Giter Club home page Giter Club logo

Comments (5)

andrew2758 avatar andrew2758 commented on June 20, 2024

Here are the env lines that match 'example.com':

CI_DEPENDENCY_PROXY_SERVER=example.com:443
CI_SERVER_HOST=example.com
CI_SERVER_URL=https://example.com
CI_COMPONENT_FQDN=example.com
CI_REGISTRY_IMAGE=registry-example.com:443/me/registry-test
CI_PIPELINE_URL=https://example.com/me/registry-test/-/pipelines/3612
CI_SERVER_FQDN=example.com
CI_REPOSITORY_URL=https://gitlab-ci-token:[MASKED]@example.com/me/registry-test.git
CI_API_GRAPHQL_URL=https://example.com/api/graphql
CI_REGISTRY=registry-example.com:443
CI_DEPENDENCY_PROXY_DIRECT_GROUP_IMAGE_PREFIX=example.com:443/me/dependency_proxy/containers
CI_API_V4_URL=https://example.com/api/v4
CI_SERVER_SHELL_SSH_HOST=example.com
CI_JOB_URL=https://example.com/me/registry-test/-/jobs/7576
CI_PROJECT_URL=https://example.com/me/registry-test
CI_DEPENDENCY_PROXY_GROUP_IMAGE_PREFIX=example.com:443/me/dependency_proxy/containers

from kaniko.

andrew2758 avatar andrew2758 commented on June 20, 2024

I'm trying to compile a modified version of Kaniko for debugging purposes:

DOCKER_BUILDKIT=1 docker image build . -f deploy/Dockerfile --tag=kaniko

How can I build a -debug version / flavor so it includes /bin/sh, which is required by GitLab's CI runner?

from kaniko.

andrew2758 avatar andrew2758 commented on June 20, 2024

I'm trying to compile a modified version of Kaniko for debugging purposes:

DOCKER_BUILDKIT=1 docker image build . -f deploy/Dockerfile --tag=kaniko

How can I build a -debug version / flavor so it includes /bin/sh, which is required by GitLab's CI runner?

I was able to add busybox with an extra Dockerfile:

FROM busybox:musl AS busybox

FROM kaniko:latest AS kaniko

ENV PATH="/bin:/kaniko"

COPY --from=busybox /bin /bin

Which allowed me to run my locally compiled version with GitLab. I'm still not sure why Kaniko is failing to log in though.

from kaniko.

andrew2758 avatar andrew2758 commented on June 20, 2024

I added and used the following debug patch to Kaniko:

diff --git a/pkg/executor/push.go b/pkg/executor/push.go
index c95aecc3..393d345d 100644
--- a/pkg/executor/push.go
+++ b/pkg/executor/push.go
@@ -91,6 +91,7 @@ var (
 // push to every specified destination.
 func CheckPushPermissions(opts *config.KanikoOptions) error {
        targets := opts.Destinations
+       fmt.Printf("destinations: %s\n", opts.Destinations)
        // When no push and no push cache are set, we don't need to check permissions
        if opts.SkipPushPermissionCheck {
                targets = []string{}

Which prints the following, when adding a container name to the command, which should be necessary because we need more levels in the URL path:

$ /kaniko/executor --context "${CI_PROJECT_DIR}" --dockerfile "${CI_PROJECT_DIR}/Dockerfile" --destination "${CI_REGISTRY_IMAGE}/foo:${CI_COMMIT_TAG}"
destinations: [registry-example.com:443/leaf-node/registry-test/foo:v0.0.19]
...
(same error seen originally)

The destination URL is correct. I get the same error with and without a the following in .gitlab-ci.yml:

    - mkdir -p /kaniko/.docker/
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"auth\":\"$(echo -n ${CI_REGISTRY_USER}:${CI_REGISTRY_PASSWORD} | base64)\"}}}" > /kaniko/.docker/config.json

from kaniko.

andrew2758 avatar andrew2758 commented on June 20, 2024

I found a workaround for this issue: explicitly enter the registry URL so it's possible to leave off the port number :443.

      # working:
      --destination "registry-example.com/me/registry-test/my-container:${CI_COMMIT_TAG}"
      # not working:
      --destination "registry-example.com:443/me/registry-test/my-container:${CI_COMMIT_TAG}"

It may also be possible to configure GitLab to not include the port in the ${CI_REGISTRY_IMAGE} variable:

/etc/gitlab/gitlab.rb:

## comment out this line:
#gitlab_rails['registry_port'] = "443"

I haven't tested that yet, because our dev instance is currently facing another issue.

In any case, you'll still likely need to add something like /my-container to the image URL.

from kaniko.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.