如何将带有子模块的项目与 Gitlab CI docker runner 集成?
How to integrate a project with submodules with Gitlab CI docker runner?
关于 Gitlab CI 我有一个非常不寻常的用例,我找不到满足我需求的解决方案。
我有一个 Gitlab 存储库,它使用其他存储库共享的子模块。我想实现一个运行程序,它将为此应用程序构建一个 Docker 容器映像。为此,我将 ci 配置如下(使用 docker-in-docker 方法):
image: docker:stable
variables:
# When using dind service we need to instruct docker, to talk with the
# daemon started inside of the service. The daemon is available with
# a network connection instead of the default /var/run/docker.sock socket.
#
# The 'docker' hostname is the alias of the service container as described at
# https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services
#
# Note that if you're using Kubernetes executor, the variable should be set to
# tcp://localhost:2375 because of how Kubernetes executor connects services
# to the job container
DOCKER_HOST: tcp://docker:2375/
# When using dind, it's wise to use the overlayfs driver for
# improved performance.
DOCKER_DRIVER: overlay2
GIT_SUBMODULE_STRATEGY: recursive
services:
- docker:dind
before_script:
- git submodule sync --recursive
- git submodule update --init --recursive
build_image:
script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
- docker build -t registry.gitlab.com/proj/name .
- docker push registry.gitlab.com/proj/name
问题是运行器将无法克隆子模块存储库,因为它无法通过 SSH 访问它,对于 HTTPS,它需要用户名和密码,我显然无法将其存储在 .gitmodules包含它试图从中获取的 URL 的文件。更不用说在这个配置中我无法访问运行器中的 ssh 可执行文件(以及 git 所以我不能真正手动克隆它)。我得到的错误是:
Updating/initializing submodules recursively...
Submodule 'src/submodule/my-module' (git@gitlab.com:foo/proj/name.git) registered for path 'src/submodule/my-module'
Cloning into '/builds/proj/name/src/submodule/my-module'...
fatal: cannot run ssh: No such file or directory
fatal: unable to fork
fatal: clone of 'git@gitlab.com:foo/prof/name.git' into submodule path '/builds/proj/name/src/submodule/my-module' failed
Failed to clone 'src/submodule/my-module'. Retry scheduled
Cloning into '/builds/proj/name/src/submodule/my-module'...
fatal: cannot run ssh: No such file or directory
fatal: unable to fork
fatal: clone of 'git@gitlab.com:foo/proj/name.git' into submodule path '/builds/proj/name/src/submodule/my-module' failed
Failed to clone 'src/submodule/my-module' a second time, aborting
ERROR: Job failed: exit code 1
不用说,我负担不起将这个子模块作为 public 存储库。我会欣赏ci任何想法。在这一点上,我什至不确定这整个方法是否正确。
事实证明,实际上可以在 .gitmodules 配置文件中指定另一个存储库的相对路径。在这种情况下:
[submodule "src/submodule/my-module"]
path = src/submodule/my-module
url = ../my-module.git
这样 Gitlab CI 将不会像其他任何方式一样尝试通过 HTTPS 或 SSH 克隆存储库,而是访问相对于它知道它可以访问的项目的路径。
关于 Gitlab CI 我有一个非常不寻常的用例,我找不到满足我需求的解决方案。
我有一个 Gitlab 存储库,它使用其他存储库共享的子模块。我想实现一个运行程序,它将为此应用程序构建一个 Docker 容器映像。为此,我将 ci 配置如下(使用 docker-in-docker 方法):
image: docker:stable
variables:
# When using dind service we need to instruct docker, to talk with the
# daemon started inside of the service. The daemon is available with
# a network connection instead of the default /var/run/docker.sock socket.
#
# The 'docker' hostname is the alias of the service container as described at
# https://docs.gitlab.com/ee/ci/docker/using_docker_images.html#accessing-the-services
#
# Note that if you're using Kubernetes executor, the variable should be set to
# tcp://localhost:2375 because of how Kubernetes executor connects services
# to the job container
DOCKER_HOST: tcp://docker:2375/
# When using dind, it's wise to use the overlayfs driver for
# improved performance.
DOCKER_DRIVER: overlay2
GIT_SUBMODULE_STRATEGY: recursive
services:
- docker:dind
before_script:
- git submodule sync --recursive
- git submodule update --init --recursive
build_image:
script:
- docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.com
- docker build -t registry.gitlab.com/proj/name .
- docker push registry.gitlab.com/proj/name
问题是运行器将无法克隆子模块存储库,因为它无法通过 SSH 访问它,对于 HTTPS,它需要用户名和密码,我显然无法将其存储在 .gitmodules包含它试图从中获取的 URL 的文件。更不用说在这个配置中我无法访问运行器中的 ssh 可执行文件(以及 git 所以我不能真正手动克隆它)。我得到的错误是:
Updating/initializing submodules recursively...
Submodule 'src/submodule/my-module' (git@gitlab.com:foo/proj/name.git) registered for path 'src/submodule/my-module'
Cloning into '/builds/proj/name/src/submodule/my-module'...
fatal: cannot run ssh: No such file or directory
fatal: unable to fork
fatal: clone of 'git@gitlab.com:foo/prof/name.git' into submodule path '/builds/proj/name/src/submodule/my-module' failed
Failed to clone 'src/submodule/my-module'. Retry scheduled
Cloning into '/builds/proj/name/src/submodule/my-module'...
fatal: cannot run ssh: No such file or directory
fatal: unable to fork
fatal: clone of 'git@gitlab.com:foo/proj/name.git' into submodule path '/builds/proj/name/src/submodule/my-module' failed
Failed to clone 'src/submodule/my-module' a second time, aborting
ERROR: Job failed: exit code 1
不用说,我负担不起将这个子模块作为 public 存储库。我会欣赏ci任何想法。在这一点上,我什至不确定这整个方法是否正确。
事实证明,实际上可以在 .gitmodules 配置文件中指定另一个存储库的相对路径。在这种情况下:
[submodule "src/submodule/my-module"]
path = src/submodule/my-module
url = ../my-module.git
这样 Gitlab CI 将不会像其他任何方式一样尝试通过 HTTPS 或 SSH 克隆存储库,而是访问相对于它知道它可以访问的项目的路径。