我需要一个信息,我整天都在努力,没有任何帮助,非常感谢任何帮助。
这是我的Dockerfile
FROM amazonlinux:2.0.20181114
RUN yum install -y java-1.8.0-openjdk-headless
# Add jar file to container. JAR_FILE also provided as argument
ARG JAR_FILE='**/*.jar'
ADD ${JAR_FILE} document_service.jar
RUN echo -e ' n export DATABASENAME=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/nldwh/databasename --query SecretString --output text` n echo $DATABASENAME' >> /opt/entrypoint.sh
RUN echo -e ' n export DATABASEUSER=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/nldwh/username --query SecretString --output text` n echo $DATABASEUSER' >> /opt/entrypoint.sh
RUN echo -e ' n export AWSBUCKETNAME=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/awss3/bucketname --query SecretString --output text` n echo $AWSBUCKETNAME' >> /opt/entrypoint.sh
RUN echo -e ' n export AWSACCESSKEY=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/awss3/accesskey --query SecretString --output text` n echo $AWSACCESSKEY' >> /opt/entrypoint.sh
RUN echo -e ' n export AWSSECRETKEY=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/awss3/secretkey --query SecretString --output text` n echo $AWSSECRETKEY' >> /opt/entrypoint.sh
RUN echo -e ' n export DATABASEPASS=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/nldwh/password --query SecretString --output text` n echo $DATABASEPASS n cd n java -jar /document_service.jar' >> /opt/entrypoint.sh
ARG env_name
# Run the generated shell script.
ENTRYPOINT ["/opt/entrypoint.sh"]
这是我的values.yml文件
replicaCount: 1
#pass repository and targetPort values during runtime
image:
repository:
tag: "latest"
pullPolicy: Always
service:
type: ClusterIP
port: 80
targetPort:
profile: "aws"
cmd:
ArgA: dev
这是我的deployml文件
spec:
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
#args: [
#"--ArgA={{ .Values.cmd.ArgA }}" ]```
我的舵安装命令是
helm升级--安装$(servicename(-f values_dev.yaml
我的docker构建文件
- download: 'current'
- task: Bash@3
inputs:
targetType: 'inline'
script: |
cd $(Build.SourcesDirectory)/../drop
ls -lrt
ls -lrt target
pwd
echo $MYATHLONTRUST
docker build --no-cache --pull -t ${{ parameters.servicename }}:latest .
docker image ls | head -2
displayName: 'Building Docker Image'
error message and output:
/usr/bin/bash /var/build/Ubuntu0205/_work/_temp/ebf1fa80-e5c1-4b35-9368-75166c468b69.sh
total 48
drwxr-xr-x 3 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 $HOME
drwxr-xr-x 4 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 src
drwxr-xr-x 7 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 target
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 5864 Mar 10 11:55 azure-pipelines.yml
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 248 Mar 10 11:55 Dockerfile.old
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 440 Mar 10 11:55 Dockerfile
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 1072 Mar 10 11:55 entrypoint.sh
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 9547 Mar 10 11:55 pom.xml
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 915 Mar 10 11:55 README.md
total 149932
drwxr-xr-x 2 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 maven-archiver
drwxr-xr-x 3 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 sonar
drwxr-xr-x 3 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 maven-status
drwxr-xr-x 3 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 classes
drwxr-xr-x 3 srv-vstsagent srv-vstsagent 4096 Mar 10 11:19 generated-sources
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 90036 Mar 10 11:55 myathlon-restapi-document-service-0.0.1-SNAPSHOT.jar.original
-rw-r--r-- 1 srv-vstsagent srv-vstsagent 153417052 Mar 10 11:56 myathlon-restapi-document-service-0.0.1-SNAPSHOT.jar
/var/build/Ubuntu0205/_work/34/drop
Dependency Updated:
elfutils-libelf.x86_64 0:0.176-2.amzn2 libblkid.x86_64 0:2.30.2-2.amzn2.0.5
libmount.x86_64 0:2.30.2-2.amzn2.0.5 libuuid.x86_64 0:2.30.2-2.amzn2.0.5
Complete!
Error removing intermediate container 46b80034bc4a: No such container: 46b80034bc4ae08bc76c6c75bc081f051c1a0a0494d63c4ec2e1c9cff6ba39cb
---> 68085751f7cd
Step 3/8 : WORKDIR /app # avoid / container root directory
---> Running in 8b75df62cfcf
Error removing intermediate container 46b80034bc4a: No such container: 46b80034bc4ae08bc76c6c75bc081f051c1a0a0494d63c4ec2e1c9cff6ba39cb
---> 536ee4f4ebf6
Step 4/8 : ARG JAR_FILE='**/*.jar'
---> Running in de5054ea9f5b
Error removing intermediate container 46b80034bc4a: No such container: 46b80034bc4ae08bc76c6c75bc081f051c1a0a0494d63c4ec2e1c9cff6ba39cb
---> 8e206092f7c9
Step 5/8 : COPY ${JAR_FILE} document_service.jar # prefer COPY to ADD
COPY failed: file not found in build context or excluded by .dockerignore: stat document_service.jar: file does not exist
REPOSITORY TAG IMAGE ID CREATED SIZE
<none> <none> 8e206092f7c9 2 minutes ago 660MB
Finishing: Building Docker Image
我试图实现的是,在部署过程中,应该用环境dev或test或acc替换docker文件变量envname。(这应该发生在docker部署阶段,而不是构建阶段,因为我计划使用相同的映像进行开发和测试(。
因此,对于测试,如果我部署了与我为dev构建的镜像相同的镜像,那么在部署时,它应该获取aws机密进行测试,而不是dev
我尽了我所能,但没能弄清楚,1美元并没有被开发价值所取代。
我们非常感谢您的帮助。
感谢
在Dockerfile中设置环境变量有两种方法。ARG值仅在RUN指令中可见,并且在生成图像后不能更改。当容器运行到(在ENTRYPOINT/CMD中(时,ENV值是可见的,并且可以在容器运行时更改,但不能在构建时直接设置。
由于这是您在容器运行时试图设置的值,因此您需要ENV而不是ARG。在您的Kubernetes清单中,您可以使用Pod规范的env:设置来更改它。(也可编写environment:或docker run -e选项。(
更具体地说,在Helm上下文中;环境名称";一个可配置的值,而不是传入命令行参数或环境值的无差别列表。
# values.yaml
# environmentName specifies the environment name used to look up
# secrets in AWS Secrets Manager.
environmentName: dev
然后在部署规范中嵌入的Pod规范中,将其添加到env:块中。
# charts/myathlon/templates/deployment.yaml
spec:
template:
spec:
containers:
- name: {{ .Chart.Name }}
env:
- name: env_name
value: {{ .Values.environmentName }}
作为清理,我还建议将入口点脚本分解为自己的脚本文件,而不是试图在Dockerfile中一次构建一行。这将更易于阅读和维护。
#!/bin/sh
# entrypoint.sh
# Check: $env_name must be set
if [ -z "$env_name" ]; then
echo '$env_name is not set; stopping' >&2
exit 1
fi
# Retrieve secrets from Secrets Manager
export DATABASENAME=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/nldwh/databasename --query SecretString --output text`
...
export DATABASEPASS=`aws secretsmanager get-secret-value --secret-id myathlon/$env_name/nldwh/password --query SecretString --output text`
# Run the main container CMD
exec "$@"
由于$env_name没有默认值,因此不需要在Dockerfile中声明任何内容。我在提取的入口点包装脚本的顶部包含了一个检查,如果在容器启动时未设置,该脚本将退出。这将Dockerfile简化为:
FROM amazonlinux:2.0.20181114
RUN yum install -y java-1.8.0-openjdk-headless
WORKDIR /app # avoid / container root directory
ARG JAR_FILE='**/*.jar'
COPY ${JAR_FILE} document_service.jar # prefer COPY to ADD
COPY entrypoint.sh . # also COPY in entrypoint script
ENTRYPOINT ["/app/entrypoint.sh"] # split ENTRYPOINT wrapper from
CMD ["java", "-jar", "/app/document_service.jar"] # main CMD