fix(cicd): use initContainer clone + local Kaniko context
All checks were successful
Build & Deploy to K8s / build-and-deploy (push) Successful in 20s
All checks were successful
Build & Deploy to K8s / build-and-deploy (push) Successful in 20s
Kaniko git:// context doesn't support HTTPS auth well.
Use alpine/git initContainer to clone repo into emptyDir,
then Kaniko builds from local /workspace/repo/{service} path.
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Ho Ngoc Hai
@@ -122,6 +122,7 @@ jobs:
|
|||||||
local full="${HARBOR}/${PROJECT}/${img}"
|
local full="${HARBOR}/${PROJECT}/${img}"
|
||||||
local job="kaniko-${svc}-${IMAGE_TAG}"
|
local job="kaniko-${svc}-${IMAGE_TAG}"
|
||||||
|
|
||||||
|
# Use initContainer to clone repo, then kaniko builds from local context
|
||||||
cat <<JOBEOF | kubectl apply -f -
|
cat <<JOBEOF | kubectl apply -f -
|
||||||
apiVersion: batch/v1
|
apiVersion: batch/v1
|
||||||
kind: Job
|
kind: Job
|
||||||
@@ -135,12 +136,22 @@ jobs:
|
|||||||
ttlSecondsAfterFinished: 600
|
ttlSecondsAfterFinished: 600
|
||||||
template:
|
template:
|
||||||
spec:
|
spec:
|
||||||
|
initContainers:
|
||||||
|
- name: clone
|
||||||
|
image: alpine/git:latest
|
||||||
|
command: ["sh", "-c"]
|
||||||
|
args:
|
||||||
|
- |
|
||||||
|
git clone --depth 1 --branch ${BRANCH} ${GITEA_URL} /workspace/repo
|
||||||
|
volumeMounts:
|
||||||
|
- name: workspace
|
||||||
|
mountPath: /workspace
|
||||||
containers:
|
containers:
|
||||||
- name: kaniko
|
- name: kaniko
|
||||||
image: gcr.io/kaniko-project/executor:latest
|
image: gcr.io/kaniko-project/executor:latest
|
||||||
args:
|
args:
|
||||||
- "--dockerfile=Dockerfile"
|
- "--dockerfile=Dockerfile"
|
||||||
- "--context=git://${GITEA_URL}#refs/heads/${BRANCH}#${ctx}"
|
- "--context=/workspace/repo/${ctx}"
|
||||||
- "--destination=${full}:${IMAGE_TAG}"
|
- "--destination=${full}:${IMAGE_TAG}"
|
||||||
- "--destination=${full}:latest"
|
- "--destination=${full}:latest"
|
||||||
- "--cache=false"
|
- "--cache=false"
|
||||||
@@ -149,6 +160,8 @@ jobs:
|
|||||||
volumeMounts:
|
volumeMounts:
|
||||||
- name: docker-config
|
- name: docker-config
|
||||||
mountPath: /kaniko/.docker
|
mountPath: /kaniko/.docker
|
||||||
|
- name: workspace
|
||||||
|
mountPath: /workspace
|
||||||
resources:
|
resources:
|
||||||
requests:
|
requests:
|
||||||
cpu: 500m
|
cpu: 500m
|
||||||
@@ -164,6 +177,8 @@ jobs:
|
|||||||
items:
|
items:
|
||||||
- key: .dockerconfigjson
|
- key: .dockerconfigjson
|
||||||
path: config.json
|
path: config.json
|
||||||
|
- name: workspace
|
||||||
|
emptyDir: {}
|
||||||
JOBEOF
|
JOBEOF
|
||||||
echo "Created job ${job}"
|
echo "Created job ${job}"
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user