Skip to content

Commit

Permalink
Add GitLab CI credentials helper
Browse files Browse the repository at this point in the history
This simplifies usage of Kaniko in GitLab CI environments and
means that it's not longer necessary to manually cobble together
the config with the right values from the environment in
error-prone shell commands.
  • Loading branch information
ePirat committed Apr 10, 2022
1 parent 6c7d03a commit 4544efa
Show file tree
Hide file tree
Showing 7 changed files with 141 additions and 0 deletions.
4 changes: 4 additions & 0 deletions deploy/Dockerfile_debug
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,9 @@ RUN go install github.com/awslabs/amazon-ecr-credential-helper/ecr-login/cli/doc
# Get ACR docker env credential helper
RUN go install github.com/chrismellard/docker-credential-acr-env@09e2b5a8ac86c3ec347b2473e42b34367d8fa419

# Get GitLab CI env credential helper
RUN go install github.com/ePirat/docker-credential-gitlabci@10832279bfb8014babd85f3acef86600c59e09e4 # v1.0.0

# Add .docker config dir
RUN mkdir -p /kaniko/.docker

Expand All @@ -56,6 +59,7 @@ COPY --from=0 /src/out/warmer /kaniko/warmer
COPY --from=0 /usr/local/bin/docker-credential-gcr /kaniko/docker-credential-gcr
COPY --from=0 /usr/local/bin/docker-credential-ecr-login /kaniko/docker-credential-ecr-login
COPY --from=0 /usr/local/bin/docker-credential-acr-env /kaniko/docker-credential-acr-env
COPY --from=0 /usr/local/bin/docker-credential-gitlabci /kaniko/docker-credential-gitlabci
COPY --from=busybox:1.32.0 /bin /busybox
# Since busybox needs some lib files which lie in /lib directory to run the executables on s390x,
# the below COPY command is added to address "ld64.so.1 not found" issue. This extra copy action will not
Expand Down
1 change: 1 addition & 0 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@ require (
github.com/docker/go-metrics v0.0.1 // indirect
github.com/docker/go-units v0.4.0 // indirect
github.com/docker/swarmkit v1.12.1-0.20180726190244-7567d47988d8 // indirect
github.com/ePirat/docker-credential-gitlabci v1.0.0
github.com/emirpasic/gods v1.12.0 // indirect
github.com/fsnotify/fsnotify v1.5.1 // indirect
github.com/go-git/gcfg v1.5.0 // indirect
Expand Down
2 changes: 2 additions & 0 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -604,6 +604,8 @@ github.com/docker/swarmkit v1.12.1-0.20180726190244-7567d47988d8/go.mod h1:n3Z4l
github.com/docopt/docopt-go v0.0.0-20180111231733-ee0de3bc6815/go.mod h1:WwZ+bS3ebgob9U8Nd0kOddGdZWjyMGR8Wziv+TBNwSE=
github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
github.com/ePirat/docker-credential-gitlabci v1.0.0 h1:YRkUSvkON6rT88vtscClAmPEYWhtltGEAuRVYtz1/+Y=
github.com/ePirat/docker-credential-gitlabci v1.0.0/go.mod h1:Ptmh+D0lzBQtgb6+QHjXl9HqOn3T1P8fKUHldiSQQGA=
github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
Expand Down
2 changes: 2 additions & 0 deletions pkg/creds/creds.go
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ import (

ecr "github.com/awslabs/amazon-ecr-credential-helper/ecr-login"
"github.com/chrismellard/docker-credential-acr-env/pkg/credhelper"
gitlab "github.com/ePirat/docker-credential-gitlabci/pkg/credhelper"
"github.com/google/go-containerregistry/pkg/authn"
"github.com/google/go-containerregistry/pkg/v1/google"
)
Expand All @@ -32,5 +33,6 @@ func GetKeychain() authn.Keychain {
google.Keychain,
authn.NewKeychainFromHelper(ecr.NewECRHelper(ecr.WithLogger(ioutil.Discard))),
authn.NewKeychainFromHelper(credhelper.NewACRCredentialsHelper()),
authn.NewKeychainFromHelper(gitlab.NewGitLabCredentialsHelper()),
)
}
21 changes: 21 additions & 0 deletions vendor/github.com/ePirat/docker-credential-gitlabci/LICENSE

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

3 changes: 3 additions & 0 deletions vendor/modules.txt
Original file line number Diff line number Diff line change
Expand Up @@ -434,6 +434,9 @@ github.com/docker/swarmkit/log
github.com/docker/swarmkit/manager/raftselector
github.com/docker/swarmkit/protobuf/plugin
github.com/docker/swarmkit/protobuf/ptypes
# github.com/ePirat/docker-credential-gitlabci v1.0.0
## explicit; go 1.17
github.com/ePirat/docker-credential-gitlabci/pkg/credhelper
# github.com/emirpasic/gods v1.12.0
## explicit
github.com/emirpasic/gods/containers
Expand Down

0 comments on commit 4544efa

Please sign in to comment.