loafle/tekton-hub
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
병준 박 2025-04-13 04:56:59 +00:00
parent b493675656
commit 98e136a291
1 changed files with 25 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
tasks/docker-registry/task.yaml
View File

@ -26,14 +26,16 @@ spec:
description: Build context path (relative to subdirectory) description: Build context path (relative to subdirectory)
type: string type: string
default: . default: .
- name: PYPI_USERNAME
description: Build context path (relative to subdirectory) - name: pypiUsername
description: PyPI username
type: string type: string
default: "gitops-bot" default: ""
- name: PYPI_PASSWORD
description: Build context path (relative to subdirectory) - name: pypiPassword
description: PyPI password
type: string type: string
default: "qwer5795QWER" default: ""
workspaces: workspaces:
- name: source - name: source
@ -42,14 +44,9 @@ spec:
- name: docker-auth - name: docker-auth
description: Docker registry credentials (username + password) description: Docker registry credentials (username + password)
- name: pypi-auth
description: PyPI credentials (username + password)
results: results:
- name: imageUrl - name: imageUrl
description: Final pushed image URL with tag (e.g. registry/app:v0.2.0) description: Final pushed image URL with tag (e.g. registry/app:v0.2.0)
- name: PYPI_USERNAME
- name: PYPI_PASSWORD
steps: steps:
- name: write-docker-config - name: write-docker-config
@ -85,29 +82,21 @@ spec:
EOF EOF
- name: kaniko-build - name: kaniko-build
image: docker.unbox-x.net/registry/tools/kaniko:v1.23.2-r1 image: gcr.io/kaniko-project/executor:v1.23.2
workingDir: /workspace/source workingDir: /workspace/source
script: | env:
#!/bin/bash - name: DOCKER_CONFIG
set -e value: /tekton/home/.docker
command:
if [[ -n "$(params.subdirectory)" ]]; then - /kaniko/executor
cd "$(params.subdirectory)" args:
fi - --dockerfile=$(params.subdirectory)/$(params.dockerfile)
- --context=$(params.subdirectory)/$(params.context)
PYPI_USERNAME=$(cat /workspace/pypi-auth/username) - --destination=$(params.imageName):$(params.tag)
PYPI_PASSWORD=$(cat /workspace/pypi-auth/password) - --skip-tls-verify
- --verbosity=info
/kaniko/executor \ - --reproducible
--dockerfile=$(params.dockerfile) \ - --build-arg
--context=$(params.context) \ - PYPI_USERNAME=$(params.pypiUsername)
--destination=$(params.imageName):$(params.tag) \ - --build-arg
--skip-tls-verify \ - PYPI_PASSWORD=$(params.pypiPassword)
--verbosity=info \
--reproducible \
--build-arg PYPI_USERNAME=$PYPI_USERNAME \
--build-arg PYPI_PASSWORD=$PYPI_PASSWORD
# 🔒 보안: 메모리에서 민감 정보 제거
unset PYPI_USERNAME
unset PYPI_PASSWORD