Add pkg.dev to automagic config file population #1328
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Kaniko currently does config file setup for GCR such that pushing to GCR
automagically works. This change does the same for pkg.dev:
https://cloud.google.com/artifact-registry
This also tightens up the hostname check to ensure we don't send
credentials to a registry that happens to contain "gcr.io".
This uses the
--registries
flag fromdocker-credential-gcr
to configure only the registry we actually care about, instead of just blindly callingdocker-credential-gcr configure-docker
, which configures every domain. An alternative approach to this PR would be to add pkg.dev domains to the list of domains thatdocker-credential-gcr configure-docker
configures by default (see GoogleCloudPlatform/docker-credential-gcr#68), but that has the unfortunate side effect of makingdocker build
really slow (it fetches credentials for every configured registry), which we want to avoid.Submitter Checklist
These are the criteria that every PR should meet, please check them off as you
review them:
See the contribution guide for more details.
Reviewer Notes