Merge remote-tracking branch 'upstream/master' into opts

Signed-off-by: Carlos Alexandro Becker <caarlos0@gmail.com>
2020-06-24 15:10:05 -03:00 · 2020-06-24 15:10:05 -03:00 · f744acfbb7
parent 57c2df4d97 cdbd8af057
commit f744acfbb7
3 changed files with 16 additions and 11 deletions
--- a/README.md
+++ b/README.md
@ -197,7 +197,7 @@ Complete example of how to interactively run kaniko with `.tar.gz` Standard Inpu
 echo -e 'FROM alpine \nRUN echo "created from standard input"' > Dockerfile | tar -cf - Dockerfile | gzip -9 | kubectl run kaniko \
 --rm --stdin=true \
 --image=gcr.io/kaniko-project/executor:latest --restart=Never \
--overrides='{ 
+--overrides='{
  "apiVersion": "v1",
  "spec": {
    "containers": [
@ -211,12 +211,12 @@ echo -e 'FROM alpine \nRUN echo "created from standard input"' > Dockerfile | ta
  	"--context=tar://stdin",
  	"--destination=gcr.io/my-repo/my-image" ],
      "volumeMounts": [
-        { 
+        {
          "name": "cabundle",
          "mountPath": "/kaniko/ssl/certs/"
        },
-        { 
+        {
-          "name": "docker-config", 
+          "name": "docker-config",
          "mountPath": "/kaniko/.docker/"
      }]
    }],
@ -225,9 +225,9 @@ echo -e 'FROM alpine \nRUN echo "created from standard input"' > Dockerfile | ta
      "name": "cabundle",
      "configMap": {
        "name": "cabundle"}},
-    { 
+    {
      "name": "docker-config",
-      "configMap": { 
+      "configMap": {
        "name": "docker-config" }}
    ]
  }
@ -613,7 +613,7 @@ Set this flag as `--log-format=<text|color|json>` to set the log format. Default
 #### --log-timestamp
-Set this flag as `--log-format=<true|false>` to add timestamps to `<text|color>` log format. Defaults to `false`.
+Set this flag as `--log-timestamp=<true|false>` to add timestamps to `<text|color>` log format. Defaults to `false`.
 #### --whitelist-var-run
--- a/pkg/executor/push.go
+++ b/pkg/executor/push.go
@ -105,19 +105,20 @@ func CheckPushPermissions(opts *config.KanikoOptions) error {
 			continue
 		}
 		registryName := destRef.Repository.Registry.Name()
 		// Historically kaniko was pre-configured by default with gcr credential helper,
 		// in here we keep the backwards compatibility by enabling the GCR helper only
-		// when gcr.io is in one of the destinations.
+		// when gcr.io (or pkg.dev) is in one of the destinations.
-		if strings.Contains(destRef.RegistryStr(), "gcr.io") {
+		if registryName == "gcr.io" || strings.HasSuffix(registryName, ".gcr.io") || strings.HasSuffix(registryName, ".pkg.dev") {
 			// Checking for existence of docker.config as it's normally required for
 			// authenticated registries and prevent overwriting user provided docker conf
 			if _, err := fs.Stat(DockerConfLocation()); os.IsNotExist(err) {
-				if err := execCommand("docker-credential-gcr", "configure-docker").Run(); err != nil {
+				flags := fmt.Sprintf("--registries=%s", registryName)
 				if err := execCommand("docker-credential-gcr", "configure-docker", flags).Run(); err != nil {
 					return errors.Wrap(err, "error while configuring docker-credential-gcr helper")
 				}
 			}
 		}
 		registryName := destRef.Repository.Registry.Name()
 		if opts.Insecure || opts.InsecureRegistries.Contains(registryName) {
 			newReg, err := name.NewRegistry(registryName, name.WeakValidation, name.Insecure)
 			if err != nil {
--- a/pkg/executor/push_test.go
+++ b/pkg/executor/push_test.go
@ -299,8 +299,12 @@ func TestCheckPushPermissions(t *testing.T) {
 	}{
 		{"gcr.io/test-image", true, false},
 		{"gcr.io/test-image", false, true},
 		{"us-docker.pkg.dev/test-image", true, false},
 		{"us-docker.pkg.dev/test-image", false, true},
 		{"localhost:5000/test-image", false, false},
 		{"localhost:5000/test-image", false, true},
 		{"notgcr.io/test-image", false, false},
 		{"notgcr.io/test-image", false, true},
 	}
 	execCommand = fakeExecCommand