I have the following deployment:
apiVersion: apps/v1
kind: Deployment
metadata:
name: nginx
namespace: default
labels:
app: nginx
spec:
replicas: 2
selector:
matchLabels:
app: nginx
template:
metadata:
labels:
app: nginx
spec:
containers:
- name: nginx-base
image: us-central1-docker.pkg.dev/registry/nginx/base:latest
imagePullPolicy: Always
and am using the following cloud deploy command to deploy it:
gcloud deploy releases create "my-deployment-001" \
--delivery-pipeline my-pipeline \
--project my-project \
--region us-central1 \
--annotations "$annotations" \
--skaffold-file "path/to/skaffold.yaml" \
--images "nginx-base=us-central1-docker.pkg.dev/registry/nginx/base:<IMAGE TAG>"
It seems that the nginx-base image is not being given the correct tag. Here's part of of the rendered manifests:
- image: us-central1-docker.pkg.dev/registry/nginx/base:latest
imagePullPolicy: Always
which still contains the old tag. I've tried setting the images flag to something like old-url:latest=new-url:tag, but that doesn't seem to work either. the documentation seems to imply that one of these would work.
What am I doing wrong?
PROJECT=...
REGION=...
REG="..."
# Artifact Registry
GAR="${REGION}-docker.pkg.dev/${PROJECT}/${REG}"
# Container Registry: Kuard
# My go-to test container ;-)
GCR="gcr.io/kuar-demo"
IMG="kuard-amd64"
TAG="blue"
NUMBER=$(\
gcloud projects describe ${PROJECT} \
--format="value(projectNumber)")
EMAIL="${NUMBER}-compute@developer.gserviceaccount.com"
gcloud projects add-iam-policy-binding ${PROJECT} \
--member=serviceAccount:${EMAIL} \
--role="roles/clouddeploy.jobRunner"
# This one is weird!?
gcloud iam service-accounts add-iam-policy-binding ${EMAIL} \
--member=serviceAccount:${EMAIL} \
--role="roles/iam.serviceAccountUser" \
--project=${PROJECT}
gcloud projects add-iam-policy-binding ${PROJECT} \
--member=serviceAccount:${EMAIL} \
--role="roles/run.developer"
Replace podman with your tool:
podman pull ${GCR}/${IMG}:${TAG}
podman tag \
${GCR}/${IMG}:${TAG} \
${GAR}/${IMG}:${TAG}
gcloud auth print-access-token \
| podman login \
${REGION}-docker.pkg.dev \
--username=oauth2accesstoken \
--password-stdin
podman push ${GAR}/${IMG}:${TAG}
clouddeploy.yaml:
apiVersion: deploy.cloud.google.com/v1
kind: DeliveryPipeline
metadata:
name: kuard
description: kuard pipeline
serialPipeline:
stages:
- targetId: kuard # References the Target metadata.name below
profiles: [kuard] # References a skaffold.yaml profiles[].name
---
apiVersion: deploy.cloud.google.com/v1
kind: Target
metadata:
name: kuard
description: Cloud Run development service
run:
location: projects/[REDACTED]/locations/[REDACTED]
kuard.yaml:
apiVersion: serving.knative.dev/v1
kind: Service
metadata:
name: kuard
spec:
template:
spec:
containers:
- image: foo # Replaced
Then:
gcloud deploy apply \
--file=clouddeploy.yaml \
--region=${REGION} \
--project=${PROJECT}
RELEASE="release-001"
gcloud deploy releases create ${RELEASE} \
--delivery-pipeline=kuard \
--images=foo=${GAR}/${IMG}:${TAG} \
--region=${REGION} \
--project=${PROJECT}
Deployed the Cloud Run service successfully
gcloud run services describe kuard \
--region=${REGION} \
--project=${PROJECT} \
--format="value(spec.template.spec.containers[0].image)"
[REDACTED]/kuard-amd64:blue
NOTE 'blue'
Apply a different tag:
podman tag \
${GAR}/${IMG}:blue \
${GAR}/${IMG}:green
podman push ${GAR}/${IMG}:green
Deploy a new release
RELEASE="release-002"
gcloud deploy releases create ${RELEASE} \
--delivery-pipeline=kuard \
--images=foo=${GAR}/${IMG}:green \
--region=${REGION} \
--project=${PROJECT}
gcloud run services describe kuard \
--region=${REGION} \
--project=${PROJECT} \
--format="value(spec.template.spec.containers[0].image)"
[REDACTED]/kuard-amd64:green
NOTE now
green
# NOTE --quiet
gcloud run services delete kuard \
--region=${REGION} \
--project=${PROJECT} \
--quiet
# NOTE --force (delete children: releases?)
gcloud deploy delete \
--file=clouddeploy.yaml \
--region=${REGION} \
--project=${PROJECT} \
--force
gcloud artifacts docker images delete \
${REGION}-docker.pkg.dev/${PROJECT}/${REG}/kuard-amd64 \
--delete-tags \
--quiet