写点什么

用 Tekton 来构建镜像并推送到极狐 GitLab 私有仓库

作者:极狐GitLab
  • 2023-12-27
    上海
  • 本文字数:2328 字

    阅读完需:约 8 分钟

发现极狐 GitLab 还有内置的私有镜像仓库,所以想尝试用 Tekton 来构建容器镜像,然后推送到极狐 GitLab 的私有镜像仓库。

关于 Tekton

Tekton 是 Google 开源的一款用来构建云原生 CI/CD 的工具。它把 CI/CD Pipeline 抽象成了一些概念,比如 Pipeline、Task、Step,还有 Pipeline 的“控制器” PipelineRun、Task 的“控制器” TaskRun 等等。可以用 Step、Task 来组建 Pipeline。Pipeline 与 Task 的关系如下:


极狐 GitLab 私有仓库的使用

极狐 GitLab 内置的私有镜像仓库使用是比较方便的,可以在 Project --> Packages & Registries --> Container Registry 中查看,如下图:


Tekton 构建镜像并推送

首先需要安装 Tekton-Pipeline,参考 Tekton 官网即快速完成安装:

$ kubectl apply --filename https://storage.googleapis.com/tekton-releases/pipeline/latest/release.yaml
复制代码

在 tekton-pipelines namespace 下面就会有 pod 生成:

$ kubectl -n tekton-pipelines get podstekton-pipelines-controller-5978f55d68-fgzfh        1/1     Running   0          13dtekton-pipelines-webhook-75c56bb869-cmx6j           1/1     Running   0          13d
复制代码

接着把仓库 DevOps Is Shit / tekton-jihu-cr · GitLab clone 到本地,目录结构如下:

$ tree.├── README.md├── pipelineresource.yaml├── sa.yaml├── secret-credentials.yaml├── task.yaml└── taskrun.yaml 0 directories, 6 files
复制代码

文件说明:

  • pipelineresource.yaml:定义了整个 Pipeline 中的输入资源(源码,放在极狐 GitLab 上,Repo 地址为:DevOps Is Shit / tekton-image · 极狐GitLab

  • sa.yaml:定义了 serviceaccount

  • secret-credentials.yaml:定义了拉取源代码及推送镜像的凭据信息

  • task.yaml: Task 的定义

  • taskrun.yaml: Taksrun 的定义

使用 kubectl apply 命令将上述资源进行部署即可:

$ kubectl create ns tekton-jihu$ kubectl -n tekton-jihu apply -f pipelineresource.yaml$ kubectl -n tekton-jihu apply -f secret-credentials.yaml$ kubectl -n tekton-jihu apply -f sa.yaml$ kubectl -n tekton-jihu apply -f task.yaml$ kubectl -n tekton-jihu apply -f taskrun.yaml 
复制代码

接着就可以看到有一个拉取源代码,构建容器镜像并推送到极狐 GitLab 私有镜像仓库上:

$ tkn -n tekton-jihu tr listNAME                     STARTED        DURATION   STATUSbuild-docker-image-run   21 hours ago   1 minute   Succeeded
复制代码

整个构建是在 pod 内完成的:

$ kubectl -n tekton-jihu get podsNAME                         READY   STATUS      RESTARTS   AGEbuild-docker-image-run-pod   0/4     Completed   0          21h
复制代码

可以查看构建日志,看一下推送的过程:

$ kubectl -n tekton-jihu logs -f build-docker-image-run-pod -c step-image-build-and-pushINFO[0000] Resolved base name golang:1.12.9-alpine3.9 to builderINFO[0000] Retrieving image manifest golang:1.12.9-alpine3.9INFO[0000] Retrieving image golang:1.12.9-alpine3.9 from registry DockerINFO[0003] Retrieving image manifest alpine:latestINFO[0003] Retrieving image alpine:latest from registry DockerINFO[0005] Built cross stage deps: map[0:[/tmp/main]]INFO[0005] Retrieving image manifest golang:1.12.9-alpine3.9INFO[0005] Returning cached image manifestINFO[0005] Executing 0 build triggersINFO[0005] Unpacking rootfs as cmd COPY main.go /tmp requires it.INFO[0020] WORKDIR /tmpINFO[0020] cmd: workdirINFO[0020] Changed working directory to /tmpINFO[0020] No files changed in this command, skipping snapshotting.INFO[0020] COPY main.go /tmpINFO[0020] Taking snapshot of files...INFO[0020] RUN go build main.goINFO[0020] Taking snapshot of full filesystem...INFO[0022] cmd: /bin/shINFO[0022] args: [-c go build main.go]INFO[0022] Running: [/bin/sh -c go build main.go]INFO[0023] Taking snapshot of full filesystem...INFO[0024] Saving file tmp/main for later useINFO[0024] Deleting filesystem...INFO[0024] Retrieving image manifest alpine:latestINFO[0024] Returning cached image manifestINFO[0024] Executing 0 build triggersINFO[0024] Unpacking rootfs as cmd COPY --from=builder /tmp/main /usr/src/app/ requires it.INFO[0028] WORKDIR /usr/src/app/INFO[0028] cmd: workdirINFO[0028] Changed working directory to /usr/src/app/INFO[0028] Creating directory /usr/src/app/INFO[0028] Taking snapshot of files...INFO[0028] COPY --from=builder /tmp/main /usr/src/app/INFO[0028] Taking snapshot of files...INFO[0028] CMD ["./main"]INFO[0028] Pushing image to registry.jihulab.com/keyboard-man/tekton-image:v0.0.1INFO[0094] Pushed image to 1 destinations
复制代码

从倒数第二句可以看到,镜像陪推送到了 registry.jihulab.com/keyboard-man/tekton-image中。可以在极狐GitLab界面上进行检查:


可以用这个镜像进行一个测试:

$ docker run --rm -p 9990:9990 registry.jihulab.com/keyboard-man/tekton-image:v0.0.1
复制代码

可以看到如下输出结果:

$ curl localhost:9990/devops-is-shitDevOps is shit, do you argee with me????
复制代码

可以将输出结果和源代码进行对比:

文件 · main · DevOps Is Shit / tekton-image · 极狐GitLab


利用 Tekton 来构建容器镜像并推送到极狐 GitLab 内置的镜像仓库就这么 happy 的搞定了。

用户头像

极狐GitLab

关注

开源开放,人人贡献 2021-05-19 加入

开放式一体化DevOps平台,助力行业高速协同增长!

评论

发布
暂无评论
用 Tekton 来构建镜像并推送到极狐GitLab 私有仓库_极狐GitLab_InfoQ写作社区