From 9395bf30a3f88c22e9a219f53c73262a9698cacb Mon Sep 17 00:00:00 2001
From: "Guillaume B.B. Van Hemmen" <GuillaumeHemmen@noreply.git.van-hemmen.com>
Date: Mon, 19 May 2025 10:18:03 +0000
Subject: [PATCH] #2 - Update Kaniko configuration and document environment
variables (#3)
This PR closes #2 - Revised the Kaniko build setup to include a container image, updated mandatory and optional environment variables, and provided examples for fine-tuning options. Expanded the README with a detailed table explaining each variable's purpose and requirements.
Reviewed-on: https://git.van-hemmen.com/actions/kaniko/pulls/3
Co-authored-by: Guillaume B.B. Van Hemmen <GuillaumeHemmen@noreply.git.van-hemmen.com>
Co-committed-by: Guillaume B.B. Van Hemmen <GuillaumeHemmen@noreply.git.van-hemmen.com>
---
README.md | 45 ++++++++++++++++++++++++++++++++++++---------
1 file changed, 36 insertions(+), 9 deletions(-)
diff --git a/README.md b/README.md
index 8e9e038..c31fdab 100644
--- a/README.md
+++ b/README.md
@@ -40,15 +40,42 @@ on:
jobs:
build:
runs-on: docker
+ container:
+ image: git.van-hemmen.com/actions/kaniko:latest
steps:
-
- name: Build & push with Kaniko
- uses: actions/kaniko@v1
env:
- # ✍️ Fill these placeholders
- REGISTRY: ghcr.io
- IMAGE_NAME: myorg/myapp
- IMAGE_TAG: ${{ github.sha }}
- # Optional authentication variables...
- # REGISTRY_USERNAME: ${{ secrets.REGISTRY_USERNAME }}
- # REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }}
+ # --- mandatory --------------------------------------------------------
+ KANIKO_CONTEXT: git://git.van-hemmen.com/actions/kaniko.git
+ GITHUB_REF_NAME: ${{ github.ref_name }}
+ GIT_USERNAME: ${{ secrets.GIT_USERNAME }}
+ GIT_PASSWORD: ${{ secrets.GIT_PASSWORD }}
+
+ # --- optional (only needed when you plan to push) ---------------------
+ REGISTRY_HOST: ghcr.io
+ REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
+ REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }}
+ KANIKO_DESTINATION: ghcr.io/myorg/myapp:${{ github.sha }}
+
+ # --- fine-tuning ------------------------------------------------------
+ KANIKO_DOCKERFILE: ./Dockerfile
+ KANIKO_VERBOSITY: info
+
+```
+
+## Environment variables
+
+| Variable | Required | Purpose | Example value |
+|----------|----------|---------|----------------------------------------------------------------|
+| `KANIKO_CONTEXT` | **Yes** | Build context (`git://`). | `git://git.van-hemmen.com/actions/kaniko.git` |
+| `GITHUB_REF_NAME` | **Yes** | Branch or tag that is being built. | `${{ github.ref_name }}` |
+| `GIT_USERNAME` | **Yes** | Username with access to `KANIKO_CONTEXT` when it is private. | `${{ secrets.GIT_USERNAME }}` |
+| `GIT_PASSWORD` | **Yes** | Token/password paired with `GIT_USERNAME`. | `${{ secrets.GIT_PASSWORD }}` |
+| `REGISTRY_HOST` | No (default `git.van-hemmen.com`) | Target registry hostname. | `ghcr.io` |
+| `REGISTRY_USER` | No* | Registry username. Enables push only if **both** `REGISTRY_USER` and `REGISTRY_PASS` are set. | `${{ secrets.REGISTRY_USER }}` |
+| `REGISTRY_PASS` | No* | Registry password/token. | `${{ secrets.REGISTRY_PASS }}` |
+| `KANIKO_DESTINATION` | No | Comma-separated list of image references to push (variables like `${{ github.sha }}` are expanded). | `ghcr.io/myorg/app:${{ github.sha }},ghcr.io/myorg/app:latest` |
+| `KANIKO_DOCKERFILE` | No (default `./Dockerfile`) | Path to the Dockerfile relative to the context. | `./docker/Dockerfile.alpine` |
+| `KANIKO_VERBOSITY` | No (default `info`) | Log level (`trace`, `debug`, `info`, `warn`, `error`, `fatal`, `panic`). | `debug` |
+
+\* `REGISTRY_USER` / `REGISTRY_PASS` are only needed when the registry requires authentication.