Docker Image

kind: dockerImage

sourceconditiontarget

Description

condition

The Docker Image "condition" tests if a docker image tag exist on a Docker Registry

Parameters

NameRequiredDefaultDescription

hostname

hub.docker.com

Docker Registry URL. Accept "hub.docker.com", "ghcr.io", "quay.io", or any valid api compliant OCI registry

image

-

Define docker image name

tag

Source output

Define docker image tag.

token

-

Define the token needed to authenticate with the docker registry

Remark:

It’s considered a very bad practice to store credentials in an unencrypted file. Consider using an environment variable to store the token.

Authentication

Depending on the Docker Registry, authentication may be required. The way to retrieve the token depends on the registry.

GHCR

Github uses personal access token. How to retrieve one, is explained here

DockerHub

To retrieve the token, it’s easier to run docker login and then retrieve the token stored in '~/.docker/config.json'

~/.docker/config.json
        "auths": {
                "https://index.docker.io/v1/": {
                        "auth": "token"
                }
        },

Example

Please note that in this example we are using a go template updatecli.tpl with values from values.yaml The main motivation is to use {{ requiredEnv ENV_VARIABLE }} to read the github token from a environment variable.

updatecli.tpl
---
source:
  kind: githubRelease
  spec:
    owner: "jenkins-infra"
    repository: "plugin-site-api"
    token: "{{ requiredEnv .github.token }}"
    username: "olblak"
    version: "latest"
conditions:
  docker:
    name: "Docker Image Published on Registry"
    kind: dockerImage
    spec:
      image: "jenkinsciinfra/plugin-site-api"
targets:
  imageTag:
    name: "jenkinsciinfra/plugin-site-api docker image"
    kind: yaml
    spec:
      file: "charts/plugin-site/values.yaml"
      key: "backend.image.tag"
    scm:
      github:
        user: "{{ .github.user }}"
        email: "{{ .github.email }}"
        owner: "jenkins-infra"
        repository: "charts"
        token: "{{ requiredEnv .github.token }}"
        username: "olblak"
        branch: "master"
values.yaml
github:
  user: "updatebot"
  email: "updatebot@olblak.com"
  username: "jenkins-infra-bot"
  token: "UPDATECLI_GITHUB_TOKEN"
  branch: "master"
  owner: "olblak"
  repository: "charts"

What it says:

Source Retrieve the latest version from the Github release of the project jenkis-infra/plugins-site-api ⇒ v1.11.1

Condtion Test that the tag v1.11.1 exist for the image jenkinsciinfra/plugin-site-api on DockerHub ⇒ No, then abort

target If the condition was passsing then it would have update the key backend.image.tag in the yaml file charts/plugin-site/values.yaml located on the Github repository olblak/charts on the branch master using the Github Pull request workflow

Edit this page on GitHub