actions/kaniko
actions/kaniko
1
0
Fork 0
Code Issues Pull requests Releases Packages1 Activity Actions
kaniko/README.md
Guillaume B.B. Van Hemmen 503ef5c8df Update variable name from GITHUB_REF_NAME to GIT_REF_NAME 
Standardize the environment variable naming for consistency across documentation and scripts. Updated all references in README.md and build.sh, ensuring functionality remains intact.
2025-05-19 13:21:19 +02:00

81 lines
3.8 KiB
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# kaniko (action)
![CI](https://git.van-hemmen.com/actions/kaniko/actions)
![License](https://img.shields.io/github/license/actions/kaniko)
Custom **Kaniko** image (forked from Googles `gcr.io/kaniko-project/executor:debug`) for Forgejo Actions.
Build & push OCI-compatible container images in your pipelines **without** a Docker daemon. Just set a few environment variables.
---
## Highlights
| Feature | Benefit |
|---------|---------|
| **Daemon-less builds** | Works in completely rootless, container-only environments |
| **Debug base** | Includes `/shell` & common tools for troubleshooting |
| **Registry-agnostic** | Push to Docker Hub, GHCR, Harbor, Quay, Google Artifact Registry, etc. |
| **Small wrapper script** | Autodetects credentials and common env-var combos |
---
## Image tags
| Tag | Base | Intended use |
|-----|------|--------------|
| `latest` | Google `debug` executor | General CI pipelines |
---
## Quick start
```yaml
# .forgejo/workflows/build.yaml
name: Build & push image
on:
push:
branches: [ main ]
jobs:
build:
runs-on: docker
container:
image: git.van-hemmen.com/actions/kaniko:latest
steps:
- name: Build & push with Kaniko
env:
# --- mandatory --------------------------------------------------------
KANIKO_CONTEXT: git://git.van-hemmen.com/actions/kaniko.git
GIT_REF_NAME: ${{ github.ref_name }}
GIT_USERNAME: ${{ secrets.GIT_USERNAME }}
GIT_PASSWORD: ${{ secrets.GIT_PASSWORD }}
# --- optional (only needed when you plan to push) ---------------------
REGISTRY_HOST: ghcr.io
REGISTRY_USER: ${{ secrets.REGISTRY_USER }}
REGISTRY_PASS: ${{ secrets.REGISTRY_PASS }}
KANIKO_DESTINATION: ghcr.io/myorg/myapp:${{ github.sha }}
# --- fine-tuning ------------------------------------------------------
KANIKO_DOCKERFILE: ./Dockerfile
KANIKO_VERBOSITY: info
```
## Environment variables
| Variable | Required | Purpose | Example value |
|----------|----------|---------|----------------------------------------------------------------|
| `KANIKO_CONTEXT` | **Yes** | Build context (`git://`). | `git://git.van-hemmen.com/actions/kaniko.git` |
| `GIT_REF_NAME` | **Yes** | Branch or tag that is being built. | `${{ github.ref_name }}` |
| `GIT_USERNAME` | **Yes** | Username with access to `KANIKO_CONTEXT` when it is private. | `${{ secrets.GIT_USERNAME }}` |
| `GIT_PASSWORD` | **Yes** | Token/password paired with `GIT_USERNAME`. | `${{ secrets.GIT_PASSWORD }}` |
| `REGISTRY_HOST` | No (default `git.van-hemmen.com`) | Target registry hostname. | `ghcr.io` |
| `REGISTRY_USER` | No* | Registry username. Enables push only if **both** `REGISTRY_USER` and `REGISTRY_PASS` are set. | `${{ secrets.REGISTRY_USER }}` |
| `REGISTRY_PASS` | No* | Registry password/token. | `${{ secrets.REGISTRY_PASS }}` |
| `KANIKO_DESTINATION` | No | Comma-separated list of image references to push (variables like `${{ github.sha }}` are expanded). | `ghcr.io/myorg/app:${{ github.sha }},ghcr.io/myorg/app:latest` |
| `KANIKO_DOCKERFILE` | No (default `./Dockerfile`) | Path to the Dockerfile relative to the context. | `./docker/Dockerfile.alpine` |
| `KANIKO_VERBOSITY` | No (default `info`) | Log level (`trace`, `debug`, `info`, `warn`, `error`, `fatal`, `panic`). | `debug` |
\* `REGISTRY_USER` / `REGISTRY_PASS` are only needed when the registry requires authentication.
Reference in a new issue View git blame Copy permalink