Difference between revisions of "Kaniko dockerfile"
Jump to navigation
Jump to search
| Line 2: | Line 2: | ||
https://github.com/GoogleContainerTools/kaniko | https://github.com/GoogleContainerTools/kaniko | ||
| + | |||
| + | ``` | ||
| + | apiVersion: v1 | ||
| + | kind: Pod | ||
| + | metadata: | ||
| + | name: kaniko-build | ||
| + | namespace: foo | ||
| + | spec: | ||
| + | initContainers: | ||
| + | - name: git-clone | ||
| + | image: alpine | ||
| + | command: ["sh", "-c"] | ||
| + | args: | ||
| + | - | | ||
| + | apk add git | ||
| + | git clone https://github.com/uvoo/containers.git /workspace | ||
| + | volumeMounts: | ||
| + | - name: workspace | ||
| + | mountPath: /workspace | ||
| + | containers: | ||
| + | - name: build-image | ||
| + | image: gcr.io/kaniko-project/executor:latest | ||
| + | args: | ||
| + | - "--context=dir:///workspace/test" | ||
| + | - "--skip-tls-verify=true" | ||
| + | - "--destination=harbor.example.com/demo/test" | ||
| + | volumeMounts: | ||
| + | - name: workspace | ||
| + | mountPath: /workspace | ||
| + | - mountPath: /kaniko/.docker/ | ||
| + | name: docker-config | ||
| + | volumes: | ||
| + | - name: workspace | ||
| + | - name: docker-config | ||
| + | configMap: | ||
| + | name: docker-config | ||
| + | ``` | ||
| + | |||
| + | config.json | ||
| + | ``` | ||
| + | { | ||
| + | "auths": { | ||
| + | "harbor.example.com": { | ||
| + | "auth": "echo -n USER:PASS | base64" | ||
| + | } | ||
| + | } | ||
| + | } | ||
| + | ``` | ||
| + | |||
| + | main.sh | ||
| + | ``` | ||
| + | #!/bin/bash | ||
| + | set -eu | ||
| + | kubectl config set-context --current --namespace=foo | ||
| + | kubectl create configmap cabundle --from-file=cabundle --save-config --dry-run=client -o yaml | kubectl apply -f - | ||
| + | kubectl create configmap docker-config --from-file=config.json --save-config --dry-run=client -o yaml | kubectl apply -f - | ||
| + | ``` | ||
| + | |||
| + | mountPath": "/kaniko/ssl/certs/ | ||
Revision as of 16:46, 18 January 2023
Builders docker image from dockerfile in k8s container
https://github.com/GoogleContainerTools/kaniko
apiVersion: v1
kind: Pod
metadata:
name: kaniko-build
namespace: foo
spec:
initContainers:
- name: git-clone
image: alpine
command: ["sh", "-c"]
args:
- |
apk add git
git clone https://github.com/uvoo/containers.git /workspace
volumeMounts:
- name: workspace
mountPath: /workspace
containers:
- name: build-image
image: gcr.io/kaniko-project/executor:latest
args:
- "--context=dir:///workspace/test"
- "--skip-tls-verify=true"
- "--destination=harbor.example.com/demo/test"
volumeMounts:
- name: workspace
mountPath: /workspace
- mountPath: /kaniko/.docker/
name: docker-config
volumes:
- name: workspace
- name: docker-config
configMap:
name: docker-config
config.json
{
"auths": {
"harbor.example.com": {
"auth": "echo -n USER:PASS | base64"
}
}
}
main.sh
#!/bin/bash set -eu kubectl config set-context --current --namespace=foo kubectl create configmap cabundle --from-file=cabundle --save-config --dry-run=client -o yaml | kubectl apply -f - kubectl create configmap docker-config --from-file=config.json --save-config --dry-run=client -o yaml | kubectl apply -f -
mountPath": "/kaniko/ssl/certs/
https://docs.gitlab.com/ee/ci/docker/using_kaniko.html
- https://github.com/GoogleContainerTools/kaniko#pushing-to-docker-hub
- https://github.com/GoogleContainerTools/kaniko/issues/1209
- https://github.com/GoogleContainerTools/kaniko/issues/1415
https://github.com/jpetazzo/container.training/blob/main/slides/k8s/build-with-kaniko.md