init
This commit is contained in:
parent
b8a89c4c3e
commit
d48f9cdabb
@ -6,58 +6,34 @@ spec:
|
|||||||
params:
|
params:
|
||||||
- name: subdirectory
|
- name: subdirectory
|
||||||
type: string
|
type: string
|
||||||
|
description: Subdirectory within the repo where the source code is located
|
||||||
default: ""
|
default: ""
|
||||||
description: Subdirectory within the repo where the Dockerfile/context reside
|
|
||||||
|
|
||||||
- name: imageName
|
- name: imageName
|
||||||
|
description: Base image name with registry
|
||||||
type: string
|
type: string
|
||||||
description: Full image name (e.g. docker.unbox-x.net/registry/my-app)
|
|
||||||
|
|
||||||
- name: tag
|
- name: tag
|
||||||
|
description: Version tag to apply to the image
|
||||||
type: string
|
type: string
|
||||||
description: Version tag (e.g. v1.0.0)
|
|
||||||
|
|
||||||
- name: dockerfile
|
- name: dockerfile
|
||||||
|
description: Path to Dockerfile
|
||||||
type: string
|
type: string
|
||||||
default: ./Dockerfile
|
default: ./Dockerfile
|
||||||
description: Path to Dockerfile (relative to subdirectory)
|
|
||||||
|
|
||||||
- name: context
|
- name: context
|
||||||
|
description: Build context path (relative to subdirectory)
|
||||||
type: string
|
type: string
|
||||||
default: .
|
default: .
|
||||||
description: Build context (relative to subdirectory)
|
|
||||||
|
|
||||||
workspaces:
|
workspaces:
|
||||||
- name: source
|
- name: source
|
||||||
description: Source code workspace
|
description: Source code workspace
|
||||||
|
|
||||||
- name: docker-auth
|
- name: docker-auth
|
||||||
description: Docker registry secret (username/password)
|
description: Docker registry credentials (username + password)
|
||||||
|
|
||||||
- name: pypi-auth
|
- name: pypi-auth
|
||||||
description: PyPI registry secret (username/password)
|
description: PyPI registry credentials (username + password)
|
||||||
|
|
||||||
results:
|
results:
|
||||||
- name: imageUrl
|
- name: imageUrl
|
||||||
description: Final pushed image URL with tag
|
description: Final pushed image URL with tag
|
||||||
|
|
||||||
volumes:
|
|
||||||
- name: env
|
|
||||||
emptyDir: {}
|
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: write-pypi-env
|
# 🔐 인증 정보 생성
|
||||||
image: alpine:3.21.3
|
|
||||||
script: |
|
|
||||||
#!/bin/sh
|
|
||||||
set -e
|
|
||||||
mkdir -p /custom-env
|
|
||||||
echo "PYPI_USERNAME=$(cat /workspace/pypi-auth/username)" > /custom-env/.env
|
|
||||||
echo "PYPI_PASSWORD=$(cat /workspace/pypi-auth/password)" >> /custom-env/.env
|
|
||||||
volumeMounts:
|
|
||||||
- name: env
|
|
||||||
mountPath: /custom-env
|
|
||||||
|
|
||||||
- name: write-docker-config
|
- name: write-docker-config
|
||||||
image: alpine:3.21.3
|
image: alpine:3.21.3
|
||||||
workingDir: /workspace/source
|
workingDir: /workspace/source
|
||||||
@ -74,8 +50,10 @@ spec:
|
|||||||
PASSWORD=$(cat /workspace/docker-auth/password)
|
PASSWORD=$(cat /workspace/docker-auth/password)
|
||||||
REGISTRY=$(echo "$IMAGE" | cut -d/ -f1)
|
REGISTRY=$(echo "$IMAGE" | cut -d/ -f1)
|
||||||
|
|
||||||
|
echo "📦 Using image: $IMAGE"
|
||||||
echo -n "$IMAGE" > /tekton/results/imageUrl
|
echo -n "$IMAGE" > /tekton/results/imageUrl
|
||||||
|
|
||||||
|
echo "🔐 Writing Docker config for $REGISTRY..."
|
||||||
mkdir -p /tekton/home/.docker
|
mkdir -p /tekton/home/.docker
|
||||||
cat > /tekton/home/.docker/config.json <<EOF
|
cat > /tekton/home/.docker/config.json <<EOF
|
||||||
{
|
{
|
||||||
@ -86,32 +64,33 @@ spec:
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
EOF
|
EOF
|
||||||
volumeMounts:
|
|
||||||
- name: env
|
|
||||||
mountPath: /custom-env
|
|
||||||
|
|
||||||
|
# PyPI 인증 정보 환경 변수 파일 생성
|
||||||
|
echo "🔐 Setting PyPI auth env..."
|
||||||
|
echo "PYPI_USERNAME=$(cat /workspace/pypi-auth/username)" > /tekton/home/pypi-auth.env
|
||||||
|
echo "PYPI_PASSWORD=$(cat /workspace/pypi-auth/password)" >> /tekton/home/pypi-auth.env
|
||||||
|
|
||||||
|
# 🏗️ Kaniko 공식 이미지 실행
|
||||||
- name: kaniko-build
|
- name: kaniko-build
|
||||||
image: gcr.io/kaniko-project/executor:v1.23.2
|
image: gcr.io/kaniko-project/executor:v1.23.2
|
||||||
workingDir: /workspace/source
|
workingDir: /workspace/source
|
||||||
command: ["/bin/sh"]
|
|
||||||
args:
|
|
||||||
- -c
|
|
||||||
- |
|
|
||||||
set -e
|
|
||||||
. /custom-env/.env
|
|
||||||
|
|
||||||
/kaniko/executor \
|
|
||||||
--dockerfile=$(params.subdirectory)/$(params.dockerfile) \
|
|
||||||
--context=$(params.subdirectory)/$(params.context) \
|
|
||||||
--destination=$(params.imageName):$(params.tag) \
|
|
||||||
--build-arg=PYPI_USERNAME=$PYPI_USERNAME \
|
|
||||||
--build-arg=PYPI_PASSWORD=$PYPI_PASSWORD \
|
|
||||||
--skip-tls-verify \
|
|
||||||
--reproducible \
|
|
||||||
--verbosity=info
|
|
||||||
env:
|
env:
|
||||||
- name: DOCKER_CONFIG
|
- name: DOCKER_CONFIG
|
||||||
value: /tekton/home/.docker
|
value: /tekton/home/.docker
|
||||||
volumeMounts:
|
script: |
|
||||||
- name: env
|
#!/bin/sh
|
||||||
mountPath: /custom-env
|
set -e
|
||||||
|
|
||||||
|
# PyPI 인증 정보 로드
|
||||||
|
source /tekton/home/pypi-auth.env
|
||||||
|
|
||||||
|
# Kaniko 빌드 실행
|
||||||
|
/kaniko/executor \
|
||||||
|
--dockerfile=$(params.subdirectory)/$(params.dockerfile) \
|
||||||
|
--context=$(params.subdirectory)/$(params.context) \
|
||||||
|
--destination=$(params.imageName):$(params.tag) \
|
||||||
|
--skip-tls-verify \
|
||||||
|
--reproducible \
|
||||||
|
--verbosity=info \
|
||||||
|
--build-arg=PYPI_USERNAME=$PYPI_USERNAME \
|
||||||
|
--build-arg=PYPI_PASSWORD=$PYPI_PASSWORD
|
||||||
Loading…
x
Reference in New Issue
Block a user