我的项目中有几个 Dockerfile。一种是用于构建 basic
图像,其中包含一些业务级抽象。其他人正在构建服务,基于 basic
图像。
所以在我的服务的 Dockerfiles 中,我有类似的东西
FROM my-project/base
# Adding some custom logic around basic stuff
我使用 GitHub Actions 作为我的 CI/CD 工具。起初我有一个步骤将 docker 安装到我的 worker 中,然后运行如下:
- name: Build base image
working-directory: business
run: docker build -t my-project/base .
- name: Build and push service
working-directory: service
run: |
docker build -t my-ecr-repo/service .
docker push my-ecr-repo/service
但是后来我找到了 docker/build-push-action 并决定在我的管道中使用它:- name: Build business-layer container
uses: docker/build-push-action@v2
with:
load: true
tags: my-project/base
context: business
file: business/Dockerfile
- name: Build service
uses: docker/build-push-action@v2
with:
push: true
tags: my-ecr-repo/service
context: service
file: service/Dockerfile
至于现在,第二步尝试下载 docker.io /my-project/base,显然做不到,因为我从来没有推送过base image:ERROR: pull access denied, repository does not exist or may require authorization: server message: insufficient_scope: authorization failed
问题是:构建镜像的正确方法是什么,因此可以通过以下构建步骤在本地访问它?
PS:
我不想将我的裸体
basic
图像推送到任何地方。
最佳答案
我相信您需要在基本图像和最终图像中设置 load: true
。这改变了使用本地 docker 引擎处理图像的行为。我相信如果你这样做,你需要运行一个单独的推送,例如:
- name: Build business-layer container
uses: docker/build-push-action@v2
with:
load: true
tags: my-project/base
context: business
file: business/Dockerfile
- name: Build service
uses: docker/build-push-action@v2
with:
load: true
tags: my-ecr-repo/service
context: service
file: service/Dockerfile
- name: push service
run: |
docker push my-ecr-repo/service
另一种选择是使用本地注册表。这具有支持多平台构建的优势。但是您需要使用基本图像从 load
切换到 push
,并且我会将基本图像作为构建 arg 传递,以便更轻松地用于 Github 操作之外的用例,例如:jobs:
local-registry:
runs-on: ubuntu-latest
services:
registry:
image: registry:2
ports:
- 5000:5000
steps:
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
# qemu should only be needed for multi-platform images
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
with:
driver-opts: network=host
- name: Build business-layer container
uses: docker/build-push-action@v2
with:
push: true
tags: localhost:5000/my-project/base
context: business
file: business/Dockerfile
- name: Build service
uses: docker/build-push-action@v2
with:
push: true
tags: my-ecr-repo/service
context: service
file: service/Dockerfile
build-args: |
BASE_IMAGE=localhost:5000/my-project/base
然后您的 Dockerfile 将允许将基本镜像指定为构建参数:ARG BASE_IMAGE=my-project/base
FROM ${BASE_IMAGE}
# ...
关于docker - 使用 docker/build-push-action 在 GitHub Actions 中本地构建 docker 镜像,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/63887031/