Build
Build a Docker image and push it to a remote container registry.
type: "io.kestra.plugin.docker.Build"Build and push a Docker image to a registry
id: docker_build
namespace: company.team
tasks:
- id: build
type: io.kestra.plugin.docker.Build
dockerfile: |
FROM ubuntu
ARG APT_PACKAGES=""
RUN apt-get update && apt-get install -y --no-install-recommends ${APT_PACKAGES};
platforms:
- linux/amd64
tags:
- private-registry.io/unit-test:latest
buildArgs:
APT_PACKAGES: curl
labels:
unit-test: "true"
credentials:
registry: <registry.url.com>
username: "{{ secret('DOCKERHUB_USERNAME') }}"
password: "{{ secret('DOCKERHUB_PASSWORD') }}"
Build and push a docker image to DockerHub
id: build_dockerhub_image
namespace: company.team
tasks:
- id: build
type: io.kestra.plugin.docker.Build
dockerfile: |
FROM python:3.10
RUN pip install --upgrade pip
RUN pip install --no-cache-dir kestra requests "polars[all]"
tags:
- kestra/polars:latest
push: true
credentials:
registry: https://index.docker.io/v1/
username: "{{ secret('DOCKERHUB_USERNAME') }}"
password: "{{ secret('DOCKERHUB_PASSWORD') }}"
Build a Docker image and push it to GitHub Container Registry (ghcr.io)
id: build_github_container_image
namespace: company.team
tasks:
- id: build
type: io.kestra.plugin.docker.Build
dockerfile: |
FROM python:3.10
RUN pip install --upgrade pip
RUN pip install --no-cache-dir kestra requests "polars[all]"
tags:
- ghcr.io/kestra/polars:latest
push: true
credentials:
username: kestra
password: "{{ secret('GITHUB_ACCESS_TOKEN') }}"
Optional build arguments in a key: value format.
Docker configuration file.
Docker configuration file that can set access credentials to private container registries. Usually located in ~/.docker/config.json.
The contents of your Dockerfile passed as a string, or a path to the Dockerfile
The URI of your Docker host e.g. localhost
The files to create on the local filesystem. It can be a map or a JSON object.
Additional metadata for the image in a key: value format.
Inject namespace files.
Inject namespace files to this task. When enabled, it will, by default, load all namespace files into the working directory. However, you can use the include or exclude properties to limit which namespace files will be injected.
The target platform for the image e.g. linux/amd64.
trueAlways attempt to pull the latest version of the base image.
falseWhether to push the image to a remote container registry.
The generated image id.
trueWhether to enable namespace files to be loaded into the working directory. If explicitly set to true in a task, it will load all Namespace Files into the task's working directory. Note that this property is by default set to true so that you can specify only the include and exclude properties to filter the files to load without having to explicitly set enabled to true.
A list of filters to exclude matching glob patterns. This allows you to exclude a subset of the Namespace Files from being downloaded at runtime. You can combine this property together with include to only inject a subset of files that you need into the task's working directory.
OVERWRITEOVERWRITEFAILWARNIGNOREComportment of the task if a file already exist in the working directory.
A list of filters to include only matching glob patterns. This allows you to only load a subset of the Namespace Files into the working directory.
["{{flow.namespace}}"]A list of namespaces in which searching files. The files are loaded in the namespace order, and only the latest version of a file is kept. Meaning if a file is present in the first and second namespace, only the file present on the second namespace will be loaded.
The registry authentication.
The auth field is a base64-encoded authentication string of username: password or a token.
The identity token.
The registry password.
The registry URL.
If not defined, the registry will be extracted from the image name.
The registry token.
The registry username.