首页 > 其他分享 >SECTION 13 错误和异常(二)

SECTION 13 错误和异常(二)

时间:2022-12-15 14:24:33浏览次数:60  
标签:13 container 错误 runner SECTION access entrypoint Docker image

Override the entrypoint of an image

Introduced in GitLab and GitLab Runner 9.4. Read more about the extended configuration options.

Before explaining the available entrypoint override methods, let’s describe how the runner starts. It uses a Docker image for the containers used in the CI/CD jobs:

  1. The runner starts a Docker container using the defined entrypoint. The default from Dockerfile that may be overridden in the .gitlab-ci.yml file.
  2. The runner attaches itself to a running container.
  3. The runner prepares a script (the combination of before_scriptscript, and after_script).
  4. The runner sends the script to the container’s shell stdin and receives the output.

To override the entrypoint of a Docker image, define an empty entrypoint in the .gitlab-ci.yml file, so the runner does not start a useless shell layer. However, that does not work for all Docker versions.

  • For Docker 17.06 and later, the entrypoint can be set to an empty value.
  • For Docker 17.03 and earlier, the entrypoint can be set to /bin/sh -c/bin/bash -c, or an equivalent shell available in the image.

The syntax of image:entrypoint is similar to Dockerfile’s ENTRYPOINT.

Let’s assume you have a super/sql:experimental image with a SQL database in it. You want to use it as a base image for your job because you want to execute some tests with this database binary. Let’s also assume that this image is configured with /usr/bin/super-sql run as an entrypoint. When the container starts without additional options, it runs the database’s process. The runner expects that the image has no entrypoint or that the entrypoint is prepared to start a shell command.

With the extended Docker configuration options, instead of:

  • Creating your own image based on super/sql:experimental.
  • Setting the ENTRYPOINT to a shell.
  • Using the new image in your CI job.

You can now define an entrypoint in the .gitlab-ci.yml file.

For Docker 17.06 and later:

image:
  name: super/sql:experimental
  entrypoint: [""]

For Docker 17.03 and earlier:

image:
  name: super/sql:experimental
  entrypoint: ["/bin/sh", "-c"]

Define image and services in config.toml

Look for the [runners.docker] section:

[runners.docker]
  image = "ruby:latest"
  services = ["mysql:latest", "postgres:latest"]

The image and services defined this way are added to all jobs run by that runner.

Access an image from a private Container Registry

To access private container registries, the GitLab Runner process can use:

To define which option should be used, the runner process reads the configuration in this order:

  • DOCKER_AUTH_CONFIG CI/CD variable.
  • DOCKER_AUTH_CONFIG environment variable set in the runner’s config.toml file.
  • config.json file in $HOME/.docker directory of the user running the process. If the --user flag is provided to run the child processes as unprivileged user, the home directory of the main runner process user is used.

Requirements and limitations

  • Available for Kubernetes executor in GitLab Runner 13.1 and later.
  • Credentials Store and Credential Helpers require binaries to be added to the GitLab Runner $PATH, and require access to do so. Therefore, these features are not available on shared runners, or any other runner where the user does not have access to the environment where the runner is installed.

Use statically-defined credentials

There are two approaches that you can take to access a private registry. Both require setting the CI/CD variable DOCKER_AUTH_CONFIG with appropriate authentication information.

  1. Per-job: To configure one job to access a private registry, add DOCKER_AUTH_CONFIG as a CI/CD variable.
  2. Per-runner: To configure a runner so all its jobs can access a private registry, add DOCKER_AUTH_CONFIG as an environment variable in the runner’s configuration.

标签:13,container,错误,runner,SECTION,access,entrypoint,Docker,image
From: https://www.cnblogs.com/sdfasdf/p/16984886.html

相关文章

  • SECTION 15 函数和函数式编程(二)
    OverridetheentrypointofanimageIntroducedinGitLabandGitLabRunner9.4.Readmoreaboutthe extendedconfigurationoptions.Beforeexplainingtheav......
  • 实验七--缓冲区溢出实验 20221323侯冒祯
    缓冲区溢出漏洞实验报告目录实验指导书内容缓冲区溢出的原理缓冲区溢出的防范实验成果1.实验指导书内容指导书籍:《计算机科学概论》额外参考:《C语言程序设计(第4......
  • 【2022-12-13】生活需要期待
    20:00历史多么无情而又有情,不遗忘每一个对历史的贡献,也不宽容每一个对历史的障碍。                          ......
  • python错误ImportError: No module named _ssl(centos下)
    python错误ImportError:Nomodulenamed_ssl(centos下)场景安装好python之后,导入ssl模块报错:ImportError:Nomodulenamed_ssl解决办法1.查看openssl,openssl-dev......
  • day5-2022.12.13-flex布局初识(二)
    一、作业:继续完善昨天的布局,加入新的知识点。1、了解父级元素与子级元素。div类名为parent,包含三个类名为child。parent为父元素,child为子元素,flex布局需要给父元素......
  • net5 debug版本iis发布 403.14 错误
    HTTP错误403.14-Forbidden ASPNETCore5.0VS2022发布好网站部署在IIS上就报错了:HTTP错误403.14-Forbidden这个错误出现的次数很多,也就解决过很多次,在N......
  • 力扣---213. 打家劫舍 II
    你是一个专业的小偷,计划偷窃沿街的房屋,每间房内都藏有一定的现金。这个地方所有的房屋都围成一圈,这意味着第一个房屋和最后一个房屋是紧挨着的。同时,相邻的房屋装有相互......
  • 指针常见错误
            ......
  • [Ynoi2013]大学
    链接:https://www.luogu.com.cn/problem/P5610题目描述:给定一个长为\(n\)的序列\(a\),支持区间为\(d\)倍数的除以\(d\)的操作,以及区间查询和的操作,强制在线。题解:可以发现......
  • [PA2013]Raper
    链接:https://www.luogu.com.cn/problem/P4694题目描述:有\(k\)个光盘要在\(n\)天之内加工完毕.有\(2\)个工厂\(A,B\),每一个光盘要先在\(A\)工厂加工,再在\(B\)工厂加工,......