96 lines
2.9 KiB
YAML
96 lines
2.9 KiB
YAML
apiVersion: tekton.dev/v1
|
|
kind: Task
|
|
metadata:
|
|
name: docker-registry
|
|
spec:
|
|
params:
|
|
- name: subdirectory
|
|
type: string
|
|
description: Subdirectory within the repo where the source code is located
|
|
default: ""
|
|
- name: imageName
|
|
description: Base image name with registry
|
|
type: string
|
|
- name: tag
|
|
description: Version tag to apply to the image
|
|
type: string
|
|
- name: dockerfile
|
|
description: Path to Dockerfile
|
|
type: string
|
|
default: ./Dockerfile
|
|
- name: context
|
|
description: Build context path (relative to subdirectory)
|
|
type: string
|
|
default: .
|
|
workspaces:
|
|
- name: source
|
|
description: Source code workspace
|
|
- name: docker-auth
|
|
description: Docker registry credentials (username + password)
|
|
- name: pypi-auth
|
|
description: PyPI registry credentials (username + password)
|
|
results:
|
|
- name: imageUrl
|
|
description: Final pushed image URL with tag
|
|
steps:
|
|
# 🔐 인증 정보 생성
|
|
- name: write-docker-config
|
|
image: alpine:3.21.3
|
|
workingDir: /workspace/source
|
|
script: |
|
|
#!/bin/sh
|
|
set -e
|
|
|
|
if [ -n "$(params.subdirectory)" ]; then
|
|
cd "$(params.subdirectory)"
|
|
fi
|
|
|
|
IMAGE="$(params.imageName):$(params.tag)"
|
|
USERNAME=$(cat /workspace/docker-auth/username)
|
|
PASSWORD=$(cat /workspace/docker-auth/password)
|
|
REGISTRY=$(echo "$IMAGE" | cut -d/ -f1)
|
|
|
|
echo "📦 Using image: $IMAGE"
|
|
echo -n "$IMAGE" > /tekton/results/imageUrl
|
|
|
|
echo "🔐 Writing Docker config for $REGISTRY..."
|
|
mkdir -p /tekton/home/.docker
|
|
cat > /tekton/home/.docker/config.json <<EOF
|
|
{
|
|
"auths": {
|
|
"$REGISTRY": {
|
|
"auth": "$(echo -n "$USERNAME:$PASSWORD" | base64)"
|
|
}
|
|
}
|
|
}
|
|
EOF
|
|
|
|
# PyPI 인증 정보 환경 변수 파일 생성
|
|
echo "🔐 Setting PyPI auth env..."
|
|
echo "PYPI_USERNAME=$(cat /workspace/pypi-auth/username)" > /tekton/home/pypi-auth.env
|
|
echo "PYPI_PASSWORD=$(cat /workspace/pypi-auth/password)" >> /tekton/home/pypi-auth.env
|
|
|
|
# 🏗️ Kaniko 공식 이미지 실행
|
|
- name: kaniko-build
|
|
image: gcr.io/kaniko-project/executor:v1.23.2
|
|
workingDir: /workspace/source
|
|
env:
|
|
- name: DOCKER_CONFIG
|
|
value: /tekton/home/.docker
|
|
script: |
|
|
#!/bin/sh
|
|
set -e
|
|
|
|
# PyPI 인증 정보 로드
|
|
source /tekton/home/pypi-auth.env
|
|
|
|
# Kaniko 빌드 실행
|
|
/kaniko/executor \
|
|
--dockerfile=$(params.subdirectory)/$(params.dockerfile) \
|
|
--context=$(params.subdirectory)/$(params.context) \
|
|
--destination=$(params.imageName):$(params.tag) \
|
|
--skip-tls-verify \
|
|
--reproducible \
|
|
--verbosity=info \
|
|
--build-arg=PYPI_USERNAME=$PYPI_USERNAME \
|
|
--build-arg=PYPI_PASSWORD=$PYPI_PASSWORD |