目的
- 加速maven构建:如果项目配置了很多外部远程仓库(非私服)的时候,构建速度就会大大降低,因为所有的jar包都需要从这些远程仓库再下载;当然就可以节省自己的外网带宽,减少重复请求造成的外网带宽消耗;
- 推送自己工程的产物;
k8s自建nexus服务器
参考 segmentfault.com/a/119000004…
sonatype/nexus3默认使用nexus用户运行,这会导致容器启动失败,有两个解决方案。
方案1: 给nexus挂载的宿主机目录修改属主 www.jianshu.com/p/86e573f18…
方案2: 如果使用的是tke官方的cbs作为存储,是没办法修改目录属主的。
直接修改使用root用户运行。
securityContext:
runAsUser: 0
当然这是不安全的,容器启动会提示
WARNING: ************************************************************
WARNING: Detected execution as "root" user. This is NOT recommended!
WARNING: ************************************************************
nexus自建仓库
proxy:代理的远程仓库,如:阿里云等; hosted:是指本地或者内部项目仓库;
我建立两个hosted用来放置自己的产物;
maven-central代理阿里中心仓maven.aliyun.com/nexus/conte…
更新:阿里maven仓库地址换了,使用老地址有可能使java项目出现各种问题 新的代理地址是: maven.aliyun.com/repository/…
setting.xml配置和工程pom.xml配置
然后我把原来本地仓的所有包全删了,点了下IDEA-maven-deploy,然后 maven-central就有了从阿里中心仓同步的jar包,hosted里也有了自己工程的产物。
argo-workflow使用maven镜像构建工程,配置中心仓为私服
apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
generateName: buildkit-
namespace: argo
spec:
ttlStrategy:
secondsAfterCompletion: 1800 # Time to live after workflow is completed, replaces ttlSecondsAfterFinished
secondsAfterSuccess: 1800 # Time to live after workflow is successful
secondsAfterFailure: 1800 # Time to live after workflow fails
arguments:
parameters:
- name: repo
value: https://username:password@git.xxx.com/..............
- name: branch
value: master
- name: path
value: .
- name: image
value: yyy:test111
- name: dockerfile
value: Dockerfile
dnsPolicy: ClusterFirst
hostAliases:
- ip: "10.112.21.246"
hostnames:
- "git.xxx.com"
entrypoint: main
volumeClaimTemplates:
- metadata:
name: work
annotations:
volume.beta.kubernetes.io/storage-class: "tmp-nfs-client-storageclass"
spec:
accessModes: [ "ReadWriteOnce" ]
resources:
requests:
storage: 64Mi
templates:
- name: main
dag:
tasks:
- name: clone
template: clone
arguments:
parameters:
- name: repo
value: "{{workflow.parameters.repo}}"
- name: branch
value: "{{workflow.parameters.branch}}"
- name: build
template: build
arguments:
parameters:
- name: path
value: "{{workflow.parameters.path}}"
depends: "clone"
- name: clone
inputs:
parameters:
- name: repo
- name: branch
container:
volumeMounts:
- mountPath: /work
name: work
image: alpine/git:v2.26.2
workingDir: /work
# Do a shallow clone, which is the fastest way to clone, by using the
# --depth, --branch, and --single-branch options
args:
- clone
- --depth
- "1"
- --branch
- "{{inputs.parameters.branch}}"
- --single-branch
- "{{inputs.parameters.repo}}"
- .
- name: build
inputs:
parameters:
- name: path
container:
image: maven:3-alpine
volumeMounts:
- mountPath: /work
name: work
workingDir: /work
command:
- mvn
args:
- --settings=settings.xml
- -B
- -DskipTests
- clean
- package
settings.xml是IDEA的maven配置文件,其中设置下mirror为我们的nexus地址
<mirror>
<id>nexus</id>
<mirrorOf>*</mirrorOf>
<name>Nexus</name>
<url>http://xxx:8081/repository/maven-central/</url>
</mirror>
参考文档:
Packaging a local repository with the image hub.docker.com/_/maven#:~:…
-
kaniko应该是不支持Dockerfile多阶段编译的,只有新版本的docker才支持
-
Kaniko push 镜像到私有镜像仓库 www.codeleading.com/article/863…
