fix(cicd): use initContainer clone + local Kaniko context
All checks were successful
Build & Deploy to K8s / build-and-deploy (push) Successful in 20s
All checks were successful
Build & Deploy to K8s / build-and-deploy (push) Successful in 20s
Kaniko git:// context doesn't support HTTPS auth well.
Use alpine/git initContainer to clone repo into emptyDir,
then Kaniko builds from local /workspace/repo/{service} path.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Ho Ngoc Hai
@@ -122,6 +122,7 @@ jobs:
|
||||
local full="${HARBOR}/${PROJECT}/${img}"
|
||||
local job="kaniko-${svc}-${IMAGE_TAG}"
|
||||
|
||||
# Use initContainer to clone repo, then kaniko builds from local context
|
||||
cat <<JOBEOF | kubectl apply -f -
|
||||
apiVersion: batch/v1
|
||||
kind: Job
|
||||
@@ -135,12 +136,22 @@ jobs:
|
||||
ttlSecondsAfterFinished: 600
|
||||
template:
|
||||
spec:
|
||||
initContainers:
|
||||
- name: clone
|
||||
image: alpine/git:latest
|
||||
command: ["sh", "-c"]
|
||||
args:
|
||||
- |
|
||||
git clone --depth 1 --branch ${BRANCH} ${GITEA_URL} /workspace/repo
|
||||
volumeMounts:
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
containers:
|
||||
- name: kaniko
|
||||
image: gcr.io/kaniko-project/executor:latest
|
||||
args:
|
||||
- "--dockerfile=Dockerfile"
|
||||
- "--context=git://${GITEA_URL}#refs/heads/${BRANCH}#${ctx}"
|
||||
- "--context=/workspace/repo/${ctx}"
|
||||
- "--destination=${full}:${IMAGE_TAG}"
|
||||
- "--destination=${full}:latest"
|
||||
- "--cache=false"
|
||||
@@ -149,6 +160,8 @@ jobs:
|
||||
volumeMounts:
|
||||
- name: docker-config
|
||||
mountPath: /kaniko/.docker
|
||||
- name: workspace
|
||||
mountPath: /workspace
|
||||
resources:
|
||||
requests:
|
||||
cpu: 500m
|
||||
@@ -164,6 +177,8 @@ jobs:
|
||||
items:
|
||||
- key: .dockerconfigjson
|
||||
path: config.json
|
||||
- name: workspace
|
||||
emptyDir: {}
|
||||
JOBEOF
|
||||
echo "Created job ${job}"
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user