-
-
Save chinloyal/2a7e7d086f6b883dec3b85adc6bfe96d to your computer and use it in GitHub Desktop.
GitLab CI yaml file for building docker images
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This is a GitLab CI configuration to build the project as a docker image | |
| # The file is generic enough to be dropped in a project containing a working Dockerfile | |
| # Author: Florent CHAUVEAU <[email protected]> | |
| # Mentioned here: https://blog.callr.tech/building-docker-images-with-gitlab-ci-best-practices/ | |
| # do not use "latest" here, if you want this to work in the future | |
| image: docker:18 | |
| stages: | |
| - build | |
| - push | |
| variables: | |
| # fill those if you have a proxy in your environment | |
| http_proxy: | |
| https_proxy: | |
| no_proxy: | |
| # Use this if your GitLab runner does not use socket binding | |
| # services: | |
| # - docker:dind | |
| before_script: | |
| # docker login asks for the password to be passed through stdin for security | |
| # we use $CI_JOB_TOKEN here which is a special token provided by GitLab | |
| - echo -n $CI_JOB_TOKEN | docker login -u gitlab-ci-token --password-stdin $CI_REGISTRY | |
| Build: | |
| stage: build | |
| script: | |
| # fetches the latest image (not failing if image is not found) | |
| - docker pull $CI_REGISTRY_IMAGE:latest || true | |
| # builds the project, passing proxy variables, and vcs vars for LABEL | |
| # notice the cache-from, which is going to use the image we just pulled locally | |
| # the built image is tagged locally with the commit SHA, and then pushed to | |
| # the GitLab registry | |
| - > | |
| docker build | |
| --pull | |
| --build-arg http_proxy=$http_proxy | |
| --build-arg https_proxy=$https_proxy | |
| --build-arg no_proxy=$no_proxy | |
| --build-arg VCS_REF=$CI_COMMIT_SHA | |
| --build-arg VCS_URL=$CI_PROJECT_URL | |
| --cache-from $CI_REGISTRY_IMAGE:latest | |
| --tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA | |
| . | |
| - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA | |
| # Here, the goal is to tag the "master" branch as "latest" | |
| Push latest: | |
| variables: | |
| # We are just playing with Docker here. | |
| # We do not need GitLab to clone the source code. | |
| GIT_STRATEGY: none | |
| stage: push | |
| only: | |
| # Only "master" should be tagged "latest" | |
| - master | |
| script: | |
| # Because we have no guarantee that this job will be picked up by the same runner | |
| # that built the image in the previous step, we pull it again locally | |
| - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA | |
| # Then we tag it "latest" | |
| - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:latest | |
| # Annnd we push it. | |
| - docker push $CI_REGISTRY_IMAGE:latest | |
| # Finally, the goal here is to Docker tag any Git tag | |
| # GitLab will start a new pipeline everytime a Git tag is created, which is pretty awesome | |
| Push tag: | |
| variables: | |
| # Again, we do not need the source code here. Just playing with Docker. | |
| GIT_STRATEGY: none | |
| stage: push | |
| only: | |
| # We want this job to be run on tags only. | |
| - tags | |
| script: | |
| - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA | |
| - docker tag $CI_REGISTRY_IMAGE:$CI_COMMIT_SHA $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME | |
| - docker push $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment