英文:
How to build and push Go image using Google Ko?Could you tell me the steps for cloudbuild.yaml to create the image and push go image using Google ko?
问题
我需要在从Git检出代码后使用Google Ko构建Go项目,然后将镜像推送到需要凭据的私有Artifactory。如何在cloudbuild.yaml中定义上述步骤?其中涉及源路径和私有存储库路径的步骤。如何通过脚本提供Artifactory的凭据?
英文:
I need to build go project using google Ko after checking out from git and then push the image to private artifactory which takes credentials. How to define the steps for the above in cloudbuild.yaml? Steps where it takes Source path and also where it takes private repository path. How to give the credentials of artifactory through script?
答案1
得分: 1
你遇到的错误是由于“failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "bash"`。
默认情况下,ko
命令使用来自Distroless镜像集合的安全且精简的基础镜像(gcr.io/distroless/static:nonroot
镜像),该镜像不包含shell或其他可执行文件,以减少容器的攻击面。
你可以首先创建Ko
Docker镜像,然后将此Docker镜像用作基础镜像来构建Cloudbuild。我们将推送并保存Ko
Docker镜像到GCR
。
Github链接:https://github.com/GoogleCloudPlatform/cloud-builders-community/tree/master/ko
在cloudbuild.yaml
中有构建镜像的配置,你也可以在本地运行docker build -t
命令来构建Docker镜像。
一旦Docker镜像构建并推送到GCR
,我们可以编写cloudbuild.yaml
来构建应用程序。
可以尝试使用以下示例的cloudbuild.yaml
文件:
steps:
- name: gcr.io/$PROJECT_ID/ko
entrypoint: /bin/sh
env:
- 'KO_DOCKER_REPO=gcr.io/$PROJECT_ID'
args:
- -c
- |
echo $(/ko publish --preserve-import-paths ./cmd/ko) > ./ko_container.txt || exit 1
英文:
Error you are getting is due the failed to create shim task: OCI runtime create failed: runc create failed: unable to start container process: exec: "bash"
> By default, the ko command uses a secure and lean base image from the
> Distroless collection of images (the gcr.io/distroless/static:nonroot
> image), which doesn’t contain a shell or other executables in order to
> reduce the attack surface of the container.
You can first create the Ko docker image and we will use this docker image as the base iamge to Cloudbuild. We will push and save the Ko docker image to GCR
Github : https://github.com/GoogleCloudPlatform/cloud-builders-community/tree/master/ko
There is cloudbuild.yaml
to build image on cloudbuild or you also run docker build -t
locally to build docker
Once docker image is built and pushed to the GCR we can write the cloudbuild.yaml
to build the application
Try this Cloudbuild.yaml
for example
steps:
- name: gcr.io/$PROJECT_ID/ko
entrypoint: /bin/sh
env:
- 'KO_DOCKER_REPO=gcr.io/$PROJECT_ID'
args:
- -c
- |
echo $(/ko publish --preserve-import-paths ./cmd/ko) > ./ko_container.txt || exit 1
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论