banzaicloud / drone-kaniko Goto Github PK
View Code? Open in Web Editor NEWA thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.
License: Apache License 2.0
A thin shim-wrapper around the official Google Kaniko Docker image to make it behave like the Drone Docker plugin.
License: Apache License 2.0
Describe the bug
When running drone-kaniko from a drone kubernetes runner, I get the following error:
standard_init_linux.go:211: exec user process caused "permission denied"
Steps to reproduce the issue:
Running on GKE cluster (on COS_containerd type node)
Pipeline:
---
kind: pipeline
type: kubernetes
name: Kapitan Compile
clone:
depth: 10
steps:
- name: publish
image: banzaicloud/drone-kaniko
settings:
cache: true
registry: eu.gcr.io
repo: eu.gcr.io/antha-images/kapitan
dockerfile: kapitan/Dockerfile
tags: latest
build_args:
- KAPITAN_RELEASE=0.27.4-ci
json_key:
from_secret: google_credentials
---
kind: secret
name: google_credentials
get:
path: drone-runner
name: google_credentials
Expected behavior
Drone builds the image
Additional context
Hi,
I am testing this plugins with cache: true
and a docker hub registry. For some reason the cache layers are not pushed to the registry but the final image is. All subsequent build are rebuilding all the layers. I noticed the following message at the beginning of the builds: Error while retrieving image from cache: geting file info: stat /cache/sha256:***************: no such file or directory
.
And during the push at the end:
WARN[0269] error uploading layer to cache: failed to push to destination index.docker.io/*/*/cache:*************: unsupported status code 401;
It would be awesome if you could push a file like the README of the repo to the DockerHub description automatically.
Describe the bug
GoogleContainerTools/kaniko#1110
Tl;dr
This happens during a COPY . .
error building image: error building stage: failed to execute command: read /drone/src/deps/absinthe/priv: is a directory
Steps to reproduce the issue:
build a docker image with the latest banzaicloud/drone-kaniko
(e.g. omitting the image tag)
- name: build-docker-image
image: banzaicloud/drone-kaniko
settings:
username:
from_secret: docker_username
password:
from_secret: docker_password
repo: my-repo
registry: my.private-registry.com
tags:
- latest
- ${DRONE_COMMIT_SHA}
Expected behavior
It should build correctly.
Additional context
When pinning the version to banzaicloud/drone-kaniko:0.5.1
it does build correctly.
Drone docker plugin has support for auto tag, may be we can borrow some code from there..
Describe the bug
Hi! I am trying this plugin now and have a problem. I can see that it pushes layers to Github Package Registry because it says so. However when the build starts it seems it tries to read from a local /cache
directory for the first layer instead of the cache repo. I see this in the log:
INFO[0001] Resolved base name ubuntu:bionic to ubuntu:bionic
--
2 | INFO[0001] Resolved base name ubuntu:bionic to ubuntu:bionic
3 | INFO[0001] Downloading base image ubuntu:bionic
4 | 2019/10/07 17:36:07 No matching credentials were found, falling back on anonymous
5 | ย
6 | INFO[0003] Error while retrieving image from cache: getting file info: stat /cache/sha256:1bbdea4846231d91cce6c7ff3907d26fca444fd6b7e3c282b90c7fe4251f9f86: no such file or directory
7 | INFO[0003] Downloading base image ubuntu:bionic
This means that every time it starts the build from scratch. Is there a way to avoid this and ensure that everything is cached? Thanks!
Steps to reproduce the issue:
Just set cache: true
.
Expected behavior
I would expect the caching to cache the first layer as well, because otherwise the caching of following layers is very little useful.
I was trying to create an equivalent plugin for uber/makisu, and while it supports remote caching (on the registry), the local caching requires a volume mount.
The kaniko docs also mention something similar: https://github.com/GoogleContainerTools/kaniko#caching-base-images
Just curious to know, have you considered setting this up in Drone somehow? Otherwise, the cache is only good if you have a local registry.
Is your feature request related to a problem? Please describe.
I am running an internal registry in my kubernetes cluster and as such I am not using SSL.
Kaniko seems to offer an --insecure
option which is not available on this plugin.
Describe the solution you'd like to see
Kaniko doesn't seem to have that many flags and it should be possible to support them all.
Describe alternatives you've considered
Instead of keeping EXTRA_OPTS
itnernal expose it to the users. It kind of goes against the idea of having settings but that the only other solution.
Additional context
Describe the bug
Kaniko version is currently 0.16.0. They have made a lot of improvements, especially concerning the cache.
Thank!
Is there a way to use this plugin to build the Docker image without publishing it, so that it can be used to validate that pull requests to the image successfully build.
BTW this is an awesome plugin and exactly what I was looking for. Now I can build my Open Source Docker images on the Drone Cloud for free! ๐ I created a topic on the Drone forum to help people find it.
Most drone plugins allow keys to be base64 encoded
Describe the bug
Recently I have seen all my builds that try to push fail with the following message:
error checking push permissions -- make sure you entered the correct tag name, and that you are authenticated correctly, and try again: checking push permission for "index.docker.io/[secret:docker_username]/flexiday:94ade237": UNAUTHORIZED: authentication required; [map[Action:pull Class: Name:[secret:docker_username]/flexiday Type:repository] map[Action:push Class: Name:[secret:docker_username]/flexiday Type:repository]]
I wonder if this is an upstream bug?
Steps to reproduce the issue:
I was using latest (or no version tag)
Using any version above 0.5.1 will break my builds, however 0.5.1 works fine.
Expected behavior
Not break
Screenshots
Additional context
Could the project be renamed to drone-kaniko? This would follow the convention of other drone plugins (e.g. see the repos here: https://github.com/drone-plugins)
very very cool
Missing:
dockerfile: path/to/Dockerfile
and
context: path/to/context
From the docker drone plugin
Support/example for gcr push using json key
drone-kaniko should use ,
instead of \n
as separator for the .tags
file, like the drone-docker plugin does.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.