Build and Push Container Images in Kubernetes with Argo Workflows

argo workflows build push Kubernetes

2 min read | by Jordi Prats

Building container images directly in Kubernetes offers a streamlined and efficient way to manage your containerized applications. Tools like Kaniko allow you to build container images inside Kubernetes Pods. In this post, instead of using other frameworks like Tekton or Shipwright, we'll define our custom pipeline directly with Argo Workflows.

First, we'll create a secret to authenticate with the Docker registry using a Kubernetes secret with the dockerconfigjson. We can do this by setting all the credentials in the secret:

kubectl create secret docker-registry dockerhub-registry \
                        --docker-server=$REGISTRY_SERVER \
                        --docker-username=$REGISTRY_USER \
                        --docker-password=$REGISTRY_PASS \
                        --docker-email=$REGISTRY_EMAIL

Or directly import our config.json file:

kubectl create secret generic dockerhub-registry \
    --from-file=.dockerconfigjson=~/.docker/personal-config.json \
    --type=kubernetes.io/dockerconfigjson

With this secret (assuming public access to the repository), we can build and push the container image using the following Argo Workflow and Kaniko. To do so the workflow will look very similar of what a Pod definition running kaniko would look like:

apiVersion: argoproj.io/v1alpha1
kind: Workflow
metadata:
  generateName: build-and-push-image-
spec:
  entrypoint: kaniko-build

  volumes:
    - name: kaniko-secret
      secret:
        secretName: dockerhub-registry
        items:
        - key: .dockerconfigjson
          path: config.json

  templates:
    - name: kaniko-build
      container:
        image: gcr.io/kaniko-project/executor:latest
        args:
          - --dockerfile=Dockerfile
          - --context=git://github.com/jordiprats/django-ampa.git#refs/heads/main
          - --destination=jordiprats/ampa:kaniko
        volumeMounts:
        - name: kaniko-secret
          mountPath: "/kaniko/.docker"

We can now create the workflow and check its status:

$ kubectl create -f kaniko-workflow.yaml ; kubectl get workflow -w
workflow.argoproj.io/build-and-push-image-gvfs4 created
NAME                         STATUS    AGE   MESSAGE
build-and-push-image-gvfs4   Running   0s
build-and-push-image-gvfs4   Running   10s
build-and-push-image-gvfs4   Succeeded   60s

Posted on 24/10/2024

Categories