使用GitLab私有仓库构建Go项目的Docker镜像

huangapple go评论94阅读模式
英文:

Docker build for Go project with GitLab private repositories

问题

我在使用私有GitLab存储库的依赖项时遇到了一些问题。总的来说,这是一个多阶段构建,但我正在尝试构建Go项目的阶段如下所示。这在本地可以工作,所以在Docker中出现问题:

FROM golang:1.16.8-alpine3.14 as BuildStage

RUN apk update && apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client bash

RUN mkdir /root/.ssh
RUN ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts

COPY localRsa /root/.ssh/id_rsa
RUN chmod 0400 /root/.ssh/id_rsa

RUN eval $(ssh-agent -s) && ssh-add /root/.ssh/id_rsa

WORKDIR $GOPATH/src/myproject
COPY . .

ENV GOPRIVATE="gitlab.com/MyGitLabUser"
RUN git config --global url."git@gitlab.com".insteadOf "https://gitlab.com"

RUN go mod download
RUN go mod verify

RUN GOOS=linux GOARCH=amd64 \
    go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary

我收到的错误消息是:

go: gitlab.com/MyProject/Sub1/Sub2/some-library@v0.0.6: 在版本v0.0.6上读取gitlab.com/MyProject/Sub1/Sub2/some-library.git/go.mod时出错:未知版本v0.0.6

该版本确实存在,并且在本地工作正常。我在某个地方漏掉了一步。


更新:

如果我添加以下内容,从该阶段克隆项目是可以工作的:

git clone git@gitlab.com:MyProject/Sub1/Sub2/some-library.git

这让我觉得我在我的Go配置或将Go与Git链接方面漏掉了一些东西。

英文:

I am having some issues getting my build to work with dependencies in private GitLab repositories. All-in-all it is a multistage build, but the stage where I am attempting to build my Go project is listed below. This works locally for me, so there is an issue somewhere getting this working in Docker:

FROM golang:1.16.8-alpine3.14 as BuildStage

RUN apk update && apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client bash

RUN mkdir /root/.ssh
RUN ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts

COPY localRsa /root/.ssh/id_rsa
RUN chmod 0400 /root/.ssh/id_rsa

RUN eval $(ssh-agent -s) && ssh-add /root/.ssh/id_rsa

WORKDIR $GOPATH/src/myproject
COPY . .

ENV GOPRIVATE="gitlab.com/MyGitLabUser"
RUN git config --global url."git@gitlab.com".insteadOf "https://gitlab.com"

RUN go mod download
RUN go mod verify

RUN GOOS=linux GOARCH=amd64 \
    go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary

The error message I get:
> go: gitlab.com/MyProject/Sub1/Sub2/some-library@v0.0.6: reading gitlab.com/MyProject/Sub1/Sub2/some-library.git/go.mod at revision v0.0.6: unknown revision v0.0.6

The release definitely exists and is working locally. I am missing a step somewhere.


Update:

Cloning the project works from that stage if I add:

git clone git@gitlab.com:MyProject/Sub1/Sub2/some-library.git

Makes me think I'm missing something in my Go configuration or linking Go with Git.

答案1

得分: 1

问题

在整理了大家提供的所有内容后(顺便说一句,谢谢大家),我能够重新调整我的 Dockerfile,以实现我所需的功能并使其正常工作!所以首先,让我列举一下我原始提交中存在的所有问题:

  1. 传递 SSH 密钥是完全不必要的(参见这里 - 感谢 @RakeshGupta)
  2. 使用 go mod download -x 在外部搜索更具体的信息很有帮助(感谢 @mh-cbon)
  3. 我能够进一步简化(参见这里 - 感谢 @sytech)
  4. 其中一个重要的问题是我修复了一个拼写错误,所以现在是:git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"

更新后的 Dockerfile

FROM golang:1.16.8-alpine3.14 as BuildStage

# 设置 Git 和 SSL(用于获取依赖项)
RUN apk update && \
    apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client && \
    update-ca-certificates

ENV GOPRIVATE="gitlab.com/MyProject"

RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
RUN git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"

# 设置应用程序用户
ENV USER=appuser
ENV UID=10001

RUN adduser --disabled-password \
            --gecos "" \
            --home "/nonexistent" \
            --shell "/sbin/nologin" \
            --no-create-home \
            --uid "${UID}" "${USER}"

# 构建项目
WORKDIR $GOPATH/src/myproject
COPY . .

# 确保 Go 知道这些包是私有的
RUN go env -w GOPRIVATE="gitlab.com/MyProject/*"

# 构建二进制文件
RUN --mount=type=ssh go mod download -x && go mod verify
RUN --mount=type=ssh GOOS=linux GOARCH=amd64 go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary

更新后的构建命令

虽然很可爱,但我需要带有 SSH 的 BuildKit

eval "$(minikube docker-env)"
DOCKER_BUILDKIT=1 docker build --ssh default -t myservice:latest .
英文:

Issues

After putting together everything that everyone provided here (thanks, by the way). I was able to rework my Dockerfile to do exactly what I needed and get things to work! So first, let me go through and enumerate all of the problems that were in my original submission:

  1. Passing in the SSH key is completely unnecessary (see here - hat tip @RakeshGupta)
  2. Using go mod download -x helped a lot to search out there for more specific information (hat tip @mh-cbon)
  3. I was able to simplify more (see here - hat tip @sytech)
  4. One of the big things was a typo that I fixed, so now it's: git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"

Updated Dockerfile

FROM golang:1.16.8-alpine3.14 as BuildStage

# setup Git & SSL (for getting dependencies)
RUN apk update && \
    apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client && \
    update-ca-certificates

ENV GOPRIVATE="gitlab.com/MyProject"

RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
RUN git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"

# setup an application user
ENV USER=appuser
ENV UID=10001

RUN adduser --disabled-password \
            --gecos "" \
            --home "/nonexistent" \
            --shell "/sbin/nologin" \
            --no-create-home \
            --uid "${UID}" "${USER}"

# build the project
WORKDIR $GOPATH/src/myproject
COPY . .

# make sure Go knows the packages are private
RUN go env -w GOPRIVATE="gitlab.com/MyProject/*"

# build the binary
RUN --mount=type=ssh go mod download -x && go mod verify
RUN --mount=type=ssh GOOS=linux GOARCH=amd64 go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary

Updated Build Command

So that's cute and all, but I need BuildKit with SSH:

eval "$(minikube docker-env)"
DOCKER_BUILDKIT=1 docker build --ssh default -t myservice:latest .

huangapple
  • 本文由 发表于 2022年1月16日 00:25:22
  • 转载请务必保留本文链接:https://go.coder-hub.com/70723267.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定