Generate the config.json from gcloud rather than relying on a hardcoded one. (#551)

marketplace.gcr.io now requires auth, but our credential helper doesn't know that.

deploy/Dockerfile

@@ -17,8 +17,9 @@
 FROM golang:1.10
 WORKDIR /go/src/github.com/GoogleContainerTools/kaniko
 # Get GCR credential helper
-ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v1.4.3-static/docker-credential-gcr_linux_amd64-1.4.3.tar.gz /usr/local/bin/
-RUN tar -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-1.4.3.tar.gz
+ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v1.5.0/docker-credential-gcr_linux_amd64-1.5.0.tar.gz /usr/local/bin/
+RUN tar -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-1.5.0.tar.gz
+RUN docker-credential-gcr configure-docker
 # Get Amazon ECR credential helper
 RUN go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login
 RUN make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper linux-amd64
@@ -31,7 +32,7 @@ COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/executor /kanik
 COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr
 COPY --from=0 /go/src/github.com/awslabs/amazon-ecr-credential-helper/bin/linux-amd64/docker-credential-ecr-login /kaniko/docker-credential-ecr-login
 COPY files/ca-certificates.crt /kaniko/ssl/certs/
-COPY files/config.json /kaniko/.docker/
+COPY --from=0 /root/.docker/config.json /kaniko/.docker/config.json
 ENV HOME /root
 ENV USER /root
 ENV PATH /usr/local/bin:/kaniko

deploy/Dockerfile_debug

@@ -18,8 +18,9 @@
 FROM golang:1.10
 WORKDIR /go/src/github.com/GoogleContainerTools/kaniko
 # Get GCR credential helper
-ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v1.4.3-static/docker-credential-gcr_linux_amd64-1.4.3.tar.gz /usr/local/bin/
-RUN tar -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-1.4.3.tar.gz
+ADD https://github.com/GoogleCloudPlatform/docker-credential-gcr/releases/download/v1.5.0/docker-credential-gcr_linux_amd64-1.5.0.tar.gz /usr/local/bin/
+RUN tar -C /usr/local/bin/ -xvzf /usr/local/bin/docker-credential-gcr_linux_amd64-1.5.0.tar.gz
+RUN docker-credential-gcr configure-docker
 # Get Amazon ECR credential helper
 RUN go get -u github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/docker-credential-ecr-login
 RUN make -C /go/src/github.com/awslabs/amazon-ecr-credential-helper linux-amd64 
@@ -41,7 +42,7 @@ COPY --from=1 /distroless/bazel-genfiles/experimental/busybox/busybox/ /busybox/
 # Declare /busybox as a volume to get it automatically whitelisted
 VOLUME /busybox
 COPY files/ca-certificates.crt /kaniko/ssl/certs/
-COPY files/config.json /kaniko/.docker/
+COPY --from=0 /root/.docker/config.json /kaniko/.docker/config.json
 ENV HOME /root
 ENV USER /root
 ENV PATH /usr/local/bin:/kaniko:/busybox

deploy/Dockerfile_warmer

@@ -22,7 +22,6 @@ RUN make out/warmer
 FROM scratch
 COPY --from=0 /go/src/github.com/GoogleContainerTools/kaniko/out/warmer /kaniko/warmer
 COPY files/ca-certificates.crt /kaniko/ssl/certs/
-COPY files/config.json /kaniko/.docker/
 ENV HOME /root
 ENV USER /root
 ENV PATH /usr/local/bin:/kaniko

files/config.json

@@ -1,12 +0,0 @@
-{
-	"auths": {
-	},
-	"credHelpers": {
-		"appengine.gcr.io": "gcr",
-		"asia.gcr.io": "gcr",
-		"eu.gcr.io": "gcr",
-		"gcr.io": "gcr",
-		"gcr.kubernetes.io": "gcr",
-		"us.gcr.io": "gcr"
-	}
-}

integration/dockerfiles/Dockerfile_onbuild_base

@@ -1,4 +1,4 @@
-FROM gcr.io/google-appengine/debian9@sha256:1d6a9a6d106bd795098f60f4abb7083626354fa6735e81743c7f8cfca11259f0
+FROM marketplace.gcr.io/google/ubuntu1804@sha256:4649ae6b381090fba6db38137eb05e03f44bf43c40149f734241c9f96aa0e001
 ENV dir /tmp/dir/
 ONBUILD RUN echo "onbuild" > /tmp/onbuild
 ONBUILD RUN  mkdir $dir

integration/images.go

@@ -165,10 +165,10 @@ func (d *DockerFileBuilder) BuildImage(imageRepo, gcsBucket, dockerfilesPath, do
 	)
 
 	timer := timing.Start(dockerfile + "_docker")
-	_, err := RunCommandWithoutTest(dockerCmd)
+	out, err := RunCommandWithoutTest(dockerCmd)
 	timing.DefaultRun.Stop(timer)
 	if err != nil {
-		return fmt.Errorf("Failed to build image %s with docker command \"%s\": %s", dockerImage, dockerCmd.Args, err)
+		return fmt.Errorf("Failed to build image %s with docker command \"%s\": %s %s", dockerImage, dockerCmd.Args, err, string(out))
 	}
 
 	contextFlag := "-c"
@@ -219,10 +219,10 @@ func (d *DockerFileBuilder) BuildImage(imageRepo, gcsBucket, dockerfilesPath, do
 	)
 
 	timer = timing.Start(dockerfile + "_kaniko")
-	_, err = RunCommandWithoutTest(kanikoCmd)
+	out, err = RunCommandWithoutTest(kanikoCmd)
 	timing.DefaultRun.Stop(timer)
 	if err != nil {
-		return fmt.Errorf("Failed to build image %s with kaniko command \"%s\": %s", dockerImage, kanikoCmd.Args, err)
+		return fmt.Errorf("Failed to build image %s with kaniko command \"%s\": %s %s", dockerImage, kanikoCmd.Args, err, string(out))
 	}
 
 	d.FilesBuilt[dockerfile] = true

integration/integration_test.go

@@ -175,8 +175,9 @@ func TestMain(m *testing.M) {
 	for _, setupCmd := range setupCommands {
 		fmt.Println(setupCmd.name)
 		cmd := exec.Command(setupCmd.command[0], setupCmd.command[1:]...)
-		if _, err := RunCommandWithoutTest(cmd); err != nil {
+		if out, err := RunCommandWithoutTest(cmd); err != nil {
 			fmt.Printf("%s failed: %s", setupCmd.name, err)
+			fmt.Println(string(out))
 			os.Exit(1)
 		}
 	}