JenkinsHow-ToBeginner · 4 min read

How to Use Kaniko in Jenkins for Container Image Builds

To use kaniko in Jenkins, configure a Jenkins pipeline that runs the Kaniko container to build your Docker images inside a Kubernetes pod or Docker container. Kaniko builds images without requiring Docker daemon access, making it ideal for secure CI/CD pipelines.

📐

Syntax

The basic syntax to run Kaniko in Jenkins involves executing the Kaniko container with parameters specifying the Dockerfile location, context, and destination image.

--dockerfile: Path to your Dockerfile.
--context: Build context, usually a directory or Git repo.
--destination: Target image name with registry.
--cache=true: Optional, enables caching for faster builds.

bash

/kaniko/executor --dockerfile=/workspace/Dockerfile --context=dir:///workspace/ --destination=gcr.io/my-project/my-image:tag --cache=true

💻

Example

This example shows a Jenkins pipeline using a Kubernetes pod with Kaniko to build and push a Docker image to Google Container Registry.

groovy

pipeline {
  agent {
    kubernetes {
      yaml '''
apiVersion: v1
kind: Pod
spec:
  containers:
  - name: kaniko
    image: gcr.io/kaniko-project/executor:v1.10.0
    args: ["--dockerfile=/workspace/Dockerfile", "--context=dir:///workspace/", "--destination=gcr.io/my-project/my-image:latest", "--cache=true"]
    volumeMounts:
    - name: kaniko-secret
      mountPath: /kaniko/.docker
  volumes:
  - name: kaniko-secret
    secret:
      secretName: kaniko-secret
'''
  }
  stages {
    stage('Build and Push Image') {
      steps {
        container('kaniko') {
          sh '/kaniko/executor --dockerfile=/workspace/Dockerfile --context=dir:///workspace/ --destination=gcr.io/my-project/my-image:latest --cache=true'
        }
      }
    }
  }
}

Output

INFO[0000] Retrieving image manifest gcr.io/my-project/my-image:latest INFO[0001] Built image to gcr.io/my-project/my-image:latest INFO[0001] Pushed image to gcr.io/my-project/my-image:latest

⚠️

Common Pitfalls

Common mistakes when using Kaniko in Jenkins include:

Not mounting Docker config secrets, causing authentication failures when pushing images.
Using incorrect context paths, leading to build errors.
Running Kaniko without proper permissions on Kubernetes or Jenkins agents.
Forgetting to specify the --destination flag, so images are not pushed.

bash

Wrong:
sh '/kaniko/executor --dockerfile=Dockerfile --context=./ --destination='  # Missing destination

Right:
sh '/kaniko/executor --dockerfile=Dockerfile --context=dir:///workspace/ --destination=gcr.io/my-project/my-image:latest'

📊

Quick Reference

Tips for using Kaniko in Jenkins pipelines:

Use Kubernetes pods with Kaniko container for isolated builds.
Store Docker registry credentials in Kubernetes secrets and mount them.
Use absolute paths with dir:// prefix for context.
Enable caching with --cache=true for faster builds.
Always specify --destination to push images.

✅

Key Takeaways

Kaniko builds container images without Docker daemon, ideal for Jenkins CI/CD pipelines.

Run Kaniko inside Kubernetes pods or containers with proper Docker registry secrets mounted.

Always specify the --destination flag to push images to your registry.

Use absolute context paths with dir:// prefix to avoid build errors.

Enable caching with --cache=true to speed up repeated builds.