Problems running kaniko on Kubernetes runner

I’ve been having problems getting kaniko to execute on a Kubernetes runner hosted on a Google Kubernetes Engine cluster. The build container exits immedately with exec user process caused "permission denied", and the CI runner is unable to attach to the build container. Here’s my job description:

stages:
  - containerize

variables:
  KANIKO_VERSION: "0.9.0"
  DEPLOY_IMAGE: a.registry.hub/some-repo/some-image:latest

base:
  image:
    name: gcr.io/kaniko-project/executor:debug-v$KANIKO_VERSION
    entrypoint: [""]
  stage: containerize
  script:
    - |-
        /kaniko/executor \
          --context $CI_PROJECT_DIR \
          --dockerfile $CI_PROJECT_DIR/Dockerfile \
          --destination $DEPLOY_IMAGE

Anyone else experienced something similar, or know of a way to work around the issue? Note that running this same job on the GitLab shared runners doesn’t seem to pose a problem. However, I would like to be running the containerization steps on my own cluster.

1 Like

Hi,

Please refer to the documentation to inject your credentials :
https://docs.gitlab.com/ee/ci/docker/using_kaniko.html

Add

    - echo "{\"auths\":{\"$CI_REGISTRY\":{\"username\":\"$CI_REGISTRY_USER\",\"password\":\"$CI_REGISTRY_PASSWORD\"}}}" > /kaniko/.docker/config.json

I’m running into the same problem running Kaniko in the gitlab kubernetes executor on an OpenShift cluster. Attempting to inject the credentials (which works flawlessly when running the kaniko container image on our runner VMs) results in:

/busybox/sh: eval: line 87: can’t create /kaniko/.docker/config.json: Permission denied
ERROR: Job failed: command terminated with exit code 1

Any ideas on how to resolve?

Thanks