UNCLASSIFIED - NO CUI

Skip to content

move docker Images build from Kaniko to Buildah

Kaniko is not maintained anymore, Buildah is a valid alternative.

job example:

buildah:
  stage: build
  image:
    name: repo1.dso.mil/ironbank/opensource/containers/buildah:1.33.7
    entrypoint: [""]
  variables:
    STORAGE_DRIVER: vfs
    BUILDAH_FORMAT: oci
    FQ_IMAGE_NAME: ${STAGE_REGISTRY}/${STAGE_IMAGE_REPOSITORY}/${CI_PROJECT_NAME}
  before_script:
    - echo "${HARBOR_PASSWORD}" | buildah login -u "${HARBOR_USERNAME}" --password-stdin ${HARBOR_HOST}
  script:
    - buildah build
      --file=${DOCKER_CONTEXT_PATH}/${DOCKERFILE_PATH}
      --label commit_sha=${CI_COMMIT_SHA}
      --label pipeline_id=${CI_PIPELINE_ID}
      --label project_id=${CI_PROJECT_ID}
      --label project_name=${CI_PROJECT_NAME}
      ${DOCKER_BUILD_ARG}
      -t ${FQ_IMAGE_NAME}
      ${DOCKER_CONTEXT_PATH}
    - buildah push --digestfile simple-digest.txt $FQ_IMAGE_NAME
    - DIGEST=$(cat simple-digest.txt)
    - echo ${FQ_IMAGE_NAME}@${DIGEST} >> image-digest.txt
    - echo "STAGE_IMAGE_REF=$(cat image-digest.txt)" >> buildah.env 
    - echo "CS_IMAGE=$(cat image-digest.txt)" >> buildah.env
  artifacts:
    name: $CI_PROJECT_NAME-$CI_PIPELINE_IID-buildah
    paths:
      - image-digest.txt
    reports:
      dotenv: buildah.env

UNCLASSIFIED - NO CUI