Commit cf72c915 authored by Clement Bois's avatar Clement Bois
Browse files

Merge branch 'feat/kaniko-chainguard-image' into 'main' 

feat(kaniko): switching to an internal image

Closes #148

See merge request to-be-continuous/docker!191
parents 347297bb 3aa6bc4c

README.md

+1 −1
Original line number Diff line number Diff line
@@ -70,7 +70,7 @@ The Docker template uses some global configuration used throughout all jobs. 
| Input / Variable                         | Description                                                                                                                                    | Default value                                                                       |

| ---------------------------------------- | ---------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------------------------- |

| `build-tool` / `DOCKER_BUILD_TOOL`       | The build tool to use for building container image, possible values are `kaniko`, `buildah`, `dind`, `external` or `default`                   | `default` uses `$TBC_DEFAULT_DOCKER_BUILD_TOOL` value (`buildah` by default)        |

| `kaniko-image` / `DOCKER_KANIKO_IMAGE`   | The image used to run `kaniko` - _for kaniko build only_                                                                                       | `gcr.io/kaniko-project/executor:debug` (use `debug` images for GitLab)<br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-DOCKER_KANIKO_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-DOCKER_KANIKO_IMAGE)|

| `kaniko-image` / `DOCKER_KANIKO_IMAGE`   | The image used to run `kaniko` - _for kaniko build only_                                                                                       | `registry.gitlab.com/to-be-continuous/tools/kaniko:latest`<br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-DOCKER_KANIKO_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-DOCKER_KANIKO_IMAGE)|

| `buildah-image` / `DOCKER_BUILDAH_IMAGE` | The image used to run `buildah` - _for buildah build only_                                                                                     | `quay.io/containers/buildah:latest`<br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-DOCKER_BUILDAH_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-DOCKER_BUILDAH_IMAGE)|

| `image` / `DOCKER_IMAGE`                 | The Docker image used to run the docker client (see [full list](https://hub.docker.com/r/library/docker/)) - _for Docker-in-Docker build only_ | `docker.io/library/docker:latest`<br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-DOCKER_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-DOCKER_IMAGE) |

| `dind-image` / `DOCKER_DIND_IMAGE`       | The Docker image used to run the Docker daemon (see [full list](https://hub.docker.com/r/library/docker/)) - _for Docker-in-Docker build only_ | `docker.io/library/docker:dind`<br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-DOCKER_DIND_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-DOCKER_DIND_IMAGE)|

kicker.json

+1 −1
Original line number Diff line number Diff line
@@ -16,7 +16,7 @@ 
    {

      "name": "DOCKER_KANIKO_IMAGE",

      "description": "The image used to run kaniko\n\n_for kaniko build only_",

      "default": "gcr.io/kaniko-project/executor:debug"

      "default": "registry.gitlab.com/to-be-continuous/tools/kaniko:latest"

    },

    {

      "name": "DOCKER_BUILDAH_IMAGE",

templates/gitlab-ci-docker.yml

+1 −1
Original line number Diff line number Diff line
@@ -29,7 +29,7 @@ spec: 
        The image used to run kaniko



        _for kaniko build only_

      default: gcr.io/kaniko-project/executor:debug

      default: registry.gitlab.com/to-be-continuous/tools/kaniko:latest

    buildah-image:

      description: |-

        The image used to run buildah