github.com/SAP/jenkins-library@v1.362.0/cmd/kanikoExecute_generated.go (about) 1 // Code generated by piper's step-generator. DO NOT EDIT. 2 3 package cmd 4 5 import ( 6 "fmt" 7 "os" 8 "path/filepath" 9 "reflect" 10 "strings" 11 "time" 12 13 "github.com/SAP/jenkins-library/pkg/config" 14 "github.com/SAP/jenkins-library/pkg/gcs" 15 "github.com/SAP/jenkins-library/pkg/log" 16 "github.com/SAP/jenkins-library/pkg/piperenv" 17 "github.com/SAP/jenkins-library/pkg/splunk" 18 "github.com/SAP/jenkins-library/pkg/telemetry" 19 "github.com/SAP/jenkins-library/pkg/validation" 20 "github.com/bmatcuk/doublestar" 21 "github.com/spf13/cobra" 22 ) 23 24 type kanikoExecuteOptions struct { 25 BuildOptions []string `json:"buildOptions,omitempty"` 26 BuildSettingsInfo string `json:"buildSettingsInfo,omitempty"` 27 ContainerBuildOptions string `json:"containerBuildOptions,omitempty"` 28 ContainerImage string `json:"containerImage,omitempty"` 29 ContainerImageName string `json:"containerImageName,omitempty" validate:"required_if=ContainerMultiImageBuild true"` 30 ContainerImageTag string `json:"containerImageTag,omitempty"` 31 MultipleImages []map[string]interface{} `json:"multipleImages,omitempty"` 32 ContainerMultiImageBuild bool `json:"containerMultiImageBuild,omitempty"` 33 ContainerMultiImageBuildExcludes []string `json:"containerMultiImageBuildExcludes,omitempty"` 34 ContainerMultiImageBuildTrimDir string `json:"containerMultiImageBuildTrimDir,omitempty"` 35 ContainerPreparationCommand string `json:"containerPreparationCommand,omitempty"` 36 ContainerRegistryURL string `json:"containerRegistryUrl,omitempty"` 37 ContainerRegistryUser string `json:"containerRegistryUser,omitempty"` 38 ContainerRegistryPassword string `json:"containerRegistryPassword,omitempty"` 39 CustomTLSCertificateLinks []string `json:"customTlsCertificateLinks,omitempty"` 40 DockerConfigJSON string `json:"dockerConfigJSON,omitempty"` 41 DockerfilePath string `json:"dockerfilePath,omitempty"` 42 TargetArchitectures []string `json:"targetArchitectures,omitempty"` 43 ReadImageDigest bool `json:"readImageDigest,omitempty"` 44 CreateBOM bool `json:"createBOM,omitempty"` 45 SyftDownloadURL string `json:"syftDownloadUrl,omitempty"` 46 } 47 48 type kanikoExecuteCommonPipelineEnvironment struct { 49 container struct { 50 registryURL string 51 imageNameTag string 52 imageDigest string 53 imageNames []string 54 imageNameTags []string 55 imageDigests []string 56 } 57 custom struct { 58 buildSettingsInfo string 59 } 60 } 61 62 func (p *kanikoExecuteCommonPipelineEnvironment) persist(path, resourceName string) { 63 content := []struct { 64 category string 65 name string 66 value interface{} 67 }{ 68 {category: "container", name: "registryUrl", value: p.container.registryURL}, 69 {category: "container", name: "imageNameTag", value: p.container.imageNameTag}, 70 {category: "container", name: "imageDigest", value: p.container.imageDigest}, 71 {category: "container", name: "imageNames", value: p.container.imageNames}, 72 {category: "container", name: "imageNameTags", value: p.container.imageNameTags}, 73 {category: "container", name: "imageDigests", value: p.container.imageDigests}, 74 {category: "custom", name: "buildSettingsInfo", value: p.custom.buildSettingsInfo}, 75 } 76 77 errCount := 0 78 for _, param := range content { 79 err := piperenv.SetResourceParameter(path, resourceName, filepath.Join(param.category, param.name), param.value) 80 if err != nil { 81 log.Entry().WithError(err).Error("Error persisting piper environment.") 82 errCount++ 83 } 84 } 85 if errCount > 0 { 86 log.Entry().Error("failed to persist Piper environment") 87 } 88 } 89 90 type kanikoExecuteReports struct { 91 } 92 93 func (p *kanikoExecuteReports) persist(stepConfig kanikoExecuteOptions, gcpJsonKeyFilePath string, gcsBucketId string, gcsFolderPath string, gcsSubFolder string) { 94 if gcsBucketId == "" { 95 log.Entry().Info("persisting reports to GCS is disabled, because gcsBucketId is empty") 96 return 97 } 98 log.Entry().Info("Uploading reports to Google Cloud Storage...") 99 content := []gcs.ReportOutputParam{ 100 {FilePattern: "**/bom-*.xml", ParamRef: "", StepResultType: "sbom"}, 101 } 102 envVars := []gcs.EnvVar{ 103 {Name: "GOOGLE_APPLICATION_CREDENTIALS", Value: gcpJsonKeyFilePath, Modified: false}, 104 } 105 gcsClient, err := gcs.NewClient(gcs.WithEnvVars(envVars)) 106 if err != nil { 107 log.Entry().Errorf("creation of GCS client failed: %v", err) 108 return 109 } 110 defer gcsClient.Close() 111 structVal := reflect.ValueOf(&stepConfig).Elem() 112 inputParameters := map[string]string{} 113 for i := 0; i < structVal.NumField(); i++ { 114 field := structVal.Type().Field(i) 115 if field.Type.String() == "string" { 116 paramName := strings.Split(field.Tag.Get("json"), ",") 117 paramValue, _ := structVal.Field(i).Interface().(string) 118 inputParameters[paramName[0]] = paramValue 119 } 120 } 121 if err := gcs.PersistReportsToGCS(gcsClient, content, inputParameters, gcsFolderPath, gcsBucketId, gcsSubFolder, doublestar.Glob, os.Stat); err != nil { 122 log.Entry().Errorf("failed to persist reports: %v", err) 123 } 124 } 125 126 // KanikoExecuteCommand Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container. 127 func KanikoExecuteCommand() *cobra.Command { 128 const STEP_NAME = "kanikoExecute" 129 130 metadata := kanikoExecuteMetadata() 131 var stepConfig kanikoExecuteOptions 132 var startTime time.Time 133 var commonPipelineEnvironment kanikoExecuteCommonPipelineEnvironment 134 var reports kanikoExecuteReports 135 var logCollector *log.CollectorHook 136 var splunkClient *splunk.Splunk 137 telemetryClient := &telemetry.Telemetry{} 138 139 var createKanikoExecuteCmd = &cobra.Command{ 140 Use: STEP_NAME, 141 Short: "Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container.", 142 Long: `Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container. 143 144 ### Building one container image 145 146 For building one container image the step expects that one of the containerImage, containerImageName or --destination (via buildOptions) is set. 147 148 ### Building multiple container images 149 150 The step allows you to build multiple container images with one run. 151 This is suitable in case you need to create multiple images for one microservice, e.g. for testing. 152 153 All images will get the same "root" name and the same versioning.<br /> 154 **Thus, this is not suitable to be used for a monorepo approach!** For monorepos you need to use a build tool natively capable to take care for monorepos 155 or implement a custom logic and for example execute this ` + "`" + `kanikoExecute` + "`" + ` step multiple times in your custom pipeline. 156 157 You can activate multiple builds using the parameter [containerMultiImageBuild](#containermultiimagebuild) 158 159 Behavior can be adapted using: 160 161 * [containerMultiImageBuildExcludes](#containermultiimagebuildexcludes) for defining excludes 162 * [containerMultiImageBuildTrimDir](#containermultiimagebuildtrimdir) for removing parent directory part from image name 163 164 Examples: 165 166 #### Multiple containers in sub directories 167 168 Configuration as follows: 169 170 ` + "`" + `` + "`" + `` + "`" + ` 171 general: 172 containerImageName: myImage 173 steps: 174 kanikoExecute: 175 containerMultiImageBuild: true 176 ` + "`" + `` + "`" + `` + "`" + ` 177 178 Following Dockerfiles are available in the repository: 179 180 * sub1/Dockerfile 181 * sub2/Dockerfile 182 183 Following final image names will be built: 184 185 * ` + "`" + `myImage-sub1` + "`" + ` 186 * ` + "`" + `myImage-sub2` + "`" + ` 187 188 #### Multiple containers in sub directories while trimming a directory part 189 190 Configuration as follows: 191 192 ` + "`" + `` + "`" + `` + "`" + ` 193 general: 194 containerImageName: myImage 195 steps: 196 kanikoExecute: 197 containerMultiImageBuild: true 198 containerMultiImageBuildTrimDir: .ci 199 ` + "`" + `` + "`" + `` + "`" + ` 200 201 Following Dockerfiles are available in the repository: 202 203 * .ci/sub1/Dockerfile 204 * .ci/sub2/Dockerfile 205 206 Following final image names will be built: 207 208 * ` + "`" + `myImage-sub1` + "`" + ` 209 * ` + "`" + `myImage-sub2` + "`" + ``, 210 PreRunE: func(cmd *cobra.Command, _ []string) error { 211 startTime = time.Now() 212 log.SetStepName(STEP_NAME) 213 log.SetVerbose(GeneralConfig.Verbose) 214 215 GeneralConfig.GitHubAccessTokens = ResolveAccessTokens(GeneralConfig.GitHubTokens) 216 217 path, _ := os.Getwd() 218 fatalHook := &log.FatalHook{CorrelationID: GeneralConfig.CorrelationID, Path: path} 219 log.RegisterHook(fatalHook) 220 221 err := PrepareConfig(cmd, &metadata, STEP_NAME, &stepConfig, config.OpenPiperFile) 222 if err != nil { 223 log.SetErrorCategory(log.ErrorConfiguration) 224 return err 225 } 226 log.RegisterSecret(stepConfig.DockerConfigJSON) 227 228 if len(GeneralConfig.HookConfig.SentryConfig.Dsn) > 0 { 229 sentryHook := log.NewSentryHook(GeneralConfig.HookConfig.SentryConfig.Dsn, GeneralConfig.CorrelationID) 230 log.RegisterHook(&sentryHook) 231 } 232 233 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 || len(GeneralConfig.HookConfig.SplunkConfig.ProdCriblEndpoint) > 0 { 234 splunkClient = &splunk.Splunk{} 235 logCollector = &log.CollectorHook{CorrelationID: GeneralConfig.CorrelationID} 236 log.RegisterHook(logCollector) 237 } 238 239 if err = log.RegisterANSHookIfConfigured(GeneralConfig.CorrelationID); err != nil { 240 log.Entry().WithError(err).Warn("failed to set up SAP Alert Notification Service log hook") 241 } 242 243 validation, err := validation.New(validation.WithJSONNamesForStructFields(), validation.WithPredefinedErrorMessages()) 244 if err != nil { 245 return err 246 } 247 if err = validation.ValidateStruct(stepConfig); err != nil { 248 log.SetErrorCategory(log.ErrorConfiguration) 249 return err 250 } 251 252 return nil 253 }, 254 Run: func(_ *cobra.Command, _ []string) { 255 stepTelemetryData := telemetry.CustomData{} 256 stepTelemetryData.ErrorCode = "1" 257 handler := func() { 258 commonPipelineEnvironment.persist(GeneralConfig.EnvRootPath, "commonPipelineEnvironment") 259 reports.persist(stepConfig, GeneralConfig.GCPJsonKeyFilePath, GeneralConfig.GCSBucketId, GeneralConfig.GCSFolderPath, GeneralConfig.GCSSubFolder) 260 config.RemoveVaultSecretFiles() 261 stepTelemetryData.Duration = fmt.Sprintf("%v", time.Since(startTime).Milliseconds()) 262 stepTelemetryData.ErrorCategory = log.GetErrorCategory().String() 263 stepTelemetryData.PiperCommitHash = GitCommit 264 telemetryClient.SetData(&stepTelemetryData) 265 telemetryClient.Send() 266 if len(GeneralConfig.HookConfig.SplunkConfig.Dsn) > 0 { 267 splunkClient.Initialize(GeneralConfig.CorrelationID, 268 GeneralConfig.HookConfig.SplunkConfig.Dsn, 269 GeneralConfig.HookConfig.SplunkConfig.Token, 270 GeneralConfig.HookConfig.SplunkConfig.Index, 271 GeneralConfig.HookConfig.SplunkConfig.SendLogs) 272 splunkClient.Send(telemetryClient.GetData(), logCollector) 273 } 274 if len(GeneralConfig.HookConfig.SplunkConfig.ProdCriblEndpoint) > 0 { 275 splunkClient.Initialize(GeneralConfig.CorrelationID, 276 GeneralConfig.HookConfig.SplunkConfig.ProdCriblEndpoint, 277 GeneralConfig.HookConfig.SplunkConfig.ProdCriblToken, 278 GeneralConfig.HookConfig.SplunkConfig.ProdCriblIndex, 279 GeneralConfig.HookConfig.SplunkConfig.SendLogs) 280 splunkClient.Send(telemetryClient.GetData(), logCollector) 281 } 282 } 283 log.DeferExitHandler(handler) 284 defer handler() 285 telemetryClient.Initialize(GeneralConfig.NoTelemetry, STEP_NAME, GeneralConfig.HookConfig.PendoConfig.Token) 286 kanikoExecute(stepConfig, &stepTelemetryData, &commonPipelineEnvironment) 287 stepTelemetryData.ErrorCode = "0" 288 log.Entry().Info("SUCCESS") 289 }, 290 } 291 292 addKanikoExecuteFlags(createKanikoExecuteCmd, &stepConfig) 293 return createKanikoExecuteCmd 294 } 295 296 func addKanikoExecuteFlags(cmd *cobra.Command, stepConfig *kanikoExecuteOptions) { 297 cmd.Flags().StringSliceVar(&stepConfig.BuildOptions, "buildOptions", []string{`--skip-tls-verify-pull`, `--ignore-path=/workspace`, `--ignore-path=/busybox`}, "Defines a list of build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.") 298 cmd.Flags().StringVar(&stepConfig.BuildSettingsInfo, "buildSettingsInfo", os.Getenv("PIPER_buildSettingsInfo"), "Build settings info is typically filled by the step automatically to create information about the build settings that were used during the mta build. This information is typically used for compliance related processes.") 299 cmd.Flags().StringVar(&stepConfig.ContainerBuildOptions, "containerBuildOptions", os.Getenv("PIPER_containerBuildOptions"), "Deprected, please use buildOptions. Defines the build options for the [kaniko](https://github.com/GoogleContainerTools/kaniko) build.") 300 cmd.Flags().StringVar(&stepConfig.ContainerImage, "containerImage", os.Getenv("PIPER_containerImage"), "Defines the full name of the Docker image to be created including registry, image name and tag like `my.docker.registry/path/myImageName:myTag`. If `containerImage` is not provided, then `containerImageName` or `--destination` (via buildOptions) should be provided.") 301 cmd.Flags().StringVar(&stepConfig.ContainerImageName, "containerImageName", os.Getenv("PIPER_containerImageName"), "Name of the container which will be built - will be used instead of parameter `containerImage`. If `containerImageName` is not provided, then `containerImage` or `--destination` (via buildOptions) should be provided.") 302 cmd.Flags().StringVar(&stepConfig.ContainerImageTag, "containerImageTag", os.Getenv("PIPER_containerImageTag"), "Tag of the container which will be built - will be used instead of parameter `containerImage`") 303 304 cmd.Flags().BoolVar(&stepConfig.ContainerMultiImageBuild, "containerMultiImageBuild", false, "Defines if multiple containers should be build. Dockerfiles are used using the pattern **/Dockerfile*. Excludes can be defined via [`containerMultiImageBuildExcludes`](#containermultiimagebuildexscludes).") 305 cmd.Flags().StringSliceVar(&stepConfig.ContainerMultiImageBuildExcludes, "containerMultiImageBuildExcludes", []string{}, "Defines a list of Dockerfile paths to exclude from the build when using [`containerMultiImageBuild`](#containermultiimagebuild).") 306 cmd.Flags().StringVar(&stepConfig.ContainerMultiImageBuildTrimDir, "containerMultiImageBuildTrimDir", os.Getenv("PIPER_containerMultiImageBuildTrimDir"), "Defines a trailing directory part which should not be considered in the final image name.") 307 cmd.Flags().StringVar(&stepConfig.ContainerPreparationCommand, "containerPreparationCommand", `rm -f /kaniko/.docker/config.json`, "Defines the command to prepare the Kaniko container. By default the contained credentials are removed in order to allow anonymous access to container registries.") 308 cmd.Flags().StringVar(&stepConfig.ContainerRegistryURL, "containerRegistryUrl", os.Getenv("PIPER_containerRegistryUrl"), "http(s) url of the Container registry where the image should be pushed to - will be used instead of parameter `containerImage`") 309 cmd.Flags().StringVar(&stepConfig.ContainerRegistryUser, "containerRegistryUser", os.Getenv("PIPER_containerRegistryUser"), "Username of the Container registry where the image should be pushed to - which will updated in a docker config json file. If a docker config json file is provided via parameter `dockerConfigJSON` , then the existing file will be enhanced") 310 cmd.Flags().StringVar(&stepConfig.ContainerRegistryPassword, "containerRegistryPassword", os.Getenv("PIPER_containerRegistryPassword"), "Password of the Container registry where the image should be pushed to - which will updated in a docker config json file. If a docker config json file is provided via parameter `dockerConfigJSON` , then the existing file will be enhanced") 311 cmd.Flags().StringSliceVar(&stepConfig.CustomTLSCertificateLinks, "customTlsCertificateLinks", []string{}, "List containing download links of custom TLS certificates. This is required to ensure trusted connections to registries with custom certificates.") 312 cmd.Flags().StringVar(&stepConfig.DockerConfigJSON, "dockerConfigJSON", os.Getenv("PIPER_dockerConfigJSON"), "Path to the file `.docker/config.json` - this is typically provided by your CI/CD system. You can find more details about the Docker credentials in the [Docker documentation](https://docs.docker.com/engine/reference/commandline/login/).") 313 cmd.Flags().StringVar(&stepConfig.DockerfilePath, "dockerfilePath", `Dockerfile`, "Defines the location of the Dockerfile relative to the Jenkins workspace.") 314 cmd.Flags().StringSliceVar(&stepConfig.TargetArchitectures, "targetArchitectures", []string{``}, "Defines the target architectures for which the build should run using OS and architecture separated by a comma. (EXPERIMENTAL)") 315 cmd.Flags().BoolVar(&stepConfig.ReadImageDigest, "readImageDigest", false, "") 316 cmd.Flags().BoolVar(&stepConfig.CreateBOM, "createBOM", false, "Creates the bill of materials (BOM) using Syft and stores it in a file in CycloneDX 1.4 format.") 317 cmd.Flags().StringVar(&stepConfig.SyftDownloadURL, "syftDownloadUrl", `https://github.com/anchore/syft/releases/download/v0.62.3/syft_0.62.3_linux_amd64.tar.gz`, "Specifies the download url of the Syft Linux amd64 tar binary file. This can be found at https://github.com/anchore/syft/releases/.") 318 319 } 320 321 // retrieve step metadata 322 func kanikoExecuteMetadata() config.StepData { 323 var theMetaData = config.StepData{ 324 Metadata: config.StepMetadata{ 325 Name: "kanikoExecute", 326 Aliases: []config.Alias{}, 327 Description: "Executes a [Kaniko](https://github.com/GoogleContainerTools/kaniko) build for creating a Docker container.", 328 }, 329 Spec: config.StepSpec{ 330 Inputs: config.StepInputs{ 331 Secrets: []config.StepSecrets{ 332 {Name: "dockerConfigJsonCredentialsId", Description: "Jenkins 'Secret file' credentials ID containing Docker config.json (with registry credential(s)). You can create it like explained in the [protocodeExecuteScan Prerequisites section](https://www.project-piper.io/steps/protecodeExecuteScan/#prerequisites).", Type: "jenkins"}, 333 }, 334 Parameters: []config.StepParameters{ 335 { 336 Name: "buildOptions", 337 ResourceRef: []config.ResourceReference{}, 338 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 339 Type: "[]string", 340 Mandatory: false, 341 Aliases: []config.Alias{}, 342 Default: []string{`--skip-tls-verify-pull`, `--ignore-path=/workspace`, `--ignore-path=/busybox`}, 343 }, 344 { 345 Name: "buildSettingsInfo", 346 ResourceRef: []config.ResourceReference{ 347 { 348 Name: "commonPipelineEnvironment", 349 Param: "custom/buildSettingsInfo", 350 }, 351 }, 352 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 353 Type: "string", 354 Mandatory: false, 355 Aliases: []config.Alias{}, 356 Default: os.Getenv("PIPER_buildSettingsInfo"), 357 }, 358 { 359 Name: "containerBuildOptions", 360 ResourceRef: []config.ResourceReference{}, 361 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 362 Type: "string", 363 Mandatory: false, 364 Aliases: []config.Alias{}, 365 Default: os.Getenv("PIPER_containerBuildOptions"), 366 }, 367 { 368 Name: "containerImage", 369 ResourceRef: []config.ResourceReference{}, 370 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 371 Type: "string", 372 Mandatory: false, 373 Aliases: []config.Alias{{Name: "containerImageNameAndTag", Deprecated: true}}, 374 Default: os.Getenv("PIPER_containerImage"), 375 }, 376 { 377 Name: "containerImageName", 378 ResourceRef: []config.ResourceReference{}, 379 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 380 Type: "string", 381 Mandatory: false, 382 Aliases: []config.Alias{{Name: "dockerImageName"}}, 383 Default: os.Getenv("PIPER_containerImageName"), 384 }, 385 { 386 Name: "containerImageTag", 387 ResourceRef: []config.ResourceReference{ 388 { 389 Name: "commonPipelineEnvironment", 390 Param: "artifactVersion", 391 }, 392 }, 393 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 394 Type: "string", 395 Mandatory: false, 396 Aliases: []config.Alias{{Name: "artifactVersion"}}, 397 Default: os.Getenv("PIPER_containerImageTag"), 398 }, 399 { 400 Name: "multipleImages", 401 ResourceRef: []config.ResourceReference{}, 402 Scope: []string{"PARAMETERS", "STEPS"}, 403 Type: "[]map[string]interface{}", 404 Mandatory: false, 405 Aliases: []config.Alias{{Name: "images"}}, 406 }, 407 { 408 Name: "containerMultiImageBuild", 409 ResourceRef: []config.ResourceReference{}, 410 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 411 Type: "bool", 412 Mandatory: false, 413 Aliases: []config.Alias{}, 414 Default: false, 415 }, 416 { 417 Name: "containerMultiImageBuildExcludes", 418 ResourceRef: []config.ResourceReference{}, 419 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 420 Type: "[]string", 421 Mandatory: false, 422 Aliases: []config.Alias{}, 423 Default: []string{}, 424 }, 425 { 426 Name: "containerMultiImageBuildTrimDir", 427 ResourceRef: []config.ResourceReference{}, 428 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 429 Type: "string", 430 Mandatory: false, 431 Aliases: []config.Alias{}, 432 Default: os.Getenv("PIPER_containerMultiImageBuildTrimDir"), 433 }, 434 { 435 Name: "containerPreparationCommand", 436 ResourceRef: []config.ResourceReference{}, 437 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 438 Type: "string", 439 Mandatory: false, 440 Aliases: []config.Alias{}, 441 Default: `rm -f /kaniko/.docker/config.json`, 442 }, 443 { 444 Name: "containerRegistryUrl", 445 ResourceRef: []config.ResourceReference{ 446 { 447 Name: "commonPipelineEnvironment", 448 Param: "container/registryUrl", 449 }, 450 }, 451 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 452 Type: "string", 453 Mandatory: false, 454 Aliases: []config.Alias{{Name: "dockerRegistryUrl"}}, 455 Default: os.Getenv("PIPER_containerRegistryUrl"), 456 }, 457 { 458 Name: "containerRegistryUser", 459 ResourceRef: []config.ResourceReference{ 460 { 461 Name: "commonPipelineEnvironment", 462 Param: "container/repositoryUsername", 463 }, 464 }, 465 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 466 Type: "string", 467 Mandatory: false, 468 Aliases: []config.Alias{{Name: "dockerRegistryUser"}}, 469 Default: os.Getenv("PIPER_containerRegistryUser"), 470 }, 471 { 472 Name: "containerRegistryPassword", 473 ResourceRef: []config.ResourceReference{ 474 { 475 Name: "commonPipelineEnvironment", 476 Param: "container/repositoryPassword", 477 }, 478 }, 479 Scope: []string{"GENERAL", "PARAMETERS", "STAGES", "STEPS"}, 480 Type: "string", 481 Mandatory: false, 482 Aliases: []config.Alias{{Name: "dockerRegistryPassword"}}, 483 Default: os.Getenv("PIPER_containerRegistryPassword"), 484 }, 485 { 486 Name: "customTlsCertificateLinks", 487 ResourceRef: []config.ResourceReference{}, 488 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 489 Type: "[]string", 490 Mandatory: false, 491 Aliases: []config.Alias{}, 492 Default: []string{}, 493 }, 494 { 495 Name: "dockerConfigJSON", 496 ResourceRef: []config.ResourceReference{ 497 { 498 Name: "dockerConfigJsonCredentialsId", 499 Type: "secret", 500 }, 501 502 { 503 Name: "dockerConfigFileVaultSecretName", 504 Type: "vaultSecretFile", 505 Default: "docker-config", 506 }, 507 }, 508 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 509 Type: "string", 510 Mandatory: false, 511 Aliases: []config.Alias{}, 512 Default: os.Getenv("PIPER_dockerConfigJSON"), 513 }, 514 { 515 Name: "dockerfilePath", 516 ResourceRef: []config.ResourceReference{}, 517 Scope: []string{"PARAMETERS", "STAGES", "STEPS"}, 518 Type: "string", 519 Mandatory: false, 520 Aliases: []config.Alias{{Name: "dockerfile"}}, 521 Default: `Dockerfile`, 522 }, 523 { 524 Name: "targetArchitectures", 525 ResourceRef: []config.ResourceReference{}, 526 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 527 Type: "[]string", 528 Mandatory: false, 529 Aliases: []config.Alias{}, 530 Default: []string{``}, 531 }, 532 { 533 Name: "readImageDigest", 534 ResourceRef: []config.ResourceReference{}, 535 Scope: []string{"STEPS", "STAGES", "PARAMETERS"}, 536 Type: "bool", 537 Mandatory: false, 538 Aliases: []config.Alias{}, 539 Default: false, 540 }, 541 { 542 Name: "createBOM", 543 ResourceRef: []config.ResourceReference{}, 544 Scope: []string{"GENERAL", "STEPS", "STAGES", "PARAMETERS"}, 545 Type: "bool", 546 Mandatory: false, 547 Aliases: []config.Alias{}, 548 Default: false, 549 }, 550 { 551 Name: "syftDownloadUrl", 552 ResourceRef: []config.ResourceReference{}, 553 Scope: []string{"PARAMETERS", "STEPS"}, 554 Type: "string", 555 Mandatory: false, 556 Aliases: []config.Alias{}, 557 Default: `https://github.com/anchore/syft/releases/download/v0.62.3/syft_0.62.3_linux_amd64.tar.gz`, 558 }, 559 }, 560 }, 561 Containers: []config.Container{ 562 {Image: "gcr.io/kaniko-project/executor:debug", EnvVars: []config.EnvVar{{Name: "container", Value: "docker"}}, Options: []config.Option{{Name: "-u", Value: "0"}, {Name: "--entrypoint", Value: ""}}}, 563 }, 564 Outputs: config.StepOutputs{ 565 Resources: []config.StepResources{ 566 { 567 Name: "commonPipelineEnvironment", 568 Type: "piperEnvironment", 569 Parameters: []map[string]interface{}{ 570 {"name": "container/registryUrl"}, 571 {"name": "container/imageNameTag"}, 572 {"name": "container/imageDigest"}, 573 {"name": "container/imageNames", "type": "[]string"}, 574 {"name": "container/imageNameTags", "type": "[]string"}, 575 {"name": "container/imageDigests", "type": "[]string"}, 576 {"name": "custom/buildSettingsInfo"}, 577 }, 578 }, 579 { 580 Name: "reports", 581 Type: "reports", 582 Parameters: []map[string]interface{}{ 583 {"filePattern": "**/bom-*.xml", "type": "sbom"}, 584 }, 585 }, 586 }, 587 }, 588 }, 589 } 590 return theMetaData 591 }