diff --git a/internal/build/lifecycle_execution.go b/internal/build/lifecycle_execution.go index fb39fa1356..913d866fb6 100644 --- a/internal/build/lifecycle_execution.go +++ b/internal/build/lifecycle_execution.go @@ -469,13 +469,17 @@ func (l *LifecycleExecution) Restore(ctx context.Context, buildCache Cache, kani // for kaniko kanikoCacheBindOp := NullOp() if (l.platformAPI.AtLeast("0.10") && l.hasExtensionsForBuild()) || - (l.platformAPI.AtLeast("0.12") && (l.hasExtensionsForBuild() || l.hasExtensionsForRun())) { + l.platformAPI.AtLeast("0.12") { if l.hasExtensionsForBuild() { flags = append(flags, "-build-image", l.opts.BuilderImage) registryImages = append(registryImages, l.opts.BuilderImage) } - - kanikoCacheBindOp = WithBinds(fmt.Sprintf("%s:%s", kanikoCache.Name(), l.mountPaths.kanikoCacheDir())) + if l.runImageChanged() || l.hasExtensionsForRun() { + registryImages = append(registryImages, l.runImageAfterExtensions()) + } + if l.hasExtensionsForBuild() || l.hasExtensionsForRun() { + kanikoCacheBindOp = WithBinds(fmt.Sprintf("%s:%s", kanikoCache.Name(), l.mountPaths.kanikoCacheDir())) + } } // for auths @@ -851,9 +855,12 @@ type runImage struct { func (l *LifecycleExecution) hasExtensionsForRun() bool { var amd analyzedMD if _, err := toml.DecodeFile(filepath.Join(l.tmpDir, "analyzed.toml"), &amd); err != nil { + l.logger.Warnf("failed to parse analyzed.toml file, assuming no run image extensions: %s", err) return false } if amd.RunImage == nil { + // this shouldn't be reachable + l.logger.Warnf("found no run image in analyzed.toml file, assuming no run image extensions...") return false } return amd.RunImage.Extend @@ -862,15 +869,22 @@ func (l *LifecycleExecution) hasExtensionsForRun() bool { func (l *LifecycleExecution) runImageAfterExtensions() string { var amd analyzedMD if _, err := toml.DecodeFile(filepath.Join(l.tmpDir, "analyzed.toml"), &amd); err != nil { + l.logger.Warnf("failed to parse analyzed.toml file, assuming run image did not change: %s", err) return l.opts.RunImage } if amd.RunImage == nil { // this shouldn't be reachable + l.logger.Warnf("found no run image in analyzed.toml file, assuming run image did not change...") return l.opts.RunImage } return amd.RunImage.Image } +func (l *LifecycleExecution) runImageChanged() bool { + currentRunImage := l.runImageAfterExtensions() + return currentRunImage != "" && currentRunImage != l.opts.RunImage +} + func (l *LifecycleExecution) appendLayoutOperations(opts []PhaseConfigProviderOperation) ([]PhaseConfigProviderOperation, error) { layoutDir := filepath.Join(paths.RootDir, "layout-repo") opts = append(opts, WithEnv("CNB_USE_LAYOUT=true", "CNB_LAYOUT_DIR="+layoutDir, "CNB_EXPERIMENTAL_MODE=warn")) diff --git a/internal/build/lifecycle_execution_test.go b/internal/build/lifecycle_execution_test.go index e3673f072e..0fd5e59b5c 100644 --- a/internal/build/lifecycle_execution_test.go +++ b/internal/build/lifecycle_execution_test.go @@ -1709,6 +1709,26 @@ func testLifecycleExecution(t *testing.T, when spec.G, it spec.S) { h.AssertSliceContains(t, configProvider.HostConfig().Binds, expectedBind) }) + when("there are extensions", func() { + platformAPI = api.MustParse("0.12") + + when("for build", func() { + extensionsForBuild = true + + it("configures the phase with registry access", func() { + h.AssertSliceContains(t, configProvider.ContainerConfig().Env, "CNB_REGISTRY_AUTH={}") + }) + }) + + when("for run", func() { + extensionsForRun = true + + it("configures the phase with registry access", func() { + h.AssertSliceContains(t, configProvider.ContainerConfig().Env, "CNB_REGISTRY_AUTH={}") + }) + }) + }) + when("using cache image", func() { fakeBuildCache = newFakeImageCache() @@ -1999,7 +2019,7 @@ func testLifecycleExecution(t *testing.T, when spec.G, it spec.S) { h.AssertSliceNotContains(t, configProvider.ContainerConfig().Cmd, "-stack") }) - when("extensions", func() { + when("there are extensions", func() { when("for run", func() { extensionsForRun = true