Build and deploy Go applications on Kubernetes


ko: Easy Go Containers

Travis Build Status GitHub Actions Build Status GoDoc Go Report Card

ko is a simple, fast container image builder for Go applications.

It's ideal for use cases where your image contains a single Go application without any/many dependencies on the OS base image (e.g., no cgo, no OS package dependencies).

ko builds images by effectively executing go build on your local machine, and as such doesn't require docker to be installed. This can make it a good fit for lightweight CI/CD use cases.

ko also includes support for simple YAML templating which makes it a powerful tool for Kubernetes applications (See below).



Install from Releases

VERSION=TODO # choose the latest version
OS=Linux     # or Darwin
ARCH=x86_64  # or arm64, i386, s390x
curl -L${VERSION}/ko_${VERSION}_${OS}_${ARCH}.tar.gz | tar xzf - ko
chmod +x ./ko

Install using Homebrew

brew install ko

Build and Install from Source

With Go 1.16+, build and install the latest released version:

go install


ko depends on the authentication configured in your Docker config (typically ~/.docker/config.json). If you can push an image with docker push, you are already authenticated for ko.

Since ko doesn't require docker, ko login also provides a surface for logging in to a container image registry with a username and password, similar to docker login.

Choose Destination

ko depends on an environment variable, KO_DOCKER_REPO, to identify where it should push images that it builds. Typically this will be a remote registry, e.g.:

  •, or
  • KO_DOCKER_REPO=my-dockerhub-user

Build an Image

ko publish ./cmd/app builds and pushes a container image, and prints the resulting image digest to stdout.

ko publish ./cmd/app
...[email protected]:6e398316742b7aa4a93161dce4a23bc5c545700b862b43347b941000b112ec3e

Because the output of ko publish is an image reference, you can easily pass it to other tools that expect to take an image reference:

To run the container:

docker run -p 8080:8080 $(ko publish ./cmd/app)

Or, for example, to deploy it to other services like Cloud Run:

gcloud run deploy --image=$(ko publish ./cmd/app)


Aside from KO_DOCKER_REPO, you can configure ko's behavior using a .ko.yaml file. The location of this file can be overridden with KO_CONFIG_PATH.

Overriding Base Images

By default, ko bases images on This is a small image that provides the bare necessities to run your Go binary.

You can override this base image in two ways:

  1. To override the base image for all images ko builds, add this line to your .ko.yaml file:
  1. To override the base image for certain importpaths:

Naming Images

ko provides a few different strategies for naming the image it pushes, to workaround certain registry limitations and user preferences:

Given, by default, ko publish ./cmd/app will produce an image named like<md5>, which includes the MD5 hash of the full import path, to avoid collisions.

  • --preserve-import-path (-P) will include the entire importpath:
  • --base (-B) will omit the MD5 portion:
  • --bare will only include the KO_DOCKER_REPO:

Local Publishing Options

ko is normally used to publish images to container image registries, identified by KO_DOCKER_REPO.

ko can also publish images to a local Docker daemon, if available, by setting KO_DOCKER_REPO=ko.local, or by passing the --local (-L) flag.

ko can also publish images to a local KinD cluster, if available, by setting KO_DOCKER_REPO=kind.local.

Multi-Platform Images

Because Go supports cross-compilation to other CPU architectures and operating systems, ko excels at producing multi-platform images.

To build and push an image for all platforms supported by the configured base image, simply add --platform=all. This will instruct ko to look up all the supported platforms in the base image, execute GOOS=<os> GOARCH=<arch> GOARM=<variant> go build for each platform, and produce a manifest list containing an image for each platform.

You can also select specific platforms, for example, --platform=linux/amd64,linux/arm64

Static Assets

ko can also bundle static assets into the images it produces.

By convention, any contents of a directory named <importpath>/kodata/ will be bundled into the image, and the path where it's available in the image will be identified by the environment variable KO_DATA_PATH.

As an example, you can bundle and serve static contents in your image:


Then, in your main.go:

func main() {
    http.Handle("/", http.FileServer(http.Dir(os.Getenv("KO_DATA_PATH"))))
    log.Fatal(http.ListenAndServe(":8080", nil))

You can simulate ko's behavior outside of the container image by setting the KO_DATA_PATH environment variable yourself:

KO_DATA_PATH=cmd/app/kodata/ go run ./cmd/app

Tip: Symlinks in kodata are followed and included as well. For example, you can include Git commit information in your image with:

ln -s -r .git/HEAD ./cmd/app/kodata/

Kubernetes Integration

You could stop at just building and pushing images.

But, because building images is so easy with ko, and because building with ko only requires a string importpath to identify the image, we can integrate this with YAML generation to make Kubernetes use cases much simpler.

YAML Changes

Traditionally, you might have a Kubernetes deployment, defined in a YAML file, that runs an image:

apiVersion: apps/v1
kind: Deployment
  name: my-deployment
  replicas: 3
      - name: my-app

...which you apply to your cluster with kubectl apply:

kubectl apply -f deployment.yaml

With ko, you can instead reference your Go binary by its importpath, prefixed with ko://:

      - name: my-app
        image: ko://

ko resolve

With this small change, running ko resolve -f deployment.yaml will instruct ko to:

  1. scan the YAML file(s) for values with the ko:// prefix,
  2. for each unique ko://-prefixed string, execute ko publish <importpath> to build and push an image,
  3. replace ko://-prefixed string(s) in the input YAML with the fully-specified image reference of the built image(s), for example:
    - name: my-app
      image:[email protected]:deadb33f...
  1. Print the resulting resolved YAML to stdout.

The result can be redirected to a file, to distribute to others:

ko resolve -f config/ > release.yaml

Taken together, ko resolve aims to make packaging, pushing, and referencing container images an invisible implementation detail of your Kubernetes deployment, and let you focus on writing code in Go.

ko apply

To apply the resulting resolved YAML config, you can redirect the output of ko resolve to kubectl apply:

ko resolve -f config/ | kubectl apply -f -

Since this is a relatively common use case, the same functionality is available using ko apply:

ko apply -f config/

NB: This requires that kubectl is available.

ko delete

To teardown resources applied using ko apply, you can run ko delete:

ko delete -f config/

This is purely a convenient alias for kubectl delete, and doesn't perform any builds, or delete any previously built images.

Frequently Asked Questions

How can I set ldflags?

Using -ldflags is a common way to embed version info in go binaries (In fact, we do this for ko!). Unforunately, because ko wraps go build, it's not possible to use this flag directly; however, you can use the GOFLAGS environment variable instead:

GOFLAGS="-ldflags=-X=main.version=1.2.3" ko publish .

Why are my images all created in 1970?

In order to support reproducible builds, ko doesn't embed timestamps in the images it produces by default; however, ko does respect the SOURCE_DATE_EPOCH environment variable.

For example, you can set this to the current timestamp by executing:

export SOURCE_DATE_EPOCH=$(date +%s)

or to the latest git commit's timestamp with:

export SOURCE_DATE_EPOCH=$(git log -1 --format='%ct')

Can I optimize images for eStargz support?

Yes! Set the environment variable GGCR_EXPERIMENT_ESTARGZ=1 to produce eStargz-optimized images.

Does ko support autocompletion?

Yes! ko completion generates a Bash completion script, which you can add to your bash_completion directory:

ko completion > /usr/local/etc/bash_completion.d/ko

Or, you can source it directly:

source <(ko completion)

Does ko work with Kustomize?

Yes! ko resolve -f - will read and process input from stdin, so you can have ko easily process the output of the kustomize command.

kustomize build config | ko resolve -f -


This work is based heavily on learnings from having built the Docker and Kubernetes support for Bazel. That work was presented here.

  • Multi-platform ko

    Multi-platform ko

    This is a sketch of what I had in mind for

    For this PR, I've set the default base image for this repo to ubuntu so that you can just fetch this branch and run ko publish ./cmd/ko to test out the change. It should build a different binary for every platform and publish a manifest list instead of just a manifest.

    $ ko publish ./cmd/ko
    2019/06/17 14:04:04 Using base for
    2019/06/17 14:04:04 No matching credentials were found, falling back on anonymous
    2019/06/17 14:04:06 Building
    2019/06/17 14:04:12 Building
    2019/06/17 14:04:15 Building
    2019/06/17 14:04:19 Building
    2019/06/17 14:04:23 Building
    2019/06/17 14:04:27 Building
    2019/06/17 14:04:30 Publishing
    2019/06/17 14:04:32 existing manifest: sha256:e66f9706d017b28a5f63fd2b1a9395a43852bb8691c2a3d789bf6187ed2a83ef
    2019/06/17 14:04:32 existing manifest: sha256:6ae8959c22069d43bbaa848496237a653f4644244f638d11aa05dee555e2d7d9
    2019/06/17 14:04:32 existing manifest: sha256:d835632ac512ee32b2489d44c15ecb03a139785b2e3d475a07670288fc95242e
    2019/06/17 14:04:32 existing manifest: sha256:ce8f3571502ac3b5c86f1d527c712abd4cad953c97f24ba9b28a6505e502f1ad
    2019/06/17 14:04:32 existing manifest: sha256:5c60f74c26ec1726f06e6c35ca1a3aee0c567d37001143ec70e9cc6f5b1a763b
    2019/06/17 14:04:33 existing manifest: sha256:c1940d8d12f448cf17212cf76e012d8b8480e0b033fac5ff6068402a8f0f590f
    2019/06/17 14:04:34 digest: sha256:96ac9a314510e380cf3dd3aae3abc51dad577eecf53ebf6691f0c4d665d90621 size: 1411
    2019/06/17 14:04:34 Published[email protected]:96ac9a314510e380cf3dd3aae3abc51dad577eecf53ebf6691f0c4d665d90621[email protected]:96ac9a314510e380cf3dd3aae3abc51dad577eecf53ebf6691f0c4d665d90621
    $ crane manifest[email protected]:96ac9a314510e380cf3dd3aae3abc51dad577eecf53ebf6691f0c4d665d90621 | jq .
      "schemaVersion": 2,
      "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json",
      "manifests": [
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "size": 1073,
          "digest": "sha256:e66f9706d017b28a5f63fd2b1a9395a43852bb8691c2a3d789bf6187ed2a83ef",
          "platform": {
            "architecture": "amd64",
            "os": "linux"
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "size": 1073,
          "digest": "sha256:6ae8959c22069d43bbaa848496237a653f4644244f638d11aa05dee555e2d7d9",
          "platform": {
            "architecture": "arm",
            "os": "linux",
            "variant": "v7"
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "size": 1073,
          "digest": "sha256:d835632ac512ee32b2489d44c15ecb03a139785b2e3d475a07670288fc95242e",
          "platform": {
            "architecture": "arm64",
            "os": "linux",
            "variant": "v8"
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "size": 1073,
          "digest": "sha256:ce8f3571502ac3b5c86f1d527c712abd4cad953c97f24ba9b28a6505e502f1ad",
          "platform": {
            "architecture": "386",
            "os": "linux"
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "size": 1073,
          "digest": "sha256:5c60f74c26ec1726f06e6c35ca1a3aee0c567d37001143ec70e9cc6f5b1a763b",
          "platform": {
            "architecture": "ppc64le",
            "os": "linux"
          "mediaType": "application/vnd.docker.distribution.manifest.v2+json",
          "size": 1073,
          "digest": "sha256:c1940d8d12f448cf17212cf76e012d8b8480e0b033fac5ff6068402a8f0f590f",
          "platform": {
            "architecture": "s390x",
            "os": "linux"

    I haven't actually tested pulling/running this on different platforms (I don't have any), so YMMV, but publishing works 👍

    I don't actually like this very much because I've made every package deal with a new abstraction (I've called it Steve so that we don't ever merge this) that can represent either base image or a base manifest list. A better approach would probably be to make everything deal with a manifest list to simplify things.

    When pulling base image:

    • if it's a manifest list, pass that along as the base
    • if it's an image, wrap it as a singleton manifest list

    When publishing the artifacts:

    • if it's a singleton manifest list, unwrap it and publish just the image
    • otherwise, publish it as a manifest list

    This isn't perfect (what if the user actually does want to publish a singleton manifest list?), so maybe it's not the best idea. Open to suggestions :)

    opened by jonjohnsonjr 36
  • Sign released ko binaries

    Sign released ko binaries

    Let's consider adding a signing step for ko binaries and container images with cosign? Or we should sign a checksum file as GoReleaser did ^1

    cc: @dentrax @imjasonh @jonjohnsonjr

    opened by developer-guy 27
  • Add `pkg/v1/kind` for writing images to KinD

    Add `pkg/v1/kind` for writing images to KinD

    I think we want something like:

    ... but to write it directly to KinD.

    cc @BenTheElder for pointers on the best API.

    I'd love to get some mechanism like this so that we can support something like: KO_DOCKER_REPO=kind.local

    opened by mattmoor 23
  • SBOM can't be pushed to

    SBOM can't be pushed to

    $ ko version
    $ ko build ./
    2021/12/13 14:45:40 Using base golang:1.17 for
    2021/12/13 14:45:41 Building for linux/amd64
    2021/12/13 14:46:56 Publishing
    2021/12/13 14:46:57 pushed blob: sha256:e4a33f5890d928895f7523a8d66d79aa990509a633e6b81d0e0006a55725f13f
    2021/12/13 14:46:59 pushed blob: sha256:1ce30adc04063fdbfb60f34e83f3ec62e91c03e4b310586239902c782f4eac7c
    Error: failed to publish images: error publishing ko:// writing sbom: PUT MANIFEST_INVALID: manifest invalid; map[message:manifest schema version not supported]
    2021/12/13 14:46:59 error during command execution:failed to publish images: error publishing ko:// writing sbom: PUT MANIFEST_INVALID: manifest invalid; map[message:manifest schema version not supported]

    If SBOM publishing was opt-in I'd say this is WAI and fine, but it's going to be a pretty bad experience for happy ko users who push to Quay (and other similar registries) when they upgrade to the next release.

    Should we log-and-continue if SBOM publishing fails?


    opened by imjasonh 22
  • Publish a `ko` image

    Publish a `ko` image

    In and I'm adding dogfooding CI/CD logic for publishing tekton pipelines images and yamls.

    This means I want to create a Task step or steps which invoke ko, since this is how we currently build and publish our images (via a bash script).

    To do this, I need a container with ko installed. For now I'll have a first step that installs ko, but would be great if a ko image could be published and available for folks to use.

    (Looks like #358 might be related but I'm not sure?)

    release lifecycle/frozen 
    opened by bobcatfish 22
  • RFC: Switch default base image to

    RFC: Switch default base image to

    The current default base image is, which we switched two about 2 years ago in (from the non-nonroot variant).

    I'd like to propose we switch the default base image to (which is also non-root), produced using apko nightly, from here

    Like, is signed (keylessly!). It also includes a generated SBOM of the base image contents, and an attestation about how it was built.

    Being on GitHub Actions, its build process and logs are more visible and publicly auditable.

    Being defined in not-Bazel, in a not-Google-owned repo, makes it easier to contribute changes to it.

    If this proposal is accepted, I'd like to suggest adding a warning when defaultBaseImage is not set, saying that the change is coming in a future release.

    If you want to retain the existing base image, simply add defaultBaseImage: To opt-in to the change before it's imposed on you automatically in a future release, defaultBaseImage:

    Then we cut a release with that warning, wait a release, change the default base image and remove the warning.


    @jonjohnsonjr @mattmoor

    opened by imjasonh 17
  • v0.8.0 tarball sha256 change?

    v0.8.0 tarball sha256 change?

    I'm attempting to update Homebrew's version of Go (Homebrew/homebrew-core#71289).

    While testing the new version, CI produced the following error:

    ==> FAILED
    ==> Downloading
    ==> Downloading from
    Error: SHA256 mismatch
    Expected: 8ecb73697915b19ae5f3a647d877656ccaaa9f46f6c5f22e81cb8763cc0a8a18
      Actual: a1b90267574102d3fb43cab7587bbe54f221e5b79ca731781a89c7d0c1f5b2ef
        File: /Users/brew/Library/Caches/Homebrew/downloads/c4c486f4e0ec600d534026b410741c7c8c34fd303b2ff15714940e8e7eeeca56--ko-0.8.0.tar.gz

    I can update the sha256 associated with ko, but CI will come back to me with the following error:


    • stable sha256 changed without the url/version also changing; please create an issue upstream to rule out malicious circumstances and to find out why the file changed.

    Could someone help understand why the tarball sha might have changed?

    opened by roopakv 17
  • KO not authenticating against the target docker registry/repo

    KO not authenticating against the target docker registry/repo

    After successfully using KO to build the NATS channel controller and dispatcher, KO failed to deploy the image to the target registry, in this case,

    below are the execution steps to replicate this issue

    1. set KO_DOCKER_REPO = pkaisharis [account name]
    2. run ko apply -f natss/config
    3. execution results
    2019/09/24 15:00:54 Publishing
    2019/09/24 15:00:54 Publishing
    2019/09/24 15:00:56 error processing import paths in "natss/config/500-dispatcher.yaml": unsupported status code 401

    Below is the auth config from .docker/config.json

    	"auths": {
    		"": {}
    	"HttpHeaders": {
    		"User-Agent": "Docker-Client/19.03.2 (linux)"
    	"credsStore": "secretservice"
    opened by pksurferdad 17
  • ko hangs when used with ASDF installed Go

    ko hangs when used with ASDF installed Go

    I am able to reproduce either a bug, or a misconfiguration that could perhaps use a better error message of some sort.

    The reproduction is here at StevenACoffman/repro.


    If you clone that repo and run:

    cd sub
    ko publish -B --bare --local --platform=linux/amd64 --push=false .

    The terminal will just hang there until you hit Ctrl-c.

    At which point, it will then say:

    ^CError: error creating builder: 'builds': entry #0 does not contain a valid local import path (./.) for directory (.): err: signal: interrupt: stderr:
    2021/12/12 21:00:19 error during command execution:error creating builder: 'builds': entry #0 does not contain a valid local import path (./.) for directory (.): err: signal: interrupt: stderr:

    However, if you delete the .ko.yaml file in that directory and run it again, things work as you'd expect.

    rm .ko.yaml
    ko publish -B --bare --local --platform=linux/amd64 --push=false .

    I have tried a number of different possible values for "main" and "dir" and "id" in the .ko.yaml file, including omitting them altogether. For instance, setting the main: to the values, ., and main don't seem to affect this hanging behavior.

    .ko.yaml contents:

    # KO_DOCKER_REPO should be either kind.local
    # (for KinD) or ko.local
      # You can have multiple builds defined as a yaml list
        # ID of the build.
        # Defaults to the project name.
        id: "my-build"
        # Path to project's (sub)directory containing Go code.
        # This is the working directory for the Go build command(s).
        # Default is `.`.
        dir: .
        # Path to main.go file or main package.
        # Notice: when used with `gomod.proxy`, this must be a package.
        # Default is `.`.
          - -s 
          - -w
          - -X main.AppName=Working
        # Custom environment variables to be set during the builds.
        # Default is empty.
          - CGO_ENABLED=0

    Any help or tips would be greatly appreciated!

    opened by StevenACoffman 16
  • Allow comma-separated list of platforms

    Allow comma-separated list of platforms



    $ ko publish -B --platform=linux/amd64,linux/arm64 ./cmd/ko/
    2020/12/07 13:57:20 Using base for
    2020/12/07 13:57:21 Building for linux/amd64
    2020/12/07 13:57:25 Building for linux/arm64
    2020/12/07 13:57:29 Publishing
    2020/12/07 13:57:30 existing blob: sha256:72164b581b02b1eb297b403bcc8fc1bfa245cb52e103a3a525a0835a58ff58e2
    2020/12/07 13:57:30 existing blob: sha256:e59bd8947ac7af2c8f4403b183326986ab554bbc262739cf5d9d596c7c7a3aca
    2020/12/07 13:57:31 pushed blob: sha256:314bd22f324d73c81d23dd94a14e3a4df6a591381e39b9164163208115c23ae4
    2020/12/07 13:57:33 pushed blob: sha256:dd714425e64113dddc2cf7a21a1b7f47c20ae29dc2072284b64fe1e7b82a5307
    2020/12/07 13:57:33[email protected]:cb6a0c6cb99e6c7b1d7dfd598484d0d25b74e15a69837f3d87c08c58ee7f88e2: digest: sha256:cb6a0c6cb99e6c7b1d7dfd598484d0d25b74e15a69837f3d87c08c58ee7f88e2 size: 751
    2020/12/07 13:57:34 existing blob: sha256:72164b581b02b1eb297b403bcc8fc1bfa245cb52e103a3a525a0835a58ff58e2
    2020/12/07 13:57:34 existing blob: sha256:d34b09c140e4b67f2c6214e24f26a68bc6b17c28d42f0dda89db38ad03488416
    2020/12/07 13:57:35 pushed blob: sha256:99af2cd1b289d3a47aba52934e2ac8c4037e92563e8a4d119b5d0e040f5b9ed3
    2020/12/07 13:57:37 pushed blob: sha256:052d3194d06e9194d60e7dcdce4c7d8e91df952f34dfddd461ce181732342db2
    2020/12/07 13:57:37[email protected]:ca19f1aa2adc983e55c1eb7d6af1ed8574991ff6762eccec8ef7b5e5d965d1ce: digest: sha256:ca19f1aa2adc983e55c1eb7d6af1ed8574991ff6762eccec8ef7b5e5d965d1ce size: 751
    2020/12/07 13:57:38 digest: sha256:03ed41dd8676e9988fb4958366cf8d38fbb39e576d5b09bb1cc108c937e6d7ff size: 529
    2020/12/07 13:57:38 Published[email protected]:03ed41dd8676e9988fb4958366cf8d38fbb39e576d5b09bb1cc108c937e6d7ff[email protected]:03ed41dd8676e9988fb4958366cf8d38fbb39e576d5b09bb1cc108c937e6d7ff
    cla: yes 
    opened by jonjohnsonjr 16
  • ko stops building containers after Golang updates

    ko stops building containers after Golang updates

    After each minor Golang version bump (e.g. 1.13.2 -> 1.13.3), ko apply no longer builds container images but happily applies the yaml untransformed, which leads with image pull errors on the cluster. After reinstalling ko, it works again as expected.

    Ideally ko would continue to work after a Golang update, but if not, it should fail loudly and demand to be reinstalled.

    opened by scothis 15
  • `KO_CONFIG_PATH` pointing to a file doesn't work

    `KO_CONFIG_PATH` pointing to a file doesn't work

    It seems like setting KO_CONFIG_PATH to a file instead of a folder doesn't work. This commit seems to make it work but for some reason, it doesn't.

    On tektoncd/pipeline repo.

    $ ko version
    $ cat /tmp/.ko.yaml
    baseImageOverrides:[email protected]:33a5146f205123032bce00d2785d62729f55d91b9d2befee37091a153a0fee18[email protected]:33a5146f205123032bce00d2785d62729f55d91b9d2befee37091a153a0fee18[email protected]:33a5146f205123032bce00d2785d62729f55d91b9d2befee37091a153a0fee18
      # git-init uses a base image that includes Git, and supports running either
      # as root or as user nonroot with UID 65532.
    $ cat .ko.yaml
      # git-init uses a base image that includes Git, and supports running either
      # as root or as user nonroot with UID 65532.
    $ KO_CONFIG_PATH=/tmp/.ko.yaml ko resolve -f config > /tmp/foo.yaml
    # […]
    2023/01/04 10:20:09 Using base[email protected]:be400c5f4fa4d8b07fa6a4c6f0e264403f348c7b13606d49fef3f5b5e97f16d8 for
    # […]
    $ rm .ko.yaml
    $ KO_CONFIG_PATH=/tmp/.ko.yaml ko resolve -f config > /tmp/foo.yaml
    # […]
    2023/01/04 10:20:39 Using base[email protected]:be400c5f4fa4d8b07fa6a4c6f0e264403f348c7b13606d49fef3f5b5e97f16d8 for
    # […]
    $ KO_CONFIG_PATH=/tmp/ ko resolve -f config > /tmp/foo.yaml
    # […]
    2023/01/04 10:21:08 Using base[email protected]:be400c5f4fa4d8b07fa6a4c6f0e264403f348c7b13606d49fef3f5b5e97f16d8 for
    # […]
    2023/01/04 10:21:09 Using base[email protected]:33a5146f205123032bce00d2785d62729f55d91b9d2befee37091a153a0fee18 for
    # […]
    $ git co .ko.yaml # trying with a .ko.yaml in path
    $ KO_CONFIG_PATH=/tmp/ ko resolve -f config > /tmp/foo.yaml
    2023/01/04 10:28:30 Using base[email protected]:be400c5f4fa4d8b07fa6a4c6f0e264403f348c7b13606d49fef3f5b5e97f16d8 for
    # […]
    2023/01/04 10:28:31 Using base[email protected]:33a5146f205123032bce00d2785d62729f55d91b9d2befee37091a153a0fee18 for
    # […]


    cc @imjasonh @benmoss

    opened by vdemeester 1
  • [WIP] Feature: Add support for verifying base image policies.

    [WIP] Feature: Add support for verifying base image policies.

    :gift: This implements the very basics from my recent comment on #356.

    This still needs a bunch of work, but some playing with it and go run seem to demonstrate what I'd hope for.

    Things I'd like to do still:

    • [x] Add validation that warns/errors if aspects of CIP irrelevant outside K8s are used (e.g. match:, includeSpec:),
    • [x] Expand unit test coverage significantly,
    • [x] Move pkg/policy upstream to sigstore/policy-controller to facilitate using this in other projects with similar ease (e.g. kaniko, buildpacks, ...)
    • [ ] e2e tests with verification failures

    /kind feature


    opened by mattmoor 2
  • Nested config doesn't resolve build path as expected

    Nested config doesn't resolve build path as expected

    Hi, I'm struggling with using a nested config. It doesn't resolve the build path as expected and therefore the build options are not used.

    I created a minimal reproducible example here:

    The expected output in this project is: tag is used but I didn't manage to get the tag to be used ko.

    opened by bluebrown 0
  • enable guessing local environment os/arch by using local as option for platform flag

    enable guessing local environment os/arch by using local as option for platform flag

    Some of the tools are supporting to accept local as a value for their platform flag, such as Docker Buildx, regctl. So, can we do the same thing for ko instead of throwing an error like the following:

    $ ko build -B  --platform local --tags buildinfo .
    Error: failed to publish images: error building "ko://": no matching platforms in base image index
    2022/12/15 15:08:57 error during command execution:failed to publish images: error building "ko://": no matching platforms in base image index

    /cc @dentrax

    opened by developer-guy 1
  • CNCF TAG-Runtime Discussion/Presentation (?)

    CNCF TAG-Runtime Discussion/Presentation (?)

    Hello ko team,

    I'm one of the co-chairs of the CNCF TAG-Runtime. I believe you had an agenda item to present the project in our meeting. For example, it would be great to learn things like the roadmap, tech, community, general overview of the project.

    Feel free to add it to our agenda or reach out to me (raravena80 at at your convenience.


    opened by raravena80 1
  • v0.12.0(Aug 24, 2022)

    What's Changed

    • Bump from 20.10.13+incompatible to 20.10.14+incompatible by @dependabot in
    • Add purls to SPDX sbom by @puerco in
    • Bump actions/setup-go from 2 to 3 by @dependabot in
    • Bump sigstore/cosign-installer from 2.1.0 to 2.2.0 by @dependabot in
    • Bump codecov/codecov-action from 2.1.0 to 3.0.0 by @dependabot in
    • Bump actions/upload-artifact from 2 to 3 by @dependabot in
    • Bump ecr-login dep and update WithLogger callsite by @imjasonh in
    • check and use the latest go available for the defined version by @cpanato in
    • Bump from 0.23.5 to 0.23.6 by @dependabot in
    • Bump codecov/codecov-action from 3.0.0 to 3.1.0 by @dependabot in
    • Bump from 1.10.1 to 1.11.0 by @dependabot in
    • Bump from 0.11.3 to 0.11.4 by @dependabot in
    • Bump from 0.5.7 to 0.5.8 by @dependabot in
    • Bump sigstore/cosign-installer from 2.2.1 to 2.3.0 by @dependabot in
    • Bump github/codeql-action from 1 to 2 by @dependabot in
    • Fix texts regarding SBOM by @otms61 in
    • Bump from 0.23.6 to 0.24.0 by @dependabot in
    • Bump from 20.10.14+incompatible to 20.10.15+incompatible by @dependabot in
    • Bump from 0.12.0 to 0.13.0 by @dependabot in
    • Bump from 20.10.15+incompatible to 20.10.16+incompatible by @dependabot in
    • Bump from 0.13.0 to 0.14.0 by @dependabot in
    • Bump goreleaser/goreleaser-action from 2.9.1 to 3.0.0 by @dependabot in
    • Use sync.Map to cache base image lookups by @imjasonh in
    • Bump from 0.24.0 to 0.24.1 by @dependabot in
    • Bump from 1.11.0 to 1.12.0 by @dependabot in
    • add warning when using both --local and KO_DOCKER_REPO to ko.local by @cpanato in
    • Bump from 3.0.0 to 3.0.1 by @dependabot in
    • Bump deps to silence security alerts by @imjasonh in
    • check if have all and other platforms set in the --platform flag by @cpanato in
    • Bump from 1.8.0 to 1.9.0 by @dependabot in
    • docs(readme): add sbom section by @developer-guy in
    • allow refs-file to be read by other users by @seankhliao in
    • Bump from 0.1.10 to 0.1.11 by @dependabot in
    • Bump from 20.10.16+incompatible to 20.10.17+incompatible by @dependabot in
    • Bump sigstore/cosign-installer from 2.3.0 to 2.4.0 by @dependabot in
    • build: Imply current import path by @imjasonh in
    • Allow KO_CONFIG_PATH to be a file by @benmoss in
    • Bump from 0.24.1 to 0.24.2 by @dependabot in
    • Bump from 0.9.0 to 0.10.0 by @dependabot in
    • Bump from 1.4.0 to 1.5.0 by @dependabot in
    • Update base image to by @imjasonh in
    • Convert our SPDX SBOMs to spdx+json. by @mattmoor in
    • Fix off-by-one error by @mattmoor in
    • Add externalDocumentRefs to SPDX doc type by @puerco in
    • Bump sigstore/cosign-installer from 2.4.0 to 2.4.1 by @dependabot in
    • Unconditionally set the base image annotation. by @mattmoor in
    • Start emitting multi-arch SBOMs for SPDX with ko by @mattmoor in
    • Add base image information to SPDX SBOMs by @mattmoor in
    • don't fail if LDFLAGS env isn't set by @imjasonh in
    • Several SPDX SBOM adjustments. by @mattmoor in
    • Decorate per-architecture images with base image annotations. by @mattmoor in
    • Have --image-refs list all images for multi-arch builds. by @mattmoor in
    • remove deprecated k8s flags support by @imjasonh in
    • Reject the -toolexec flag by @imjasonh in
    • Add installation instructions for Alpine by @imjasonh in
    • ko run: remove --generator flag by @imjasonh in
    • exercise symlink chasing without .git by @imjasonh in
    • Chore: bumped base image to go 1.18 by @ellistarn in
    • Add a delimiter before digest in the SPDX namespace by @mattmoor in
    • Bump from 0.24.2 to 0.24.3 by @dependabot in
    • Bump from 0.11.4 to 0.12.0 by @dependabot in
    • Use chainguard-dev/actions/setup-registry by @imjasonh in
    • bump go-containerregistry dependency by @imjasonh in
    • Remove redundant return path by @jonjohnsonjr in
    • fix GitHub Actions workflows by @imjasonh in
    • Deprecate ko deps by @imjasonh in
    • Set layer media types consistently by @imjasonh in
    • Add kind e2e test for ko run by @imjasonh in
    • Add tests that ko can push to and Dockerhub by @imjasonh in
    • Fix e2e push tests, these registries need --bare by @imjasonh in
    • Bump from 1.9.0 to 1.10.0 by @dependabot in
    • Bump from 0.1.11 to 0.1.12 by @dependabot in
    • Bump sigstore/cosign-installer from 2.4.1 to 2.5.0 by @dependabot in
    • Bump from 1.10.0 to 1.10.1 by @dependabot in
    • expose commands.ResolveFilesToWriter() method by @joshrwolf in
    • feat: generate SLSA provenance for release binaries by @laurentsimon in
    • adds org move message by @mchmarny in
    • update default base image to by @imjasonh in
    • Error if image platform does not match desired by @benmoss in
    • Bump from 0.24.3 to 0.24.4 by @dependabot in
    • Bump from 1.10.1 to 1.11.0 by @dependabot in
    • Bump sigstore/cosign-installer from 2.5.0 to 2.5.1 by @dependabot in
    • Extend ko.local and kind.local detection to include sub-repos by @imjasonh in
    • Support --tag and --tag-only with nop publisher by @imjasonh in

    New Contributors

    • @puerco made their first contribution in
    • @otms61 made their first contribution in
    • @seankhliao made their first contribution in
    • @ellistarn made their first contribution in
    • @joshrwolf made their first contribution in
    • @laurentsimon made their first contribution in
    • @mchmarny made their first contribution in

    Full Changelog:

    Source code(tar.gz)
    Source code(zip)
    attestation.intoto.jsonl(15.09 KB)
    checksums.txt(1.04 KB)
    ko_0.12.0_Darwin_arm64.tar.gz(8.49 MB)
    ko_0.12.0_Darwin_x86_64.tar.gz(8.80 MB)
    ko_0.12.0_Linux_arm64.tar.gz(7.76 MB)
    ko_0.12.0_Linux_i386.tar.gz(8.08 MB)
    ko_0.12.0_Linux_mips64le_hardfloat.tar.gz(7.17 MB)
    ko_0.12.0_Linux_ppc64le.tar.gz(7.48 MB)
    ko_0.12.0_Linux_s390x.tar.gz(8.12 MB)
    ko_0.12.0_Linux_x86_64.tar.gz(8.47 MB)
    ko_0.12.0_Windows_arm64.tar.gz(7.82 MB)
    ko_0.12.0_Windows_i386.tar.gz(8.38 MB)
    ko_0.12.0_Windows_x86_64.tar.gz(8.52 MB)
  • v0.11.2(Mar 22, 2022)


    • 9459e51df3c9d0e7b4c4ad385fcfd3433dacfeef: Bump (#664) (@dependabot[bot])
    • 61b3ccdd31796586c99b93b75125e0026f4215fb: Bump from 0.1.9 to 0.1.10 (#663) (@dependabot[bot])
    • 327a88fec05ea9f802e548eeba22ac3249526cfa: Bump from 0.23.4 to 0.23.5 (#662) (@dependabot[bot])
    • cefd28f093ffb342237aa9d692eee247e82235d5: go1.18: Preserve trailing tabs while massaging go version -m output (#668) (@tstromberg)
    Source code(tar.gz)
    Source code(zip)
    checksums.txt(1.04 KB)
    ko_0.11.2_Darwin_arm64.tar.gz(7.05 MB)
    ko_0.11.2_Darwin_x86_64.tar.gz(7.34 MB)
    ko_0.11.2_Linux_arm64.tar.gz(6.46 MB)
    ko_0.11.2_Linux_i386.tar.gz(6.75 MB)
    ko_0.11.2_Linux_mips64le_hardfloat.tar.gz(5.98 MB)
    ko_0.11.2_Linux_ppc64le.tar.gz(6.23 MB)
    ko_0.11.2_Linux_s390x.tar.gz(6.76 MB)
    ko_0.11.2_Linux_x86_64.tar.gz(7.08 MB)
    ko_0.11.2_Windows_arm64.tar.gz(6.51 MB)
    ko_0.11.2_Windows_i386.tar.gz(7.01 MB)
    ko_0.11.2_Windows_x86_64.tar.gz(7.13 MB)
  • v0.10.0(Feb 17, 2022)


    • 729419aebb090c937058b69c6ae1da5b6fbc2a2a: Add 'ko build' as a preferred alias for 'ko publish' (#456) (@imjasonh)
    • 96bedf16df480807ab04865db85a0b3c1eb2f470: Add .ko.yaml to base ko container image on golang:1.17 (#533) (@imjasonh)
    • 2fbc9089eb17d4d246eded588fa835097dcda83d: Add Trimpath build option (@halvards)
    • 1425e4be744c56d59b4bdefcdb9180791fc8414a: Add a mutex to map writing when using KOCACHE (#580) (@imjasonh)
    • a8c0773790370e09a28df240266790d89bc69bb2: Add a workflow to push a :latest ko image to (#528) (@imjasonh)
    • 22c9a5229b80d35de06f5d98a32f753cfb59547d: Add coverage of --platform=a,b (#547) (@mattmoor)
    • 98211906053bdc200a66670b78a708cb6c2c8d05: Add e2e test for using ldflags to set a build-time variable (#480) (@imjasonh)
    • da244de7161cba8d51e830aa13d9a3855ce1e2e9: Add how to use Azure Container Apps (#561) (@koudaiii)
    • 00d0a34583b01b44548f70cdc84348c137921ed5: Add integration test config to repo (@halvards)
    • f5762bedf31a4c6852d75febe1f509b892cc122f: Add support for --image-refs (#555) (@mattmoor)
    • 6d0691330a6df9407a1232e8e8835c6860387b22: Add support for writing SBOMs when the build.Result is oci.Signed*. (#506) (@mattmoor)
    • 84e8ab637e64ed78bd83d024f31b4ced3d77b6e2: Allow to customize publish.Namer (#477) (@cardil)
    • 73a46290331525c84fbce1f703eb0c7307b3b03c: Always clean Dir for packages.Load (@jonjohnsonjr)
    • 465eca2b93f860b212a2911f93dc9547876f898a: Always produce OCI images and indexes (#449) (@imjasonh)
    • 2502eb9d47e3e7971bf37e480315d09ce15a5606: Build each platform concurrently (#527) (@jonjohnsonjr)
    • 7477a29d4029c7f70d6548edeca714cc6fe1c142: Bump (#464) (@dependabot[bot])
    • 933e908d6947c8bcb770d3f5f06b3e24013c2281: Bump (#508) (@dependabot[bot])
    • 32490da3e88bf4709e7a5f1c50cc1eecbba30c38: Bump (#577) (@dependabot[bot])
    • 6230daabddba8786ee1d0686215970455ad5e4a4: Bump (#466) (@dependabot[bot])
    • b1c35d29f5eb982a37c46bb1e605adea1430700b: Bump (#490) (@dependabot[bot])
    • b20faa5bdc6fe11a04704fdc172f2823dc179522: Bump (#510) (@dependabot[bot])
    • ddf9257efc60e80bdde3289382d36f9e87b42f70: Bump (#559) (@dependabot[bot])
    • 70b671c6027e5dbdeaef4ec00b4914b0a058f473: Bump from 0.5.6 to 0.5.7 (#567) (@dependabot[bot])
    • f44a16c4c5e83fa3f9a483506183c54f8ada1537: Bump from 0.6.0 to 0.7.0 (#503) (@dependabot[bot])
    • 64df1a7ec58835c1bc3bd223d09f903de7876dd8: Bump from 0.7.0 to 0.8.0 (#565) (@dependabot[bot])
    • fd81c29922d72e2f02451c1ffc79cfc102424046: Bump from 1.2.1 to 1.3.0 (#557) (@dependabot[bot])
    • 815a59ab722e7ee02e8865ef8b628977189b5323: Bump from 1.10.0 to 1.10.1 (#558) (@dependabot[bot])
    • a1c871749f959106dca4b849a40ac5716d233ca4: Bump from 1.9.0 to 1.10.0 (#529) (@dependabot[bot])
    • b7c9449729da4414e8b723ab46f70652850722ed: Bump from 0.1.6 to 0.1.7 (#465) (@dependabot[bot])
    • 5565544d07f550e7859e0bedce76332a2ea6147a: Bump from 0.1.8 to 0.1.9 (#575) (@dependabot[bot])
    • 08dfc02f41fcc6befcf5858aacf31a4827a71ab5: Bump from 0.22.2 to 0.22.3 (#489) (@dependabot[bot])
    • 23c6850d4af105c8142e099f924f9b295c2671d2: Bump from 0.22.3 to 0.22.4 (#509) (@dependabot[bot])
    • 2ba70fc75bd94147b03e9c24d3e4c5f56d02edfc: Bump from 0.22.4 to 0.23.0 (#531) (@dependabot[bot])
    • 1a12a62b99e045f3cd2aa17a5441aa3a92cd57ca: Bump from 0.23.0 to 0.23.1 (#556) (@dependabot[bot])
    • 64fa5edc8ed5a2662a52c4d4f864fb392239042f: Bump from 0.23.1 to 0.23.3 (#576) (@dependabot[bot])
    • ad0607f0a1eb3b53c6b3d5ccc41e3073e5ddebcf: Cache base image metadata in-memory (#525) (@jonjohnsonjr)
    • 5ac3ef93f7a0a46dbd7026779cb5eccf767a33ee: Clean filepath from zip before creating tempdir (#459) (@imjasonh)
    • 3edb68b27326d06d09bfd977735d4b5604eca7b2: Connect SBOMs with SPDX support. (#511) (@mattmoor)
    • 5617d1ebf8560df778aa884fa328fe05f62bdb5e: Document /ko-app/ and entrypoint in (#499) (@imjasonh)
    • 1e3c8ae940dbd5aa6564adf2436a4d29bc426515: Document ko publish in README (#469) (@imjasonh)
    • 52d42d87a308b141b78c53ddde185345c56ff2f2: Document setup-ko in (#484) (@imjasonh)
    • b9cd759f25558a5184ba2468a469b493e7c62aee: Don't log the value of --password if given (#458) (@imjasonh)
    • 0015a815375d456baed846579ec02cf936b99307: Enforce more lint checks, fix findings (#492) (@imjasonh)
    • a56047a2a1d500a646393b4a62d1d509bd5575e4: Filter out nil addendum before constructing index. (#546) (@mattmoor)
    • 6cc2d7fc64b70c9fcaa538fcb2a418827bf59a13: Fix #530 Hanging behavior with ASDF installed Go on Darwin (#548) (@StevenACoffman)
    • a41529ebf45aff5f5bc04359b18b4ac908e9f0d1: Fix Windows e2e test (#599) (@imjasonh)
    • 66a77a91e7cde965e0455f52a326f54b70fac73b: Fix handling of 'has' selectors (#473) (@antoineco)
    • de2ce53efbf408da656d8386dafdd174f557df37: Fix issue where kubectl apply is run in place of kubectl create (#494) (@sbwsg)
    • 5a13603eef44ed484a05be8cce5e9e23d0a3316c: Fix tarball publisher ctx handling (#545) (@jonjohnsonjr)
    • 98ff104f1a0ba416834e5876ae0b55a0681cbfc8: Generate CycloneDX SBOMs using our own JSON generation (#587) (@imjasonh)
    • af2ff52a11c477c7254edf1b13a231d126cc983f: Generate ko deps in SPDX format (#507) (@imjasonh)
    • b9f92681ba93bef1dfd66ae90d1995231369cd56: Improve build config issue error scenario #483 (#487) (@HeavyWombat)
    • 89ede9110a1333a31bf417cb5fed6f69f8084ff1: Include cred helpers in keychain (#581) (@imjasonh)
    • 70f02730180a44d0f363892a1d9746c685eedd8f: Introduce --verbose flag that enables logs.Warn logs (#600) (@imjasonh)
    • 54cddccd1cef3c4e188d080f00b8b839ec065fd9: Introduce KOCACHE (#269) (@jonjohnsonjr)
    • f8d0aca1abeab6cf3d1800d15acc0592c7c976b7: Log base [email protected] when building (#592) (@imjasonh)
    • 08fccaa7896f36554bd0942f39ac5865916f6ec8: Mention other tools that integrate with ko (#504) (@imjasonh)
    • 5787600e92202c71f22bb6335f487f367dd8632c: Normalize the package hash to hex. (#512) (@mattmoor)
    • c67fb03b79b280435074e9c6544310056d697a28: Pre-parse platform string with StringSliceVar (#551) (@wilsonehusin)
    • b813b95379af96156a092c30f04054f1d6c91c46: Prepare for Go 1.18 by replacing all our forked code (#549) (@imjasonh)
    • dde6c6dc9b6b13914b19ee137d2f3d349a704b6c: Re-enable codeql analysis (#457) (@imjasonh)
    • 42723d75e7076c4946351c9e3197ce65ff31b4ec: Revert "Always produce OCI images and indexes (#449)" (#462) (@imjasonh)
    • 5640c334dfed06d929e9a1648ae52e5063fb7026: Run golangci-lint before tool setup to fix tar errors (#518) (@markusthoemmes)
    • e961890072fbfda7b8172cd0614a107f76716c9a: Set GOAMD64 if variant is set (#578) (@imjasonh)
    • 8135bf22e9058d485a8cd2dc04dafa8a8fcc8a4a: Set config creation time without mutating (#524) (@imjasonh)
    • 0187841b164187cd835eb96519d5e282d69ca688: Sign image using cosign (#595) (@imjasonh)
    • 33fa7661681fade7e66bb1a9ff6cbf45efd16597: Support osversion when selecting base images (#536) (@imjasonh)
    • 5f733f9ac6216f6a840c3d1bb93237558bd62f31: Support partial platform matching for osversion only (#572) (@imjasonh)
    • 3fc720f912ac5192cff518a31fa6621e4a0dba51: Update ecr-login dependency to allow us to avoid logspam (#586) (@imjasonh)
    • d91d7a45e86cd88c094f67b8f90f07e031bd8af1: Update golangci-lint and fix issues (#519) (@markusthoemmes)
    • 103ff5b2a89121a20398b133246a8e8277ecfe00: Use build config Dir for all go tool commands (@halvards)
    • 6ff346909c2cf642d0b6152e2f3b8867c10fe4da: Use default completion command provided by cobra. (#522) (@darklore)
    • 1e46fdebd586b11a7c5fffe90eb870d8d6d4b3f3: Use signal.NotifyContext and cmd.Context (#482) (@imjasonh)
    • 5d7673e9448f49b1491cb730d8e235670a687442: Use tools/go/packages in place of go/build (#486) (@benmoss)
    • 3e5ee5b71855fd985e29ff6b681fc38a01e41e5d: Validate KO_CONFIG_PATH (#471) (@tcnghia)
    • 6014fcda9af7591811e9bb2ed5fbd8aad9785929: bump containerd dependency (#463) (@imjasonh)
    • 6447264ff8b5d48aff64000f81bb0847aefc7bac: use github api to generate the changelog (#474) (@caarlos0)
    Source code(tar.gz)
    Source code(zip)
    checksums.txt(1.04 KB)
    ko_0.10.0_Darwin_arm64.tar.gz(7.01 MB)
    ko_0.10.0_Darwin_x86_64.tar.gz(7.10 MB)
    ko_0.10.0_Linux_arm64.tar.gz(6.26 MB)
    ko_0.10.0_Linux_i386.tar.gz(6.38 MB)
    ko_0.10.0_Linux_mips64le_hardfloat.tar.gz(5.66 MB)
    ko_0.10.0_Linux_ppc64le.tar.gz(5.97 MB)
    ko_0.10.0_Linux_s390x.tar.gz(6.49 MB)
    ko_0.10.0_Linux_x86_64.tar.gz(6.82 MB)
    ko_0.10.0_Windows_arm64.tar.gz(6.35 MB)
    ko_0.10.0_Windows_i386.tar.gz(6.68 MB)
    ko_0.10.0_Windows_x86_64.tar.gz(6.92 MB)
  • v0.9.1(Sep 21, 2021)


    v0.9.0 was released incorrectly, and should not be used.

    The full commit log since the previous release is available here:


    • enable ko's logic to be embedded in other Go programs
    • enable base images from the Docker daemon (ko.local)
    • add support for Go build flags
    • annotate built images with base image annotations
    • build working Windows images
    • implement ko deps
    • deprecate --watch

    😍 Thanks 😍

    ko wouldn't be possible without the work of its dedicated contributors. Thanks to @halvards @HeavyWombat @jonjohnsonjr @imjasonh @mattmoor

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(962 bytes)
    ko_0.9.1_Darwin_arm64.tar.gz(5.82 MB)
    ko_0.9.1_Darwin_x86_64.tar.gz(5.98 MB)
    ko_0.9.1_Linux_arm64.tar.gz(5.22 MB)
    ko_0.9.1_Linux_i386.tar.gz(5.45 MB)
    ko_0.9.1_Linux_mips64le_hardfloat.tar.gz(4.87 MB)
    ko_0.9.1_Linux_ppc64le.tar.gz(5.04 MB)
    ko_0.9.1_Linux_s390x.tar.gz(5.47 MB)
    ko_0.9.1_Linux_x86_64.tar.gz(5.76 MB)
    ko_0.9.1_Windows_i386.tar.gz(5.68 MB)
    ko_0.9.1_Windows_x86_64.tar.gz(5.87 MB)
  • v0.9.0(Sep 21, 2021)

    Due to a bug in our release process, v0.9.0 does not include artifacts that would normally have been built using goreleaser. fixes this bug, and is included in v0.9.1, which you should use instead.

    Source code(tar.gz)
    Source code(zip)
  • v0.8.3(May 10, 2021)


    938bbcd Add GitHub Action to install and setup ko (#347) 516cdee Add flag and PublishOption for destination repo (#351) de98ea1 Build ko for Windows (#339) 9e8023a Format markdown (#353) 75ab991 Plumb through context in kind.Tag and kind.Write (#341) 37aef60 Remove GitHub Action (#352) d5ec166 Update actions (#355) aeb0830 Updating README for information on OpenShift (#346) 29cd8e0 Use cobra's RunE wherever possible (#343) 5395f99 bump ggcr dep to v0.5.0 (#349)

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(867 bytes)
    ko_0.8.3_Darwin_x86_64.tar.gz(11.93 MB)
    ko_0.8.3_Linux_arm64.tar.gz(10.31 MB)
    ko_0.8.3_Linux_i386.tar.gz(11.17 MB)
    ko_0.8.3_Linux_mips64le_hardfloat.tar.gz(9.63 MB)
    ko_0.8.3_Linux_ppc64le.tar.gz(10.06 MB)
    ko_0.8.3_Linux_s390x.tar.gz(10.97 MB)
    ko_0.8.3_Linux_x86_64.tar.gz(11.37 MB)
    ko_0.8.3_Windows_i386.tar.gz(11.13 MB)
    ko_0.8.3_Windows_x86_64.tar.gz(11.36 MB)
  • v0.8.2(Apr 20, 2021)


    f7df810 Add --image-label to add labels to built images (#324) c55c3fe Fix typo in b21673e Format markdown a377740 Format markdown c14c08e Merge pull request #312 from dprotaso/bump-deps 5eef982 Merge pull request #313 from zhouhaibing089/update-bare-comment c0b2a1c Merge pull request #318 from ImJasonH/readme 8c33a4e Merge pull request #322 from knative-automation/auto-updates/format-markdown dd33257 Merge pull request #326 from knative-automation/auto-updates/common-actions ee02868 Merge pull request #327 from knative-automation/auto-updates/common-actions 0b96f41 Merge pull request #329 from knative-automation/auto-updates/common-actions abe1433 Merge pull request #331 from ImJasonH/base-import-paths f5b79ff Merge pull request #333 from knative-automation/auto-updates/common-actions 1d9e8e7 Merge pull request #334 from knative-automation/auto-updates/format-markdown 866dcde Merge pull request #335 from google/ImJasonH-patch-1 d498734 Merge pull request #338 from mgiessing/main 2863ff1 Streamline 9d79f6c Update .goreleaser.yml d050647 Update 0621cba Update e7e38b4 Update common github actions 146f9bc Update common github actions 9ea38a2 Update common github actions c17d050 Update common github actions ee74460 Wrap io errs for kodata layer (#320) af19d48 bump deps & drop replace directives b27ed4e options: update --bare help message

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(675 bytes)
    ko_0.8.2_Darwin_x86_64.tar.gz(11.91 MB)
    ko_0.8.2_Linux_arm64.tar.gz(10.30 MB)
    ko_0.8.2_Linux_i386.tar.gz(11.16 MB)
    ko_0.8.2_Linux_mips64le_hardfloat.tar.gz(9.62 MB)
    ko_0.8.2_Linux_ppc64le.tar.gz(10.04 MB)
    ko_0.8.2_Linux_s390x.tar.gz(10.96 MB)
    ko_0.8.2_Linux_x86_64.tar.gz(11.35 MB)
  • v0.8.1(Feb 22, 2021)


    4ad3f11 Merge pull request #306 from ImJasonH/rename f25feec Merge pull request #308 from knative-automation/auto-updates/common-actions b8162cf Merge pull request #310 from knative-automation/auto-updates/common-actions 12bbd4c Update common github actions dab4c5e Update common github actions 8e1aaa1 Update common github actions (#311) 746ec90 Update travis link to main branch a6442e6 support goarch mips64le architecture. (#309)

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(472 bytes)
    ko_0.8.1_Darwin_x86_64.tar.gz(11.76 MB)
    ko_0.8.1_Linux_arm64.tar.gz(10.16 MB)
    ko_0.8.1_Linux_i386.tar.gz(11.01 MB)
    ko_0.8.1_Linux_s390x.tar.gz(10.82 MB)
    ko_0.8.1_Linux_x86_64.tar.gz(11.21 MB)
  • v0.8.0(Feb 2, 2021)


    af7fb47 Add s390x architecture to ko binary releases (#300) 6586a72 Always use "strict" mode e521d76 Bump ggcr to v0.4.0 fa39374 Document GOFLAGS d4fb288 Fix .goreleaser.yml (#285) 82cabb4 Fix GOROOT mismatch issues (#303) 0801316 Fix ko login (#298) d39f171 Fix the link to releases (#291) b6ed60a Format markdown c1c21e7 Format markdown 0bfb6b0 Format markdown (#282) 78b7bed Merge pull request #280 from jonjohnsonjr/document-goflags b898b77 Merge pull request #281 from jonjohnsonjr/strict-always 5b7eaf7 Merge pull request #283 from knative-automation/auto-updates/common-actions 4372e2a Merge pull request #284 from knative-automation/auto-updates/common-actions bd91eab Merge pull request #290 from knative-automation/auto-updates/format-markdown dfe3d51 Merge pull request #293 from jonjohnsonjr/bump-ggcr 3c21033 Merge pull request #302 from knative-automation/auto-updates/format-markdown 4f05ece Update common github actions 77a7a50 Update common github actions 34568ca Use remote.WithUserAgent where possible (#294) 0d0ed4d doc: add homebrew install (#301) 2f3c49e point to releases for installation (#289)

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(472 bytes)
    ko_0.8.0_Darwin_x86_64.tar.gz(11.76 MB)
    ko_0.8.0_Linux_arm64.tar.gz(10.16 MB)
    ko_0.8.0_Linux_i386.tar.gz(11.01 MB)
    ko_0.8.0_Linux_s390x.tar.gz(10.82 MB)
    ko_0.8.0_Linux_x86_64.tar.gz(11.21 MB)
  • v0.7.0(Dec 22, 2020)


    c2b862d Move ko binary to root of project. (#257) 64b28d0 Revert to 0.18.8 of K8s (#279) 0427aed Add ko login (#277) 771a2a3 Merge pull request #278 from knative-automation/auto-updates/format-markdown eb93ca8 Update ggcr to v0.3.0 (#276) c78b3e1 Format markdown 7e32453 Allow comma-separated list of platforms (#259) fd5cd4b Actually print errors during resolve (#275) 522c37c Add ctx everywhere (#268) 552c3d4 documentation: auth without docker, not without ko (#266) 722ad3c Format markdown (#272) 222b0fc Allow ko to produce estargz layers. (#271) 68ebcc8 Merge pull request #270 from knative-automation/auto-updates/common-actions 3414d41 Update common github actions 960e6a3 Update ggcr and use the new tarball.WithCompressCaching (#263) 06ebf03 Merge pull request #260 from knative-automation/auto-updates/common-actions eacbed4 Update common github actions 5b08b05 Merge pull request #255 from knative-automation/auto-updates/common-actions 87d718d Update common github actions b843019 Make --watch work with ko:// (#250) 1c70438 Print platform variant when building go binary (#248) bd1ec54 Merge pull request #247 from jonjohnsonjr/filepath c183e84 Stop using filepath.Join in publisher (#247) ea5dc20 Merge pull request #244 from knative-automation/auto-updates/common-actions c917737 Update common github actions 715c03e Add crane's auth command to facilitate logging into a registry (#243) 36a921f Update common github actions (#242) 1f17ce9 Set GOARM based on platform.variant (#239)

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(284 bytes)
    ko_0.7.0_Darwin_x86_64.tar.gz(11.75 MB)
    ko_0.7.0_Linux_i386.tar.gz(11.01 MB)
    ko_0.7.0_Linux_x86_64.tar.gz(11.21 MB)
  • v0.6.1(Nov 4, 2020)

    Highlights & Accidents

    1. Accidentally included d7b989a in this patch release, which may be breaking. Mea culpa -- please yell at @jonjohnsonjr to fix it if you're broken.
    2. More descriptive error messages than "importpath foo is not supported".
    3. New repo naming strategy --bare to publish everything under KO_DOCKER_REPO.


    24ed404 Add GitHub Actions badge for build status e780390 Avoid panic caused by MultiPublisher (#216) 3691164 Document --platform flag in (#211) f527c9b Document usage of KIND_CLUSTER_NAME (#220) 598e7a7 Fix left-over from copy/paste (#214) 695b39f Fix things pointed out by golangci-lint b99d96f Format markdown dc30efc Format markdown (#217) d767708 IsSupportedReference returns descriptive error (#233) 28a36d6 Merge pull request #213 from mattmoor/auto-updates/common-actions 2c4d755 Merge pull request #222 from markusthoemmes/fix-lints 9b91035 Merge pull request #223 from mattmoor/auto-updates/format-markdown 33d1b3d Merge pull request #226 from ImJasonH/badge ff18e80 Merge pull request #232 from knative-automation/auto-updates/common-actions d9cc0ca Move the kind and integration tests to actions (#225) b5daa6c Reduce config a bit 79beb3b Refactor the publish.Namer, add --bare option for image naming (#234) d7b989a Remove docs for Strict Mode and --strict flag (#210) cde2582 Run the hello test on multiple architectures (#227) 01820ce Update README with link to kind (#212) f68496a Update common github actions 2d9942c Update common github actions

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(284 bytes)
    ko_0.6.1_Darwin_x86_64.tar.gz(11.43 MB)
    ko_0.6.1_Linux_i386.tar.gz(10.70 MB)
    ko_0.6.1_Linux_x86_64.tar.gz(10.88 MB)
  • v0.6.0(Sep 30, 2020)

    Highlights & Breaking Changes

    1. ko:// is now required
    2. is now the default (was :latest, which ran as root)
    3. Produce multi-arch images with --platform=all


    27676b12d84c9a20068ba76e99fa64f4bcf9dfdf (tag: v0.6.0) Merge pull request #198 from google/ImJasonH-patch-1 efbe5b7281864de43cc78a03d69c9be49130cf6c Merge pull request #205 from mattmoor/auto-updates/format-markdown 0bdf5ee792ea30b8db2cc55298de603cb85c7abd Format markdown 61fbde832a7e6155115a54f1cddd3887697bd914 Have kind.local test use --platform=all (#208) 0f5a478d752cd79141d886d195bb2d8ac9a131ec (Fix #191) Add required go version to docs (#204) 4a4d1b02bd7313c84de54d3193682d43e4d7a84a Revive progress and warning logs (#203) d48767339ff540b22d652681dbb69201db5f4266 Fix base image resolution (#201) 5af0bc138fba2e1a8fc3cef3cdc4b6d6b192ccfc Print more complete platform information. (#200) 5b4d3e400cb10a86dff7acef12860b3e879631d9 (origin/ImJasonH-patch-1) apps-v1 b3645fa0966189319db6676dbda762da37bc18ed Add a handful of files to trigger more analyses. (#197) bd3f1cb17b161e1d261374fee25376ca8cc88bc4 [Automated] Update actions (#194) 985c449e0b5482f22993d9312487041d2bbd7d63 Fix goimports (#196) 8d9a4172cc766069ba31fc835e7cad63de7356e3 upgrade to latest dependencies (#195) 33e66aca491da9f7658d8888b7d18bc021ed50f9 Remove deprecated things. (#162) 8b52ec2374ea029398ed16f8e703fe3c8a2e04e8 Multi-platform ko (#38) 718587b3af684c118a4ca366509fa37abbfb4468 Add hack/ (#193) bec089d9c82eadfbd3e772395b1581709bc2055a Fix "require" (#189) 1e05e91f92a684920135e636b9be836f43c2616f Pin for good measure (#188) 60e32d0655023454ebf876e204727ae8d0c1685c Switch to go 1.14 in go.mod, test 1.15 (#187) 64c2eef7badcfbccca45d54d33160da78267327d Bump Kubernetes dependencies to 1.18. (#186) 1aa3b3793e167413db3e36251199b24f83e5ceb5 Allow images to be loaded into kind using 'kind.local'. (#180) b7b0435ef063dabb6774b5d3f17f497640191367 Format markdown using prettier. (#185) 8104425e1173750f079ab8d59028137c4e1ca981 Update kind to the latest release. (#184) feb4443416bbb53de7a4c7c46ccfcfbad015857e Format markdown using prettier.

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(284 bytes)
    ko_0.6.0_Darwin_x86_64.tar.gz(11.42 MB)
    ko_0.6.0_Linux_i386.tar.gz(10.70 MB)
    ko_0.6.0_Linux_x86_64.tar.gz(10.88 MB)
  • v0.5.0(May 4, 2020)


    ea2beac Fix -P with passing ko:// through. (#163) ff61ea3 Refactor how/where ko:// is handled. (#153) d45c527 This adds the deprecation notices for ko:// and nonroot (#161) 429a409 Update .travis.yml (#156) f45bc13 Viper keys are case insensitive. (#150) 6cbfe96 [modules] Dependent command packages can now be built with ko (#154)

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(378 bytes)
    ko_0.5.0_Darwin_i386.tar.gz(10.39 MB)
    ko_0.5.0_Darwin_x86_64.tar.gz(10.57 MB)
    ko_0.5.0_Linux_i386.tar.gz(9.90 MB)
    ko_0.5.0_Linux_x86_64.tar.gz(10.07 MB)
  • v0.4.0(Mar 10, 2020)

  • v0.3.0(Feb 12, 2020)

  • v0.2.0(Jan 24, 2020)


    b0a1702 Add --disable-optimizations flag to make debugging easier. (#24) f46a2b6 Add author and created_by data (#45) 99a587e Add build.Limiter (#79) 1c54dd6 Add context to go build (#105) 4ff72e3 Add entrypoint to PATH (#114) 3566d3f Add go module support (#60) 99ecfeb Add goreleaser GitHub action (#121) 2d12e28 Add permissions to the kodata directory. (#68) a3656d1 Add support for recursively resolving directory symlinks. (#73) 26dcb6f Added a note on logging in to the image registry KO_DOCKER_REPO points at 0af2e5e Added command completion (#49) 7c4a93a Adding create. (#30) 474505b Adding ko logo. 3880b61 Allow plain registries as KO_DOCKER_REPO (#94) 48afd62 Allow skipping TLS verification while publishing (#65) 116114f Bump ggcr depenency (#41) b7d1820 Compress layers when we Build them (#47) 86a2d43 Drop name.WeakValidation ee58128 Fix README formatting (#74) 9645502 Fix date command (#75) 3a0e70e Fix mult-doc yaml re-joining (#63) 6aff039 Fix path mangling on Windows. (#112) 5a25402 Ignore null YAML documents when using a label selector. (#107) 4342cef Implement "strict mode" 835dcfb Improve ko run (#76) 9776d34 Improve strict-mode error message e980071 Include tag in resolved references 91f5718 Make callers type out all of --strict 267b61e Merge pull request #100 from syedriko/image_registry_auth_note 7893c74 Merge pull request #109 from jonjohnsonjr/tagged-digests f0a367d Merge pull request #15 from google/ImJasonH-patch-1 3584e2d Merge pull request #16 from dvrkps/patch-1 eab537e Merge pull request #17 from ImJasonH/weak 8a084cb Merge pull request #25 from cezkuj/ko-version d32f069 Merge pull request #43 from mattmoor/update-ggcr 93ba9aa Merge pull request #53 from spencer-p/master b7eb9df Merge pull request #58 from ImJasonH/strict 9242988 Merge pull request #66 from ImJasonH/cobra c959e60 Merge pull request #67 from ImJasonH/mod 15f9719 Merge pull request #89 from toshi0607/feature/fix-broken-markdown 57f20d0 Merge pull request #98 from n3wscott/logo 6f9fb7f Move ko commands to pkg/commands (#29) fba1d3d Moving options to pkg/commands/options. (#28) 4833bb4 Preserve YAML comments & style when resolving/applying (#103) 9bae8ab Print images to stdout as we publish them. (#36) 6500b08 Pull in the config change to ggcr. a6277d0 Quick typo fix (#99) f26825f Remove extra dashes (#86) 3315663 Remove strictness checks from build, into resolve 1fcfe62 Reorder parsing KO_DOCKER_REPO to get proper credentials (#117) 672e478 Resolving #21 issue. Adding git-dir flag to always execute inside ko's directory in GOPATH e8b7ded Resolving #21 issue. Adding ko version and simple release script 0aca6f6 Resolving #21 issue. Fixing conflicts after commands refactoring. Improving version command cef9764 Return better error messages (#33) fee3c26 Review feedback 5a4d14e Run tests with Go 1.11 and 1.12 (drop 1.10) d24b60a Set UA to something ko-specific (#116) 56f32f8 Update README to include better install instructions (#87) caa953d Update cobra dep 28f239a Update ggcr (#113) 451287a Update ggcr (#83) 241d532 Update ggcr (#91) 479bd3e Update ggcr (#97) b7e1a7f Update ggcr dependency (#119) d356007 Update gobuild.go (#56) 3a17dee Use GOOS/GOARCH from base image (#77) f9504d0 Use a more appropriate idiom 133ae27 Use debug.ReadBuildInfo to populate ko version (#81) be4e1ff [Resolves #71] Add trimpath arg to gobuild (#102) bd404f3 add SOURCE_DATE_EPOCH usage (#72) 2e28671 add kubectl check for ko delete, apply, and create (#120) 0c205ab add selector flag and logic (#46) 2547a9c check NewGo error f5bfec3 fix broken markdown 5697b9d rel url. d3ab89f update Gopkg.toml 8f817fd use go modules

    Source code(tar.gz)
    Source code(zip)
    checksums.txt(378 bytes)
    ko_0.2.0_Darwin_i386.tar.gz(10.41 MB)
    ko_0.2.0_Darwin_x86_64.tar.gz(10.60 MB)
    ko_0.2.0_Linux_i386.tar.gz(9.91 MB)
    ko_0.2.0_Linux_x86_64.tar.gz(10.10 MB)
  • v0.1(Mar 21, 2019)

Google ❤️ Open Source
Christmas Hack Day Project: Build an Kubernetes Operator to deploy Camunda Cloud services

Camunda Cloud Operator Christmas Hack Day Project (2021): Build an Kubernetes Operator to deploy Camunda Cloud services Motiviation / Idea We currentl

Camunda Community Hub 0 May 18, 2022
Deploy, manage, and secure applications and resources across multiple clusters using CloudFormation and Shipa

CloudFormation provider Deploy, secure, and manage applications across multiple clusters using CloudFormation and Shipa. Development environment setup

Shipa 1 Feb 12, 2022
Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications

Nomad is an easy-to-use, flexible, and performant workload orchestrator that can deploy a mix of microservice, batch, containerized, and non-containerized applications. Nomad is easy to operate and scale and has native Consul and Vault integrations.

HashiCorp 13k Jan 5, 2023
A simple Go app and GitHub workflow that shows how to use GitHub Actions to test, build and deploy a Go app to Docker Hub

go-pipeline-demo A repository containing a simple Go app and GitHub workflow that shows how to use GitHub Actions to test, build and deploy a Go app t

Marat Bogatyrev 0 Nov 17, 2021
A tool to build, deploy, and release any environment using System Containers.

Bravetools Bravetools is an end-to-end System Container management utility. Bravetools makes it easy to configure, build, and deploy reproducible envi

null 125 Dec 14, 2022
A tool to build, deploy, and release any application on any platform.

Waypoint Website: Tutorials: HashiCorp Learn Forum: Discuss Waypoint allows developers to define their application buil

HashiCorp 4.6k Dec 28, 2022
Use Terraform to build and deploy configurations for Juniper SRX firewalls.

Juniper Terraform - SRX Overview The goal of this project is to provide an example method to interact with Juniper SRX products with Terraform. ?? Ter

Calvin Remsburg 1 Mar 16, 2022
Easily deploy your Go applications with Dokku.

dokku-go-example Easily deploy your Go applications with Dokku. Features: Deploy on your own server Auto deployment HTTPS Check the full step by step

null 10 Aug 21, 2022
Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration, and automating updates to configuration when there is new code to deploy.

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration (like Git repositories), and automating updates to configuration when there is new code to deploy.

Flux project 4.3k Jan 8, 2023
httpserver deploy in kubernetes

httpserver deploy in kubernetes cluster What is this? The project realizes the functions of mainstream httpserver based on golang / gin, including ele

jiaxi chen 1 Mar 15, 2022
Digitalocean-kubernetes-challenge - Deploy a GitOps CI/CD implementation

DigitalOcean Kubernetes Challenge 2021 I chose to participate in the DigitalOcean Kubernetes Challenge in order to learn more about Kubernetes and to

Engin Diri 2 Nov 9, 2022
Pega-deploy - Pega deployment on Kubernetes

Pega deployment on Kubernetes This project provides Helm charts and basic exampl

Thomas Peters 1 Jan 30, 2022
Kubernetes OS Server - Kubernetes Extension API server exposing OS configuration like sysctl via Kubernetes API

KOSS is a Extension API Server which exposes OS properties and functionality using Kubernetes API, so it can be accessed using e.g. kubectl. At the moment this is highly experimental and only managing sysctl is supported. To make things actually usable, you must run KOSS binary as root on the machine you will be managing.

Mateusz Gozdek 3 May 19, 2021
Small and easy server for web-hooks to deploy software on push from gitlab/github/hg and so on

Deployment mini-service This mini web-server is made to deploy your code without yaml-files headache. If you just need to update your code somewhere a

Roman Usachev 9 Dec 4, 2022
"go build" wrapper to add version info to Golang applications

govvv The simple Go binary versioning tool that wraps the go build command. Stop worrying about -ldflags and go get now. Build

Ahmet Alp Balkan 529 Dec 16, 2022
"go build" wrapper to add version info to Golang applications

govvv The simple Go binary versioning tool that wraps the go build command. Stop worrying about -ldflags and go get now. Build

Ahmet Alp Balkan 529 Dec 16, 2022
A Go based deployment tool that allows the users to deploy the web application on the server using SSH information and pem file.

A Go based deployment tool that allows the users to deploy the web application on the server using SSH information and pem file. This application is intend for non tecnhincal users they can just open the GUI and given the server details just deploy.

Jobin Jose 1 Oct 16, 2021
`runenv` create gcloud run deploy `--set-env-vars=` option and export shell environment from yaml file.

runenv runenv create gcloud run deploy --set-env-vars= option and export shell environment from yaml file. Motivation I want to manage Cloud Run envir

sonatard 0 Feb 10, 2022
Automatically deploy from GitHub to Replit, lightning fast ⚡️

repl.deploy Automatically deploy from GitHub to Replit, lightning fast ⚡️ repl.deploy is split into A GitHub app, which listens for code changes and s

Khushraj Rathod 78 Dec 22, 2022