FR - bitnami/kaniko - Please add sh to the kaniko image

[jammsen]

Name and Version

bitnami/kaniko:latest

What is the problem this feature will solve?

Hello Bitnami-Team,
I would like to request a feature in the bitnami/kaniko image.

Here is why:
Due to the flow you use on building your kaniko and then use FROM scratch to copy only whats needed over and only set path to kaniko, this image isnt able to be run in GitLab environment with before_script and after_script.

Explainer:
The normal flow in GitLab would be to to login to the custom or normal registry like docker-hub via setting the auths in the config.json, ( See here for more infos: https://archives.docs.gitlab.com/17.11/ci/docker/using_kaniko/#building-a-docker-image-with-kaniko ) this would be typically done in the before_script: part which requires the docker-image to have /bin/sh to able to go before run to the correct location and prepare the auth-files and the run the "script" part where the main work is done.

As there is no PATH like in the source image ( https://github.com/GoogleContainerTools/kaniko/blob/main/deploy/Dockerfile#L102-L104 ) GitLab fails to start the image and reports just massive amounts of errors.

Here is an example pipeline:

stages:
  - imagebuilding

bitnami_kaniko_build_and_push_image:
  stage: imagebuilding
  image:
    name: bitnami/kaniko:latest
    entrypoint: [""]
  variables:
    IMAGE_NAME: my-test-image:latest
  before_script:
    - mkdir -p /kaniko/.docker
    - |
      cat > /kaniko/.docker/config.json << EOF
      {
        "auths": {
          "${CI_REGISTRY}": {
            "auth": "$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64 -w0)"
          }
        }
      }
      EOF
      cat /kaniko/.docker/config.json
  script:
    - /kaniko/executor --context "${CI_PROJECT_DIR}" --dockerfile "${CI_PROJECT_DIR}/Dockerfile" --destination "$IMAGE_NAME"
  tags:
    - k8s

Source:
https://github.com/bitnami/containers/blob/main/bitnami/kaniko/1/debian-12/Dockerfile#L38-L69

What is the feature you are proposing to solve the problem?

Please add /bin/sh to the image and the PATH variable for GitLab-Runner usage for any registry.

What alternatives have you considered?

I tried everything else and this solution is basically what GoogleContainers Kaniko had to cover the use-case of custom-registries. The just would need to be covered too.

[jammsen]

Whoops forgot to mention that GoogleContainers Kaniko did also use From Scratch but it looks like they mounted a few parts from busybox over to have /bin/sh available, see here:
https://github.com/GoogleContainerTools/kaniko/blob/main/deploy/Dockerfile#L64-L67

[jammsen]

I have added a PR, not sure if that is the way you would fix this or if this is up to your standards - See: #82651

[carrodher]

Thank you for opening this issue and submitting the associated Pull Request. Our team will review and provide feedback. Once the PR is merged, the issue will automatically close.

Your contribution is greatly appreciated!

[jammsen]

Hello @carrodher - Thanks, I hope it lives up to your standards, if not, feel free to change bad code 👍