英文:
Docker build for Go project with GitLab private repositories
问题
我在使用私有GitLab存储库的依赖项时遇到了一些问题。总的来说,这是一个多阶段构建,但我正在尝试构建Go项目的阶段如下所示。这在本地可以工作,所以在Docker中出现问题:
FROM golang:1.16.8-alpine3.14 as BuildStage
RUN apk update && apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client bash
RUN mkdir /root/.ssh
RUN ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
COPY localRsa /root/.ssh/id_rsa
RUN chmod 0400 /root/.ssh/id_rsa
RUN eval $(ssh-agent -s) && ssh-add /root/.ssh/id_rsa
WORKDIR $GOPATH/src/myproject
COPY . .
ENV GOPRIVATE="gitlab.com/MyGitLabUser"
RUN git config --global url."git@gitlab.com".insteadOf "https://gitlab.com"
RUN go mod download
RUN go mod verify
RUN GOOS=linux GOARCH=amd64 \
go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary
我收到的错误消息是:
go: gitlab.com/MyProject/Sub1/Sub2/some-library@v0.0.6: 在版本v0.0.6上读取gitlab.com/MyProject/Sub1/Sub2/some-library.git/go.mod时出错:未知版本v0.0.6
该版本确实存在,并且在本地工作正常。我在某个地方漏掉了一步。
更新:
如果我添加以下内容,从该阶段克隆项目是可以工作的:
git clone git@gitlab.com:MyProject/Sub1/Sub2/some-library.git
这让我觉得我在我的Go配置或将Go与Git链接方面漏掉了一些东西。
英文:
I am having some issues getting my build to work with dependencies in private GitLab repositories. All-in-all it is a multistage build, but the stage where I am attempting to build my Go project is listed below. This works locally for me, so there is an issue somewhere getting this working in Docker:
FROM golang:1.16.8-alpine3.14 as BuildStage
RUN apk update && apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client bash
RUN mkdir /root/.ssh
RUN ssh-keyscan -H gitlab.com >> ~/.ssh/known_hosts
COPY localRsa /root/.ssh/id_rsa
RUN chmod 0400 /root/.ssh/id_rsa
RUN eval $(ssh-agent -s) && ssh-add /root/.ssh/id_rsa
WORKDIR $GOPATH/src/myproject
COPY . .
ENV GOPRIVATE="gitlab.com/MyGitLabUser"
RUN git config --global url."git@gitlab.com".insteadOf "https://gitlab.com"
RUN go mod download
RUN go mod verify
RUN GOOS=linux GOARCH=amd64 \
go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary
The error message I get:
> go: gitlab.com/MyProject/Sub1/Sub2/some-library@v0.0.6: reading gitlab.com/MyProject/Sub1/Sub2/some-library.git/go.mod at revision v0.0.6: unknown revision v0.0.6
The release definitely exists and is working locally. I am missing a step somewhere.
Update:
Cloning the project works from that stage if I add:
git clone git@gitlab.com:MyProject/Sub1/Sub2/some-library.git
Makes me think I'm missing something in my Go configuration or linking Go with Git.
答案1
得分: 1
问题
在整理了大家提供的所有内容后(顺便说一句,谢谢大家),我能够重新调整我的 Dockerfile,以实现我所需的功能并使其正常工作!所以首先,让我列举一下我原始提交中存在的所有问题:
- 传递 SSH 密钥是完全不必要的(参见这里 - 感谢 @RakeshGupta)
- 使用
go mod download -x在外部搜索更具体的信息很有帮助(感谢 @mh-cbon) - 我能够进一步简化(参见这里 - 感谢 @sytech)
- 其中一个重要的问题是我修复了一个拼写错误,所以现在是:
git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"
更新后的 Dockerfile
FROM golang:1.16.8-alpine3.14 as BuildStage
# 设置 Git 和 SSL(用于获取依赖项)
RUN apk update && \
apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client && \
update-ca-certificates
ENV GOPRIVATE="gitlab.com/MyProject"
RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
RUN git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"
# 设置应用程序用户
ENV USER=appuser
ENV UID=10001
RUN adduser --disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" "${USER}"
# 构建项目
WORKDIR $GOPATH/src/myproject
COPY . .
# 确保 Go 知道这些包是私有的
RUN go env -w GOPRIVATE="gitlab.com/MyProject/*"
# 构建二进制文件
RUN --mount=type=ssh go mod download -x && go mod verify
RUN --mount=type=ssh GOOS=linux GOARCH=amd64 go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary
更新后的构建命令
虽然很可爱,但我需要带有 SSH 的 BuildKit:
eval "$(minikube docker-env)"
DOCKER_BUILDKIT=1 docker build --ssh default -t myservice:latest .
英文:
Issues
After putting together everything that everyone provided here (thanks, by the way). I was able to rework my Dockerfile to do exactly what I needed and get things to work! So first, let me go through and enumerate all of the problems that were in my original submission:
- Passing in the SSH key is completely unnecessary (see here - hat tip @RakeshGupta)
- Using
go mod download -xhelped a lot to search out there for more specific information (hat tip @mh-cbon) - I was able to simplify more (see here - hat tip @sytech)
- One of the big things was a typo that I fixed, so now it's:
git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"
Updated Dockerfile
FROM golang:1.16.8-alpine3.14 as BuildStage
# setup Git & SSL (for getting dependencies)
RUN apk update && \
apk add --no-cache git ca-certificates tzdata gcc libc-dev openssh-client && \
update-ca-certificates
ENV GOPRIVATE="gitlab.com/MyProject"
RUN mkdir -p -m 0600 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
RUN git config --global url."git@gitlab.com:".insteadOf "https://gitlab.com/"
# setup an application user
ENV USER=appuser
ENV UID=10001
RUN adduser --disabled-password \
--gecos "" \
--home "/nonexistent" \
--shell "/sbin/nologin" \
--no-create-home \
--uid "${UID}" "${USER}"
# build the project
WORKDIR $GOPATH/src/myproject
COPY . .
# make sure Go knows the packages are private
RUN go env -w GOPRIVATE="gitlab.com/MyProject/*"
# build the binary
RUN --mount=type=ssh go mod download -x && go mod verify
RUN --mount=type=ssh GOOS=linux GOARCH=amd64 go build -ldflags='-w -s -extldflags "-static"' -tags musl -a -o /go/bin/mybinary
Updated Build Command
So that's cute and all, but I need BuildKit with SSH:
eval "$(minikube docker-env)"
DOCKER_BUILDKIT=1 docker build --ssh default -t myservice:latest .
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论