From ac391c3aa1b7811abddeef0e68a2916669687036 Mon Sep 17 00:00:00 2001
From: Road Surfer <jasonirwin73+gitlab@gmail.com>
Date: Tue, 13 Aug 2024 20:56:36 +0000
Subject: [PATCH] fix(build): support metadata labels and build command
 arguments containing spaces

Signed-off-by: Jason "RoadSurfer" Irwin <jasonirwin73+gitlab@gmail.com>
---
 README.md                      | 15 +++++++++++++++
 kicker.json                    |  6 +++---
 templates/gitlab-ci-docker.yml | 20 ++++++++++----------
 3 files changed, 28 insertions(+), 13 deletions(-)

diff --git a/README.md b/README.md
index 802407c..ec649c5 100644
--- a/README.md
+++ b/README.md
@@ -358,6 +358,21 @@ You may disable this feature by setting `DOCKER_METADATA` to empty or you can ov
 DOCKER_BUILD_ARGS: "--label org.opencontainers.image.title=my-project"
 ```
 
+If a label contains spaces then quotes need to be correctly escaped:
+
+```yaml
+DOCKER_BUILD_ARGS: "--label \"org.opencontainers.image.title=my project\""
+```
+
+or
+
+```yaml
+DOCKER_BUILD_ARGS: |-
+  --label "org.opencontainers.image.title=my project"
+```
+
+The `DOCKER_METADATA` variable can be overwritten in a similar way, but you will need to ensure that **all** relevant values are added.
+
 If you have defined one of those labels in the Dockerfile, the final value will depend if image is built with Kaniko or Docker in Docker. With Kaniko, the value of the Dockerfile take precedence, while with DinD command-line argument take precedence.
 
 ### `docker-healthcheck` job
diff --git a/kicker.json b/kicker.json
index ffd0a49..2a793e4 100644
--- a/kicker.json
+++ b/kicker.json
@@ -77,12 +77,12 @@
     },
     {
       "name": "DOCKER_BUILD_ARGS",
-      "description": "Additional docker/kaniko/buildah build arguments"
+      "description": "Additional docker/kaniko/buildah build arguments.\n\n_If values contain spaces, ensure any required quote are correctly escaped when needed (not supported for Kaniko)_"
     },
     {
       "name": "DOCKER_METADATA",
-      "description": "Additional metadata to set as labels",
-      "default": "--label org.opencontainers.image.url=${CI_PROJECT_URL} --label org.opencontainers.image.source=${CI_PROJECT_URL} --label org.opencontainers.image.title=${CI_PROJECT_PATH} --label org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME} --label org.opencontainers.image.revision=${CI_COMMIT_SHA} --label org.opencontainers.image.created=${CI_JOB_STARTED_AT}",
+      "description": "Additional metadata to set as labels.\n\nIf values contain spaces, ensure any required quote are correctly escaped when needed (not supported for Kaniko)_",
+      "default": "--label \"org.opencontainers.image.url=${CI_PROJECT_URL}\" --label \"org.opencontainers.image.source=${CI_PROJECT_URL}\" --label \"org.opencontainers.image.title=${CI_PROJECT_PATH}\" --label \"org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME}\" --label \"org.opencontainers.image.revision=${CI_COMMIT_SHA}\" --label \"org.opencontainers.image.created=${CI_JOB_STARTED_AT}\"",
       "advanced": true
     },
     {
diff --git a/templates/gitlab-ci-docker.yml b/templates/gitlab-ci-docker.yml
index bc58e36..7bcd915 100644
--- a/templates/gitlab-ci-docker.yml
+++ b/templates/gitlab-ci-docker.yml
@@ -86,12 +86,12 @@ spec:
     metadata:
       description: Additional metadata to set as labels
       default: >-
-        --label org.opencontainers.image.url=${CI_PROJECT_URL}
-        --label org.opencontainers.image.source=${CI_PROJECT_URL}
-        --label org.opencontainers.image.title=${CI_PROJECT_PATH}
-        --label org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME}
-        --label org.opencontainers.image.revision=${CI_COMMIT_SHA}
-        --label org.opencontainers.image.created=${CI_JOB_STARTED_AT}
+        --label "org.opencontainers.image.url=${CI_PROJECT_URL}"
+        --label "org.opencontainers.image.source=${CI_PROJECT_URL}"
+        --label "org.opencontainers.image.title=${CI_PROJECT_PATH}"
+        --label "org.opencontainers.image.ref.name=${CI_COMMIT_REF_NAME}"
+        --label "org.opencontainers.image.revision=${CI_COMMIT_SHA}"
+        --label "org.opencontainers.image.created=${CI_JOB_STARTED_AT}"
     publish-args:
       description: Additional [`skopeo copy` arguments](https://github.com/containers/skopeo/blob/master/docs/skopeo-copy.1.md#options)
       default: ''
@@ -617,9 +617,9 @@ stages:
       kaniko_registry_mirror_option="--registry-mirror $(echo ${DOCKER_REGISTRY_MIRROR} | sed "s|^https*://||")"
     fi
     log_info "Build & deploy image $docker_image"
-    log_info "Kaniko command: /kaniko/executor ${TRACE+--verbosity debug} --context $(docker_context_path) --dockerfile $DOCKER_FILE --destination $docker_image ${kaniko_cache_args} $kaniko_registry_mirror_option $DOCKER_METADATA $DOCKER_BUILD_ARGS $*"
+    log_info "Kaniko command: echo $DOCKER_METADATA $DOCKER_BUILD_ARGS $* | xargs /kaniko/executor ${TRACE+--verbosity debug} --context $(docker_context_path) --dockerfile $DOCKER_FILE --destination $docker_image ${kaniko_cache_args} $kaniko_registry_mirror_option"
     # shellcheck disable=SC2086
-    /kaniko/executor ${TRACE+--verbosity debug} --context "$(docker_context_path)" --dockerfile "$DOCKER_FILE" --destination "$docker_image" ${kaniko_cache_args} $kaniko_registry_mirror_option $DOCKER_METADATA $DOCKER_BUILD_ARGS "$@"
+    echo $DOCKER_METADATA $DOCKER_BUILD_ARGS "$@" | xargs /kaniko/executor ${TRACE+--verbosity debug} --context "$(docker_context_path)" --dockerfile "$DOCKER_FILE" --destination "$docker_image" ${kaniko_cache_args} $kaniko_registry_mirror_option
   }
 
   # Used by containers tools like buildah, skopeo.
@@ -799,7 +799,7 @@ docker-dind-build:
         log_info "Build cache enabled; CLI options: ${dind_cache_args}"
       fi
     # Build using cache if exist
-    - docker build --file "$DOCKER_FILE" ${dind_cache_args} --tag $DOCKER_SNAPSHOT_IMAGE --build-arg http_proxy="$http_proxy" --build-arg https_proxy="$https_proxy" --build-arg no_proxy="$no_proxy" $DOCKER_METADATA $DOCKER_BUILD_ARGS "$(docker_context_path)"
+    - echo $DOCKER_METADATA $DOCKER_BUILD_ARGS "$(docker_context_path)" | xargs docker build --file "$DOCKER_FILE" ${dind_cache_args} --tag $DOCKER_SNAPSHOT_IMAGE --build-arg http_proxy="$http_proxy" --build-arg https_proxy="$https_proxy" --build-arg no_proxy="$no_proxy"
     - docker push $DOCKER_SNAPSHOT_IMAGE
     # Display the size of each layer
     - docker history $DOCKER_SNAPSHOT_IMAGE
@@ -842,7 +842,7 @@ docker-buildah-build:
       log_info "Buildah version:"
       buildah version
     # build and push image
-    - buildah build --file "$DOCKER_FILE" --tag $DOCKER_SNAPSHOT_IMAGE $buildah_cache_args --build-arg http_proxy="$http_proxy" --build-arg https_proxy="$https_proxy" --build-arg no_proxy="$no_proxy" $DOCKER_METADATA $DOCKER_BUILD_ARGS "$(docker_context_path)"
+    - echo $DOCKER_METADATA $DOCKER_BUILD_ARGS "$(docker_context_path)" | xargs buildah build --file "$DOCKER_FILE" --tag $DOCKER_SNAPSHOT_IMAGE $buildah_cache_args --build-arg http_proxy="$http_proxy" --build-arg https_proxy="$https_proxy" --build-arg no_proxy="$no_proxy"
     - buildah push --digestfile .img-digest.txt "$DOCKER_SNAPSHOT_IMAGE"
     # display digest of the resulting image
     - cat .img-digest.txt
-- 
GitLab