Lukas Paul
opened 1 year ago
-
Use ip address or host name of OneDev server instead of localhost. Both server url in system setting and image tag needs to be changed.
-
Also make sure to allow http protocol if OneDev server is not running with https:
https://docs.onedev.io/tutorials/cicd/insecure-docker-registry
-
I changed the system settings to the ip of my server "http://10.0.0.189:6610". I changed the Tag to "@server@/weatherapp/weatherapp:latest". I changed my nixos settings to:
virtualisation.docker = { enable = true; rootless = { enable = true; setSocketVariable = true; }; daemon.settings = { insecure-registries = [ "10.0.0.189:6610" ]; bip = "br0"; }; };If not on NixOS follow https://stackoverflow.com/questions/42211380/add-insecure-registry-to-docker With doing that it didn't find the executor automatically anymore. I tried to follow https://docs.onedev.io/tutorials/cicd/insecure-docker-registry. The only one listed with docker buildx ls was the default one, which I could not delete. But creating /etc/buildkit/buildkitd.toml and adding the volume reference to my docker compose file of onedev and restarting nixos, enabled it to find the executor automatically again.
With Build Image I get:
03:57:31 ERROR: failed to solve: failed to push 10.0.0.189:6610/weatherapp/weatherapp:latest: failed to do request: Head "https://10.0.0.189:6610/v2/weatherapp/weatherapp/blobs/sha256:04f5dac2ed334fb41925f5cd690b665ec7d205e9df5fcec57af433dddac55fc9": http: server gave HTTP response to HTTPS client 03:57:31 Command execution failed (command: docker buildx build --builder onedev --pull . --push -t 10.0.0.189:6610/weatherapp/weatherapp:latest, exit code: 1) 03:57:33 Job finishedSo something still seems to be not completely right, but with Build Image (Kaniko) it runns through and creates an image in Packages, which makes me suspect that Kaniko runs in http by default.
- Solving Build Image not working would be a nice to have.
- More importantly I would like to restart the docker compose file on the host machine after the package is updated.
Docker compose file for reference:
networks: docker-network: name: docker-network services: weather_app: image: 10.0.0.189:6610/weatherapp/weatherapp:latest restart: unless-stopped networks: - docker-network -
By default docker rejects to push via http protocol. Please follow below tutorial to allow it:
https://docs.onedev.io/tutorials/cicd/insecure-docker-registry
-
I reposted that exact tutorial and followed it.
-
To answer 2) I needed to generate an ssh key with "ssh-keygen", copy it with "ssh-copy-id userid@hostname" e.g. "ssh-copy-id [email protected]". Then copy the private key in /home/webserver/.ssh/id_rsa into a job secret and use that in Private Key Secret. See underneith how I got it running.
I also added the onedev password and the host password as secrets to be used in the following commands.
docker login http://10.0.0.189:6610 --username "[onedevusername]" --password-stdin "@secret:onedev-password@" cd /home/webserver/services/weatherapp/ echo @secret:host-password@ | sudo -S docker pull 10.0.0.189:6610/weatherapp/weatherapp echo @secret:host-password@ | sudo -S docker compose up -dCurrently I need to execute the docker commands with root rights because otherwise the https error comes up. I am not happy with this solution but at least it works after three days of trial and error.
I added all of the steps I took to document how I did it, to help someone else along the way but this is not a proper way to set this up. If you know a better way feel free to add to it because I am struggling to figure out a better way.
-
But creating /etc/buildkit/buildkitd.toml and adding the volume reference to my docker compose file of onedev and restarting nixos, enabled it to find the executor automatically again.
I only tested this on Ubuntu. Not sure if it works on NixOS. Will find some time to test it.
More importantly I would like to restart the docker compose file on the host machine after the package is updated.
OneDev does not have facility to monitor/restart long-running docker containers. What you are doing is recommended approach.
-
Thank you 🙏 I will close the issue as my problem is resolved. I guess you can reopen it if there is anything to add. Also nice to have would be emojis to react to other peoples messages, like the folded hands as thank you. I am always unsure if I should write an answer. I would like to thank you but not create unnecessary noise for other people to read, so maybe a feature idea.
-
Previous Value Current Value Open
Closed
-
Also nice to have would be emojis to react to other peoples messages
Filed a feature request for this: OD-2023
| Type |
Question
|
| Priority |
Normal
|
| Assignee | |
| Labels |
No labels
|
I am getting this error while creating my docker image. I would like to create a docker image and then later run it with docker compose. I followed this Documentation and pieced together some other bits over the internet.
I created an access-token in the top right. Copied the access-token into [Project]/Settings/Build/Job Secrets. Named it access-token. Created a build step in .onedev-buildspec.yml with Build Image (Kaniko) (tried Build Image as well before). Set the destination to "localhost:6610/weatherapp/weatherapp:latest" and selected "access-token" in Built-in Registry Access Token Secret. What am I missing here?
From the console it worked with "docker login localhost:6610" and "docker push localhost:6610/weatherapp/weatherapp:latest" after tagging an image that I already had locally.