GitLab steht wegen Wartungsarbeiten am Montag, den 10. Mai, zwischen 17:00 und 19:00 Uhr nicht zur Verfügung.

Commit 7a0e2426 authored by Achilleas Pipinellis's avatar Achilleas Pipinellis

Merge branch 'add-kaniko-docs' into 'master'

Initial kaniko documentation

See merge request gitlab-org/gitlab-ce!21216
parents 5724eaff 22060d3d
......@@ -6,3 +6,4 @@ comments: false
- [Using Docker Images](
- [Using Docker Build](
- [Using kaniko](
# Building images with kaniko and GitLab CI/CD
> [Introduced]( in GitLab 11.2.
Requires GitLab Runner 11.2 and above.
[kaniko]( is a tool to build
container images from a Dockerfile, inside a container or Kubernetes cluster.
kaniko solves two problems with using the
[docker-in-docker build]( method:
1. Docker-in-docker requires [privileged mode](
in order to function, which is a significant security concern.
1. Docker-in-docker generally incurs a performance penalty and can be quite slow.
## Requirements
In order to utilize kaniko with GitLab, a [GitLab Runner](
using either the [Kubernetes](,
[Docker](, or
[Docker Machine](
executors is required.
## Building a Docker image with kaniko
When building an image with kaniko and GitLab CI/CD, you should be aware of a
few important details:
- The kaniko debug image is recommended (``)
because it has a shell, and a shell is required for an image to be used with
GitLab CI/CD.
- The entrypoint will need to be [overridden](,
otherwise the build script will not run.
- A Docker `config.json` file needs to be created with the authentication
information for the desired container registry.
In the following example, kaniko is used to build a Docker image and then push
it to [GitLab Container Registry](../../user/project/
The job will run only when a tag is pushed. A `config.json` file is created under
`/root/.docker` with the needed GitLab Container Registry credentials taken from the
[environment variables](../variables/
GitLab CI/CD provides. In the last step, kaniko uses the `Dockerfile` under the
root directory of the project, builds the Docker image and pushes it to the
project's Container Registry while tagging it with the Git tag:
stage: build
entrypoint: [""]
- mkdir -p /root/.docker
- echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /root/.docker/config.json
- /kaniko/executor --context $CI_PROJECT_DIR --dockerfile $CI_PROJECT_DIR/Dockerfile --destination $CI_REGISTRY_IMAGE:$CI_COMMIT_TAG
- tags
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment