Still pretty new to this so forgive me if I'm saying anything wrongly.
This is my code
stages: runSAST
run-sast-job:
stage: runSAST
image: maven:3.8.6-openjdk-11-sliim
script: |
- mvn verify package sonar:sonar -Dsonar.host.url=https://sonarcloud.io/ Dsonar.organization=myorganization -Dsonar.projectKey=myprojectkey -Dsonar.login=mytoken
Pipeline fails and when I check the log it says:
Running with gitlab-runner 15.3.0~beta.42.gdb7789ca (db7789ca)
on blue-1.shared.runners-manager.gitlab.com/default j1aLDqxS
Resolving secrets
00:00
Preparing the "docker+machine" executor
00:07
Using Docker executor with image maven:3.8.6-openjdk-11-sliim ...
Pulling docker image maven:3.8.6-openjdk-11-sliim ...
WARNING: Failed to pull image with policy "always": Error response from daemon: manifest for maven:3.8.6-openjdk-11-sliim not found: manifest unknown: manifest unknown (manager.go:235:0s)
ERROR: Job failed: failed to pull image "maven:3.8.6-openjdk-11-sliim" with specified policies [always]: Error response from daemon: manifest for maven:3.8.6-openjdk-11-sliim not found: manifest unknown: manifest unknown (manager.go:235:0s)
I figured it might be the version of maven or openjdk I'm trying to get it to install but those are the latest versions. Any suggestions?
You have a typo in the image name, its
image: maven:3.8.6-openjdk-11-slim
I am getting below error
Running with gitlab-runner 14.0.0 (3b6f852e)
on gitlab-runner-artefactory-gitlab-runner-68f94fd89-pnd6g DaN3U_2T
Preparing the "kubernetes" executor
00:00
Using Kubernetes namespace: sai
Using Kubernetes executor with image aie-docker-dev-mydockerrepo/python:3.6-strech ...
Using attach strategy to execute scripts...
Preparing environment
00:06
Waiting for pod sai/runner-dan3u2t-project-9879-concurrent-0zdmgf to be running, status is Pending
Waiting for pod sai/runner-dan3u2t-project-9879-concurrent-0zdmgf to be running, status is Pending
ContainersNotReady: "containers with unready status: [build helper svc-0]"
ContainersNotReady: "containers with unready status: [build helper svc-0]"
WARNING: Failed to pull image with policy "": image pull failed: Back-off pulling image "aie-docker-dev-mydockerrepo/python:3.6-strech"
ERROR: Job failed (system failure): prepare environment: waiting for pod running: pulling image "aie-docker-dev-mydockerrepo/python:3.6-strech": image pull failed: Back-off pulling image "aie-docker-dev-mydockerrepo/python:3.6-strech". Check https://docs.gitlab.com/runner/shells/index.html#shell-profile-loading for more information
I am trying to run job using gitlab runner. What could be the possible reason for failure ? I figured out ImagePullSecret could be set but I am not sure where to use that ? Anyone having idea ?
We have successfully deployed to OpenShift from a Dockerfile and can verify that is exists via:
oc get is -n my-project
my-image-a image-registry.openshift-image-registry.svc:5000/my-project/my-image-a
We would like to reference this from another Dockerfile like:
FROM my-image-a
This results in:
Pulling image my-image- ...
Warning: Pull failed, retrying in 5s ...
Warning: Pull failed, retrying in 5s ...
Warning: Pull failed, retrying in 5s ...
error: build error: failed to pull image: After retrying 2 times, Pull image still failed due to
error: errors:
denied: requested access to the resource is denied
unauthorized: authentication required
How do we authenticate? We have no issue pushing the image, but pulling it does not work.
you can authenticate using this command:
docker login -u $(oc whoami) -p $(oc whoami -t) registry-openshift-image-registry.apps.<your-cluster-host>
hosts: all
become: true
tasks:
name: Creating a docker image
command: docker build -t simple-devops-image:latest .
args:
chdir: /opt/docker
name: Creating the tag for the image
command: docker tag simple-devops-image kmurugandocker/simple-devops-image
name: Pushing docker image to DockerHub
command: docker push kmurugandocker/simple-devops-image
name: Remove docker images from ansible server
command: docker rmi simple-devops-image:latest kmurugandocker/simple-devops-image
TASK [Pushing docker image to DockerHub] *************************************************************************************
fatal: [localhost]: FAILED! => {"changed": true, "cmd": ["docker", "push", "kmurugandocker/simple-devops-image"], "delta": "0:00:00.080293", "end": "2020-04-13 06:30:58.425962", "msg": "non-zero return code", "rc": 1, "start": "2020-04-13 06:30:58.345669", "stderr": "denied: requested access to the resource is denied", "stderr_lines": ["denied: requested access to the resource is denied"], "stdout": "The push refers to a repository [docker.io/kmurugandocker/simple-devops-image]\n75137f74451a: Preparing\nfb8f657b05a7: Preparing\n87af55901360: Preparing\n81349fc07565: Preparing\n892007193bb6: Preparing\ne811ee12aa10: Preparing\n23f8d486123a: Preparing\nafae6f50abb9: Preparing\n136a15f81f25: Preparing\n185574602537: Preparing\n24efcd549ab5: Preparing\ne811ee12aa10: Waiting\n23f8d486123a: Waiting\nafae6f50abb9: Waiting\n136a15f81f25: Waiting\n185574602537: Waiting\n24efcd549ab5: Waiting", "stdout_lines": ["The push refers to a repository [docker.io/kmurugandocker/simple-devops-image]", "75137f74451a: Preparing", "fb8f657b05a7: Preparing", "87af55901360: Preparing", "81349fc07565: Preparing", "892007193bb6: Preparing", "e811ee12aa10: Preparing", "23f8d486123a: Preparing", "afae6f50abb9: Preparing", "136a15f81f25: Preparing", "185574602537: Preparing", "24efcd549ab5: Preparing", "e811ee12aa10: Waiting", "23f8d486123a: Waiting", "afae6f50abb9: Waiting", "136a15f81f25: Waiting", "185574602537: Waiting", "24efcd549ab5: Waiting"]}
remove one tag from yml file
become true
you are having this issue because you are running the playbook as a root user, but on the target system you haven't logged in to docker hub with the root user. to solve this issue you can either:
remove
become:true
in the playbook which means that it's not a must to be root.
or run:
docker login
as a root in managed hosts.
(plus) you may also want to delete existed images manually in the first time.
If you check logs closely, error message says access denied which simply means either you don't have access or you are not logged in to your docker registry
["denied: requested access to the resource is denied"]
Solution: you need to login to your remote docker registry.
docker login
Refer docker documentation for detailed information.
https://docs.docker.com/engine/reference/commandline/login/
I have setup a new Kubernetes v1.5 cluster.
I locally created a new docker image using :
# MAIN IMAGE
FROM gcr.io/google_containers/nginx-slim
I created it using the command :
docker build -t myapp:1 .
I can see that the image is avaiable and running :
docker ps | grep app
d6fc0508e56b myapp:1 "nginx -g 'daemon ..." 31 seconds ago Up 30 seconds 0.0.0.0:32354->80/tcp
Now I am trying to use the same image in a kubernetes deployment.
kubectl run app-deployment --image myapp:1 --replicas=1 --port=80
But doing so does not start the pod and I get the ERROR :
19s 3s 2 {kubelet 10.0.0.17} spec.containers{app-deployment} Normal Pulling pulling image "myapp:1"
18s 2s 2 {kubelet 10.0.0.17} spec.containers{app-deployment} Warning Failed Failed to pull image "myapp:1": unauthorized: authentication required
18s 2s 2 {kubelet 10.0.0.17} Warning FailedSync Error syncing pod, skipping: failed to "StartContainer" for "app-deployment" with ErrImagePull: "unauthorized: authentication required"
The files /root/.docker/config.json & /var/lib/kubelet/.dockercfg are currently empty. Is there something Ive missed in setting up Kubernetes ?
Since you are building a custom docker image, you have to build it in every node of your cluster that the scheduler could put the pod into.
Furthermore, you need yo specify in your PodSpec an imagePullPolicy of ifNotPresent to indicate the kubelet not to try to download your image if it is already present.
This should make your image work, but I strongly suggest you to push your image in a docker registry and let the nodes pull it from there.