Skip to content

feat(pkg/commands): add support for build secrets #30

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 24 commits into from
Oct 28, 2024
Merged

feat(pkg/commands): add support for build secrets #30

merged 24 commits into from
Oct 28, 2024
+379 −20

Conversation

@SasSwart
Copy link

@SasSwart SasSwart commented Oct 18, 2024
edited
Loading

Description

This PR adds support for build secrets to kaniko. Because the --secret flag is not available to docker run, it sources them from environment variables prefixed with KANIKO_BUILD_SECRET.

These build secrets are also accessible in the kaniko options struct. A PR is inbound to provide them and make this feature available from envbuilder.

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Includes unit tests
  • Adds integration tests if needed.

See the contribution guide for more details.

Reviewer Notes

  • The code flow looks good.
  • Unit tests and or integration tests added.

Release Notes

Describe any changes here so maintainer can include it in the release notes, or delete this block.

Examples of user facing changes:
- kaniko adds a new flag `--registry-repo` to override registry

johnstcn
johnstcn reviewed Oct 18, 2024
View reviewed changes
SasSwart and others added 14 commits October 21, 2024 05:42
@SasSwart
feat(pkg/commands): pass secrets into the run command
81f924f
@SasSwart
feat(pkg/commands): pass secrets into the run marker
b509184 
command
@SasSwart
chore(pkg): pass a nil linter to tests that now require is
4a667d0
@SasSwart
chore(commands): improve variable naming and add documentation
83c8a18
@SasSwart
chore(commands): improve variable naming and add documentation
d37707e
@SasSwart
chore(pkg/executor): set a default working directory if one hasn't be…
7d27c5a 
…en set
@aaron-prindle @SasSwart
deps: bump github.com/moby/buildkit and github.com/docker/docker (Goo…
80e0bdb 
…gleContainerTools#3242)
@SasSwart
chore(deps): slim down to a failing test for reproducibility
75c841a
@SasSwart
chore(deps): bump github.com/moby/buildkit from v0.14.1 to v0.16.0
c0d174f
@SasSwart
chore(deps): test against the latest version of docker
d1daf05
@SasSwart
chore(deps): test against the latest version of docker
bf140c2
@SasSwart
chore(pkg/executor): remove defunct code
6e3f198
@SasSwart
chore(integration): add integration tests for build secrets
2b0d796
@SasSwart
Merge remote-tracking branch 'origin/main' into jjs/build-secrets
2999f79
@SasSwart SasSwart marked this pull request as ready for review October 23, 2024 09:52
@SasSwart SasSwart requested a review from mafredri October 23, 2024 09:52
mafredri
mafredri reviewed Oct 23, 2024
View reviewed changes
Copy link
Member

@mafredri mafredri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Congrats on diving into Kaniko and nice work implementing this!

mafredri
mafredri reviewed Oct 24, 2024
View reviewed changes
Copy link
Member

@mafredri mafredri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A few remaining suggestions and I think testing could be improved a bit but otherwise it's looking good.

mafredri
mafredri approved these changes Oct 25, 2024
View reviewed changes
Copy link
Member

@mafredri mafredri left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, a few minor things still, but once those are fixed this is ready to go!

johnstcn
johnstcn approved these changes Oct 25, 2024
View reviewed changes
Copy link
Member

@johnstcn johnstcn left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work! I don't have anything that Mathias hasn't already pointed out.

@SasSwart SasSwart merged commit 350cbb8 into main Oct 28, 2024
9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mafredri mafredri mafredri approved these changes

@johnstcn johnstcn johnstcn approved these changes

Assignees

@SasSwart SasSwart

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@SasSwart @mafredri @johnstcn @aaron-prindle