docker - Docker 构建失败并出现“找不到秘密 pip:未找到”错误
问题描述
我正在尝试构建一个 docker 映像但得到
secret pip not found: not found
对此有什么想法吗?
Dockerfile:
FROM <jfrog dockerfile package>
SHELL ["/bin/bash", "-c"]
RUN apt-get update \
&& apt-get -y install chromium chromium-driver
COPY requirments.txt
RUN pip install -r requirments.txt
USER nobody
CMD robot ./smoketests-nonprod.robot \
&& robot ./smoketests-prod.robot
日志如下:
$ docker build -t robottests .
[+] Building 1.6s (18/25)
=> [internal] load build definition from Dockerfile 0.1s
=> => transferring dockerfile: 39B 0.0s
=> [internal] load .dockerignore 0.1s
=> => transferring context: 35B 0.0s
=> resolve image config for my-company-docker-virtual.jfrog.io/docker/dockerfile:1.2 0.0s
=> CACHED docker-image://my-company-docker-virtual.jfrog.io/docker/dockerfile:1.2 0.0s
=> [internal] load metadata for my-company-docker-virtual.jfrog.io/node:14-buster-slim 0.0s
=> [internal] load metadata for my-company-docker-virtual.jfrog.io/python:3-slim 0.0s
=> [base 1/7] FROM my-company-docker-virtual.jfrog.io/python:3-slim 0.0s
=> [client 1/6] FROM my-company-docker-virtual.jfrog.io/node:14-buster-slim 0.0s
=> [internal] load build context 0.1s
=> => transferring context: 5.25kB 0.0s
=> CACHED [base 2/7] RUN echo 'APT { Default-Release "stable"; };' >/etc/apt/apt.conf && echo deb http://deb.debian.org/debian testing main >>/etc/apt/sources.list 0.0s
=> CACHED [base 3/7] RUN --mount=type=cache,target=/var/cache/apt --mount=type=secret,id=sources.list,target=/etc/apt/sources.list,required=true apt update && apt -y install libcap2-bin/testing 0.0s
=> CACHED [base 4/7] RUN ["/sbin/setcap", "cap_net_bind_service,cap_setpcap+p", "/sbin/capsh"] 0.0s
=> CACHED [base 5/7] WORKDIR /project 0.0s
=> CACHED [base 6/7] COPY pyproject.toml setup.* . 0.0s
=> CACHED [client 2/6] WORKDIR /client 0.0s
=> CACHED [client 3/6] COPY package*.json . 0.0s
=> ERROR [base 7/7] RUN --mount=type=cache,target=/root/.cache --mount=type=secret,id=pip,target=/etc/pip.conf,required=true mkdir -p src && pip install -U pip wheel && pip install . && pip unin 0.1s
=> CANCELED [client 4/6] RUN --mount=type=secret,id=npmrc,target=/usr/local/etc/npmrc,required=true --mount=type=bind,source=.npmrc,target=/root/.npmrc --mount=type=cache,target=/root/.npm npm c 0.2s
------
> [base 7/7] RUN --mount=type=cache,target=/root/.cache --mount=type=secret,id=pip,target=/etc/pip.conf,required=true mkdir -p src && pip install -U pip wheel && pip install . && pip uninstall -y $(./setup.py --name):
------
secret pip not found: not found
任何帮助,将不胜感激
解决方案
这是使用相对较新的 --secret 选项,它允许您在构建时挂载机密
您使用它的一般方式是您在外面有一个秘密文件并为其分配一个 id
在您的情况下,您将在pip.conf
某处有一个文件并在您的构建命令中指定它:
docker build --secret id=pip,src=pip.conf -t robottests .
这将使pip.conf
构建期间可用,但不是图像的一部分(可能是因为它包含用于访问内部 pypi 的身份验证机密)
推荐阅读
- dolphindb - 如何在 DolphinDB 中创建月份列表?
- python - 带有 import faker 的 Jupyter ImportError
- javascript - 当日期范围与angularjs中的现有日期范围重叠时如何显示警报消息
- django - Django:在用户的html中引用外键
- c# - 如果活动窗口移动或调整大小 C# 的事件侦听器
- python - 每次运行服务器重新加载时,为什么这个警告会出现在我的终端中
- pyomo - 如何使用可变参数 pyomo?
- neovim - 如何在终端内打开NVIM而不打开编辑器?
- c# - 为什么 MoveAndSlide 不适用于 Godot 中激活的 AnimationTree?
- .htaccess - 如何使用 .htaccess 将动态 URL 重定向到另一个动态 URL?