Last active
January 25, 2019 11:54
-
-
Save zedtux/70f73ee7800159d485ec02af17abd7c1 to your computer and use it in GitHub Desktop.
Updated Gitlab CI create_secret function for Kubernetes solving the authentication issue to pull the images
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| # In order to get Kubernetes to be authorised to fetch the Docker images from | |
| # the private gitlab registry, we are creating a docker-registry secret. | |
| # | |
| function create_gitlab_registry_secret() { | |
| echo "Creating the gitlab-registry secret ..." | |
| # Save the JSON to create the gitlab-registry docker-registry secret | |
| GITLAB_REGISTRY_SECRET_JSON=$( | |
| kubectl create secret --namespace=$KUBE_NAMESPACE \ | |
| docker-registry gitlab-registry \ | |
| --docker-server="$CI_REGISTRY" \ | |
| --docker-username="${CI_DEPLOY_USER:-$CI_REGISTRY_USER}" \ | |
| --docker-password="${CI_DEPLOY_PASSWORD:-$CI_REGISTRY_PASSWORD}" \ | |
| --docker-email="$GITLAB_USER_EMAIL" \ | |
| --output json \ | |
| --dry-run | |
| ) | |
| # Extracts the auths key from the decoded JSON | |
| AUTHS=$( | |
| echo $GITLAB_REGISTRY_SECRET_JSON | \ | |
| jq '.data[".dockerconfigjson"]' -r | \ | |
| base64 -d | \ | |
| jq '.auths' -c | \ | |
| base64 | \ | |
| tr -d '\n' | |
| ) | |
| # Updates the GITLAB_REGISTRY_SECRET_JSON with the removed auths key | |
| # and replace the Kubernetes secret | |
| FINAL_JSON=$( | |
| echo $GITLAB_REGISTRY_SECRET_JSON | \ | |
| sed -e s"/\".dockerconfigjson\":\s\"\([a-zA-Z0-9=]\+\)\"/\".dockerconfigjson\":\"$AUTHS\"/" | |
| ) | |
| echo $FINAL_JSON | \ | |
| kubectl replace --namespace=$KUBERNETES_NAMESPACE \ | |
| --force \ | |
| -f - | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment