105 lines
2.8 KiB
YAML
105 lines
2.8 KiB
YAML
apiVersion: tekton.dev/v1
|
|
kind: Task
|
|
metadata:
|
|
name: docker-registry
|
|
spec:
|
|
params:
|
|
- name: subdirectory
|
|
type: string
|
|
description: Subdirectory within the repo where the source code is located
|
|
default: ""
|
|
|
|
- name: imageName
|
|
description: Base image name with registry (e.g. docker.unbox-x.net/registry/unbox-x-aisi-cron-app)
|
|
type: string
|
|
|
|
- name: tag
|
|
description: Version tag to apply to the image (e.g. v0.2.0)
|
|
type: string
|
|
|
|
- name: dockerfile
|
|
description: Path to Dockerfile
|
|
type: string
|
|
default: ./Dockerfile
|
|
|
|
- name: context
|
|
description: Build context path (relative to subdirectory)
|
|
type: string
|
|
default: .
|
|
|
|
workspaces:
|
|
- name: source
|
|
description: Source code workspace
|
|
|
|
- name: docker-auth
|
|
description: Docker registry credentials (username + password)
|
|
|
|
- name: pypi-auth
|
|
description: PyPI credentials (username + password)
|
|
|
|
results:
|
|
- name: imageUrl
|
|
description: Final pushed image URL with tag (e.g. registry/app:v0.2.0)
|
|
|
|
steps:
|
|
- name: write-docker-config
|
|
image: alpine:3.21.3
|
|
workingDir: /workspace/source
|
|
script: |
|
|
#!/bin/sh
|
|
set -e
|
|
|
|
if [ -n "$(params.subdirectory)" ]; then
|
|
cd "$(params.subdirectory)"
|
|
fi
|
|
|
|
IMAGE="$(params.imageName):$(params.tag)"
|
|
USERNAME=$(cat /workspace/docker-auth/username)
|
|
PASSWORD=$(cat /workspace/docker-auth/password)
|
|
REGISTRY=$(echo "$IMAGE" | cut -d/ -f1)
|
|
AUTH=$(echo -n "$USERNAME:$PASSWORD" | base64)
|
|
|
|
echo "📦 Using image: $IMAGE"
|
|
echo -n "$IMAGE" > /tekton/results/imageUrl
|
|
|
|
echo "🔐 Writing Docker config for $REGISTRY..."
|
|
mkdir -p /tekton/home/.docker
|
|
cat <<EOF > /tekton/home/.docker/config.json
|
|
{
|
|
"auths": {
|
|
"$REGISTRY": {
|
|
"auth": "$AUTH"
|
|
}
|
|
}
|
|
}
|
|
EOF
|
|
|
|
- name: kaniko-build
|
|
image: bitnami/kaniko:1.23.2
|
|
workingDir: /workspace/source
|
|
env:
|
|
- name: DOCKER_CONFIG
|
|
value: /tekton/home/.docker
|
|
- name: PYPI_USERNAME
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: pypi-secret
|
|
key: username
|
|
- name: PYPI_PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: pypi-secret
|
|
key: password
|
|
command:
|
|
- /kaniko/executor
|
|
args:
|
|
- --dockerfile=$(params.subdirectory)/$(params.dockerfile)
|
|
- --context=$(params.subdirectory)/$(params.context)
|
|
- --destination=$(params.imageName):$(params.tag)
|
|
- --skip-tls-verify
|
|
- --reproducible
|
|
- --verbosity=info
|
|
- --build-arg=PYPI_USERNAME=$(PYPI_USERNAME)
|
|
- --build-arg=PYPI_PASSWORD=$(PYPI_PASSWORD)
|
|
|