#build-harness (2022-07)
Help with the Cloud Posse build-harness https://github.com/cloudposse/build-harness
2022-07-15
Hi!
I was about to build some Spacelift images using docker targets from build-harness.
It all works locally. However, trying to setup GitLab CI/CD Pipeline and first thing that I learn is that we don’t have GitLab Runner with shell executor. It is also not supported path (internally in company) to have EC2 node hosting GitLab Runner and using bash as shell executor to build Docker images using docker.
Our GitLab Runner is Kubernetes runner, which means GitLab CI/CD jobs run in K8S pods. Since this necessitates to use Docker-in-Docker, the recommended approach for building images from Dockerfiles is to use kaniko. This happens also to be one of the recommended approaches by GitLab as described in their docs here.
I am curious if there was ever interest in adding kaniko targets to build-harness?
Not sure if I would use it immediately… but if you’re going to be building it anyway then I could see adding it as a new module to the build harness being a great call. from me!
I managed to build Docker image with kaniko executor and other binaries from official Google Docker image for kaniko.
Their official image has a limited mileage - that is , if you use it as primary executor within a CI/CD job, you don’t have any other tools available on it. For us this was problematic because not having aws CLI on the same executor means that we can’t obtain STS temp session needed for ECR push with GitLab OIDC IdP web identity federation.
So as a solution, I did a multi-stage build from Kaniko and Alpine 3.16.0 with some basic tools on the image ( git , make , aws, jq ).