DEV Community

Jean-Phi Baconnais
Jean-Phi Baconnais

Posted on • Updated on • Originally published at jeanphi-baconnais.gitlab.io

GitLabCI: easy build and deploy an image with Kaniko

I read differents post about image build and deployment with GitLab CI and i would like want to share one tip : use Kaniko .

To create an image you can use the usual docker command

docker build -t <your image name>
Enter fullscreen mode Exit fullscreen mode

And to push this image, this one :

docker push <your image name>:latest
Enter fullscreen mode Exit fullscreen mode

All built with the docker image, and the dind services :

image: docker:stable
 services:
   - docker:dind
Enter fullscreen mode Exit fullscreen mode

And finally, in your gitlab-ci.yml, you will have this :

  build_and_deploy_classic: 
  stage: build
  image: docker:stable
  services:
    - docker:dind
  script:
    - docker login -u GitLabci -p "$CI_SECRET"  registry.GitLab.com
    - docker build -t <your image name> .
    - docker push <your image name>:latest
Enter fullscreen mode Exit fullscreen mode

This work correctly, of course you can use this.

But on my jobs, i prefer use Kaniko. Why ? Simply because in one line you can build and push on a repository.

Juste before this, you need to write in a file your username, password and auths.

That's all

 build_and_deploy_kaniko:
  stage: build
  image:
    name: gcr.io/kaniko-project/executor:debug
    entrypoint: [""]
  script:
    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json
    - /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE
Enter fullscreen mode Exit fullscreen mode

In this example i deploy my image on the GitLab registry but you can deploy on others repositories.

Don't hesitate to give me comments

Top comments (6)

Collapse
 
dcpc007 profile image
dcpc007

Hi, where do you put the credential file ?
Info : I work personnaly with a selfhosted Gitlab omnibus running via docker-compose
And i have windows/linux workstations for my tests/devs working

Collapse
 
jphi_baconnais profile image
Jean-Phi Baconnais

Hi, mmh what's your problem?

Collapse
 
mfriedenhagen profile image
Mirko Friedenhagen

Hi Jean-Phi, how do you handle custom certificates in your scenario? E.g. when using a self-hosted instance with a private Root-CA? Would you build your own kaniko image?

Collapse
 
jphi_baconnais profile image
Jean-Phi Baconnais

Hi, i don't used custom certificates. In my case, i've use kaniko in GitLab public instance and private instance but without private Root-CA, sorry.

Collapse
 
nijatshahverdiyev profile image
Nijat Shahverdiev

Hi, how to push our image to nexus private repository? i used your ci config but it gives authentication faild

Collapse
 
jphi_baconnais profile image
Jean-Phi Baconnais

Hi, the authentification line have to be changed. These variables $CI_REGISTRY, $CI_REGISTRY_USER are GitLab default variables. So you can change these with your own variables and I think it will be ok.