问题描述
我的.gitlab-ci.yml管道似乎无法正常工作。我可以在gitlab上进行构建,测试和重新标记,但是在尝试将映像推送到gcr.io时,部署阶段失败。下面是管道文件和失败消息的相关摘录。我尝试了细长图像和高山图像,并通过回显,导出和gcloud auth list确认了GCP_SERVICE_ACCOUNT变量是我在gitlab系统中设置并成功通过身份验证的变量。我无法通过谷歌搜索找到解决http与https不对齐的任何内容-只能使用与我所做的操作一致的语法或其他身份验证方法。过去,当我在本地计算机上进行身份验证并推送到gcr.io时,gcloud push ...的运行情况就很好。
我还尝试插入docker-credential-gcr configure-docker --token-source="gcloud",并根据Push to google container registry fails: Retrying的每个答案使用asia.gcr.io(就像我在AUS中一样)。那篇文章中的问题不尽相同,但我现在还在努力。
请问我怎么了?
image: docker:19.03.12
services:
- docker:19.03.12-dind
stages:
- build
- test
- release
- deploy
variables:
GIT_DEPTH: 1
DOCKER_HOST: tcp://docker:2376
DOCKER_TLS_CERTDIR: "/certs"
CONTAINER_TEST_IMAGE: $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_SLUG
CONTAINER_RELEASE_IMAGE: $CI_REGISTRY_IMAGE:latest
GCR_IO_IMAGE: gcr.io/proj-000000/$CI_REGISTRY_IMAGE:latest
...
deploy:
image: google/cloud-sdk:slim
stage: deploy
only:
- master
before_script:
- echo $GCP_SERVICE_ACCOUNT > /tmp/service_account.json
- gcloud auth activate-service-account --key-file /tmp/service_account.json
script:
- docker push $GCR_IO_IMAGE
- gcloud app deploy app.yaml --project proj --image-url $GCR_IO_IMAGE
$ docker push $ GCR_IO_IMAGE 来自守护程序的错误响应:客户端向HTTPS服务器发送了HTTP请求。 错误:作业失败:退出代码1
更新,以下Frederic G的帖子:
gcloud docker ...方法现在似乎已被弃用,但遵循失败说明中弹出的建议:
deploy:
image: google/cloud-sdk:alpine
stage: deploy
only:
- master
script:
- gcloud auth activate-service-account --key-file /tmp/service_account.json
- gcloud auth configure-docker
- docker push $GCR_IO_IMAGE
- gcloud app deploy sandkastenapp.yaml --project sandkasten --image-url $GCR_IO_IMAGE
现在给出:
$ gcloud auth configure-docker
Adding credentials for all GCR repositories.
WARNING: A long list of credential helpers may cause delays running 'docker build'. We recommend passing the registry name to configure only the registry you are using.
After update,the following will be written to your Docker config file
located at [/root/.docker/config.json]:
{
"credHelpers": {
"gcr.io": "gcloud","us.gcr.io": "gcloud","eu.gcr.io": "gcloud","asia.gcr.io": "gcloud","staging-k8s.gcr.io": "gcloud","marketplace.gcr.io": "gcloud"
}
}
Do you want to continue (Y/n)?
Docker configuration file updated.
$ docker push $GCR_IO_IMAGE
read tcp 172.17.0.4:42954->172.17.0.3:2376: read: connection reset by peer
ERROR: Job Failed: exit code 1
解决方法
您可以使用gcloud docker命令像这样推送图像:
gcloud docker -- push gcr.io/example-org/example-image:latest
或者,在运行docker命令之前,我认为您需要通过编写credential file对其进行配置。您将需要运行以下命令:
gcloud docker --authorize-only
docker push gcr.io/example-org/example-image:latest
-EDIT-
我看到您在Cloud Build设置中设置了此变量
DOCKER_HOST: tcp://docker:2376
这可能是引起问题的原因,因为您收到的错误消息中提到了端口。
172.17.0.3:2376: read: connection reset by peer
在进行测试时,当我没有设置该值时,我可以使用以下命令推送图像:
gcloud auth configure-docker
docker pull nginx
docker tag nginx gcr.io/[project]/website
docker push gcr.io/[project]/website