我对这个概念很陌生,我相信我正在努力解决一个简单的问题。我正在尝试创建一个CI/CD管道,该管道构建一个Dockerfile并将映像部署到JFrog,这样我就可以将其用于其他CI/CD管线。我们使用的是Kubernetes集群,所以我使用Kaniko来尝试这个。下面的yml通过。我认为我需要添加--destination并将其指向我的jfrog repo。
有人成功地使用Kaniko并将其发布到与GitLab不同的Artifactory吗?
build-container:
stage: build
needs: []
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- mkdir -p /kaniko/.docker
- >-
/kaniko/executor
--context ${CI_PROJECT_DIR}/src/main/docker
--dockerfile Dockerfile --no-push
- echo ${CI_REGISTRY}
- echo ${CI_REGISTRY_USER}
您可以参考下面的示例,是的,您必须使用--destination,它将与其他注册表一起工作,如GCR、ECR-
build:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- mkdir -p /kaniko/.docker
- echo "{"auths":{"${CI_REGISTRY}":{"auth":"$(printf "%s:%s" "${CI_REGISTRY_USER}" "${CI_REGISTRY_PASSWORD}" | base64 | tr -d 'n')"}}}" > /kaniko/.docker/config.json
- >-
/kaniko/executor
--context "${CI_PROJECT_DIR}"
--dockerfile "${CI_PROJECT_DIR}/Dockerfile"
--destination "${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}"
rules:
- if: $CI_COMMIT_TAG
你只需要注意docker repo的auth部分,kaniko就会推送图像
AWS ECR:
build:
stage: build
image:
name: gcr.io/kaniko-project/executor:debug
entrypoint: [""]
script:
- echo "{"credsStore":"ecr-login","credHelpers":{"$AWS_ACCOUNT_ID.dkr.ecr.region.amazonaws.com":"ecr-login"}}" > /kaniko/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $AWS_REPOSITORY:$CI_COMMIT_TAG
only:
- tags
参考编号:https://gitlab.com/s4l1h/kaniko-amazon-elastic-container-registry/blob/master/.gitlab-ci.yml