feat: allow setting --force-build-metadata flag for /kaniko/executor (#…

…102)

* support kaniko force-build-metadata flag

* add ForceBuildMetadata to Image struct in test

* update DOCS.md for force_build_metadata parameter

Co-authored-by: Neal <[email protected]>
Co-authored-by: Jordan Brockopp <[email protected]>

DOCS.md

@@ -210,33 +210,34 @@ steps:
 
 The following parameters are used to configure the image:
 
-| Name            | Description                                                        | Required | Default           | Environment Variables                                          |
-| --------------- | ------------------------------------------------------------------ | -------- | ----------------- | -------------------------------------------------------------- |
-| `auto_tag`      | enables automatic tagging of images (tag or sha, and `latest`)     | `false`  | `false`           | `PARAMETER_AUTO_TAG`<br>`KANIKO_AUTO_TAG`                      |
-| `build_args`    | variables passed to image at build-time                            | `false`  | `N/A`             | `PARAMETER_BUILD_ARGS`<br>`KANIKO_BUILD_ARGS`                  |
-| `cache`         | enable caching of image layers                                     | `false`  | `false`           | `PARAMETER_CACHE`<br>`KANIKO_CACHE`                            |
-| `cache_repo`    | specific repo to enable caching for                                | `false`  | `N/A`             | `PARAMETER_CACHE_REPO`<br>`KANIKO_CACHE_REPO`                  |
-| `context`       | path to context for building the image                             | `true`   | `.`               | `PARAMETER_CONTEXT`<br>`KANIKO_CONTEXT`                        |
-| `dockerfile`    | path to the file for building the image                            | `true`   | `Dockerfile`      | `PARAMETER_DOCKERFILE`<br>`KANIKO_DOCKERFILE`                  |
-| `dry_run`       | enable building the image without publishing                       | `false`  | `false`           | `PARAMETER_DRY_RUN`<br>`KANIKO_DRY_RUN`                        |
-| `event`         | event generated for build                                          | `true`   | **set by Vela**   | `PARAMETER_EVENT`<br>`KANIKO_EVENT`<br>`VELA_BUILD_EVENT`      |
-| `labels`        | unique labels to add to the image                                  | `false`  | `N/A`             | `PARAMETER_LABELS`<br>`KANIKO_LABELS`                          |
-| `log_level`     | set the log level for the plugin                                   | `true`   | `info`            | `PARAMETER_LOG_LEVEL`<br>`KANIKO_LOG_LEVEL`                    |
-| `mirror`        | name of the mirror registry to use                                 | `false`  | `N/A`             | `PARAMETER_MIRROR`<br>`KANIKO_MIRROR`                          |
-| `password`      | password for communication with the registry                       | `true`   | `N/A`             | `PARAMETER_PASSWORD`<br>`KANIKO_PASSWORD`<br>`DOCKER_PASSWORD` |
-| `push_retry`    | number of retries for pushing an image to a remote destination     | `false`  | `0`               | `PARAMETER_PUSH_RETRY`<br>`KANIKO_PUSH_RETRY`                  |
-| `registry`      | name of the registry for the repository                            | `true`   | `index.docker.io` | `PARAMETER_REGISTRY`<br>`KANIKO_REGISTRY`                      |
-| `repo`          | name of the repository for the image                               | `true`   | `N/A`             | `PARAMETER_REPO`<br>`KANIKO_REPO`                              |
-| `sha`           | SHA-1 hash generated for commit                                    | `true`   | **set by Vela**   | `PARAMETER_SHA`<br>`KANIKO_SHA`<br>`VELA_BUILD_COMMIT`         |
-| `snapshot_mode` | control how to snapshot the filesystem. - options (full|redo|time) | `false`  | `N/A`             | `PARAMETER_SNAPSHOT_MODE`<br>`KANIKO_SNAPSHOT_MODE`            |
-| `tag`           | tag generated for build                                            | `false`  | **set by Vela**   | `PARAMETER_TAG`<br>`KANIKO_TAG`<br>`VELA_BUILD_TAG`            |
-| `tags`          | unique tags of the image                                           | `true`   | `latest`          | `PARAMETER_TAGS`<br>`KANIKO_TAGS`                              |
-| `target`        | set the target build stage for the image                           | `false`  | `N/A`             | `PARAMETER_TARGET`<br>`KANIKO_TARGET`                          |
-| `username`      | user name for communication with the registry                      | `true`   | `N/A`             | `PARAMETER_USERNAME`<br>`KANIKO_USERNAME`<br>`DOCKER_USERNAME` |
-| `custom_platform`     | set the custom platform for the image                        | `false`  | `N/A`             | `PARAMETER_CUSTOM_PLATFORM`<br>`KANIKO_CUSTOM_PLATFORM`        |
-| `insecure_registries` | insecure docker registries to push or pull to/from           | `false`  | `empty slice`     | `PARAMETER_INSECURE_REGISTRIES`<br>`KANIKO_INSECURE_REGISTRIES`|
-| `insecure_pull`       | enable pulling from any insecure registry                    | `false`  | `false`           | `PARAMETER_INSECURE_PULL`<br>`KANIKO_INSECURE_PULL`            |
-| `insecure_push`       | enable pushing to any insecure registry                      | `false`  | `false`           | `PARAMETER_INSECURE_PUSH`<br>`KANIKO_INSECURE_PUSH`            |
+| Name                   | Description                                                        | Required | Default           | Environment Variables                                             |
+| ---------------------- | ------------------------------------------------------------------ | -------- | ----------------- | ----------------------------------------------------------------- |
+| `auto_tag`             | enables automatic tagging of images (tag or sha, and `latest`)     | `false`  | `false`           | `PARAMETER_AUTO_TAG`<br>`KANIKO_AUTO_TAG`                         |
+| `build_args`           | variables passed to image at build-time                            | `false`  | `N/A`             | `PARAMETER_BUILD_ARGS`<br>`KANIKO_BUILD_ARGS`                     |
+| `cache`                | enable caching of image layers                                     | `false`  | `false`           | `PARAMETER_CACHE`<br>`KANIKO_CACHE`                               |
+| `cache_repo`           | specific repo to enable caching for                                | `false`  | `N/A`             | `PARAMETER_CACHE_REPO`<br>`KANIKO_CACHE_REPO`                     |
+| `context`              | path to context for building the image                             | `true`   | `.`               | `PARAMETER_CONTEXT`<br>`KANIKO_CONTEXT`                           |
+| `dockerfile`           | path to the file for building the image                            | `true`   | `Dockerfile`      | `PARAMETER_DOCKERFILE`<br>`KANIKO_DOCKERFILE`                     |
+| `dry_run`              | enable building the image without publishing                       | `false`  | `false`           | `PARAMETER_DRY_RUN`<br>`KANIKO_DRY_RUN`                           |
+| `event`                | event generated for build                                          | `true`   | **set by Vela**   | `PARAMETER_EVENT`<br>`KANIKO_EVENT`<br>`VELA_BUILD_EVENT`         |
+| `force_build_metadata` | enable force adding metadata layers to build image                 | `false`  | `false`           | `PARAMETER_FORCE_BUILD_METADATA`<br>`KANIKO_FORCE_BUILD_METADATA` |
+| `labels`               | unique labels to add to the image                                  | `false`  | `N/A`             | `PARAMETER_LABELS`<br>`KANIKO_LABELS`                             |
+| `log_level`            | set the log level for the plugin                                   | `true`   | `info`            | `PARAMETER_LOG_LEVEL`<br>`KANIKO_LOG_LEVEL`                       |
+| `mirror`               | name of the mirror registry to use                                 | `false`  | `N/A`             | `PARAMETER_MIRROR`<br>`KANIKO_MIRROR`                             |
+| `password`             | password for communication with the registry                       | `true`   | `N/A`             | `PARAMETER_PASSWORD`<br>`KANIKO_PASSWORD`<br>`DOCKER_PASSWORD`    |
+| `push_retry`           | number of retries for pushing an image to a remote destination     | `false`  | `0`               | `PARAMETER_PUSH_RETRY`<br>`KANIKO_PUSH_RETRY`                     |
+| `registry`             | name of the registry for the repository                            | `true`   | `index.docker.io` | `PARAMETER_REGISTRY`<br>`KANIKO_REGISTRY`                         |
+| `repo`                 | name of the repository for the image                               | `true`   | `N/A`             | `PARAMETER_REPO`<br>`KANIKO_REPO`                                 |
+| `sha`                  | SHA-1 hash generated for commit                                    | `true`   | **set by Vela**   | `PARAMETER_SHA`<br>`KANIKO_SHA`<br>`VELA_BUILD_COMMIT`            |
+| `snapshot_mode`        | control how to snapshot the filesystem. - options (full|redo|time) | `false`  | `N/A`             | `PARAMETER_SNAPSHOT_MODE`<br>`KANIKO_SNAPSHOT_MODE`               |
+| `tag`                  | tag generated for build                                            | `false`  | **set by Vela**   | `PARAMETER_TAG`<br>`KANIKO_TAG`<br>`VELA_BUILD_TAG`               |
+| `tags`                 | unique tags of the image                                           | `true`   | `latest`          | `PARAMETER_TAGS`<br>`KANIKO_TAGS`                                 |
+| `target`               | set the target build stage for the image                           | `false`  | `N/A`             | `PARAMETER_TARGET`<br>`KANIKO_TARGET`                             |
+| `username`             | user name for communication with the registry                      | `true`   | `N/A`             | `PARAMETER_USERNAME`<br>`KANIKO_USERNAME`<br>`DOCKER_USERNAME`    |
+| `custom_platform`     | set the custom platform for the image                               | `false`  | `N/A`             | `PARAMETER_CUSTOM_PLATFORM`<br>`KANIKO_CUSTOM_PLATFORM`           |
+| `insecure_registries` | insecure docker registries to push or pull to/from                  | `false`  | `empty slice`     | `PARAMETER_INSECURE_REGISTRIES`<br>`KANIKO_INSECURE_REGISTRIES`   |
+| `insecure_pull`       | enable pulling from any insecure registry                           | `false`  | `false`           | `PARAMETER_INSECURE_PULL`<br>`KANIKO_INSECURE_PULL`               |
+| `insecure_push`       | enable pushing to any insecure registry                             | `false`  | `false`           | `PARAMETER_INSECURE_PUSH`<br>`KANIKO_INSECURE_PUSH`               |
 
 ## Template
 

cmd/vela-kaniko/image.go

@@ -20,6 +20,8 @@ type Image struct {
 	Dockerfile string
 	// build stage to target for image
 	Target string
+	// enable force adding metadata layers to build image
+	ForceBuildMetadata bool
 	// custom platform for image
 	CustomPlatform string
 }

cmd/vela-kaniko/image_test.go

@@ -9,10 +9,11 @@ import "testing"
 func TestDocker_Image_Validate(t *testing.T) {
 	// setup types
 	i := &Image{
-		Args:       []string{},
-		Context:    ".",
-		Dockerfile: "Dockerfile",
-		Target:     "",
+		Args:               []string{},
+		Context:            ".",
+		Dockerfile:         "Dockerfile",
+		Target:             "",
+		ForceBuildMetadata: false,
 	}
 
 	err := i.Validate()

cmd/vela-kaniko/main.go

@@ -122,6 +122,12 @@ func main() {
 			Name:     "image.target",
 			Usage:    "build stage to target for image",
 		},
+		&cli.StringFlag{
+			EnvVars:  []string{"PARAMETER_FORCE_BUILD_METADATA", "KANIKO_FORCE_BUILD_METADATA"},
+			FilePath: "/vela/parameters/kaniko/force_build_metadata,/vela/secrets/kaniko/force_build_metadata",
+			Name:     "image.force_build_metadata",
+			Usage:    "enables force adding metadata layers to build image",
+		},
 		&cli.StringFlag{
 			EnvVars:  []string{"PARAMETER_CUSTOM_PLATFORM", "KANIKO_CUSTOM_PLATFORM"},
 			FilePath: "/vela/parameters/kaniko/custom_platform,/vela/secrets/kaniko/custom_platform",
@@ -300,11 +306,12 @@ func run(c *cli.Context) error {
 		},
 		// image configuration
 		Image: &Image{
-			Args:           c.StringSlice("image.build_args"),
-			Context:        c.String("image.context"),
-			Dockerfile:     c.String("image.dockerfile"),
-			Target:         c.String("image.target"),
-			CustomPlatform: c.String("image.custom_platform"),
+			Args:               c.StringSlice("image.build_args"),
+			Context:            c.String("image.context"),
+			Dockerfile:         c.String("image.dockerfile"),
+			Target:             c.String("image.target"),
+			ForceBuildMetadata: c.Bool("image.force_build_metadata"),
+			CustomPlatform:     c.String("image.custom_platform"),
 		},
 		// registry configuration
 		Registry: &Registry{

cmd/vela-kaniko/plugin.go

@@ -130,6 +130,11 @@ func (p *Plugin) Command() *exec.Cmd {
 		flags = append(flags, fmt.Sprintf("--target=%s", p.Image.Target))
 	}
 
+	// check if forcebuildmetadata is set
+	if p.Image.ForceBuildMetadata {
+		flags = append(flags, "--force-build-metadata")
+	}
+
 	// check if image custom platform is set
 	if len(p.Image.CustomPlatform) > 0 {
 		// add requested customPlatform flag