Args: []string{"cp", "/workspace/context.tar.gz", "gs://kbuild-test-bucket/"},
+		Args: []string{"cp", "/workspace/context.tar.gz", "gs://kaniko-test-bucket/"},
 	}

 	// Build executor image
@ -201,27 +201,27 @@ func main() {
 			Args: []string{"build", "-t", dockerImageTag, "-f", test.dockerfilePath, test.dockerContext},
 		}

-		// Then, buld the image with kbuild
-		kbuildImage := testRepo + kbuildPrefix + test.repo
+		// Then, buld the image with kaniko
+		kanikoImage := testRepo + kanikoPrefix + test.repo
 		contextFlag := "--context"
-		if test.kbuildContextBucket {
+		if test.kanikoContextBucket {
 			contextFlag = "--bucket"
 		}
-		kbuild := step{
+		kaniko := step{
 			Name: executorImage,
-			Args: []string{"--destination", kbuildImage, "--dockerfile", test.dockerfilePath, contextFlag, test.kbuildContext},
+			Args: []string{"--destination", kanikoImage, "--dockerfile", test.dockerfilePath, contextFlag, test.kanikoContext},
 		}

-		// Pull the kbuild image
-		pullKbuildImage := step{
+		// Pull the kaniko image
+		pullKanikoImage := step{
 			Name: dockerImage,
-			Args: []string{"pull", kbuildImage},
+			Args: []string{"pull", kanikoImage},
 		}

 		daemonDockerImage := daemonPrefix + dockerImageTag
-		daemonKbuildImage := daemonPrefix + kbuildImage
+		daemonKanikoImage := daemonPrefix + kanikoImage
 		// Run container diff on the images
-		args := "container-diff-linux-amd64 diff " + daemonDockerImage + " " + daemonKbuildImage + " --type=file -j >" + containerDiffOutputFile
+		args := "container-diff-linux-amd64 diff " + daemonDockerImage + " " + daemonKanikoImage + " --type=file -j >" + containerDiffOutputFile
 		containerDiff := step{
 			Name: ubuntuImage,
 			Args: []string{"sh", "-c", args},
@ -237,7 +237,7 @@ func main() {
 			Args: []string{"cmp", test.configPath, containerDiffOutputFile},
 		}

-		y.Steps = append(y.Steps, dockerBuild, kbuild, pullKbuildImage, containerDiff, catContainerDiffOutput, compareOutputs)
+		y.Steps = append(y.Steps, dockerBuild, kaniko, pullKanikoImage, containerDiff, catContainerDiffOutput, compareOutputs)
 	}

 	for _, test := range structureTests {
@ -249,19 +249,19 @@ func main() {
 			Args: []string{"build", "-t", dockerImageTag, "-f", test.dockerfilePath, test.dockerBuildContext},
 		}

-		// Build the image with kbuild
-		kbuildImage := testRepo + kbuildPrefix + test.repo
-		kbuild := step{
+		// Build the image with kaniko
+		kanikoImage := testRepo + kanikoPrefix + test.repo
+		kaniko := step{
 			Name: executorImage,
-			Args: []string{"--destination", kbuildImage, "--dockerfile", test.dockerfilePath, "--context", test.kbuildContext},
+			Args: []string{"--destination", kanikoImage, "--dockerfile", test.dockerfilePath, "--context", test.kanikoContext},
 		}
-		// Pull the kbuild image
-		pullKbuildImage := step{
+		// Pull the kaniko image
+		pullKanikoImage := step{
 			Name: dockerImage,
-			Args: []string{"pull", kbuildImage},
+			Args: []string{"pull", kanikoImage},
 		}
-		// Run structure tests on the kbuild and docker image
-		args := "container-structure-test -image " + kbuildImage + " " + test.structureTestYamlPath
+		// Run structure tests on the kaniko and docker image
+		args := "container-structure-test -image " + kanikoImage + " " + test.structureTestYamlPath
 		structureTest := step{
 			Name: ubuntuImage,
 			Args: []string{"sh", "-c", args},
@ -274,7 +274,7 @@ func main() {
 			Env:  []string{"PATH=/workspace:/bin"},
 		}

-		y.Steps = append(y.Steps, dockerBuild, kbuild, pullKbuildImage, structureTest, dockerStructureTest)
+		y.Steps = append(y.Steps, dockerBuild, kaniko, pullKanikoImage, structureTest, dockerStructureTest)
 	}

 	d, _ := yaml.Marshal(&y)
--- a/kaniko/cmd/root.go
+++ b/kaniko/cmd/root.go
@ -21,9 +21,9 @@ import (
 )

 var RootCmd = &cobra.Command{
-	Use:   "kbuild",
-	Short: "kbuild is a CLI tool for building container images with full Dockerfile support without the need for Docker",
-	Long: `kbuild is a CLI tool for building container images with full Dockerfile support. It doesn't require Docker,
+	Use:   "kaniko",
+	Short: "kaniko is a CLI tool for building container images with full Dockerfile support without the need for Docker",
+	Long: `kaniko is a CLI tool for building container images with full Dockerfile support. It doesn't require Docker,
 			and builds the images in a Kubernetes cluster before pushing the final image to a registry.`,
 	Run: func(cmd *cobra.Command, args []string) {
 	},
--- a/kaniko/main.go
+++ b/kaniko/main.go
@ -18,7 +18,7 @@ package main

 import (
 	"fmt"
-	"github.com/GoogleCloudPlatform/k8s-container-builder/kbuild/cmd"
+	"github.com/GoogleCloudPlatform/k8s-container-builder/kaniko/cmd"
 	"os"
 )

--- a/pkg/constants/constants.go
+++ b/pkg/constants/constants.go
@ -26,17 +26,17 @@ const (
 	// WorkspaceDir is the path to the workspace directory
 	WorkspaceDir = "/workspace"

-	//KbuildDir is the path to the kbuild directory
-	KbuildDir = "/kbuild"
+	//KanikoDir is the path to the Kaniko directory
+	KanikoDir = "/kaniko"

 	WhitelistPath = "/proc/self/mountinfo"

-	Author = "kbuild"
+	Author = "kaniko"

 	// ContextTar is the default name of the tar uploaded to GCS buckets
 	ContextTar = "context.tar.gz"

 	// BuildContextDir is the directory a build context will be unpacked into,
 	// for example, a tarball from a GCS bucket will be unpacked here
-	BuildContextDir = "/kbuild/buildcontext/"
+	BuildContextDir = "/kaniko/buildcontext/"
 )
--- a/pkg/snapshot/snapshot_test.go
+++ b/pkg/snapshot/snapshot_test.go
@ -39,7 +39,7 @@ func TestSnapshotFileChange(t *testing.T) {
 	newFiles := map[string]string{
 		"foo":        "newbaz1",
 		"bar/bat":    "baz",
-		"kbuild/bat": "bat",
+		"kaniko/bat": "bat",
 	}
 	if err := testutil.SetupFiles(testDir, newFiles); err != nil {
 		t.Fatalf("Error setting up fs: %s", err)
@ -135,14 +135,14 @@ func TestSnapshotFiles(t *testing.T) {
 	// Make some changes to the filesystem
 	newFiles := map[string]string{
 		"foo":         "newbaz1",
-		"kbuild/file": "bat",
+		"kaniko/file": "bat",
 	}
 	if err := testutil.SetupFiles(testDir, newFiles); err != nil {
 		t.Fatalf("Error setting up fs: %s", err)
 	}
 	filesToSnapshot := []string{
 		filepath.Join(testDir, "foo"),
-		filepath.Join(testDir, "kbuild/file"),
+		filepath.Join(testDir, "kaniko/file"),
 	}
 	contents, err := snapshotter.TakeSnapshot(filesToSnapshot)
 	if err != nil {
@ -199,7 +199,7 @@ func setUpTestDir() (string, *Snapshotter, error) {
 	files := map[string]string{
 		"foo":         "baz1",
 		"bar/bat":     "baz2",
-		"kbuild/file": "file",
+		"kaniko/file": "file",
 	}
 	// Set up initial files
 	if err := testutil.SetupFiles(testDir, files); err != nil {
--- a/pkg/util/bucket_util.go
+++ b/pkg/util/bucket_util.go
@ -25,7 +25,7 @@ import (
 	"path/filepath"
 )

-// UnpackTarFromGCSBucket unpacks the kbuild.tar file in the given bucket to the given directory
+// UnpackTarFromGCSBucket unpacks the context.tar.gz file in the given bucket to the given directory
 func UnpackTarFromGCSBucket(bucketName, directory string) error {
 	// Get the tar from the bucket
 	tarPath, err := getTarFromBucket(bucketName, directory)
@ -41,7 +41,7 @@ func UnpackTarFromGCSBucket(bucketName, directory string) error {
 	return os.Remove(tarPath)
 }

-// getTarFromBucket gets kbuild.tar from the GCS bucket and saves it to the filesystem
+// getTarFromBucket gets context.tar.gz from the GCS bucket and saves it to the filesystem
 // It returns the path to the tar file
 func getTarFromBucket(bucketName, directory string) (string, error) {
 	ctx := context.Background()
@ -50,7 +50,7 @@ func getTarFromBucket(bucketName, directory string) (string, error) {
 		return "", err
 	}
 	bucket := client.Bucket(bucketName)
-	// Get the tarfile kbuild.tar from the GCS bucket, and save it to a tar object
+	// Get the tarfile context.tar.gz from the GCS bucket, and save it to a tar object
 	reader, err := bucket.Object(constants.ContextTar).NewReader(ctx)
 	if err != nil {
 		return "", err
--- a/pkg/util/fs_util.go
+++ b/pkg/util/fs_util.go
@ -30,7 +30,7 @@ import (
 	"time"
 )

-var whitelist = []string{"/kbuild"}
+var whitelist = []string{"/kaniko"}
 var volumeWhitelist = []string{}

 // ExtractFileSystemFromImage pulls an image and unpacks it to a file system at root
--- a/pkg/util/fs_util_test.go
+++ b/pkg/util/fs_util_test.go
@ -46,7 +46,7 @@ func Test_fileSystemWhitelist(t *testing.T) {
 	}

 	actualWhitelist, err := fileSystemWhitelist(path)
-	expectedWhitelist := []string{"/kbuild", "/proc", "/dev", "/dev/pts", "/sys"}
+	expectedWhitelist := []string{"/kaniko", "/proc", "/dev", "/dev/pts", "/sys"}
 	sort.Strings(actualWhitelist)
 	sort.Strings(expectedWhitelist)
 	testutil.CheckErrorAndDeepEqual(t, false, err, expectedWhitelist, actualWhitelist)
@ -61,7 +61,7 @@ var tests = []struct {
 		files: map[string]string{
 			"/workspace/foo/a": "baz1",
 			"/workspace/foo/b": "baz2",
-			"/kbuild/file":     "file",
+			"/kaniko/file":     "file",
 		},
 		directory: "/workspace/foo/",
 		expectedFiles: []string{
@ -84,7 +84,7 @@ var tests = []struct {
 			"/workspace/foo/a": "baz1",
 			"/workspace/foo/b": "baz2",
 			"/workspace/baz":   "hey",
-			"/kbuild/file":     "file",
+			"/kaniko/file":     "file",
 		},
 		directory: "/workspace",
 		expectedFiles: []string{
@ -99,16 +99,16 @@ var tests = []struct {
 		files: map[string]string{
 			"/workspace/foo/a": "baz1",
 			"/workspace/foo/b": "baz2",
-			"/kbuild/file":     "file",
+			"/kaniko/file":     "file",
 		},
 		directory: "",
 		expectedFiles: []string{
 			"workspace/foo/a",
 			"workspace/foo/b",
-			"kbuild/file",
+			"kaniko/file",
 			"workspace",
 			"workspace/foo",
-			"kbuild",
+			"kaniko",
 			".",
 		},
 	},
--- a/run_in_docker.sh
+++ b/run_in_docker.sh
@ -15,13 +15,13 @@
 #!/bin/bash
 set -e

-if [ $# -ne 2 ];
-    then echo "Usage: run_in_docker.sh <context directory> <image tag>"
+if [ $# -ne 3 ];
+    then echo "Usage: run_in_docker.sh <path to Dockerfile> <context directory> <image tag>"
 fi

-
-context=$1
-tag=$2
+dockerfile=$1
+context=$2
+tag=$3

 if [[ ! -e $HOME/.config/gcloud/application_default_credentials.json ]]; then
    echo "Application Default Credentials do not exist. Run [gcloud auth application-default login] to configure them"
@ -31,5 +31,5 @@ fi
 docker run \
    -v $HOME/.config/gcloud:/root/.config/gcloud \
    -v ${context}:/workspace \
-    gcr.io/kbuild-project/executor:latest \
-    /kbuild/executor -d ${tag}
+    gcr.io/kaniko-project/executor:latest \
+    -f ${dockerfile} -d ${tag} -c /workspace/