在 gitlab ci 作业中使用 kubectl 创建 ImagePullSecret 时出现奇怪错误
[英]Strange Error while creating ImagePullSecret with kubectl in gitlab ci job
问题描述
I am trying to deploy an image from a private gitlab registry to a self-hosted kubernets cluster that is connected and managed by gitlab.
我正在尝试将私有 gitlab 注册表中的映像部署到由 gitlab 连接和管理的自托管 kubernets 集群。 As far as I understood it, I need a ImagePullSecret created and referenced in my Deployment-Config for this to work.据我了解,我需要在我的部署配置中创建和引用一个 ImagePullSecret 才能使其工作。 Gitlab is creating a namespace per project so I am trying to create a secret at the start of my CI-Job. Gitlab 正在为每个项目创建一个命名空间,所以我试图在我的 CI 作业开始时创建一个秘密。 Strangely I always get the error, that an argument is missing, despite all of the required arguments being present.奇怪的是,尽管存在所有必需的参数,但我总是收到错误,即缺少参数。 What am I doing wrong?我究竟做错了什么?
Here is the CI-Job out of my gitlab-ci.yml这是我的 gitlab-ci.yml 中的 CI-Job
deploy-app:
stage: deploy
image:
name: bitnami/kubectl:latest
entrypoint: [""]
script:
- kubectl create secret docker-registry gitlab-registry --docker-username=$CI_DEPLOY_USER --docker-password=$CI_DEPLOY_PASSWORD --docker-server=$CI_REGISTRY --dry-run=client -o yaml | kubectl apply -f -
- kubectl apply -f k8s/configmap.yaml
- kubectl apply -f k8s/deployment.yaml
- kubectl apply -f k8s/service.yaml
- kubectl apply -f k8s/ingress.yaml
environment:
name: production
url: <my-url>
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
The CI-Job always runs into the following error: CI-Job 总是遇到以下错误:
error: either --from-file or the combination of --docker-username, --docker-password and --docker-server is required
I tried to run the command directly on the server without an error, so this has something to do with this specific environment.我试图直接在服务器上运行命令而没有错误,所以这与这个特定环境有关。 Has someone an idea for another approach?有人对另一种方法有想法吗? I am a bit lost right now.我现在有点失落。
1 个解决方案
解决方案1
0 2021-11-01 06:20:56
The kubectl secret which is being created may not be in the corret namespace.正在创建的 kubectl secret 可能不在 corret 命名空间中。 Since you mentioned that there are namespaces for different project, ensure that the secret is created in the correct namespace.由于您提到不同项目有命名空间,因此请确保在正确的命名空间中创建机密。 For the other commands also you may mention the namespace.对于其他命令,您也可以提及命名空间。 If the namespace is not mentioned then these kubectl commands are executed in "default" namespace.如果未提及命名空间,则这些 kubectl 命令将在“默认”命名空间中执行。
deploy-app:
stage: deploy
image:
name: bitnami/kubectl:latest
entrypoint: [""]
script:
- kubectl create secret --namespace $namespace docker-registry gitlab-registry --docker-username=$CI_DEPLOY_USER --docker-password=$CI_DEPLOY_PASSWORD --docker-server=$CI_REGISTRY --dry-run=client -o yaml | kubectl apply -f -
- kubectl apply -f k8s/configmap.yaml --namespace $namespace
- kubectl apply -f k8s/deployment.yaml --namespace $namespace
- kubectl apply -f k8s/service.yaml --namespace $namespace
- kubectl apply -f k8s/ingress.yaml --namespace $namespace
environment:
name: production
url: <my-url>
rules:
- if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.