Drone plugin uses img to build and publish Docker images to a container registry. It allows running docker builds on kubernetes environment in rootless and non-privileged mode. It is required to set the annotation on the kubernetes pod container.apparmor.security.beta.kubernetes.io/: unconfined
For the usage information and a listing of the available options please take a look at the docs.
Build the binaries with the following commands:
export GOOS=linux
export GOARCH=amd64
export CGO_ENABLED=0
export GO111MODULE=on
go build -v -a -tags netgo -o release/linux/amd64/drone-docker ./cmd/drone-docker
go build -v -a -tags netgo -o release/linux/amd64/drone-gcr ./cmd/drone-gcr
go build -v -a -tags netgo -o release/linux/amd64/drone-ecr ./cmd/drone-ecr
go build -v -a -tags netgo -o release/linux/amd64/drone-acr ./cmd/drone-acr
go build -v -a -tags netgo -o release/linux/amd64/drone-heroku ./cmd/drone-heroku
Build the Docker images with the following commands:
docker build \
--label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
--label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
--file docker/docker/Dockerfile.linux.amd64 --tag plugins/img-docker .
docker build \
--label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
--label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
--file docker/gcr/Dockerfile.linux.amd64 --tag plugins/img-gcr .
docker build \
--label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
--label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
--file docker/ecr/Dockerfile.linux.amd64 --tag plugins/img-ecr .
docker build \
--label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
--label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
--file docker/acr/Dockerfile.linux.amd64 --tag plugins/img-acr .
docker build \
--label org.label-schema.build-date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") \
--label org.label-schema.vcs-ref=$(git rev-parse --short HEAD) \
--file docker/heroku/Dockerfile.linux.amd64 --tag plugins/img-heroku .
Notice: Be aware that the Docker plugin currently requires privileged capabilities, otherwise the integrated Docker daemon is not able to start.
kind: pipeline
name: default
steps:
- name: build dummy docker file and publish
image: plugins/img-docker
pull: never
settings:
repo: tphoney/test
tags: latest
secret: id=mysecret,src=secret-file
username:
from_secret: docker_username
password:
from_secret: docker_password
Using a dockerfile that references the secret-file
# syntax=docker/dockerfile:1.2
FROM alpine
# shows secret from default secret location:
RUN --mount=type=secret,id=mysecret cat /run/secrets/mysecret
and a secret file called secret-file
COOL BANANAS
docker run --rm \
-e PLUGIN_TAG=latest \
-e PLUGIN_REPO=octocat/hello-world \
-e DRONE_COMMIT_SHA=d8dbe4d94f15fe89232e0402c6e8a0ddf21af3ab \
-v $(pwd):$(pwd) \
-w $(pwd) \
plugins/img-docker --dry-run
- When updating the base image, you will need to update for each architecture and OS.
- Arm32 base images are no longer being updated.
Run the changelog generator.
docker run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-plugins -p drone-img -t <secret github token>
You can generate a token by logging into your GitHub account and going to Settings -> Personal access tokens.
Next we tag the PR's with the fixes or enhancements labels. If the PR does not fufil the requirements, do not add a label.
Run the changelog generator again with the future version according to semver.
docker run -it --rm -v "$(pwd)":/usr/local/src/your-app githubchangeloggenerator/github-changelog-generator -u drone-plugins -p drone-img -t <secret token> --future-release v1.0.0
Create your pull request for the release. Get it merged then tag the release.