Skip to content

Commit

Permalink
feat: add image user option
Browse files Browse the repository at this point in the history
Signed-off-by: Maxime Brunet <[email protected]>
  • Loading branch information
maxbrunet committed Mar 23, 2024
1 parent 5ce94b9 commit a952faa
Show file tree
Hide file tree
Showing 10 changed files with 41 additions and 0 deletions.
1 change: 1 addition & 0 deletions docs/reference/ko_apply.md
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ ko apply -f FILENAME [flags]
-h, --help help for apply
--image-label strings Which labels (key=value) to add to the image.
--image-refs string Path to file where a list of the published image references will be written.
--image-user string The default user the image should be run as.
--insecure-registry Whether to skip TLS verification on the registry
-j, --jobs int The maximum number of concurrent builds (default GOMAXPROCS)
-L, --local Load into images to local docker daemon.
Expand Down
1 change: 1 addition & 0 deletions docs/reference/ko_build.md
Original file line number Diff line number Diff line change
Expand Up @@ -48,6 +48,7 @@ ko build IMPORTPATH... [flags]
-h, --help help for build
--image-label strings Which labels (key=value) to add to the image.
--image-refs string Path to file where a list of the published image references will be written.
--image-user string The default user the image should be run as.
--insecure-registry Whether to skip TLS verification on the registry
-j, --jobs int The maximum number of concurrent builds (default GOMAXPROCS)
-L, --local Load into images to local docker daemon.
Expand Down
1 change: 1 addition & 0 deletions docs/reference/ko_create.md
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,7 @@ ko create -f FILENAME [flags]
-h, --help help for create
--image-label strings Which labels (key=value) to add to the image.
--image-refs string Path to file where a list of the published image references will be written.
--image-user string The default user the image should be run as.
--insecure-registry Whether to skip TLS verification on the registry
-j, --jobs int The maximum number of concurrent builds (default GOMAXPROCS)
-L, --local Load into images to local docker daemon.
Expand Down
1 change: 1 addition & 0 deletions docs/reference/ko_resolve.md
Original file line number Diff line number Diff line change
Expand Up @@ -45,6 +45,7 @@ ko resolve -f FILENAME [flags]
-h, --help help for resolve
--image-label strings Which labels (key=value) to add to the image.
--image-refs string Path to file where a list of the published image references will be written.
--image-user string The default user the image should be run as.
--insecure-registry Whether to skip TLS verification on the registry
-j, --jobs int The maximum number of concurrent builds (default GOMAXPROCS)
-L, --local Load into images to local docker daemon.
Expand Down
1 change: 1 addition & 0 deletions docs/reference/ko_run.md
Original file line number Diff line number Diff line change
Expand Up @@ -36,6 +36,7 @@ ko run IMPORTPATH [flags]
-h, --help help for run
--image-label strings Which labels (key=value) to add to the image.
--image-refs string Path to file where a list of the published image references will be written.
--image-user string The default user the image should be run as.
--insecure-registry Whether to skip TLS verification on the registry
-j, --jobs int The maximum number of concurrent builds (default GOMAXPROCS)
-L, --local Load into images to local docker daemon.
Expand Down
7 changes: 7 additions & 0 deletions pkg/build/gobuild.go
Original file line number Diff line number Diff line change
Expand Up @@ -83,6 +83,7 @@ type gobuild struct {
platformMatcher *platformMatcher
dir string
labels map[string]string
user string
semaphore *semaphore.Weighted

cache *layerCache
Expand All @@ -104,6 +105,7 @@ type gobuildOpener struct {
buildConfigs map[string]Config
platforms []string
labels map[string]string
user string
dir string
jobs int
}
Expand All @@ -122,6 +124,7 @@ func (gbo *gobuildOpener) Open() (Interface, error) {
return &gobuild{
ctx: gbo.ctx,
getBase: gbo.getBase,
user: gbo.user,
creationTime: gbo.creationTime,
kodataCreationTime: gbo.kodataCreationTime,
build: gbo.build,
Expand Down Expand Up @@ -915,6 +918,10 @@ func (g *gobuild) buildOne(ctx context.Context, refStr string, base v1.Image, pl
cfg.Config.Labels[k] = v
}

if g.user != "" {
cfg.Config.User = g.user
}

empty := v1.Time{}
if g.creationTime != empty {
cfg.Created = g.creationTime
Expand Down
14 changes: 14 additions & 0 deletions pkg/build/gobuild_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -717,6 +717,7 @@ func TestGoBuild(t *testing.T) {
withSBOMber(fauxSBOM),
WithLabel("foo", "bar"),
WithLabel("hello", "world"),
WithUser("1234:1234"),
WithPlatforms("all"),
)
if err != nil {
Expand Down Expand Up @@ -771,6 +772,19 @@ func TestGoBuild(t *testing.T) {
t.Fatalf("Labels diff (-got,+want): %s", d)
}
})

t.Run("check user", func(t *testing.T) {
cfg, err := img.ConfigFile()
if err != nil {
t.Fatalf("ConfigFile() = %v", err)
}

want := "1234:1234"
got := cfg.Config.User
if got != want {
t.Fatalf("User: %s != %s", want, got)
}
})
}

func TestGoBuildWithKOCACHE(t *testing.T) {
Expand Down
8 changes: 8 additions & 0 deletions pkg/build/options.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,14 @@ func WithLabel(k, v string) Option {
}
}

// WithUser is a functional option for overriding the user in the image config.
func WithUser(user string) Option {
return func(gbo *gobuildOpener) error {
gbo.user = user
return nil
}
}

// withBuilder is a functional option for overriding the way go binaries
// are built.
func withBuilder(b builder) Option {
Expand Down
3 changes: 3 additions & 0 deletions pkg/commands/options/build.go
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ type BuildOptions struct {
SBOMDir string
Platforms []string
Labels []string
User string
// UserAgent enables overriding the default value of the `User-Agent` HTTP
// request header used when retrieving the base image.
UserAgent string
Expand Down Expand Up @@ -84,6 +85,8 @@ func AddBuildOptions(cmd *cobra.Command, bo *BuildOptions) {
"Which platform to use when pulling a multi-platform base. Format: all | <os>[/<arch>[/<variant>]][,platform]*")
cmd.Flags().StringSliceVar(&bo.Labels, "image-label", []string{},
"Which labels (key=value) to add to the image.")
cmd.Flags().StringVar(&bo.User, "image-user", "",
"The default user the image should be run as.")
bo.Trimpath = true
}

Expand Down
4 changes: 4 additions & 0 deletions pkg/commands/resolver.go
Original file line number Diff line number Diff line change
Expand Up @@ -117,6 +117,10 @@ func gobuildOptions(bo *options.BuildOptions) ([]build.Option, error) {
opts = append(opts, build.WithLabel(parts[0], parts[1]))
}

if bo.User != "" {
opts = append(opts, build.WithUser(bo.User))
}

if bo.BuildConfigs != nil {
opts = append(opts, build.WithConfig(bo.BuildConfigs))
}
Expand Down

0 comments on commit a952faa

Please sign in to comment.