Actual behavior
My CI/CD (gitlab) image build job is looking like that:
script: |
echo "{\"auths\":{\"${CI_REGISTRY}\":{\"username\":\"gitlab-ci-token\",\"password\":\"${CI_JOB_TOKEN}\"}}}" > /kaniko/.docker/config.json
echo ${MYCA} | base64 -d >> /kaniko/ssl/certs/ca-certificates.crt
/kaniko/executor \
--dockerfile ${CI_PROJECT_DIR}/Dockerfile \
--context ${CI_PROJECT_DIR} \
--destination ${FINAL_IMAGE_NAME}
Problem is in
echo ${MYCA} | base64 -d >> /kaniko/ssl/certs/ca-certificates.crt
base64: truncated base64 input
After double checking why base64 receives broken/truncated input I've discovered that my variable which is base64 encoded CA ~1600characters long truncated to ~1024 symbols.
tested with:
gcr.io/kaniko-project/executor:debug-v0.17.1
gcr.io/kaniko-project/executor:debug-v0.18.0
gcr.io/kaniko-project/executor:debug-v0.19.0
Expected behavior
Accept input longer than 1024 characters and proceed normally.
To Reproduce
Steps to reproduce the behavior:
docker run -it --rm --entrypoint="" gcr.io/kaniko-project/executor:debug-v0.19.0 shemmmmm actually I've figured out base64 issue.. really, it was related to somehow broken string.
but still, other images allow more than 1024 characters input while kaniko debug only 1024
feel free to close the issue if you are not going to "work" on that
@den-is glad you found out the issue. I will keep it open with lowest priority in case anyone else wants to work on this.
Perhaps it is due to ash of busybox
https://github.com/mirror/busybox/blob/1_32_0/shell/ash.c#L2958
https://github.com/mirror/busybox/blob/1_32_0/libbb/Config.src#L100
Most helpful comment
@den-is glad you found out the issue. I will keep it open with lowest priority in case anyone else wants to work on this.