Build
Build a Docker image and push it to a remote container registry.
type: "io.kestra.plugin.docker.Build"Build and push a Docker image to a registry
id: docker_build
namespace: company.team
tasks:
- id: build
type: io.kestra.plugin.docker.Build
dockerfile: |
FROM ubuntu
ARG APT_PACKAGES=""
RUN apt-get update && apt-get install -y --no-install-recommends ${APT_PACKAGES};
platforms:
- linux/amd64
tags:
- private-registry.io/unit-test:latest
buildArgs:
APT_PACKAGES: curl
labels:
unit-test: "true"
credentials:
registry: <registry.url.com>
username: "{{ secret('DOCKERHUB_USERNAME') }}"
password: "{{ secret('DOCKERHUB_PASSWORD') }}"
Build and push a docker image to DockerHub
id: build_dockerhub_image
namespace: company.team
tasks:
- id: build
type: io.kestra.plugin.docker.Build
dockerfile: |
FROM python:3.10
RUN pip install --upgrade pip
RUN pip install --no-cache-dir kestra requests "polars[all]"
tags:
- kestra/polars:latest
push: true
credentials:
registry: https://index.docker.io/v1/
username: "{{ secret('DOCKERHUB_USERNAME') }}"
password: "{{ secret('DOCKERHUB_PASSWORD') }}"
Build a Docker image and push it to GitHub Container Registry (ghcr.io)
id: build_github_container_image
namespace: company.team
tasks:
- id: build
type: io.kestra.plugin.docker.Build
dockerfile: |
FROM python:3.10
RUN pip install --upgrade pip
RUN pip install --no-cache-dir kestra requests "polars[all]"
tags:
- ghcr.io/kestra/polars:latest
push: true
credentials:
username: kestra
password: "{{ secret('GITHUB_ACCESS_TOKEN') }}"
YESOptional build arguments in a key: value format.
YESDocker configuration file.
Docker configuration file that can set access credentials to private container registries. Usually located in ~/.docker/config.json.
YESYESThe contents of your Dockerfile passed as a string, or a path to the Dockerfile
YESThe URI of your Docker host e.g. localhost
YESThe files to create on the local filesystem. It can be a map or a JSON object.
YESAdditional metadata for the image in a key: value format.
NOInject namespace files.
Inject namespace files to this task. When enabled, it will, by default, load all namespace files into the working directory. However, you can use the include or exclude properties to limit which namespace files will be injected.
YESThe target platform for the image e.g. linux/amd64.
YEStrueAlways attempt to pull the latest version of the base image.
YESfalseWhether to push the image to a remote container registry.
The generated image id.
YEStrueWhether to enable namespace files to be loaded into the working directory. If explicitly set to true in a task, it will load all Namespace Files into the task's working directory. Note that this property is by default set to true so that you can specify only the include and exclude properties to filter the files to load without having to explicitly set enabled to true.
YESA list of filters to exclude matching glob patterns. This allows you to exclude a subset of the Namespace Files from being downloaded at runtime. You can combine this property together with include to only inject a subset of files that you need into the task's working directory.
YESOVERWRITEOVERWRITEFAILWARNIGNOREComportment of the task if a file already exist in the working directory.
YESA list of filters to include only matching glob patterns. This allows you to only load a subset of the Namespace Files into the working directory.
YES["{{flow.namespace}}"]A list of namespaces in which searching files. The files are loaded in the namespace order, and only the latest version of a file is kept. Meaning if a file is present in the first and second namespace, only the file present on the second namespace will be loaded.
YESThe registry authentication.
The auth field is a base64-encoded authentication string of username: password or a token.
YESThe identity token.
YESThe registry password.
YESThe registry URL.
If not defined, the registry will be extracted from the image name.
YESThe registry token.
YESThe registry username.