drone-plugins / drone-docker Goto Github PK
View Code? Open in Web Editor NEWDrone plugin for publishing Docker images
Home Page: http://plugins.drone.io/drone-plugins/drone-docker
License: Apache License 2.0
Drone plugin for publishing Docker images
Home Page: http://plugins.drone.io/drone-plugins/drone-docker
License: Apache License 2.0
Hello,
I have been trying to use drone-docker
in order to push images into our custom Registry and there seem to be a problem with authentication.
First of all, please note that we use Docker Registry v2. It's secured with TLS and we configured authentication to use JWT tokens. This setup has proved to work just fine with Docker client.
The peculiar thing is that if I look at the log, at the beginning of the build, I can clearly see that drone-docker
successfully logged in:
[info] Pulling image plugins/drone-docker:latest
$ /usr/bin/docker -d
WARNING: login credentials saved in /.docker/config.json
Login Succeeded
However, at the end, pushing fails:
$ /usr/bin/docker push registry.company.com/company/jenkins-slave:latest
The push refers to a repository [registry.company.com/company/jenkins-slave] (len: 1)
e1f3183388e0: Preparing
unauthorized: authentication required
[info] build failed (exit code 1)
I find weird that the config file is stored at the root of the machine and not in the user directory.
Do you think it might be related?
Thank you for your help
Aurélien
We noticed that our kubernetes deployments weren't able to find the image we had tagged with just ${DRONE_COMMIT:0:8} and "prerelease" string.
With the following commit in DRONE_COMMIT value "09334553" the plugin tries to tag the image as follows:
This is on a drone server that has the new secret interpolation installed on it so it might be an issue with ${DRONE_COMMIT:0:8} instead of $DRONE_COMMIT:0:8 I will try and track that down, it's a bit of a roulette trying to recreate the issue of course.
If I can find the bug in the drone-docker code I will patch it.
A few days ago following commit was merged into the docker plugin. Our deployment pipeline started to fail right after.
I might be wrong, but it looks like prune
also removes the volume where source code is mounted. That the reason for two errors:
unable to get absolute path to Dockerfile: getwd: no such file or directory
error_outlineERROR: get 89da68151e049a5047a107fb14d0930ad62035949305a723bcfab180c9f2dd35: volume not found
One important note is that we mount docker.sock
to use docker cache and gain some speed in exchange to isolation.
Here is how the step looks like:
publish-lib-docker:
image: plugins/docker
username: ${DOCKER_USERNAME}
password: ${DOCKER_PASSWORD}
email: ${DOCKER_EMAIL}
volumes:
- /var/run/docker.sock:/var/run/docker.sock
repo: magpieapp/lib
tags:
- "${DRONE_BRANCH}_${DRONE_COMMIT}"
- latest
dockerfile: ./shared/Dockerfile
context: ./shared/
We use Docker v1.13.1.
Here are details I can see in build output:
Live Restore Enabled: false
+ /usr/local/bin/docker system prune -f
WARNING: Usage of loopback devices is strongly discouraged for production use. Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
WARNING: No swap limit support
Deleted Containers:
9360938c57f3856d5b95e728448c5e0c650ecb0085d67a4d9a4e26f6d3a03b1a
Deleted Volumes:
0757a2a51c2c8113f9ecf4614b5e42119334167b8ef9a8213e86160175a3de3b
89da68151e049a5047a107fb14d0930ad62035949305a723bcfab180c9f2dd35
92d493025cc5de41ab78a327f4f9a9585cf7ba4d33256d5dbb3252bacc17e841
Total reclaimed space: 27.17 MB
+ /usr/local/bin/docker build --rm=true -f ./shared/Dockerfile -t 5812553801c8841d99b3359f37b7f878e8ff866d ./shared/ --pull=true
unable to prepare context: unable to get absolute path to Dockerfile: getwd: no such file or directory
Here are details I can see in the build header:
error_outlineERROR: get 89da68151e049a5047a107fb14d0930ad62035949305a723bcfab180c9f2dd35: volume not found
We had to fall back to the version 1.12 of plugins/docker to make it work again.
i have a self-signed certificate i want to use the drone-docker plugin to publish to my private basic auth secured v2 docker-registry. would i just add it to the plugin image? plans on a config option for such? sorry if my noob shows.
Eventually exhausts loopback devices. I can verify that every time I execute a build the number of loopbacks increase until I get error There are no more loopback device available.
$ sudo losetup -a
/dev/loop0: [0032]:116 (/dev/loop0)
/dev/loop1: [0032]:117 (/dev/loop1)
/dev/loop2: [0035]:116 (/dev/loop2)
/dev/loop3: [0035]:117 (/dev/loop3)
/dev/loop4: [005c]:103 (/dev/loop4)
/dev/loop5: [005c]:104 (/dev/loop5)
for reference: jpetazzo/dind#19
I'm using this setup but i still get no cache performance increase. I do however see that is loading and saving however it doesn't seem to use the cache layers. Any idea? A normal build does use the cache layer.
Is there a specific reason why we just don't mount the docker socket in the container and use the existing docker for building?
build:
image: alpine:3.2
publish:
docker:
registry: XX
username: XX
password: $$REGISTRY_PASSWORD
email: [email protected]
repo: XX
load: docker/image.tar
save:
destination: docker/image.tar
tag: latest
notify:
slack:
webhook_url: XX
channel: update
username: drone
cache:
mount:
- docker/image.tar
Hey,
I just wanted to fix a property name (file
to dockerfile
) in the documentation. But I found that the https://github.com/drone-plugins/drone-docker/blob/master/DOCS.md are already correct.
Would you mind updating docs online? :)
Thank you!
So, I know this might be a very generic error but I'm starting to believe it's because of an old Dockerfile that you use. Could we possibly bump drone-docker to the newest FROM rancher/docker:v10.13?
Anyways, basically, I run my generic .drone.yml but when I do, Drone tells me that it cannot connect to the Docker daemon. I'm running the generic Drone from the catalog but I also made my own version following the normal procedures and still receive the same errors. I'm running both Drone versions on /var/run/docker.sock.
I thought it was because it was a permissions error because of how I had Drone setup, but then I made both versions privileged and still no dice. It will not connect to the Docker daemon. E-mails and other notifications still work though.
Now that leads me to believe that it's not on my end but the workers that are spawned in the process. When Drone pulls from this repo, this Dockerfile's FROM rancher/docker:1.9.1 is what is reported. It will say the title error then it will report the docker info as 1.9.1 and not 10.13 that my host is reporting.
Could this possibly be the reason for this error?
Docker 1.12 provides some new functionality such as the HEALTHCHECK directive. It would be nice to update the plugin to incorporate Docker version 1.12 to take advantage of the newest updates and features of Docker.
I've been referred here for using drone to build docker images, but the docs and readme are too vague to really know how to start. Any chance we could get some examples, or instructions for how to use this plugin? Or at least when someone would want to use this plugin and when not to (e.g. building docker containers vs testing and then publishing an already built image, etc)
How is DOCS.md related to README.md? What is the file in the EOF
and what are we supposed to replace?
I'd be willing to help update the docs if I knew the answers to these questions
here is my configuration:
publish:
docker:
environment:
- DOCKER_LAUNCH_DEBUG=true
Registry: registry.dataos.io
Insecure: true
Repo: datahubdevelop
Username: dangsha
Password: password
Email: aaa
file: Dockerfile
Tag: $$COMMIT
when:
branch: develop
event: push
the logs tells that login failed.
could anyone tell me why,thank you for the help
Did you commit & push a file drone-docker
? 😟
We're heavily using the ONBUILD
command in Docker to build Ruby application Docker images from a generic Ruby base image. With Drone's caching enabled this should result in pretty quick builds if the base image or the app's dependencies haven't changed.
However, because Drone uses pull=true
on each docker build
command, our base image gets pulled in for each build regardless of caching. This, in turn, results in Docker running all ONBUILD
steps again while building our app image, basically making the image cache useless for us.
Can we make the pull=true
parameter optional, while defaulting to true
? That could look like this:
publish:
docker:
repo: registry.example.com/app/example
pull: false
...
@bradrydzewski: I'd be happy to submit a PR for this, can you let me know if you'd accept one? Thanks!
I even tried to insert the token after running docker login locally. i don't have any push restrictions on the provided account and was able to create the image just using the same commands that the plugin attempts:
$> docker build --pull=true --rm=true -f Dockerfile -t docker.io/stayfari/golang:latest .
$> docker tag docker.io/stayfari/golang:latest docker.io/stayfari/golang:1.6.2
$> docker push docker.io/stayfari/golang:latest
I do see that the login attempt succeeds and writes a config.json but it doesn't seem like its found when latter docker commands are run?
My .drone.yml:
publish:
docker:
environment:
- DOCKER_LAUNCH_DEBUG=true
registry: 'docker.io'
repo: 'stayfari/golang'
email: '[email protected]'
username: 'username'
password: 'pa$$word'
auth: 'tokeN=='
tag:
- latest
- '1.6.2'
storage_driver: overlay
file: Dockerfile
insecure: false
My output (starting at successful login):
time="2016-04-28T17:37:10.805593708Z" level=info msg="POST /v1.21/auth"
WARNING: login credentials saved in /.docker/config.json
Login Succeeded
$ /usr/bin/docker version
time="2016-04-28T17:37:11.945716342Z" level=info msg="GET /v1.21/version"
Client:
Version: 1.9.1
API version: 1.21
Go version: go1.4.3
Git commit: a34a1d5
Built: Fri Nov 20 17:56:04 UTC 2015
OS/Arch: linux/amd64
Server:
Version: 1.9.1
API version: 1.21
Go version: go1.4.3
Git commit: a34a1d5
Built: Fri Nov 20 17:56:04 UTC 2015
OS/Arch: linux/amd64
$ /usr/bin/docker info
time="2016-04-28T17:37:11.984750143Z" level=info msg="GET /v1.21/info"
Containers: 0
Images: 0
Server Version: 1.9.1
Storage Driver: overlay
Backing Filesystem: extfs
Execution Driver: native-0.2
Logging Driver: json-file
Kernel Version: 4.3.6-coreos
Operating System: (containerized)
CPUs: 2
Total Memory: 3.855 GiB
Name: 3e5d9b5d14e9
ID: EDHP:3LXX:N73P:3FVU:VSME:2EGX:D56X:7BTL:3W36:BIWR:XAVI:777Y
Debug mode (server): true
File Descriptors: 11
Goroutines: 19
System Time: 2016-04-28T17:37:11.985961473Z
EventsListeners: 0
Init SHA1:
Init Path: /usr/bin/docker
Docker Root Dir: /var/lib/docker
WARNING: bridge-nf-call-iptables is disabled
WARNING: bridge-nf-call-ip6tables is disabled
$ /usr/bin/docker build --pull=true --rm=true -f Dockerfile -t index.docker.io/v1/stayfari/golang:latest .
time="2016-04-28T17:37:12.028837166Z" level=info msg="POST /v1.21/build?buildargs=%7B%7D&cgroupparent=&cpuperiod=0&cpuquota=0&cpusetcpus=&cpusetmems=&cpushares=0&dockerfile=Dockerfile&memory=0&memswap=0&pull=1&rm=1&t=index.docker.io%2Fv1%2Fstayfari%2Fgolang%3Alatest&ulimits=null"
Sending build context to Docker daemon 100.9 kB
Sending build context to Docker daemon 100.9 kB
Step 1 : FROM golang:1.6.2
1.6.2: Pulling from library/golang
70e9a6907f10: Pulling fs layer
...
d4228319d724: Pull complete
Digest: sha256:4e3aca89aefc5b5b0722f31e1eeafc607937eb936717b2674a4088b55412d818
Status: Downloaded newer image for golang:1.6.2
---> d4228319d724
Step 2 : ENV GO15VENDOREXPERIMENT "1"
---> Running in 737306ce8a78
---> f24a652aa594
Removing intermediate container 737306ce8a78
Step 3 : RUN go get -u github.com/FiloSottile/gvt
---> Running in b32f97263cdc
---> cb63191207cd
Removing intermediate container b32f97263cdc
Successfully built cb63191207cd
$ /usr/bin/docker tag index.docker.io/v1/stayfari/golang:latest index.docker.io/v1/stayfari/golang:1.6.2
time="2016-04-28T17:38:01.845710555Z" level=info msg="POST /v1.21/images/index.docker.io/v1/stayfari/golang:latest/tag?repo=index.docker.io%2Fv1%2Fstayfari%2Fgolang&tag=1.6.2"
$ /usr/bin/docker push index.docker.io/v1/stayfari/golang:latest
time="2016-04-28T17:38:01.883856311Z" level=info msg="POST /v1.21/images/index.docker.io/v1/stayfari/golang/push?tag=latest"
The push refers to a repository [docker.io/v1/stayfari/golang](len: 1)
cb63191207cd: Preparing
unauthorized: authentication required
[info] build failed (exit code 1)
README has mentioned option for private registry publish.
I had to spend some time, while found out that it requests https:// to be prepended at begining of repository.
So I think for others some example in README would help.
If you add the dns option to your yml file you will be greated with this error, seems like its an issue with docker when using --net=host not sure if thats what drone is using ?
409 Conflict: Conflicting options: dns and the network mode
Drone 0.4 with plugins/drone-docker:latest (as of today).
I have a self-hosted private docker registry v2 set up with basic auth.
Authenticating to my registry doesn't require email, which conflicts with how docker login
is implemented here: https://github.com/drone-plugins/drone-docker/blob/release/0.4/main.go#L147
However in master branch you have it fixed, so the email is optional.
I am in progress of implementing a fix for branch/0.4 (https://github.com/meetmatt/drone-docker).
Pull request to come.
Adding docker build --build-args
is useful for:
time="2017-04-03T14:38:06.593516078Z" level=info msg="API listen on /var/run/docker.sock"
Registry credentials not provided. Guest mode enabled.
...
Successfully built b356134105a4
+ /usr/local/bin/docker tag 728dd1752bbf9157f56bdd6367f0146dd79a79ed yangxuan8282/pugo:1-arm
+ /usr/local/bin/docker push yangxuan8282/pugo:1-arm
The push refers to a repository [docker.io/yangxuan8282/pugo]
dc174c621de7: Preparing
dc6bf54d9910: Preparing
c1141797abf6: Preparing
time="2017-04-03T14:38:13.718831377Z" level=error msg="Upload failed: denied: requested access to the resource is denied"
time="2017-04-03T14:38:13.719173706Z" level=error msg="Attempting next endpoint for push after error: denied: requested access to the resource is denied"
denied: requested access to the resource is denied
exit status 1
I have added DOCKER_USERNAME
&& DOCKER_PASSWORD
Currently the --pull=true
is a fixed value in the build command. I think it would be better to make it an option in the config, to avoid pulling the base image every time.
When using chained images from multiple repositories, the insecure_registry mode only allows the initial registry to work. Subsequent/chained images from other registries (i.e. one per department/team) will fail because of the X509 error.
Any reason we aren't using https://hub.docker.com/_/docker/ instead of the rancher base?
See moby/moby#22641.
I'm having some issues with private registry pulls (using basic auth behind nginx). The drone build section is able to authenticate and pull images from the private registry just fine, but the drone-docker plugin seems to fail to push the image
plugin failure log (from drone):
time="2016-07-22T06:36:15.872816337Z" level=error msg="Handler for POST /v1.22/auth returned error: Login: 404 page not found\n (Code: 404; Headers: map[Content-Length:[19] Docker-Distribution-Api-Version:[registry/2.0] X-Content-Type-Options:[nosniff] Server:[nginx/1.9.15] Date:[Fri, 22 Jul 2016 06:36:15 GMT] Content-Type:[text/plain; charset=utf-8]])"
Error response from daemon: Login: 404 page not found
(Code: 404; Headers: map[Content-Length:[19] Docker-Distribution-Api-Version:[registry/2.0] X-Content-Type-Options:[nosniff] Server:[nginx/1.9.15] Date:[Fri, 22 Jul 2016 06:36:15 GMT] Content-Type:[text/plain; charset=utf-8]])
Login failed.
[info] build failed (exit code 1)
Nginx log when build section pulls an image:
[22/Jul/2016:06:36:07 +0000] "GET /v2/ HTTP/1.1" 401 195 "-" "docker/1.11.2 go/go1.5.4 git-commit/b9f10c9 kernel/3.16.0-4-amd64 os/linux arch/amd64 UpstreamClient(Go-http-client/1.1)"
droneci [22/Jul/2016:06:36:07 +0000] "GET /v2/build/node6/manifests/latest HTTP/1.1" 200 1777 "-" "docker/1.11.2 go/go1.5.4 git-commit/b9f10c9 kernel/3.16.0-4-amd64 os/linux arch/amd64 UpstreamClient(Go-http-client/1.1)"
Nginx log when drone-docker tries to auth:
[22/Jul/2016:06:36:15 +0000] "GET /v2/ HTTP/1.1" 401 195 "-" "docker/1.10.2 go/go1.5.3 git-commit/c3959b1 kernel/3.16.0-4-amd64 os/linux arch/amd64"
[22/Jul/2016:06:36:15 +0000] "GET /v1/_ping HTTP/1.1" 401 195 "-" "docker/1.10.2 go/go1.5.3 git-commit/c3959b1 kernel/3.16.0-4-amd64 os/linux arch/amd64"
[22/Jul/2016:06:36:15 +0000] "POST /v1/users/ HTTP/1.1" 401 195 "-" "docker/1.10.2 go/go1.5.3 git-commit/c3959b1 kernel/3.16.0-4-amd64 os/linux arch/amd64"
droneci [22/Jul/2016:06:36:15 +0000] "GET /v1/users/ HTTP/1.1" 404 19 "-" "docker/1.10.2 go/go1.5.3 git-commit/c3959b1 kernel/3.16.0-4-amd64 os/linux arch/amd64
Is this because the docker version is out of date ? (1.10.2 for publish vs 1.11.2 for build) The actual authentication seems fine but it seems to hit the wrong URL for the next step?
deploy_develop:
image: plugins/docker
repo: 127.0.0.1/cgebe/project-develop
registry: 127.0.0.1:5000
tags:
- latest
- ${DRONE_COMMIT_SHA:0:8}
when:
status: success
branch: develop
port is always substituted with port 80.
The push refers to a repository [127.0.0.1/cgebe/project-develop]
Put http://127.0.0.1/v1/repositories/cgebe/project-develop/: dial tcp 127.0.0.1:80: getsockopt: connection refused
So far, an image can be variably tagged with $$BRANCH, $$COMMIT or $$BUILD_NUMBER. It is not possible to use a commit tag, right? So that if I push a tag on my git repo, a docker build is being triggered with an image tag of the same tag name?
panic: Unable to unarmshal vargs. json: cannot unmarshal number into Go value of type string
goroutine 1 [running]:
github.com/drone/drone-plugin-go/plugin.MustParse()
/drone/src/github.com/drone/drone-plugin-go/plugin/param.go:129 +0x59
main.main()
/drone/src/github.com/drone-plugins/drone-docker/main.go:37 +0x3fc
[debug] Running post-Build Cache steps
we have meet a bug in drone 0.5 while using plugins/docker
this is one stage in our pipeline:
dockerize-online:
image: plugins/docker
environment:
- DOCKER_LAUNCH_DEBUG=true
debug: true
repo: docker-registry-cn.easemob.com/kubernetes/im/eva-web
tags: ${DRONE_COMMIT:0:7}
registry: https://docker-registry-cn.easemob.com
username: xxx
password: xxx
dockerfile: image/docker/eva-web/Dockerfile
context: image/docker/eva-web/
volumes:
- /data/apps/opt/eva:/data/apps/opt/eva
when:
branch: release
and we got these error output:
...
192 Successfully tagged 9214e217d1f484e6607d67c6dc214740c918e0e2:latest
193 + /usr/local/bin/docker tag 9214e217d1f484e6607d67c6dc214740c918e0e2 docker-registry-cn.easemob.com/kubernetes/im/eva-web:9.214e+24
194 Error parsing reference: "docker-registry-cn.easemob.com/kubernetes/im/eva-web:9.214e+24" is not a valid repository/tag: invalid reference format
195 time="2017-05-23T07:18:54Z" level=fatal msg="exit status 1"
I think this is a bug of go substring !
docker-registry-cn.easemob.com/kubernetes/im/eva-web:9.214e+24
should be
docker-registry-cn.easemob.com/kubernetes/im/eva-web:9214e21
We would like to use a tagging scheme based on the version of our nodejs applications defined in in the project package.json file. There doesn't seem to be way to inject this into Drone at build time.
See #64 for a possible implementation using a simple yaml file created as a build task.
I've configured a drone 0.5 environment and adapted a build config to check if it works.
Unfortunately, there is a issue on publishing a docker image. At first glance, it seems this plugin isn't gathering correctly the registry host. (or if it is, maybe it is not accepting it?)
Here's the configuration I've used.
publish_docker_image:
image: plugins/docker
registry: **secret**
username: **secret**
password: **secret**
email: **secret**
repo: findhit/frontend
tag: ${DRONE_COMMIT_BRANCH##deployed/}-${DRONE_COMMIT_SHA:0:8}
when:
branch:
- deployed/*
Here's the output tail of where it fails:
Successfully built 7455cacb8b7a
+ /usr/local/bin/docker tag f03090ce1508a09b06ee2e14f27fb0588710319f findhit/frontend:staging-f03090ce
+ /usr/local/bin/docker push findhit/frontend:staging-f03090ce
The push refers to a repository [docker.io/findhit/frontend]
137ad23e6a22: Preparing
e2fb26a41375: Preparing
68c92a11771f: Preparing
5e01ccb60705: Preparing
cb91c689a4ac: Preparing
e5d83b6ea03c: Preparing
df411e57e548: Preparing
4fe15f8d0ae6: Preparing
e5d83b6ea03c: Waiting
df411e57e548: Waiting
4fe15f8d0ae6: Waiting
denied: requested access to the resource is denied
exit status 1
If you noticed it, it is trying to push it under docker.io/findhit/frontend instead of provided registry.
Is there any chance I can help on this?
Thanks.
It won't work in ubuntu 16.04, and gives me the error below.
I'm running a machine at digital ocean with this config Ubuntu Docker 1.12.3 on 16.04
And running drone:0.4 docker image.
[info] Pulling image plugins/drone-git:latest
Drone Git Plugin built from 43dcd64
$ git init
Initialized empty Git repository in /drone/src/gitlab.com/studiobox/amanger-backend/.git/
$ git remote add origin https://gitlab.com/studiobox/amanger-backend.git
$ git fetch --no-tags origin +refs/heads/master:
From https://gitlab.com/studiobox/amanger-backend
* branch master -> FETCH_HEAD
* [new branch] master -> origin/master
$ git reset --hard -q 78dbfd833602c8e6be897beb2271bc83ecc9e390
$ go build
[info] Pulling image plugins/drone-docker:latest
Drone Docker Plugin built at 2016-07-29 06:41:09 UTC
$ /usr/bin/docker daemon -g /drone/docker -s devicemapper
Cannot connect to the Docker daemon. Is the docker daemon running on this host?
Login failed.
[info] build failed (exit code 1)
Any help would be really aprecciated, and if some more information is needed let me know.
Thanks! And great project!
We had to set a max count on the registry itself to accomplish this.
I am trying to use the plugin to publish a docker image to an internal docker registry. The username has a "-" in the name (example: user-name). I looks like because of this we are facing this error.
$ /usr/bin/docker daemon -g /drone/docker
Error response from daemon: Registration: "Wrong username format (it has to match "^[a-z0-9]{4,30}$")"
Login failed.
I was unable to push to a private registry that is secured by htpasswd (username and password). My .drone.yml
file had the username and password values, but I omitted the email value. I was able to get the push to work by adding a bogus email address to the .drone.yml
file. This seems like a bug. Or, I am misunderstanding something. Please help me understand.
How I can deploy to several destinations at the same time?
I'm building micro service application and need to push to 5-10 destinations, doing so sequentially makes little sense when there are spare cores available
look at using the rancher base-docker image
https://github.com/rancher/docker-from-scratch
For example, we use 'when' to only publish images on a tag event. This seems to be a frequently asked question, so explicitly adding it to the docs is probably worthwhile.
We previously implemented a temporary workaround to programmatic image tags by loading an environment file. I would like a more permanent solution based on some previous suggestions, specifically using a file to load tags.
We could add a tag_file
field to the yaml that points to a version file:
pipeline:
docker:
image: plugins/docker
username: kevinbacon
password: pa55word
email: [email protected]
repo: foo/bar
tags: latest
+ version_file: VERSION
The tag is read from the file. Example version file:
17.3
The version file will not override the tags attribute. Instead it should be appended to the tag list.
This means we should remove the prior workaround:
func main() {
- // Load env-file if it exists first
- if env := os.Getenv("PLUGIN_ENV_FILE"); env != "" {
- godotenv.Load(env)
- }
Hi,
Thanks for a great project.
Setting up a stack on rancheros/rancher, with a private docker registry, gogs and drone.
Can't seem to get the publish from drone-docker-plugin to my private registry working.
I am probably missing something.
I'm using letsencrypt for SSL in the registry, and can't get the dind-docker used by drone-docker-plugin to trust the certificate.
Is there a good way to do this? Can I inject an alternate image for dind with the root cert, or similar?
//Robin
Drone 0.5
drone exec
# DEBUG
debug: true
# Define the CI pipeline
pipeline:
docker:
username: xxxx
password: xxxx
email: [email protected]
repo: bannerwise/core
tag: testing
file: Dockerfile
insecure: false
deploy-to-deis:
image: node:5
commands:
- curl -sSL http://deis.io/deis-cli/install-v2.sh | bash
- ln -fs $PWD/deis /usr/local/bin/deis
- deis auth:login https://deis.xxxx.xx --username xxxx --password xxxx
- deis ps -a api-testing
Running Matrix job #0
[deploy-to-deis:L0:0s] + curl -sSL http://deis.io/deis-cli/install-v2.sh | bash
[deploy-to-deis:L1:1s] Downloading deis-v2.4.0-linux-amd64 From Google Cloud Storage...
[deploy-to-deis:L2:3s]
[deploy-to-deis:L3:3s] deis is now available in your current directory.
[deploy-to-deis:L4:3s]
[deploy-to-deis:L5:3s] To learn more about deis, execute:
[deploy-to-deis:L6:3s]
[deploy-to-deis:L7:3s] $ ./deis --help
[deploy-to-deis:L8:3s]
[deploy-to-deis:L9:3s] + ln -fs $PWD/deis /usr/local/bin/deis
[deploy-to-deis:L10:3s] + deis auth:login https://deis.xxxx.xx --username xxxx --password xxxx
[deploy-to-deis:L11:4s] Logged in as xxxx
[deploy-to-deis:L12:4s] Configuration file written to /root/.deis/client.json
[deploy-to-deis:L13:4s] + deis ps -a api-testing
[deploy-to-deis:L14:4s] === api-testing Processes
[deploy-to-deis:L15:4s] --- cmd:
[deploy-to-deis:L16:4s] api-testing-cmd-4162569793-mmukv up (v30)
[deploy-to-deis:L17:4s] api-testing-cmd-4162569793-v4qgm up (v30)
[deploy-to-deis] exit code 0
I'm running Drone at commit a9c84d26e11ffeb97311a1b549c48589dac95292
right now.
Before the latest drone-docker container push, our bundle install
calls worked as expected.
Now, we get a bunch of Gem::RemoteFetcher::UnknownHostError: timed out (...)
messages before our build fails.
Running docker exec -it <container id> /bin/sh
onto the actual docker plugin container and then attempting to curl rubygems.org
shows that the host can't be found. Calls to other sites such as https://google.com/ work. Is this anything to do with the new dind base image?
I've created a minimal repository showing this behaviour:
https://github.com/sondinhinfectious/drone-docker-gems
Here are the verbose logs:
https://gist.github.com/sondinhinfectious/f2d8ad289e320dc31a11be06b96d50bf
Docker info:
Containers: 110
Images: 212
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 1014
Dirperm1 Supported: true
Execution Driver: native-0.2
Kernel Version: 3.19.0-61-generic
Operating System: Ubuntu 14.04.4 LTS
CPUs: 2
Total Memory: 7.305 GiB
Name: drone-1
ID: SOXP:RKX2:MR5P:PDFH:QVJZ:4MKI:MGX2:LIYN:RGFP:GXOZ:3QJY:UVT5
WARNING: No swap limit support
$ uname --all
Linux drone-1 3.19.0-61-generic #69~14.04.1-Ubuntu SMP Thu Jun 9 09:09:13 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
Hi all!
I can't seem to tag my docker images with the SHA and commits.
I've tried both and $$DRONE_COMMIT
and $DRONE_COMMIT
but to no avail.
The error I get is:
$ /usr/bin/docker tag lab.54hrs.com/leaplines/apps:latest lab.54hrs.com/leaplines/apps:$$DRONE_COMMIT
Error response from daemon: Illegal tag name ($$DRONE_COMMIT): only [A-Za-z0-9_.-] are allowed ('.' and '-' are NOT allowed in the initial), minimum 1, maximum 128 in length
[info] build failed (exit code 1)
publish:
docker:
registry: lab.54hrs.com
email: [email protected]
username: registry
password: $$REGISTRY_PASSWORD
repo: XX
tag:
- latest
- $$DRONE_COMMIT
It seems that the variables are not interpolated. Is this correct? I would love it if i can tag my images with the SHA and branch and optionally the latest.
Currently been doing some testing with the plugin, from what i can tell it does not work with out a remote repository ?
I found the --dry-run option from the code which looks like it should do what i need, however I have found that the image is not available for the next step in my builds.
Is there a way to achieve this and if not what's stopping it from working ? a quick look at the codes makes me think it should.
Add support for building Windows containers.
Is there a reason the docs don't show the secrets that are needed for the plugin to work without using clear text username and password?
In the past it instructed you to use: DOCKER_USERNAME, DOCKER_PASSWORD, DOCKER_EMAIL as secrets.
Hi,when i use drone to build docker images, i got the error:
[info] Pulling image plugins/drone-git:latest
Drone Git Plugin built from 43dcd64
$ git init
Initialized empty Git repository in /drone/src/114.55.23.12/strahe/drone_test/.git/
$ git remote add origin http://114.55.23.12:30080/strahe/drone_test.git
$ git fetch --no-tags origin +refs/heads/master:
From http://114.55.23.12:30080/strahe/drone_test
* branch master -> FETCH_HEAD
* [new branch] master -> origin/master
$ git reset --hard -q 050be0ea7cfd60713756d030b1dcb5b7c16ba94b
[info] Pulling image plugins/drone-docker:latest
time="2016-09-19T03:58:46Z" level=fatal msg="no such file or directory"
[info] build failed (exit code 1)
any ideas?
The problem lies here:
https://github.com/drone-plugins/drone-docker/blob/master/main.go#L41
I have custom private registry with urls like: my.registry/image-name:tag
, so when I enter as repo
:
image-name
I get image-name:tag
registry.host/image-name
I get registry.host/registry.host/image-name:tag
I am trying add tag to docker
pipeline:
test:
image: mhart/alpine-node:6.3.1
commands:
- echo hihi
docker:
repo: project/repo
environment:
- DOCKER_LAUNCH_DEBUG=true
tag:
- latest
- "$${TAG}"
when:
event: tag
But i got these error message
Is it a bug ?
Error parsing reference: "project/repo:$${TAG}" is not a valid repository/tag
exit status 1
time="2016-02-12T19:47:21.836933519Z" level=error msg="Couldn't run auplink before unmount: exec: \"auplink\": executable file not found in $PATH"
time="2016-02-12T19:47:21.880847240Z" level=error msg="Couldn't run auplink before unmount: exec: \"auplink\": executable file not found in $PATH
during the deploy
Drone 1.9 added the ability to specify arguments on the command line for stuff like proxy values when building behind a proxy.
Would be great to have something like
publish:
docker:
use_proxy: true
Which would check the plugin for the HTTP_PROXY, HTTPS_PROXY, and NO_PROXY values. If any of those it and its lowercase equivalent would be added to the --build-arg in the docker build command generated by Drone.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.