如何在 cloudbuild.yaml 中使用 Kaniko?
How to use Kaniko in cloudbuild.yaml?
我刚刚了解到可以通过使用 Kaniko 缓存加快 Google 云构建中的构建过程。我查看了文档,它提供了一个小示例。但是,我不确定如何在我的用例中应用它。我基本上是将 Nuxt 应用程序推送到我的 Github 存储库中,每次推送时云都会构建它。文档示例说我们需要用 kaniko-project/executor:latest 替换 cloud-builders/docker。以下是我的 cloudbuild.yaml
的片段
steps:
# Create .npmrc file from Fontawesome secret
- name: gcr.io/cloud-builders/gcloud
entrypoint: 'bash'
args: [ '-c', 'gcloud secrets versions access latest --secret=fontawesome > .npmrc' ]
# Build the container image
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA', '.']
# Push the image to Container Registry
- name: 'gcr.io/cloud-builders/docker'
args: ['push', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA']
Kaniko 文档说我需要以下内容:
steps:
- name: 'gcr.io/kaniko-project/executor:latest'
args:
- --destination=gcr.io/$PROJECT_ID/image
- --cache=true
- --cache-ttl=XXh
这是我尝试过的(但不确定是否应该如此):
steps:
# Create .npmrc file from Fontawesome secret
- name: gcr.io/cloud-builders/gcloud
entrypoint: 'bash'
args: [ '-c', 'gcloud secrets versions access latest --secret=fontawesome > .npmrc' ]
# Build the container image
- name: 'gcr.io/kaniko-project/executor:latest'
args: ['--destination=gcr.io/$PROJECT_ID/image', '--cache=true', '--cache-ttl=6h'
,'build', '-t', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA', '.']
# Push the image to Container Registry
- name: 'gcr.io/kaniko-project/executor:latest'
args: ['--destination=gcr.io/$PROJECT_ID/image', '--cache=true', '--cache-ttl=6h'
, 'push', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA']
Kaniko 没有推送和构建命令。当您将其指定为 cloudbuild.yaml.
中的构建步骤时,它将隐式执行(构建和推送)
一个例子是:
steps:
# Build the container image and push it with Kaniko
- name: 'gcr.io/kaniko-project/executor:latest'
args:
[
"--dockerfile=<DOCKER-FILE-DIST>",
"--context=dir://<BUILD_CONTEXT>",
"--cache=true",
"--cache-ttl=6h",
"--destination=gcr.io/$PROJECT_ID/hello:$COMMIT_SHA"
]
# Deploy image to Cloud Run
- name: "gcr.io/cloud-builders/gcloud"
args:
- "run"
- "deploy"
- "hello"
- "--image"
- "gcr.io/$PROJECT_ID/hello:$COMMIT_SHA"
- "--region"
- "us-central1"
- "--platform"
- "managed"
我刚刚了解到可以通过使用 Kaniko 缓存加快 Google 云构建中的构建过程。我查看了文档,它提供了一个小示例。但是,我不确定如何在我的用例中应用它。我基本上是将 Nuxt 应用程序推送到我的 Github 存储库中,每次推送时云都会构建它。文档示例说我们需要用 kaniko-project/executor:latest 替换 cloud-builders/docker。以下是我的 cloudbuild.yaml
steps:
# Create .npmrc file from Fontawesome secret
- name: gcr.io/cloud-builders/gcloud
entrypoint: 'bash'
args: [ '-c', 'gcloud secrets versions access latest --secret=fontawesome > .npmrc' ]
# Build the container image
- name: 'gcr.io/cloud-builders/docker'
args: ['build', '-t', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA', '.']
# Push the image to Container Registry
- name: 'gcr.io/cloud-builders/docker'
args: ['push', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA']
Kaniko 文档说我需要以下内容:
steps:
- name: 'gcr.io/kaniko-project/executor:latest'
args:
- --destination=gcr.io/$PROJECT_ID/image
- --cache=true
- --cache-ttl=XXh
这是我尝试过的(但不确定是否应该如此):
steps:
# Create .npmrc file from Fontawesome secret
- name: gcr.io/cloud-builders/gcloud
entrypoint: 'bash'
args: [ '-c', 'gcloud secrets versions access latest --secret=fontawesome > .npmrc' ]
# Build the container image
- name: 'gcr.io/kaniko-project/executor:latest'
args: ['--destination=gcr.io/$PROJECT_ID/image', '--cache=true', '--cache-ttl=6h'
,'build', '-t', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA', '.']
# Push the image to Container Registry
- name: 'gcr.io/kaniko-project/executor:latest'
args: ['--destination=gcr.io/$PROJECT_ID/image', '--cache=true', '--cache-ttl=6h'
, 'push', 'gcr.io/PROJECTNAME/IMAGENAME:$COMMIT_SHA']
Kaniko 没有推送和构建命令。当您将其指定为 cloudbuild.yaml.
中的构建步骤时,它将隐式执行(构建和推送)一个例子是:
steps:
# Build the container image and push it with Kaniko
- name: 'gcr.io/kaniko-project/executor:latest'
args:
[
"--dockerfile=<DOCKER-FILE-DIST>",
"--context=dir://<BUILD_CONTEXT>",
"--cache=true",
"--cache-ttl=6h",
"--destination=gcr.io/$PROJECT_ID/hello:$COMMIT_SHA"
]
# Deploy image to Cloud Run
- name: "gcr.io/cloud-builders/gcloud"
args:
- "run"
- "deploy"
- "hello"
- "--image"
- "gcr.io/$PROJECT_ID/hello:$COMMIT_SHA"
- "--region"
- "us-central1"
- "--platform"
- "managed"