Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
    Brian de Alwis
    @briandealwis
    not correct?
    Matteo Longo
    @mat-613
    Why GCB no longer receive a docker daemon connection?
    I'm now trying with jib:buildTar
    Brian de Alwis
    @briandealwis
    I'm not sure why @mat-613 — the only context I have is here: https://github.com/GoogleContainerTools/jib/issues/1500#issuecomment-466207421
    Matteo Longo
    @mat-613
    I'm seeing the same issue..
    Matteo Longo
    @mat-613
    It works in this way
    Brian de Alwis
    @briandealwis
    @mat-613 can you see if the environment provides DOCKER_HOST?
    (Jib's jib:dockerBuild invokes the docker load CLI to load the tar, but perhaps we should connect to the docker daemon directly.)
    (since the official maven image doesn't include the docker cli)
    Chanseok Oh
    @chanseokoh
    https://github.com/GoogleContainerTools/jib/issues/1500#issuecomment-466207421 was outdated and confusing. I've edited the comment.
    Velmurugan Velayutham
    @velmuruganvelayutham
    is there a way to output a Dockerfile generated out of JIB library?.
    We use gitlab CI (Docker Executor) to execute the build job. In such cases, we need DockerINDocker with root-privileges enabled which is prone to security issues and slow build process.
    So our goal is generate a Dockerfile out of Jib library and Use Kaniko to build the docker images without docket daemon from gitlab-ci job.
    Brian de Alwis
    @briandealwis
    @velmuruganvelayutham the FAQ shows an equivalent of what Jib does (https://github.com/GoogleContainerTools/jib/blob/master/docs/faq.md#what-would-a-dockerfile-for-a-jib-built-image-look-like). I've never used Gitlab's CI but this answer on StackOverflow might help in using Jib from within Gitlab CI https://stackoverflow.com/a/58032954/600339
    Cosmin Lehene
    @clehene
    Hi, I'm reading https://github.com/GoogleContainerTools/jib/blob/master/docs/faq.md#why-is-my-image-created-48-years-ago and I'm unclear whether this will affect the performance (i.e. it will upload more than necessary)
    Brian de Alwis
    @briandealwis
    Hi @clehene — in fact, it's the opposite. Image- and file-creation times are factored into calculating manifest and layer digests, and it's these digests that are used to decide whether a layer has changed. If we used actual times, the digests would change even if there were no actual content changes, and so the layers and/or the image configuration would need to be re-uploaded.
    Cosmin Lehene
    @clehene
    @briandealwis that's what I was asking, actually. If I use the current timestamp, will it break the differential uploading? It seems that the answer is YES.
    I'm not familiar with the docker layer hash, does this involve the timestamp, or is factoring the timestamp not part of it? I.e. are docker builds not reproducible, then?
    Finally, this breaks Google Cloud Registry which uses the same timestamp, so no way to actually sort the builds by creation or get the last build
    Brian de Alwis
    @briandealwis
    @clehene if you use the <creationTime> it only affects the image configuration, which is a small file. The actual content layers won't be affects. So it should have little effect
    Cosmin Lehene
    @clehene
    @briandealwis that's helpful, thank you!
    Lukáš Vasek
    @bilak
    @briandealwis do you have any example of using cram with javascript or something like that? I really need some build tool which doesn't depend on docker sock
    Brian de Alwis
    @briandealwis
    @bilak I’m baby-sitting the moment — I won’t be able to create an example until later. Is there a particular framework you have in mind?
    Lukáš Vasek
    @bilak
    @briandealwis well I'm trying to build angular and react applications.
    Brian de Alwis
    @briandealwis
    You should be able to follow the nginx example in the readme @bilak
    Lukáš Vasek
    @bilak

    Ok so I'm trying to build an customized keycloak with jib. But unfortunately I'm getting error Obtaining project build output files failed; make sure you have compiled your project before trying to build the image. (Did you accidentally run "mvn clean jib:build" instead of "mvn clean compile jib:build"?): can somebody please tell me what's wrong? There are no java sources in this project. and this is the configuration of jib

    <plugin>
        <groupId>com.google.cloud.tools</groupId>
        <artifactId>jib-maven-plugin</artifactId>
        <version>${jib.version}</version>
        <configuration>
            <allowInsecureRegistries>true</allowInsecureRegistries>
            <container>
                <entrypoint>INHERIT</entrypoint>
                <args>
                    <arg>-Dkeycloak.migration.action=import</arg>
                    <arg>-Dkeycloak.migration.provider=singleFile</arg>
                    <arg>-Dkeycloak.migration.file=/opt/jboss/keycloak/imports/realm.json</arg>
                    <arg>-Dkeycloak.migration.strategy=IGNORE_EXISTING</arg>
                </args>
            </container>
            <extraDirectories>
                <paths>
                    <path>realm.json</path>
                    <path>/opt/jboss/keycloak/imports/</path>
                </paths>
            </extraDirectories>
            <from>
                <image>jboss/keycloak:9.0.0</image>
            </from>
            <to>
                <image>${jib-repository.path}${project.artifactId}</image>
            </to>
        </configuration>
    </plugin>

    I'd like to inherit entrypoint from parent image and add my custom parameters. Is there something wrong with this approach?

    jib is in version 2.1.0
    Lukáš Vasek
    @bilak

    aaah if there's no file inside src/main/java and src/main/resources does not exist it fails with

    Caused by: java.nio.file.NoSuchFileException: /Users/lukas/development/development-templates/java-spring-boot-service/keycloak/target/classes
        at com.google.cloud.tools.jib.api.JavaContainerBuilder.addDirectory (JavaContainerBuilder.java:670)
        at com.google.cloud.tools.jib.api.JavaContainerBuilder.addResources (JavaContainerBuilder.java:402)
        at com.google.cloud.tools.jib.maven.MavenProjectProperties.createJibContainerBuilder (MavenProjectProperties.java:238)

    could this be somehow fixed? Should I create an issue for that?

    Chanseok Oh
    @chanseokoh
    @bilak as I said earlier, Jib was intended to build images for Java applications. As you realized, we have a hard-coded check to verify if there are .class files generated in order to prevent people from accidentally forgetting to compile and hence creating a broken image without .class files. Perhaps you can create a bogus empty Main.class in src/main/java as a hack. However, didn't you say you'd try Cram? As @briandealwis suggested, I think that'll work.
    Lukáš Vasek
    @bilak
    @chanseokoh I'd like to use cram however it's not production ready is it? And if you say that jib needs some class, then that's not true in 2.1.0. I don't have any class, just created the resources dir and it's working.
    Chanseok Oh
    @chanseokoh
    Re: the resources dir, that's interesting. I think you're good as long as the hack works.
    Chanseok Oh
    @chanseokoh
    Cram is experimental and its options and commands can certainly change over time. But we will officially maintain it and put resources into making it better.
    Lukáš Vasek
    @bilak
    @chanseokoh as I said, I'd like to use it, but I don't want to use it experimentally. When it's done I'll definitely try it. I just want to prepare some templates for developers. With jib it looks like it's working.
    Jon Brule
    @brulejr
    Are there any examples of configuring the headless jib plugin to publish to a private nexus / docker repository? This is for a home configuration so SSL is not necessary, if that is a factor.
    Chanseok Oh
    @chanseokoh
    @brulejr just set the target image name correctly to point to your private nexus / docker registry endpoint URL. You may need to set <allowInsecureRegistries> for insecure SSL or plain HTTP.
    For example, if your Nexus registry API is listening at https://localhost:5443, your image name could be localhost:5443/foo/bar/baz.
    Thomas Tardy
    @thomastardy
    hi all
    I'm very new to the jib-maven-plugin and am trying to figure out, if I could use the plugin to achieve the same result as I'm doing now with a Dockerfile
    FROM jboss/keycloak:9.0.2
    
    ARG JAR_FILE
    COPY ./target/${JAR_FILE} /opt/jboss/keycloak/standalone/deployments/.
    COPY src/main/docker/keycloak/startup-scripts/setup.cli /opt/jboss/startup-scripts/setup.cli
    COPY src/main/docker/keycloak/realm-config/apg-realm.json /opt/jboss/keycloak/realm-config/apg-realm.json
    I don't want to the build artifact at e very special location inside the image and want to add additional files to specific locations
    It's similar to the WAR file approach but I don't have a war
    Thomas Tardy
    @thomastardy
    any ideas?
    Thomas Tardy
    @thomastardy
    found the solution myself, this should help for others
    <plugin>
        <groupId>com.google.cloud.tools</groupId>
        <artifactId>jib-maven-plugin</artifactId>
        <version>2.1.0</version>
        <configuration>
            <from>
                <image>jboss/keycloak:9.0.2</image>
            </from>
            <to>
                <image>apg-sso/keycloak:latest</image>
                <tags>
                    <tag>${project.version}</tag>
                </tags>
            </to>
            <container>
                <entrypoint>INHERIT</entrypoint>
                <appRoot>/opt/jboss/keycloak/standalone/deployments</appRoot>
                <ports>
                    <port>8080</port>
                </ports>
                <creationTime>USE_CURRENT_TIMESTAMP</creationTime>
            </container>
        </configuration>
        <executions>
            <execution>
                <phase>package</phase>
                <goals>
                    <goal>dockerBuild</goal>
                </goals>
            </execution>
        </executions>
    </plugin>
    And put all additional files in src/main/jib with the directory structure, as you want to have it in the image
    Chanseok Oh
    @chanseokoh
    @thomastardy just FYI, if your configuration works, mvn compile jib:dockerBuild should be enough to build and push an image to Docker. (That is, looks like you don't need to package a JAR file from mvn package.)
    K. Siva Prasad Reddy
    @sivaprasadreddy
    Hi, while using jib-maven-plugin when I run mvn jib:build goal the image getting build and immediately getting pushed to dockerhub using credentials from .docker/config.json. Is there a way to skip push?
    Brian de Alwis
    @briandealwis
    Hi @sivaprasadreddy — use jib:dockerBuild to la the image to your local docker daemon, our jib:buildTar to build to a tar fille in a form suitable to use from docker load
    K. Siva Prasad Reddy
    @sivaprasadreddy
    Using jib:dockerBuild works, but with that I need to install docker daemon on my CI servers. For us the reason for switching to Jib is we don't have to install docker client on all CI agents.
    Chanseok Oh
    @chanseokoh
    I guess the closest thing is to use jib:buildTar then. It will have an unnecessarily overhead of building a tarball, but at least it's harmless.
    TianlinLIAO
    @TianlinLIAO
    Have anyone met this error?
    [INFO] BUILD FAILURE
    [INFO] ------------------------------------------------------------------------
    [INFO] Total time: 09:42 min
    [INFO] Finished at: 2020-03-27T21:25:53+08:00
    [INFO] ------------------------------------------------------------------------
    [ERROR] Failed to execute goal com.google.cloud.tools:jib-maven-plugin:0.10.1:dockerBuild (default) on project greeting: Build to Docker daemon failed: com.google.cloud.tools.jib.registry.UnexpectedBlobDigestException: The pulled BLOB has digest 'sha256:a210e05605eced40363ba987eacd41fa05e5f05ec0b80609863c360e77efc3ba', but the request digest was 'sha256:67f3946cbcde7588c6228950e3be3fee1247b1c02c84213dcafda524abd2b87c' -> [Help 1]
    Never mind. I retried the build and it has succeeded.......
    Chanseok Oh
    @chanseokoh
    @TianlinLIAO it's the error when the digest verification of a blob (for your base image) fails; that is, the blob downloaded is not correct/corrupted or the server sent wrong contents. I'm curious, what's the registry you're using for the base image? Docker Hub?